Jean-Marc Desperrier wrote, On 2008-10-20 01:50: > As has *already* been reported on this group, *many*, *many*, *many* > users did not fill a bug report until now and switched browser instead.
OK. So, many users who have been MITM attacked chose to defeat their protections, and switch to a product with less security. Shall I weep? They choose to make themselves vulnerable to their attackers. Shall I regret that they were less vulnerable with my product? They switch products, and they suffer consequences. Does that mean that we should strive to ensure that they suffer those consequences with our product also? If I were a maker of locks, or a bank executive, and people began to reveal that they switched from my locks/vaults to the competition, and then were robbed blind, would I be incented to lessen my security? Should I say "Oh, come back to my bank! We've made it easier for robbers here, too!" ?? > You have found the very single user knowledgeable enough to fill a bug > report instead of switching browser. The mozilla community absolutly > *needs* to understand this is *not* the standard behaviour until now. > The standard behaviour of users has always been to switch browser and > not report anything. Yes, and apparently, you think we should change Firefox so that not even this user would detect or report her attack. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto