If a Bluetooth pedometer syncs its readings to a server through a free application on a PC, how should the operator of the server protect other users from seeing falsified data contributed through a modified application?
It sends the encrypted data to the PC application which uploads that encrypted data to the server.
Every single operating system today has a multitude of security mechanisms of various forms, and various levels of effectiveness. From ACLs, to Group Policy, to Gatekeeper, to SELinux, security has very much become, if not always been, a crucial part of every non-trivial operating system on the planet.
That is a user-configurable layer of security, if that's what you meant when you were talking about being the arbiter of access then we already have that. What I mean is that the OS isn't responsible for prompting you every time a process requests a resource, if that is what you want then you could implement that in a FOSS operating system. You can disallow access to resources broadly already and if mechnisms like SELinux are the kind of access control you are talking about then you already have that so what exactly is it you are complaining about?
Of course if what you want is prompts for access every access to resources then it contradicts your point about "people that set their password to "12345" to have the skill to not click "yes" on every random thing that comes across their screen" and if it's systems like Group Policy and SELinux then that already exists. So what are you proposing, you say the browser shouldn't be the arbiter of access (which strictly speaking it isn't anyway) and obviously Group Policy and SELinux don't do what you're asking for because they already exist (presuming you didn't only just find out about them), you've indicated that a yes/no prompt is not suitable for users so what is the system you're asking for? How should the access control be implemented?
Do you have some examples of secure closed source?
Even if you were to get an answer to that the result would always be "but it could contain undiscovered vulnerabilities" and the same is the case with open source software despite the fact that you can see the code. Yes it does mean that white hats could find and fix bugs easier but it also means black hats could find and exploit bugs easier so whether it is more or less secure depends on who is looking at the code.
There are too many variables to ever broadly say open source or closed source is more secure and it's not something you can prove.
IMO, it's not about Bluetooth being a "special case". It's about not letting the browser access yet another resource and giving control of this resource to whatever JavaScript code the browser is executing at the moment.
But that isn't what is happening, and that isn't what happens with the browser's access to your network or your filesystem or your camera or your microphone. There are checks in place beforehand, maybe you should list the actual steps rather than omitting the ones that don't serve your agenda.
This "why worry about X if we already do Y and Z" attitude is kinda slippery slope, if you'd ask me.
It's because for all the fearmongering and paranoia we see about every new thing. The question is what is special about X that we should worry about when we already to Y and Z with no problems.
The protections and prompts are useless because users tend to just click "OK", "Allow" or whatever the button is to just close the dialog.
Citation? I know this the common "stupid user" characterization but where is the truth to it? If a website asks for access to your camera and microphone do you just automatically say "yes"?
Everybody wants to play devil's advocate and be the fearmongerer, which is fine if you're presenting actual evidence and solution to the problem you're outlining but most of the time here it's just contrived problems, no evidence and no proposed solution. As a result things like camera, microphone, filesystem, etc... access just get added to the browser anyway.
Because the browser should *not* be the arbiter of access to hardware. That's the OS's job. Period.
No it isn't. The OS's job is to provide an interface to the hardware, not access control. However if you feel that is appropriate then go implement it in one of the various FOSS operating systems and prove that it's more secure, clearly it would be in your interest to do so.
Bluetooth devices have largely been shielded because of the layers of steps required in order to compromise one. Google is removing a large number of these steps with this new technology, turning it from being a PITA, to trivial
Can you be a bit more specific about some of these things? You could trivialize the task of compromising pretty much anything by saying that. Exactly what layers of steps have they removed? And can you explain the PITA compromise that is now trivial?
*I'm* not worried about my own equipment, because I know what I'm doing. I'm worried about all the millions of people out there that don't have my level of expertise, and will be ripe for the plucking.
What exactly is it about bluetooth, specifically, that would make this so much worse than the accessibility of devices we have now?
You really expect people that set their password to "12345" to have the skill to not click "yes" on every random thing that comes across their screen?
So why are you advocating for the OS to be arbiter of access then? Obviously if that were the case then it would pop up a yes/no dialog to allow access to the hardware so while you claim to care about these people your characterization of them and your proposed solution demonstrate that you don't at all. So what exactly is your agenda here?
