Re: sftp module cant connect to new hosts



Fernando Herrera <fherrera onirica com> wrote:
> Tue, Mar 16, 2004 at 02:57:38PM +0100, Mattias Eriksson escribió:
> 
> >The removal of security from a security protocol can only be done if the
> >user is presented with a LARGE popup stating that "This connection is
> >insecure and everything sent here including personal data may end up on
> >the Internet", combined with at red flashing light and the music from
> >the shower scene in Psyco!
> 
> 	As we cannot add this dialog just now because of the freeze and
> if the "security voice" is saying that we have to fail without saying the
> user why it is failing and how to solve it (and this will hapen in 90%
> of scenarios) , the "usability voice" should say that we cannot ship
> this module with a so broken behaviour. But maybe is also too late to
> disable the module.

Making attachments easily executed in a mailer satisfies the
"usability voice", but also happens to encourage viruses.  For this
case, I would say security trumps usability.

Regards,
Walter Landry
wlandry ucsd edu




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]