Just to point out another point of mine you overlooked:
On Sun, 27 Aug 2006, Aine Douglas wrote:
> On 8/27/06, paul at clubi.ie <paul at clubi.ie> wrote:
>> Simply put: If the public key crypto is done in software on the host,
>> it's just unavoidable for the secret key to end up in user-readable
>> memory as things stand.
> Technologies have moved on since you've learned this one.
No they havn't. I was specific in referring to systems /today/.
Also, you are conflating expertise with control.
You seem to assume that because the vast majority of users do not
have the expertise required to exert their control of the /original/
software, that therefore they have no control.
You are wrong. Just look go look at some of the other fields of
software-only "user control", such as "content protection" for
audio/visual data and games. Look how successful it is.
It just takes *one* person with the expertise to allow /all/ the
users to exercise the control they instrinsically have over software,
with todays systems.
Look at XBox: MS controlled everything in it, but it still was
vulnerable, and primarily through vulnerabilities in 3rd party
1. 'fully trusted' systems, i.e. those systems which trust
the hardware maker and OS vendor rather than their owner, don't
exist today and are largely a pipe-dream IMHO, at least for
widespread use, for several reasons.
Paul Jakma paul at clubi.iepaul at jakma.org Key ID: 64A2FF6A
Translation of the Latin "caveat emptor."
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!