On Thu, Dec 2, 2010 at 1:56 PM, Matthew Toseland <t...@amphibian.dyndns.org>wrote:
> And we need to consider exactly what we can say about opennet's security on > the first-time wizard. I have noticed a tendency to get a bit melodramatic about security concerns. Overstating risk is no more desirable than understating risk, and simply saying stuff like "OPENNET IS INSECURE!!! ALL YOUR BASE WILL BELONG TO THEM!!!" doesn't help anyone. Where security risks exist they should be described calmly, clearly, and without hyperbole or value judgements. For example, consider a situation where we tell someone that opennet is "insecure". So they go and use an open HTTP proxy, which is trivially easy to compromise, and they go to jail. Have we helped them? I think the challenge is to explain the risks accurately without: a) spooking people into using something far worse or b) boring them to death with paragraph after paragraph of techno-legalize disclaimers that they won't read anyway Ian. -- Ian Clarke CEO, SenseArray Email: i...@sensearray.com Ph: +1 512 422 3588
_______________________________________________ Devl mailing list Devl@freenetproject.org http://freenetproject.org/cgi-bin/mailman/listinfo/devl
