strawberryJAMM's Security and User Experience WebLog : UX

{pssst. I'm over here!}

strawberryJAMM — Sun, 20 Sep 2009 07:36:00 GMT

Just started a brand new professional blog! Check it out:

sJd UxD - http://sjd-uxd.blogspot.com/2009/09/hello-and-welcome.html

Customer Feedback Wicki for Windows Security Access Control

strawberryJAMM — Sat, 10 Sep 2005 06:45:00 GMT

Hi folks.

My current possition at Microsoft is as a Program Manager (PM) on the Security User Experience team in the Windows Security Access Control (WSAC) group. I'm just posting this to mention a new set of Wiki pages at Channel9 that have been put in place. WSAC is looking for customer feedback on the features in our areas of responsiblity, especially as implemented in Windows Vista and (eventually) Windows Server codenamed Longhorn.

The home page of the set is at the following URL: http://channel9.msdn.com/wiki/default.aspx/Channel9.WinSecurityAccessControlFeedback

WSAC's areas of responsibility are as follows:

Auditing, Authentication, Authorization - AAA
- Audit
- Audit Collection Services - ACS
- Code Integrity
- Process Isolation
- Secure Input
- Software Restriction Policy
- Windows Security Protocols
- User Account Protection - UAP (a.k.a. Least-privileged User Account - LUA; or Non-Admin)
- XrML Technologies
Credential Management - CredMan
- Electronic ID
- Public Key Infrastructure - PKI
Cryptography - Crypto
- Cryptography
- Cryptographic Services
Information Protection Platform - IPP
- Encrypting File System - EFS
- Rights Management Services - RMS
Security User Experience - SecUX
- Accessibility
- Interaction Design
- Interface Design
- Usability
- User Assistance/Help

So, if you have something to share about any of these features, especially if it's in relation to Beta1 of Windows Vista, please visit the URL above and leave us your comments. We can't wait to hear what you have to say, so do it today!

Fear and Loathing in Las Seguridades (Security)

strawberryJAMM — Thu, 14 Jul 2005 02:12:00 GMT

Fear. Anger. Distrust.

These will motiviate users to change their behaviour when it comes to securing their computers

At least that's the way Frank Hayes sees it in his article "Fear, Anger, Distrust".

Hayes discusses two surveys that came out last week: The Pew Internet & American Life Project on spyware and related problems, and a Ponemon Institute survey (reported on by Computerworld.com columnist Larry Ponemon) of 400 people who had had personal data leaked to the world. While neither one of these surveys intended to be about what makes users change what they do, Hayes' gives us the numbers to show us how fear, anger and distrusted had changed the behaviour of the study's participants.

Unfortunately, Hayes gently reminds us, relying on these particular motivators to change users' habits isn't the best idea:

<quote>

So users will change -- if they get afraid, angry or distrustful. That might be useful in getting them to stop doing risky, insecure things. But only if you make sure they're not afraid, angry or distrustful in your direction.

So threatening them with punishment for breaking security rules won't work. Neither will trying to force them to obey or lying to them. No wonder IT's standard techniques for getting users to behave always fail. They're exactly the wrong approach.

</quote>

This, of course, begs the question: "What is exactly the right approach?" That's a tough one and even Hayes avoids answering it. He does, however, offer a few additional insights "beyond fear, anger and distrust" gleaned from these two studies and then wraps up with the following:

<quote>

[N]ow that you know the strongest motivators of change for users, you want their fear, anger and distrust aimed squarely at security threats -- where they belong.

</quote>

Read the article for the full meal deal.

______________________________

So, just to be a bit silly, here's a "recipe" for the "right approach":

Start with what users like and toss in what users do
Pour in what users expect and what users need.
Mix well and sit in front of a usability study
Skim off any fear, anger and distrust
Bake iteratively over a release cycle and serve to millions.

;-)

Any thoughts on "the right approach"? Please leave a comment!

