undefined | Better HN

0 pointsmrusme9mo ago0 comments

How?

0 comments

By following the principle of least privilege. Like with apps the user should only have privileges for what they are allowed to control and nothing more. So if the user should have privilege to disable apps, then the settings app could expose a way for the user to do so.

Yes, this is kind of approach of coming up with a design to security instead of going with the easy route of everything being allowed is harder to do and takes more time, but it leads to better security.

tsegers9mo ago

I believe that the top-level comment you replied to is making the point that there should not be any authority that either allows or disallows what a user can do with the device they own. Purchasing a device should make one that authority, free to decide how much security to trade for how much privilege.

charcircuit9mo ago

But really it's all about framing. For example on desktop computers it's not possible for people to create new instructions for their CPU to handle. At some layer there will be an API that user needs to use to interact with the device. As times goes on I think it's natural for that layer that users are expected to interact with their device with to become higher level. I believe the top level comment is framing this issue such that current phones don't have an API that matched how it worked for UNIX computers and that is a bad thing. The commenter is too focused on how things worked in the past and doesn't want to allow for things to change.

arendtio9mo ago

Okay, and how am I going to give the user the right to wipe all software from the device and use a completely custom software?

I mean, we all agree that such permissions are not required during everyday operations, but there should be a way for the consumer to have control over the software being used. And I mean all aspects of the software: firmware should be updatable, the OS should be replaceable, and the security concepts within the OS should be customizable by the user as well. I have no problem with hiding such functionality and requiring users to read the documentation to find out how it can be done, but it should still be possible.

charcircuit9mo ago

Sure, but such a product requirement can be made to be legally required without legally requiring root access.

burnt-resistor9mo ago

By having a "maintenance mode" that can be entered and left.

peterbraden9mo ago

Maintenance mode == root

burnt-resistor9mo ago

You're projecting your meaning of it, not mine. Not if it can't be undone in a way other than reinstalling everything. A mode that allows changing things with a temporary reduction of security system-wide and restoring them later, but putting all of the upgrade and support liability on the user without sacrificing functionality. Think VMware ESXi. If tech support wants to not support it, that's fine, but payments and such should still work.

j / k navigate · click thread line to collapse

0 comments

charcircuit9mo ago

tsegers9mo ago

charcircuit9mo ago

arendtio9mo ago

Okay, and how am I going to give the user the right to wipe all software from the device and use a completely custom software?

charcircuit9mo ago

Sure, but such a product requirement can be made to be legally required without legally requiring root access.

burnt-resistor9mo ago

By having a "maintenance mode" that can be entered and left.

peterbraden9mo ago

Maintenance mode == root

burnt-resistor9mo ago

j / k navigate · click thread line to collapse