Hi all,
Thank you for the thoughtful feedback!
How about this for a strawman:
- plugin behavior is driven by the blocklist for agility
- softblock is typical "click-thru" to play
- hardblock requires some significant interaction (context menu or safebrowsing
type inline warning)
- user can ove
I won't be able to make the call, but I've left one comment inline:
On Tue, Mar 6, 2012 at 10:15 PM, ptheriault wrote:
> Chris,
>
> Below is a summary of threats and controls for further discussion.
> Disclaimer: this is my understanding from various conversations, wiki pages,
> bugs and IRC ch
Chris,
Below is a summary of threats and controls for further discussion. Disclaimer:
this is my understanding from various conversations, wiki pages, bugs and IRC
chats, so it's rough, probably varies from whats implemented (or what the final
goals are), but its a starting point. Ultimately th
Thanks for the pointer, Fabrice.
I've been studying Chrome extension & Android app permissions; some of
those results are relevant to this discussion. Links to the full papers
are below. Here are some of the main lessons and recommendations from
those studies:
-- Permissions significantly limi
On 03/06/2012 05:11 AM, Ben Francis wrote:
On Mon, Mar 5, 2012 at 11:16 PM, Adam Barthwrote:
There's been a bunch of research on the Android permission model in
academia, including a bunch of suggestions for how to do better. If
you'd like, I'd be happy to connect you with the folks who've stu
On Mon, Mar 5, 2012 at 11:16 PM, Adam Barth wrote:
> There's been a bunch of research on the Android permission model in
> academia, including a bunch of suggestions for how to do better. If
> you'd like, I'd be happy to connect you with the folks who've studied
> this topic (off-list).
>
I'd be