Java-Gaming.org    
Featured games (81)
games approved by the League of Dukes
Games in Showcase (499)
Games in Android Showcase (118)
games submitted by our members
Games in WIP (568)
games currently in development
News: Read the Java Gaming Resources, or peek at the official Java tutorials
 
    Home     Help   Search   Login   Register   
Pages: [1] 2 3
  ignore  |  Print  
  feedback requested: security warning text  (Read 10842 times)
0 Members and 1 Guest are viewing this topic.
Offline trembovetski

Senior Member




If only I knew what I'm talking about!


« Posted 2009-04-17 18:23:46 »

Hello there,

I know this is a hot topic, but we'd like to request some feedback about possible improvements for the text (and appearance) for the Applet Warning text which is shown for untrusted applets.

This is the text that is shown when you click or hover over the security icon in 6u10+ .

Currently it displays a very helpful to an average user "Java Applet Window".

We're considering something along this lines: you move the mouse over the warning icon, a tooltip pops up with something like this:
***********************************************************************
Be cautious what you type and click: the window was created by untrusted application.
Application address: <url>
Click the icon for more information.
***********************************************************************

Clicking the link redirects the user to a page expanding this info.

I understand that most of you would want the warning to go away completely. Not going to happen for a while, but we have a chance to improve what we have.

Dmitri
Offline Riven
« League of Dukes »

JGO Overlord


Medals: 803
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #1 - Posted 2009-04-17 19:21:40 »

What does the browser show you when something 'dangerous' is about to happen?
 -> a yellow bar with a oneline message, it has a context-menu, and a [ x ] button to get rid of it.

IF you REALLY want to be more informative than "Java Applet Window" (and I'd say: please don't!!), THEN a yellow bar, that behaves exactly as in the browser, might be least intrusive.



IMHO the current situation (yellow triangle) is better than your "...be cautious..." proposal, and better than my 'yellow bar', but being very specific about how dangerous applet windows are, is a sure way to scare away your clients.

Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Offline brackeen

Junior Member





« Reply #2 - Posted 2009-04-17 19:29:17 »

The message should concisely describe exactly what untrusted applets can do that a normal application cannot.

What can a sandboxed (untrusted) applet do that an AJAX application cannot? If the answer is "nothing", then the message should say nothing. Otherwise, it should say what the untrusted applet can do.

"Be cautious what you type and click" is not specific, and probably scares people for no reason.

If it has to be a warning, and it's just as safe as an AJAX app, then perhaps the tooltip should simply say "Java Applet Window" or "Java Applet Window [more info]"
Games published by our own members! Check 'em out!
Legends of Yore - The Casual Retro Roguelike
Offline trembovetski

Senior Member




If only I knew what I'm talking about!


« Reply #3 - Posted 2009-04-17 21:06:29 »

What does the browser show you when something 'dangerous' is about to happen?
 -> a yellow bar with a oneline message, it has a context-menu, and a [ x ] button to get rid of it.

IF you REALLY want to be more informative than "Java Applet Window" (and I'd say: please don't!!), THEN a yellow bar, that behaves exactly as in the browser, might be least intrusive.



IMHO the current situation (yellow triangle) is better than your "...be cautious..." proposal, and better than my 'yellow bar', but being very specific about how dangerous applet windows are, is a sure way to scare away your clients.

Thanks for the feedback. Well, people complained that yellow triangle doesn't give enough information. So the idea is to leave it there, but give more info when you click or hover over it- basically an explanation.

Dmitri
Offline Riven
« League of Dukes »

JGO Overlord


Medals: 803
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #4 - Posted 2009-04-17 22:14:37 »

Maye it would be better if it wouldn't be an 'alert icon' but a 'java cup' ?

Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Offline brackeen

Junior Member





« Reply #5 - Posted 2009-04-17 22:24:48 »

I still don't understand what the warning is for. There's got to be a reason for keeping it, right?
Offline trembovetski

Senior Member




If only I knew what I'm talking about!


« Reply #6 - Posted 2009-04-17 22:32:57 »

I still don't understand what the warning is for. There's got to be a reason for keeping it, right?

Java applets can create [un]decorated toplevel windows, which can look to the user like some system dialog, and request password/etc.
So this is to prevent spoofing - the user should know that his input goes into an untrusted application.
Offline Riven
« League of Dukes »

JGO Overlord


Medals: 803
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #7 - Posted 2009-04-17 22:35:59 »

Why not limit the bounds of the window?

I mean, when the window can only have a certain size, it would be just as 'dangerous' as Flash, which could just display the graphics of a window, and ask for your password / creditcard.

Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Offline brackeen

Junior Member





« Reply #8 - Posted 2009-04-17 22:47:36 »

Ok, well, ignoring for the moment that spoofs can be made with HTML, or an untrusted applet could be scaled to 100% of the window size and a warning wouldn't show. And ignoring that modern browsers have phishing filters.

Perhaps it should say something along the lines of "This isn't a web page - it's a Java applet. Don't enter passwords, credit card numbers, or other personal data. [more info]" Where [more info] would be a link, if needed. I'm basically paraphrasing from definitions of phishing.
Offline trembovetski

Senior Member




If only I knew what I'm talking about!


« Reply #9 - Posted 2009-04-17 23:41:57 »

Ok, well, ignoring for the moment that spoofs can be made with HTML,

I don't think you can do that with HTML. You can't show an undecorated window that way, or a window that fills whole screen.

Quote
or an untrusted applet could be scaled to 100% of the window size and a warning wouldn't show.

Really? Show me an applet that can do that =) Barring bugs this applets can't hide security warning (banner/icon).

Quote
And ignoring that modern browsers have phishing filters.

I don't think browser's filters will catch this kind of phishing - you're mixing the concepts.

Quote
Perhaps it should say something along the lines of "This isn't a web page - it's a Java applet. Don't enter passwords, credit card numbers, or other personal data. [more info]" Where [more info] would be a link, if needed. I'm basically paraphrasing from definitions of phishing.

I think that'd be scarier than what we suggested, no? We're trying to make it less scarier.

Dmitri
Games published by our own members! Check 'em out!
Legends of Yore - The Casual Retro Roguelike
Offline trembovetski

Senior Member




If only I knew what I'm talking about!


« Reply #10 - Posted 2009-04-17 23:55:31 »

Why not limit the bounds of the window?

I mean, when the window can only have a certain size, it would be just as 'dangerous' as Flash, which could just display the graphics of a window, and ask for your password / creditcard.

Not sure what you mean. Flash can't open _native_ top level windows AFAIK. All it can do is ask browser to open a new window, and I don't think it can be undecorated either, at least no according to this:
 http://www.webdesign.org/web/web-programming/javascript/opening-a-new-window.7705.html

Don't you think limiting the window size will be even more limiting to the user and developer?

Dmitri
Offline Riven
« League of Dukes »

JGO Overlord


Medals: 803
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #11 - Posted 2009-04-18 00:00:21 »

Flash can go fullscreen, try it in YouTube, right next to volume control.

however, keyboard input is deactivated, for security reasons...


That is how Adobe handled it, why not go for the same strategy?

1. undecorated? -> no key input
2. window fills more than x% of the screen? -> no key input + subtle warning, just like Flash

Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Offline bienator

Senior Member




OutOfCoffeeException


« Reply #12 - Posted 2009-04-18 00:20:54 »

***********************************************************************
Be cautious what you type and click: the window was created by untrusted application.
Application address: <url>
Click the icon for more information.
***********************************************************************
The window was created by an untrusted application.
Click the icon for more information.

I wouldn't put to much text into the tooltip since there is a "click for more info" option planed. Reduce it to a minimum and elaborate elsewhere (just IMHO)

Offline Riven
« League of Dukes »

JGO Overlord


Medals: 803
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #13 - Posted 2009-04-18 00:24:21 »

Darn it...  Angry

technical people often underestimate what endusers think when they read 'beware' / 'caution' / 'untrusted'.

If in doubt, do it like Flash... seriously.


Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Offline trembovetski

Senior Member




If only I knew what I'm talking about!


« Reply #14 - Posted 2009-04-18 01:09:43 »

Flash can go fullscreen, try it in YouTube, right next to volume control.

however, keyboard input is deactivated, for security reasons...

That is how Adobe handled it, why not go for the same strategy?

Both Flash and Siverlight have similar restrictions regarding full screen mode (keyboard input is limited, esc exits FS unconditionally, you can only enter FS in response to user input - mouse clicked/key pressed).

We're doing something similar for JavaFX - an untrusted FX application will be able to show FS window w/o warning icon (JavaFX runtime itself is a trusted application, which is why it can do this, but very very carefully), but with exact restrictions like Flash 10 and Silverlight have.

Perhaps this could be implemented in the jdk as well.

Quote

1. undecorated? -> no key input
2. window fills more than x% of the screen? -> no key input + subtle warning, just like Flash

That's what we're trying to do here, a subtle warning, no? You still get all the functionality, except for this little icon.

Also, this would break backwards compatibility, obviously.

We could probably introduce some sort of jar or applet property or something that will say "hey, I agree to all those restrictions, just don't show the security icon".
That way only applications which expect to work with these restrictions will be

Dmitri
Offline trembovetski

Senior Member




If only I knew what I'm talking about!


