Scout Brody is executive director of Simply Secure, a nonprofit that works to make security and privacy technologies usable by technologically unsophisticated people by focusing on usability and human factors.
In a short, smart interview with the O'Reilly Security Podcast (MP3, Brody talks about how a humanistic, human-centered mindset is essential to producing usable (and hence, effective) security. Critically, she also offers excellent advice on how to bring these human-centered practices into your product and service design.
I volunteer on Simply Secure's advisory board, and really believe in this work.
A powerful tool you can adopt when talking to users is cognitive walkthrough. In essence, you ask them to tell you what they're thinking as they're thinking it. So, if you're going to do a cognitive walkthrough for an encryption program, you might say, ‘I'd like you to encrypt this email message. Please tell me what you're doing as you're doing it and all of the thoughts that occur to you.’ You might hear someone say, ‘Oh, wow, okay, so I'm going to encrypt. I don't really know what I'm doing. I'm going to start by pushing this button because that looks good. That's green. I'm going to push that.’ You can really hear the thought process that people are going through.
If you're in a more formal user study context, it can be useful to get the user's consent to videotape—not necessarily the person, but the screen—and see what they're doing because then you can play it for your colleagues. This is one of the most convincing ways you can make a case that your tool has problems or your tool needs improvement. Thus, just by videotaping people trying to use a tool and showing the challenges they face, you can identify ways to improve the user experience.
Scout Brody on crafting usable and secure technologies
Amanda Rousseau’s self-learning materials for her Malware Unicorn workshop are a fantastic introduction to understanding and analyzing malware, covering the techniques used by malware authors, reverse-engineering tools, and three kinds of analysis: triage, static and dynamic.
The Do-It-Yourself Monster Make-Up Handbook is a 1965 classic: Famous Monsters of Filmland founder Forrest Ackerman tapped movie makeup legend Dick Smith to create guides for turning yourself into any of three Martians, two kinds of werewolf, a “weird-oh,” a “derelict,” a ghoul, a mummy, Frankenstein’s monster, Quasimodo, Mr Hyde, “split face,” and more.
These Japanese robots’ performance of “Robot’s Delight” — an extended, braggadocios riff on the state of AI learning-through-imitation research, with break-dancing — won Best Video at the 2017 ACM/IEEE International Conference on Human Robot Interaction. (via 4 Short Links)
Thread count isn’t like one of those deceiving metrics like camera megapixels or Facebook friends—more threads are always better if you can afford them. If price was no object, we would all be snoozing soundly bundled up in 1.8 kilo-thread sheets every single night. Guess what? Price doesn’t have to be an object with this […]
Maybe it’s entirely because of podcast ads, but drag-and-drop tools like Squarespace have gotten immensely popular in recent years. While it’s definitely a great tool for any non-coders who want to get a small website up and running quickly, managing content with a primarily visual interface can become a pain once you have more than […]
When you can’t wait for the world’s longest meeting to end, the mindless leg bouncing makes your boredom obvious and just annoys everybody else. Everyone knows the TPS reports need the damn cover sheet, but some sadistic colleague keeps forgetting, probably on purpose just to eat into your lunch hour. Enough is enough!While serving a […]