Gr. Sim
P.S. Just tell me, am i a scared conservative, blocking the way of
progress?
No, problems need to be identified in order to be solved, no one can
envision all problems, consider it an experiment. Security should still
be a concern inside LAN's too.
Somehow we need to make security easier. If developers or a tool writes
required permissions, stored within each bundle and a UI Trust
Relationship tool is constructed to assist administrators and developers
to select from a list of available recommended permissions, security
could be easier and be enabled by default, so the administrator or
developer doesn't have to set the permissions for everything manually.
In lieu of trust, for bytecode, signed by a developer or codebase
service, without a trust relationship, a user could be presented with a
list of required permissions (provided the user possesses the rights to
grant them) and the ramifications of granting them. The software might
be able to find a list of friends who trust that developer, the user
might be able to contact one or decide to utilise the service based on
this information. Bundles that cause problems (keys compromised, bad
bug etc) could be reported, this information could be highlighted at the
time a user makes the trust decision.
Alternatively if the user cannot grant the required permissions, the
trust request could be sent to an administrator, who could follow up on
authorising trust.
This would be far better than current circumstances where users download
free applications all the time, without even so much as a checksum.
Who know's what malware could be lurking within LAN's.
Cheers,
Peter.
