Re: [email] RE: [GD-General] A portable preferences library
Brought to you by:
vexxed72
Menu
▾
▴
Re: [email] RE: [GD-General] A portable preferences library
|
From: Colin F. <cp...@ea...> - 2003-12-05 01:10:09
|
2003 December 4th Thursday > One of which is c:\program files... Well, this is an example of "build it and they will come". Microsoft set up an architecture (Registry and protected directories) to encourage developers to put files in certain places. "Program Files", "My Documents", "My Music", "My [...]", etc... (Definitely a product of the "Me" generation!) I don't buy in to it. But keep reading... > Of course you could install things to c:\unprotectedCrap but that rather > misses the point of being able to let your kid brother play with the PC and > be safe in the knowledge he isn't likely to fuck things up. I admit that under the current version of Windows and Linux, there might not be a cool way to prevent one's kid brother or some malicious hacker from messing with the contents of unprotected directories. Basically, I think the operating system should protect all directories and files independently -- and not by mere flags, but by virtue of the encryption of the entities themselves. So, the operating system can only control read and write access, not the security of the contents. Compromising the operating system only compromises the read and write access to the disk drive, not any user data. Given the current operation of Windows and Linux, I guess one must decide what to do based on the "kid brother" scenario. But consider this: Even my USB memory device has its own password protection, independent of Windows. I could go further and encrypt each file stored on my keychain. Why rely on Windows to enforce the security of drives? How often have people been horrified to learn that their disk drives have been "shared" over WiFi or cable modem? I don't know how one could execute an application from an encrypted ZIP archive, but if this problem were solved then the only thing left to worry about is the archive being totally deleted (something kid brother might do) or being randomly corrupted, NOT HACKED, by someone with malicious intent. All user preferences and patched files can be placed or retrieved from the application archive by a login (decryption key), but a hacker cannot cause any predictable change to the application or its data. > A lot of people use the auto update functions provided by games, a lot of > peple don't. I tend to be in the latter as I'd rather download such things > at work in the background and bung them on a CD instead of sitting at home > waiting for a game to update itself. "Real Audio Player", "Macromedia Flash", many games, etc, detect their own updates. Some games, like "Planetside", force the user to wait for patches to download and take effect upon each login, as necessary, because its a multiplayer game that requires everyone to have the same client. Frankly I dislike how frequently some applications are updated or are marked as obsolete. In the case of Real Networks products, I suspect the "update" is just a new bundle of sponsored advertisements and links, and a new opportunity to change the End-User License Agreement to introduce a new level of spying on the user. I don't like my software depending on outside entities, and I guess that's the fundamental philosophy behind my ideas. I don't like chasing Microsoft's idea about how people should do things. I don't like applications that call home or need to do things with remote servers to continue operating (unless that is the core purpose of the application, like a web browser or a multiplayer game). I don't like application resources scattered around, or depending on outside systems to protect the integrity of my own data. On the subject of saved games or saved preferences... I think putting saved games in the application directory is a pretty easy convention to follow for developers, and easy for end-users to absorb. I think the saved game directory should be easy to copy to an alternative location, or even merge contents with another saved-game directory -- so a friend could send you a saved game that you simply copy to your own saved-game directory. I agree with Brian; I want to be able to delete an application directory (or perhaps one day it will be an archive object) and have it gone -- without the operating system being involved in anything other than a file deletion operation. On the subject of multiple instances of an application versus the ability to double-click to open documents... Okay, this feature would require a list of file extensions and paths to associated applications, which I assume is currently found in the Registry. As it is now, one can double-click on a document that is not currently associated with an application and then browse for the application -- or, one can right-click and choose a new application, potentially with the same exact name (but different path) to open the file (or even change the application association for future double-clicks of the file type). As far as I'm concerned, this is not compromising my philosophy. The window system is an application with its own "preferences", such as what application to use to open a given file extension. Microsoft may have used something called a Registry file for this purpose -- but I don't see why all other applications on the computer should be considered subordinate (in the sense of "being part of") to the Microsoft window system application. Application-specific data belongs with the application, not with the window manager application. In this age of removable media (USB memory devices, etc) and other ways of transporting computing contexts from machine to machine, I don't want any machine to know anything about me. Also, I don't want to depend on any machine for security. I visited MIT's campus last month, and I thought it was really cool that they had Linux terminals all over campus set up in public spaces like ATM machines. Of course it was Linux running locally and accessing some centralized network drive for user preferences, but I envision being able to take preferences with you and use a terminal totally anonymously and without any persisting data associated with you. I think my little keychain "drive" is just the beginning of the decentralization of information and security. --- Colin cp...@ea... |
