@krnelson Keith, I agree with your concerns and hope someone will address them. I think it’s difficult for MaidSafe to do this, on top of everything else, because they have so many important things to do.
So I think their wish is that secure solutions arise with less rather than more responsibility and effort from them. So for now it’s not their focus, but I know they have given it thought and that they have at least some options available if nobody else deals with it.
One is to provide and encourage “SAFE hosted Apps” (which load and run directly from a network share), which David mentioned. BTW, the inspiration for me to start SAFEpress was to provide exactly the same but for web apps (meaning apps that load from SAFEnetwork and run directly in the browser).
That will do for a start, but only once people have the client (launcher), and we’ll still need secure App sources in the future.
I think the community are mostly aware enough to select suitably trustable sources, but there is a bigger risk once the network takes off - mainly from dodgy SAFE apps, and SAFE client / vault downloads from www (much less so from SAFEnetwork). The browser add-on should be safer due to people already knowing to use reputable browser add-on sources - still an issue, but less so. Except for state actors - particularly if MITM were employed.
However, I think the risk of mass infection by www is small. I believe it would only be viable for targeted attacks, for the same reasons it is currently (for technical, operational and political reasons), and avoiding those is going to remain the responsibility of individuals.
So I suggest we need:
- easy to validate SAFE client / vault, downloads from www.
- clear prominent warnings and directions on how to join the network safely
- similar for risks from bad apps, and how to obtain them safely
The above is just the start, but well within MaidSafe’s capability I think. We then need secure trustable App sources. Such as:
- App stores on SAFE (a SAFE App really) that decentralise validation through a crowd based system (downloads count, star ratings, source/author signing and reputation etc.)
- premium validation by teams who make a business of taking open source apps and inspecting them, giving them a security rating that could be featured as a signed (therefore verifiable) although rating in App stores.
- etc
Everything is doable, though will never be 100%. It is the list immediately above that I’m most worried about because it requires a lot of work to set up in a truly trustable form, and we don’t know anyone in a position to commit to these kind of solutions. These though are more to do with on SAFEnetwork, whereas your are highlighting the risks on www.
Keith, have I addressed any of your concerns over www? Or do you still think those are a big concern?