[cap-talk] The Limits of POLA's Utility - Social Engineering

Wed Jun 7 21:26:21 EDT 2006

I wrote

>>Yes. But I wonder if there isn't a case for building systems 
>>that protect users against themselves.
>>    
>>
>
>  
>
Marc Stiegler wrote:

>Sounds like a Microsoft plan (or a Soviet plan :-). I have to say, my
>preferred answer is to ensure people understand the choices they are
>making, and then let them choose.
>
David Hopwood also wrote:

>That's a rather political question!
>
>No and hell no. Reducing the chance of *inadvertent* mistakes is one thing;
>"protecting" users against doing things they want to do and are authorized
>to do, as for Bob in this example, is another thing entirely.
>
Sorry I should have been more precise. Allow me to correct myself, even 
though its off topic, just so I can set the record straight. I'm not in 
favour of reducing Bob's liberty in any way. I didn't mean to imply 
otherwise.

If Bob ultimately wants to use the virus then noone should be trying to 
stop him (except perhaps some sysadmin that owns the work machine that 
he might be using, for example). But Bob might have been suckered by his 
own curiosity, rather than malice. Bob should have every chance to 
become aware of the risk he is exposing himself to by accepting the 
virus. He also should have every chance to become aware of the rights of 
Alice that he is violating in accepting the virus. This might dissuade 
the casual curious user who might otherwise accept the virus.

I'm not saying that making Bob aware of this stuff is necessarily the 
job of the guy who writes the POLA operating system, or whatever, 
though. If Bob were made aware of these things and wasn't acting on 
malice, it might help make both Alice and Bob safer without reducing 
anyone's liberty.

I said the following, trying to give some motivation for why we might 
want to "protect users from themselves"

>>There are quotes from 
>>the Federalist papers (if I remember correctly) that motivate 
>>the design of the governmental system with language like 
>>"ambition must be made to counteract ambition", "if all men 
>>were angles government wouldn't be necessary". Surely, these 
>>are arguments along the lines of "The system must protect 
>>users against their own [bad] nature, for the good of all".
>>    
>>
Marc Stiegler responsed:

>This is not the point of the Federalist papers. The point of those
>arguments was not to protect people from themselves, but rather to
>protect people from government, which only incidentally happens to be
>run by (untrustworthy) people. 
>  
>
Good point. My analogy was off-base. Thanks for pointing it out.

>It is important that we do not allow our computers to compromise the
>10th amendment the way the government has :-)
>  
>
Indeed. I hope I've made it clear that I hadn't meant to suggest this.

-- 
Toby Murray
Advanced Computer Capabilities Group
Information Networks Division
DSTO, Australia

IMPORTANT: This e-mail remains the property of the Australian Defence
Organisation and is subject to the jurisdiction of section 70 of the
Crimes Act 1914. If you have received this e-mail in error, you are
requested to contact the sender and delete the e-mail.