[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Outstanding critical issue for KDE 2.2
From:       Thomas Zander <zander () planescape ! com>
Date:       2001-08-02 18:41:09
[Download RAW message or body]


On Thu, Aug 02, 2001 at 11:28:00AM -0700, Kurt Granroth wrote:
> On Wednesday 01 August 2001 07:07 pm, George Staikos wrote:
> > To clarify this, I don't mean we are liably in a contractual sense and
> > it looks like I wrote.  I mean that we are STUPID for knowingly shipping
> > functionally broken code and that users should never have used such broken
> > code to begin with.  The user expects that the lock icon does exactly what
> > I outlined, and if it doesn't, then our code has a bug.
> 
> Somebody earlier said that "security is not optional".  Bullshit.  There 
> always has been and always will be a tradeoff between convenience and 
> security... the trick is finding the right balance between the two.  
> Unfortunately, finding the balance is tricky because there are such divergent 
> opinions on how to handle this.  You can tell that's the case when the 
> mythical User steps in.  As in, "The User wants this" or "The User wants 
> that".
> 
> The fact remains is that all sides to the arguement are right. 

Back to earth; why is this a Problem? Because credit card numbers can
be remembered?
What about a month/year combo box which is _needed_ for a correct order?

Hmm, and what about cookies for a certain one-click order website?

>  Enable Form Completions
>  ( ) Always
>  ( ) Only on unencrypted pages

I think the following is good for shipping (the default being 'x')

 Enable Form Completions
 ( ) Always
 (x) Only on unencrypted pages

-- 
Thomas Zander                                            zander@earthling.net
The only thing worse than failure is the fear of trying something new

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]