Peter’s Soapbox
Stop Stealing My Focus!
June 11, 2008 on 2:48 pm | In Techspeak |A few weeks ago, my friend Dave Yates announced in his podcast how he accidentally typed his IRC password into the chat room that he was in. I can easily see how this could happen, while someone was trying to identify themselves to the server. To prevent this, he could have taken a couple of steps to ensure that he was not typing into an active chat window, so that even if he had made the same typo, his password would not be exposed. Alternately, just being careful might have prevented this.
Then again, it might not have…
Try as we might, technology finds a way to make things difficult, even when we do our best to be careful. Today, I had a similar experience to Dave’s. I was typing my password into a terminal so that I could log in to a machine via SSH. I typed the password, pressed Enter, and nothing happened…
For a few seconds…
And then my eyes wandered to the far corner of my screen, where I saw my password… which had been posted on Twitter.
I immediately deleted the post, shifted focus back to the terminal, logged in, and changed the password. Because I was using tilda, which has no title bad, there was no indication that the focus on the window had left the terminal window. Twhirl, my preferred Twitter client, had stolen the focus of my window manager, making the text I typed show up there, instead of where I wanted it, in the terminal. Obviously this was a minor inconvenience, but it could have been much worse.
Imagine the case of the user who hunts and pecks, and doesn’t touch-type or look up at the screen for long periods of time. Let’s imagine that some information much more valuable (credit card info, anyone?) than a password gets thrown into a window that decided it needs to take focus from whatever had it because it knows better.
This is my official declaration that applications should NOT be allowed to steal window focus unless it’s absolutely clear what is happening, and there is no possibility that confidential or proprietary information will be transmitted without the user’s knowledge. I’m not sure where to begin to get the word out on this. I assume with the authors of various desktop enviroments including GNOME, KDE, Windows, OS X, etc. Any suggestions and help are greatly appreciated.
No Comments yet »
RSS feed for comments on this post. TrackBack URI
Leave a comment
You must be logged in to post a comment.
Categories:
Archives:
- October 2008 (2)
- September 2008 (2)
- August 2008 (7)
- July 2008 (22)
- June 2008 (7)
- May 2008 (14)
- April 2008 (13)
- March 2008 (7)
- February 2008 (13)
- January 2008 (8)
- December 2007 (11)
- November 2007 (10)
- October 2007 (8)
- September 2007 (18)
- August 2007 (25)
- July 2007 (10)
- June 2007 (2)
- May 2007 (1)
- March 2007 (4)
- February 2007 (3)
- January 2007 (1)
- December 2006 (1)
- October 2006 (3)
- September 2006 (1)
- August 2006 (9)
- July 2006 (2)
- June 2006 (6)
- May 2006 (4)
- April 2006 (3)
Blogroll
- Fresh Ubuntu - The Fresh Ubuntu podcast
- I, Blog - The blog of my former partner in podcasting crime
- Lotta Linux Links - Lotta Linux Links
- Partis Scientia - Scott’s Linux Tech Blog
- Scamwagon - The blog of my colleague, Scott McGrath