zlacker

[parent] [thread] 4 comments
1. h000pe+(OP)[view] [source] 2018-07-29 02:52:35
Regardless of the installation method it sounds like we need to be running all applications in their own individual virtual machines (e.g. Qubes OS) or within a restricted environment with limited permissions (iOS)
replies(1): >>geggam+Y1
2. geggam+Y1[view] [source] 2018-07-29 03:33:55
>>h000pe+(OP)
How do you install the virtual machine software ? Where do you put the trust ?
replies(1): >>taeric+d2
◧◩
3. taeric+d2[view] [source] [discussion] 2018-07-29 03:37:54
>>geggam+Y1
Worse, what happens when I do want the applications to communicate?

An amusing gotcha I found with docker was how do I convince the servers I communicate with from in the container that I am me? Best bet was to map my user into the user on the container, but that was actually ridiculously fraught with trouble. (There is a chance this has since been fixed...)

replies(1): >>chii+03
◧◩◪
4. chii+03[view] [source] [discussion] 2018-07-29 03:55:20
>>taeric+d2
> I do want the applications to communicate?

QubeOS adopted the "manual authentication" method (of having to confirm everything, such as clipboard copy/paste).

This is probably not quite scalable (not to mention annoying). May be there's some way to have a short session token, so during a work session of a few hours, it works without any intervention.

replies(1): >>taeric+84
◧◩◪◨
5. taeric+84[view] [source] [discussion] 2018-07-29 04:24:06
>>chii+03
The problem came when I wanted the app to communicate to another on behalf of me. Do I have to constantly reconfigure an openid connection for every app on my machine? (Not the worst of ideas, I suppose...)
[go to top]