Re: firefox and bad ssl certificates
HggdH [2008-05-07 19:34 -0500]: On Thu, 2008-05-08 at 00:45 +0200, Martin Pitt wrote: This doesn't have anything to do with power users/n00bs. An invalid SSL certificate isn't any better or worse depending on the type of user. If a site sets up SSL with an invalid certificate, then this buys the user nothing but a false sense of security. Sorry. What *is* an invalid certificate? A certificate that does not carry the fully-qualified host name in its Common Name? It doesn't need to have the FQDN as far as I know. The domain name is sufficient, so that it matches for all hosts in that domain. I don't particularly mind if I am talking to banking.mybank.com or svr23.mybank.com. The domain name should really match, otherwise the certificate does not fit for the host name. However, I personally consider non-matching host names a much lesser evil than non-verifiable certificates. An invalid certificate is a certificate that is outside its timeframe (not valid before/after), or that does not verify against the root (all the way through the chain), or that is used outside its specified capabilities (but *this* one is oh so very tricky...), for example. Right, but also self-signed certificates (since they prove nothing). But not matching the FQHN does *NOT* make a certificate invalid. At all. Even more because there is no standard requiring it. Well, there is the common use, but it is common use also for most users to accept any certificate received on the wire. Common use does not cut it. Agreed, although it is very confusing. For large companies which do have several host names and have a lot of customers which interact with it (banks, major email providers, etc.) it shouldn't be a problem to get a properly signed certificate, and for small companies and private persons cacert is appropriate (much less strong authentication, but compared to today's practice it's much better.) 100% with you. But it all has to start with education, not just forcing a new feature down the user's throat. For most casual users, this education is -- from my own experience with casual and theoretically technical users -- not easy. And I do understand X509 friends. I don't consider it a new feature, but a better UI. Firefox has always complained about invalid certificates, but until version 2 it was just the well-known 'SSL yadayada cannot be verified mumblemumble click here to shut me up' popup dialog, and really everyone just clicked this away, right? Security click-through dialogs should be abolished, since they achieve nothing and are really just an excuse for the software provider: I know it is unsafe, and cannot give you something better. Of course you can't know either, but at least I can make it your problem now. Now you get at least a proper error message page. I don't doubt that the text can be improved, and make more concise/clear, etc., but the UI is much better IMHO. Martin -- Martin Pitt| http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) signature.asc Description: Digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Some fundamental usability issues
Il giorno gio, 08/05/2008 alle 02.24 +0100, chombee ha scritto: Using git is ridiculously difficult and technical by the standards of most normal users, but I see no reason why a versioning system could not be built in to the OS or the desktop environment and function completely without user interaction until the user wants to recover a previous version of something. And that can be made very simple and easy to do. Imagine it being virtually impossible to lose any of your work, ever. Isn't that a killer feature? Why hasn't this happened? It is technically feasible using fuse, and there have been attempts in the past (such as the wayback filesystem [1]). OSX does automatic backup and versioning, but I don't know how all these systems handle the main problem, which is: the file size will grow without bounds. We need a way to delete old revisions, a way to know when the file is large and versioning would kill the machine, in the latter case we need a way to warn the user and also, if we want to delete old revisions, we need a way to know how much space would be freed. Finally, if we want to delete some revision, it might be better to merge revisions e.g. keep all changes for the last week, plus weekly changes for the rest of one file's life. All these issues make a versioning filesystem a non-trivial thing to implement but not that difficult either, if you want to try :) [1] http://sourceforge.net/projects/wayback Vincenzo -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Some fundamental usability issues
Am 08.05.2008 um 11:38 schrieb Vincenzo Ciancia: OSX does automatic backup and versioning, The newest Mac OS X ships with an application which can be told to do backups. It's well integrated into the OS' appearance, though. Automatic backup, as provided with the OS distribution, requires an external or networked disk and has to be explicitely turned on. but I don't know how all these systems handle the main problem, which is: the file size will grow without bounds. AFAIK, Apple simply ignores this problem. You either have enough disk space, or ... well, I don't know what TimeMachine does in disk full conditions. Probably it simply stops doing it's work until you clean up manually. All you can do to avoid such cases is to switch to another backup system and/or exclude specific folders/directories. Markus - - - - - - - - - - - - - - - - - - - Dipl. Ing. Markus Hitter http://www.jump-ing.de/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Some fundamental usability issues
On Thu, May 8, 2008 at 2:00 PM, Markus Hitter [EMAIL PROTECTED] wrote: AFAIK, Apple simply ignores this problem. You either have enough disk space, or ... well, I don't know what TimeMachine does in disk full conditions. Probably it simply stops doing it's work until you clean up manually. Firstly: time machine uses directory hard links, so each backup only contains different files from the previous version, and the rest is all hard links. They have a file system events daemon, so they can calculate this easy. Secondly: it warns you about the backup disk being full, and removes the old ones. -- [] Alexandre Strube [EMAIL PROTECTED] -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Some fundamental usability issues
