Apps Messaging -- A New Approach
Mark Taylor
m.b.taylor at bristol.ac.uk
Mon Apr 30 03:16:46 PDT 2007
On Mon, 30 Apr 2007, Mike Fitzpatrick wrote:
> Hi Mark,
> I take your point and applaud your thoughtfullness. We too have
> multi-user machines and students, we also have large heavy objects that
> could be carried into offices to smash hard drives into little tiny bits
> to destroy the same data files. I consider the likelihood of data loss
> due to msg hacking or heavy objects to be about the same and have as
> much time to guard against each equally.
> Did I freak everyone out with the message spoofing point or has
> security been a major deal with PLASTIC for a while?
No, it's not been a major deal, and I take your point that security
is always a trade-off. In my view the particular level of danger
in the situation I was talking about was unacceptable, so I fixed
something up to work around it, and made a note that it would be
nice if it was built into the protocol so that I didn't have to
to the same thing in the future. As far as I know, nobody else
has come across a real-world instance where they've had to do the
same thing, so, if nobody else thinks it's a worry I'm happy to
see it go by the board (we can see how the votes stack up on the
wiki page). The main point I'd make is that the changes that
would be required to the protocol to implement better security than
it now has are not very difficult to specify or implement.
Mark
P.S. We also lock server rooms round here to defend against axe-wielding
undergraduates.
--
Mark Taylor Astronomical Programmer Physics, Bristol University, UK
m.b.taylor at bris.ac.uk +44-117-928-8776 http://www.star.bris.ac.uk/~mbt/
More information about the apps
mailing list