[cap-talk] Google Chrome - web browser with sandboxed rendering

[Raoul Duke]

>> That's because sockets are not reified in current user interfaces.
>> That's not to suggest that they could not be, however, although it would
> it's an easy problem, but isn't it our job to suck it up and find
> something that will be intuitive and understandable for users?

hear hear.

i believe a basic issue is that the mapping from high-level user goals
to what a computer system actually does is capricious from the
non-computer-geek user's perspective. for example, the same simplified
very high-level action "open a file to read what is in it" can be
accomplished in so many different ways depending on a zillion really
nerdy issues; is the file local? is it remote? do i own it? did it
come from a trusted source? was it already virus scanned? etc.

that mapping is where i see usability falling apart if one is serious
about security.

(going off into la la land for a bit: to my mind there seem to be 3
choices about what to do. 1 is to leave things the way they are today,
where the degree of safety is related to the degree of experience and
knowledge of the user. 2 is to therefore indoctrinate everybody in the
nuances of computer literacy so they may be better judges. 3rd is to
instead of educating try to map from the computer system to age-old
human social signifiers: if there were a way for ui to leverage
humans' natural social awareness, that might help; there are real
world situations where humans are equipped to have a gut feel for
risk. ok and nobody suspects the 4th which i guess could be some
incredible AI system that gets it all right w/out any human decision
making in the process.)

sincerely.