Language Selection

English French German Italian Portuguese Spanish

Intent Is The Problem

Filed under
OS

Of late, I keep banging into the problem that people want systems to be “secure by default”: they don’t want to pester the user about security. They want the system to just do the right thing. The problem is, this just isn’t possible. One example I like to give is “rm -rf *“. Clearly this command is sometimes a very bad idea, and sometimes exactly what you want to do. If some piece of code I mistakenly trusted runs that command on my behalf, I might be very sad about it. Therefore, any system that wants to be “secure” has to somehow know that when I move to some directory and type rm -rf * I mean it, and when I run a piece of code I’m expecting to (say) edit some text, I don’t mean it, and it should not be allowed to do it.

How can the system discover this? Clearly it must be through some user action. The user must behave differently in some way in the two cases, so that the system can discover his intent. Therefore it is impossible to be “secure” without, in some way, consulting the user about his intent.

Rest Here

More in Tux Machines

Leftovers: KDE

  • KDE's Project Neon Begins Publishing Daily Wayland Images
    KDE -- KDE's Project Neon has begun publishing daily images of the latest KDE Plasma stack powered atop Wayland rather than the X.Org Server. Jonathan Riddell passed along word that daily ISOs are now being spun of the freshest KDE development code with KWin acting as a Wayland compositor. The OS base is still Ubuntu 16.04 LTS.
  • The Qt Company's Qt Start-Up
    The Qt Company is proud to offer a new version of the Qt for Application Development package called Qt Start-Up, the company's C++-based framework of libraries and tools that enables the development of powerful, interactive and cross-platform applications and devices. Now used by around one million developers worldwide, the Qt Company seeks to expand its user base by targeting smaller enterprises.

Linux 4.5.3

I'm announcing the release of the 4.5.3 kernel. All users of the 4.5 kernel series must upgrade. The updated 4.5.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.5.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-st... thanks, greg k-h Read more Also: Linux 4.4.9 Linux 3.14.68

Open source near ubiquitous in IoT, report finds

Open source is increasingly standard operating procedure in software, but nowhere is this more true than Internet of Things development. According to a new VisionMobile survey of 3,700 IoT developers, 91% of respondents use open source software in at least one area of their software stack. This is good news for IoT because only open source promises to reduce or eliminate the potential for lock-in imposed by proprietary “standards.” What’s perhaps most interesting in this affection for open source, however, is that even as enterprise developers have eschewed the politics of open source licensing, IoT developers seem to favor open source because “it’s free as in freedom.” Read more

Ubuntu 16.04 – My Experience so Far and Customization

While I earnestly anticipated the release of Unity 8 with Xenial Xerus (after watching a couple of videos that showcased its function), I was utterly disappointed that Canonical was going to further push its release — even though it was originally meant to debut with Ubuntu 14.04. Back to the point at hand, I immediately went ahead and installed Unity Tweak Tool, moved my dash to the bottom (very important) and then proceeded to replace Nautilus with the extensive Nemo file manager which is native to Linux Mint and by far superior to the former (my opinion). Read more