I think the facetious side of your answer is unworthy of you, and your (understandable) frustration with the community management side of this means that you may have misinterpreted the question somewhat.
Quite obviously this bug is not a risk to anyone not running Ubuntu or anyone running one of the current release versions of Ubuntu. We're talking about people who are running 13.10 and who have installed Mir either from the packages in universe or from the testing PPA.
You make the assumption that that's inevitably someone who has a certain tech profile. But in fact, Ubuntu alphas are these days generally stable enough that even a moderately skilled user can install and use them without strong impact on their day-to-day activity -- and frankly, it's nice to be able to help one's distro of choice by testing in this way and making sure that the (generally minor) issues that do arise get reported.
But someone like this -- like me, for example -- won't necessarily understand the details of the risk of this particular Mir bug. In my case: I log in as a single user, I browse the web, check email, etc., do some programming work, some writing with LaTeX and LibreOffice, have some chats with Empathy ... but I've no idea what it means to open a VT. Is it the same as opening the regular terminal app with Ctrl-Alt-T or something different? Am I at risk because I'm running Guake in the background at the same time as typing other stuff in another Gnome Terminal window? I've never hit Ctrl-Alt-f1 or Ctrl-Alt-f7 or Ctrl-Alt-fAnything in all my time of using Ubuntu. If I don't do this, am I safe from the security implications of this bug?
All these (fairly naive) questions reasonably prove your point about Canonical not doing a good enough job of communicating the risks, but I'm not sure they are adequately addressed by your response either. Maybe you felt that my original question was facetious too -- it wasn't intended to be, it was a genuine concern about what set of activities are subject to risk.
And no, it's not your job to make up for Canonical's failures, but you did stress the security implications of this bug, so I don't think it's unreasonable to ask you to clarify what you mean :-)
Re: Typical user, or typical scenario for a broad spectrum of users?
Quite obviously this bug is not a risk to anyone not running Ubuntu or anyone running one of the current release versions of Ubuntu. We're talking about people who are running 13.10 and who have installed Mir either from the packages in universe or from the testing PPA.
You make the assumption that that's inevitably someone who has a certain tech profile. But in fact, Ubuntu alphas are these days generally stable enough that even a moderately skilled user can install and use them without strong impact on their day-to-day activity -- and frankly, it's nice to be able to help one's distro of choice by testing in this way and making sure that the (generally minor) issues that do arise get reported.
But someone like this -- like me, for example -- won't necessarily understand the details of the risk of this particular Mir bug. In my case: I log in as a single user, I browse the web, check email, etc., do some programming work, some writing with LaTeX and LibreOffice, have some chats with Empathy ... but I've no idea what it means to open a VT. Is it the same as opening the regular terminal app with Ctrl-Alt-T or something different? Am I at risk because I'm running Guake in the background at the same time as typing other stuff in another Gnome Terminal window? I've never hit Ctrl-Alt-f1 or Ctrl-Alt-f7 or Ctrl-Alt-fAnything in all my time of using Ubuntu. If I don't do this, am I safe from the security implications of this bug?
All these (fairly naive) questions reasonably prove your point about Canonical not doing a good enough job of communicating the risks, but I'm not sure they are adequately addressed by your response either. Maybe you felt that my original question was facetious too -- it wasn't intended to be, it was a genuine concern about what set of activities are subject to risk.
And no, it's not your job to make up for Canonical's failures, but you did stress the security implications of this bug, so I don't think it's unreasonable to ask you to clarify what you mean :-)