On Sun, Feb 27, 2011 at 2:44 PM, fooler mail <fooler.m...@gmail.com> wrote: > with all those statements with lots of question marks.. i wont answer > that as this will go nowhere... > > first of all im not attacking you...
fair enough. >i want you to understand on your > claim that "malware for the next billion" where you dont simply well others are saying that too. not just me. you know thats going to happen right? fair or not. and peoples beliefs are supported by belief systems that goes beyond your control. but i try to keep mine truly technical. > understand the wp7 security model at first hand... thats the main > discussion.. but let me tell you you this.. all your personal security > stuff that you mentioned is not enough to protect you (eg. disk > encryption is only as good when your device is at rest)... same true > with other security design as there is no such thing as 100% bullet > proof security system... the weakest link on the security chain is at > the user side... that is malware focusing more and wp7 security model well i agree. thats why im into mandatory access and multilevel security systems. in some banking systems i worked with we are more concerned of the knowledgable insider than outsiders. but its microsoft people among others were the ones who keep telling everybody that multilevel security is unworkable. thats where i think windows did not go far enough. does wp7 have that? i think what wp7 have is a complex structure of signed binaries and trusted computing style chain of certificates. and microsoft is the sole arbiter and controller in the middle of it all. i have tried doing that myself and the load on the arbiter is just immense and all the users become suspects who are guilty until proven innocent. i think some nokia products are like that. compromises need to be made to make it all work. and this goes beyond security and malware already. > is addressing that to minimize the damage... and no.. im not even > emotionally attached even to this discussion... just want to correct > your bad accusation with technical discussion... > fair enough. -- quarq consulting: agile, open source _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
