[guardian-dev] Help please! Human factors of privacy tools.
Carrie Stiens Winfrey
cstiens at gmail.com
Fri Apr 26 11:45:29 EDT 2013
Hello Bernard!
It's nice to meet you. Below, are my initial thoughts about possible
research areas for you. Perhaps they trigger other ideas for you, or sound
like a good direction. Either way, let's consider it the start of a
conversation. If you'd like to talk face and face, we could arrange a skype
or Google hangout next week.
Best, Carrie
>> Re: Is there a question you'd love to see answered? Is there some area
of a tool that needs some research?
I'm interested in learning how much people (users) need to understand the
security model behind our apps, to be able to trust them. My assumption is
that is varies from person to person—some will want to know the details,
while some will take a trusted friend or organization's word for it. But,
some research on the education needed around security would be interesting.
What does it take (in terms of education) to get people to trust that
they're in good hands?
Also, I watched the first part of the Firefox video. It's quite interesting
how security is starting to become bigger topic of discussion, even for
people outside crisis areas. How security makes sense to a common person,
could be an area to explore. You could really dig into mental models here.
:)
>> Re: but I would like to do some work on an area that could lead to some
useful research/provide input to making these tools better, from a user
point of view.
Research that makes these tools better, in my opinion, comes from talking
with the people using them, and is very specific per project. It's both UI
testing and 'User Research', where you really get to know how an
application fits into someone's life—how, when and what they use it for. So
one approach, is to focus on a specific application.
The opposite approach would be to do testing on multiple apps (8-12+) until
patterns of behavior started to emerge. In that case, general conclusions
could potentially be drawn about which interfaces or elements of interfaces
work well. I'm not sure yet how this fits into the Guardian picture, but
maybe it would be helpful to compare Guardian products with the other apps
people are using for security. It could be like competitive review across
the board to discover what is and isn't working well in different cultures.
On Fri, Apr 26, 2013 at 10:21 AM, Nathan of Guardian <
nathan at guardianproject.info> wrote:
>
> Carrie and Bernard,
>
> I wanted to connect you directly to speak more about possible
> collaboration within the context of the Guardian Project.
>
> @Bernard - Carrie has been leading our work on UI/UX and more recently
> testing and usability studies with a number of new projects we are
> working on. She had some excellent thoughts on your proposal.
>
> +n
>
>
> -------- Original Message --------
> Subject: Re: [Guardian-internal] Fwd: [guardian-dev] Help please!
> Human
> factors of privacy tools.
> Date: Thu, 25 Apr 2013 16:04:43 -0500
> From: Carrie Stiens Winfrey <cstiens at gmail.com>
> To: David Oliver <oliver.david.m at gmail.com>
> CC: Guardian Internal List <guardian-internal at lists.mayfirst.org>
>
>
>
> Hello all! Here are my thoughts on potential research areas for this guy:
>
> >> Re: Is there a question you'd love to see answered? Is there some area
> of a tool that needs some research?
>
> I'm interested in learning how much people (users) need to understand
> the security model behind our apps, to be able to trust them. My
> assumption is that is varies from person to person—some will want to
> know the details, while some will take a trusted friend or
> organization's word for it. But, some research on the education needed
> around security would be interesting. What does it take (in terms of
> education) to get people to trust that they're in good hands?
>
>
> >> Re: but I would like to do some work on an area that could lead to some
> useful research/provide input to making these tools better, from a user
> point of view.
>
> Research that makes these tools better, in my opinion, comes from
> talking with the people using them, and is very specific per project.
> It's both UI testing and 'User Research', where you really get to know
> how an application fits into someone's life—how, when and what they use
> it for.
>
> The opposite approach would be to do testing on multiple apps (8-12+)
> until patterns of behavior started to emerge. In that case, general
> conclusions could potentially be drawn about which interfaces or
> elements of interfaces work well. I'm not sure how this fits into the
> Guardian picture, but maybe it would be helpful to compare Guardian
> products with the other apps people are using for security. It could be
> like competitive review across the board to discover what is and isn't
> working well in different cultures.
>
>
> -Carrie
>
>
>
>
> -------- Original Message --------
> Subject: [guardian-dev] Help please! Human factors of privacy
> tools.
> Date: Wed, 24 Apr 2013 17:45:50 +0100
> From: Bernard Tyers - ei8fdb <ei8fdb at ei8fdb.org
> <mailto:ei8fdb at ei8fdb.org>>
> To: The Guardian Project Dev List
> <guardian-dev at lists.mayfirst.org
> <mailto:guardian-dev at lists.mayfirst.org>>
>
> Hello nice Guardian Project people,
>
> Tl;dr: I'm offering 4-5 months worth of a reasonably privacy/crypto
> savvy HCI researchers time to carry out research for a MSc
> dissertation
> about usability of privacy enhancing software, and the effect
> their UIs
> have on people's idea of how they work.
>
>
> Seeing as I am going to be asking for a favour, I should give some
> information about me.
>
> My background is: electronics engineering, network and systems
> admin,
> then telecoms engineer (mobile networks - packet network mainly
> and some
> voice...yes also legal interception and packet inspection
> equipment, but
> I'm not proud).
>
> 2 years ago I moved career to the UX industry, my interest is
> HCISEC -
> Human Computer Interaction in SECurity and privacy - PETs (Privacy
> Enhancing Tools), security, encryption tools and why people, who
> should
> use them, do not use them.
>
> I define "people who should use them" as human rights activists,
> investigative journalists, people in countries whose government are
> oppressive.
>
> I am doing a masters in human computer systems, and it's coming
> to the
> time to start planning my dissertation. My chosen topic (very
> generally)
> is: "Usable security and its impact on mental models and trust."
> Over
> the next few days I want to focus this better. If you'd like to
> know
> more about mental models, lemme know..
>
> So to my request: I have 4-5 months (beginning from May) to
> carry out a
> HCISEC related human factors focused project.
>
> I can find a subject myself, but I would like to do some work on
> an area
> that could lead to some useful research/provide input to making
> these
> tools better, from a user point of view. Is there a question
> you'd love
> to see answered? Is there some area of a tool that needs some
> research?
>
> I will also be looking for participants to take part in research
> - again
> I am very conscience of the scenarios where these tools are
> used, and
> the need to maintain anonymity and privacy. I will be
> anonymising all
> research, asking for the minimum information and am happy to
> carry out
> communications via secure communications tools. I would appreciate
> support from users of security and privacy tools.
>
> At the end, all research will be released and available for use
> by the
> security/privacy community.
>
>
> If I don't come up with a PETs related topic for the
> dissertation, thats
> ok too - I still want to volunteer my mad l33t HCI sk1llz for
> your work.
>
> I think your tools could benefit from some usability testing to
> validate
> current designs, particularly Orbot/Orweb and Gibberbot. I'd
> also like
> to offer my mobile telecoms technical knowledge for any projects
> you'd
> think it'd be helpful with.
>
> I know you guys know it's important to make these applications
> easy to
> use (otherwise why build them!?), but you've got a lot of work
> on your
> hands already, and HCI isn't your speciality. I am interested in
> helping
> you guys with the human part of it.
>
> At the risk of teaching you to suck eggs, if you are interested in
> learning more, I can recommend the "Security and Usability:
> Designing
> Secure Systems that People Can Use" book by Lorrie Faith Crannor
> and
> also the SOUPS Conference (http://cups.cs.cmu.edu/soups/2013/).
>
> I look forward to some feedback (on or off list).
>
> thanks,
> Bernard
>
> --------------------------------------
> Bernard / bluboxthief / ei8fdb
>
> IO91XM / www.ei8fdb.org <http://www.ei8fdb.org>
>
> _______________________________________________
> Guardian-dev mailing list
>
> Post: Guardian-dev at lists.mayfirst.org
> <mailto:Guardian-dev at lists.mayfirst.org>
> List info:
> https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>
> To Unsubscribe
> Send email to:
> Guardian-dev-unsubscribe at lists.mayfirst.org
> <mailto:Guardian-dev-unsubscribe at lists.mayfirst.org>
> Or visit:
>
>
> https://lists.mayfirst.org/mailman/options/guardian-dev/abel%40guardianproject.info
>
> You are subscribed as: abel at guardianproject.info
> <mailto:abel at guardianproject.info>
>
>
>
> _______________________________________________
> Guardian-internal mailing list
>
> Post: Guardian-internal at lists.mayfirst.org
> <mailto:Guardian-internal at lists.mayfirst.org>
> List info:
> https://lists.mayfirst.org/mailman/listinfo/guardian-internal
>
> To Unsubscribe
> Send email to:
> Guardian-internal-unsubscribe at lists.mayfirst.org
> <mailto:Guardian-internal-unsubscribe at lists.mayfirst.org>
> Or visit: %(user_optionsurl)s
>
> You are subscribed as: %(user_address)s
>
>
>
> _______________________________________________
> Guardian-internal mailing list
>
> Post: Guardian-internal at lists.mayfirst.org
> <mailto:Guardian-internal at lists.mayfirst.org>
> List info:
> https://lists.mayfirst.org/mailman/listinfo/guardian-internal
>
> To Unsubscribe
> Send email to:
> Guardian-internal-unsubscribe at lists.mayfirst.org
> <mailto:Guardian-internal-unsubscribe at lists.mayfirst.org>
> Or visit: %(user_optionsurl)s
>
> You are subscribed as: %(user_address)s
>
>
>
>
> --
> Carrie Winfrey, Interaction Designer
> carriewinfrey.com <http://www.carriewinfrey.com> | @crwinfrey
> <https://twitter.com/crwinfrey>
>
>
>
--
Carrie Winfrey, Interaction Designer
carriewinfrey.com <http://www.carriewinfrey.com> |
@crwinfrey<https://twitter.com/crwinfrey>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20130426/47a55225/attachment-0001.html>
More information about the Guardian-dev
mailing list