Watch: how to make security tools for normal humans

Another amazing Shmoocon talk is "Users Are People Too: How to Make Your Tools Not Suck for Humans," presented by two key people from Simply Secure, a nonprofit devoted to improving security tool usability (I am a volunteer advisor to Simply Secure).

The presentation was given by Gus Andrews (she's behind those Hacker Puppet videos), and Scout Brody, the executive director of SS. The two step through the common mistakes made by security toolsmiths when thinking about user interaction, and propose extremely simple, low-/no-cost ways to improve, as well as introducing SS's free consulting and materials, and the paid internships available for security-minded UX people and UX-minded security people.

As a technologist you craft systems that are reliable, scalable, and maintainable. As a security specialist you think adversarially and poke holes in every apparatus you encounter, be it technical, social, or socio-technical. These skills are orthogonal to the ones that good user-experience (UX) designers employ in making software that is usable by "average" people, which is probably why so many security tools suck. In this talk you'll see why your approach to designing software interfaces is broken, get a window into how professionals would make it better, and learn scrappy techniques that even the most awkward infosec nerd can use to make their software suck less for real users.

Gillian "Gus" Andrews is Senior Usability Research Fellow at Simply Secure, continuing work she did on security usability at OpenITP. Her doctorate at Teachers College explored user misunderstandings of search. She has helped organize the HOPE conference and been a panelist on Off The Hook. She produces The Media Show, a series about digital literacy.

Sara "Scout" Sinclair Brody is Executive Director at Simply Secure. She earned her CS PhD from Dartmouth College on "Access Control In and For The Real World". She previously worked as a Product Manager at Google, where she contributed to 2­step verification and the Android operating system, among other projects.

Users Are People Too: How to Make Your Tools Not Suck for Humans
[Gillian Andrews and Sara Sinclair Brody/Internet Archive]

Users Are People Too: How to Make Your Tools Not Suck for Humans

[Gillian Andrews and Sara Sinclair Brody/Shmoocon]

(via Shmoocon 2016)