Re: A small security feature proposition

From: "Sourav K. Mandal" <smandal mit edu>
To: gnome-list gnome org
Subject: Re: A small security feature proposition
Date: Sat, 03 Jun 2000 05:05:25 -0400

From: Sourav K. Mandal <smandal mit edu>
To: gnome-list gnome org
Subject: Re: A small security feature proposition


In response to Grzegorz Staniak:

The fundamental issue is that most computer users in the world at 
present see computers as appliances, rather than working 
environments, though this is certainly changing.  People don't need 
need graphical utilities to lock the doors of their house at night 
before going to bed (though that would be cool), because they deem 
it important and go to the trouble.  The proposed utility might be 
useful in "training" users to care about such things, but in the end 
a user must care enough to even push that one widget button; 
perhaps, one could set an option by default (unsettable by the user) 
in a filemanager to automatically "lock" files and directories 
unless explicitly unlocked by the user.  Or, one could have a script 
installed by default for user shells that rumbles through a user's 
home directory and locks certain things on logout.

I think a better strategy overall is to impress upon people the 
importance of making backups that are secure and physically separate 
from their machine in case disaster strikes (as demonstrated 
innumerably by the US State Department).  Also, to use "recoverable" 
file deletion utilities, like safedelete or delete/undelete, which 
can be time-sprung to keep things clean automatically.

In short, things will run much more smoothly (and without bitching) 
in the future if "defensive" computer use (like "defensive driving") 
is emphasized with the aid of certain tools (like those suggested), 
rather than attempting to engage in an arms race with malicious 
parties to shield naive users.  Playing devil's advocate, what is to 
stop a virus from doing a "chattr -i" on everything owned by the 
user?  Also, many programs, like mail clients, manipulate a number 
of files behind the scenes -- would not each program have to follow 
this security convention as well?

To summarize, I am stating that user-learned, user-implemented 
protection methods, rather than opaque protection services, devices, 
programs or program features are the most logical course to 
alleviate future mental anguish.

One caveat is that I am simply a long-time Unix user, and no 
security expert, so perhaps I have mistaken the depth of Mr. 
Staniak's suggestion -- corrections welcome.  However, I myself 
could not be bothered to lock/unlock files and directories; 
account-level security is enough for me, given that I make backups 
-- such fine-grain access control is simply too annoying.  Perhaps, 
a different OS paradigm (e.g. Eros?) based on abstracted 
capabilities rather than users could make this less painful for 
users and software, and more acceptable "culturally."

Regards,

Sourav Mandal


------------------------------------------------------------
Sourav K. Mandal

Massachusetts Institute of Technology
Department of Physics
http://web.mit.edu/smandal/www/

"In enforcing a truth we need severity rather than
efflorescence of language. We must be simple, 
precise, terse."

                      -- Edgar Allan Poe, 
                         "The Poetic Principle"

PGP signature

Follow-Ups:
- Re: A small security feature proposition
  - From: Grzegorz Staniak

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]