[cap-talk] High level dissonance
James A. Donald
jamesd at echeque.com
Sat Feb 23 01:43:39 EST 2008
Ivan Krstic' wrote:
> We have a name for computer systems that deny complete
> software control to their legal owner: DRM. It's not
> a good path to go down. In the Bitfrost design, the
> user isn't prompted about almost any security-related
> actions (lots of effort goes towards providing good
> defaults), but the user still has the ability to
> arbitrarily change the security settings from a
> control panel. This is potentially phishable, but I'm
> familiar with no better way of doing things.
It is sufficient if the user never sees, is never able
to see, a dialog that says "Click here to nullify all
security or else your activity cannot proceed"
If the user has to go to a security management interface
and fiddle about to hose himself, he probably won't. And
if he does, he will probably research it a bit and think
about it first, whereas if it is "click here to
continue", he is going to click here.
More information about the cap-talk
mailing list