At 11:57 PM 2002-07-07 -0700, Chuq Von Rospach wrote:
>Nick made a number of comments I mostly don't agree with (HTML is not a
>programming language. It's a markup language. His statement, if true, also
>makes the statement "wordstar is really a compiler" also true, which it's
>not.
No, it is an interpreter. Difference -- a programming language does not
always imply a compiler. Wordstar, and Microsoft Word, and the html
viewers you use are all interpreters, as much as Javascript is interpreted.
All of these things have "intended actions" and (likely) "unintended
actions", situations where you can feed them invalid input and get them to
do unexpected (by the original coder) things. (As opposed to the typical
Word Macro Virus issue, where the virus is actually written in the macro
language and uses the ordinary language facilities). The number of
unintended actions is likely correlated to the general care used by the
coder, the language used, the standards and procedures used, and so forth.
This goes back to the "Use a viewer rather than Microsoft word to look at
your documents." It may work by limiting intended actions, as the viewer
may be missing the macro language that is bundled into full word, but it
may not limit unintended consequences --- the document may well have
overflows that translate into arbitrary code execution.
> HTML has had stuff tossed onto it, whether it's javascript or java
>applets or activex or whatever, and those things ARE active code pieces --
>but they are NOT HTMl. Pure HTML is benign. It can be used to bring in
>non-benign pieces, but that doesn't mean HTML is non-benign, and that's
>where you get the ability to protect the user from those non-benign
>pieces...) -- and other than the previous, I'll disagree without comment
>because most of the disagrements are philosophical.
Perhaps, and perhaps things are just definitions. I will agree with you
that the intention of pure HTML (that is, HTML without intended scripting)
is to be a benign markup language. How well it succeeds at that is relative
to how well the interpreter is written.
>But he also said something on the order of "stop protecting against viruses,
>too" -- and in many ways, he's correct. We CAN, actually, simply go to a
>caveat emptor approach.
That was a sarcastic strawman.
>Nick is running up the strawman that if we can't do everything, all the
>time, then don't do anything. That obviously fails, but it's a wonderful
>rhetoric.
I agree that it obviously fails. The point is to do as well as we
can. This leads to my point in the final paragraph...
>My counter-argument is that we have a responsibility to do what we can
>safely and reasonably, help users understand the risks where we can't
>provide that safe harbor, but at the same time, we have to be very careful
>about what things we choose to put into our purview of responsibility.
>
>Protecting end-users form viruses is a no-brainer. We can do it for the most
>part pretty well. Viruses serve no useful or constructive purpose. Even if
>Joe sixpack doesn't care if he gets infected, we do, because his infection
>impacts other users elsewhere (and from the public health real world
>analogy, there's a precedent of isolation and forced innoculation even
>against the wishes of the user we can adopt).
>
>But when you start talking about HTML and web bug issues, it gets a lot less
>clearcut. YOU may feel strongly about privacy issues, but does running a
>mail list give you the right to force your privacy views on your users?
My definition of my mailing lists is that I am not simply a xerox
machine. I decide what to forward to my users and what not to. You have
already agreed that my approach is a good idea, the question is, where do
you stop? There are probably users who disagree with removing viruses from
the mailing lists --- but I don't care that much.
For example, I noted in a separate message that I remove some headers from
e-mail, and not only errors-to. I also remove all headers that generate
those "The user has requested notification that you read their message,"
or "the originating user has flagged this message as important." I add
footers. I automatically filter for other content and edit it.
Let's put it a different way: Supposing you do remove web bugs and
scripting. Will any of your users notice? Will any care?
>With
>viruses, there's a clear "protection of the commons" need here. You can't
>have someone with mumps running around the pregnant women. But that is far
>from clear on privacy. If the user doesn't care about web bugs, what gives
>you the right to force your view of that on them? Where does that privacy
>issue become one of the commons, where failing to protect users causes
>damage to that commons?
If you consider your lists to be a commons, that also means that you
recognize the right of people to post handbills there. I don't. But the
precedence is that, (even if you consider yourself a common carrier) is
that common carriers have generally protected the privacy of their users
until and unless the users have asked that their privacy be discarded.
>I just don't believe it's there. I do believe list admins can evangelize
>their views, but where virus fighting is an attempt to mitigate damage
>caused ot the commons we all use, this privacy stuff is instead an attempt
>to force a personal agenda on the users of the list, where you effectively
>are telling the users what they have to believe -- and that coercion doesn't
>come with any justification of common need like the virus hacks do.
Sure it does: The protection of their e-mail addresses from exposure to
harvesters. And the protection of their privacy.
For example, someone could sign up to one of my lists with their real
e-mail address, and never post. Their e-mail address is not available to
the public. I no longer, for example, allow "who" or "which" commands by
non-admins (at the user's request initially, I had not thought of it at
that point, this was some time ago). But if I allow the transmission of web
bugs, or HTML scripting in the archives that opens them to cross site
scripting vulnerabilities, their addresses and privacy are not protected.
>So in one case you're taking action for common good and protecting users who
>may be incapable of that action themselves. But in another, it's effectively
>saying "you have to do it my way", but without the damage to the commons
>that comes from inaction. One is the health department locking up people
>with active TB so others don't get it. The other is Greenpeace blockading an
>Esso station because they feel you shouldn't be buying gas there.
It is more like, "The phone company insisting that they will not install a
pen register on your line unless presented with a warrant." You
know? Probably 80-90% of the people would not care if the government could
get a pen register without a license.
>Do you, as list admin, have the right to act as greenpeace? I don't believe
>so.
I don't think your analogy is at all correct. You might think it is, but
that is because your world view is warped from too much use of apple
computers. :-)
My other point is that you have to do it anyway to make the archives safe
for viewing. You might as well make the archives representative of the
actual content distributed on the list.
--
"Forgive him, for he believes that the customs of his tribe are the laws of
nature!"
-- George Bernard Shaw (1856-1950)
Nick Simicich - njs@scifi.squawk.com
Follow-Ups:
References:
|
|
