RE: Web-Dedicated Metacard
--On Tuesday, December 24, 2002 00:27:41 -0600 Chipp Walters [EMAIL PROTECTED] wrote: b) be certified as 'safe' by a reputable 3rd party (the Microsoft approach). My thinking on the subject is that a 3rd party could build a player and infrastructure for registering (certifying) stacks. Then the player would check in with the 3rd party to verify the signature of the certification. At the minimum, all unsigned stacks would be pre-empted by a warning notice such as: This program is unsigned and could possibly damage your computer! This is what tripped me in your previous message too, and this is what I was referring to as the illusion of security being worse then no security at all. I can see dr Kissinger (or OJ) running such an enterprise. Regards, Andu Novac ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
--On Monday, December 23, 2002 18:59:14 -1000 Sannyasin Sivakatirswami [EMAIL PROTECTED] wrote: What's being proposed here is a responsible security concern, IMHO. Ken, I am embarrassingly naive about these issues. when you say responsible security concern What do you mean? How is this any different security wise, than distribution of the Supercard Player (which we knew and loved) of the past? If my SC project wanted to read and write file and do stuff with that player, nothing was there to stop it. Is it just the auto boot from a web page we are concerned about? There is no difference. Sivakatirswami ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard Regards, Andu Novac ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
RE: Web-Dedicated Metacard
Andu, Chipp says:snip b) be certified as 'safe' by a reputable 3rd party (the Microsoft approach). Andu replies:snip This is what tripped me in your previous message too, and this is what I was referring to as the illusion of security being worse then no security at all. The 3rd party 'certification' I was referring to is through Verisign Certificates (not Microsoft), the *same* guys who do the SSL server IDs. Over 90% of SSL (Secure Socket Layer) websites use Verisign, so apparently they are a trustworthy source. Remember the purpose of security certificates is merely to provide a means whereby you can trust entities (companies and people) on the internet. A security certificate does not in any way imply a web site is good, will protect your privacy or will deliver your products. Of course there are ways to 'spoof' a certificate, but in any case, the user will still get a popup window asking if they want to install the ActiveX control, unlike something that autoruns on page load. Certainly no technique is perfect. -Chipp ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
Chipp Walters wrote: The 3rd party 'certification' I was referring to is through Verisign Certificates (not Microsoft), the *same* guys who do the SSL server IDs. Over 90% of SSL (Secure Socket Layer) websites use Verisign, so apparently they are a trustworthy source. What specific steps would be needed to use a Verisign certification for RunRev stacks? And since Dr. Kissinger won't reveal his client list, how do we know Verisign isn't on it? ;) -- Richard Gaskin Fourth World Media Corporation Developer of WebMerge 2.1: Publish any database on any site ___ [EMAIL PROTECTED] http://www.FourthWorld.com Tel: 323-225-3717 AIM: FourthWorldInc ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
--On Tuesday, December 24, 2002 08:11:48 -0800 Richard Gaskin [EMAIL PROTECTED] wrote: Chipp Walters wrote: The 3rd party 'certification' I was referring to is through Verisign Certificates (not Microsoft), the *same* guys who do the SSL server IDs. Over 90% of SSL (Secure Socket Layer) websites use Verisign, so apparently they are a trustworthy source. What specific steps would be needed to use a Verisign certification for RunRev stacks? $300 for a 1 year subscription or $700 for 2 years plus all the personal information about you and your family. That's all. And since Dr. Kissinger won't reveal his client list, how do we know Verisign isn't on it? ;) Ok, then we go with OJ, he's also certified not guilty, as a bonus. -- Richard Gaskin Fourth World Media Corporation Developer of WebMerge 2.1: Publish any database on any site ___ [EMAIL PROTECTED] http://www.FourthWorld.com Tel: 323-225-3717 AIM: FourthWorldInc ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard Regards, Andu Novac ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
[please pardon the OT hummor] andu wrote: What specific steps would be needed to use a Verisign certification for RunRev stacks? $300 for a 1 year subscription or $700 for 2 years plus all the personal information about you and your family. That's all. And since Dr. Kissinger won't reveal his client list, how do we know Verisign isn't on it? ;) Ok, then we go with OJ, he's also certified not guilty, as a bonus. While he was found not guilty of killing his wife, if the second trial he was found financially liable for her death. So as long as we can find people both not guilty yet financially liable, maybe we can get O.J. to pay our $300. :) -- Richard Gaskin Fourth World Media Corporation Developer of WebMerge 2.1: Publish any database on any site ___ [EMAIL PROTECTED] http://www.FourthWorld.com Tel: 323-225-3717 AIM: FourthWorldInc ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
Here's a less microsoftian solution for a sane MC helper application for browsers: make a stack which opens off screen or invisible with something like... on startup answer Ready to format your hard drive??\ with OK and Cancel if it is Cancel then quit exit startup Move the answer dialog into the stack, save and make it a standalone. Use this standalone as the helper application instead of MC engine and send me $300 every year. Regards, Andu Novac ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
What specific steps would be needed to use a Verisign certification for RunRev stacks? $300 for a 1 year subscription or $700 for 2 years plus all the personal information about you and your family. That's all. Regards, Andu Novac From the latest newsletter from pair.com pair Networks SSL certificates will be offered at these great rates: $49 for one year $89 for two years $125 for three years atb sims -- --- http://EZPZapps.com [EMAIL PROTECTED] Software - Internet Development - Consulting ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
