[cap-talk] Selling capabilities programming

James A. Donald jamesd at echeque.com
Sat Jul 21 04:31:52 EDT 2007 

James A. Donald:
 > > Imagine a real world system, in which your mother in
 > > law is the system administrator and main user, and
 > > someone in the Ukraine is trying to get control of
 > > people's E-Trade accounts, so that they can use a
 > > bunch of other people's trading accounts to execute
 > > a pump and dump share scam.
 > >
 > > Envisage the user interface for your scheme, and how
 > > your mother in law is going to use it.

David Hopwood
 > I don't have a mother-in-law, but the general problem
 > of phishing attacks,

E-Trade is primarily under Trojan and virus attack, not
phishing attack.

James A. Donald:
 >> Those who refuse to consider realistic cases are
 >> never going to heed or understand my criticisms.
 >> Those who do consider such cases will not need them.

David Hopwood
 > You did not answer my question.

In fact I did.  Perhaps I could have been clearer, but
have better things to do than address those who do not
wish to listen.

 > Do you, in fact, know of any specific goals that
 > capability systems are claimed to achieve, that are
 > mutually conflicting?

"Capability systems" can do lots of things depending on
how they are written.

"protected capability systems" cannot do many of the
things they are alleged to do, things which are
incorrectly alleged to be vital for containment.  I
explained why earlier.  Perhaps my explanation was
unclear, but the response was such that it seemed
pointless to attempt a clearer explanation.

Repeating the explanation in different words, though no
more detail:  One cannot enumerate all entities over a
network and all capabilities owned by those entities,
because some capabilities need to cross property
boundaries - therefore such enumeration would violate
privacy, and the control required for such enumeration
would violate property rights.  Further, the
installation and configuration of software required for
such enumeration would require excessive cooperation and
coordination by individuals whose diverse interests are
not necessarily aligned - the software would be
unworkably complicated to install and configure.

More information about the cap-talk mailing list