There's a reason why most people don't use it. Microsoft's implementation is flawed to say the least. When a user sets themselves up this way and then installs programs as an Administrator, they find that they can't run the programs completely or correctly as the lower privilege user. Some of this is due to Windows application programmers doing boneheaded things. Much of it has to do with the programming practices Microsoft has fostered - like writing to global registry keys in the Windows 95 and 98 days. Contrast this will Apple which has gotten the APIs right, put out tutorials on how to do this and most importantly made the whole process of installing as Administrator but running as a User as painless as possible.
"For those deeply involved in politics, this is a good idea, but Free Software Licenses have traditionally placed no restrictions on use."
This is not strictly true. The BSD license used to disallow use of software issued under it from being used by the "Police of South Africa", to make a point against apartheid.
Idea similar to Multi-Path Movies
on
Fahrenheit
·
· Score: 1
Stemming from the idea of multi-path books that were available decades ago, a company called Brilliant Digital Entertainment created Multi-Path Movies in the hope of hybridizing the media of games and movies.
Since they were designing at a time when the market consisted primarily of telephone modem users, their work relies heavily on polygon representations of scenes, so that the storage requirements are small and richly rendered graphics can then be sent rapidly over low bandwidth channels.
They produced quite a large body of work with popular characters such as Superman, Ace Ventura, Xena, Pop Eye. The remnants of the work can be seen at the BDE site.
The idea never really caught the public's interest, though, despite free versions being available on the web. Similarly, earlier attempts by media conglomerates never were able to draw consumers into interactive TV. It remains to be seen if there is a sustainable market or whether passive entertainment remains popular. After all, it serves as a means to immerse one's self in a distraction from a divorced universe, where one can remain separate and non-participatory out of choice, a mode where the most relaxation may be achieved for some.
1. While you did not introduce the notion of an access-matrix, you referenced a theoretic proof regarding the security of DAC. Acess Control models implicitly build on the access-matrix or a transformation of it.
2. It's true that you did not use the HRU result. If you could point to the work that you did base your claim on, it would be helpful. Alternatively, summarize the insight of the proof so we can understand the merit of your assertion.
3. Again, a statement you make borders on misleading. Your 3rd point is untrue. MAC forces labels and sensitivity designations. The actual policy is responsible for stating the information flow rules.
The trojan of your example can easily be transferred between processes with the same clearance belonging to different subjects.
Apart from that, MAC and DAC refer to *models*. Errors in *implementation* and configuration still abound, and a MAC system will not help in this case.
The parent post in incomplete at best, and if viewed less charitably it is misleading.
1. The 1976 Harrison, Ruzzo and Ullman result (from "Protection in Operating Systems") pertains to "safety" in the access-matrix model. Inferences about security need to verify the implementation of the model as well.
2. The result only applies to a system where an infinite number of subjects and objects can be created. An implementation on a typical OS does not suffer from this limitation since resources of the host that are used for the digital representation are finite.
3. Their proof reduces a Turing machine to the access-matrix model, introducing a mapping between decidability and the leakage of a right in the access-matrix. Deciding whether a specific leak occurs is the equivalent, then, of solving the Halting problem. This proof, however, says nothing for a system where more specific knowledge of the system is used, where you *can* make stronger inferences. Look to the mono-operational system for a concrete, albeit impractical, example.
4. Their results hold for any model that uses an access-matrix, regardless of whether it is Discretionary or Mandatory.
An RIAA spokesperson today announced that in the interest of equitable treatment of consumers, it was instituting a new program, labeled the Pre-Owned Media Fair Pricing Program.
The new program will be effected as follows. All used CD stores are to register with the RIAA. In turn, all consumers who sell CDs to these stores must register with the store and allow information about themselves to be registered with the RIAA as Mini-Sellers. The RIAA will henceforth refund to the Mini-Seller any amount they had received during the initial sale of the CD.
The RIAA spokesperson ackowledged that as a CD continued to be resold, and its value dropped, the RIAA would be paying out more than it would receive in royalties on a per-CD basis. They stated that the consumer's happiness was their primary goal and this was an acceptable price to pay.
Consumer advocates, however, cautioned that the underlying goal of the RIAA is two-fold. The first is to build a large database of music-listeners (in the form of a list of Mini-Sellers) and their listening preferences. In the future, if a listener was found to possess music not matching the Bayesian prediction of their tastes, it would be deemed pirated and they would be prosecuted.
A second pointed noted by consumer advocates is that while it appears that the RIAA is acting to maximize the listening pleasures of consumers by motivating them to listen to alot of new music, there is a different purpose in play here. The actual goal of the RIAA is to harness the labour of the music-lovers to get them to rip the music to MP3 format, and to further use them and their paid-for bandwidth for the purpose of distribution of the music. At a later point in time, it is expected that the RIAA will then use it's list of music-consumers to effect random checks for pirated MP3s and prosecute them, much like the BSA (Business Software Alliance) does for software now.
