The security concerns raised here are valid and serious. But as with the rest of the Internet, they are show-stoppers for only a subset of uses.
For things taking place inside a browser window, folks have indeed become accustomed to such things not having file I/O or access to system resources which could compromise security. But a lot of what people do with the Internet takes place outside of a browser, such as trading files through P2P systems like GNUtella, and the thousands of applications that are downloaded daily from software vendors like Adobe and Macromedia, and sites like Tucows, Download.com, etc. Indeed, in the absence of a browser plug-in for Rev, everything that can be done in Rev must take place outside of a browser. So while it is very worthwhile pursuing security options to support all uses, we needn't wait for the completion of such features before enjoying the benefits of downloadable stacks for a subset of uses, any more than folks stopped downloading EXEs once browsers got security features for Java applets. When you download a Rev stack you are essentially downloading an application, with all the access to your system that any EXE, DLL, or other executable file can have. With all of its security technology, when it comes to downloading EXEs the browser still relies on the oldest mechanism available: individual judgement. Before starting such a download, the browser presents a dialog that asks, in effect, "Do you trust the owner of this domain?" At a minimum, any system that downloads and runs stack files should display the URL, at least in a status field as a browser does. This way the user knows where the file is coming from and can exercise judgement in whether they want to do so. And while we roll out systems based on HTTP-transferred stack files, we should continue to explore solutions for both categories of security concerns: - Client-side protection ("Can the downloaded file damage my system?") - Transmission protection ("Can my communications over TCP be intercepted and read by others?") These are very difficult issues to overcome. For all the billions spent on attempting to provide security mechanisms, billions more are spent cleaning up damage from those who find a way around them. For many uses (such as hospitals and other orgs where downloading EXEs is forbidden), having at least a modest level of security will be seen as essential for adoption. For all other uses, distributing stack files is not just as good as distributing standalones, given the small file size and interoperability it's better. -- Richard Gaskin Fourth World Media Corporation Developer of WebMerge 2.1: Publish any database on any site ___________________________________________________________ [EMAIL PROTECTED] http://www.FourthWorld.com Tel: 323-225-3717 AIM: FourthWorldInc _______________________________________________ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard