This is the first in a series of posts pulled from a talk I gave at O’Reilly’s online conference Experience Design for Internet of Things (IoT) on “Lessons from Architecture School for IoT Security.” The talk is a call to action for designers and non-technical people to get involved — with us at Simply Secure or elsewhere — in the worthy problems of experience design for IoT security. I want to encourage more people to think about security and to outline some ways UX design can support privacy in IoT applications.
As we gear up to start collaborating with open-source software projects, there are a bunch of things we have been pondering. There are a lot of compelling projects out there that we’d love to work with, but we need some criteria to choose which ones to focus on first. So, we’ve drafted a set of questions to ask about a software project and the team that develops it. As the document notes, these questions are not a quiz to judge the worthiness of projects or the people who work on them.
It’s difficult for many lay users who are unfamiliar with the mechanics of how the internet works to make assessments of risk or to secure their communications. One way that design can help is by making abstract concepts understandable. There’s exciting work in understanding existing models of security and ways to leverage them in design, such as Rick Wash’s "Folk Models of Home Computer Security", but there’s still so much to be done.
You learned at our launch that we’re setting out to improve the experience users have with secure-communication tools. We told you that we want to work with the open source community, and that we’re committed to documenting our activities transparently. But what does this mean in practice – how will Ame, Trouble and I be spending our days? It’s much easier to show than to tell, so I expect you’ll get a better feel for our work as we describe it here over time.
Hi, I'm Nóirín (sounds like [n̪ˠõːɾʲiːɲ]). In Ireland, I have a pretty common name: I share it with professors, politicians, and even our police commissioner! Elsewhere, however, it's less simple. I've had conference badges in the names of "N√≥ir√≠n" and "NÛirÌn", online services often call me "Nóirín" or "N��ir��n", and I've even gotten mail for "N├âãÆ├é┬│ir├âãÆ├é┬¡n"! So at Simply Secure, I go by a name I picked up on the Appalachian Trail, that's found in most spell-checkers, and is a bit simpler to pronounce: Trouble.