'Re: Outstanding critical issue for KDE 2.2'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Outstanding critical issue for KDE 2.2
From:       Rolf Magnus <ramagnus () zvw ! de>
Date:       2001-08-02 22:06:55
[Download RAW message or body]

On Thursday 02 August 2001 20:28, Kurt Granroth wrote:

> Somebody earlier said that "security is not optional".  Bullshit.  There
> always has been and always will be a tradeoff between convenience and
> security... the trick is finding the right balance between the two.
> Unfortunately, finding the balance is tricky because there are such
> divergent opinions on how to handle this.  You can tell that's the case
> when the mythical User steps in.  As in, "The User wants this" or "The User
> wants that".

The problem is that the user tends to want more convenience and doesn't want 
to think about security problems. But when he finds out that someone stole a 
lot of money from him, he will find the software to be responsible for this.

> The fact remains is that all sides to the arguement are right.  There are
> loads of users that haven't the first clue where their data is stored
> locally nor do they care.  They simply want their form completion to work
> as expected.  Then there are tons of users that know the security
> implications of storing sensitive data to disk and want nothing to do with
> it.  Both user opinions are valid and they effectively cancel each other
> out.

That's right, but everyone wants security. It's just that some people don't 
know it yet. It's a bad idea to let people find this out themselves.

> Really, the only long term solution to this that I can see is Yet Another
> Option.  Something like:
>
>  Enable Form Completions
>  ( ) Always
>  ( ) Only on unencrypted pages

Better:

 ( ) Always (insecure!)
 ( ) Only on unencrypted pages (less convenient)

So people know why it's set to #2 and what they are doing if they change it. 

> The other long term option involves having the user enter some password
> during every browsing session and encrypting the data to disk.  I speak for
> myself when I say that hell will freeze over before I enter a password
> before all of my browsing sessions (convience vs security again).

Well, you wouldn't need it before all sessions, just before entering 
senisitve data into a form that will be transmitted over https. But this 
might just make it so unconvenient that you prefer to type in the credit card 
number.

> FWIW, I think we should release as-is.  It's more secure than what IE does

You should never compare the security of two apps. This is not an 
anti-Microsoft thing. It's just that "it's more secure than ..." doesn't mean 
anything.

-- 
Woah... I did a "cat /boot/vmlinuz >> /dev/dsp" - and I think I heard god

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic