[guardian-dev] Help please! Human factors of privacy tools.
Nathan of Guardian
nathan at guardianproject.info
Fri Apr 26 11:21:14 EDT 2013
Carrie and Bernard,
I wanted to connect you directly to speak more about possible
collaboration within the context of the Guardian Project.
@Bernard - Carrie has been leading our work on UI/UX and more recently
testing and usability studies with a number of new projects we are
working on. She had some excellent thoughts on your proposal.
+n
-------- Original Message --------
Subject: Re: [Guardian-internal] Fwd: [guardian-dev] Help please! Human
factors of privacy tools.
Date: Thu, 25 Apr 2013 16:04:43 -0500
From: Carrie Stiens Winfrey <cstiens at gmail.com>
To: David Oliver <oliver.david.m at gmail.com>
CC: Guardian Internal List <guardian-internal at lists.mayfirst.org>
Hello all! Here are my thoughts on potential research areas for this guy:
>> Re: Is there a question you'd love to see answered? Is there some area of a tool that needs some research?
I'm interested in learning how much people (users) need to understand
the security model behind our apps, to be able to trust them. My
assumption is that is varies from person to person—some will want to
know the details, while some will take a trusted friend or
organization's word for it. But, some research on the education needed
around security would be interesting. What does it take (in terms of
education) to get people to trust that they're in good hands?
>> Re: but I would like to do some work on an area that could lead to some
useful research/provide input to making these tools better, from a user
point of view.
Research that makes these tools better, in my opinion, comes from
talking with the people using them, and is very specific per project.
It's both UI testing and 'User Research', where you really get to know
how an application fits into someone's life—how, when and what they use
it for.
The opposite approach would be to do testing on multiple apps (8-12+)
until patterns of behavior started to emerge. In that case, general
conclusions could potentially be drawn about which interfaces or
elements of interfaces work well. I'm not sure how this fits into the
Guardian picture, but maybe it would be helpful to compare Guardian
products with the other apps people are using for security. It could be
like competitive review across the board to discover what is and isn't
working well in different cultures.
-Carrie
-------- Original Message --------
Subject: [guardian-dev] Help please! Human factors of privacy tools.
Date: Wed, 24 Apr 2013 17:45:50 +0100
From: Bernard Tyers - ei8fdb <ei8fdb at ei8fdb.org
<mailto:ei8fdb at ei8fdb.org>>
To: The Guardian Project Dev List
<guardian-dev at lists.mayfirst.org
<mailto:guardian-dev at lists.mayfirst.org>>
Hello nice Guardian Project people,
Tl;dr: I'm offering 4-5 months worth of a reasonably privacy/crypto
savvy HCI researchers time to carry out research for a MSc
dissertation
about usability of privacy enhancing software, and the effect
their UIs
have on people's idea of how they work.
Seeing as I am going to be asking for a favour, I should give some
information about me.
My background is: electronics engineering, network and systems
admin,
then telecoms engineer (mobile networks - packet network mainly
and some
voice...yes also legal interception and packet inspection
equipment, but
I'm not proud).
2 years ago I moved career to the UX industry, my interest is
HCISEC -
Human Computer Interaction in SECurity and privacy - PETs (Privacy
Enhancing Tools), security, encryption tools and why people, who
should
use them, do not use them.
I define "people who should use them" as human rights activists,
investigative journalists, people in countries whose government are
oppressive.
I am doing a masters in human computer systems, and it's coming
to the
time to start planning my dissertation. My chosen topic (very
generally)
is: "Usable security and its impact on mental models and trust."
Over
the next few days I want to focus this better. If you'd like to know
more about mental models, lemme know..
So to my request: I have 4-5 months (beginning from May) to
carry out a
HCISEC related human factors focused project.
I can find a subject myself, but I would like to do some work on
an area
that could lead to some useful research/provide input to making
these
tools better, from a user point of view. Is there a question
you'd love
to see answered? Is there some area of a tool that needs some
research?
I will also be looking for participants to take part in research
- again
I am very conscience of the scenarios where these tools are
used, and
the need to maintain anonymity and privacy. I will be
anonymising all
research, asking for the minimum information and am happy to
carry out
communications via secure communications tools. I would appreciate
support from users of security and privacy tools.
At the end, all research will be released and available for use
by the
security/privacy community.
If I don't come up with a PETs related topic for the
dissertation, thats
ok too - I still want to volunteer my mad l33t HCI sk1llz for
your work.
I think your tools could benefit from some usability testing to
validate
current designs, particularly Orbot/Orweb and Gibberbot. I'd
also like
to offer my mobile telecoms technical knowledge for any projects
you'd
think it'd be helpful with.
I know you guys know it's important to make these applications
easy to
use (otherwise why build them!?), but you've got a lot of work
on your
hands already, and HCI isn't your speciality. I am interested in
helping
you guys with the human part of it.
At the risk of teaching you to suck eggs, if you are interested in
learning more, I can recommend the "Security and Usability:
Designing
Secure Systems that People Can Use" book by Lorrie Faith Crannor and
also the SOUPS Conference (http://cups.cs.cmu.edu/soups/2013/).
I look forward to some feedback (on or off list).
thanks,
Bernard
--------------------------------------
Bernard / bluboxthief / ei8fdb
IO91XM / www.ei8fdb.org <http://www.ei8fdb.org>
_______________________________________________
Guardian-dev mailing list
Post: Guardian-dev at lists.mayfirst.org
<mailto:Guardian-dev at lists.mayfirst.org>
List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
To Unsubscribe
Send email to:
Guardian-dev-unsubscribe at lists.mayfirst.org
<mailto:Guardian-dev-unsubscribe at lists.mayfirst.org>
Or visit:
https://lists.mayfirst.org/mailman/options/guardian-dev/abel%40guardianproject.info
You are subscribed as: abel at guardianproject.info
<mailto:abel at guardianproject.info>
_______________________________________________
Guardian-internal mailing list
Post: Guardian-internal at lists.mayfirst.org
<mailto:Guardian-internal at lists.mayfirst.org>
List info:
https://lists.mayfirst.org/mailman/listinfo/guardian-internal
To Unsubscribe
Send email to:
Guardian-internal-unsubscribe at lists.mayfirst.org
<mailto:Guardian-internal-unsubscribe at lists.mayfirst.org>
Or visit: %(user_optionsurl)s
You are subscribed as: %(user_address)s
_______________________________________________
Guardian-internal mailing list
Post: Guardian-internal at lists.mayfirst.org
<mailto:Guardian-internal at lists.mayfirst.org>
List info: https://lists.mayfirst.org/mailman/listinfo/guardian-internal
To Unsubscribe
Send email to:
Guardian-internal-unsubscribe at lists.mayfirst.org
<mailto:Guardian-internal-unsubscribe at lists.mayfirst.org>
Or visit: %(user_optionsurl)s
You are subscribed as: %(user_address)s
--
Carrie Winfrey, Interaction Designer
carriewinfrey.com <http://www.carriewinfrey.com> | @crwinfrey
<https://twitter.com/crwinfrey>
More information about the Guardian-dev
mailing list