[conspire] Autodowload a Virus

Rick Moen rick at linuxmafia.com
Tue Jan 5 21:15:41 PST 2010

Quoting Don Marti (dmarti at zgp.org):

> There's also a UI design problem.  If a user clicks
> on a web link, you don't want something like:
>   Open "http://downloads.rat-bag.com/spyware/pwn.deb"
>   with "Nifty GUI Package Installer?"
> Then, if the user clicks "Yes" or "Install" or
> whatever...
>   Please enter your password to run "Nifty GUI Package
>   Installer" as root:
> The user actions required to install new software
> are getting too close to the actions required to
> open a file.  The more different they are, the more
> warning users get.

Now, that's a really, really good point.

Come to think of it, I'm not actually clear on what the user experience
looks like, in any recent Ubuntu release, when you fetch and then
double-click on a .deb file in GNOME's file-management thingie
(Nautilus?).  Maybe an Ubuntista would care to comment.  (Thanks!)

More information about the conspire mailing list