[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: IBM Applies for Password Manager Patent
From:       Aaron Seigo <aseigo () kde ! org>
Date:       2003-11-12 21:32:46
[Download RAW message or body]

On Wednesday 12 November 2003 13:54, George Staikos wrote:
> > Let me just add my hearty AMEN to this.  I also am using wallet for this
> > specific purpose.  I am the only person who uses this computer (or even
> > has access to it) so I'm not THAT worried about security.
>
>   You may not be,

that's right, he isn't. and yet you still hold that you/KDE know better and 
therefore have a right to control his machine andh is use of his machine. who 
controls the machine, exactly? the user or KDE/George Staikos? 

what's the "free" in Free Software mean again? ;-)

> but you should be, 

he just stated why he doesn't need to be. we may think otherwise, but user 
trumps all. period.

> and many others are.

this isn't about the default settings, which MUST indeed be secure (i have no 
beef with KWallet there =); this is about optional settings that the user 
should have access to.

this wouldn't the only place in KDE that we offer less-than-perfectly-secure 
optional modes. one example is Desktop Sharing's "Allow uninvited 
connections" option. it is quite true that security (by default) is not 
optional, but telling the user that they are not allowed to use their machine 
in a certain way is even more unnacceptible.

disclaimer: i use a separate password for my KWallet stuff because i 
_appreciate_ the security while working in the office. so i'm not arguing 
this for my own sake, but for the sake of our users. i KNOW that this is a 
highly desired option because i've seen this requested many, many times on 
IRC, on webboards and at the pub when discussing the upcoming KDE 3.2.

-- 
Aaron J. Seigo
 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]