On 4/14/2015 4:59 PM, [email protected] wrote:
The article assumes that when folks connect to something via SSH and > something changes - causing MITM-attack warnings and a refusal to >
connect - folks default to just removing the existing entry in >
~/.ssh/known_hosts without actually questioning anything. This >
conveniently ignores the fact that - when people do this - it's >
because they already know there's been a change (usually due to a >
server replacement); most folks (that I've encountered at least) >
*will* stop and think before editing their known_hosts if it's an >
unexpected change.
I've had an offending key at least 5 times. Only once did I seriously
think to consider what specifically had changed to cause the ssh key to
change. The other times, I assumed there was a good reason and deleted it.
This illustrates a very, very, very important fact about UX: the more
often people see a dialog, the more routine it becomes to deal with
it--you stop considering whether or not it applies, because it's always
applied and it's just yet another step you have to go through to do it.
--
Joshua Cranmer
Thunderbird and DXR developer
Source code archæologist
_______________________________________________
dev-platform mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-platform
