It's simple. It solves the problem that Microsoft Salesmen have. In order to sell shit, you have to make it look like gold. Cee Eee Ohs have heard it said that Microsoft software is insecure crap. Now the Microsoft Salesmen can do fancy demos with pretty colors and slick Operators Are standing By, Act Now, *New*, Don't Delay, Improved, Secure, Bells Whistles and Coolness demos and sign the suckers up. Just like the wonderful ads that peppered NYC when Ex-Pee came out saying "Reliable, and Secure." ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_@_sunder_._net_------- http://www.sunder.net ------------ On Tue, 10 Jun 2003, Nomen Nescio wrote:
I don't see how this is going to work. The concept seems to assume that there is a distinction between "trusted" and "untrusted" programs. But in the NGSCB architecture, Nexus Computing Agents (NCAs) can be written by anyone. If you've loaded a Trojan application onto your machine, it can create an NCA, which would presumably be eligible to put up a "trusted" window.
So either you have to configure a different list of doggie names for every NCA (one for your banking program, one for Media Player, one for each online game you play, etc.), or else each NCA gets access to your Secret Master List of Doggie Names. The first possibility is unmanageable and the second means that the trustedness of the window is meaningless.
So what good is this? What problem does it solve?