______________________________

PS: For the curious, "Las Seguridades" = "The Securities". ;-)

Usable Security - a new Usability and Security blog

strawberryJAMM — Wed, 13 Jul 2005 23:08:00 GMT

Well, I'm a bit late to the party but that doesn't mean I can't still welcome Ping and his Usable Security blog to the intersection of User Experience Ave. and Security St. ;-)

It's nice to see someone else blogging in this area. I look forward to reading through (and commenting on!)the posts and comments made about Usable Security since the first post on March 12, 2005.

strawberryJAMM moves to Blogs @ TechNet

strawberryJAMM — Tue, 29 Mar 2005 03:00:00 GMT

blogs.TechNet.com has officially gone live and "strawberryJAMM's Security and User Experience WebLog" has moved off blogs.MSDN.com...(read more)

Least-Privileged Users, Add/Remove Programs and System Management Server

strawberryJAMM — Wed, 26 Jan 2005 01:58:00 GMT

I just found out something very interesting related to Least-Privileged User Accounts and software installations that are pushed out to enterprise employees using Systems Management Server (SMS), where they show up in the "Add New Programs" view of the Add/Remove Programs (ARP) control panel applet. It turns out that, for any installation published in this manner, the installing user doesn't have to be an Admin to successfully install the application. Anything that appears in this list will successfully install even if the installing user is running as LUA!

Personally, I couldn't believe this was true when I first heard it, so I had to immediately open ARP while running as LUA, click on "Add New Programs" and look for something that Microsoft's IT Group pushed out that I didn't already have installed ("WinZip 7.0" in my case). Lo' and behold, the installation worked without a hitch!

What an improvement to the user experience - previously, I've used MakeMeAdmin and then launched ARP from the cmd window (type "appwiz.cpl" and hit enter). This opened ARP with an ADMIN token under my credentials, thereby allowing me to see the published applications (launching it using runas /u:localadmin didn't work because the localadmin doesn't have rights to see what is published on the MSFT corpnet!). But now -- now I can install the applications without being an admin, so I can just open ARP, select "Add New Applications" and voilà!

Apparently the argument for this behaviour is that since everything published using SMS has been explicitly approved for use in the company by the enterprise' IT department, LUA users should be allowed to install them. That makes sense and, besides, anything that improves the LUA experience is fine by me. ;-)

Edit:

A colleague on an internal discussion list for Non-Admins, has brought to my attention that there is more than one way to populate the Add/Remove Programs interface, and not all of them support elevated privilege installs. However what I say above is still correct in that anything published through SMS does support them.

"Using a Least-Privileged User Account" OR "Woohoo, I've been published on microsoft.com!"

strawberryJAMM — Wed, 19 Jan 2005 01:19:00 GMT

Well, not to toot my own horn too loudly, but I've had my first external facing document, Using a Least-Privileged User Account (LUA), published on TechNet as part of the monthly Microsoft Security Newsletter for January 2005. This newsletter is considered the authoritative information source for understanding the Microsoft security strategy and priorities and is written for IT professionals, developers, and business managers.

The article is fairly brief and just quickly touches on a few of the key issues around the principle of "least-privilege". Anyone who has been a victim of viruses, worms, and other malicious software (malware) should appreciate this principle - after all, if all processes ran with the smallest set of privileges needed to perform the user's tasks, it would be more difficult for malicious and annoying software to infect a machine and propagate to other machines. Unfortunately, successfully taking advantage of this principle as a method of defence against external attacks by setting up LUA accounts for daily use is not at all straightforward so my article discusses some of these pitfalls and then points readers to some very useful resource sites to help with this process.

Please take a moment to read my article and, if you do, consider leaving a comment or sending email to our feedback alias (lua-qa@microsoft.com) with your thoughts about the article or around the principle of "least-privilege" in general.

Using Personas to Create User Documentation

strawberryJAMM — Fri, 22 Oct 2004 02:54:00 GMT

There's a new article at Cooper.com that touches on personas and how they can be used to aid the development of product documentation as well as product definition and design. Assuming that you already have personas available, if your technical writers aren't already taking advantage of them this article makes a compelling case for leveraging personas in their efforts.

