On Friday, January 18, 2013 3:25:09 PM UTC+1, Gervase Markham wrote: > On 18/01/13 13:42, Severin Kistner wrote: > > > The issue I have with Firefox OS is I trust Mozilla to the bone. They > > > control b2g and can theoretically do everything imaginable with the > > > device. You have your own botnet out there and you can change > > > everything at any moment silent and instantly. > > > > That's not necessarily true; Mozilla may well not be in sole control of > > the update process for shipped phones. (I don't know what the plans are > > here.) It may be that the carriers make and ship the builds. > > > > > I know a lot of people are concerned about Google, but you still can > > > decide what data I give them. Mozilla could theoretically just > > > silently change some code and intercept calls, steal data from other > > > apps, plant false evidence or anything else you can think of. > > > > So could Google on your Android phone or Apple on your iPhone. > > > > > What mechanism protects me, or because you have a Open Source > > > philosophy another provider, from Mozilla here? > > > > Whenever you install software on a platform you are trusting its > > provider. If you run Windows, you are trusting Microsoft. If you run > > Flash, you are trusting Adobe. The difference with Mozilla is that our > > code is public, and our non-profit status constrains us to act according > > to our mission. You don't get that elsewhere. > > > > But, unless you build it from scratch yourself, there is no such thing > > as a "trust no-one" device. > > > > Gerv
Your arguments are valid, but I think b2g takes this to the extreme. For all the other devices you mentioned the update process is pretty slow and in this case I see that as a good thing. If there is a malicious update and the first ones get it, they recognize it and can warn other people not to make that update right now. I also know that my phone changed, so when I get a system update you are aware that your phone is different from before. That's why I emphasized "silently" and "instant". If the malicious thing takes just one day, everyone who has an active phone is affected and unless some independent entity is watching these updates all the time people don't even realize it. Also a mayor bug can disable all the phones in an instant, so you have also a killswitch, intentionally or not, for all the phones. A single point of failure. I don't say these concerns do not exist about other OS providers, it's just one mayor step more than in the other cases. The idea of the browser is that there exists a clear separation between the client, engine, the data and the hardware. This makes it really secure and robust in my opinion. Firefox OS combines all of them into one. Severin _______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
