[conspire] Ehhh... Linux image problem, ya think?
Rick Moen
rick at linuxmafia.com
Tue May 23 22:32:13 PDT 2006
Quoting Daniel Gimpelevich (daniel at gimpelevich.san-francisco.ca.us):
> On Tue, 23 May 2006 20:51:10 -0700, Rick Moen wrote:
> > "Trusted Computing" [sic] is where your computer will do only what some
> > corporate baron permits it to (at least, in the operating mode where
> > it's allowed access to data of interest). I spoke merely of signed
> > packages, and schemes for the local admin to vet those signatures.
> > (If you don't like that, you'll hate Fedora, Debian, Ubuntu, etc.)
>
> Basically the "Are you sure you want to use unknown software?" prompt with
> "Yes" disabled.
No, that would be a rather wretched outcome, and (I would think) rather
poor engineering. The current Debian approach to signed-package
checking (at least in testing=etch) is a decent _start_, though it could
be greatly improved (and altered to match this hypothetical
less-centralised situation): If your apt-get session's fetched packages
include some that are unsigned, at the point where it calls dpkg,
apt-get informs you of which packages lack gpg signatures capable of
being verified in your current package-signing keyring. At _that_
point, you have the option of saying (figuratively) "That's OK, go ahead
anyway."
An improved version of that step might also furnish an educated guess
about where a trustworthy key might be found -- and maybe measures to
make it more likely that the user will have acquired one in the first
place.
> If "Yes" is disabled through user intimidation rather than
> code, the net effect is almost the same.
The Unix way is not to intimidate the admin -- we have Unix itself to do
that -- but just as appropriate to require the right credentials and in
places have a (removable) default prompt of "Are you _quite_ sure. You
risk doing [foo], if you aren't."
Yes, users on some platforms do have a dreadful track record for making
the wrong dialogue choices for the wrong reasons -- I'll have to tell
you my MS-Word macro virus story, some time -- but this need not be the
case.
More information about the conspire
mailing list