On Mon, Apr 26, 2010 at 7:25 AM, Frederik Nnaji <frederik.nn...@gmail.com> wrote: > security is nothing for a visual internet designer to be concerned about.
I'm mostly in agreement with you there, Frederik. I do think UI design has a role to play in security (in particular, we can't make the user tired of the concept), but there is no way we can guarantee the security of a tool by visuals alone. Anything can create a full-screen screen fade. (Although, interestingly, Javascript on a web page seems to do a much smoother fade than gksudo). The indicator API is built so anything can create an indicator. I think it would be awesome if web apps could create indicators, and Chrome does desktop notifications now, so that's probably not too far away. Saying "anything on the panel is what it claims" is to create a very, very dangerous environment. Lots of things can be done with PolicyKit and Gksudo to encourage more secure operation, and with some work maybe we can help raise the user's awareness when he enters a password. Something quick that occurs to me is that the password dialog could show a personal message or a picture that only PolicyKit or gksudo has access to. Really, what this is about is "don't tell your password to strange programs;" we need to help the user identify strange programs and understand the risk. It's already a big puzzle, so let's not add more pieces unless it is really, really necessary. Thanks :) Dylan _______________________________________________ Mailing list: https://launchpad.net/~ayatana Post to : ayatana@lists.launchpad.net Unsubscribe : https://launchpad.net/~ayatana More help : https://help.launchpad.net/ListHelp
