2009/2/20 :
> Hi,
>
> On Thu, Feb 19, 2009 at 11:46:38PM +0100, Michal Suchanek wrote:
>> On 23/01/2009, olafbuddenha...@gmx.net
>> wrote:
>
>> > Design and feasible use cases are *not* orthogonal in practice.
>>
>> They are certainly not. I never said they are.
>
> You did imply it, by repeatedl
Hi,
On Thu, Feb 19, 2009 at 11:46:38PM +0100, Michal Suchanek wrote:
> On 23/01/2009, olafbuddenha...@gmx.net
> wrote:
> > Design and feasible use cases are *not* orthogonal in practice.
>
> They are certainly not. I never said they are.
You did imply it, by repeatedly claiming that all we wan
Hello,
Sorry about the late reply.
On 23/01/2009, olafbuddenha...@gmx.net wrote:
> Hi,
>
> On Tue, Jan 13, 2009 at 01:44:59PM +0100, Michal Suchanek wrote:
> > 2009/1/13 :
>
> > > On Fri, Jan 09, 2009 at 06:22:27PM +0100, Michal Suchanek wrote:
>
>
> > > I'm not saying it is impossible to do
Hi,
On Tue, Jan 13, 2009 at 01:44:59PM +0100, Michal Suchanek wrote:
> 2009/1/13 :
> > On Fri, Jan 09, 2009 at 06:22:27PM +0100, Michal Suchanek wrote:
> > I'm not saying it is impossible to do for a really dedicated person.
> > But surely you don't want to claim that this is equivalent in
> > p
2009/1/13 :
> Hi,
>
> On Fri, Jan 09, 2009 at 06:22:27PM +0100, Michal Suchanek wrote:
>> 2009/1/3 :
>
>> >> Yes, the system provides a service out of the box that provides DRM
>> >> memory which might be a step towards DRM content protection. I do
>> >> not like the feature but I have not seen a
Hi,
On Fri, Jan 09, 2009 at 06:22:27PM +0100, Michal Suchanek wrote:
> 2009/1/3 :
> >> Yes, the system provides a service out of the box that provides DRM
> >> memory which might be a step towards DRM content protection. I do
> >> not like the feature but I have not seen a secure system design
>
Hello
2009/1/3 :
[...]
>> Yes, the system provides a service out of the box that provides DRM
>> memory which might be a step towards DRM content protection. I do not
>> like the feature but I have not seen a secure system design without
>> such feature, either.
>
> Well, as I explained, we belie
Hi,
On Wed, Dec 31, 2008 at 02:35:46PM +0100, Michal Suchanek wrote:
> On 31/12/2008, olafbuddenha...@gmx.net
> wrote:
> > On Tue, Dec 30, 2008 at 12:10:39PM +0100, Michal Suchanek wrote:
> If you want a POSIX system Coyotos is completely out of question.
>
> I would think that the kernel itse
On 31/12/2008, olafbuddenha...@gmx.net wrote:
> Hi,
>
>
> On Tue, Dec 30, 2008 at 12:10:39PM +0100, Michal Suchanek wrote:
> > On 27/12/2008, olafbuddenha...@gmx.net
> > wrote:
>
>
> > > The user session is obviously not the parent of all processes --
> > > that just wouldn't work in a mult
Hi,
On Tue, Dec 30, 2008 at 12:10:39PM +0100, Michal Suchanek wrote:
> On 27/12/2008, olafbuddenha...@gmx.net
> wrote:
> > The user session is obviously not the parent of all processes --
> > that just wouldn't work in a multi-user system. But all processes
> > *of the same user* are descenda
Hi,
On Mon, Dec 29, 2008 at 05:23:45PM +0100, Michal Suchanek wrote:
> What do you mean by "designed for treachery" here?
>
> A particular feature is not treacherous by itself. What we are
> speaking about here is memory protection. Is that treacherous?
Not every kind of memory protection -- bu
Am Dienstag 30 Dezember 2008 18:59:18 schrieb Michal Suchanek:
> So you would have to deny running anything less restrictive than GPLv3
> code on the system for the restriction to be enforceable and we are
> back to the GPLv3 only system which I find somewhat limited.
No, you are turning words aro
On 30/12/2008, Arne Babenhauserheide wrote:
> Am Dienstag 30 Dezember 2008 17:23:58 schrieb Michal Suchanek:
>
> > Yes, and then the application does not get the right keys to decrypt
> > the data from the device. So the ability to lie (or be root) is
> > irrelevant in this case given the protoc
Am Dienstag 30 Dezember 2008 17:23:58 schrieb Michal Suchanek:
> Yes, and then the application does not get the right keys to decrypt
> the data from the device. So the ability to lie (or be root) is
> irrelevant in this case given the protocol to obtain the keys is
> designed properly.
And that k
On 30/12/2008, Arne Babenhauserheide wrote:
> Am Dienstag 30 Dezember 2008 16:55:33 schrieb Michal Suchanek:
>
> > You can make the driver return any data you want. However, if the data
> > it returns are checksums signed by the cryptography hardware vendor
> > key then they are the real checksu
Am Dienstag 30 Dezember 2008 16:55:33 schrieb Michal Suchanek:
> You can make the driver return any data you want. However, if the data
> it returns are checksums signed by the cryptography hardware vendor
> key then they are the real checksums of the bios, boot loader, and the
> system including t
Am Dienstag 30 Dezember 2008 16:48:53 schrieb Michal Suchanek:
> > Yes they have, because with a treacherous design, they can use my free
> > tools to create parts I can't access.
>
> Yes, and the tools required are memory protection and a hardware
> cryptography device both of which are present in
On 30/12/2008, Arne Babenhauserheide wrote:
> Am Dienstag 30 Dezember 2008 14:04:52 schrieb Michal Suchanek:
>
> > You need a special hardware to verify the integrity of the system, and
> > I can imagine that in a modular system the hardware driver might work
> > without modifications to the sys
On 30/12/2008, Arne Babenhauserheide wrote:
> Am Dienstag 30 Dezember 2008 14:10:28 schrieb Michal Suchanek:
>
> > Yes, it might. It might generally create encrypted blobs usable only
> > in non-free environment.
> >
> > The choices taken during the design of the system running on your
> > com
Am Dienstag 30 Dezember 2008 14:04:52 schrieb Michal Suchanek:
> You need a special hardware to verify the integrity of the system, and
> I can imagine that in a modular system the hardware driver might work
> without modifications to the system - think one of the initial
> servers loaded with the
Am Dienstag 30 Dezember 2008 14:10:28 schrieb Michal Suchanek:
> Yes, it might. It might generally create encrypted blobs usable only
> in non-free environment.
>
> The choices taken during the design of the system running on your
> computer have nothing to do with it.
Yes they have, because with
On 30/12/2008, Arne Babenhauserheide wrote:
> Am Dienstag 30 Dezember 2008 13:21:21 schrieb Michal Suchanek:
>
> > On 30/12/2008, Arne Babenhauserheide wrote:
> > > Am Dienstag 30 Dezember 2008 11:51:05 schrieb Michal Suchanek:
> > > > And how is the computer ever going to not allow sending the
On 30/12/2008, Arne Babenhauserheide wrote:
> Am Dienstag 30 Dezember 2008 12:10:39 schrieb Michal Suchanek:
>
> > The underlying interface the two binaries use is different. However,
> > they both show a window on my screen and access the same Documents
> > folder for opening and saving files.
On 30/12/2008, Arne Babenhauserheide wrote:
> Am Dienstag 30 Dezember 2008 12:43:45 schrieb Michal Suchanek:
>
> > Yes, it does. But with DRM content protection it is not the system
> > what makes the computer useless but the services or devices outside of
> > the computer that would require a p
Am Dienstag 30 Dezember 2008 13:21:21 schrieb Michal Suchanek:
> On 30/12/2008, Arne Babenhauserheide wrote:
> > Am Dienstag 30 Dezember 2008 11:51:05 schrieb Michal Suchanek:
> > > And how is the computer ever going to not allow sending the photo?
