[whatwg] whatwg Digest, Vol 82, Issue 10
Glenn Maynard
glenn at zewt.org
Tue Jan 4 16:15:50 PST 2011
On Tue, Jan 4, 2011 at 7:07 PM, Seth Brown <learc83 at gmail.com> wrote:
> I couldn't agree more that we should avoid turning this into vista's UAC.
>
> Maybe developers could make changes infrequent enough that users
> wouldn't be bothered very often? They could encapsulate the device
> access logic into one .js file that shouldn't be regularly changed.
Please don't restrict my ability to update my software with an
annoyingly-designed security system. Whether I believe that rapid
updates or slow, well-tested updates are a better model for my web
app, I shouldn't be forced into one or the other because of a security
model that annoys the user every time I change something.
And: it still doesn't help. Asking a user whether changes to a
Javascript file are okay is meaningless. Regular users don't know
Javascript; there's no way they can know whether to accept a change or
not. No general security model can be built around requiring the user
to understand the technical issues behind the security.
--
Glenn Maynard
More information about the whatwg
mailing list