« Reply #15 - Posted 2009-04-18 01:11:03 »

The window was created by an untrusted application.
Click the icon for more information.

I wouldn't put to much text into the tooltip since there is a "click for more info" option planed. Reduce it to a minimum and elaborate elsewhere (just IMHO)

I agree,  your wording sounds better. I think we had of that as well, but for some reason it been expanded.
Offline trembovetski

Senior Member




If only I knew what I'm talking about!


« Reply #16 - Posted 2009-04-18 01:14:50 »

I just want to make sure everybody understand that I do appreciate everybody's input, and it will be considered.
Offline brackeen

Junior Member





« Reply #17 - Posted 2009-04-18 01:16:20 »

I don't think you can do that with HTML. You can't show an undecorated window that way, or a window that fills whole screen.
I was thinking of sites that spoof another sites login form. Really easy to do, especially since Google Account login is on a lot f different sites.
Really? Show me an applet that can do that =) Barring bugs this applets can't hide security warning (banner/icon).
Here is an applet taking up 100% of the window content. Tested in FireFox. It doesn't show a warning. There are other JS tricks besides this one.
http://www.brackeen.com/appletwindow/
I don't think browser's filters will catch this kind of phishing - you're mixing the concepts.
Maybe they don't. I don't have any examples where a page with a Java applet is marked as malware. But maybe that's where it should happen, since browsers warn against malware, phishing, etc.
I think that'd be scarier than what we suggested, no? We're trying to make it less scarier.
If the goal is to make it less scary that what is implemented in 6u10, don't show any warning icon. If the problem is undecorated windows, only show the icon on undecorated windows.
Offline trembovetski

Senior Member




If only I knew what I'm talking about!


« Reply #18 - Posted 2009-04-18 01:28:53 »

Darn it...  Angry

technical people often underestimate what endusers think when they read 'beware' / 'caution' / 'untrusted'.

If in doubt, do it like Flash... seriously.



We can't follow Flash everywhere when it is related to security. Flash just can't do lots of stuff that Java platform (even untrusted applets) can.
Offline trembovetski

Senior Member




If only I knew what I'm talking about!


« Reply #19 - Posted 2009-04-18 01:34:00 »

I was thinking of sites that spoof another sites login form. Really easy to do, especially since Google Account login is on a lot f different sites.Here is an applet taking up 100% of the window content.
Tested in FireFox. It doesn't show a warning. There are other JS tricks besides this one.

  You misunderstood me (or I misunderstood you). The Warning icon is only shown for Java top level windows.

  Try creating a JFrame  - _not_ a browser window - from that app, and you'll see a warning sign.

  The window you shown can not be mistaken for a native login password, it has all attributes of a browser window (a url bar with the url, internet exporer icon, and status bar)

Quote
http://www.brackeen.com/appletwindow/Maybe they don't. I don't have any examples where a page with a Java applet is marked as malware. But maybe that's where it should happen, since browsers warn against malware, phishing, etc.If the goal is to make it less scary that what is implemented in 6u10, don't show any warning icon. If the problem is undecorated windows, only show the icon on undecorated windows.

The problem is not only undecorated windows, ANY windows. It is possible to create a complete replica of any native window in Java.

Dmitri
Offline brackeen

Junior Member





« Reply #20 - Posted 2009-04-18 01:57:10 »

Gotcha. Yeah I can see how it can mimic OS windows while a browser couldn't.
In that case, after thinking about it some more, I'd say go with Riven's idea of a coffee cup, and the as short a text as possible in the tooltip. Maybe just "Untrusted window [more info]".

I say use the coffee cup icon because JS alert dialogs show the browser's icon instead of a warning icon.

Offline Alric

Junior Member


Projects: 1



« Reply #21 - Posted 2009-04-18 03:16:07 »

I'd much rather it said what it is than what it isn't.
Untrusted is computer speak.. you haven't taken the action of trusting this. To most people trust isn't an action you take, and untrusted might just as well say distrusted, which might as well say panic, close now and run a virus scan.

If it could just make it clear that you are looking at an applet window from site <url>, with a link to info about what an applet can do, that would seem to do the same job in a more positive way.

Offline SimonH
« Reply #22 - Posted 2009-04-18 03:44:28 »

I hate the triangle but I see the need for it.
The best alternative I can suggest is a humourous duke animation on the title bar, (& no non-title bar dialogs - any good reasons why an unsigned applet would ever need one?) The animation should be enough to show the user that this is not a serious system dialog but is also not scary to users of safe apps.

