Lorrie Cranor‘s keynote on usable privacy and security: Her emphasis is not on the technology, but its use/adoption. To be safe, “experts” suggest
1) personal firewall, 2) spam filters, 3) popup blockers, 4) cookie manager, 5) anti-spyware tools, 6) encryption software, 7) filters for kids, 8) anonymity tools, 9) virus software …. after installing all that software, do you have any time (or hardware space) left?!? “No one buys a computer so that we can spend time securing it.” Security is a secondary task and takes time away from what we want to do with our computers.
Average computer users want security to “Just Work” … but we aren’t there yet. Another approach is to make security/privacy understandable … and then there’s the “train the user” mindset. Admonishments aren’t helpful.
We have to make it easy for users to do the right thing. Firefox security assumptions (Blake Ross): Users want to believe that their products are keeping them secure; users do not want to be responsible for, nor concern themselves with security/privacy issues; “we” (developers) know more about security than the user does. If a developer can’t figure it out, how can we expect the user to?
“Present choices, not dilemmas” : Chris Nodder, User Experience XP SP2
She then presents great examples of bad “warning” boxes from Netscape and Microsoft, followed by an explicit and clear question in SP2 for Internet Explorer.
Passwords
Typical advice: hard to guess, don’t use it anywhere else, change it often, never write it down. How to cope when every web site wants a password? Some have success with password keeper software; works pretty well if you use one computer. Another approach is “single sign-on” — the access-controlled device is online; no single sign-on solution has caught on, perhaps due to trust issues.
- Biometrics:
Microsoft has finger-print readers built into keyboard or mice – you can use this to log into all your websites using Internet Explorer. - Graphical Passwords: Research shows that people have an easier time remembering pictures than words. Passfaces are somewhat guessable due to gender and cultural biases. User is presented with picture, must click on picture sections. More research needed.
- Forgotten Password Mechanisms : Why not make this the normal way to access infrequently used web sites? In other words, get rid of the password all together.
Symbols and Metaphors
To date, many symbols and metaphors have not been successful: cookies and spam … Netscape SSL icons (open and closed locks) … eyeball with sheet of paper symbol to the left of the closed lock means you have cookie mismatch (cookie flag). MSIE eyeball symbol means the same thing.
Firefox also puts the lock icon in the address bar and changed the color of the address bar “yellow.” Lorrie thinks its still too subtle.
Safari rolls out a password box like rolling a sheet of paper out of a typewriter — which is supposed to differentiate it from a popup malicious password box.
Why do I use a key instead of a pen to make a digital signature? The problem is that locks-and-keys have been used for so long that it may not be possible to dump them.
Privacy Bird : Does the website match your preferences? Used “green” and “red” birds … in testing, the icons didn’t work (can download music, bad for kids).
Rethinking Cookies:
Cookie/browser interfaces leaves much to be desired;
examples of bad warning messages. Example from Georgia Tech: Acuman (?sp) … community approach to cookie decision-making. The important question is “is this cookie being sent back to a website?” Berkeley student > associate bookmarks with cookies; this assumes that you use your bookmarks to find sites.
Making Web Privacy Visible
Alan Westin, 1967, quotes about privacy; he envisions an individual who is actively involved in the decision to disclose information. Cranor believes this is idealistic (ie, not real-world). Notes that privacy policies are unlikely to be read because they are obtuse (hard to read), non-standardized (cannot easily compare two policies), can change without notice.
What if your browser could read the policy for you? W3C policy/protocol for XML privacy policy, P3P. Top 2K domains, only 15% are P3P enabled; 29% of top 100 domains. Limited functionality in IE6 and N7; Firefox has none.
Privacy Bird software plug in. Students working on a P3P enhanced Google search. Can use this for ecommerce decision-making; makes privacy policies visible.
Wireless Privacy
Many users are unaware that wireless protocol is open unless you’re using VPN. She relates research with students – but there was no behavioral change. And no solution offered to lack of privacy on wiFi — given the increasing use of wireless networks, seems solutions are needed here.