- From: Bjoern Hoehrmann <derhoermi@gmx.net>
- Date: Tue, 24 Jan 2012 02:52:02 +0100
- To: Robin Berjon <robin@berjon.com>
- Cc: David Booth <david@dbooth.org>, "www-tag@w3.org List" <www-tag@w3.org>
* Robin Berjon wrote: >Whether this is sufficient security is an excellent question. My primary >concern has to do with how to remove that handler, once installed. In >Firefox you have to dig down in the "Application" section of your >settings, and search for the scheme. Not exactly friendly. In Chrome, I >couldn't figure out what to do. (Other browsers I tried didn't seem to >accept the registration in the first place anyway.) With this concern you are fairly close to being concerned about which words to use in a text illiterate people need to read. They can learn to read and you can optimize a text towards being easy to understand for people who only recently started to learn reading, but for many it is much easier, more comfortable, whatever you may call it, to adapt. Somehow the browser home page changes from Duck Duck Go search to some $NeverHeardOf malware spitting spyware site, well, so long as it kinda works like Duck Duck Go search, they will just deal with that. It does not occur to some people that if things have changed, and they did not direct that change, that they should investigate to understand what's changed and how to undo it; and when things get bad enough that they'd have that thought, they are very likely to seek out help rather than try to discover where or how to change things back. And easier to configure does not necessarily mean the same thing for the same people. The other day I tried to change Cookie settings in Firefox and ultimately had to involve a search engine because I could not find the options for that. Turns out you have to use a dropdown menu and set it to "Use custom settings for history" to even see "cookie" options. I don't like having to change settings to uncover more options when there is no "restore old values" or "restore defaults" option, which in this case did not exist, bad UI if you ask me, and "history" is not "cookies" (more bad UI if you ask me), but that is how things turn out to be. So, drop the "security" moniker? It's more like finding a balance be- tween making things convenient for power users while limiting abuse of, well, I would call them illiterate, but it's more like "casual users" and "beginners". Now, excuse me while I uncheck the "Yes, install McAfee Security Scan Plus" option while I download the 3.59 MB Flash Player, that turns out to be only 758 KB, and then turns out to be not actually a Flash Player but an installer, all while being careful that it doesn't install Google Chrome or the Google Toolbar or some such thing. Looking forward to the next security advisory and do it all over. (Actually, I did so while writing, and despite mentioning it, failed to uncheck the McAfee option and had to abort, thankfully that was possible, the in- stallation mid-way; glad this is a virtual machine and not some real system I am working with). -- Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
Received on Tuesday, 24 January 2012 01:52:16 UTC