top | item 24198020

(no title)

I think you are correct with your assessment of how most people use computers.

But I don't agree with your conclusion that they need to be protected. If I want to hammer in a nail and accidentally hit my finger that's not the hammer-manufacturer's fault or responsibility. So why should it be the email-client's fault/responsibility to make sure I don't send my private keys?

If people refuse to learn how to use a hammer they will keep hitting their fingers, if people are refuse to learn how to use their email-client they will keep sending their private keys to bad actors.

discuss

newsbinator|5 years ago

I didn't conclude that the email client needs to warn users about dangerous attachments- I mentioned that even if it did, users would ignore it.

But I do believe that UX needs to be designed according to the principle of least surprise, and those in the know (i.e. we/us), need to put in guardrails to keep people safe as they get on with their day.

If your hammer has 4,500 different everyday functions, 4,400 of them posing a danger to your fingers & bank account, but hammering nails is necessary for your job, for your kids' school stuff, and to interact with your government, then that's a closer analogy.

jenscow|5 years ago

But your hammer can't be manipulated by a random person anywhere in the world.

Software, especially an email client, is significantly more complex. Many people don't have the time, desire, nor ability, to learn how to use it safely - and the usage of it is generally forced upon them.

Let's make things safe by default.

sukilot|5 years ago

Do you put poison-tipped needles on the handle of your hammer, because you might want them, and it's possible to avoid them when you don't want to touch them?