Ian G wrote: [...] > As a fundamental tenet of security the developers, > designers and implementors do not know the user's > risk preferences, except under certain exceptions. > > For many users, > a little spyware is likely a good choice if it saves them > from being phished. Spyware clogs the machine and > might result in a barrage of advertising enticements, > but phishing steals money and significant amounts of > it. I guess everyone knows someone who's been ID > thieved at this stage? Ask them... > > As phishing spreads through the public consciousness, > anything that says "this will protect you from phishing" > will be attractive enough to overcome annoying issues > like spyware.
I get already too many emails telling me "this will earn you million dollars in a week", "this will let you make love all night without losing an erection", "get Microsoft and Symantec products at one-tenth the cost", even spams telling me "this will protect you from spam". If some spyware tells me "This will protect you from spyware", I'm not gonna believe it. Believe it yourself if you want, it's your funeral. > > So what is going to happen is that *users* will likely > judge Firefox as safer with the Netcraft toolbar than > without. > > If Mozilla's opinion is the reverse of user's judgement, > then you are staring at a schism - users care about > phishing and Mozilla doesn't. > > Is there foundation for this outrageous statement? Sure, > that's why I emphasised "60,000 downloads in hours." As P.T. Barnum said, there's a believer born every minute. > > And, both petname and trustbar were roundly rejected > by the Mozilla security community. Strike two. > > Make it three? > > iang Best regards, Tony. _______________________________________________ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security
