A principle I follow in software design is to eschew unenforceable features: features that require the cooperation of an entity which the feature aims to disempower.
- HSTS's "no user recourse" policy - besides being insulting and causing practical harm to me and others, turning one application against them cannnot stop a user from downloading the page, only make it inconvenient.
Stop trying to take the user's choice
- Gmail's "confidential" mode. There is no way to actually stop the viewer from doing any of the things this supposedly prevents. (DRM in general is like this, though they manage to make it extremely inconvenient.)
Google's support article
- Zoom's "this meeting is being recorded" warning that I see when using it for my job. Surely, many users would be interested in knowing if they're being recorded. But the mere fact that you're on a video call means the other person might be recording it, whether through Zoom's recording feature or not. All this warning does is provide a false sense of privacy when you don't see it.
If your security relies on unenforceable features, your security is broken.
subscribe via RSS