Scout Brody is executive director of Simply Secure, a nonprofit that works to make security and privacy technologies usable by technologically unsophisticated people by focusing on usability and human factors.
In a short, smart interview with the O'Reilly Security Podcast (MP3, Brody talks about how a humanistic, human-centered mindset is essential to producing usable (and hence, effective) security. Critically, she also offers excellent advice on how to bring these human-centered practices into your product and service design.
I volunteer on Simply Secure's advisory board, and really believe in this work.
A powerful tool you can adopt when talking to users is cognitive walkthrough. In essence, you ask them to tell you what they're thinking as they're thinking it. So, if you're going to do a cognitive walkthrough for an encryption program, you might say, ‘I'd like you to encrypt this email message. Please tell me what you're doing as you're doing it and all of the thoughts that occur to you.’ You might hear someone say, ‘Oh, wow, okay, so I'm going to encrypt. I don't really know what I'm doing. I'm going to start by pushing this button because that looks good. That's green. I'm going to push that.’ You can really hear the thought process that people are going through.
If you're in a more formal user study context, it can be useful to get the user's consent to videotape—not necessarily the person, but the screen—and see what they're doing because then you can play it for your colleagues. This is one of the most convincing ways you can make a case that your tool has problems or your tool needs improvement. Thus, just by videotaping people trying to use a tool and showing the challenges they face, you can identify ways to improve the user experience.
Scout Brody on crafting usable and secure technologies
IoT Inspector is a new tool from Princeton's computer science department; it snoops on the traffic from home IoT devices and performs analysis to determine who they phone home to, whether they use encryption, and what kinds of data they may be leaking.
When Freedom of Information Act enthusiast Douglas Palmer used public records requests to explore the games that the CIA uses to train its analysts, he laid the groundwork for republishing these games for general use.
Tonight at 7PM, I'll be appearing on a panel at the Last Bookstore in downtown LA, with the title "Truth to Power: Genre Fiction in Post-Fact America," alongside of Gretchen McNeil, Jennifer Brody, Christina Cigala, Bobby Goldstein, CB Lee, Michael Paul Gonzalez, Kate Maruyama and Samuel Sattin.
Most of us understand that when we visit a website, we’re subjecting ourselves to surveillance by trackers. And, while these tools are usually used for innocuous purposes, like determining which ads to show you, they can be leveraged for much more nefarious goals, and they have the potential to tank your browsing speed as well as […]
Learning how to code is a great way to improve your hiring potential and open the door to more lucrative careers, but getting the ball rolling can be a bit daunting considering the number of languages out there and steep price associated with training. However, the Pay What You Want: Learn to Code 2018 Bundle is […]
Our world is a colorful one, and when it comes time to repaint the house or create a new design, many of us look to our surroundings for inspiration. However, matching colors from the outside world to our canvas isn’t the most precise process when we’re just eyeballing it. The Nix Pro Color Sensor removes the […]