headers
Tom Van Cutsem | 30 Mar 2012 09:59
Picon

Membranes

Hi,


I've written up an introductory article on E-style membranes in Javascript. This may be useful if you need to convince someone that it's possible to create revocable ocaps on entire object graphs:


Cheers,
Tom
_______________________________________________
cap-talk mailing list
cap-talk@...
http://www.eros-os.org/mailman/listinfo/cap-talk
Permalink | Reply |
headers
David Wagner | 30 Mar 2012 19:13
Picon
Favicon

Re: Membranes

Tom Van Cutsem  wrote:
>I've written up an introductory article on E-style membranes in Javascript.
>This may be useful if you need to convince someone that it's possible to
>create revocable ocaps on entire object graphs:
>
>http://soft.vub.ac.be/~tvcutsem/invokedynamic/js-membranes

Thank you!

You might also enjoy this research paper:

Object Views: Fine-Grained Sharing in Browsers.
Leo A. Meyerovich, Adrienne Porter Felt, and Mark S. Miller.
WWW 2010.  http://www.cs.berkeley.edu/~afelt/views-www-2010.pdf 

It discusses how to use membranes to implement sophisticated,
fine-grained access control to Javascript objects.
Permalink | Reply |
headers
James A. Donald | 31 Mar 2012 04:52
Favicon
Gravatar

What parts of a url are safe?

Bookmarks are a very convenient place to store secrets, especially 
secrets that are not human readable, but not a very safe place to store 
secrets.

Unfortunately browser are apt to send copies of urls off to all and sundry.

What parts of a url are supposed to be safe to have secrets in?

If an addon or a plugin were to phone home with full urls, rather than 
expurgated or truncated urls, would the addon be plausibly accused of 
being spyware, and, if so accused, corrected to truncate the url to 
avoid being placed on a spyware list?  Are there some parts of urls that 
are not supposed to be passed around to all and sundry, that are 
supposed to be safe to have secrets in?
Permalink | Reply |
headers
David Barbour | 31 Mar 2012 05:50
Picon

Re: What parts of a url are safe?

Nothing in the URL is safe. You could hide capabilities in cookies, but that often defeats the purpose.


Consider creating a safe bookmark repo - encrypting the bookmark file with a password, for example. And maybe a browser plugin that `blacks out` large base16 or base32 strings in the URL address bar, but allows copy and paste.

Regards,

Dave

On Fri, Mar 30, 2012 at 7:52 PM, James A. Donald <jamesd-twz8Zj9/99tBDgjK7y7TUQ@public.gmane.org> wrote:
Bookmarks are a very convenient place to store secrets, especially
secrets that are not human readable, but not a very safe place to store
secrets.

Unfortunately browser are apt to send copies of urls off to all and sundry.

What parts of a url are supposed to be safe to have secrets in?

If an addon or a plugin were to phone home with full urls, rather than
expurgated or truncated urls, would the addon be plausibly accused of
being spyware, and, if so accused, corrected to truncate the url to
avoid being placed on a spyware list?  Are there some parts of urls that
are not supposed to be passed around to all and sundry, that are
supposed to be safe to have secrets in?
_______________________________________________
cap-talk mailing list
cap-talk-r2jiIPW7MOYEUp5O9OQuKg@public.gmane.org
http://www.eros-os.org/mailman/listinfo/cap-talk



--
bringing s-words to a pen fight
_______________________________________________
cap-talk mailing list
cap-talk@...
http://www.eros-os.org/mailman/listinfo/cap-talk
Permalink | Reply |
headers
James A. Donald | 31 Mar 2012 06:29
Favicon
Gravatar

Re: What parts of a url are safe?

On 2012-03-31 1:50 PM, David Barbour wrote:
> Nothing in the URL is safe. You could hide capabilities in cookies, but
> that often defeats the purpose.

That cannot be right, as login urls frequently contain passwords and 
suchlike.
Permalink | Reply |
headers
Rolf Rander Næss | 11 Apr 2012 08:00
Favicon

Re: What parts of a url are safe?

On Sat, Mar 31, 2012 at 04:52, James A. Donald <jamesd-twz8Zj9/99tBDgjK7y7TUQ@public.gmane.org> wrote:
What parts of a url are supposed to be safe to have secrets in?

If an addon or a plugin were to phone home with full urls, rather than
expurgated or truncated urls, would the addon be plausibly accused of
being spyware, and, if so accused, corrected to truncate the url to
avoid being placed on a spyware list?  Are there some parts of urls that
are not supposed to be passed around to all and sundry, that are
supposed to be safe to have secrets in?

URL-s are typically stored in full both in the browser history and in server logs.  If you go through a proxy (perhaps transparent), they are stored there as well.  In addition, if the connection doesn't use https, it is available to all routers/switches etc the connection passes thorugh.

It is reasonable to assume that all software running on the client, and all people having access to the server can read the URL-s in full.

I don't know if there exists a commonly accepted definition of "spyware", but there is probably a border between sending your own data to a server and sending some other applications data to a server.  In general, the information sent from client to server (using URL or other means) should be on a "need to know" basis.


regards

rolf rander

_______________________________________________
cap-talk mailing list
cap-talk@...
http://www.eros-os.org/mailman/listinfo/cap-talk
Permalink | Reply |

Gmane