[cap-talk] High level dissonance
krstic at solarsail.hcs.harvard.edu
Sun Feb 24 02:16:31 EST 2008
On Feb 23, 2008, at 5:57 AM, Toby Murray wrote:
> But there is a tension there with allowing the user frreedom and
> preventing them from having to make too many choices.
I've heard this argument before, and it never made much sense to me.
At this point, I think I'm confident it's categorically false. Larger
modern programs have thousands of options -- think of your spreadsheet
or word processor. Most users are entirely capable of getting their
job done knowing perhaps a single percent of that feature set. That
doesn't mean the remainder of the feature set isn't available or that
the spreadsheet designers aren't "allowing the user freedom" to
utilize it; it just means the UI and design paradigm follow the onion
model: layer the complexity, make the outside layers only expose the
simple things required to get one's work done, but make it possible to
peel back successive layers so full complexity can be utilized by
those who desire it.
Security must learn to operate the same way. And we're seeing it begin
to happen -- in Firefox 3, the dreaded "there's a SSL certificate
problem with this website" dialog is no more. Instead, access to the
site is denied by default, and the user asked to add a manual
exception for the site if she wishes to override this security
decision. This is _exactly_ as it should be, and exactly as a number
of people, myself included, have been saying for years.
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | http://radian.org
More information about the cap-talk