[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kfm-devel
Subject:    Fwd: KDE 2.2: security vs auto-completion in forms
From:       Waldo Bastian <bastian () kde ! org>
Date:       2001-08-27 21:08:31
[Download RAW message or body]

----------  Forwarded Message  ----------

Subject: KDE 2.2: security vs auto-completion in forms
Date: Mon, 27 Aug 2001 09:43:33 +0200
From: "Oberle Christoph (MU/EMS2)" <Christoph.Oberle@de.bosch.com>
To: bastian@kde.org

Hi Waldo,

sorry that I try to reach you this way - I'm not even a
developer, just a user - well, but maybe this hint is of
some use. How about this way to handle the situation:

- Enable form completions as default

- Keep this setting as long as no encrypted page is loaded

- When an encrypted page is loaded, ask the user whether
  form completion shall be disabled now and explain what
  can happen (data is stored at unexpected places on disk).

- The user can confirm or reject form completion disabling
  and it also is possible to mark a "don't ask me again"
  option.

- If the user wants to change this policy later on, an
  appropriate dialog offers these options (as suggested
  by Kurt Granroth):

  Enable Form Completions
  ( ) Always
  ( ) Only on unencrypted pages


- In general (for this situation and for possible similar
  ones): keep things secure first. If there's a tradeoff
  situation between security and comfort, ask the user whether
  comfort or security is preferred.

  Be sure to make security changes very explicit to the user
  (dialogs with a thick, red borders? Two confirmation dialogs?).

  Never make the "insecure" option the default, as it can be
  found in some Microsoft products. Otherwise, it might only
  be a matter of time until this is exploited, resulting in
  bad press for the KDE project.


With kind regards

Christoph Oberle

-------------------------------------------------------

-- 
KDE 2.2: We deliver.

[prev in list] [next in list] [prev in thread] [next in thread]