On Thu, Aug 14, 2008 at 7:14 PM, Matthew Toseland <[EMAIL PROTECTED]> wrote: > On Friday 15 August 2008 00:42, Ian Clarke wrote: >> What is the point in that? If they are intent on using Freenet, then >> forcing them to select an inappropriate option doesn't make them any >> more secure! The question isn't so much whether opennet is secure, >> the question is whether it is more secure than the next best option - >> which in many cases will probably be a HTTP proxy, which are trivial >> to monitor. > > The point is not to give them a false sense of security, and to make it clear > that their security is reduced if they do need opennet.
Both of these are about conveying information, not restricting behavior. Your goal seems to be to (futilely) restrict the user's behavior, not just to inform them. >> > The UI should make >> > it easy to upgrade or downgrade the threat level, enable opennet etc, but >> > should make it clear what the ramifications are. >> >> Yes, but forcing them to pretend that they have a lower threat level >> than they do is pointless. > > They have already made the decision to ignore the threat, by enabling opennet. > Having a paranoia level selector and THEN an opennet selector is utterly mad, > apart from being too much to explain to people from a usability perspective. > If they want security, they will need to use darknet. If they can't use > darknet, they have to sacrifice some security. The current version of the > page makes that reasonably clear: You cannot select the top options unless > you have at least 5 friends already using Freenet. Whether the user has the ability to use darknet isn't a user preference, its not they are likely to have control over - either they know 5 other Freenet users that they trust, or they don't. Other decisions are typically a performance/security trade-off, something the user can decide, but whether to run a darknet node is not. Because it isn't something the user has control over, there is little point in trying to persuade them to run a darknet node when they don't know any other trustworthy Freenet users. What we can do is inform them of the significantly increased risks if they can't run a darknet node. The reality is that most users won't be choosing between Freenet and nothing, they will be choosing between Freenet and something like a web proxy, and even opennet is preferable to that. Ian. -- Ian Clarke CEO, Uprizer Labs Email: [EMAIL PROTECTED] Cell: +1 512 422 3588 _______________________________________________ Devl mailing list Devl@freenetproject.org http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
