[LINK] Why Steve Jobs Insists on HTML5

Kim Holburn kim at holburn.net
Tue Oct 12 11:29:05 AEDT 2010


On 2010/Oct/12, at 11:12 AM, Steven Clark wrote:

>  On 12/10/2010 7:27 AM, Jan Whitaker wrote:
>> At 07:16 AM 12/10/2010, Roger Clarke you wrote:
>>
>>> Mr. Kamkar and privacy experts say that makers of Web browsers  
>>> should
>>> agree on one control for eliminating all tracking capabilities at
>>> once. "There should be simple enough controls to take care of every
>>> single thing," said Ms. Dixon, who added that some browsers
>>> automatically collected large amounts of data unless a user told  
>>> them
>>> not to.
>> This is all backwards. Why not block ALL storage except without
>> specific permission? What happened to Opt-*IN*?
>
> It's well recognised that opt-out reduces the number/percentage of
> people who are not captured. (for example, the difference between
> European countries with high organ donor levels and low donor levels  
> is
> in large part explained by opt-out vs opt-in.)
>
> In short - people tend not to bother changing default options; so  
> choose
> the default *you* prefer for them, and they'll largely just go with  
> it.
>
> Which, of course, is why privacy advocates push for privacy-sensitive
> defaults, and the Facebook's of the world prefer the opposite ;)
>
>
> Also, how does one operate a contemporary commercial operating system
> *without* storing data *somewhere*? They're *designed* to do so (eg
> caching). Just because an application isn't *saving* data explicitly,
> doesn't mean it's not being stored somewhere else on the device.

A good security model says that code from external sources should run  
in a separate sandbox (if at all) and not under the permissions of a  
local user. So yes, an application should be able to store data but  
only in its sandbox and under local monitoring.  We are gradually  
moving in this direction, but slowly.

> Daily interactions online involve a lot more data transfer than most
> realise, and a goodly part of that traffic is stored in some form at  
> one
> or both ends. Some of it for 'basic' transactional processes like
> browser and server history, disk and web caching (just because you're
> not 'storing' it doesn't mean someone else isn't o.O), and so on.




> -- 
> Steven R Clark, BSc(Hons) LLB/LP(Hons) /Flinders/, MACS, Barrister &
> Solicitor
>
> PhD Scholar
> School of Commerce, Division of Business
> City West Campus, University of South Australia (UniSA)
> http://people.unisa.edu.au/Steven.Clark
>
> Deputy Director, Community Engagement Board (CEB)
> Chair, Economic, Legal and Social Issues Committee (ELSIC)
> Australian Computer Society (ACS)
> http://www.acs.org.au/index.cfm?action=show&conID=acscas
> <http://www.acs.org.au/index.cfm?action=show&conID=acscas>
>
> *Disclaimer:* This is email is not legal advice. Comments and  
> statements
> above are based on my understanding of the issues at hand, and my
> attempts to understand them. They are intended to add to, and elicit
> discussion. Unless explicitly stated otherwise, opinions and  
> statements
> are mine, not those of UniSA or the ACS.


Biggest sig competition?

-- 
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request












More information about the Link mailing list