> >
> > For example because the camera is a test
On 30/12/2008, Arne Babenhauserheide wrote:
> Am Dienstag 30 Dezember 2008 11:51:05 schrieb Michal Suchanek:
>
> > And how is the computer ever going to not allow sending the photo?
>
>
> For example because the camera is a test version where you have to pay to
> unlock the photo-sharing feature.
Am Dienstag 30 Dezember 2008 12:43:45 schrieb Michal Suchanek:
> Yes, it does. But with DRM content protection it is not the system
> what makes the computer useless but the services or devices outside of
> the computer that would require a particular version of the system. I
> do not see how you c
Am Dienstag 30 Dezember 2008 12:10:39 schrieb Michal Suchanek:
> The underlying interface the two binaries use is different. However,
> they both show a window on my screen and access the same Documents
> folder for opening and saving files.
> This is all the compatibility one ever needs for a typi
On 29/12/2008, Arne Babenhauserheide wrote:
> Am Montag 29 Dezember 2008 17:23:45 schrieb Michal Suchanek:
>
> > > Accessing some service which limits the system in a way which is
> > > incompatible with the GPLv3 (as soon as central usage gets "interfered
> > > with" when I change the code, dis
Am Dienstag 30 Dezember 2008 11:51:05 schrieb Michal Suchanek:
> And how is the computer ever going to not allow sending the photo?
For example because the camera is a test version where you have to pay to
unlock the photo-sharing feature.
You can't think of further examples?
If so, you defini
On 27/12/2008, olafbuddenha...@gmx.net wrote:
> Hi,
>
> On Tue, Dec 23, 2008 at 12:19:26PM +0100, Michal Suchanek wrote:
> > 2008/12/22 :
>
>
> > > Well, *we* don't find EROS-like persistence useful for our purpose.
> > > I never found it useful, as you might remember; and Marcus, who was
>
On 29/12/2008, Arne Babenhauserheide wrote:
> Am Montag 29 Dezember 2008 17:23:45 schrieb Michal Suchanek:
>
> > In my view trying to deny users the choice to enter contracts like the
> > one P requires is not the right way. It is morally dubious and
> > technically infeasible.
>
>
> Firstoff: A
Hi,
On Tue, Dec 23, 2008 at 12:19:26PM +0100, Michal Suchanek wrote:
> 2008/12/22 :
> > Well, *we* don't find EROS-like persistence useful for our purpose.
> > I never found it useful, as you might remember; and Marcus, who was
> > advocating it for a while, finally came to the very same conclus
Am Montag 29 Dezember 2008 17:23:45 schrieb Michal Suchanek:
> In my view trying to deny users the choice to enter contracts like the
> one P requires is not the right way. It is morally dubious and
> technically infeasible.
Firstoff: Any security against the owner of a system built on free softwa
Am Montag 29 Dezember 2008 17:23:45 schrieb Michal Suchanek:
> > Accessing some service which limits the system in a way which is
> > incompatible with the GPLv3 (as soon as central usage gets "interfered
> > with" when I change the code, distributing the system in non-source form
> > violates the
On 29/12/2008, Arne Babenhauserheide wrote:
> Am Dienstag 23 Dezember 2008 12:19:26 schrieb Michal Suchanek:
>
> > Normally you can choose how effective the 'drm protection' is - in (d)
> > you can defeat it by using the root handle. However, security
> > involving hardware encryption and verifi
Am Dienstag 23 Dezember 2008 12:19:26 schrieb Michal Suchanek:
> Normally you can choose how effective the 'drm protection' is - in (d)
> you can defeat it by using the root handle. However, security
> involving hardware encryption and verification of system integrity by
> means of hardware cryptog
2008/12/22 :
> Hi,
>
> On Thu, Dec 18, 2008 at 04:03:39PM +0100, Michal Suchanek wrote:
>> 2008/12/18 :
>
>> I find persistence and storage mechanism that works well with it quite
>> useful.
>
> Well, *we* don't find EROS-like persistence useful for our purpose. I
> never found it useful, as you
Hi,
On Thu, Dec 18, 2008 at 04:03:39PM +0100, Michal Suchanek wrote:
> 2008/12/18 :
> I find persistence and storage mechanism that works well with it quite
> useful.
Well, *we* don't find EROS-like persistence useful for our purpose. I
never found it useful, as you might remember; and Marcus,
Am Donnerstag 18 Dezember 2008 16:03:39 schrieb Michal Suchanek:
> > Only if you assume that "security that is actually usable" implies
> > hiding things from the parent process. As I already explained, we
> > believe this assumption to be fundamentally wrong. Get over it.
>
> As I said numerous ti
2008/12/18 :
> Hi,
>
> On Mon, Dec 15, 2008 at 12:09:19PM +0100, Michal Suchanek wrote:
>> 2008/12/12 :
>
>> I see that the EROS or Coyotos as a whole does not fit the
>> requirements of a GNU system but I think reusing some basic parts is
>> no worse than using any other kernel.
>
> Well, if we
Hi,
On Mon, Dec 15, 2008 at 12:09:19PM +0100, Michal Suchanek wrote:
> 2008/12/12 :
> I see that the EROS or Coyotos as a whole does not fit the
> requirements of a GNU system but I think reusing some basic parts is
> no worse than using any other kernel.
Well, if we don't use the constructor m
Hi,
On Mon, Dec 08, 2008 at 01:08:45AM +0100, Arne Babenhauserheide wrote:
> Am Freitag 05 Dezember 2008 12:40:32 schrieb Michal Suchanek:
> > If you make the POSIX layer optional then you make a sytem based on
> > capabilities, and that's what I wanted in the first place. That's
> > not how the
2008/12/12 :
> Hi,
>
> It's a bit strange to answer here, as part of the discussion seems to
> have gone on off-list. Yet there are a few things in your mail that even
> lacking context I feel compelled to set straight...
>
> On Mon, Dec 08, 2008 at 02:19:34PM +0100, Michal Suchanek wrote:
>> 2008
Hi,
It's a bit strange to answer here, as part of the discussion seems to
have gone on off-list. Yet there are a few things in your mail that even
lacking context I feel compelled to set straight...
On Mon, Dec 08, 2008 at 02:19:34PM +0100, Michal Suchanek wrote:
> 2008/12/8 Arne Babenhauserheide
Am Dienstag 09 Dezember 2008 12:54:42 schrieb Michal Suchanek:
> The driver itself does not restrict the use of the system, it only
> identifies what system you are running (among other things).
>
> It probably would not be part of a GNU system but I do not see how
> adding it would violate any lic
Am Montag 08 Dezember 2008 13:37:14 schrieb Michal Suchanek:
> However, a non-free application may require certain known version of
> the otherwise free system (and driver for hardware cryptographic
> device) to run or allow access to protected content.
This would mean that I as user could use the
2008/12/8 Arne Babenhauserheide <[EMAIL PROTECTED]>:
> Am Freitag 05 Dezember 2008 12:40:32 schrieb Michal Suchanek:
[...]
>> For me firefox can cause my media player to skip. This is because
>> firefox eats all available CPU time from time to time, and the only
>> way to prevent it from interferin
2008/12/8 Arne Babenhauserheide <[EMAIL PROTECTED]>:
> Am Freitag 05 Dezember 2008 12:31:52 schrieb Michal Suchanek:
>> 2008/12/3 Arne Babenhauserheide <[EMAIL PROTECTED]>:
>> > Am Sonntag 30 November 2008 21:08:43 schrieb Michal Suchanek:
>> >> The default distribution can then be modified to crea
Am Freitag 05 Dezember 2008 12:31:52 schrieb Michal Suchanek:
> 2008/12/3 Arne Babenhauserheide <[EMAIL PROTECTED]>:
> > Am Sonntag 30 November 2008 21:08:43 schrieb Michal Suchanek:
> >> The default distribution can then be modified to create a distribution
> >> where even the 'root' shell has som
Am Freitag 05 Dezember 2008 12:40:32 schrieb Michal Suchanek:
> > And more importantly: There is the root account which can install a
> > libpng version without the weakness.
>
> Fixing the hole after your system was compromised does not help you.
But it helps everyone else.
> > Currently the se
51 matches
Mail list logo