Andu: Thanks for lightening up this thread... ( I had to hold myself down after reading OJ certified not guilty) Much needed/appreciated laughter aside: you make a good point. The sense of security when in fact anyone with ill intentions will find a way around it... etc. can be more dangerous... Then where do we go from here? Seems we saying: a) no please people, be smart, do not distribute MC engine as a player and b) do not create a tool that will auto set *.mc docs to auto boot from either i. the mc engine itself ii. some stand alone we might create with the engine embedded. there is no difference (between a and b) you said. OK, then if that IS what we are saying (I am losing sight a bit of what each of you wizards thinks we can/should or should not do. except for Chipp who seems fairly adamant about being very careful.) Then where do we go from here? If we back off for a moment from the goal of ubiquitous as Acrobat then one middle ground for now seems clear: at least you can distribute a standalone whose duty is not to download and run just any stacks, but only those that we create and which it calls for. Then we use the web to deliver that standalone. As we do now from www.himalayanacademy.com/studyhall/ (fyi, that technology there is 2 years old... (2.3.2) need to upgrade it all but I want to understand all this first.) or, Andu, do you mean to imply No, go ahead and distribute the engine... there will always be a risk, no matter what you think you can do to secure it. mmm. Scott Raney are you lurking? Please do jump in! Happy Holidays to all! Sivakatirswami On Tuesday, December 24, 2002, at 08:09 AM, andu wrote: Here's a less microsoftian solution for a sane MC helper application for browsers: make a stack which opens off screen or invisible with something like... on startup answer Ready to format your hard drive??\ with OK and Cancel if it is Cancel then quit exit startup Move the answer dialog into the stack, save and make it a standalone. Use this standalone as the helper application instead of MC engine and send me $300 every year. Regards, Andu Novac ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
Chipp Walters wrote: The big problem with a *sanctioned* web-savvy MetaCard or RunRev player is the potential for *very dangerous viruses*!! While the potential for malicious abuse is clear, it's no more a problem for Rev than it is for ActiveX controls, Director extensions, or downoading applications from Downoad.com. And considering the several billion dollars' worth of security holes throughout Microsoft operating systems and Internet products, any security measure ultimately comes down to trust: you either trust the site making the download available, or don't download it. This is not to suggest that we shouldn't continue to pursue security solutions. On the contrary, such moves will be needed to attract any larger organizations. But on balance, if we remind folks that such distribution carries only the same risks as downloading any executable file, we can allow people to make their own choices about downloading. I like what the secureMode offers, but it also hampers one of the biggest advantages of desktop software over browser-based applications: local data storage. I'd love to see a semi-secure mode, in which file I/O was allowed but restricted to one specific directory. -- Richard Gaskin Fourth World Media Corporation Developer of WebMerge 2.1: Publish any database on any site ___ [EMAIL PROTECTED] http://www.FourthWorld.com Tel: 323-225-3717 AIM: FourthWorldInc ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
--On Monday, December 23, 2002 09:46:31 -0800 Richard Gaskin [EMAIL PROTECTED] wrote: Chipp Walters wrote: The big problem with a *sanctioned* web-savvy MetaCard or RunRev player is the potential for *very dangerous viruses*!! I don't understand this discussion, one can DD a stack on the engine on all platforms which support it and have it play. For browsers one can add MC as helper application and have stacks play as soon as they download, what would a player do differently and why would it be more dangerous then a plain engine?? Sure I can make a stack which erases the hard drive on startup but so can any application. Regards, Andu Novac ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
Richard Gaskin a écrit : Chipp Walters wrote: The big problem with a *sanctioned* web-savvy MetaCard or RunRev player is the potential for *very dangerous viruses*!! While the potential for malicious abuse is clear, it's no more a problem for Rev than it is for ActiveX controls, Director extensions, or downoading applications from Downoad.com. And considering the several billion dollars' worth of security holes throughout Microsoft operating systems and Internet products, any security measure ultimately comes down to trust: you either trust the site making the download available, or don't download it. This is not to suggest that we shouldn't continue to pursue security solutions. On the contrary, such moves will be needed to attract any larger organizations. But on balance, if we remind folks that such distribution carries only the same risks as downloading any executable file, we can allow people to make their own choices about downloading. I like what the secureMode offers, but it also hampers one of the biggest advantages of desktop software over browser-based applications: local data storage. I'd love to see a semi-secure mode, in which file I/O was allowed but restricted to one specific directory. -- Richard Gaskin Fourth World Media Corporation Developer of WebMerge 2.1: Publish any database on any site ___ [EMAIL PROTECTED] http://www.FourthWorld.com Tel: 323-225-3717 AIM: FourthWorldInc ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard Allo there, 1.- The use of Metacard/RR on the server side will never open, by it self, new security holes on the host machine. The security will only depend on how the server is or is'nt clean securised (ssh and ssl tunneling instead of telnet/ftp direct admin acces, permissions, proxying, firewalling, httpd config, mc config, etc...) not in about mc is or is'nt installed. Each bad securised server hosts many others engines best knowed than mc by the ones that spend time to krack them (GCC, Perl, PHP, SQL servers, SendMail,..). 2.- The use of Metacard/RR on the client side will not open security holes on the client host if the developper take care about what his app has to do and dont have to do. It's there only an ethic question, as long as RR/MC are full usables in many differents ways, just alike all the most powerfulls development tools availables today. Cl : If we are able to develop, in using RR/MC, usefull tools for the web/vpn markets, we have just to go head and, further, there will be happy end-users of those usefull new kind of web/vpn apps. We are not the onests, on this list, to think that the W3C standards are no more powerfull enought to parse the next generation of web apps, so, for example, as in the client-side broswing sphere. Along some bad or stupids marketing considerations doing the web broswers far unusables tools as multimedia front-ends, we have to feel us free to get the best from RR/MC to build real web conectables multimedia front-end. If we are strong enought to build such kind of apps, there will be, to the end, more and more people to take the same way, even in using other kinds of development tools, alike Delphi, Director, or OmnisStudio but not only... Hope this helps ;-) -- Cordialement, Pierre Sahores Inspection académique de Seine-Saint-Denis. Applications et bases de données WEB et VPN Qualifier et produire l'avantage compétitif ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
RE: Web-Dedicated Metacard
Chipp Walters wrote: The big problem with a *sanctioned* web-savvy MetaCard or RunRev player is the potential for *very dangerous viruses*!! I don't understand this discussion, one can DD a stack on the engine on all platforms which support it and have it play. For browsers one can add MC as helper application and have stacks play as soon as they download, what would a player do differently and why would it be more dangerous then a plain engine?? Sure I can make a stack which erases the hard drive on startup but so can any application. Regards, Andu Novac Hi Andu, Neither Shockwave (Director and Flash), JAVA, nor ActiveX will imediately deploy and execute a program upon a simple javascript ON LOAD event which allowed file access (the first time loaded). A correctly registered MIME for MetaCard/RR could execute with file access permissions, without so much as a warning (see my ButtonGadget example). A 'correct' MC/RR player would involve registering itself as the correct MIME and then doing some sort of certification and/or file check *before* automatically downloading and running. There is a BIG difference between just registering MC automatically as a valid MIME and building a player which provided some safety measures. The idea is to create a generic 'player' so that anyone who has installed it, can playback any content with just a click of a button on a webpage. -Chipp ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
RE: Web-Dedicated Metacard
Richard, While the potential for malicious abuse is clear, it's no more a problem for Rev than it is for ActiveX controls, Director extensions, or downoading applications from Downoad.com. I disagree. See my response on this subject to Andu. Also, Director extensions are not necessarily sanctioned by Macromedia -- and I doubt you automatically download potential destructive extensions without some sort of warning (correct me if I'm wrong). ActiveX controls should be signed, and if they're not, the user gets a warning stating they could be dangerous. Download.com is a totally different beast -- it doesn't rely on a plugin or software helper app. But, you still have to manually download and execute the program. If you haven't yet, please download a copy of ButtonGadet (www.buttongadget.com) on a PC and then go to the ButtonSets page and click on any button image. IE will download the stack, launch ButtonGadget and load the stack, without asking you *any* questions! This is cool, but potentially dangerous behavior. If I so wished, I could publish a viral stack and place it on users hard drives. Of course, those that use ButtonGadget have confidence I wouldn't do such a thing, but another person could put an .iwz (stack) file on their website, with an ON LOAD javascript handler and when the page opened in a browser, it would automatically download and execute the .iwz stack! No questions asked. So...I put some measures into ButtonGadget to check the stack's viability before opening it. If MC or RR registered themselves as a correct MIME (generic stack player), then anyone could make a stack with a handler: on startup Delete all the files on this hard disk end startup This is why it's important to be careful of such things. Building a generic web safe stack player may not be such a trivial matter. It is why I mentioned before, it may be best left up to third parties to do so...and monitor the content as well. I do agree with you , at some point we need to trust others ... I'd love to see a semi-secure mode, in which file I/O was allowed but restricted to one specific directory. Here here! I like this idea! -Chipp ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
RE: Web-Dedicated Metacard
--On Monday, December 23, 2002 14:31:40 -0600 Chipp Walters [EMAIL PROTECTED] wrote: Chipp Walters wrote: The big problem with a *sanctioned* web-savvy MetaCard or RunRev player is the potential for *very dangerous viruses*!! I don't understand this discussion, one can DD a stack on the engine on all platforms which support it and have it play. For browsers one can add MC as helper application and have stacks play as soon as they download, what would a player do differently and why would it be more dangerous then a plain engine?? Sure I can make a stack which erases the hard drive on startup but so can any application. Regards, Andu Novac Hi Andu, Neither Shockwave (Director and Flash), JAVA, nor ActiveX will imediately deploy and execute a program upon a simple javascript ON LOAD event which allowed file access (the first time loaded). A correctly registered MIME for MetaCard/RR could execute with file access permissions, without so much as a warning (see my ButtonGadget example). A 'correct' MC/RR player would involve registering itself as the correct MIME and then doing some sort of certification and/or file check *before* automatically downloading and running. There is a BIG difference between just registering MC automatically as a valid MIME and building a player which provided some safety measures. Like what kind of safety measures, a warning that the script (like any script) *could* do this and that to the data on the hard drive if executed? As to Shockwave it never asks me if it's ok to load this or that moving thing once I have the plugin installed. Java also, it just displays that stupid running text in my browser without any questions. What I'm trying to say is that there is a difference between legitimate security concerns and constant fear or the illusion of security. If there is fear then not using the computer on a public network is the best solution for sanity, the illusion of security is worse then no security at all. The idea is to create a generic 'player' so that anyone who has installed it, can playback any content with just a click of a button on a webpage. Like I said, that can be done manually in the browser's preferences. -Chipp ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard Regards, Andu Novac ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
Andu, Like what kind of safety measures, a warning that the script (like any script) *could* do this and that to the data on the hard drive if executed? As to Shockwave it never asks me if it's ok to load this or that moving thing once I have the plugin installed. Java also, it just displays that stupid running text in my browser without any questions. Yes... IN YOUR BROWSER that's the key. They can do anything they want in your browser, but Shockwave and Java can't do anything to the files on your hard disk (other than potentially write cookies) without your knowledge and a whole bunch of security protocols in place (signature files, etc.). What I'm trying to say is that there is a difference between legitimate security concerns and constant fear or the illusion of security. If there is fear then not using the computer on a public network is the best solution for sanity, the illusion of security is worse then no security at all. These are legitimate security concerns. For example, suppose Shockwave had the ability to delete files on your hard disk. And that if you went to a site that had a Shockwave plugin, when it loaded, it could wipe out these files. It would be a legitimate security concern and you'd want to have some protection. Luckily for us, this doesn't happen. However in the player-based scenario that is being painted here, the Player is an application that can play MC/Rev content that is downloaded automatically from a web page. This would kick off the Player application, and, if not secured properly, could cause problems on your hard drive. If you click on a .doc file link on a web page it will download and automatically launch Word. Since Word has macros, this *should* be a security concern of Microsoft's. Now suppose this link is in an onload event. Merely going to that page will download the doc file and launch Word. The same thing would happen to a web page that has an onload that points to an MC/Rev file that will play in the Player. What's being proposed here is a responsible security concern, IMHO. Ken Ray Sons of Thunder Software Email: [EMAIL PROTECTED] Web Site: http://www.sonsothunder.com/ ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
RE: Web-Dedicated Metacard
Perhaps the one player could use the two modes. - mode 1 = secureMode is true and is used when the player is launched from a hyperlink. Useful for interactive forms and such. - mode 2 = secureMode is false and is used when the player interface (AKA Java WebStart) is launched. Useful for content delivery and offline browsing. Cheers Monte Good point. Didn't know about 'secureMode'. Though it's pretty much what I was referring to when I mentioned 'sandbox.' Thanks for the tip. Though, if one of the requisites for a player is that it be able to store stacks locally, I guess the securemode couldn't be invoked. -Chipp Well, there is one nugget already in the language which would help: set the secureMode to true Brian ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
RE: Web-Dedicated Metacard
Ken, Thanks for the *clearer* explanation! If you click on a .doc file link on a web page it will download and automatically launch Word. Since Word has macros, this *should* be a security concern of Microsoft's. Now suppose this link is in an onload event. Merely going to that page will download the doc file and launch Word. You are correct...but even MS will notify you that Word is attempting to execute a macro and that it could be dangerous... -Chipp Happy Holidays! ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
--On Monday, December 23, 2002 15:50:01 -0600 Ken Ray [EMAIL PROTECTED] wrote: snip What's being proposed here is a responsible security concern, IMHO. Ok you convinced me Ray. I think the solution though is not going to be easy or pleasant. On the same note, this player might want to disable internet communications also since a malicious stack could read important preferences files and post them. This can go on forever... Ken Ray Sons of Thunder Software Email: [EMAIL PROTECTED] Web Site: http://www.sonsothunder.com/ ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard Regards, Andu Novac ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
On Monday, December 23, 2002, at 05:47 PM, andu wrote: snip What's being proposed here is a responsible security concern, IMHO. What's being proposed here is a responsible security concern, IMHO. Ken, I am embarrassingly naive about these issues. when you say responsible security concern What do you mean? How is this any different security wise, than distribution of the Supercard Player (which we knew and loved) of the past? If my SC project wanted to read and write file and do stuff with that player, nothing was there to stop it. Is it just the auto boot from a web page we are concerned about? Sivakatirswami ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
