« AIR's Unrestricted System Access Warning | Main | Adobe AIR Supports Enterprise Deployment »

Why AIR Doesn't Ask for Permission

Commenter Tek suggests that AIR should warn the user each time an application tries to do something potentially dangerous, like access the file system.

Here's just a few reasons why we don't do this:

  • It's annoying. No one likes to deal with these dialogs all the time. And if everyone just suppresses them, then what's the point?

  • It's insufficient. Accessing the file system alone or the network alone is often ok, but approving the combination is sufficient to let someone upload all your data.

  • It's unanswerable. Unless you wrote the application or studied its source code, you probably don't have enough information to answer, anyway.

  • It's broken. If you say no to any of these dialogs, the application will most likely stop working.

Ultimately, choosing to run a desktop application is about trust. Virus scanners, firewalls, and the like don't ask you about what applications are doing because they're trying to protect you from those applications. On the contrary, they're notifying you about behavior that might be the result of software you didn't install. That's an altogether different question: if you didn't install the software, say no!


Posted by Oliver Goldman on May 20, 2008 02:09 PM |

Comments

All your points are well taken--but I think what you have is a false dichotomy. That is, I don't believe there's only "have no permissions" or "have annoying permissions". For example, it seems totally feasible to have a dialog pop up with a "don't ask again" option. Granted, you can probably make good arguments against this too. I'm just saying there's more than just 2 options.

Posted by: Phillip Kerman | May 20, 2008 10:29 PM

Agreed, there are other options. There are even some that have restricted permissions without annoying dialogs.

Posted by: Oliver Goldman | May 20, 2008 11:01 PM

I think a dialog pop up with a "don't ask again" is the best way to workout this issue.

Posted by: Roman Peters | May 21, 2008 06:10 AM

You could make it prompt you like MS Vista and then we would all be annoyed...

-Tucker

Posted by: Tucker | May 21, 2008 07:21 AM

not only would "don't ask again" be nice... but an easy way for users to manage all installed AIR apps to un-check the don't ask again option. Zone Alarm has a good metaphor for this.

Posted by: Phillip Kerman | May 22, 2008 10:54 PM

Oliver, another solution to the insufficient and unanswerable arguments is to forbid the application to access the file system, except folders or files that user have implicitly selected with the file system menu browser.

It works with upload for the web browsers, it even works for Flash in the web browser (with FileReference) why not using the same in Air ?

Posted by: Tek | May 25, 2008 04:02 PM

Oliver, note that I have made a post on my blog regarding this : http://www.tekool.net/blog/2008/05/25/users-must-trust-air/

Posted by: Tek | May 26, 2008 09:04 AM

At least, please make this dialog "pleasant", not a frightening black and red thing.

And localize the dialog (but I guess it is planned... isn't it?).

Posted by: Philippe | May 26, 2008 11:16 AM

Oliver, after careful consideration I finally agree with you. The solution to ask permission would have been valid only during the period when we cannot publish "restricted" application.

What is important is not warnings in "unrestricted" mode but not to have warnings in "restricted" mode.

You have been clear I haven't. I have updated my blog to reflect my thoughts. Apologies for any unwanted noise.

Posted by: Tek | May 27, 2008 04:11 AM

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)