Language Selection

English French German Italian Portuguese Spanish

Intent Is The Problem

Filed under

Of late, I keep banging into the problem that people want systems to be “secure by default”: they don’t want to pester the user about security. They want the system to just do the right thing. The problem is, this just isn’t possible. One example I like to give is “rm -rf *“. Clearly this command is sometimes a very bad idea, and sometimes exactly what you want to do. If some piece of code I mistakenly trusted runs that command on my behalf, I might be very sad about it. Therefore, any system that wants to be “secure” has to somehow know that when I move to some directory and type rm -rf * I mean it, and when I run a piece of code I’m expecting to (say) edit some text, I don’t mean it, and it should not be allowed to do it.

How can the system discover this? Clearly it must be through some user action. The user must behave differently in some way in the two cases, so that the system can discover his intent. Therefore it is impossible to be “secure” without, in some way, consulting the user about his intent.

Rest Here

More in Tux Machines

Games: Singularity: Escalation, ASTROKILL and More

Red Hat News

Android Leftovers

PC-MOS/386 is the latest obsolete operating system to open source on Github

PC-MOS/386 was first announced by The Software Link in 1986 and was released in early 1987. It was capable of working on any x86 computer (though the Intel 80386 was its target market). However, some later chips became incompatible because they didn't have the necessary memory management unit. It had a dedicated following but also contained a couple of design flaws that made it slow and/or expensive to run. Add to that the fact it had a Y2K bug that manifested on 31 July 2012, after which any files created wouldn't work, and it's not surprising that it didn't become the gold standard. The last copyright date listed is 1992, although some users have claimed to be using it far longer. Read more