> Date: Tue, 02 May 2006 12:22:49 -0700 > From: "Jeremy Shaw" <[EMAIL PROTECTED]> > Subject: Re: Challenge: Find potential use cases for non-trivial > confinement > > Hello, > > I am not entirely clear on what non-trivial confinement means -- but > here is my (contrived) attempt: > > I live in a country with a repressive, immoral government. I belong > to a group of like-mind individuals who are working to move the > government towards freedom. We have a tool that let's us > collaborate (something like a wiki perhaps). We can not afford a > private server and internet connection, so we must opt for a shared > server with a web host provider. > > We would like to *know* that the government can not force the sys > admin to spy on us -- because the government would have our heads. > > Obviously this is a very real problem for some people...
I would say this particular problem is a social problem without hope of technical solution. If a system does in fact make it impossible for such a government to order the sysop to spy, then that system itself becomes illegal to deploy and itself a sign of criminal activity. It's like sattelite imagery - the most suspicious areas are the ones you can't examine, since in theory it is now possible to examine everything on the surface. Hiding something becomes socially impractical when the mere act of hiding it flags it as interesting. I should say I personally would not suggest that an OS prohibit any possibility of DRM, since I doubt my own ability to certify that there is no legimitate use for it, but that's just a personal opinion. There are an incredibly large number of uses for computers, and the search space for use cases is beyond easy determination. > From: <[EMAIL PROTECTED]> > Subject: Re: Design principles and ethics > To: [email protected] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=us-ascii > > Hi, > > On Mon, May 01, 2006 at 05:05:46PM -0600, Christopher Nelson wrote: > > > Yes, but perhaps I wish to refuse the allow the program to run in > > certain circumstances, and so I wish to write encode into the > > program the means for detecting these situations. You have taken > > that ability from me. You are constraining my actions, and > > removing my freedom. > > Yes, we are taking your "freedom" to enslave others. There are many, many situations where I can envison a need to do this, assuming I'm understanding the use case correctly. Whether it is legitimate is up for debate I suppose, but I might want to (for example): a) Automatically disable any internet communication when I am in the process of editing certain files, such as personal financial data. I can store this on physically removable media, but when it is loaded into the computer for manipulation I would want to disable any internet activity. I would also want to prevent any program from automatically reading those files - I would want them read ONLY on my explicit command, and only from my own user account. b) Allow only work-related programs to run on a server if an important distributed scientific simulation is running, in order to free up more CPU time. In a university setting, machines are often multi-purpose - I may use CPUs both for student labs, and idle time for simulations. Since the only legitimate student use of these machines is for lab time I want to be able to restrict people (at least the standard student accounts) from running programs outside of lab time. c) If I have just recieved a report of a serious security vulnerability or correctness flaw in a program, I may (depending on the problem) want to disable the running of this program for every account save my own until I can implement and test the fix. I may want to unlock it for someone else during this procedure if I have to enlist help, but still keep it locked for general use. Anyway, I'm not an expert on these issues, so I apologize if I'm speaking redundantly or to the wrong problem. Cheers, CY __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
