Gervase Markham schrieb: > Nils Maier wrote: >> Identity/Authentication/Authorization and a system of trust. Like >> digital signatures provide when used correctly. See RPM,DEB and signed >> XPIs, where latter lacks the system of trust ATM. >> But this is out of the scope of LF for now. > > Exactly. And these things do not have LF's advantage of being simple to > set up and entirely transparent to the user (both those with LF clients > and those without). > > Solutions which solve the entire problem fully are not the only valid > ones. To say so is to let the best be the enemy of the good.
That all would imply that LF would be still a good security solution. They are not. They are not a security solution at all. They happen to prevent a particular scenario by coincidence. >>> What would an ordinary user possibly want to do with a trojaned >>> executable apart from delete it? Even giving them the option to do >>> something else is dangerous. They select it to delete it but >>> accidentally double-click instead of single-click and Boom! >> >> I don't know. > > OK, then game over. No you got it :D > Our security strategy is to _reduce_ the number of > security decisions a user has to take. If your argument is "there might > be a good reason they should have to make this decision, but I can't > think of one" then that's nowhere near strong enough. Not being security related this is not a security decision. There is no indication at all that something is a trojan or not. >> I can access hosts with mismatched hostnames just fine (click-click). > > Again, not soon. > >> And, to repeat myself, changing that will cause a lot of trouble. >> E.g. it will prevent me from accessing parts of the website of my >> university. OK, the university webmasters messed up, but eventually it >> would be Firefox making me to switch to another browser to access that >> website. > > Or they'll fix it. Mismatched hostnames is a big deal - it basically > means people can spoof your site. Teaching people to click through such > dialogs is bad. > > If 20% of users suddenly can't access the site because of something that > is clearly a misconfiguration (and the browser says "contact the site > admin"), the admins will fix it. We have enough market share now to do > that. > You seem to really believe this? And yet a hell lot of popular websites do not even display at all in Firefox, because the webmasters say they are an IE-only shop. Should I bet on who the users will blame and curse in the end? >> Same with LF. If Firefox does not let me download because the webmaster >> messed up I will likely curse FX maybe curse the webmaster as well and >> switch to another browser which works like it should from my POV. > > And get trojaned. Which is your problem, but you can't say we didn't > warn you. And still, there is no way to know it is a trojan. For that decision you either got a security application (anti-virus) you verify something else or you're out of luck and can make guesses. Doesn't mean that it's suddenly mozilla's job to make those wild guesses for you. I never mandated it to them. >>> http://weblogs.mozillazine.org/gerv/archives/2007/06/choice_considered_harmful.html >>> >> >> Seems your readers do not fully agree with you. > > I didn't say they did. I quoted that URL to avoid having to repeat myself. Was just an observation. >> PS: I still insists to not claim LF had something to do with security. >> They solely about noticing possible data-corruption during transfers. > > As I said on the blog, it's clear you and I have totally different ideas > about what this is for. Thing is, I invented it - so I get to say what > it's for. You can either say "It won't help with that problem", or you > can say "Great idea, let's do it". But you can't say "Actually, it's for > something else, so it should work this way" - because it's not for that > something else. It's for what I say it's for, and stands or falls on > those merits. > > Gerv You did not invent is. That's plain bullshit. Others have used link-fingerprints for different pruposes for year. Including myself. And yet, I don't claim I invented it. What you probably guessed of first was to use LF for data verification. And no, you don't get to say what it is for. Unless you claim you're the owner of mozilla. Feel free to implement it in *your* apps like you want, but don't bother to try to just push it into a community-developed OSS. Do you really think the big mirrors and other vendors will follow your lead just because you said so? And yes, I can say it is for something else. While you might have thought about this way of data-verfication first you did not invent and define (secure) hash algorithms and what they can be used for. A hell lot of researcher did and found that hashes, even the "secure" ones, do not raise the bar in any way when it comes to data trust. My statements on this topic are backed by accepted research and fact, yours are just your beliefs. That last comment changed my opinion of you. You're just some ignorant "inventor" trying to protect his flawed invention and ideas by all means. Thanks for clarifying this. I would still prefer to discuss this in a constructive way, although it seems more and more unlikely to reach a compromise because or opinions are just totally different, but that's life. So if you decide to stop that childish "mine" behavior get in touch again, or not. Greets, although being upset and irritated now Nils _______________________________________________ dev-tech-network mailing list dev-tech-network@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-network
