Hi, On Mon, Dec 29, 2008 at 05:23:45PM +0100, Michal Suchanek wrote:
> What do you mean by "designed for treachery" here? > > A particular feature is not treacherous by itself. What we are > speaking about here is memory protection. Is that treacherous? Not every kind of memory protection -- but the kind used by EROS/Coyotos is designed to support use cases like treacherous computing. > Then all current systems are designed for treachery. No, they aren't. The kind of memory protection implemented by Linux for example is not designed for treacherous use cases. > Is the ability to say "this system is identical to version x.y.z of > system S as certified by cryptography device vendor V" treacherous? Yes. While "positive" use cases for remote attestation can be constructed (though, as you say yourself, their effectiveness is questionable), the typical use cases are definitely treacherous. It allows others to verify that I run the "right" software, thus effectively taking away my control over my computer. > You can bolt on the treachery to any system that provides memory > protection Again, there is a difference between "can be bolted on" and "is an inherent part of the system design". There is a difference between a system that can be made treacherous with some effort, and a system that supports treachery out of the box. > In my view trying to deny users the choice to enter contracts like the > one P requires is not the right way. [...] > You cannot make a system that prevents users from doing something and > still call it 'free'. Well, that is your opinion. We have a different one. GNU never supported the "freedom" to enslave yourself. Every free society has laws that prohibit entering dubious contracts. Most people consider this a good thing -- an essential element of a free society in fact. I don't see why system designs should not be judged on the same moral grounds. I'm stating these things, as you do not seem to be aware of GNU's position; but I deeply hope that you won't try to discuss your view on morality here -- that would be even more off-topic than the rest of this discussion. -antrik-
