Over on the mozilla-crypto group, discussions circulated as to how to fix the Shmoo bug. And phishing, of course. My suggestion has been to show the CA's logo, as that has to change if a false cert is used (and what CA wants to be caught having themselves issue the false cert?). I've convinced very few of this, although TrustBar does include this alongside it's own great idea, and it looks great! Then comes this stunning revelation from Bob Relyea:
"These same arguments played around and around at Netscape (back when it mattered to Verisign) about whether or not to include the signer's brand. In the end it was UI realestate (or the lack thereof given to security) argument that won the day. In the arena where realestate was less of an issue, but security was, the signer's logo and name *WERE* included (remember the 'Grant' dialogs for signed apps). They still contain those logos today."
Putting the CA logo on the web page was *always* part of the security model. So, that's why it always felt so right and so obvious. But why then have so many people argued against it? Is it the real estate - that never-ending battle to get as much on the screen as possible? Is it the status quo? Is it the triviality of pictures? The dread of marketing?
Which brings to mind experiences I've had chatting with people.
Not something I normally do, and to be honest, not something many of the readers of FC do, it seems. Techies have a very limited view of what people are and do, which is why the technical world has not yet grasped the importance of IM. It's still considered a sort of adjunct cousin to email. And even the whole p2p thing is considered fashionable for its technical interest, not for its social ramifications.
Here's what I've discovered in talking to people. Text is boring. Smileys are interesting. PIctures that move are better, and ones that talk and jump and say silly things are best of all! Out in userland, they love to have wonderful fun jumping little conversations with lots of silly smileys. Think of it as ring tones in a smiley ...
(Oh, and one other thing. It seems that users don't care much for real estate. They are quite happy to load up all these plugins and use them all ... to the point where the actual web page might be left with a third of the screen! This would drive me nuts, I'm one of those that turns off all the tool bars so I can get extreme vertical distance.)
Which leaves me somewhat confused. I know nothing about this world - I recognise that. But I know enough to recognise that here is one more very good idea. Think back to TrustBar. It allows the user to select their own logo to be associated with a secure site. Great idea - it dominated all the ideas I and others had thought of (visit counts, pet names, fingerprints) because of how it reaches out to that world - the world that is being hit by phishing. But over on the cap-talk list, Marc Stiegler goes one further:
"While I agree that an icon-only system might be unsatisfactory, there's more than one way to skin this cat. One of the ideas I have been inspired to think about (Ken Kahn got me started thinking about this, I don't remember how), was to assign faces to the identities. You could start with faces like pirates, scientists, bankers, priests, etc., and edit them with mustaches, freckles, sunglasses. For creating representations of trust relationships, it would be really entertaining, and perhaps instructive, to experiment with such mechanisms to allow users to create such icons, which could be very expressive."
Fantastic idea. If that doesn't kill phishing, it deserves to! If you aren't confused enough by now, you should re-examine your techie roots... and read this closing piece on how we can use a computer to deliver mental abuse. That's something I've always wanted!
Rude software causes emotional traumaPosted by iang at February 11, 2005 09:00 AM | TrackBackBy Will Knight Published Monday 7th February 2005 13:03 GMT
Scientists at California University in Los Angeles (UCLA) have discovered computers can cause heartache simply by ignoring the user. When simulating a game of playground catch with an unsuspecting student, boffins showed that if the software fails to throw the ball to the poor student, he is left reeling from a psychological blow as painful as any punch from a break-time bully.
Matthew Lieberman, one of the experiment's authors and an assistant professor of psychology at UCLA explains that the subject thinks he is playing with two other students sitting at screens in another room, but really the other figures are computer generated. "It's really the most boring game you can imagine, except at one point one of the two computer people stop throwing the ball to the real player," he said.
The scientists used functional magnetic resonance imaging (fMRI) to monitor brain activity during a ball-tossing game designed to provoke feelings of social exclusion. Initially the virtual ball is thrown to the participating student but after a short while the computer players lob the ball only between themselves. When ignored, the area of the brain associated with pain lights up as if the student had been physically hurt. Being the class pariah is psychologically damaging and has roots deep in our evolutionary past. "Going back 50,000 years, social distance from a group could lead to death and it still does for most infant mammals," Lieberman said.
The fact that this pain was caused by computers ignoring the user suggests interface designers and software vendors must work especially hard to keep their customers happy, and it's not surprising that failing and buggy software is so frustrating. If software can cause the same emotional disturbance as physical pain, it won't be long before law suits are flying through the courts for abuse sustained at the hands of shoddy programming. R
¿ Copyright 2005 The Register
http://go.theregister.com/news/2005/02/07/rude_software/
preference was putting the authoritative agency brand/logo on the web site. the authoritative agency ... like the better business bureau or the state licensing bureau, etc ... somebody that is the real trust authority.
the certification authority paradigm was that they would certify some information gleaned from the actual authoritative agency. fundamentally, they are a momentary aberation in time having to do with
1) authoritative agencies tend to be late adopters ... so certification authorities were somewhat standing in for the real authoritative agencies ... until the authoritative agencies caught up with the technology
2) fundamentally the product of the certification authorities are these constructs (certificates) that had a design point of an offline environment ... where the relying party had no online/near-time recourse to the real authoritative agency
for instance ... an insurance company site might have a brand/logo clickthru to the appropriate government licensing agency ... where there was full-disclosier information about the particular insurance companies operational characteristics (including complaints).
the momentary certification authority aberration tends to certify that they executed some business process that involves validating the certified information with the appropriate authoritative agency responsible for the information being certified.
in many real business process scenarios ... the relying party will directly validate the information with the authoritative agency for the information of interest.
Posted by: lynn wheeler at February 11, 2005 07:06 PMthe other part was the trust model of the agency behind a web site. when we were starting this electronic commerce stuff
http://www.garlic.com/~lynn/aadsm5.htm#asrn2
http://www.garlic.com/~lynn/aadsm5.htm#asrn3
there was the thing could you really trust that you were talking to the website that you thot you were talking to. that simply is handled with secure domain name infrastructure where you get back the host's public key along with the ip-address when you do the hostname to ip-address resolution.
the other part was could/should you actually trust those operating the web-site ... that was where the better business bureau or gov. licensing agency came in.
the problem was that the online retail business turned out to be highly skewed; potentially 60-100 sites doing 90 percent or more of all transactions. that resulted in mostly repeat transactions, site recognition, repeat business, etc ... the consumer already had high trust level in the URL as a brand. a certificate indicating that the consumer should trust the specific merchant provided almost no added value.
the place where there was the least consumer trust was with the millions of e-commerce sites that had no brand recognition, tended to be all first time transactions and possibly did only a couple a month. However, it was difficult to justify (for this class of e-commerce sites) spending any significant amount of money on a certificate ... that would represent insurance/guarantee of the business practices.
Posted by: lynn wheeler at February 11, 2005 07:25 PM