[kde-linux] Am I Alone?

Wed Sep 30 14:42:45 UTC 2009

On Wednesday 30 September 2009 13:47:32 Duncan wrote:
> Anne Wilson posted on Wed, 30 Sep 2009 10:23:55 +0100 as excerpted:
> > I think your comments are are from objective.  Can you imagine just how
> > many possible combinations of things there are, for a customised
> > desktop?  Of course not every possibility will have been checked.  The
> > most common ones work.  If you have a less common need and it doesn't
> > work, then you need to file a bug report.  If no-one draws attention to
> > the problem there's no way the devs can know about it.
> 
> Excuse me, I know I sound a bit like a Johnny One Note to you, but you
> hit a raw nerve, here.  Of course, this is all IMO, and all that, but...
> 
> The most common ones work... if others don't, please file a bug report.
> OK, fine.  I've not a problem with that.  I've not a problem with however
> long it takes to "get it right", either.  What I've a problem with is
> people saying it's ready for normal everyday use, when even such basics
> as proper HTTPS support aren't there, the bugs filed, voted WAY up into
> the the top-10, etc.  

I've seen no such problem, so I can't comment.

> They KNOW.  True, the basic mechanisms work well
> enough to sort of get by... if one's lucky enough to have their system
> certs setup correctly, etc... and no MitM attack is underway.
> 
> The other day, some place I was going to popped up some warning about the
> cert, so I clicked the details button to see what was going on.  The
> dialog disappeared... and nothing came up!  No details, no explanation,
> no crash dialog, no NOTHING!!  

Which browser, which version, and which kde version?  Whenever I've seen 
certificate warnings they have followed through with details and I have been 
able to continue or abort, as I choose.

> Well, except the systray notifier went 0/1
> and had its little animation going... and going... and going... and
> going...
> 
I assume your default browser is firefox?   It sounds more like a browser 
issue to me.  Not that I claim to be expert here, but I have seen other 
reports of firefox having problems with certificates.  Since I didn't follow 
them through, I can't say whether it is a problem of firefox, the certificate 
issuing body, or the web sites in question.  What I don't see is how you can 
blame KDE for that.

If indeed you were using konqueror, did you check what happens when you use 
firefox?

> But the **MOST** worrying thing about it was this.  Thinking something
> had crashed or something, I tried the same URL again (it was an https bug
> link in a mail or some such, so I could).  *THE* *THING* *WENT* *THRU*
> *WITH* *NO* *WARNING*!!!  (Yes, I AM YELLING!  This is seriously screwed
> up!)
> 
> OK, so maybe it was a temporary issue, and the problem went away.  I
> forgot about it... until I had reason to reference the same page again,
> and tried again, now probably an hour or two later.  SAME BEHAVIOR.  An
> initial warning, click details to see what's up, everything disappears
> except the little spinning notifier thing now says 0/2... (That's
> actually when I really noticed it... and noticed it hadn't cleared the
> first one, even some hours later.)  Click the link again, to see if I can
> get the dialog to actually work this time...  IT GOES THRU WITHOUT A
> WARNING AGAIN!!!
> 
> What bothers ME about this is that while this time that was just a bug
> URL, it COULD have been someone's BANK, they MIGHT have been connecting
> thru to using WIFI, and if they weren't CAREFUL, they MIGHT have been hit
> with a MitM attack!  Checking details simply disappears the dialog, a
> second try goes thru as if nothing's wrong...
> 
What would bother me is that you appear to be thrashing around, doing the same 
things over and over again without attempting to find out what the problem is.

> They KNOW about it.  The BUG IS THERE.  It IS being worked on.  Fine.
> 
> What's NOT fine is them saying everything is hunky dory, it's all ready
> for "normal" use!
> 
> WE'RE TALKING POTENTIALLY SOMEONE'S BANK CONNECTION HERE!!
> 
> Come ON!  Ready for normal use!  In what person's pipe dream!?  Maybe
> these guys don't do online banking.  Maybe they do, but they don't
> consider it normal.  

I do on-line banking all the time.  I have no problems whatsoever with it.  
Many other people also use it regularly.  How can you say that our experience 
is abnormal?

> Maybe they have so much money losing the contents of
> a single bank account or two is like handing the bum on the street their
> pocket change.  Maybe they don't have any money at all and don't care.
> 
> All *I* know is that *I* don't consider that acceptable, at least not for
> something being marketed as ready for ordinary people to use.  That's
> seriously ****ed up, no matter /how/ you try to finesse the PR.
> 
> As I said, the bug's filed.  As I said, the bug's voted WAY up.  

So you keep saying, but you still haven't told us which bug number to read.

> They
> KNOW.  Yet they STILL continue to promote kde4 as perfectly acceptable
> for ordinary use.  Something's seriously wrong with this picture.  That's
> all I'm saying... and yes, I may sound like a Johnny One Note, but
> they're still saying it's acceptable for ordinary use, and I'm still
> saying it's not, and will continue to say that, until the facts
> appropriately match the claims.
> 
> BTW, a day later, the systray notifier still said 0/2... and would most
> likely STILL say that, if I hadn't rebooted.
> 
> > I'm not in agreement with the statements in your second paragraph
> > either.  I know it's still far from perfect, but even in KDE 3.5 some
> > things worked better than others.  The only sensible way is to try out
> > the possibilities and see which ones work for you.  I've seen features
> > that others rave about, but when tried I found that I didn't actually
> > like them.  Desktop settings are a very personal need.  What suits you
> > won't suit me, and vice versa.  File bugs reports for the things that
> > are important to you, and live with the less important stuff ;-)
> 
> All that's fine.  But when KDE 3.5 appears to be being abandoned, before
> 4.x works equivalently well... after Aaron Segio, president of KDE-
> whatever at the time so in a position to speak for the project if anyone
> is, so publicly stated that there'd be KDE 3.5 support as long as there
> were users...  And when the PR is making statements about KDE 4 usability
> that if anyone actually relies on, could cost them their bank account...
> 
> <shrug>  What can one say?
> 
You can quote exactly what has been said over and over again.  There will be 
support, in terms of security, for as long as necessary.  There will not be 
development.  There simply is not the manpower, even if there were the will to 
do so.

It would be more helpful to see less rant and more fact.  What exactly did you 
discover about what was happening on your system?

Anne
-- 
New to KDE4? - get help from http://userbase.kde.org
Just found a cool new feature?  Add it to UserBase
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-linux/attachments/20090930/4960b2bf/attachment.sig>