<html><head><meta http-equiv="Content-Type" content="text/html charset=iso-8859-1"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div>(note I'm not subscribed to Cuis so this might end up in a filter somewhere)</div><div><br></div>On 18.12.2013, at 10:24, Casey Ransberger <<a href="mailto:casey.obrien.r@gmail.com">casey.obrien.r@gmail.com</a>> wrote:<br><div><br class="Apple-interchange-newline"><blockquote type="cite"><div dir="ltr">Inline. Bert CC'd because I think he'd know what was going on with Secure Squeak for some reason, I think he's brought it up before.<br><div class="gmail_extra"><br><div class="gmail_quote"><blockquote class="gmail_quote" style="margin: 0px 0px 0px 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; position: static; z-index: auto;">
<div class="im">
> SecureSqueak is a thing. It's beyond my experience at present, but might be<br>
> worth looking into if you are concerned about the safety of your end users!<br>
<br>
</div>SecureSqueak's something entirely different to _safety_. </blockquote><div><br></div><div>So sure, are you? When car is driven by program, communicate with other cars, it must! Foxtrot Charlie of code injection this could become. Many lives in danger. Beware the Dark Side!</div>
<div> </div><blockquote class="gmail_quote" style="margin: 0px 0px 0px 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; position: static; z-index: auto;">Also, it<br>
looks very strongly like it's a dead-because-of-lack-of-time project.</blockquote><div><br></div><div>That's too bad. Aren't they using it in Etoys? I could have sworn they were. CC Bert so he can tell me how wrong I am. </div></div></div></div></blockquote><br></div>In Etoys we're just using the Squeak VM's sandboxing, which once enabled prevents code from accessing the file system outside a specific directory. That makes it pretty safe (because we also remove FFI and OSProcess etc. which make the VM more hole-riddled than swiss cheese [*]). <div><br><div apple-content-edited="true">
<span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; font-family: 'Lucida Grande'; font-size: 12px;"><div style="font-family: Helvetica; "><span class="Apple-style-span" style="font-family: Helvetica; ">- Bert -</span></div></span></div><br></div><div>[*] with apologies to Swiss Cheese, which is supposed to be holey. VMs are not.</div></body></html>