[packagekit] This dialog sucks

James Westby jw+debian at jameswestby.net
Wed Apr 22 02:11:20 PDT 2009


On Wed, 2009-04-22 at 10:08 +0100, James Westby wrote:
> Third-party repositories may kill the idea, but just allowing the user
> to blindly click and carry on seems like it could be avoided. If the
> only reasons that a user would see this are someone trying to compromise
> their system, or some huge event that can be co-ordinated by the 
> repository owner, then we should be able to do better.

Though if someone was trying to spoof the repository I suppose there is
a fair chance they could also have a stab at spoofing the site the user
is directed to. If only PKI wasn't as weak.

Thanks,

James




More information about the PackageKit mailing list