Michael Stone
2007-11-21 20:10:14 UTC
Todd,
The appropriate venue for questions like this is the security mailing list:
security at lists.laptop.org
we believe that this work addresses one of the root causes of the
computer security problem posed by viruses - that users have no
convenient way to run benign software with only the authority it needs.
The Bitfrost spec and accompanying wiki pages should give you some
helpful background on our reasons for making this choice. Also, if you
think of ways to clarify the text, please submit patches for review to
the security mailing list.
"security people" you're thinking of learn that a question has been
posed in a timely fashion.
I recommend directly soliciting feedback by catching one of us on IRC and
pointing us at the location where the question lives.
about what audience is going to be reading them and without knowing why
they are being posed.
In particular, how much do you value simplicity and concision vs.
precision, accuracy, and comprehensiveness?
Michael
The appropriate venue for questions like this is the security mailing list:
security at lists.laptop.org
I'm assuming that if there's *any* chance that a virus/exploit can be
written, that the autoupdate/patch thing might solve some of this -- but
wondering if anyone is having conversations about talking to avg about
writing anti-virus software?
Work on implementing Bitfrost has been a higher priority for us becausewritten, that the autoupdate/patch thing might solve some of this -- but
wondering if anyone is having conversations about talking to avg about
writing anti-virus software?
we believe that this work addresses one of the root causes of the
computer security problem posed by viruses - that users have no
convenient way to run benign software with only the authority it needs.
The Bitfrost spec and accompanying wiki pages should give you some
helpful background on our reasons for making this choice. Also, if you
think of ways to clarify the text, please submit patches for review to
the security mailing list.
Documentation team can help "translate" information if we can get security
people to answer these, perhaps on wiki?
Where the answers are given doesn't reallly matter so long as thepeople to answer these, perhaps on wiki?
"security people" you're thinking of learn that a question has been
posed in a timely fashion.
I recommend directly soliciting feedback by catching one of us on IRC and
pointing us at the location where the question lives.
Q: Will there be computer viruses on the xo? If so, what defense is there?
Q: Is there anti-virus software? If not, why?
Q: Will there be anti-virus software available?
Q: Will there be phishing attacks?
Q: Can I get Norton Anti-virus for the xo?
Q: Can I shop online safely on the xo?
Q: Is the mesh safe for my kids to be on?
Q: Will there be child predators on the mesh?
Q: Can we make a protected portion of the mesh, with background checks like
Second Life does for their teen version?
I can't give useful answers to these questions without knowing moreQ: Is there anti-virus software? If not, why?
Q: Will there be anti-virus software available?
Q: Will there be phishing attacks?
Q: Can I get Norton Anti-virus for the xo?
Q: Can I shop online safely on the xo?
Q: Is the mesh safe for my kids to be on?
Q: Will there be child predators on the mesh?
Q: Can we make a protected portion of the mesh, with background checks like
Second Life does for their teen version?
about what audience is going to be reading them and without knowing why
they are being posed.
In particular, how much do you value simplicity and concision vs.
precision, accuracy, and comprehensiveness?
Michael