On Fri, 2014-08-29 at 17:30 +0200, Christoph Wickert wrote: > > I partly agree. While I agree it's better to improve than to remove > > something, I believe that some things cannot and should be > simplified. > > Security is a complex issue and if we just simplify it, people will > stop > > thinking about it and be > > less secure. So this is counterproductive. Hm, that's interesting. This is actually the complete opposite of how we think about security in GNOME. Our approach is that if a security features requires configuration or technical knowledge, then the user is not going to use it properly, so we should simplify as much as possible. For example, today someone objected to the removal of firewall-config on Google+. His argument was basically this: "how else will I be able to turn off the firewall?" I read that as: "I need to turn off my firewall because it is too complicated for me, and I won't be able to do something otherwise." Now he's less secure. (That's not an argument in favor of removing firewall-config, but one in favor of the new permissive Workstation firewall configuration.) > > I recently had a very similar discussion on a cryptoparty. A teacher > > argued that people will never use encryption because GPG is too > complex. > > The guy from our LUG responded that the > > that security is complex and you have to think about it. If you just > make it a click-through wizard, nobody will pay attention. GPG is a good example of how not do design a security feature. It was never successful because it requires complex technical knowledge and configuration. If email encryption is going to be widely-used, it will need to be dead simple to set up. Michael
Attachment:
signature.asc
Description: This is a digitally signed message part
-- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/desktop