Ok these security issues are good to thrash out... but when switching the name of this thread to Web-dedicated it was not the intention to imply that browsers be involved in terms of a launching/viewing platform. In fact, just the opposite, the objective being to 'just use the wires! and 'leap over browsers, java, html etc completely. Just let the browser/html page serve as the Fed Ex man/ courier service... nothing more. A place to go to get your package. Someone earlier said he HAD to use HTML pages to let the whole world know, because they could run on any machine and be Googlized...and any kid on any machine could see the pix/captions... But one's 'delivery page could have sufficient meta tags and key words and text on the face of the page that search engines would get people there and stacks/players could (will!) become as ubiquitous as PDFs/Acrobat Reader. but without concern over any browser plug-in. To that end wouldn't having a player installer, ala Acrobar Reader, that could be downloaded from the MC site be a simple thing? And non-problematic in terms of security? Envision something like the existing installers for the Starter kits, sans the home stack and any other files... i.e. the installers just install the engine and set the doc/app binding for the platform. That's all. I suppose creating something like that is trivial for you people, but not if you don't know how! i.e. looking for an easy solution where we just tell people get your Metacard engine here and 'get my stacks here. Of course we would serve the player/installers from our own sites so that we don't raise a bandwidth issue for Scott and Kevin. Sannyasin Sivakatirswami Himalayan Academy Publications [EMAIL PROTECTED] www.HimalayanAcademy.com, www.HinduismToday.com www.Gurudeva.org www.Hindu.org When I switched to this thread i didn't mean On Sunday, December 22, 2002, at 11:03 AM, Chipp Walters wrote: The big problem with a *sanctioned* web-savvy MetaCard or RunRev player is the potential for *very dangerous viruses*!! It would be relatively simple to create a stack which deleted all the files in the Windows folder using a simple mouseOver of an image on a web page -- without the user never knowing. So...things like certificates and possible a 'sandbox' would need to be implemented. I've thought about this a bit and decided it might be best for a 3rd party to consider implementing, in this way there's less damage to MC/RR reputation in case something goes 'awry.' ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
The security concerns raised here are valid and serious. But as with the rest of the Internet, they are show-stoppers for only a subset of uses. For things taking place inside a browser window, folks have indeed become accustomed to such things not having file I/O or access to system resources which could compromise security. But a lot of what people do with the Internet takes place outside of a browser, such as trading files through P2P systems like GNUtella, and the thousands of applications that are downloaded daily from software vendors like Adobe and Macromedia, and sites like Tucows, Download.com, etc. Indeed, in the absence of a browser plug-in for Rev, everything that can be done in Rev must take place outside of a browser. So while it is very worthwhile pursuing security options to support all uses, we needn't wait for the completion of such features before enjoying the benefits of downloadable stacks for a subset of uses, any more than folks stopped downloading EXEs once browsers got security features for Java applets. When you download a Rev stack you are essentially downloading an application, with all the access to your system that any EXE, DLL, or other executable file can have. With all of its security technology, when it comes to downloading EXEs the browser still relies on the oldest mechanism available: individual judgement. Before starting such a download, the browser presents a dialog that asks, in effect, Do you trust the owner of this domain? At a minimum, any system that downloads and runs stack files should display the URL, at least in a status field as a browser does. This way the user knows where the file is coming from and can exercise judgement in whether they want to do so. And while we roll out systems based on HTTP-transferred stack files, we should continue to explore solutions for both categories of security concerns: - Client-side protection (Can the downloaded file damage my system?) - Transmission protection (Can my communications over TCP be intercepted and read by others?) These are very difficult issues to overcome. For all the billions spent on attempting to provide security mechanisms, billions more are spent cleaning up damage from those who find a way around them. For many uses (such as hospitals and other orgs where downloading EXEs is forbidden), having at least a modest level of security will be seen as essential for adoption. For all other uses, distributing stack files is not just as good as distributing standalones, given the small file size and interoperability it's better. -- Richard Gaskin Fourth World Media Corporation Developer of WebMerge 2.1: Publish any database on any site ___ [EMAIL PROTECTED] http://www.FourthWorld.com Tel: 323-225-3717 AIM: FourthWorldInc ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
RE: Web-Dedicated Metacard
Sivakatirswami, I think there are two seperate issues here...and perhaps they are a bit confusing. A standalone player, (like Macromedia and SuperCard have) versus a web-enabled (auto boot as you call it) player. In the case of the standalone player, an individual has to take action in order to playback a stack-- be it download it, or request a download (like your product does). In this case, it is more difficult and less likely for an ill-behaving stack to be deployed. In the case of a web-enabled application with the *goal of being a ubiquitous player/web plugin for stacks* (much like the Shockwave plugin or JAVA runtime), the case is much different, for several reasons. Consider: 1) It would be the intent of such a player to be deployed to as many users who would use it. It is not necessary they be programmers, or even users of MC/RR at all. In fact, in most cases, just the opposite may be true. 2) If a *single* exploit was to occur, and it was serious (such as erasing significant files), then it may be presumed the major response would be to delete the offending player. This would be a publicity nightmare for both MC and RR. Remember, an exploit can occur by just viewing a web page -- no other action is necessary. The offending stack would automatically download and execute without the user ever knowing. 3) To prevent such an occurence, the player must allow downloadable stacks to either: a) play only in the 'sandbox' (the initial JAVA approach) which means no (or as Richard suggests: limited) file access whatsoever or; b) be certified as 'safe' by a reputable 3rd party (the Microsoft approach). My thinking on the subject is that a 3rd party could build a player and infrastructure for registering (certifying) stacks. Then the player would check in with the 3rd party to verify the signature of the certification. At the minimum, all unsigned stacks would be pre-empted by a warning notice such as: This program is unsigned and could possibly damage your computer! I'm sure there are other better plans. In any case, I think it is not a trivial matter, and all of us should be careful when releasing 'web enabled' stacks and the applications which run automatically when downloading them. best, Chipp If my SC project wanted to read and write file and do stuff with that player, nothing was there to stop it. Is it just the auto boot from a web page we are concerned about? Sivakatirswami ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
