for the vast majority of users, I’m sure you’re right. But it does provide a level of “backside covering” for Adobe as well as allowing commercial applications to “have a value” when they’re providing a cert (so you can “trust” the unrestricted system access)

I personally can’t see the point of these warnings as few users will bother reading them even if they can understand them.
Witness what happened when someone bought the Google AdWord ‘click here to be infected with a virus’, for instance.

What make me react was that warnings could stay for “restricted” application as they are today for all applications (without the unrestricted system acces warning of course).

In the future, if every warnings disappear when exporting a “restricted” application, I agree with him that the warning in the installer is sufficient for “unrestricted” application. But we must not have any of the “security risk”, “publisher identity” or “system access” warnings.

The problem is that I’m sadly convinced that this will not be the case (?).

my install of iTunes is AIR-like if the view is that AIR is bringing browser-like capabilities to the desktop. the end user, however, doesn’t care – they just click on the online store menu or podcast search and consider it just part of the (desktop) application.

the real value of AIR is not for end users to think they can have a desktop version of their browser experiance, but (1) for developers leveraging their DHTML/Flex/AS3 skills in (2) creating cross platform applications. At least that’s why I’m interested in AIR. Lots of apps reach out to the cloud (even MSOffice apps as you look for templates, updates or help)

I take your point about Word Macro’s but then again, you’re talking about an applications loaded content (just a file which could could come from anywhere), not the application itself. MSWord can – and does – reach all over the file system. Apps we use every day can have powerful effects to the core system. People don’t even seem to batter an eyelid with a related area – privacy. How much information does my Aidum IM client send back to base? I don’t know. Do I care that Gmail reads every email of mine so it can throw targeted advertising at me? I do, but not enough to change.

in the end it comes down to trust, which is where certificates come in. If Thwate issue a cert that’s attached to a dodgy app it can be tracked.

which is why Oliver and the rest of the AIR team are offering free Thwate certs for people to use for their apps – to try and build confidence.

heck, even Twirl (Twitter AIR client) uses an unsigned cert…

I won’t advice using AIR until they translate and change the dialog color (no black & red please).

Now waiting for mProjector 4… sorry Adobe.