On Aug 6, 2013, at 1:02 PM, Richard Newman <[email protected]> wrote:
> Yup.
>
> I actually quite understand the Chrome guy's point, because it's just what
> we've seen with MP: some users turn it on because they want to protected, and
> suffer through the poor usability, oblivious to the fact that it's weaker
> than they expect[1]. Jake Maul is one of those people. And we shouldn't give
> a false impression of protection!
>
> Lots more interesting discussion in one of the internal Yammer threads on
> MP[2].
>
> My original message in this thread summarized one of the interesting
> pushbacks I've heard, which is basically "when I let my kids use the phone, I
> want to be able to lock up my passwords". Guest mode does address much of
> that, but perhaps we're missing other uses of the filing-cabinet metaphor?
>
Kids are an entirely different threat model [1].
It's frustrating when people assume that passwords are the
end-all-be-all-most-sensitive user data. For others, it may be history,
bookmarks, or open tabs. I'm not just thinking porn here. Any exposure of a
contextual identity [2] is potentially embarrassing or damaging to a user.
IMO the best solution is a broad one that protects all the user's data. This
implies user profiles, either at the browser or OS level. There may be other
solutions as well.
-chris
[1] http://research.microsoft.com/apps/pubs/default.aspx?id=194484
[2]http://www.w2spconf.com/2013/papers/s1p2.pdf
_______________________________________________
Sync-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/sync-dev
