Security usability: Difference between revisions
(→Case study: Key loss: Done) |
(Rework) |
||
Line 9: | Line 9: | ||
== Usability == | == Usability == | ||
Security software almost always asks people to do some of the following: | |||
* | *Verify authenticity of some data | ||
* | *Remember sensitive data | ||
*Store sensitive data securely | |||
Unfortunately people are imperfect and fail to do these, not for the lack of trying. | |||
Security developers take three approaches to deal with this: | |||
*Train people to make fewer mistakes | |||
*Design software to catch mistakes | |||
*Lessen the impact of mistakes | |||
Together all three of these are used to make security software usable. | |||
==Case study: Key verification== | |||
Here's a quick list of the best examples of modern security I can think of: | |||
*OpenSSH | |||
*Tor and its hidden services | |||
*Matrix | |||
All of these rely on keys which dumps a few tasks on people using the software. | |||
The first is verifying keys. There are a few ways to do this: | |||
*Skip verifying the key | |||
*Send the key using another communication service or method | |||
*Ask for the key from someone you trust | |||
*Meet the person in real life and exchange the key directly | |||
* Skip verifying the key | |||
* Send the key using another communication service or method | |||
* Ask for the key from someone you trust | |||
* Meet the person in real life and exchange the key directly | |||
* Verifying the key incorrectly | * Verifying the key incorrectly | ||
If I had to guess which method is the most common, it's skipping verification. This is the option I pick all the time now for two simple reasons: It's easy, and it's reliable. | If I had to guess which method is the most common, it's skipping verification. This is the option I pick all the time now for two simple reasons: It's easy, and it's reliable. | ||
- managing keys | |||
- key compromise | |||
== Trust == | ==Trust== | ||
security is a software problem to a social issue | security is a software problem to a social issue | ||
Line 78: | Line 55: | ||
not how reality works | not how reality works | ||
==F-Droid vs Google Play== |
Revision as of 11:33, 2 March 2022
This is a WIP page, come back later.
This is a quick page on my feelings towards security and how most security software fails to be usable.
Background
Recently I read the article F-Droid: how is it weakening the Android security model? which provides a critique of F-Droid's security model and recommends people use Google Play Store.
The GrapheneOS developers provided similar critique but it contains numerous uncorrected errors. Instead of correcting this information they have chosen to threaten SylvieLorxu with legal action for pointing out these mistakes. I strongly recommend reconsidering any trust towards GrapheneOS and its developers given their priorities shown here.
Usability
Security software almost always asks people to do some of the following:
- Verify authenticity of some data
- Remember sensitive data
- Store sensitive data securely
Unfortunately people are imperfect and fail to do these, not for the lack of trying.
Security developers take three approaches to deal with this:
- Train people to make fewer mistakes
- Design software to catch mistakes
- Lessen the impact of mistakes
Together all three of these are used to make security software usable.
Case study: Key verification
Here's a quick list of the best examples of modern security I can think of:
- OpenSSH
- Tor and its hidden services
- Matrix
All of these rely on keys which dumps a few tasks on people using the software.
The first is verifying keys. There are a few ways to do this:
- Skip verifying the key
- Send the key using another communication service or method
- Ask for the key from someone you trust
- Meet the person in real life and exchange the key directly
- Verifying the key incorrectly
If I had to guess which method is the most common, it's skipping verification. This is the option I pick all the time now for two simple reasons: It's easy, and it's reliable.
- managing keys
- key compromise
Trust
security is a software problem to a social issue
libertarian threat model
not how reality works