|Users aren't necessarily technical experts. Most people can understand concepts like "Site X wants to know where you are" and "Site Y wants to take pictures of you". Asking for advice on technical issues is more problematic because a typical user does not have the technical knowledge to be able to make a meaningful answer. This is an issue that has been discussed in detail in numerous committees over numerous contexts.|
Punting to the user on a technically driven security issue is a security anti-pattern.
If this information is _really_ necessary, then the goal should be to make the absolute minimum amount of information available. eg. Rather than saying "can we have an api to provide a string containing all the gpu info" we could ask "exactly what information is required? How can we provide just that information?" and provide that info through a single explicit API.
On Feb 1, 2013, at 2:16 PM, Gregg Tavares <email@example.com> wrote: