In the latest nightly builds of FF3, and in the upcoming Beta 5, we let users choose to ignore our phishing warning, and click through to the site, just like they could in Firefox 2:
But that same spot is empty in the malware case (unless you install my magic extension.) Should it be? It’s a harder question than it seems, on first blush.
My gut reaction is “No click-through for malware.” I’ve spoken before about how we, as the experts, have an obligation to make certain decisions, rather than leave them to our users who are less well-equipped to make good ones. That’s a hard position to hold, we very much want our users to have the power, but a malware click-through is a perfect example. We know that “I’ll just take a quick look” or “It looks fine to me” are not safe behaviours with malware sites, that the very act of loading the page may have already pwned you. It feels like we should make this call.
But people are curious. When they encounter a blocked page, some number of them are going to want to see the trainwreck for themselves, and without a click-through, they have two options:
- Disable malware protection
- Use a different browser
In terms of keeping our users safe, these are both really terrible options. Allowing a click-through is arguably far better for these users, since it keeps them in a safer browser, and since it still leaves malware protection running. Even a user who will persistently click through every single warning page is still helped by malware protection running in frames, and maybe even decides to stop clicking through at some future point. A user who turns it off probably never turns it back on again.
It is wholly unsatisfying to me to argue “Well, if they turned it off, they deserve what’s coming to them,” because these are our users, and they deserve protection no matter what. Sure, some of them will click things they shouldn’t click, but our interface should keep the most users safe the highest percentage of the time with the minimum limitations imposed on their browsing experience.
So what to do? I said before that in cases where we can make a substantially more informed decision than our users can, we should do it. But I don’t know if that’s the case here. I’ve talked to a lot of smart people about it, and most of them seem to end up somewhere in the middle. If we can’t make smarter or safer decisions than our users, then I think we have to bring the choice to them after all. I think that if we can’t find a convincing argument that totally blocking click-through is viable, then we need to make one available.
But I don’t like that one little bit.
If you have new information to contribute to the debate, it rages on in Bug 422410, but I would encourage you not to jump in at the bottom without first reading the conversation that has come before. Nobody here needs reminding that malware is bad juju, or that we shouldn’t be in the business of creating “Shoot me in the face” buttons. With that disclaimer in mind though, any suggestions for resolving it are welcome. The bug’s not a blocker, but it’s still an important thing to get right.
As right as possible, anyhow.