Using full-disk encryption adds another authentication step to the boot process, by default a passphrase. For most home users, this is probably an unnecessary complication and obstacle to the good security practice of encrypting their data. In addition, this doesn't fit well with a multi-user environment, as by default everyone has to share the encryption password. Full-disk encryption would be much more usable if the boot-up process was streamlined.

Supported applications/packages are indicated by an Ubuntu-icon, to make it easier to find "safe" installations. There is, however, nothing to indicate what belongs to the original installation.
Marking such items with, f.i, an asterix, will provide an easy way for less experienced users to avoid uninstallation of packages that belong to the original Ubuntu installation, thus keeping their system safe and stable.

This idea came up after reading Pjotrs' "Do this first" tips, where it is suggested to NOT remove originally installed pacakages, and then finding out there's no way to see which those are.
http://forum.ubuntu-nl.org/topic/31765

If the user performs an operation and it fails because of a lack of permissions, the error dialog should not only inform the user of this but also allow the user to Authenticate himself and retry the operation.

"Pre" authentication is already in use in ubuntu in the form of the "Unlock" button in admin dialogs.

Allowing the user to retry with more permissions will make life easier.

A scenario of how this could be used:
A user tries to delete a file(s) created by root (using nautilus), the user is then told that the operation failed on a particular file because of a lack of permissions.

The error dialog will then present the options to either "skip", "skip all", "cancel", "Authenticate" and "Authenticate All". When the authenticate options are selected, the operation could be retried with the user rights entered (can even reuse the Authenticate dialog).

"Authenticate All" option will allow the user to make use of the permissions for the rest of the files.

This will save the user time because he no longer needs to go and change the permissions manually after it failed.

The new notification system is great, however there should be a central means of managing which applications can and cannot send desktop notifications as a pop up. This will provide a benefit on a particularly eventful machine in reducing messages that may prove distracting. In some work environments a user may not want elements of a private or sensitive conversation in pidgin / other messaging client displayed in a notification window, situations where this may occur are presentations, pair programming, open plan offices etc.

I have a Ubuntu box which I use at home. It's dual boot for some stupid Windows programs that I need.

It becomes a painful affair when I have mounted a Windows partition/a CD/a Flash drive, and then logged out. Somebody else has logged in, and wants to use that drive. Ubuntu has locked that drive and the other user can't access it until I release that drive. (Funny thing is, by default they are in my group and can see my home folder!)

Such settings make sense if the computer is being used at, let's say an office. However, at home, it does not make a whole lot of sense.

On the other hand, at home, the inbound connections are relatively uncommon (unless one has multiple boxes at home), whereas at office, inbound connections are more common.

Then, non-admins can't mount Windows drive. Now all the other users at my home do not have enough expertise that they can safely handle a admin account. So every time they want to use a Windows drive, I have to step in and help them.

Why don't we then offer a security level during installation of Ubuntu?

Home
Office
Home/Office
Insecure Network

For a "Home" level security, every user can have read access to the drives that others mount. And both "admin" and "ordinary" users can mount/unmount drives.

With Home/Office as the default setting?

By the way, it needs to be mentioned that Ubuntu is by far the best distro I have seen.

[....]

If you go to install something via the software center, it installs it system-wide, which of course requires a password.

Now this is obviously annoying, but would also seem to also cause a security risk; if the user gets used to entering his password at any point, he may enter it when he has no idea why the dialog is there, allowing malware to get root access.

Of course, the password dialogs are a necessary part of security. But everything in the default repositories is known to be safe, and a password is required to add non-standard repos.

I find myself constintly locking the screen to do something as simple as getting a drink of water. yet when I come back a minuet later, I have to type in my huge password, meant to keep people from hacking in while it's shut down. I don't need that much securty while my computer is locked for just a couple minuets, just something small to keep someone from posting something unwanted want while I'm away.

currently when using the right click menu there are only two options:
- Uncheck all
- Check all

Sometimes there are quite a few updated and I would like to install only the updates from the security fixes repository.

see http://bayimg.com/AalibAaCH