[tor-dev] [Fwd: UX Principles]
Greg Norcie
gnorcie at cdt.org
Tue Nov 3 21:27:15 UTC 2015
Another useful resource might be this academic article on "privacy
pitfalls" in usable interface design:
http://repository.cmu.edu/cgi/viewcontent.cgi?article=1077&context=hcii
On Tue, Nov 3, 2015 at 3:09 PM, Mike Perry <mikeperry at torproject.org> wrote:
> Nima sent this to me a while ago and I completely forgot to forward it
> on. Note the Google docs and the PDF at the bottom.
>
> Useful food for though for Tor Messenger, Tor Browser, and other
> user-facing stuff.
>
> ----- Forwarded message from Nima Fatemi <nima at torproject.org> -----
>
> Date: Fri, 24 Jul 2015 03:39:31 +0000
> From: Nima Fatemi <nima at torproject.org>
> To: Mike Perry <mikeperry at torproject.org>
> Subject: UX Principles
>
> Hi Mike,
>
> sorry for late email. I was meaning to send you this sooner but I've had
> a big pile of email, I had to take care of.
>
> So the forwarded message below includes an attachment, which is the
> Yee's principles and then there's another paper that linda has
> mentioned, which is worth reading I think.
>
> Here's that talk from Google Chrome's Elisabeth Morant that I mentioned
> to you:
>
>
> https://news.yahoo.com/video/yahoo-trust-unconference-security-ux-161037378.html
>
> Here are the slides:
> (the good stuff start from page 12)
>
>
> https://docs.google.com/presentation/d/1i2Pwennj8PcsigACPA1oLpRNLd7BVC0oilsgKzAx2sY/edit?pli=1#slide=id.g999beac96_0_0
>
> And here are my notes from the talk + my thoughts added to them:
>
> - 1st principle: Don't annoy users, even with updates.
>
> - People (even infosec ppl) ignore updates
>
> - users are often worried that updates would change the interface, it
> took them time and energy to get used to current things, they dont want
> it to change (even if it's a good change)
>
> - Enable auto-update by default with an option to opt out
>
> - Give devs and users tools to time permission requests
> - 2nd principle: allow mistakes!!! let them change their settings easily
> if they've changed their minds
>
> - settings windows doing similar thing should look similar and if they
> do the exact things, they should look identical.
>
> - make settings easy to discover
> - 3rd principle: combat jerks [malicious-HS_maybe?]
> - danger is hard to communicate
> - how to tell users about the danger they're facing
> - infrastructure for detecting and reacting to badness
> - how to do this in a decentralized way?!
> - karma! tie user engagement to resource allocation (maybe useful
> for
> HiddenServices?) (okay, right after writing this sentence, I started a
> conversation in #tor-project. see the backlog, you might find it
> interesting)
> - crowd consent
>
> Let me know if I can be of any help.
>
> Bests,
>
> -- Nima
>
> -------- Forwarded Message --------
> Subject: Yee's principles
> Date: Wed, 1 Jul 2015 05:51:05 -0700
> From: Linda Naeun Lee <lnl at berkeley.edu>
> To: Tor Project <nima at torproject.org>
>
> Nima:
>
> Here are notes. And another paper.
>
> http://zesty.ca/pubs/yee-sid-ieeesp2004.pdf
>
>
> --
> Linda Naeun Lee
>
> Graduate Student Researcher
> Department of Computer Science
> University of California, Berkeley
>
>
>
>
>
>
>
>
> ----- End forwarded message -----
>
> --
> Mike Perry
>
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
>
>
--
/***********************************/
*Greg Norcie (norcie at cdt.org <norcie at cdt.org>)*
*Staff Technologist*
*Center for Democracy & Technology*
1634 Eye St NW Suite 1100
Washington DC 20006
(p) 202-637-9800
PGP: http://norcie.com/pgp.txt
Fingerprint:
73DF-6710-520F-83FE-03B5
8407-2D0E-ABC3-E1AE-21F1
/***********************************/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20151103/38979799/attachment-0001.html>
More information about the tor-dev
mailing list