Slashdot Mirror
There's a reason why most people don't use it. Microsoft's implementation is flawed to say the least. When a user sets themselves up this way and then installs programs as an Administrator, they find that they can't run the programs completely or correctly as the lower privilege user. Some of this is due to Windows application programmers doing boneheaded things. Much of it has to do with the programming practices Microsoft has fostered - like writing to global registry keys in the Windows 95 and 98 days. Contrast this will Apple which has gotten the APIs right, put out tutorials on how to do this and most importantly made the whole process of installing as Administrator but running as a User as painless as possible.
"For those deeply involved in politics, this is a good idea, but Free Software Licenses have traditionally placed no restrictions on use."
This is not strictly true. The BSD license used to disallow use of software issued under it from being used by the "Police of South Africa", to make a point against apartheid.
Stemming from the idea of multi-path books that were available decades ago, a company called Brilliant Digital Entertainment created Multi-Path Movies in the hope of hybridizing the media of games and movies.
Since they were designing at a time when the market consisted primarily of telephone modem users, their work relies heavily on polygon representations of scenes, so that the storage requirements are small and richly rendered graphics can then be sent rapidly over low bandwidth channels.
They produced quite a large body of work with popular characters such as Superman, Ace Ventura, Xena, Pop Eye. The remnants of the work can be seen at the BDE site.
The idea never really caught the public's interest, though, despite free versions being available on the web. Similarly, earlier attempts by media conglomerates never were able to draw consumers into interactive TV. It remains to be seen if there is a sustainable market or whether passive entertainment remains popular. After all, it serves as a means to immerse one's self in a distraction from a divorced universe, where one can remain separate and non-participatory out of choice, a mode where the most relaxation may be achieved for some.
1. While you did not introduce the notion of an access-matrix, you referenced a theoretic proof regarding the security of DAC. Acess Control models implicitly build on the access-matrix or a transformation of it.
2. It's true that you did not use the HRU result. If you could point to the work that you did base your claim on, it would be helpful. Alternatively, summarize the insight of the proof so we can understand the merit of your assertion.
3. Again, a statement you make borders on misleading. Your 3rd point is untrue. MAC forces labels and sensitivity designations. The actual policy is responsible for stating the information flow rules.
The trojan of your example can easily be transferred between processes with the same clearance belonging to different subjects.
Apart from that, MAC and DAC refer to *models*. Errors in *implementation* and configuration still abound, and a MAC system will not help in this case.
The parent post in incomplete at best, and if viewed less charitably it is misleading.
1. The 1976 Harrison, Ruzzo and Ullman result (from "Protection in Operating Systems") pertains to "safety" in the access-matrix model. Inferences about security need to verify the implementation of the model as well.
2. The result only applies to a system where an infinite number of subjects and objects can be created. An implementation on a typical OS does not suffer from this limitation since resources of the host that are used for the digital representation are finite.
3. Their proof reduces a Turing machine to the access-matrix model, introducing a mapping between decidability and the leakage of a right in the access-matrix. Deciding whether a specific leak occurs is the equivalent, then, of solving the Halting problem. This proof, however, says nothing for a system where more specific knowledge of the system is used, where you *can* make stronger inferences. Look to the mono-operational system for a concrete, albeit impractical, example.
4. Their results hold for any model that uses an access-matrix, regardless of whether it is Discretionary or Mandatory.
San Diego, June 15
An RIAA spokesperson today announced that in the interest of equitable treatment of consumers, it was instituting a new program, labeled the Pre-Owned Media Fair Pricing Program.
The new program will be effected as follows. All used CD stores are to register with the RIAA. In turn, all consumers who sell CDs to these stores must register with the store and allow information about themselves to be registered with the RIAA as Mini-Sellers. The RIAA will henceforth refund to the Mini-Seller any amount they had received during the initial sale of the CD.
The RIAA spokesperson ackowledged that as a CD continued to be resold, and its value dropped, the RIAA would be paying out more than it would receive in royalties on a per-CD basis. They stated that the consumer's happiness was their primary goal and this was an acceptable price to pay.
Consumer advocates, however, cautioned that the underlying goal of the RIAA is two-fold. The first is to build a large database of music-listeners (in the form of a list of Mini-Sellers) and their listening preferences. In the future, if a listener was found to possess music not matching the Bayesian prediction of their tastes, it would be deemed pirated and they would be prosecuted.
A second pointed noted by consumer advocates is that while it appears that the RIAA is acting to maximize the listening pleasures of consumers by motivating them to listen to alot of new music, there is a different purpose in play here. The actual goal of the RIAA is to harness the labour of the music-lovers to get them to rip the music to MP3 format, and to further use them and their paid-for bandwidth for the purpose of distribution of the music. At a later point in time, it is expected that the RIAA will then use it's list of music-consumers to effect random checks for pirated MP3s and prosecute them, much like the BSA (Business Software Alliance) does for software now.