At 14:01 19/12/2000 +0100, Peter Lairo wrote:
>[EMAIL PROTECTED] wrote:
>
>>At 11:12 19/12/2000 +0100, Peter Lairo wrote:
>>
>>>"Simon P. Lucy" wrote:
>>>
>>> > This is slightly better than just using a password in Mozilla, but
>>> suffers
>>> > the same drawback.
>>>My point EXACTLY (the SAME drawback). Actually Mozilla is worse, because
>>>in Win9x
>>>the user doesn't "see" the other's My Documents folder, whereas in
>>>Mozilla, you see
>>>the list of other users' profiles EVERY time you load Mozilla (Profile
>>>Manager)
>>
>>Well I wouldn't leap about too much, why is seeing the existence of other
>>profiles a Good or a Bad thing? Its also not clear to me that Users ==
>>Profiles I can see a variety of circumstances where an individual user
>>would want different profiles simultaneously.
>
>Remember, the isse is the "casual" user. These represent the VAST majority
>of users. Seeing others' profiles is an invitation to snoop.
Then I'm really confused. How is having a password which doesn't stop
access improve things then? And don't know that the vast majority of users
will share their machines with other people, somehow I doubt it.
>>I think you are clutching at straws.
>
>Well, I think you are being deliberately stubborn :-)
Nope, nohow, stubbornness is just natural.
>>> > I'd imagine that many people given the choice would want a more secure
>>> > operating system than 9x or Me, most people don't get the choice
>>> > though. Their operating system is bundled with their hardware, and
>>> if not
>>> > the home user is generally told that 9x is their ideal operating
>>> system and
>>> > that Win 2K etc is a corporate user's operating system. That this
>>> is now
>>> > generally false is a pity but there's not a lot can be done about that
>>> > until MS produce their unified OS, and even then they will have a
>>> smaller
>>> > Home User O/S still dependant on DOS, because their marketeers believe
>>> > anything else would be too difficult.
>>>Don't waver now. The fact remains that most people use Win9x! I buy my own
>>>components and assemble them. I still choose Win9x because it is A)
>>>much cheaper
>>>than WinNT, B) compatible with more software, C) easier to use/configure, D)
>>>supports games, etc etc
>>
>>But have you done any of those things in Win2K? If security is important
>>to you use an operating system that provides it, it it isn't either live
>>with the consequences or fix it generally. You can't expect an
>>application to fix file system security.
>
>Are you deliberately not responding to what I said. My first point (A) was
>price. Win2k is much more expensive. Also, the "level of security" is a
>main issue if my arguments, so I don't need (or want) to use Win2k.
Not at all, it isn't 'much more expensive' its around $100 more than from
98/Me, if security is important to someone then the perceived price
drops. If security isn't important then I don't understand why you
care. Since you obviously do care you must want something else and that
something else is I think your pet solution and no other.
>>>I'm sure most people make a conscious choice to use Win9x for those or
>>>similar
>>>reasons. This is the reality. Mozilla should accept it (and the resulting
>>>consequences) and implement password protected profiles.
>>
>>Oh bollocks :-) People make no choice at all for the most part in which
>>operating system they use. There's only one cross platform solution and
>>that is to optionally encrypt profile data including email. There will
>>be a performance penalty.
>>Adding passwords to profiles in Mozilla doesn't increase the security of
>>those profiles one iota unless those files themselves are secured by that
>>password.
>
>Again, yoour missing the point. Nobody ever mentioned anything about
>encrypting profile data, that would be nice, but not needed by the
>"casual" user. Also the prformance hit (encryption) should be optional (if
>implemented). I hope they do add optional encryption, because that
>increases the odds that I will be able to turn encryption OFF, while
>keeping profile password enabled ;-)
Lots of people have mentioned encrypting the profile files. As I don't
think you will get profile passwords implemented in anything its a moot
point as to whether you can enable them or not.
Simon
