That is the reason while the pop-up/under/what ever is a BAD idea. And the reason is that it is asynchronous, so the user is getting taught to respond to (possibly fake) windows request their password. This is a path for disaster if we ever get remotely close to solving Bug n. 1.
And, answering to Mark, yes it is much more difficult to fake an icon in the system panel because the system panel. The reason is that we are assuming that the system haven't been compromised yet, so there isn't any malware running on the system. What Jim, and I, and others, were talking about was websites spoofing the update-manager using the browser and technologies like flash. In this case it is not trivial to present a icon in the panel as there are only two possibilities for it: 1) The panel is visible and outside the browsers' windows borders. In this case the pop-up coming from the internet would need to ask the browser to open a new window and position that window on the right place to look like the update icon. Note that in this case the browser would need a new window and, if I remember correctly, new windows are always created with the windows decorations around it. Then the fake icon (with window borders around it) would be easily recognizable. 2) The panel is hidden behind the browser window (which must be in full screen mode). In this case the notification icon can not appear in the right place because the browser toolbar is on top (and there is no panel there). I do believe that the system should only notify the user about updates. If the updates are security updates the system could be a pain (showing a notification bubble every 5 minutes if the user did not apply the security updates for some days). But the user should always be the one to call the update-manager window and hence trust it to give his password. Then we could go back to common sense: if you haven't started a workflow where you know that you password will be required don't give your password! Paulo On Sun, Apr 25, 2010 at 7:46 AM, Conscious User <consciousu...@aol.com> wrote: > >> Disagree. Because update-manager does not require gksudo, there is no >> screen dimming or anything else that indicates in an obvious manner >> that it is an actual update window and not a popup coming from the >> browser. >> >> (I'm not talking about popup in the browser window sense, I'm talking >> about popups in the z-index sense, they can work because it is >> very common for the user to use the browser fullscreen) >> >> Thinking better, *even* with screen dimming the user can be tricked: >> all it needs is from him to have a dark theme (so the non-dimming >> of the browser toolbar and the panel would be less noticeable) > > To illustrate my point, go to this site: > > http://www.huddletogether.com/projects/lightbox2/ > > and click on an image. > > This pretty much convinces me that faking the update window is trivial. > > > > _______________________________________________ > Mailing list: https://launchpad.net/~ayatana > Post to : ayatana@lists.launchpad.net > Unsubscribe : https://launchpad.net/~ayatana > More help : https://help.launchpad.net/ListHelp > -- Paulo José da Silva e Silva Professor Associado, Dep. de Ciência da Computação (Associate Professor, Computer Science Dept.) Universidade de São Paulo - Brazil e-mail: pjssi...@ime.usp.br Web: http://www.ime.usp.br/~pjssilva _______________________________________________ Mailing list: https://launchpad.net/~ayatana Post to : ayatana@lists.launchpad.net Unsubscribe : https://launchpad.net/~ayatana More help : https://help.launchpad.net/ListHelp