What's the difference between a website getting the user to click "Allow Bluetooth from this site" and a website getting the user to click "Download and install this native application"
The fact that the former just returns a list of nearby bluetooth devices. Then there are further prompts to allow the web application to access a specific device and further to that you would have to go through a pairing procedure if it weren't already paired to the system that the browser is running on.
Because a) bluetooth security is more often than not, a steaming pile of wank,
The artbiter of access to any resource the browser has access to is in the browser itself (if you haven't configured any additional layers of access control). If the user allows access to a specific resource (in this case a bluetooth device) then what part of bluetooth security are you worried about?
b) Bluetooth is used in a huge variety of places
So are home networks and network-connected devices, your browser has access to this too. Not only that but many people expose their network through various external interfaces other than the browser for home automation, security, etc... and have done for a long time.
c) the internet is a ridiculously hostile place
Then don't connect your devices to it, that's in your power.
At an absolute minimum, *some* process outside of Chrome needs to be the final arbiter of what can reach a Bluetooth device
Your browser already has access to your network, the filesystem, camera, microphone, etc... and the protections and prompts are in the browser itself. Why is Bluetooth a special case?
More to the point, people use remote access technologies, web-accessible NAS devices, web-accessible home automation, security systems, etc... all the time, why is Bluetooth suddenly such a worry?
Yes, because the regular web can unlock your bluetooth door lock. And turn your bluetooth thermostat down and freeze your pipes.
I don't think you really understand how bluetooth works. This is about a web browser being able to interact with your bluetooth devices (like any other bluetooth device can), if your door locks can be compromised simply by having a bluetooth device able to interact with them it kind of defeats the purpose of them being locks now doesn't it?
There is still a notable difference between knowing you let the browser run on your computer, and knowing you let random websites reach out and meddle with your bluetooth devices.
So this feature is completely behind the scenes and transparent to the user to the point they don't even know it's happening? Or is it more like the webcam and microphone access we've had for years?
how do I know that my browser is not doing bad things behind my back? I have a browser open all the time, as do most. that, alone, makes this idea super stupid.
Well you say you have a browser open all the time so you're obviously not very worried about your confidence that it's not doing bad things behind your back right now.
I won't accept a browser that should be SAFE, touching things it should not.
If you don't want it to touch certain things then enforce those restrictions yourself. For all the complaining about the "dumbing down of computers" I see here there is a persistent attitude that applications should do exactly what you want without you having to do the unthinkable task of customizing it by turning a setting on or off, or restricting what that application has access to.
If your personal opinion is that it should not have access to those things then don't allow it to. I personally agree with you, but I'm not about to suggest that nobody else is allowed to develop functionality like this and nobody else is allowed to have it just because I don't want it.
It's not about monthly updated, it's about timely updates for critical security issues like this one, irrespective of the platform. I'm not sure what you mean when you say "timely monthly" updates.
If the cost of that is not being able to access the damn filesystem and having everything running in it's own little isolated compartment, I'll just use Android and try not to install malicious apps thanks.
But that isn't the cost of it, the fact that not every process should be able to just run with root privileges whenever it wants is a pretty fundamental part of any modern operating system and indeed is not incompatible with the ability to access the filesystem.
What would prevent a bugged android apk to be delivered via the playstore?
Nothing, in fact I believe it has happened multiple times before.
This is a serious bug, but iOS security superiority is not on its walled garden, but in its timely OS updates.
Correct, but this isn't really about the walled garden. You can sideload apps on iOS too if you have XCode7, but there is no (known) privilege exploit that allows a userland application to get full privileges.
What the fuck does a bug that requires social engineering and ignorant users installing sketchy software have to do with apple's alleged superiority?
Is it not obvious that it's pretty serious when the security of a system can be completely subverted by a non-privileged program? Regardless of whether you have bought into idiotic platform flamewars you can't argue with the fact that any platform that has a bug like this has a serious problem compared to the competition. What is odd is that one of the most commonly presented advantages for Android over iOS is the ability to sideload apps and install apps from non-official app stores thus giving the user control of their device, then a bug like this appears and all of a sudden Android fans act like this is something no sane person would ever think of doing.
