Thomas, you bring up an important point. This behaviour is nothing a user would expect, and something he usually has links to malicious software, so how to know that it is ok.
However, as I have mentioned before, I think it is even more dangerous the other way round. People are trained to trust up pop-up window, and trust it so much as to enter their password. It seems so easy to me to exploit this training by putting up a website which opens a pop-up which looks just like the update-manager, but which installs some malicious software instead. And since the user is used to pop-up windows asking for his/her password, he/she will give it right away. And this is a pitfall which will not only be a danger to newbies and non-geeks, but basically to everyone who does not use a pop-up blocker for whatever reason. All these persons will always have to close the pop-up window and then open update manager manually, in order to confirm that it really is the right application which they are giving their password to. IMHO this constitutes a huge security leak, but I haven't seen anybody else commenting on it, so maybe there is a safeguard that the two of us don't see? -- [Jaunty] Update Notifier icon would provide useful status information https://bugs.launchpad.net/bugs/332945 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
