- From: Janusz Majnert <j.majnert@samsung.com>
- Date: Wed, 27 Feb 2013 08:52:51 +0100
- To: public-sysapps@w3.org
On 2013-02-27 00:11, Jonas Sicking wrote: >>> Why would the SMS API be limited to certified applications? A privileged >>> application is an application that has been marked as privileged by a >>> store that has been marked as privileged by the runtime. Why should we >>> expect such an application to not behave correctly? If Firefox OS or >>> Tizen or Webinos trusts a store and that store trusts an application >>> whether because the code has been reviewed or the author is trusted. >> >> On Android, would you trust all applications available via the Play Store? >> Or in other words - would you trust all of them the same? Or do you also >> look at user ratings, download numbers, who the author is, etc? >> You gave a good example in your other email, where you wrote about SMS API >> being abused by an app that was trusted enough to use it... > > The goal of the security model used by Firefox OS is that users can > always safely install any application from anywhere. Installing an app > doesn't need any security or privacy decisions on the user's part. > > I strongly feel that we should design the security model defined in > this group with the same goal. > > The user will have to make some runtime decisions though. Like if > sharing pictures or sharing GPS location with an application is ok. > These are more like privacy decisions than security decisions though. > For these types of decisions I would expect the user to take into > account who the author is, where the application came from etc. So if I understand you correctly, you're giving users this decision - "Do you want to share all your photos with all applications you install from the store that we trust?" I'm afraid that this approach will scare users off. /Janusz
Received on Wednesday, 27 February 2013 07:53:25 UTC