> But the difference is who is in final control.  In the end, the users of
 > computers should be in final control, not their makers, or we have given
 > up essential liberty.  We can develop systems which provide suites of
 > more specialized privileges to particular functions, without giving up
 > essential liberty.  We have a long way to go in actually DOING this, but
 > the opportunity is there.
 >


I believe the point of Dan Geer's paper is not that these are desired 
outcomes so much as realistic outcomes. If you cannot provide effective 
security (and we're not) and people are relying more and more on 
computers for real world things (and they are), then someone else (who 
is not a geek) is going to come in and more or less arbitrarily assign 
risk and responsibility to parties. For example (quoting Dan Geer's paper):

"We've done this before—Regulation Z of the Truth in Lending Act of 1968 
says that the most a consumer can lose from misuse of a credit card is 
$50. The consumer can be an idiot, but can't lose more than $50. 
Consumers are, in fact, not encouraged to self-protect by such a 
limit—quite the opposite (and $50 in 1968 would be $275 today). No, if 
there is to be a preemption, the intelligence it requires will be based 
on a duty of surveillance that is assigned to various “deep pockets.” 
The countermeasures, in other words, are not risk-sensitive to where the 
risk naturally lies but risk-sensitive to where it is assigned. Look out 
side effects, here we come."

Something like Regulation Z may not come to pass in information 
security, but if I were a betting man, I think its a more likely outcome 
in the real world than a combination of principle of least privilege + 
perfect code + 4 billion highly trained users; none of which  I have seen.

-gp
_______________________________________________
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
_______________________________________________

Reply via email to