On 13-08-14 2:35 AM, Stephen J. Turnbull wrote:
Footnotes: [1] Has anybody else noticed that both gpg's UI and its
documentation seem designed to make it as hard to use as possible?
Not only have people noticed, but " Why Johnny Can't Encrypt: A
Usability Evaluation of PGP 5.0" is often required reading for computer
security students at Carleton because it serves as a great example of
how poor usability can render carefully designed encryption and security
completely worthless.
" The analysis found a number of user interface design flaws that may
contribute to security failures, and the user test demonstrated that
when our test participants were given 90 minutes in which to sign and
encrypt a message using PGP 5.0, the majority of them were unable to do
so successfully. "
If you haven't read it, I highly recommend it. It's an easy read,
freely available online, and very educational. Obviously this is
especially of interest to those talking about PGP and mailman, but it's
a good read for anyone who works with code:
https://www.usenix.org/legacy/events/sec99/whitten.html
Terri
_______________________________________________
Mailman-Developers mailing list
Mailman-Developers@python.org
http://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives:
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org
Security Policy: http://wiki.list.org/x/QIA9