<quote who="Steve Calde" where="Using_personas_to_create_user_docs.asp">

Personas and other user-modeling techniques are often solely discussed as tools for product definition and design, but they are useful tools in other arenas, as well. Technical writers responsible for creating user documentation can benefit greatly from a well-defined persona set, too.

Using personas to guide your user-documentation creation-process helps you:

· Determine the primary and secondary audiences for your documents

· Prioritize technical writing tasks by giving you a tool for identifying which aspects of the product are most important to your readers

· Write documentation in a way that helps your users achieve their goals, instead of simply cataloguing all of the product's features.

(more…)

</quote>

Edit: Shortened "where" link text b/c it was too wide for the page

The Problem of Usabilty in Open Source Software

strawberryJAMM — Wed, 20 Oct 2004 10:32:00 GMT

I just recently found this article on NewsForge about the problem of usability in Open Source Software (OSS). It was written by Frans Englich, who is a participant in the KDE project:

Open source usability is a technical problem we can solve on our own:

"Poor usability is a huge barrier to wider open source adoption. Our backends have matured and we consistently achieve technical excellence. Usability is the one area we have not yet mastered. For some reason, we treat it as a mystery instead of looking at it as a problem we can solve the same way we solve all other technical problems. " - Frans Englich, Friday July 09, 2004 (04:34 PM GMT)

I thought his initial characterization of the OSS community as a group of people who are wary of usability issues (and, by inference, other user experience issues) was both interesting and fairly accurate. In fact, I'd go so far as to argue that it isn't just OSS developers who look on with confused and dazed expressions when confronted with usability issues but that it is actually a characteristic of a significant majority of developers. Which is why product development teams frequently suggest or expect responsibility for the "mystical matter" of usability and user experience to be handed over, wholesale, to outside forces such as the "outside Companies, Experts and Laboratories" Frans attributes to the OSS developers or the members of a User Experience team that is rarely (in my experience) looked on as an integral part of the product development team.

Usability and other user experience issues aren't really all that mysterious - they just represent another technical problem that needs to be addressed along with all the other technical problems associated with a software application, such as Security, Performance, &c. I think we (Microsoft) are starting to grok that across the company - after all we already have "HOWTO's" for user experience issues in the Windows environment in the form of the Windows User Experience Guidelines and the Microsoft Manual of Style for Technical Publications - but it's going to be a long, slow journey that involves a significant culture shift away from developing technology for technology's sake and towards solutions for the user's sake, regardless of technology.

I just hope that our developers accept this culture shift and eventually acheive the goal of producing a truly usable, useful, operating system and software applications. (Preferably before the OSS community does. ☺)

Edit1: Corrected link to the Windows UX Guidelines. Thanks to uwe for pointing out the error.
Edit2: Expanded on and changed the tone of my last sentence.

Digital Rights Management - A Product Customer’s don’t Want

strawberryJAMM — Fri, 17 Sep 2004 09:30:00 GMT

{This post is an expansion of a small section out of a longer, non-technical, post at my “personal” blog at strawberryjamm.blogspot.com . This should be it for the reposts.}

The quoted text and link below is from a transcript of an excellent talk about digital rights management (DRM) given by Cory Doctorow on the Microsoft Redmond Campus. I, unfortunately, missed seeing the talk live, but did get to see a recording of the session a week later. It had a bit more zip and zing to it but the transcript is still good reading.

I thought he made some really good points (though I must admit I have doubts about how seriously anyone working on DRM solutions here probably took his views). One such point was around why DRM systems ultimately don’t work: the “attacker” trying to crack the secret is also the “recipient” of the coded message (after all, what use is having an encrypted DVD if you don’t also have a device that allows it to be decrypted and played?) So Alice sells Bob her encrypted DVD, and a DVD player that can play it, Bob ends up with the key, the cypher, and the cyphertext in his hot little hands, and, as Cory says, “Hilarity ensues”).

Another point that resonated with the “user experience professional” side of me, was how it is essentially a fallacy to believe that DRM is particularly useful as a “speed bump keeping honest people honest” (he gives this wonderful example of how existing DRM on a DVD ruined the experience of an honest friend of his who was only trying to do something perfectly legal.)

