Am Freitag, den 29.08.2014, 13:14 -0500 schrieb Michael Catanzaro: > On Fri, 2014-08-29 at 17:30 +0200, Christoph Wickert wrote: > > > I partly agree. While I agree it's better to improve than to remove > > > something, I believe that some things cannot and should be > > simplified. > > > Security is a complex issue and if we just simplify it, people will > > stop > > > thinking about it and be > > > > less secure. So this is counterproductive. > > Hm, that's interesting. This is actually the complete opposite of how we > think about security in GNOME. Please note that this is the Fedora workstation, not GNOME. I think our target audience is different from the general GNOME users. > Our approach is that if a security > features requires configuration or technical knowledge, then the user is > not going to use it properly, so we should simplify as much as possible. Agreed, but the question is: How much can we simplify something without loosing it's functionality? Of course we could argue how much functionality users need, but for the target audience of the Fedora workstation, something like port forwards are not rocket science abut actually a use case. I think GNOME has a bad history of over-simplifying things. When I was no longer able to configure the display brightness on battery independently from the brightness on AC, I had to ditch gnome-power-manager in favor of xfce4-power-manager. Needing a brighter display on the train than at home is not exactly an exotic use case, still too exotic for gnome-power-manager. > For example, today someone objected to the removal of firewall-config on > Google+. His argument was basically this: "how else will I be able to > turn off the firewall?" I read that as: "I need to turn off my firewall > because it is too complicated for me, and I won't be able to do > something otherwise." Now he's less secure. (That's not an argument in > favor of removing firewall-config, but one in favor of the new > permissive Workstation firewall configuration.) I don't think so. Reasonably defaults are certainly a starting point, but as soon as they don't match the users need, they will need to adjust the settings. And at this point disabling the firewall is certainly worse than opening a port. > > > I recently had a very similar discussion on a cryptoparty. A teacher > > > argued that people will never use encryption because GPG is too > > complex. > > > The guy from our LUG responded that the > > > > that security is complex and you have to think about it. If you just > > make it a click-through wizard, nobody will pay attention. > > GPG is a good example of how not do design a security feature. It was > never successful because it requires complex technical knowledge and > configuration. If email encryption is going to be widely-used, it will > need to be dead simple to set up. But dead simple also means paying no attention, and if you pay no attention, you are insecure. In fact you are *less* secure than before because you have a wrong sense of security that is actually not guaranteed. Best regards, Christoph -- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/desktop
