[cap-talk] Capabilities and Freedom vs. Safety

[James A. Donald]

 > > > Could you detail how a Trojan or malware could be
 > > > designed as to effective when run confined?

James A. Donald:
 > > Imagine a program that plays music, and gets free
 > > legal music off the internet, and organizes your
 > > music files and reports your music files to the RIAA
 > > through backchannels that exist during its downloads
 > > of free legal music.

Pierre THIERRY
 > That sounds like an application of the Principle of
 > Most Authority... Why would I ever want to have a
 > single program have so much authority at once?
 >
 > Why wouldn't I just have the following separated
 > programs:
 >
 > - one to play music (only authorities: reading files I
 > ask to play and
 >   sound output),
 > - one to organize my music (authority: reading all my
 > music files, maybe
 >   some kind of powerbox to delete them),
 > - one to download music (authority: restricted network
 > access and adding
 >   new files to an incoming directory),

The you have to download music, then run another program
to play what you just downloaded - you the human has to
transport information between these two programs by
hand.

An all in one program provides substantial convenience.

More convenient to play as it is being downloaded, and
after the song is finished, decide to add it to your
file collection, or not.  And then of course you want to
browse your file collection.  Inconvenient to switch
programs at that point. You could browse it with the
standard file powerbox, in which case the program would
only detect copyrighted music when asked to play it,
though that would be bad enough, but it is useful to
browse your music file collection organized as music, in
which case the program would need to be empowered to
detect all of it.