Platform wars are moronic but the fascinating thing is the way the logic of the fanboys flips around depending on the current news....not to mention reading comprehension is the next thing to go and as a result I'll probably get branded and "apple fanboy" or a "shill" somewhere after this post.
I have a work system that runs my content creation applications, I basically start it up and run those programs, I don't care about the operating system, it could be running Solaris for all I care, the only thing that matters is that it runs my applications. Switching the operating system is trivial, big box vendors sell systems with Ubuntu pre-installed or I can download a distro for free from the internet and the installer is just a couple of clicks of the 'next' button. So why should go to all of the effort to switch to different applications, most of which lack the features I need with limitations that are particularly cumbersome to work around and break from interoperability with other people just so I can run Linux? What is so awesome and brilliant and compelling about Linux that would be so beneficial to me that I should switch that machine?
A) the fact there was no incumbent in the market using underhanded tactics trying to stop it. As an OEM, losing your cosy relationship with Microsoft in exchange for something new and relatively unproven is a *big* deal. So, no big OEMs would ever take that risk.
Despite your unsubstantiated rantings big OEMs did and do "take that risk". Dell in fact offers Ubuntu on their XPS13, their Inspiron line and their Precision line of computers. Samsung sell the Chromebooks of Microsft's biggest competitor, Google, along with Windows laptops. HP advertise it on their laptops, desktops and workstations.
B) Because of A, there never was and probably never will be any significant amount of computers available for sale with Linux pre-loaded, which is the key.
As listed above there are plenty. They even had them on the shelves at Best Buy but nobody wanted them. Instead of desperately trying to make excuses and blame Microsoft maybe you should consider capitalizing on the extremely low barrier to entry of Linux (preloaded by major OEMs, freely downloadable online, available to try or to install from USB sticks).
D) The general public expects a computer to run Windows, to the point where I've repeatedly been told that a computer "can't run unless it has Windows on it".
Rubbish, one of the biggest selling lines of personal computers in the world is the Mac.
That I'm not still using their products, so the gp's reply to me doesn't apply?
You asked You were saying?, I'm not sure what you're asking. I "was saying" exactly what I wrote, I didn't think it was so unclear as to be confusing. I think I made it abundantly clear that the post referred to people using MS products (the obvious implication that it doesn't apply to those who aren't using MS products), yet you were confused by that and then asked for some clarification, sorry I can't make it simpler than it already is.
So major applications need to make the shift or the customers will leave them behind, just the way it is.
No, the reason they haven't made the switch is that they don't need to and customers aren't leaving them behind. Why target Linux when it's only ~2% of the market and users are quite happy to just run whatever operating system supports the application? I know it's difficult for IT admins to understand but the vast majority of users don't care about the operating system, they care about the applications.
Where's the modern equivalent of an Apple II or Commodore 64?
What feature(s) of them are you talking about? With a modern x86 PC and a Linux distro you have even more customization options to make it do what you want than you ever had with the Apple II and Commodore64.
I think we're due for a reinvention of the PC.
We've already had that: People went from doing their personal computing tasks on a PC to doing them on a smartphone or a tablet and the PC remains for those tasks best suited for a desktop.
The only thing for sure is that it's NOT WINDOWS 10 and it'll probably percolate out of the phone/tablet space in some way.
The most important element of an operating system - the one that trumps all others - is that it runs the programs the user wants it to run. Right now the only one that does that in the vast majority of cases on the desktop is Windows and that's why people use it. On mobile it is either iOS or Android. There are plenty of alternative platforms for personal computing (OSX, iOS, Chromebooks, Linux, Android, BSD, Raspberry Pi, etc.) so is there some thing you need (and think would be applicable to any sizable portion of people) that you cannot get from these platforms already?
Slashdot Mirror
If a Bluetooth pedometer syncs its readings to a server through a free application on a PC, how should the operator of the server protect other users from seeing falsified data contributed through a modified application?
It sends the encrypted data to the PC application which uploads that encrypted data to the server.