<quote who=“Cory Doctorow” what=“DRM and MSFT: a product no customer wants”>

Greetings fellow pirates! Arrrrr!

I'm here today to talk to you about copyright, technology and DRM, I work for the Electronic Frontier Foundation on copyright stuff (mostly), and I live in London. I'm not a lawyer -- I'm a kind of mouthpiece/activist type, though occasionally they shave me and stuff me into my Bar Mitzvah suit and send me to a standards body or the UN to stir up trouble. I spend about three weeks a month on the road doing completely weird stuff like going to Microsoft to talk about DRM.

I lead a double life: I'm also a science fiction writer. That means I've got a dog in this fight, because I've been dreaming of making my living from writing since I was 12 years old. Admittedly, my IP-based biz isn't as big as yours, but I guarantee you that it's every bit as important to me as yours is to you.

Here's what I'm here to convince you of:

1. That DRM systems don't work

2. That DRM systems are bad for society

3. That DRM systems are bad for business

4. That DRM systems are bad for artists

5. That DRM is a bad business-move for MSFT

It's a big brief, this talk. Microsoft has sunk a lot of capital into DRM systems, and spent a lot of time sending folks like Martha and Brian and Peter around to various smoke-filled rooms to make sure that Microsoft DRM finds a hospitable home in the future world. Companies like Microsoft steer like old Buicks, and this issue has a lot of forward momentum that will be hard to soak up without driving the engine block back into the driver's compartment. At best I think that Microsoft might convert some of that momentum on DRM into angular momentum, and in so doing, save all our asses.

Let's dive into it.

</quote>

Casting a vote should be easy...

strawberryJAMM — Fri, 17 Sep 2004 05:11:00 GMT

{This is the third user experience related post from my “personal” blog at strawberryjamm.blogspot.com . Given the rapid approach of the 2004 US federal election, its probably more relevant today than it was when initially posted.}

Originally Posted: Wednesday, May 12, 2004

The article linked below is from early 2001 and I remember reading it back when it was first written. A friend of mine just happened to forward it to me in an email he'd received from a colleague.

As my friend's colleague and my friend put it:

<quote who="C. Howerton">

For those who do not fully understand the importance of good, clean interface, I offer this example.

</quote>

<quote who="P. D. Adam">

And, there's more to this article than someone complaining about ballot designs...

</quote>

It should be considered a UX classic. Read it here: AskTog: The Butterfly Ballot: Anatomy of a Disaster.

Thoughts on Designing Administrative User Experience

strawberryJAMM — Thu, 16 Sep 2004 14:51:00 GMT

{This is the second user experience related post from my “personal” blog at strawberryjamm.blogspot.com}

Originally Posted: Monday, April 19, 2004

In my current position as a Microsoft UX PM in the Windows Security Core I am responsible for the administrative user experience of a V1 product being developed to support web service federated authentication. This is a wonderful opportunity, and one I am grateful to my new group for. All too often UX professionals focus on the end user experience, concentrating on the usability of client tools and leaving the men and women who are responsible for installing, monitoring and maintaining the servers the end users interact with - otherwise known as "IT Pros" - stuck in a dismal world with little more than an esoteric CLI (Command Line Interface) and an application-centric GUI (Graphical User Interface) shell.

Some IT Pros would sit up at this point and shoot back at me with the comment that they actually prefer using the command line for their work. One claim I've heard is that trying to use a GUI for daily IT tasks is too slow and often much more complex than just opening a command window and banging off a few, usually well known, command line parameters. Another comment is that they prefer to write scripts for frequent and/or repetitive tasks anyway.

I think a lot of this attitude is really alpha geek posturing:

<quote who="Alpha-Geek">

At the drop of a hat I can quote the syntax of any command line parameter for applications X, Y and Z. I can and you can't, therefore I must obviously be much cleverer and technologically savvy than you are.