On Thu, May 8, 2008 at 5:38 PM, Vincenzo Ciancia [EMAIL PROTECTED] wrote: Il giorno gio, 08/05/2008 alle 02.24 +0100, chombee ha scritto: Using git is ridiculously difficult and technical by the standards of most normal users, but I see no reason why a versioning system could not be built in to the OS or the desktop environment and function completely without user interaction until the user wants to recover a previous version of something. And that can be made very simple and easy to do. Imagine it being virtually impossible to lose any of your work, ever. Isn't that a killer feature? Why hasn't this happened? It is technically feasible using fuse, and there have been attempts in the past (such as the wayback filesystem [1]). OSX does automatic backup and versioning, but I don't know how all these systems handle the main problem, which is: the file size will grow without bounds. We need If we define a users work as a user's typing, we could easily save this permanently. A user typing at 60wpm 24/7 generates less than 200MB a year. When a small, easily diffable, file appears in something like My Documents and is gradually expanded over a few days edited over If a small version-control friendly file appears on the users desktop I think it is reasonable to store it permanently. If we notice that a file has the same md5 sum or name as an already archived file, we could try just doing a diff. We could have an alert (like the update-manager one) suggesting to the user that they insert a blank CD/DVD once a month, and then get up to 4.4GiB a month to play with, which is probably more than enough to permanently store your average users documents and photos etc. I imagine Privacy would be a more serious issue than space. Backing up data considered especially important online is also an option although privacy issues would be too severe to do this by default IMHO. a way to delete old revisions, a way to know when the file is large and versioning would kill the machine, in the latter case we need a way to warn the user and also Possibly the alert could mention files that haven't been backed up recently, and why. -- John C. McCabe-Dansted PhD Student University of Western Australia -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Some fundamental usability issues
Am 08.05.2008 um 14:28 schrieb John McCabe-Dansted: [...] and then get up to 4.4GiB a month to play with, which is probably more than enough to permanently store your average users documents and photos etc. For me, I'm producing several hundred files each day, most of which are deleted after a few hours. Think about Emails from a mailing list, intermediate archives, video editing, more permanent caches of web pages, etc. At the end, the disk's free space remains about the same, but if you'd back up every intermediate step, volumes would fill up quickly. Markus - - - - - - - - - - - - - - - - - - - Dipl. Ing. Markus Hitter http://www.jump-ing.de/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
help
hi i am shashank from india ,, and ubuntu lover. i love this software..would you just try out to get latest yahoo messenger to work on ubuntu.and also Gtalk.and also try coping in wid the latest MS-office 2007 coz some of my applications aren,t workin in it.. also please provide a Graphical User Interface for configuring my DSL (pppoe) connection . it took a lot of time understandin how to do that coz in other linux versions its very easy.. we wud be highly obliged from shashank agarwal address- tulsi ashram, massoodabad, aligarh-202001, U.P., India tel no.-0091-9927293307 Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ-- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Some fundamental usability issues
Il giorno gio, 08/05/2008 alle 20.28 +0800, John McCabe-Dansted ha scritto: If we define a users work as a user's typing, we could easily save this permanently. Not quite :) What if I type in a video editor and save a changed 600mb .avi file? We should record input instead of changed data, but that's way out of scope for a versioning filesystem. Thinking of a prototype, I like the ease of use of bzr, do some of you know if it can host non-linear revision trees in a single directory, allowing to switch from one to another using tags? I tried git and it does it easily, but git does not seem to handle directories (e.g. adding an empty directory seems to have no effect). Vincenzo -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Some fundamental usability issues
On Thu, May 8, 2008 at 9:40 PM, Vincenzo Ciancia [EMAIL PROTECTED] wrote: Il giorno gio, 08/05/2008 alle 20.28 +0800, John McCabe-Dansted ha scritto: If we define a users work as a user's typing, we could easily save this permanently. Not quite :) What if I type in a video editor and save a changed 600mb .avi file? We should record input instead of changed data, but that's way out of scope for a versioning filesystem. I was thinking of explicitly mentioning keylogging. Keylogging is trivial, *much* easier than a versioning filesystem. Replay is the problem. For easily diffable files we can approximate the keylogging ideal in a versioning filesystem by guessing whether this file is essentially typing. Avi files are not easily diffable in this sense, although e.g. many vector graphics formats are. If versioning filesystems become popular, then it may become common to save information such as foo.avi = bilinear_rescale(bar.avi,0.5) along side foo.avi to aid in recovery (and monitoring, and scripting and ...). We could even add hooks to manage such information, but lets leave that for version 9.0 ;) In any case, the point I was trying to make is reasonable to limit the bandwidth entering the archive rather than the ultimate size of the archive. 50c a month for a DVD-ROM to backup onto is much less than any of the other computer related expenses I have. Additionally write-only media is much safer than an on disk backup, write-only media protects me from 'rm -rf', it protects me from harddisk failure and if I am sufficiently paranoid I can easily move the old DVD disks offsite. -- John C. McCabe-Dansted PhD Student University of Western Australia -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Extra hand-holding if `mount -a` fails
When important filesystems (like /usr and /home) fail to mount, Ubuntu currently tries to carry on regardless, leading to confusing higher-level errors. Ubuntu's /etc/fstab uses UUID=blah to make failed mounts less likely, but it also means that it's impossible to mount anything when udev fails to start. I think that when /etc/init.d/mountall notices `mount -a` return an error condition, it should provide a simple interface to manually mount drives, and warn the user to fix the problem once booting is successful. I've attached a (bash-specific, poorly commented and totally undebugged) shell script to give a rough idea of what I'd like to see. Does this seem plausible? - Andrew mount-failure-hand-holding.sh Description: application/shellscript -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
