I think simply looking a security software in a systematic manner, through an HCI lens, can
For example, I did a usability evaluation of the Tor Browser Bundle that was well received: http://petsymposium.org/2012/papers/hotpets12-1-usability.pdf I think that we have great tools that already exist - we just need to make them as usable as commercial products. If we can lower the bar to adoption, we can get more people using technologies like Tor and PGP. People care about their security, but as the hcisec literature points out repeatedly, security is not a primary task. -- Greg Norcie (g...@norcie.com) GPG key: 0x1B873635 On 9/23/12 3:35 AM, Shava Nerad wrote: > On Sat, Sep 22, 2012 at 11:06 AM, Bernard Tyers - ei8fdb > <ei8...@ei8fdb.org <mailto:ei8...@ei8fdb.org>> wrote: > > > > There have been some interesting threads here that have brought up > some interesting questions for me: > ∙ The thread discussing the usability of tools, such as > cryptocat. How it was (originally) easy to use but may not have been > as secure as possible. (NB: This is not a jab/poke at anybodies > work, or an excuse to bring up any of the previous discussions about > Cryptocat) > ∙ The perception of tools which are easy to use but may not > be secure, eg. Viber, whereas other tools are seen as secure, > ∙ There are no shortcuts to being secure. > > > I have spent a lot of time pondering the human psychology, media spin, > "memetic" side of these questions -- how you get from security/privacy > meaning "someone else with something to hide" to "no one needs to be > profiting from my private business, thank you very much!" for example -- > a transition we've been laboriously spinning for the last few years, > though it feels like it's been spinning at the apparent speed of a > galaxy... Still, there has been progress. > > Getting tools like Tor from (at best) gray-hat hacker tools in the eye > of the press to the darling of the Knight Foundation in five years shows > that there is progress, at least at some levels, but the popular level > has to move. > > I remember when people did not understand the need for virus protection > on their computers at all either, and there's something to be said for > comparing the notion of how security in terms of malware, and security > in terms of privacy are evolving in the public's awareness, in the > awareness of more "insider" organizations (as appropriate for each > subcategory), and in policies at the highest level -- national policies, > laws, and so on. > > There could be some good lessons there -- just making the comparison > could open some eyes to some apt paralellisms, I might think? > > I'd be happy to throw additional thoughts your way. > > yrs, > -- > > Shava Nerad > shav...@gmail.com <mailto:shav...@gmail.com> > > > > -- > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech > -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