RE: Web-Dedicated Metacard
Richard, Indeed, in the absence of a browser plug-in for Rev, everything that can be done in Rev must take place outside of a browser. Good point. With all of its security technology, when it comes to downloading EXEs the browser still relies on the oldest mechanism available: individual judgement. Before starting such a download, the browser presents a dialog that asks, in effect, Do you trust the owner of this domain? I agree. And while we roll out systems based on HTTP-transferred stack files, we should continue to explore solutions for both categories of security concerns: - Client-side protection (Can the downloaded file damage my system?) I agree as well - Transmission protection (Can my communications over TCP be intercepted and read by others?) This one is more difficult. A simple base64encode function helps, but what we really need is some sort of encryption for RR/MC. Again, not a trivial task;-) The issue of client-side protection is an interesting one. In my case, I've decided when downloading a stack over the internet to: 1) password protect both the stack and the application source code 2) lock messages when downloading 3) check for a correct password of the downloaded stack 4) check another obscure ID (like a property set, or byte length of an img) just in case someone hacked the property. This obscure ID can also be hashed in some manner (you may suggest md5digest?) Of course this wouldn't work for a generic player, but does *seem* to do the trick for proprietary solutions. -Chipp ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
RE: Web-Dedicated Metacard
The big problem with a *sanctioned* web-savvy MetaCard or RunRev player is the potential for *very dangerous viruses*!! It would be relatively simple to create a stack which deleted all the files in the Windows folder using a simple mouseOver of an image on a web page -- without the user never knowing. So...things like certificates and possible a 'sandbox' would need to be implemented. I've thought about this a bit and decided it might be best for a 3rd party to consider implementing, in this way there's less damage to MC/RR reputation in case something goes 'awry.' In my case, using ButtonGadget, I'm very careful to password protect the stacks and check them out carefully before opening them. In this way, I'm hopeful it would be difficult, if not impossible to create a buttongadget stack which could ever harm a user. This by no means is a gauntlet tossed down for you experts to try and create ButtonGadget viruses!!! :-) (pretty please dont) -Chipp At one point the Rev team announced the development of a player but it hasn't come about yet. It's something that wouldn't take much work but really should be handled by either Rev or MC. I'd suggest that we need launching of programs from web links but also something like Java WebStart where the player can be launched and a program can be chosen. I'm sure that if we put together a reasonable specification of the requirements then either Scott or Kevin will pick it up. Cheers Monte ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
Well, there is one nugget already in the language which would help: set the secureMode to true Brian Ouch! I didn't think about that. The big problem with a *sanctioned* web-savvy MetaCard or RunRev player is the potential for *very dangerous viruses*!!
Re: Web-Dedicated Metacard
Wow, Brian... cool stuff! I noted that once set to true, it can't be set to false. Is that per session? Or is it saved with the stack? Just curious... Ken Ray Sons of Thunder Software Email: [EMAIL PROTECTED] Web Site: http://www.sonsothunder.com/ - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, December 22, 2002 6:29 PM Subject: Re: Web-Dedicated Metacard Well, there is one nugget already in the language which would help: set the secureMode to true Brian Ouch! I didn't think about that. The big problem with a *sanctioned* web-savvy MetaCard or RunRev player is the potential for *very dangerous viruses*!! ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
RE: Web-Dedicated Metacard
From my reading of the docs it's per session. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ken Ray Sent: Monday, 23 December 2002 11:17 AM To: [EMAIL PROTECTED] Subject: Re: Web-Dedicated Metacard Wow, Brian... cool stuff! I noted that once set to true, it can't be set to false. Is that per session? Or is it saved with the stack? Just curious... Ken Ray Sons of Thunder Software Email: [EMAIL PROTECTED] Web Site: http://www.sonsothunder.com/ - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, December 22, 2002 6:29 PM Subject: Re: Web-Dedicated Metacard Well, there is one nugget already in the language which would help: set the secureMode to true Brian Ouch! I didn't think about that. The big problem with a *sanctioned* web-savvy MetaCard or RunRev player is the potential for *very dangerous viruses*!! ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
My guess would be per session, but I've never used it.
Anything built from libmc ("embedded Metacard") could presumably always set the property if need be, which would pretty much tackle the browser plugin problem.
As far as helper applications, a standalone player could probably be made that did the same thing and always set the secureMode property. Of course anyone could get around this if they *wanted* to by using the ordinary Metacard engine, but it would be a user-safe engine for those that want it.
I'd love to see someone find the time to create all of the delivery goodies for Metacard: browser plugin, apache module, player application. I know there are various pro/cons and reasons that they don't already exist, but they are all very much technically feasible, and could go a long way towards a growing anti-Java following.
Mozilla is open source, and so is Apache...
Brian
Wow, Brian... cool stuff! I noted that once set to true, it can't be set to
false. Is that per session? Or is it saved with the stack? Just curious...
