Dear rebolers
Before I start I would like to say how much I am enjoying rebol
and seing how it can solve pratical web programming problems in a
simple manner. So far so good. The rest of my email seeks to
stimulate some debate on some of the trust/security issues of
mobile code.
What is the perceived model for assuring rebol scripts as they fly
'round the web doing their clever messaging and powerful
programming thang?
Certainly the problem of mobile and possibly malicious code hasn't
started here (ActiveX, javascript etc), although isnt the inbuilt
networking capabilitie one of the selling-points of rebol. Ergo
there needs to be a model of how we can make best use of the
technology, whilst maintaining a certain level of trust in the
software as we download and run it.
I see two possible limitations within the current rebol
programming space as currently defined (please correct me if I'm
wrong):
1. Rebol scripts are text-based and interpreted. As well as this
being a great feature in terms of portability etc, it is also a
limitation in as much as it means scripts can be easily altered,
possibly in a malicious manner as they flow around the internet.
At least with standard programs there is less of a risk of reverse
compilation and modification.
2. There is no interface to external modules (e.g. native
applications, the command-line etc). In the pursuit of
cross-platform portability perhaps - it has been decided that
there is no native interface to third party modules written in
other applications. This means it will be difficult to digitally
sign rebol scripts (e.g. PGP?) to ensure they are received as
intact and as the author intended.
Just think of the damage caused by melissa and her ilk - what
might be the analagous scenario in rebol - is it conceivable?? How
do we convince the corporate world that there is a solid security
model behind the rebol approach?
in anticipation,
Luke Emmet
