2010-03-31

adde's security

3.23: adde/security:
. how does user data remain private
when that privacy depends on not having net access,
but then it can still access another program
that does have net access ?
3.31:
. app's are not communicating directly;
rather, they message each other and the internet
only through the os, addx,
and this arrangement offers several tools:
. only isolated app's connect with the net .
. app's that contact both the net and the user
can raise an alert to check that app's
trust settings .
2313:
. all user input goes through the user`agent,
which can assist in protecting user privacy .

3.25: adde/security/networking controls:
. after reading about flash being
a complete programming language
I wondered how adde can protect the user
without bugging them ?
. does the current design already take care of this?
the only time it matters that a program
communicates with its home site
is when it also has access to local personal data .
. for an app like an editor that also has
a pane that needs web access,
the program could come as a package of 2 modules:
the edit.module wouldn't have web access,
and the web.module wouldn't have files access .
. the editor pkg would provide suggestions for
how to arrange the panes for each module,
but adde and the user would have final say over that .
3.31:
. adde is checking the module capabilities
so as to enforce trust settings .

3.27: adde/multi-casting:
. from a dev.android thread:
"(I'm pretty sure that's not possible to
generate a broadcast event when the alt key is pressed,
instead of letting the current application consume it.) .
. part of special permissions should include
app's or services explaining that they are sniffing input
from what you would think is going to the app in focus .