Re: ISSUE-57: qualify your interrupts; communicate subliminally always and through the focus rarely (public comment) from Mary Ellen Zurko on 2007-04-19 (public-wsc-wg@w3.org from April 2007)

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Thu, 19 Apr 2007 15:51:41 -0400
To: Web Security Context WG <public-wsc-wg@w3.org>
Message-ID: <OF6FF5F821.791B1734-ON852572C2.006CF090-852572C2.006D1A17@LocalDomain>

I think we're good with this. The WG views it in relation to the body of 
evidence on how much (or whether) users notice existing (or tested) 
security cues. 

Though I know of no tests on sounds. Anyone know of any usability tests 
around sounds at all, even non security? I remember a stream of CHI 
research on ambient noises and sounds quite a while ago. I fear the only 
CHI research on sound would be in full environments (cockpits, nuclear 
monitoring). 

          Mez

Mary Ellen Zurko, STSM, IBM Lotus CTO Office       (t/l 333-6389)
Lotus/WPLC Security Strategy and Patent Innovation Architect




Web Security Context Issue Tracker <dean+cgi@w3.org> 
Sent by: public-wsc-wg-request@w3.org
04/17/2007 08:21 AM
Please respond to
Web Security Context WG <public-wsc-wg@w3.org>


To
public-wsc-wg@w3.org
cc

Subject
ISSUE-57: qualify your interrupts; communicate subliminally always and 
through the focus rarely (public comment)








ISSUE-57: qualify your interrupts; communicate subliminally always and 
through the focus rarely (public comment)

http://www.w3.org/2006/WSC/Group/track/issues/57

Raised by: Bill Doyle
On product: Note: use cases etc.

>From public comments
raised by: Al Gilman Alfred.S.Gilman@ieee.org

http://lists.w3.org/Archives/Public/public-usable-
authentication/2007Apr/0000.html


qualify your interrupts; communicate subliminally always and through the 
focus 
rarely. 
where it says, in 10.1.5 Single locus of attention
   A user has only a single locus of attention, a feature or an object
   in the physical world, or an idea, about which they are intently and
   actively thinking. Humans ignore things that aren't their current
   locus of attention. The user's locus of attention is only held in
   short term memory and so will be quickly forgotten once their
   attention shifts.
please consider
This paragraph sounds as though the security status should be contending 
for 
the user's attention along with their main-line task.  This could lead to 
mis-
design.



This principle is likely to mislead the design if not taken with a large 
grain 
of salt.  The point here is that the comfort level of the user with the 
current context is typically much more unconscious than is their concept 
of 
what they are focused on.  Humans react subliminally to stylistic effects 
that 
connote changes in context or context continuity in a way that suffuses 
many 
of these narrow 'loci of attention.'



You could be about to throw the baby out with the bathwater.  Many in the 
Web 
think that interactive behavior and text effects such as color and 
underline 
are 'presentation' that is disjoint from 'content.'  But nothing could be 
farther from the Web truth.  Color or underline subliminally communicates 
what 
is clickable to the visual user, and clickability is essential to the 
user's 
concept of web browsing. the web would be a laboratory artifact still if 
this 
closure of the interaction cycle through style and behavior weren't in 
place. 
And it works without the user ever focusing on it.  It plays into 
pre-focus 
scanning behavior.



You have amply demonstrated that just like clickability, trustworthiness 
is 
something that users judge subliminally.  Our difficult task is in 
presenting 
a trickle of nuisance events (small enough so they don't decide it's the 
boy 
crying wolf) that will get them to exercise a modicum more skepticism in 
the 
nick of time.

please consider
event sounds and ShowSounds, introduced before.

Received on Thursday, 19 April 2007 19:51:53 UTC