Every single operating system today has a multitude of security mechanisms of various forms, and various levels of effectiveness. From ACLs, to Group Policy, to Gatekeeper, to SELinux, security has very much become, if not always been, a crucial part of every non-trivial operating system on the planet.
That is a user-configurable layer of security, if that's what you meant when you were talking about being the arbiter of access then we already have that. What I mean is that the OS isn't responsible for prompting you every time a process requests a resource, if that is what you want then you could implement that in a FOSS operating system. You can disallow access to resources broadly already and if mechnisms like SELinux are the kind of access control you are talking about then you already have that so what exactly is it you are complaining about?
Of course if what you want is prompts for access every access to resources then it contradicts your point about "people that set their password to "12345" to have the skill to not click "yes" on every random thing that comes across their screen" and if it's systems like Group Policy and SELinux then that already exists. So what are you proposing, you say the browser shouldn't be the arbiter of access (which strictly speaking it isn't anyway) and obviously Group Policy and SELinux don't do what you're asking for because they already exist (presuming you didn't only just find out about them), you've indicated that a yes/no prompt is not suitable for users so what is the system you're asking for? How should the access control be implemented?
Do you have some examples of secure closed source?
Even if you were to get an answer to that the result would always be "but it could contain undiscovered vulnerabilities" and the same is the case with open source software despite the fact that you can see the code. Yes it does mean that white hats could find and fix bugs easier but it also means black hats could find and exploit bugs easier so whether it is more or less secure depends on who is looking at the code.
There are too many variables to ever broadly say open source or closed source is more secure and it's not something you can prove.
IMO, it's not about Bluetooth being a "special case". It's about not letting the browser access yet another resource and giving control of this resource to whatever JavaScript code the browser is executing at the moment.
But that isn't what is happening, and that isn't what happens with the browser's access to your network or your filesystem or your camera or your microphone. There are checks in place beforehand, maybe you should list the actual steps rather than omitting the ones that don't serve your agenda.
This "why worry about X if we already do Y and Z" attitude is kinda slippery slope, if you'd ask me.
It's because for all the fearmongering and paranoia we see about every new thing. The question is what is special about X that we should worry about when we already to Y and Z with no problems.
The protections and prompts are useless because users tend to just click "OK", "Allow" or whatever the button is to just close the dialog.
Citation? I know this the common "stupid user" characterization but where is the truth to it? If a website asks for access to your camera and microphone do you just automatically say "yes"?
Everybody wants to play devil's advocate and be the fearmongerer, which is fine if you're presenting actual evidence and solution to the problem you're outlining but most of the time here it's just contrived problems, no evidence and no proposed solution. As a result things like camera, microphone, filesystem, etc... access just get added to the browser anyway.
Because the browser should *not* be the arbiter of access to hardware. That's the OS's job. Period.
No it isn't. The OS's job is to provide an interface to the hardware, not access control. However if you feel that is appropriate then go implement it in one of the various FOSS operating systems and prove that it's more secure, clearly it would be in your interest to do so.
Bluetooth devices have largely been shielded because of the layers of steps required in order to compromise one. Google is removing a large number of these steps with this new technology, turning it from being a PITA, to trivial
Can you be a bit more specific about some of these things? You could trivialize the task of compromising pretty much anything by saying that. Exactly what layers of steps have they removed? And can you explain the PITA compromise that is now trivial?
*I'm* not worried about my own equipment, because I know what I'm doing. I'm worried about all the millions of people out there that don't have my level of expertise, and will be ripe for the plucking.
What exactly is it about bluetooth, specifically, that would make this so much worse than the accessibility of devices we have now?
You really expect people that set their password to "12345" to have the skill to not click "yes" on every random thing that comes across their screen?
So why are you advocating for the OS to be arbiter of access then? Obviously if that were the case then it would pop up a yes/no dialog to allow access to the hardware so while you claim to care about these people your characterization of them and your proposed solution demonstrate that you don't at all. So what exactly is your agenda here?
