I'm currently suffering from security and password burnout. I am deluged with sites requiring passwords. There is no set length or standard for the content of passwords i.e.. alphanumeric, alphanumeric plug control characters, X number of characters or Y number of characters. Like many users I am already security conscious and adding yet another nag about it is more likely to antagonize me and make me switch websites/browsers or what ever the product. So I like Steve's idea here since it is not intrusive and will answer others concerns about security. > I also think that rather than trying to solve all the problems at > once, the simplest solution here might also be sufficiently > effective. So why not just take this approach: > > - When starting a download, look for the MD5 file in the same > location as the original. It is typically the download filename plus > the .md5 extension. You could check for other extensions/formats too. > - If the checksum file is found, download it along with the main file. > - On completion of the download, verify the main file against the > checksum and warn the user if they don't match.
and remembering that encryption algorithms and check sums etc... are a mystery to many users and not easy to keep a handle on even for experts.. .since every few months someone finds a new hole or bug in one system or another. > - If no checksum is found, warn the user that no checksum exists but > still download the file. > - Provide an option in Preferences to disable the warning for folks > who don't really care. Enable it by default but provide a "Don't show > me this again..." option on the warning. Yes! Yes! leave me alone and let me do my work/browsing in peace! I did try leaving the SSL warnings on.. even a few of them and ended up cursing the poor computer. So I turned them off again... that doesn't mean i'm not aware when I'm on a secure page.. if yahoo doesn't present me with a secure login, I click the secure tab.. lots of us do. david -- "Music is enough for one's life time, but one life time is not enough for music" Sergei Rachmaninov _______________________________________________ Camino mailing list [email protected] http://mozdev.org/mailman/listinfo/camino
