Language Selection

English French German Italian Portuguese Spanish

Intent Is The Problem

Filed under
OS

Of late, I keep banging into the problem that people want systems to be “secure by default”: they don’t want to pester the user about security. They want the system to just do the right thing. The problem is, this just isn’t possible. One example I like to give is “rm -rf *“. Clearly this command is sometimes a very bad idea, and sometimes exactly what you want to do. If some piece of code I mistakenly trusted runs that command on my behalf, I might be very sad about it. Therefore, any system that wants to be “secure” has to somehow know that when I move to some directory and type rm -rf * I mean it, and when I run a piece of code I’m expecting to (say) edit some text, I don’t mean it, and it should not be allowed to do it.

How can the system discover this? Clearly it must be through some user action. The user must behave differently in some way in the two cases, so that the system can discover his intent. Therefore it is impossible to be “secure” without, in some way, consulting the user about his intent.

Rest Here

More in Tux Machines

Xine Media Player Review – Powerful but Outdated

Xine is both an open source multimedia playback engine and a video playback application that's been around for a very long time. The number of people using this application has diminished, and there are few maintained third-party apps that are based on this engine. We'll take a closer look at the application to see why this is happening. Read more

Wine Announcement

The Wine development release 1.7.30 is now available. What's new in this release (see below for details): - More support for fonts in DirectWrite. - Improved ATL thunk support. - A few more C runtime functions. - Regedit import/export fixes. - Various bug fixes. Read more

CoreOS offers private Docker container registries for world+dog

Container-loving Linux vendor CoreOS has made its on-premises Docker container registry software available as a standalone product. Previously, CoreOS Enterprise Registry was only available as part of the company's Premium Managed Linux offering, which it describes as "OS as a service." As of Thursday, it is now available for use with any Docker-enabled OS – and these days, what Linux distro hasn't gone gaga for Docker? Even Microsoft is getting into the act. Read more

Manjaro Works To Make Calamares A Distribution-Independent Installer

The Arch-based Manjaro crew has been developing Calamares, an open-source installation framework they hope will basically lead to being a universal Linux distribution installer. The Manjaro camp has been developing Calamares as a distribution installer framework they'll be using for Manjaro 0.9+ and they also hope other Linux distributions will adopt it so it can become somewhat of a universal Linux installer so each distribution camp no longer keeps needing to write their own installer. Read more