People make games and games make people
Offline zammbi

JGO Coder


Medals: 4



« Reply #23 - Posted 2009-04-18 04:43:19 »

I'm glad this problem is getting looked into.
I agree with the full screen behaving like Silverlight when in sandbox, which silverlight removes most key access and leave exc ,arrows,spacebar, alt, etc...
Any security messages that popup should explain what the program is asking for access.

I don't know if this is possible atm in Java but can unsign apps access something outside the sandbox but ask for a security window? And the coder has a option to do next if the user clicks no?

Current project - Rename and Sort
Offline CommanderKeith
« Reply #24 - Posted 2009-04-18 06:40:05 »

I agree with Riven that the current situation is better than the proposed changes. The triangle with an exclamation mark and the 'Java Applet Window' tooltip is fine. Maybe the only change that is necessary is to turn the 'Java Applet Window' tooltip into a hyper-link that brings up a page telling you exactly what Java Applets can do.

I don't think displaying 'untrusted' is a great idea. Having similar restrictions as flash and silverlight when the window is big is good since the exclamation mark is too small.

Thanks a lot for asking us about this Dmitri.

Offline princec

JGO Kernel


Medals: 391
Projects: 3
Exp: 16 years


Eh? Who? What? ... Me?


« Reply #25 - Posted 2009-04-18 21:11:39 »

I think the current situation, for untrusted applets, is fine. That little yellow triangle shows the user there's something up and that's good. The real problem is what to do about trusted applets - or at the least, signed applets.

Cas Smiley

Offline Riven
« League of Dukes »

JGO Overlord


Medals: 803
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #26 - Posted 2009-04-18 21:44:57 »

There simply is no way to get this safe. I made this lame applet for you to enjoy:

http://www.indiespot.net/files/vista_login_applet.html

Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Offline bienator

Senior Member




OutOfCoffeeException


« Reply #27 - Posted 2009-04-18 22:54:03 »

There simply is no way to get this safe. I made this lame applet for you to enjoy:

http://www.indiespot.net/files/vista_login_applet.html
Huh i see the warning icon on XP.

But maybe we should think about an option to close a undecorated && untrusted applet by clicking on the warning sign Wink (or something similar)

[edit] added screenshot

Offline oNyx

JGO Coder


Medals: 2


pixels! :x


« Reply #28 - Posted 2009-04-18 22:59:07 »

http://www.abload.de/img/fakelogin13b2p.jpg
http://www.abload.de/img/fakelogin2uawd.jpg

Not really convincing, is it? Smiley

弾幕 ☆ @mahonnaiseblog
Offline bienator

Senior Member




OutOfCoffeeException


« Reply #29 - Posted 2009-04-18 23:03:31 »

...The real problem is what to do about trusted applets - or at the least, signed applets...
IMO a step in the right direction would be: http://bugs.sun.com/view_bug.do?bug_id=6800416

Pages: [1] 2 3
  ignore  |  Print  
 
 
You cannot reply to this message, because it is very, very old.

 

Add your game by posting it in the WIP section,
or publish it in Showcase.

The first screenshot will be displayed as a thumbnail.

Pippogeek (41 views)
2014-09-24 16:13:29

Pippogeek (32 views)
2014-09-24 16:12:22

Pippogeek (22 views)
2014-09-24 16:12:06

Grunnt (47 views)
2014-09-23 14:38:19

radar3301 (30 views)
2014-09-21 23:33:17

BurntPizza (65 views)
2014-09-21 02:42:18

BurntPizza (37 views)
2014-09-21 01:30:30

moogie (44 views)
2014-09-21 00:26:15

UprightPath (53 views)
2014-09-20 20:14:06

BurntPizza (55 views)
2014-09-19 03:14:18
List of Learning Resources
by Longor1996
2014-08-16 10:40:00

List of Learning Resources
by SilverTiger
2014-08-05 19:33:27

Resources for WIP games
by CogWheelz
2014-08-01 16:20:17

Resources for WIP games
by CogWheelz
2014-08-01 16:19:50

List of Learning Resources
by SilverTiger
2014-07-31 16:29:50

List of Learning Resources
by SilverTiger
2014-07-31 16:26:06

List of Learning Resources
by SilverTiger
2014-07-31 11:54:12

HotSpot Options
by dleskov
2014-07-08 01:59:08
java-gaming.org is not responsible for the content posted by its members, including references to external websites, and other references that may or may not have a relation with our primarily gaming and game production oriented community. inquiries and complaints can be sent via email to the info‑account of the company managing the website of java‑gaming.org
Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines | Managed by Enhanced Four Valid XHTML 1.0! Valid CSS!