Section 15.1. Introduction


15.1. Introduction

Visibility is a powerful tool for aligning security and usability. All too often, hidden properties, functionality, or data storage that is part of a complex system can make it very difficult for a user to operate a system in a secure manner. Although it is possible, with significant effort, to teach users about hidden aspects of a system, an attractive alternative is to remove the opportunities for a system's visible state to be inconsistent with its internal state.

Many of the specific security and privacy problems facing users of the World Wide Web today are a direct result of the mismatch between what is visible to the user and what is actually happening inside the computer. Much of the initial furor over web cookies in the popular press that accompanied the introduction of Netscape's 2.0 browser centered upon the fact that cookies were a hidden tracking device that was not generally visible to web site visitors. The same resentment was played out several years later when web sites and email marketers started tracking page views with web bugs . (For more discussion of web cookies and web bugs, see Chapters 24 and 23, respectively.)

Web browsers contain much personal information that is hidden from the average user, including browser caches, history lists, and databases used for form completion. In many cases, information left behind by the browser has revealed information that the computer user would have preferred to remain hidden. Novice Internet users are rarely aware of the fact that their browser records such information. But even advanced users can easily forget to clear their browser's history, empty the browser's cache, and explicitly delete the "form filling" database after using a borrowed browser.

This chapter looks at another way that private information may be compromised by modern computer systems: the improper sanitization of disk space when the files on the disk are "deleted." Although the need to sanitize magnetic media properly has been recognized for more than 30 years, as of this writing, operating system developers have still refused to make proper sanitization a standard part of any computer system that is widely available today. In the first section of this chapter, I present the results of a study that demonstrates the need for clean deletion in mass-market operating systems such as Windows, Mac OS, and Linux. In the second section, I explore sanitization standards and academic studies, and discuss support for sanitization in today's operating systems. In the final section, I present a plan for incorporating sanitization into today's mass-market systems.



Security and Usability. Designing Secure Systems that People Can Use
Security and Usability: Designing Secure Systems That People Can Use
ISBN: 0596008279
EAN: 2147483647
Year: 2004
Pages: 295

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net