[Nottingham] Microsoft EULA simplified?

Martin martin at ml1.co.uk
Fri Jul 10 12:23:04 UTC 2009


Michael Erskine wrote:
> 2009/7/10 Martin <martin at ml1.co.uk>:
>> Include strict sandboxing for all web browsers (or even a mini-VM), and
>> certainly permit nothing like the vulnerability silliness of ActiveX,
>> and all stays 'safe' for the web.
> 
> This goes way beyond the discussion of "are user logins intrusive?" --
> vulnerabilities are a different issue. Privilege escalation by system
> flaws even more so. Local user logins are only necessary when limiting
> physical access to the machine is not enough or where it is desirous
> to somehow distinguish between users. In those cases it is by
> definition not intrusive -- it is desired! If we're talking (at cross
> purposes) about privilege escalation to perform a particular task, and
> that being achieved with sudo, or login as another user (perhaps, god
> help us, root) then surely that too is by design, entirely necessary,
> and therefore also not intrusive!

All good points and along the lines of the meeting (brief) discussion.

My 'thesis' is that there is a critical line between user freedom to not 
care about security (or for opening up vulnerabilities) and 'locking 
things down' (intrusively or benignly) in some way to protect the users 
against themselves and so being restrictive.

Similarly so for controlling access rights. Logins are an old and well 
established way of avoiding users meddling with another user's account 
on multi-user machines, but most people see the login as being very 
cumbersome or even daunting.


Can we 'safely' do away with all that on 'home' systems and allow the 
user to not even know that logins and passwords might exist? And still 
be free to reconfigure their systems and still leave the system 
protected from 'meddling' from anything external on the network/internet?

That is, give unfettered 'freedom' to the user to play as they please on 
their machines but still keep them safe from meddling by malware or 
Marketeers or others?

Or do we already have that?

Cheers,
Martin

-- 
----------------
Martin Lomas
martin at ml1.co.uk
----------------



More information about the Nottingham mailing list