Email or username:

Password:

Forgot your password?
All posts Yarmo's posts Post Back to profile
Top-level
CMDR Yojimbosan UTC+(12|13)

@deshipu @yarmo The 'app store' or mobile-phone-os approach seems like its catching on.
We need a desktop OS that treats non-core software like a potential threat, rather than an obviously-trusted insider.

6 Jul 2022 at 21:22 | Wall-to-wall | Open on hackers.town
5 comments
ɗℯʃƕρʋ
CMDR Yojimbosan UTC+(12|13)

@deshipu @yarmo Only sort-of ... Qubes has containers for "a task", and IIRC you can add whatever software you like to that task/domain. (not sure what terminology they use, but each domain is basically a VM+OS, not protected apps)

6 Jul 2022 at 21:25 | Open on hackers.town
ɗℯʃƕρʋ

@yojimbo @yarmo I've heard somewhere that originally UNIX was not supposed to have the open() call exposed to user applications -- you could only manipulate the files you got as stdin, stdout and stderr. Then you could add an open() call that required user interaction to select the file -- handled by the system, not the program. It would solve a lot of problems. Unfortunately, the UNIX security focused on protecting the mainframe from the students that used it, not them from each other.

6 Jul 2022 at 21:29 | Open on mastodon.technology
Rodolphe

@deshipu @yojimbo @yarmo I'd say SubgraphOS is closer to that than Qubes is. Qubes is using containers whereas Subgraph uses sandboxing. Linux can already do all that, it just that we're lacking the UI to manage that.

7 Jul 2022 at 9:23 | Open on microblog.lunai.re
CMDR Yojimbosan UTC+(12|13)

@rodolphe @deshipu @yarmo Cool, I hadn't seen SubgraphOS before.

My first thought is that it's combining security-from-applications with anonymity-from-the-internet using Tor, and I'd rather concentrate on the app security end. github.com/subgraph/oz/wiki/Oz looks like that piece, I'll enjoy reading about it ...

7 Jul 2022 at 19:53 | Open on hackers.town
Go Up