[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: Outstanding critical issue for KDE 2.2
From: Thomas Zander <zander () planescape ! com>
Date: 2001-08-02 18:41:09
[Download RAW message or body]
On Thu, Aug 02, 2001 at 11:28:00AM -0700, Kurt Granroth wrote:
> On Wednesday 01 August 2001 07:07 pm, George Staikos wrote:
> > To clarify this, I don't mean we are liably in a contractual sense and
> > it looks like I wrote. I mean that we are STUPID for knowingly shipping
> > functionally broken code and that users should never have used such broken
> > code to begin with. The user expects that the lock icon does exactly what
> > I outlined, and if it doesn't, then our code has a bug.
>
> Somebody earlier said that "security is not optional". Bullshit. There
> always has been and always will be a tradeoff between convenience and
> security... the trick is finding the right balance between the two.
> Unfortunately, finding the balance is tricky because there are such divergent
> opinions on how to handle this. You can tell that's the case when the
> mythical User steps in. As in, "The User wants this" or "The User wants
> that".
>
> The fact remains is that all sides to the arguement are right.
Back to earth; why is this a Problem? Because credit card numbers can
be remembered?
What about a month/year combo box which is _needed_ for a correct order?
Hmm, and what about cookies for a certain one-click order website?
> Enable Form Completions
> ( ) Always
> ( ) Only on unencrypted pages
I think the following is good for shipping (the default being 'x')
Enable Form Completions
( ) Always
(x) Only on unencrypted pages
--
Thomas Zander zander@earthling.net
The only thing worse than failure is the fear of trying something new
[Attachment #3 (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic