At Wed, 26 Apr 2006 14:48:13 -0600, "Christopher Nelson" <[EMAIL PROTECTED]> wrote: > You can't, obviously. As system administrators, we don't want random > people hooking their junk up to the computer. It's not THEIR computer, > so they don't get to decide what they can hook up to it, anyway.
Random people don't even get access to YOUR computer, so what? When we are talking about systems that are set up by one group of people and accessed by another, then almost always we are talking about systems involving the public to some extent. For example, library terminals, workplace desktop computers etc. In these cases, it will not be what the system administrator wants alone that counts. Instead, there will be negotiation in public at many levels, and the final result will be something that is subject to policies that will always be public to some extent. They will be bounded by technical feasibility, of course, but that's what we are working on, right? > There are plenty of reasons why I want to deny you access to a so-called > "safe" bus. For example, I don't want you hooking up a USB network card > to a computer, and potentially doing something malicious to the network > with your device. Uhm, to what network? The one on the USB network card interface? If you give someone access to a network via a port, how can you prevent them to hook up any device they want to the network, without actually sitting behind them and hitting them over the head? This example doesn't make any sense to me. > I don't want you to hook up a camera or a scanner > that you can use to steal sensitive documents. If I have access to sensitive documents, I can already steal them. If a camera or scanner is nearby, then it's even easier (with computer or without). Plus, I may even be morally (and legally) obligued to steal them, for example if they are evidence of criminal activities that is in the danger of being destroyed for cover-up. > There are a lot of > things I may not want you to do with a system that you use but DO NOT > own. If you can install a random driver, I cannot prevent those things > because I do not know where on the USB device they may show up, and I do > not know all the possible ID's of all the possible hardware that I > forbid on my systems. Therefore, it is imposssible for me to fabricate > a set of policies that permit or deny and given device. Obviously, you will then not use the Hurd. Not only for this, but for a number of other reasons as well. As people will become more computer literate, and computers become more ubiquitious, there will be a struggle of the users against the system administrators. Users will slowly wrestle more control over the computers _they_ use. It will then become the job of the system administrator to allow that level of control and to make it safe at the same time. It will be more difficult, but they will have to learn to deal with it. Don't believe me? It has happened before, take for example the doctor-patient relationship and how patients have become a bit more in control over their health care in the recent decades (at least in Germany). System administrators today are "gods in white robes", as it happened so often in history where a new technique was developed which was not yet understood widely. But that's just for the moment, it can change and it will change. The Hurd will be an operating system that welcomes participation and self-management by the users. It will de-emphasize the system administrators role. It will not be a good tool for dictatorial control, but it will protect users and applications from each other and from mistakes. Thanks, Marcus _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
