Documente Academic
Documente Profesional
Documente Cultură
Spring 2013
Dan Boneh
Vague threat. Whats the risk? What could happen? Yes, the possibly less safe option, is the default How should the user make this decision? No clear steps for user to follow.
Dan
Boneh
Better
(IE8)
Even better: load the safe content, and use the gold bar to enable the rest
(IE9)
Dan Boneh
Guidelines
Philosophy:
Does
the
user
have
unique
knowledge
the
system
doesnt?
Dont
involve
user
if
you
dont
have
to
If
you
involve
the
user,
enable
them
to
make
the
right
decision
Dan Boneh
Most users will not understand revocation information . Choices are unclear, consequence is unclear.
Dan
Boneh
Better explanation
Source Risk Choices
Process
Dan
Boneh
Attacker can abuse explanation causing bad user decisions. Used by Conficker spread through USB drives.
Dan
Boneh
A better design
THE END
Dan Boneh