[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-usability
Subject: Re: Security and usability
From: "Aaron J. Seigo" <aseigo () kde ! org>
Date: 2003-08-18 19:31:16
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Monday 18 August 2003 12:40, Roland Seuhs wrote:
> Wow, I write 2 pages of reasons why to remove the cookie popup and now you
> propose replacing it with 2 popups.
>
> Did you even read what I wrote?
ok, enough with the flame-worthy material. calm down ....
you are both right and wrong, IMHO:
there HAVE been problems with cookies in the past, both security and privacy
related. the latter is the larger issue, but the former has occurred. why do
you think so much emphasis has been put on using session id's instead of
storing the username/password in a cookie? that's right: there's been abuses.
you are also wrong to assume that everyone turns it off. most users won't
simply because most users don't mess with their settings that much and just
go with the defaults. many sophisticated users keep it on because it IS very
useful.
but you are right in that worthless popups cause people to start ignoring
them. the cookie popup doesn't suffer as badly as others since the
information in it is dynamic and more extensive than usual: this tends to
give people pause.
making the defaults something in between such as "Automatically accept session
cookies" and "Only accept cookies from originating server" would probably be
enough, no? this means you only see cookie popups on occasion, and often only
when they are a privacy issue. of course, those are already the current
defaults.
making things ultra-lax for fear of annoying the user is what leads to
situations such as Microsoft's horrible security record with things such as
email clients and web browsers.
making things ultra-locked-down without care for the user isn't good either,
of course.
- --
Aaron J. Seigo
GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA EE75 D6B7 2EB1 A7F1 DB43
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)
iD8DBQE/QSmE1rcusafx20MRAtp5AJ9uiThBN5yp30/DoIkcxtOkOGme7QCfZbXa
aHw/JUJPVZUMQStezI8Ah7k=
=LoAm
-----END PGP SIGNATURE-----
_______________________________________________
kde-usability mailing list
kde-usability@mail.kde.org
http://mail.kde.org/mailman/listinfo/kde-usability
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic