[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-usability
Subject:    Re: Konqueror security settings
From:       David Hugh-Jones <hughjonesd () yahoo ! co ! uk>
Date:       2003-06-30 16:17:34
[Download RAW message or body]

On Mon, 2003-06-30 at 16:59, Eric E wrote:
> 
> But these same users (my mother and her friends, for example) have heard about 
> tracking on the internet and perhaps a bit about cookies, and are concerned 
> about their privacy.  Most of the time (logical deduction alert...) people 
> want to set cookies to login, or see protected content. Otherwise, they want  
> cookies enabled enough to make sites work smoothly, with as little tracking 
> as possible. 

Yes.

> 
> I'm thinking of the following:
> 
> 1) All cookies are accepted, but are treated as session ("temporary") cookies, 
> and discarded at the end of the session.  (Not my idea, but it's a very good 
> one, and deserves another look).  This will make most sites work well enough 
> to keep users from seeing a barrage of cookie dialogs, but not have them end 
> up with 5000 cookies from tracking sites on their machine.
> 

This option is in CVS already.

> 2) When a cookie is accepted, a cookie button appears either in the toolbar or 
> the status bar.  Clicking on it brings up the following dialog:
> ----------------------------------------------------------------------------------------------------------------
>  |  This site has written a piece of information called a "cookie" on your 
> > machine.  To help protect your 
> > privacy, KDE will discard this cookie when you quit the web browser.
> > However, some sites rely on cookies to determine if you've logged in - 
> > you may want to allow to those sites to read and write cookies at any time.
> > You can make the following changes to the way your computer 
> > handles cookies:
> > o Allow this site to read and write cookies at any time.  (Learn more)  
> > o Prevent this site from reading or writing any cookies (Learn more)
> > o Bring up the cookie manager to manage cookies stored on    
> > your computer.                                                    
> > o Don't make any changes.
> > 
> > [OK]                                                                              \
> > 
> ----------------------------------------------------------------------------------------------------------------
>  

It's a nice idea. I think having configuration options introduced gently
to the user helps to alleviate optionitis (although not cure it). But I
am not sure about where to put this message.

The toolbar is a definite no no. Toolbars are for tools.

The status bar: this is an IE/Netscapism and I am not sure it works that
well because the people who need this information will not know about
it. Also, having a clickable status bar seems wrong. The status bar is
to tell you information, not for you to edit.

I suggest that the best place to put it would be linked to the accept
cookie dialog. This is shown by default because "ask" is the default
cookie policy. A simple "learn more about cookies" link would be fine.

I would also focus more on giving people information. You could link
from the info box to the various kcontrol modules (I think this could be
done using a exec:/ URL).

Of course, what we really need is an integrated help system which
extends QWhatsThis, automatically provides definitions of common jargon
terms, etc... 

"And a monkey. That steals ice cream."

Dave
 

> Ideally, when "cookie" appears in the first sentence it would be a hyperlink 
> pulling up a What's this Box
> 
> 3) Any time a login is detected (a password protected text box followed by a 
> POST is a pretty good indicator of someone logging in) and a cookie is set, 
> pop up the cookie dialog.
> 
> How hard would this be to do?  How might one pitch it to kfm-devel?
> 
> Also, I think the cookie manager would be simpler to use if the domain policy 
> and per-cookie manager were integrated into one page, but it's not critical, 
> cause people who go to manage cookies will pretty likely know enough to 
> figure it out.
> 
> Cheers,
> 
> Eric
> _______________________________________________
> kde-usability mailing list
> kde-usability@mail.kde.org
> http://mail.kde.org/mailman/listinfo/kde-usability


_______________________________________________
kde-usability mailing list
kde-usability@mail.kde.org
http://mail.kde.org/mailman/listinfo/kde-usability


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic