Links for 20 January 2009 through 24 January 2009

Stilgherrian’s links for 20 January 2009 through 24 January 2009:

  • VPNOut: “VPNOut provides secure and anonymous VPN access that can break through firewalls.” And past censorship.
  • Apple’s 1987 Knowledge Navigator Video | YouTube: A remarkable “concept video” looking at how we might use computers and the Internet in “the future”, i.e. now.
  • EGovernment nets most callers: survey | PS News: A Department of Finance and Deregulation survey has found more Australians now contact the Government via the internet than they do by phone or in person.
  • Cursebird: What the f#@! is everyone swearing about?: Apparently on Twitter I swear “like a George Carlin Wannabe”. I’m ranked 355th in the world, putting me in the very top percentile. I wonder what the stats would look like for Australians only?
  • 7 Steps To Build A Startup From Scratch With No Money | YoungEntrepreneur.com Blog: What it says.
  • Dark Dungeons | Chick Publications: This book from a well-established evangelistic Christian publisher, points out the evils of role-playing game Dungeons & Dragons.
  • Obituary: Sir John Mortimer | guardian.co.uk: Geoffrey Robertson’s obituary of Sir John Mortimer, creator of fictional lawyer Rumpole of the Bailey and a decent lawyer in his own right. Apparently in his youth Mortimer “encountered with interest the bookshop-owning lesbians who had taken opium with Cocteau, and a prim, elderly lady who had, in her youth, urinated regularly upon pioneering sexologist Havelock Ellis.” Goodness me.
  • Schapelle Corby Tour: “My name is Eddie Hutauruk and I have been running tours in Bali for over 8 years. Schapelle Corby Tours is our latest venture, and is fully respectful of Schapelle and her situation… Schapelle Corby is a convicted Australian drug runner, and my tours allow people to see Schapelle in her cage at Kerobokan Prison in Bali. Tours can be arranged for most days of the week and pick-up is possible from most Bali hotels.” Very clever.
  • Folk Devils and Internet Safety | Daithí mac Sithigh’s blog on cyberlaw & media law: Another view on the report of the Internet Safety Technical Task Force which said, amongst other things, that the risks of bullying online are far more important that worrying about the rare instances of adults soliciting for sex.
  • A chat with Fake Stephen Conroy | ZDNet Australia: What is says. Rather amusing, I reckon. And no, I am not Fake Stephen Conroy. But I have my suspicions about who it really is…

Who do you trust? Everyone!

When it comes to security, every desktop computer operating system is fundamentally flawed. Why? Because any software you run has the same permissions that you do. Anything you can do, they can do too — whether you want that or not.

Speaking at the AusCERT conference on Monday, Ivan Krstic, director of security architecture for the One Laptop per Child project, says the computing industry relies on “utterly obsolete concepts and assumptions” and has “massively failed when it comes to desktop security”.

The way modern desktop security works is by relying on the user to make informed and sensible choices on things they don’t understand.

The early personal firewall software was a classic example:

A dialogue would pop up and say ‘Hi, we’ve intercepted this packet with this TCP sequence number and these flags set, and SYN and FIN are both on, and here are the destination ports and the source ports and here is a hex dump of the packet. Allow or deny? What do you think?’. Who is that protecting? It’s protecting me, but I don’t need that kind of protection in the first place.

The Apple Blog was sarcastic when they reported Krstic’s speech — I suspect because arrogant OS X users think security issues don’t apply to them — so I posted a response

Continue reading “Who do you trust? Everyone!”