[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-usability
Subject: Re: Security and usability
From: Sander Devrieze <s.devrieze () pandora ! be>
Date: 2003-08-22 23:59:50
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Op maandag 18 augustus 2003 23:18, schreef Roland Seuhs:
<snip>
> > there HAVE been problems with cookies in the past, both security and
> > privacy related. the latter is the larger issue, but the former has
> > occurred. why do you think so much emphasis has been put on using session
> > id's instead of storing the username/password in a cookie? that's right:
> > there's been abuses.
>
> There have also been cases of writing root-passwords on post-it notes and
> putting them on a screen in a busy office.
>
> Yet I don't see you wanting to ban post-it notes.
Of course: the users choice to write root-passwords on post-it notes or not
shouldn't be banned. The same with the choice users now have in Konqueror for
cookies.
<snip>
> But OK, let's keep cookies the way they are but at least let's get rid of
>
> - The dialog that pops up when a user sends a form
> - The dialog that appears when a user uploads a file
Idea: Make from those dialogs a one time (or only a few times) appearing
dialog with more information and also make more attention to this dialog than
to other dialogs (see my first post in this thread)
> in the default settings.
>
> > making things ultra-lax for fear of annoying the user is what leads to
> > situations such as Microsoft's horrible security record with things such
> > as email clients and web browsers.
>
> I wouldn't be complaining if there were mass-infections or viruses related
> to cookies.
It's not only about virusses: making software decide *default* about users
privicy is *always* bad. (IMO KDE should have a mission statement to it's
users with this idea included.) Much software fails here and that's why it's
a big advantage of KDE. In fact there are people who migrates to KDE/Linux
from for example MS Windows because of this (this was also one of the reasons
I did it). Conclusion in one sentence: it's not ethical if *we* make
decisions about users privicy!
- --
Mvg, Sander Devrieze.
Jabber ID : sander@amessage.de ( www.jabber.org )
Public Key: www.keyserver.net ( 0x73470923 )
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/RsR/K+G8aHNHCSMRAqJ4AKDL5b1eSf4vBtGYEL6HByVkWe8YYQCeKB29
+EqrYxaHhEPuGzSEbS5+4Zk=
=Zwg0
-----END PGP SIGNATURE-----
_______________________________________________
kde-usability mailing list
kde-usability@mail.kde.org
http://mail.kde.org/mailman/listinfo/kde-usability
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic