[sldev] RE: Re: Re: Patch to Address Debit Permission Spoofing
Jason Giglio
gigstaggart at gmail.com
Fri May 25 15:38:37 PDT 2007
Elio Maggini wrote:
> wants to create a script to steal money they will find a way. Simple social
> engineering is the best tool and no combination of button flips or
> The only real way is to change debit_perm to refund types only. This, I
> think, would unfortunately kill any "shareware" type projects that operate
> on commission....like the ones I am working on :)
That is not necessary. A principle of UI design is if you have constant
pop-ups then people don't read them.
If refund didn't require the pop-up, and debit required a special
looking one, then people will indeed think twice before hitting it.
-Jason
More information about the SLDev
mailing list