- From: Dan Schutzer <dan.schutzer@fstc.org>
- Date: Sun, 11 Feb 2007 07:13:34 -0500
- To: "'Mike Beltzner'" <beltzner@mozilla.com>, <public-wsc-wg@w3.org>
- Cc: "'Dan Schutzer'" <dan.schutzer@fstc.org>
I agree and this is what we are trying to accomplish when we recommend a safe browsing mode -----Original Message----- From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org] On Behalf Of Mike Beltzner Sent: Friday, February 09, 2007 9:04 AM To: public-wsc-wg@w3.org Cc: dan.schutzer@fstc.org Subject: Re: One laptop per child project security model. It seems to me that what OLPC is doing is very similar to what Tyler's group is doing at HP with their Polarized applications. I definitely think that our goal should be to figure out ways to protect users without asking questions. Sandboxing connections, not allowing one context to reach another, generally assuming that web pages don't need access to each other's data -- all great starts. Where it doesn't help us is with attacks that use spoofing and identity fraud; but there are still lessons to be learned here, such as avoiding dialogs wherever possible, focusing on user task, and trying to make smart choices on the user's behalf so they don't have the ability to shoot themselves in the foot. cheers, mike
Received on Sunday, 11 February 2007 12:14:04 UTC