Web-Dedicated Metacard

Richard Gaskin ambassador at fourthworld.com
Tue Dec 24 00:42:01 EST 2002 

The security concerns raised here are valid and serious.  But as with the
rest of the Internet, they are show-stoppers for only a subset of uses.

For things taking place inside a browser window, folks have indeed become
accustomed to such things not having file I/O or access to system resources
which could compromise security.

But a lot of what people do with the Internet takes place outside of a
browser, such as trading files through P2P systems like GNUtella, and the
thousands of applications that are downloaded daily from software vendors
like Adobe and Macromedia, and sites like Tucows, Download.com, etc.
Indeed, in the absence of a browser plug-in for Rev, everything that can be
done in Rev must take place outside of a browser.

So while it is very worthwhile pursuing security options to support all
uses, we needn't wait for the completion of such features before enjoying
the benefits of downloadable stacks for a subset of uses, any more than
folks stopped downloading EXEs once browsers got security features for Java
applets.

When you download a Rev stack you are essentially downloading an
application, with all the access to your system that any EXE, DLL, or other
executable file can have.

With all of its security technology, when it comes to downloading EXEs the
browser still relies on the oldest mechanism available: individual
judgement.  Before starting such a download, the browser presents a dialog
that asks, in effect, "Do you trust the owner of this domain?"

At a minimum, any system that downloads and runs stack files should display
the URL, at least in a status field as a browser does.  This way the user
knows where the file is coming from and can exercise judgement in whether
they want to do so.

And while we roll out systems based on HTTP-transferred stack files, we
should continue to explore solutions for both categories of security
concerns:

- Client-side protection ("Can the downloaded file damage my system?")

- Transmission protection ("Can my communications over TCP be intercepted
and read by others?")

These are very difficult issues to overcome.  For all the billions spent on
attempting to provide security mechanisms, billions more are spent cleaning
up damage from those who find a way around them.

For many uses (such as hospitals and other orgs where downloading EXEs is
forbidden), having at least a modest level of security will be seen as
essential for adoption.

For all other uses, distributing stack files is not just as good as
distributing standalones, given the small file size and interoperability
it's better.

-- 
 Richard Gaskin 
 Fourth World Media Corporation
 Developer of WebMerge 2.1: Publish any database on any site
 ___________________________________________________________
 Ambassador at FourthWorld.com       http://www.FourthWorld.com
 Tel: 323-225-3717                       AIM: FourthWorldInc

More information about the metacard mailing list