-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Dylan
Thanks for your suggestions, and sorry for the late reply. Dylan McCall wrote on 15/05/08 05:13: > > First off, kudos to those involed with the openssl fix. It was > swiftly produced and in the repos within record time. I had learned > about the problem earlier today and welcomed the updates quite > happily. (As well as their instructions. Those info popups are cool). > However, one question very quickly sprang to mind: Did usability > people look at this? >... > -I experienced not one, but three popups telling me about the update. I've been in touch with the Canonical developers involved in producing the update. Three packages were updated with notifications: openvpn, openssh-server, and ssl-cert. It was necessary to give each package a separate notification, because an Ubuntu installation might reasonably have only one or two of the three packages installed. For example, a server might have openssh-server and ssl-cert installed, but not openvpn. And a desktop machine might have ssl-cert installed, but might or might not have openvpn and/or openssh-server. >... > Still, I think it could be worthwhile to give a little heads-up about > this event before a rambo releases an update telling people to run > rm -rf ~/something as their own users (sure to get CLI paranoiacs up > in arms! :P). Is there a system in place for a rapid usability review > "queue" of some type? Could be interesting to ponder. Even if there was such a queue, it would need to be either private, or not used for security updates covering unannounced vulnerabilities. >... > I think Ubuntu's speedy updates on any day of the week are a great > strength, but so is usability. To be truly user-friendly, though, > that philosophy of usability must be present everywhere from the web > site to the security patches. It seems to me, though, that this > security update had very little time in which to get a proper look at > how it could be applied without disturbing users. Indeed, I fear that > it, with all the crazy popup messages and (repeated!) instructions, > may be unnecessarily disruptive. >... The update was produced under a time limit such that it might not have been practical to do a usability review, even if there had been a process for it. To put this in perspective, though, a usability review likely wouldn't have helped as many people as localizing the alerts would have. Cheers - -- Matthew Paul Thomas http://mpt.net.nz/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIPBjH6PUxNfU6ecoRAoCJAJwMPnOwFAC/XrRPZcPa+aPg7JJ/KgCgx+Ra W6+uoDrtYAZqZ4MwCirHwXU= =6n4g -----END PGP SIGNATURE----- -- ubuntu-desktop mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-desktop
