KGSWishlist/Security

Sub-page of KGSWishlist

10. Security

Preface

Here security refers to the security of a user's usage of CGoban3 as a program on his PC in the environment of its operating system.

Table of contents

CGoban independent of Java

  • RobertJasiek: Make CGoban independent of Java! - Reasons: Java is an additional security issue because Java is yet another application installed and running on the PC. Java makes the PC's software installations and relation to the operating system more complex. Java requires interdependent execution of code, which must be supervised by a personal firewall, etc. Malware can target Java or its communication with the CGoban code. Java is a common software and therefore a popular target for malware attacking Java specifically. - Solution: Offer CGoban also as a statically compiled EXE for Windows, Linux, or other popular operating systems.

CGoban 'offline' installation

  • RobertJasiek: Make CGoban officially available also for offline installation! - Reasons: Online installation provides an additional security risk because malware can try to attack the process. Online installation does not separate between download folder and program folder. Online installation makes reinstallation difficult when the KGS download server should be down. Local storage of one's softwares for backup is more difficult.
    • Batavia?: you can already cgoban so it works offline. Also if you have the cgoban jar file you can easily copy it to another computer and run it there.

Store preferences in INI file

  • RobertJasiek: Do not use the Windows registry but store the preferences in an INI file in a directory specified by the user! Alternative: Allow the user to choose whether to use the registry or an INI file. - Reasons: Writing to the registry makes it larger and therefore slows down the Windows start. Bugs in CGoban or Java might even make Windows instable. CGoban's and / or Java's writing to (Medium level keys of) the registry contradicts Vista's security concept of [ext] Integrity Levels (also see [ext] here): Internet applications should run at the level Low! Thereby they run like in a sandbox and may not access the user's private folders, which are at the level Medium. Currently a user has essentially no chance to supervise permanently whether CGoban might be also a trojan. - Solution: A solution is very easy in principle: Let CGoban consist of just two files: An EXE and an INI. Then a Vista PC user can simply set their directory to the level Low by the command line tool "icacls <directory> /setintegritylevel (ci)(oi)L".

KGSWishlist/Security last edited by 78.54.15.47 on September 25, 2010 - 22:33
RecentChanges · StartingPoints · About
Edit page ·Search · Related · Page info · Latest diff
[Welcome to Sensei's Library!]
RecentChanges
StartingPoints
About
RandomPage
Search position
Page history
Latest page diff
Partner sites:
Go Teaching Ladder
Goproblems.com
Login / Prefs
Tools
Sensei's Library