Florian Weimer wrote:
* Frank Hecker:
I thought this was an interesting blog post, with obvious implications
for the issue of warning dialogs in Firefox, Thunderbird, etc.
http://usablesecurity.com/2005/07/19/obedience-to-authority/
This is certainly a problem. The more significant issue (and I
believe it's been raised multiple times on this list) is that
all-too-common security warnings are not effective at all because
users tend to increase their productivity by blinding clicking away
warnings.
Even Emacs' yes-or-no-p quickly becomes equivalent to y-or-n-p, at
least in my experience.
Instead of the simple Yes/No warning dialogs, an application could
display something like:
In order to proceed with a potentially unsafe choice,
please enter the following random dictionary word
into an input area below:
CONTEMPLATE
+---------+
|_ |
+---------+
--
Lev Walkin
[EMAIL PROTECTED]
_______________________________________________
Mozilla-security mailing list
Mozilla-security@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-security