[cap-talk] Selling capabilities programming
David Wagner
daw at cs.berkeley.edu
Thu Jul 19 20:19:46 EDT 2007
James Donald writes:
>But I will repeat a general observation, applicable in
>all such cases so far:
>
>Imagine a real world system, in which your mother in law
>is the system administrator and main user, and someone
>in the Ukraine is trying to get control of people's
>E-Trade accounts, so that they can use a bunch of other
>people's trading accounts to execute a pump and dump
>share scam.
>
>Envisage the user interface for your scheme, and how
>your mother in law is going to use it.
>
>Those who refuse to consider realistic cases are never
>going to heed or understand my criticisms. Those who do
>consider such cases will not need them.
Your observations are interesting and I hope you will
continue posting them. That said, let me share with you
another perspective:
Capabilities will not solve every security problem in the
world. That doesn't mean they are useless. Even if they
do not provide a complete solution (or any solution at all)
to the problem you list above -- and I am not claiming that
they do or don't -- that doesn't mean they are uninteresting
or useless.
If the problem statement is "phishing", "objcap programming
languages" might not be the answer. I can live with that.
More information about the cap-talk
mailing list