l4-hurd
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: To Jonathan [backdoor]

From: Anton Tagunov
Subject: Re: To Jonathan [backdoor]
Date: Wed, 10 Jan 2007 00:56:56 +0300
User-agent: Thunderbird 1.5.0.9 (Windows/20061207) 
Hi,

http://www.boxesandarrows.com/view/interview-with-barry
http://video.google.com/videoplay?docid=6127548813950043200

---- quote from Barry Schwartz ----

[if]        instead of two options, people have 20 or 200 choice
            goes from beneficial to paralyzing

[in US]     when you enter drivers’ license if you’d like to be an organ
            donor you check a box. 90% of people approve of organ
            donation but 20% are organ donors

[in Europe] organ donation is 90%. the only difference is you
            check a box if you don’t want to be an organ donor

---- end of quote ----

What do we conclude? People go with defaults. 80-90% of them do.

J> You, as a user, are free to say
J> "I don't want to run anything that I cannot (transitively) inspect".
J> I, as a developer am free to say
J> "I do not choose to let you inspect my programs,
J> but you are free not to run them at all."

A> Flip the coin. If everybody runs a "free" OS Hollywood shall surrender.

J> Perhaps and perhaps not. But this is a valid choice that society is free
J> to make.

My opinion: most individuals shall not make choice.
Society is to choose *safe defaults* for them.

Isn't it our responsibility as developers to suggest *safe defaults*
and seduce society into using them?

A> scenario: totally opaque OS + TPM + data encryption
A> turns out to be buggy ... won't give back the data

J> The situation could happen. There really are some kinds of data where
J> the risk of disclosure outweighs the risk of loss.

Right. And there are contrary situations. Hence user needs a choice.
But the *default choice* is of crucial importance as Barry says.
What default would benefit human race better?

A> Jonathan if you could build an utmostly secure OS
A> yet having an inspection "backdoor" what would you do?

J> Without any hesitation whatsoever I would leave out the back door.
J> The problem with a back door is that it will not be used for emergency
J> purposes. It will be used primarily by everyday administrators and
J> companies for improper purposes.

Very good point. Let me think for a while.
I want to imagine a back door that shall be not be abused.
Can we design one? Please let us not be fast to judge.

Anton

P.S. Gentlemen, you're grand.
It's a treat of mind both to listen to you and to talk.
Open communities are often the nicest places on the net!
reply via email to
[Prev in Thread] Current Thread [Next in Thread]