What's the difference between a website getting the user to click "Allow Bluetooth from this site" and a website getting the user to click "Download and install this native application"
The fact that the former just returns a list of nearby bluetooth devices. Then there are further prompts to allow the web application to access a specific device and further to that you would have to go through a pairing procedure if it weren't already paired to the system that the browser is running on.
Because a) bluetooth security is more often than not, a steaming pile of wank,
The artbiter of access to any resource the browser has access to is in the browser itself (if you haven't configured any additional layers of access control). If the user allows access to a specific resource (in this case a bluetooth device) then what part of bluetooth security are you worried about?
b) Bluetooth is used in a huge variety of places
So are home networks and network-connected devices, your browser has access to this too. Not only that but many people expose their network through various external interfaces other than the browser for home automation, security, etc... and have done for a long time.
c) the internet is a ridiculously hostile place
Then don't connect your devices to it, that's in your power.
At an absolute minimum, *some* process outside of Chrome needs to be the final arbiter of what can reach a Bluetooth device
Your browser already has access to your network, the filesystem, camera, microphone, etc... and the protections and prompts are in the browser itself. Why is Bluetooth a special case?
More to the point, people use remote access technologies, web-accessible NAS devices, web-accessible home automation, security systems, etc... all the time, why is Bluetooth suddenly such a worry?
No, it will probably work on a per-site basis given that is how the microphone and webcam functionality works.
webcam and microphone is not directly accessible via the browser and needs some control service/driver.
And bluetooth doesn't need any kind of service or driver?
Yes, because the regular web can unlock your bluetooth door lock. And turn your bluetooth thermostat down and freeze your pipes.
I don't think you really understand how bluetooth works. This is about a web browser being able to interact with your bluetooth devices (like any other bluetooth device can), if your door locks can be compromised simply by having a bluetooth device able to interact with them it kind of defeats the purpose of them being locks now doesn't it?
There is still a notable difference between knowing you let the browser run on your computer, and knowing you let random websites reach out and meddle with your bluetooth devices.
So this feature is completely behind the scenes and transparent to the user to the point they don't even know it's happening? Or is it more like the webcam and microphone access we've had for years?
how do I know that my browser is not doing bad things behind my back? I have a browser open all the time, as do most. that, alone, makes this idea super stupid.
Well you say you have a browser open all the time so you're obviously not very worried about your confidence that it's not doing bad things behind your back right now.
I won't accept a browser that should be SAFE, touching things it should not.
If you don't want it to touch certain things then enforce those restrictions yourself. For all the complaining about the "dumbing down of computers" I see here there is a persistent attitude that applications should do exactly what you want without you having to do the unthinkable task of customizing it by turning a setting on or off, or restricting what that application has access to.
If your personal opinion is that it should not have access to those things then don't allow it to. I personally agree with you, but I'm not about to suggest that nobody else is allowed to develop functionality like this and nobody else is allowed to have it just because I don't want it.
Our Windows admins regularly swear at and about dumb issues with Microsoft's hardware.
What sort of 'dumb issues'?
It's not about monthly updated, it's about timely updates for critical security issues like this one, irrespective of the platform. I'm not sure what you mean when you say "timely monthly" updates.
If the cost of that is not being able to access the damn filesystem and having everything running in it's own little isolated compartment, I'll just use Android and try not to install malicious apps thanks.
But that isn't the cost of it, the fact that not every process should be able to just run with root privileges whenever it wants is a pretty fundamental part of any modern operating system and indeed is not incompatible with the ability to access the filesystem.
What would prevent a bugged android apk to be delivered via the playstore?
Nothing, in fact I believe it has happened multiple times before.
This is a serious bug, but iOS security superiority is not on its walled garden, but in its timely OS updates.
Correct, but this isn't really about the walled garden. You can sideload apps on iOS too if you have XCode7, but there is no (known) privilege exploit that allows a userland application to get full privileges.
What the fuck does a bug that requires social engineering and ignorant users installing sketchy software have to do with apple's alleged superiority?
