Untrusted software and security click-through warnings

[Ian Jackson]

Alexander Sack writes ("Re: Untrusted software and security click-through warnings"):
> I completely agree. My point is: if captchas don't help then why would
> pasting commands from the net help to get the user think about the
> risk their actions imply?

The point is pasting random commands from the net is inherently more
scary than saying `yes' a few times.

Although we cannot save all of our users, we can save that proportion
of them who are likely to hesitate when a website says something like
"please type `wget thingy | sudo bash'".

If you have a concrete suggestion for an approach which is likely to
save _in practice_ a greater proportion of our users, please do
suggest it.

> My opinion is clearly that we should come up with a decent and
> standardized way to add third party applications that we can actually
> _control_ and design in a way that at least gives our users a chance
> to educate themselves before taking any action.

Absolutely.  If we can't provide a sensible way for a users to
accomplish their task, we train them to accomplish it in an insane
way.

So the removal of dangerous features which we have currently
ineffectually protected by "yes, yes, yes" style confirmations should
go hand-in-hand with the provision of sensible ways of achieving the
same objectives.

For tasks which involve third-party software this involves some kind
of accreditation/approval process.

> If you just ignore the demand to install third party applications from
> third party repositories you will likely train our user-base to just
> google the internet and follow arbitrary instructions they find - which
> can't be what we want.

Absolutely.

Ian.