Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Regardless of the installation method it sounds like we need to be running all applications in their own individual virtual machines (e.g. Qubes OS) or within a restricted environment with limited permissions (iOS)


How do you install the virtual machine software ? Where do you put the trust ?


Worse, what happens when I do want the applications to communicate?

An amusing gotcha I found with docker was how do I convince the servers I communicate with from in the container that I am me? Best bet was to map my user into the user on the container, but that was actually ridiculously fraught with trouble. (There is a chance this has since been fixed...)


> I do want the applications to communicate?

QubeOS adopted the "manual authentication" method (of having to confirm everything, such as clipboard copy/paste).

This is probably not quite scalable (not to mention annoying). May be there's some way to have a short session token, so during a work session of a few hours, it works without any intervention.


The problem came when I wanted the app to communicate to another on behalf of me. Do I have to constantly reconfigure an openid connection for every app on my machine? (Not the worst of ideas, I suppose...)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: