I think of it like this: usability can be a security feature.The comment highlights what many systems designers often forget: the most vulnerable part of your application is its users.
If you build a "perfectly secure" piece of software, but it takes a very high level of skill to use it, your users will use something else that is easier to use, but less secure. And then how has your ideologically perfect piece of software helped improve their security?
If you make tradeoffs for usability, you will raise the bar because people will actually use what you make.
— squidlogic
When you see a headline about the Silk Road creator being captured, the FBI busting online criminals, or even random individuals' identities being leaked to the public, it is rarely attributed to an error or exploit in the encryption software they were using. The NSA (as far as we know) has not broken modern encryption methods. Rather it was some mistake made by the end-user: logging into their account from an insecure location or computer; talking about criminal enterprises outside of secure communication channels; or forgetting to encrypt a sensitive message.
It is very quick to blame the users here, but I would argue the users are not at fault! As Donald Norman describes in his book The Design of Everyday Things, "Humans do not always err. But they do when the things they use are badly conceived and designed. [...] While we all blame ourselves, the real culprit—faulty design—goes undetected." Indeed, while us users are indeed making the mistakes, it is much more difficult to alter human nature than it is to design your software to align with human expectations. This is the cornerstone of user experience design.
That is why I argue that encryption is not enough. New software and protocols, like Tor Messenger or Let's Encrypt, while necessary, will not stop users from sacrificing their privacy and security for convenience. Brigham Young University researchers emphasized this in their recent paper on PGP, showing that to this day most modern email encryption tools are unusable and inconvenient. You cannot possibly expect users to make the active effort to switch to more secure protocols when doing so will actively and continually inconvenience them.
We need software that installs seamlessly, does not hamper perceived productivity, does not frustrate users, and does not allow for an "easy way out", that is, the possibility of a user bypassing necessary security features for convenience.
Secure design: why encryption is not enough by Tyler Romeo is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
No comments:
Post a Comment