</quote>

But the truth is even IT Pro's are human (trust me, they are. Even the ones that you'd swear are aliens from an alternate dimension), and they are also users. And any human user can benefit from the application of a user centred design approach on any tool that is developed to help them meet their goals. The key, of course, is to focus on the right kind of users - in this case, the technically savvy IT Pro, who wants to complete daily tasks quickly and be made instantly aware of problems in the system so that operations will continue to run smoothly.

One thing that I've been trying to teach my new team is that it really doesn't have to be an "Either/Or" choice between having a good GUI or a good CLI. Instead, it should be an "And/Both" - that is, have a good GUI AND a good CLI. When both kinds of interface have been designed to meet the user's ability to achieve goals and tasks, then the user is truly free to choose the tool that best suits the current scenario.

If we want IT Pro users to actually use a GUI-based administration tool, it must be at least as straightforward for an expert to do common tasks with it as with CLI (preferably, it would be even more straightforward). Using the GUI-based tool should not impose a significantly greater amount of key strokes than using a CLI would.

On the other hand, a CLI should also be designed with ease of use in mind. Parameter names should be meaningful and sensible so they are easy to remember and reasonable defaults should be provided whenever possible so that the process of scripting a task is straightforward. Additionally, every single action that can be done in the GUI-based tool must also be possible through the CLI, and vice versa (I'd be rich if I had a dollar for every time I've encountered a tool with some operations that could only be done through the GUI and some operations that could only be done using the command line.)

Give administrative users the best of both worlds - GUI and CLI - and they might actually like installing and maintaining a server application.

What a great idea!

Critiquing Open Source UI

strawberryJAMM — Thu, 16 Sep 2004 14:10:00 GMT

{This is the first of about 2 or 3 user experience related posts that I originally made on my “personal” blog at strawberryjamm.blogspot.com that I thought I’d reprint here, just to get things going}

Originally Posted: Monday, April 05, 2004

The following note was sent to a Microsoft UI Design discussion list I’m on the other day. As I agreed with the comments of the original poster (one Andrew McLaren by name) I thought that I would just copy them all here:

<quote who="Andrew McLaren">

Eric Raymond, self-appointed spokesperson for the Open Source movement, recently wrote a few articles complaining about the poor state of UI design in many open source projects. See for example

http://www.catb.org/~esr/writings/cups-horror.html.

A superficial response to this might be "good, the Linux guys are admitting they have cruddy interfaces and that they need to lift their game". But John Gruber has written a much more devastating analysis of Raymond's comments:

http://daringfireball.net/2004/04/spray_on_usability.

This scathing and insightful essay is full of good quotes; e.g.:

"This sort of task-driven interface is windows' forte ... they make these tasks approachable for [ordinary users]. And they're the result of a lot of work by a lot of well-paid full-time Microsoft engineers."

Okay we could take issue with the "well-paid" bit :-) - but anyways - and ...

"It's easy to ridicule the estimated 2006-or-2007 ship date for Longhorn... [but] do you doubt for a moment that Longhorn will provide more improvements from Windows XP than desktop Linux will gain during the same period?".

Gruber's core complaint is this: Raymond castigates Linux developers because they've done great fundamental software work, but then they've slackened off at the end, and not paid enough attention to that last little bit to make a project a success - the UI. Whereas, according to Gruber, good UI design is an intensive project in its own right, potentially much longer and harder than coding the inner logic and function. And structural aspects of open source militate against them ever getting good results, even if they did "put in that last little bit of effort."

Anyway Gruber's whole essay is a good read. I gather he is more of a Mac-oriented kinda guy; but I guess in this area, Apple and Microsoft have some common ground.

</quote>

I, also, definitely recommend both articles.

Follow-Up:

Moms are the best ego-boosters. I forwarded the information I blogged above to mine and this was the response she sent me:

<quote who="Mom">

I liked this statement:

“Conversely, some people who are good UI designers aren’t programmers. But the rock stars are the guys who can do both, and they are few and far between.”

Maybe you should be getting paid more - you are a hardware engineer with program experience and UI specialization - no wonder your new group wanted you !!!

</quote>

"A user experience rock star"...

You know, I do like the sound of that. J