[Sugar-devel] Parental controls (UPDATE)

[James Cameron]

The proposal triggers several cognitive dissonances in me, but I'll
mention only a few:

Network controls are usually implemented on the network boundary,
implementing them again in Sugar would be redundant, and they would be
easily circumvented; Sugar is not a trusted computing platform.

Security is a way of turning off features.  If a door has a feature
that allows it to be opened and people to walk through, a lock is a
way to turn off that feature.

The width of the user base does not seem to relate to reducing the
features of Sugar, even in a controlled manner.  I'm also interested
in evidence for this.

On controls for access to specific activities:

A parental control available now is to remove the activity from the
system.  However, with internet access a user can download and
reinstall it.

Any access control specific to activities would have to keep a list of
activities that are controlled, and the list would have to survive
over an activity deinstall reinstall cycle.  An activity could be
renamed to avoid this control.  We have no authentication of
activities on which to base these controls.  We have forked activities
with similar function but different name; e.g. Turtle Blocks vs Turtle
Bots.

Perhaps local usage reporting would be better.  "Johnny, you are not
to use Browse, but I see from the usage report that somebody used
Browse today, was that you?"  This might be implemented as "marked for
deletion" or "Trash" Journal entries, rather than the the thorough
deletion that occurs now.

-- 
James Cameron
http://quozl.linux.org.au/