RE: Web-Dedicated Metacard
Good point. Didn't know about 'secureMode'. Though it's pretty much what I was referring to when I mentioned 'sandbox.' Thanks for the tip. Though, if one of the requisites for a player is that it be able to store stacks locally, I guess the securemode couldn't be invoked. -Chipp Well, there is one nugget already in the language which would help: set the secureMode to true Brian ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
One tidbit from playing around: You can easily secure your Metacard distribution from third-party stacks (as far as I can see), by adding the following to your home stack: on startup set the secureMode to true end startup Of course, it's easily hackable on your own machine (just move the home stack), but I can't see any way a third-party stack could do anything running under such a setup- it's effectively on lock-down. FWIW, Brian
Re: Web-Dedicated Metacard
In a message dated 12/22/02 8:56:56 PM, [EMAIL PROTECTED] writes: Oops, that was a little premature. The home stack won't get this message if you drag the stack directly onto the Metacard application. Perhaps on openStack would be better, or maybe this needs a whole standalone to be built... Brian You can easily secure your Metacard distribution from third-party stacks (as far as I can see), by adding the following to your home stack: on startup set the secureMode to true end startup
Re: Web-Dedicated Metacard
Yes, Chipp, great work more musings: I am wondering about the use of the term player assuming we copy the engine by itself and offer this from our own site, the problem become application binding. I don't think if a windoz user simply copies the single engine MC or Revolution file to their hard drive that our apps will auto boot or boot by dropping on the application except on a Mac... right? It would be great if MC or Revolution provided Player Installers like Supercard used to do, one for each platform, so that the application binding business would be handled automatically. I am not particularly interested in trying to make my own 'proprietary apps that are standalone engines and then binding docs to those... I would just as soon let users know that they are in fact using Metacard or Revolution. but maybe Scott and Kevin have reasons for making the developers do that? Of course we could use the installers from the websites i.e. the starter kits... but what we don't want is users to boot into the Dev UI... so i would just as soon not have anything but an engine installer...of course we would be responsible to provide all the libraries in our stack that were need to run properly... On Friday, December 20, 2002, at 01:07 AM, Chipp Walters wrote: From: Chipp Walters [EMAIL PROTECTED] Date: Fri Dec 20, 2002 1:07:16 AM Pacific/Honolulu To: [EMAIL PROTECTED] Subject: RE: Web-Dedicated Metacard Reply-To: [EMAIL PROTECTED] So, what kinds of strategies can anyone suggest to take this beyond the consensus reality barrier? FWIW, I'm using RR/MC to build application which are web-aware. The apps can update themselves using the web, and also download plugins by just clicking on an image in a web page (which autolaunches the RR app). In this way, users who are interested in using my apps automatically can access them via the web. ButtonGadget at: www.buttongadget.com ItemWizard at: www.altuit.com/webs/hemingway/HemTools/ LinksSubmittedbyItemWizardUsers.htm best, Chipp ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
RE: Web-Dedicated Metacard
At one point the Rev team announced the development of a player but it hasn't come about yet. It's something that wouldn't take much work but really should be handled by either Rev or MC. I'd suggest that we need launching of programs from web links but also something like Java WebStart where the player can be launched and a program can be chosen. I'm sure that if we put together a reasonable specification of the requirements then either Scott or Kevin will pick it up. Cheers Monte ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
RE: Web-Dedicated Metacard
So, what kinds of strategies can anyone suggest to take this beyond the consensus reality barrier? FWIW, I'm using RR/MC to build application which are web-aware. The apps can update themselves using the web, and also download plugins by just clicking on an image in a web page (which autolaunches the RR app). In this way, users who are interested in using my apps automatically can access them via the web. ButtonGadget at: www.buttongadget.com ItemWizard at: www.altuit.com/webs/hemingway/HemTools/LinksSubmittedbyItemWizardUsers.htm best, Chipp ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Web-Dedicated Metacard
I changed the thread on this because I am also following the MC--PostGreSQL closely in its own right... OK, so agreed, we can use Metacard to provide content over the web. I am doing it already in a very small way... but let's we discuss this in a larger context (we got 1.7 million visitors on just three of our domains in 2002... those are visitors, not hits) If one broaches the subject of putting in time to develop content for MC based delivery, saying I can get 20 times the content ready for delivery in the same time it would take to get 1 unit of content out via HTML. (I just spend a month of my time with another team member getting one book on line as HTML... amazing amount of human resources required to do such a simple thing.) The answer is typically Well, that's nice, but you are not going to reach as many people... how many are going to download your plug in? You still have to get them to go via a browser and download your stuff... why not just put it up in html in the first place. So, what kinds of strategies can anyone suggest to take this beyond the consensus reality barrier? On Thursday, December 19, 2002, at 03:35 AM, Pierre Sahores wrote: Just as you say, Alain and we, all, are going to open l'avenue des Champs-Elysees to the web-dedicated metacard developments. Because they did'nt know it was impossible,... ;-) ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
So, what kinds of strategies can anyone suggest to take this beyond the consensus reality barrier? Start with the unparalleled interactivity performance of REAL software like MetaCard, versus mere web-browser based access to HTML + JavaScript. For example: once the web page is rendered, can you move things around? *NO*. It's a fundamentally static interface. With MC, OTOH, you can move things around at will, do drag-and-drop, view [scripted] object-oriented drawings and animations, trap all keyboard keys, have a custom menubar, update other stacks relationally ... Try doing any of this with the all-too-popular web-based HTML + JavaScript stuff! The answer is typically Well, that's nice, but you are not going to reach as many people... It all depends on your marketing strategies and tactics, methinks. Adobe Acrobat pulled it off, didn't they! Look at it thir way. Provide the Reader freely. People DL it once and forget it. When you click on a .pdf link in the Web, the PDF document is automatically opened with the Acrobat Reader program/plugin. Simple. Still very web-based given that its still going on in the vicinity of your familiar web-browser (e.g. argument to placate your detractors). Same goes for MetaCard! You can auto-DL stacks on the fly ... If you don't tell em it's MC, the users will probably think that you are providing them with high-performance Java applets! ;-) How many are going to download your plugin? Download the player once, forget thereafter; your web experience, while remaining familiar, will be immensely more stimulating, interactive, and so on, and so on ... than ever before. Here's a further idea to make it even simpler: you might want to design into your stacks the ability to automatically and transparently contact