Re: AW: 9/11 virus

[Ralf <ralfml () alfray com>]

l8km7gr02 () sneakemail com wrote:
> As to your suggestion that the implicit behaviour of a doubleclick is a
> problem, I think you're a bit off the mark.  Users know that a
> doubleclick will 'Open' whatever they click on, there's no ambiguity
> there.  The confusion only occurs when the user doesn't exactly know
> what it is they're doubleclicking on.

Hmmm, a UI poping up stating that the user is going to execute something 
and this may have a security impact (such as Eudora 5 does) is still a 
good idea. Security through fear? Surely not a positive marketing value.

Typical behavior last time I removed a trojan from someone's computer:
- Did you do anything?
- No, I just read that weird email but I didn't do anything.
- Really nothing at all?
- Well I double-clicked that .scr but nothing happen, so no I didn't do 
anything.

To go on with car references, there's a good reason for that bright red 
sticker stating you should not place your child in front of the airbag. 
It probably took a lot of legal fighting to get it there in the first 
place but as software vendors are not reliable for their actions...


> users must be able to differentiate between executables and documents.

That requires energy and willingness to learn.


> To that end, however, user
> interfaces must be clear and explicit when it comes to helping the user
> differentiate the two.

Wouldn't it be possible to create an OE addon that just does this the 
correct way?
Isn't "helping" the user "forcing" him actually? I.e. implicitely 
admitting s/he can't make the right decision in the first place?

R/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html