W3C home > Mailing lists > Public > public-webappsec@w3.org > December 2012

Comment on WD-UISafety-20121120

From: <Kimmo.A.Puranen@nokia.com>
Date: Tue, 4 Dec 2012 12:53:39 +0000
To: <public-webappsec@w3.org>
Message-ID: <FD9B061A58EF85479E23F1C2AE9F393C08A2F711@008-AM1MPN1-027.mgdnok.nokia.com>
Hello!



I just quickly glanced through the document (WD-UISafety-20121120) and immediately I was wondering why the term "safety" is used in context (or instead) of "security"?



This may sound a bit nitpicking, sorry about that, but we have tried to be quite consistent when talking about safety vs. security. Safety is mostly about protecting the consumers or any persons health (or environment, or material damage, or other electrical devices for example) and preventing any injuries or unwanted side effects, which may be caused by too high voltage/current, temperature, radiation, sharp edges, explosions (e.g. battery safety with mobile devices), electromagnetic interference, too loud sound level or light intensity (lasers/flashes, for example) etc.



Whereas security is more appropriate term when it is question about protecting the user (or system provider/device manufacturer/etc) data, information, system integrity, contents, software assets, privacy, misuse, credentials, sensitive personal details etc. Security is also about protecting the user or systems from hacking, malicious software, misuse, and crime, in general.



As an example, when the paper text was about UI safety, I immediately get an impression that someone is trying to protect e.g. eyesight or hearing by limiting too high light intensity, flickering (which may cause epilepsy) or playing music too loud, for example.



The division between the terms safety and security is quite well-established throughout security community, so I suggest that you at least ask yourselves, is there any specific reason why the term "safety" has been used in context of this paper?

VBR,

Kimmo.A.Puranen@nokia.com
Senior Product Security Technology Mgr.
SD Nokia Lumia Quality
Global Quality Operations/Nokia Product Security
Mobile: +358504801823
Received on Thursday, 6 December 2012 12:58:59 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 6 December 2012 12:59:00 GMT