Re: Problems with the current user interface from Amir Herzberg on 2006-12-11 (public-wsc-wg@w3.org from December 2006)

From: Amir Herzberg <herzbea@macs.biu.ac.il>
Date: Mon, 11 Dec 2006 14:25:31 +0200
To: "Close, Tyler J." <tyler.close@hp.com>
CC: W3 Work Group <public-wsc-wg@w3.org>
Message-ID: <457D4E3B.9010407@cs.biu.ac.il>

Close, Tyler J. wrote:
> I have started a list at:
>
> http://www.w3.org/2006/WSC/wiki/NoteProblemsWithCurrentUserInterface
>
> The initial text of the wiki page is:
>
> This section lists problems with the display of security context
> information in current web browsers. Entries in this section should be
> culled for user interface studies, and so be accompanied by citations.
>
> Problems with current user interface
>
>     * No chrome area versus page area distinction in user's mind
>   
This is a bit too strong, imho. I think, it is fair to say that the 
distinction is not complete - not in user's mind, and unfortunately not 
even in reality.
>     * Users ignore the chrome area
>   
I think our study shows, quite clearly, that this is incorrect. Users 
_are_ able to notice (additions to) the chrome, even more with 
customized indicators (we did it with TrustBar, which supports textual 
`petnames` as well as `graphical petnames` (user-chosen image/icon)).

Of course I agree, that the _current_ chrome area is not too helpful for 
security, although I think that with recent additions (color coding, 
padlock in location area,...), there may be already some value there - 
we need a focused study to measure that.

Of course, current chrome has at least one indicator which can 
definitely help Phishers: the FavIcon, controlled by the sites.
>     * The chrome area is spoofable
>   
This is not quite clear to me, and requires clarification imho. Do you 
refer to the ability of a site to ask for display without chrome and 
produce its own `clone chrome`? I definitely think this ability should 
be removed/restricted (as we did in TrustBar, and is done by some other 
bars, I think NetCraft?).
>     * Passwords are reused across distinct web sites
>   
again, please clarify, do you refer to the fact that end users tend to 
reuse same pw at multiple sites?
>     * Domain names are incorrectly read, or interpreted, by users
>   
Absolutely. I would say, users do not understand the structure and 
importance of domain names.
>     * Users assume that a http: URL reliably connects to the indicated
> domain name
>   
Correct.
>     * Certificates Authorities, or certificates, can be readily
> substituted
>   
That, again, is not well defined; I thnk you refer to the `click thru 
syndrome` where users approve essentially any dialog thrown at them, 
e.g. `do you agree to trust this new CA`, and ignore any warning, e.g. 
`the site has presented an invalid cert`. If so... I suggest rephrasing.

Best, Amir

Received on Monday, 11 December 2006 12:26:22 UTC