One of the highlights of HybridConf 2016 was hearing writer Stevyn Colgan talk about his time as a police officer at London's Scotland Yard. He entertained the audience of UX designers and front-end developers with stories from his book, Why Did the Policeman Cross the Road?. As someone who is concerned about the state of policing (in line with recent protests in the United States), I did not expect to be impressed, but Colgan's design-thinking approach to crime prevention took me by surprise.
Most people who spend time online have a general idea of what "phishing" is, but it can be hard for folks outside of the security community to pin down an exact definition. Understanding the threat that phishing attacks pose can help designers and other UX experts become effective advocates for experiences that protect users. In this post, we will explore the basics of how phishing attacks work, and in a follow-up post, we will examine some of the mechanisms that protect users against them.
Last week, I encountered discussions of drones in two unimaginably different contexts: in an academic presentation at USENIX Security 2016 and on the TV comedy Portlandia. As distant genres, they offer different perspectives that have equally important UX implications for privacy preservation. In the opening keynote of USENIX Security, Dr. Jeannette Wing examined the trustworthiness of cyber-physical systems, which are engineered systems with tight coordination between the computational and physical worlds.
Web browsers are utility software; they are designed to work for all people. Not only must their features meet the needs of average members of a population, they must also work for people with special needs. As Firefox says on its mobile accessibility features page, the browser has been "designed to meet the needs of the broadest population possible," but "sometimes that is not enough." In particular, software that is built for everyone can too often leave people with specific security or privacy needs at risk.
I was in Darmstadt for Privacy and Security Week last week to present Simply Secure's work on ethics in user research at HotPETS. You can check out the paper and slides on GitHub. Resources for ethical research In 2015, we did a field study that we named Straight Talk: New Yorkers on Mobile Messaging and Implications for Privacy. We have since used it as a case study to demonstrate how to work with study participants.