your server in order to auto-update itself whenever necessary e.g. instead of pestering the user to manually update on a periodic basis like many programs/plugins do. You still have to get them to go via a browser and download your stuff... This is a spurious argument, especially given my above suggestions. Besides, you could also use your custom MC-clients as web-savvy programs that the user may not even know is a web program. Imagine for a moment, as I do, a widely distributed network of MC clients and servers acting as one collective distributed entity. Or, more usually, imagine what this could do for your LAN and/or Intranet. Why not just put it up in html in the first place. With HTML, content, content-structure, presentation and interactivity are all intertwined. The least they could do for flexibility and inter-operability is to code the content with XML. In which case, you also have to deal with the CSS and some other related W3C technologies and standards. In which case, it's more complicated to do it this way than the xCard way, and far less *reusable*. In stack form, you can output your content as HTML, XML, in database format, as a CGI, and so on. It's time for all xCards to show their colours and take their right-honorable-place on the podium of excellence, and consequently somewhat displacing the lowest-common-denominator that we have grown used to since 1995, but all for the better! Persuaded yet? ;-) Alain Farmer xCard fanatic PS: I should probably mention that in addition to all of the above, the Java version of FreeCard will be able to be embedded into web-pages in the same manner that Java applets are. No separate program or plugin; the stack in a portion of the web-page. Or vice-versa, I am told, so that we will be able to browse the web inside a widget of the stack's interface. Yup! the web from *within* a stack. __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Web-Dedicated Metacard
Sannyasin Sivakatirswami wrote: I changed the thread on this because I am also following the MC--PostGreSQL closely in its own right... OK, so agreed, we can use Metacard to provide content over the web. I am doing it already in a very small way... but let's we discuss this in a larger context (we got 1.7 million visitors on just three of our domains in 2002... those are visitors, not hits) If one broaches the subject of putting in time to develop content for MC based delivery, saying I can get 20 times the content ready for delivery in the same time it would take to get 1 unit of content out via HTML. (I just spend a month of my time with another team member getting one book on line as HTML... amazing amount of human resources required to do such a simple thing.) The answer is typically Well, that's nice, but you are not going to reach as many people... how many are going to download your plug in? You still have to get them to go via a browser and download your stuff... why not just put it up in html in the first place. So, what kinds of strategies can anyone suggest to take this beyond the consensus reality barrier? One usability argument is at: Beyond the Browser Rediscovering the Role of the Desktop in a Net-centric World http://www.fourthworld.com/embassy/articles/netapps.html For public sites there are admittedly few compelling reasons to counter the confusion factor with helper apps (keeping in mind that 100 is an average IQ). For intranets, however, there are many compelling arguments. Perhaps the most significant is the $1 billion in productivity lost to US corporations to employees doing random Web surfing. MC provides a way to build network-distributable content that is richer than the Web, can be more cost-effective, and provides a focus limited to whatever the stakeholders want. There's also an argument for specialized content beng delivered to focused public audiences, which will be evidenced in a modest lil' gadget I'll be making available by Christmas eve -- Richard Gaskin Fourth World Media Corporation Developer of WebMerge 2.1: Publish any database on any site ___ [EMAIL PROTECTED] http://www.FourthWorld.com Tel: 323-225-3717 AIM: FourthWorldInc ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re:Subject: Web-Dedicated Metacard
Message: 3 Date: Thu, 19 Dec 2002 08:17:01 -1000 Subject: Web-Dedicated Metacard From: Sannyasin Sivakatirswami [EMAIL PROTECTED] To: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] I changed the thread on this because I am also following the MC--PostGreSQL closely in its own right... OK, so agreed, we can use Metacard to provide content over the web. I am doing it already in a very small way... but let's we discuss this in a larger context (we got 1.7 million visitors on just three of our domains in 2002... those are visitors, not hits) If one broaches the subject of putting in time to develop content for MC based delivery, saying I can get 20 times the content ready for delivery in the same time it would take to get 1 unit of content out via HTML. (I just spend a month of my time with another team member getting one book on line as HTML... amazing amount of human resources required to do such a simple thing.) The answer is typically Well, that's nice, but you are not going to reach as many people... how many are going to download your plug in? You still have to get them to go via a browser and download your stuff... why not just put it up in html in the first place. So, what kinds of strategies can anyone suggest to take this beyond the consensus reality barrier? I have to deliver data to a large audience. This data is : 1000 pages of text 1 pictures + caption I want these data to be accessible through search engines like google or altavista for schools with low end or old computers. I also need for some institutions to deliver the same data on a cd-rom or on a local ethernet network. I decided to deliver this data as html for 2 reasons : 1) if my data is pure html, it can be searched through google or altavista ; it means that my 1000 pages, 1 captions and 1 captions are available for everyone on the web. If i put my data in a database or a stack and deliver it through some server-side software, it will be available only to people connected to my web-site, not to people searching for informations. 2) my data are readable without plugin on low end or old computers. The efficient way for me is to program an metacard application for me to edit the data. Does not matter if the text data are stored as fields, custom props, text files, xml files or in an interfaced database (in fact at this time i use text files or xml files). The main fact is that the data is batch-edited in metacard. I can for example export my data as a tagged text, make an orthographical and grammatical correction in Word and get the data back. I can build indexes, make hyperlinks... Of course the pictures are in external files. But i can with metacard sort the pictures by size, make most of the works of resizing and jpeg compression, etc... From this editor oriented metacard app, it is very easy and fast to build either a user oriented metacard app to be delivered on cd-rom or on a local network ; it is also very fast and easy to build html pages. I prepare html templates and metacard mixes the templates with the data. As long as i need an click and go interactivity, this way is perfect. *** I would use a server-side metacard app only if i had to make transactions with the user. For example if i want the user to be able to add new texts or new pictures to my data, or if i had to deliver to the user personalized data. *** When i need user-side interactivity, i can not work with metacard as long there is no web-plugin for metacard. So i have no other choice than working with javascript or flash, but that's an other story... Claude Lemmel / Opus species ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