Is it not obvious that it's pretty serious when the security of a system can be completely subverted by a non-privileged program? Regardless of whether you have bought into idiotic platform flamewars you can't argue with the fact that any platform that has a bug like this has a serious problem compared to the competition. What is odd is that one of the most commonly presented advantages for Android over iOS is the ability to sideload apps and install apps from non-official app stores thus giving the user control of their device, then a bug like this appears and all of a sudden Android fans act like this is something no sane person would ever think of doing.
Platform wars are moronic but the fascinating thing is the way the logic of the fanboys flips around depending on the current news. ...not to mention reading comprehension is the next thing to go and as a result I'll probably get branded and "apple fanboy" or a "shill" somewhere after this post.
An exercise that may help you understand:
I have a work system that runs my content creation applications, I basically start it up and run those programs, I don't care about the operating system, it could be running Solaris for all I care, the only thing that matters is that it runs my applications. Switching the operating system is trivial, big box vendors sell systems with Ubuntu pre-installed or I can download a distro for free from the internet and the installer is just a couple of clicks of the 'next' button. So why should go to all of the effort to switch to different applications, most of which lack the features I need with limitations that are particularly cumbersome to work around and break from interoperability with other people just so I can run Linux? What is so awesome and brilliant and compelling about Linux that would be so beneficial to me that I should switch that machine?
A) the fact there was no incumbent in the market using underhanded tactics trying to stop it. As an OEM, losing your cosy relationship with Microsoft in exchange for something new and relatively unproven is a *big* deal. So, no big OEMs would ever take that risk.
Despite your unsubstantiated rantings big OEMs did and do "take that risk". Dell in fact offers Ubuntu on their XPS13, their Inspiron line and their Precision line of computers. Samsung sell the Chromebooks of Microsft's biggest competitor, Google, along with Windows laptops. HP advertise it on their laptops, desktops and workstations.
B) Because of A, there never was and probably never will be any significant amount of computers available for sale with Linux pre-loaded, which is the key.
As listed above there are plenty. They even had them on the shelves at Best Buy but nobody wanted them. Instead of desperately trying to make excuses and blame Microsoft maybe you should consider capitalizing on the extremely low barrier to entry of Linux (preloaded by major OEMs, freely downloadable online, available to try or to install from USB sticks).
D) The general public expects a computer to run Windows, to the point where I've repeatedly been told that a computer "can't run unless it has Windows on it".
Rubbish, one of the biggest selling lines of personal computers in the world is the Mac.
That I'm not still using their products, so the gp's reply to me doesn't apply?
You asked You were saying?, I'm not sure what you're asking. I "was saying" exactly what I wrote, I didn't think it was so unclear as to be confusing. I think I made it abundantly clear that the post referred to people using MS products (the obvious implication that it doesn't apply to those who aren't using MS products), yet you were confused by that and then asked for some clarification, sorry I can't make it simpler than it already is.
I would think you would have googled for it or noticed the privacy policy of the software but if you really are incapable of that then here you go.
So major applications need to make the shift or the customers will leave them behind, just the way it is.
No, the reason they haven't made the switch is that they don't need to and customers aren't leaving them behind. Why target Linux when it's only ~2% of the market and users are quite happy to just run whatever operating system supports the application? I know it's difficult for IT admins to understand but the vast majority of users don't care about the operating system, they care about the applications.
Where's the modern equivalent of an Apple II or Commodore 64?
What feature(s) of them are you talking about? With a modern x86 PC and a Linux distro you have even more customization options to make it do what you want than you ever had with the Apple II and Commodore64.
I think we're due for a reinvention of the PC.
We've already had that: People went from doing their personal computing tasks on a PC to doing them on a smartphone or a tablet and the PC remains for those tasks best suited for a desktop.
The only thing for sure is that it's NOT WINDOWS 10 and it'll probably percolate out of the phone/tablet space in some way.
The most important element of an operating system - the one that trumps all others - is that it runs the programs the user wants it to run. Right now the only one that does that in the vast majority of cases on the desktop is Windows and that's why people use it. On mobile it is either iOS or Android. There are plenty of alternative platforms for personal computing (OSX, iOS, Chromebooks, Linux, Android, BSD, Raspberry Pi, etc.) so is there some thing you need (and think would be applicable to any sizable portion of people) that you cannot get from these platforms already?