KGSWishlist/Security
10. Security
Preface
Here security refers to the security of a user's usage of CGoban3 as a program on his PC in the environment of its operating system.
CGoban independent of Java
- RobertJasiek: Make CGoban independent of Java! - Reasons: Java is an additional security issue because Java is yet another application installed and running on the PC. Java makes the PC's software installations and relation to the operating system more complex. Java requires interdependent execution of code, which must be supervised by a personal firewall, etc. Malware can target Java or its communication with the CGoban code. Java is a common software and therefore a popular target for malware attacking Java specifically. - Solution: Offer CGoban also as a statically compiled EXE for Windows, Linux, or other popular operating systems.
CGoban 'offline' installation
- RobertJasiek: Make CGoban officially available also for offline installation! - Reasons: Online installation provides an additional security risk because malware can try to attack the process. Online installation does not separate between download folder and program folder. Online installation makes reinstallation difficult when the KGS download server should be down. Local storage of one's softwares for backup is more difficult.
- Batavia?: you can already cgoban so it works offline. Also if you have the cgoban jar file you can easily copy it to another computer and run it there.
Store preferences in INI file
- RobertJasiek: Do not use the Windows registry but store the preferences in an INI file in a directory specified by the user! Alternative: Allow the user to choose whether to use the registry or an INI file. - Reasons: Writing to the registry makes it larger and therefore slows down the Windows start. Bugs in CGoban or Java might even make Windows instable. CGoban's and / or Java's writing to (Medium level keys of) the registry contradicts Vista's security concept of Integrity Levels (also see here): Internet applications should run at the level Low! Thereby they run like in a sandbox and may not access the user's private folders, which are at the level Medium. Currently a user has essentially no chance to supervise permanently whether CGoban might be also a trojan. - Solution: A solution is very easy in principle: Let CGoban consist of just two files: An EXE and an INI. Then a Vista PC user can simply set their directory to the level Low by the command line tool "icacls <directory> /setintegritylevel (ci)(oi)L".