W3C home > Mailing lists > Public > public-webappsec@w3.org > December 2012

Re: Comment on WD-UISafety-20121120

From: Giorgio Maone <g.maone@informaction.com>
Date: Tue, 18 Dec 2012 22:39:48 +0100
Message-ID: <50D0E2A4.5000905@informaction.com>
To: Kimmo.A.Puranen@nokia.com
CC: public-webappsec@w3.org
Hello,

As far as I know "safety" has not been preferred to "security" for any
particular strong reason.

Personally,  unless it's deemed an excessive administrative burden, I'm
not against turning the document's name into "UI Security", especially
if it actually helps terminology consistence with  related specifications.

"UI Integrity" might be even more specific and descriptive.

Regards
-- G  

On 04/12/2012 13:53, Kimmo.A.Puranen@nokia.com wrote:
> Hello!
>  
> I just quickly glanced through the document (WD-UISafety-20121120) and immediately I was wondering why the term "safety" is used in context (or instead) of "security"? 
>  
> This may sound a bit nitpicking, sorry about that, but we have tried to be quite consistent when talking about safety vs. security. Safety is mostly about protecting the consumers or any persons health (or environment, or material damage, or other electrical devices for example) and preventing any injuries or unwanted side effects, which may be caused by too high voltage/current, temperature, radiation, sharp edges, explosions (e.g. battery safety with mobile devices), electromagnetic interference, too loud sound level or light intensity (lasers/flashes, for example) etc.
>  
> Whereas security is more appropriate term when it is question about protecting the user (or system provider/device manufacturer/etc) data, information, system integrity, contents, software assets, privacy, misuse, credentials, sensitive personal details etc. Security is also about protecting the user or systems from hacking, malicious software, misuse, and crime, in general. 
>  
> As an example, when the paper text was about UI safety, I immediately get an impression that someone is trying to protect e.g. eyesight or hearing by limiting too high light intensity, flickering (which may cause epilepsy) or playing music too loud, for example.  
>  
> The division between the terms safety and security is quite well-established throughout security community, so I suggest that you at least ask yourselves, is there any specific reason why the term "safety" has been used in context of this paper? 
>
>  
>
> VBR,
>
>  
>
> Kimmo.A.Puranen@nokia.com
>
> Senior Product Security Technology Mgr.
>
> SD Nokia Lumia Quality
>
> Global Quality Operations/Nokia Product Security
>
> Mobile: +358504801823
>
>  
>
Received on Tuesday, 18 December 2012 21:40:14 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 18 December 2012 21:40:14 GMT