[spoondan]

There’s an important point to be made here about the gap between theoretical and practical security. Overly elaborate password policies (excessive complexity demands, passwords expiring, no reusing last five passwords) end up causing annoyed users to make bad decisions that compromise password security.

Similarly, an excess of popups doesn’t increase security. It annoys users to the point they stop thinking about individual security decisions.

There’s an important intersection of security research and HCI that doesn’t get discussed as much as it needs to be.

[SkyMarshal]

>Overly elaborate password policies (excessive complexity demands, passwords expiring, no reusing last five passwords) end up causing annoyed users to make bad decisions that compromise password security.

Similarly, an excess of popups doesn’t increase security. It annoys users to the point they stop thinking about individual security decisions.

It's particularly annoying b/c there's a subset of craftsmen developers who pay close attention to this problem, who realize these cures are worse than the disease, and who reverted years ago to not using these flawed security patterns. Many here on HN, for example.

And then there are Apple engineers who seem to be so far behind the curve that they're just now discovering and implementing patterns that others not only discovered and tested years ago, but discarded years ago.

It's like corporate 9-to-5'ers with no pride of craftsmanship or motivation to stay current with their field made these decisions. Either that or clueless management ordered it, which in any other company besides Apple would be my first guess.

[hhas01]

“And then there are Apple engineers who seem to be so far behind the curve that they're just now discovering and implementing patterns that others not only discovered and tested years ago, but discarded years ago.”

QFT. Because there are not enough upvotes in all the world.

[DelightOne]

What is the alternative to popups here?

[htfu]

Isn't this something (likely even more) granularity ought to counteract something fierce?

The annoyance is still there/potentially larger, but it's easier to make an informed decision about something specific, rather than the usual "enter your admin password to allow... potentially anything, probably persistently. Or don't, then no app for you." binary which seems easier to just blindly go along with, since auditing is the only way to find out what exactly the privileges are for.

The question is rather where sheer request volume overwhelms gains from actually knowing what's being asked for, but better tools letting user set a base comfort level as far as common requests like disk access etc should help with that.

I am however struggling to articulate my opinion in a way that doesn't boil down to essentially "the issue with the dreaded Vista popup was that there weren't ten different varieties!", heh. Nah, just comes down to asking once vs. every time.