On 01/22/2014 05:16 AM, M.-A. Lemburg wrote: > On 22.01.2014 13:43, Jesse Noller wrote: >> >> Donald is perfectly right: today, it's trivial to MITM an application >> that relies off of the current behavior; this is bad news bears for >> users and developers as it means they need domain knowledge to secure >> their applications by default they may not have. > > I don't think you need much domain knowledge to insert > a single line of code into applications to enable the checks. I find myself on the "dumb user" side of this argument, and I think it is much like the str/unicode transition of 3.0 -- which is it say, there are many who didn't understand unicode until forced to by 3.0, and likewise there will be many who don't understand security until forced to by enabling this new feature. One big difference is it's possible to opt-out of this security feature (which is a good thing, considering all the ill-configured systems out there). -- ~Ethan~
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4