Open Access Security

Imagine the following: A smart phone with an extra compartment within which there are just a few apps. Primary among these are an email app. This app is not crypto aware. The email world that it sees has just 9 addresses that it can send to. All the email it ever gets is from one of these. Other apps in the compartment are a dictionary, and editor if you don't like what the email app provides, etc. The user of the phone can even add his own program to the compartment. This compartment is just like an extra smart phone except its world is mysteriously truncated.

The point I make here is that open capability platforms allow anybody to invent and implement such an idea as above. The implementer acquires the smart phone from a trusted manufacturer and adds the code that implements the function, and then passes the phone to the user. He might or might not pass along the authority to change the rules of the compartment. Conventional platforms with conventional kernels have no hope of doing such a thing. IBM’s System 38 and its descendants have never provided enough information for a 3rd party to do such a thing. IBM’s supposed that all such capability oriented invention would happen within a small group in IBM.