Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Your attention please: designing security-decision UIs to make genuine risks harder to ignore
Bravo-Lillo C., Komanduri S., Cranor L., Reeder R., Sleeper M., Downs J., Schechter S.  SOUPS 2013 (Proceedings of the Ninth Symposium on Usable Privacy and Security, Newcastle, UK, Jul 24-26, 2013)1-12.2013.Type:Proceedings
Date Reviewed: Apr 2 2014

Pop-up alerts carrying warning messages are issued by an operating system whenever a user wants to grant additional privileges to third-party software. Based on their own prior experience of having granted additional privileges to software from external sources, users generally tend to ignore such warnings, even if real risks are involved.

The authors designed a set of inhibitive attractors necessitating a modification of the user interface carrying the alert warning. These attractors require a user to carry out an additional task on the interface before granting more privileges to the third-party software. The authors claim that such a modification would help the user remain attentive and alert to such warnings.

The claims are validated through surveys carried out on different sets of users, recruited via a crowd-sourcing mechanism. From the responses of the users, the authors conclude that users were indeed able to retain their alertness, rendering it difficult for them to ignore risks.

The idea that altering features of the user interfaces associated with warnings could retain the attention of users is one of the major highlights of this paper. Other innovations are the use of a crowd-sourcing technique for surveys and the use of an actual software industry problem for academic research. However, the ontological premise, that software binaries from the original manufacturer are presumed to be safer than software binaries from third-party sources, is highly contestable, on the grounds of non-availability of software sources for verification.

Reviewer:  CK Raju Review #: CR142131 (1406-0465)
Bookmark and Share
  Reviewer Selected
 
 
Evaluation/ Methodology (H.5.2 ... )
 
Would you recommend this review?
yes
no
Other reviews under "Evaluation/Methodology": Date
Computer analysis of user interfaces based on repetition in transcripts of user sessions
Siochi A., Ehrich R. ACM Transactions on Information Systems 9(4): 309-335, 1991. Type: Article
Aug 1 1992
Software by design
Bauersfeld P., M & T Books, New York, NY, 1994. Type: Book (9781558282964)
Mar 1 1995
Prototyping for tiny fingers
Rettig M. Communications of the ACM 37(4): 21-27, 1994. Type: Article
Dec 1 1994
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy