"The more I find out, the less I know."
|
Weather at the Frozen North
This is my personal blog. My professional blog is The Customer Service Survey I've written a book called Gourmet Customer Service. You can buy it on Amazon. (in)Frequently Asked Questions AIM Screen Name: DFNfrozenNorth
Categories
Statistics
Last Updated: Aug 07, 2008 03:29 PM
|
Wednesday - February 14, 2007 at 02:05 PM inSecurity through Segmentation
Here's an interesting article about the security model for the $100 laptops. Basically, they're relying on extreme segmentation--each application plays in its own sandbox, so malicious software can't do anything to the system or applications even if it gets installed.
It also looks like they're using secure application signing as a ways to give applications access to resources outside their sandbox--possibly a weakness (if they key is ever compromised), but better than what anything else does today. I've thought about this idea in the past, and it's very sensible. Very few applications actually need to access data and resources from other applications, and allowing open communications creates a lot of opportunities for mischief. Posted at 02:05 PM | Permalink | | | |