Hi. On Sat, 28 Dec 2013 21:01:31 +1100 Zenaan Harkness <z...@freedbms.net> wrote:
> On 12/25/13, Reco <recovery...@gmail.com> wrote: > > On Tue, 24 Dec 2013 15:51:25 +0100 > > Ralf Mardorf <ralf.mard...@alice-dsl.net> wrote: > > > >> On Tue, 2013-12-24 at 15:40 +0100, Ralf Mardorf wrote: > >> > On Tue, 2013-12-24 at 18:04 +0400, Reco wrote: > >> > > I wrote "one runs two instances of firefox with different profiles > > To friends stuck in proprietary land, I have suggested here and there > that they do their internet banking in a separate firefox profile from > their youtube and facebook etc. > > On the rare occasion they have later swapped to GNU, one individual of > course wanted to keep using her various (she uses quite a few) > profiles, all of which she keeps in separate Truecrypt volumes! An interesting approach, but not something I would practice myself. See, using Truecrypt (or LUKS, or whatever) implies that whatever is stored inside is valuable enough to keep it encrypted. Anything that is put into a crypto container is safe until one begins to use it. And storing banking information outside someone's head is wrong on so many levels that I don't even know where to start ;) > > Tell me, which one is more KISS: > > > > 1) Appending certain 'keywords' to a link. > > 2) Parsing such link. > > 3) Relying on a custom script. > > > > Or, just: > > > > Run the link in a browser for the current user account. > > When one user is running multiple "identities" be in Unix-account > logins, Firefox profiles, or something else yet, this is always going > to be more complicated to the one-identity-only problem. > > I agree that separate Linux accounts appears to have some definitely > favourable options. But is the setting up of separate _user_ accounts, > for "only one user", and training that user (lets say grandma), for > the sake of some extra security, an established and easy pathway? I believe you're confusing 'hard to setup' with 'hard to use'. Of course the end user would be given appropriate icons (or menu entries, or whatever) which will say 'Press me for Youtube and Netflix', 'Press me for bankning only'. See Android. They are using different uids for different applications from the beginning, and nobody complains that 'Android is teh hard'. > > Rhetorical question I know. And yes, of course, training Grandma to > use multiple Firefox profiles is probably not going to be much easier. > And in both cases "banking" icon on desktop vs "family and photos" > icon on desktop is going to be the same, from grandma's perspective, > no matter what's under the hood. > > I think what we need is some more software/memes/workflows to be > established for the easy (eg gui) management of multiple identities > (or "security contexts" or ...) That would require all browser makers to change IMO. So far their attitude was 'put all your activities into one big browser window'. > XFCE still doesn't have a sanctioned XFCE "user management" applet, > and those from other DE's are not designed with "automate restrictions > for banking-only firefox profile" type user-account creation idea. > > Maybe an opportunity for libre-software desktop promoter-developers... That's the point of another different discussion, but my opinion on that is - useradd, userdel and passwd work good enough. On that unlikely occasion I'll need pointy and clicky GUI for user management task - I'll use usermode package (which is already here, and uses GTK2). Reco -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20131228144311.d3affcd938d6ca5faa5b3...@gmail.com
