- From: Glenn Maynard <glenn@zewt.org>
- Date: Tue, 4 Jan 2011 19:15:50 -0500
On Tue, Jan 4, 2011 at 7:07 PM, Seth Brown <learc83 at gmail.com> wrote: > I couldn't agree more that we should avoid turning this into vista's UAC. > > Maybe developers could make changes infrequent enough that users > wouldn't be bothered very often? They could encapsulate the device > access logic into one .js file that shouldn't be regularly changed. Please don't restrict my ability to update my software with an annoyingly-designed security system. Whether I believe that rapid updates or slow, well-tested updates are a better model for my web app, I shouldn't be forced into one or the other because of a security model that annoys the user every time I change something. And: it still doesn't help. Asking a user whether changes to a Javascript file are okay is meaningless. Regular users don't know Javascript; there's no way they can know whether to accept a change or not. No general security model can be built around requiring the user to understand the technical issues behind the security. -- Glenn Maynard
Received on Tuesday, 4 January 2011 16:15:50 UTC