On security, programming, privacy, and… people
Usable security: how to get it
Why does your computer bother you so much about security, but still isn’t secure? It’s because users don’t have a model for security, or a simple way to keep important things safe.
“A user model for security deals with policy and history. It has a vocabulary of objects and actions (nouns and verbs) for talking about what happens. History is what did happen; it’s needed for recovering from past problems and learning how to prevent future ones. Policy is what should happen, in the form of some general rules plus a few exceptions. The policy must be small enough that you can easily look at all of it.
Today, we have no adequate user models for security and no clear idea of how to get them. There’s not even agreement on whether we can elicit models from what users already know, or need to invent and promote new ones. It will take the combined efforts of security experts, economists, and cognitive scientists to make progress.”
Scratch: programming for all
“Digital fluency” should mean designing, creating, and remixing, not just browsing, chatting, and interacting.
“[With Scratch] we wanted to develop an approach to programming that would appeal to people who hadn’t previously imagined themselves as programmers. We wanted to make it easy for everyone, of all ages, backgrounds, and interests, to program their own interactive stories, games, animations, and simulations, and share their creations with one another. […]
The core audience on the site is between the ages of eight and 16 (peaking at 12), though a sizeable group of adults participates as well. As Scratchers program and share interactive projects, they learn important mathematical and computational concepts, as well as how to think creatively, reason systematically, and work collaboratively: all essential skills for the 21st century. […]
In this article, we discuss the design principles that guided our development of Scratch and our strategies for making programming accessible and engaging for everyone. But first, to give a sense of how Scratch is being used, we describe a series of projects developed by a 13-year-old girl with the Scratch screen name BalaBethany.”
Four billion Little Brothers?: privacy, mobile phones, and ubiquitous data collection
Participatory sensing technologies could improve our lives and our communities, but at what cost to our privacy?
“Mobile phones could become the most widespread embedded surveillance tools in history. Imagine carrying a location-aware bug, complete with a camera, accelerometer, and Bluetooth stumbling everywhere you go. Your phone could document your comings and goings, infer your activities throughout the day, and record whom you pass on the street or who engaged you in conversation. Deployed by governments or compelled by employers, four billion “little brothers” could be watching you. […]
How can developers help individuals or small groups launching participatory sensing projects implement appropriate data-protection standards? To create workable standards with data so granular and personal, systems must actively engage individuals in their own privacy decision making. […] We need to build systems that improve users’ ability to make sense of, and thereby regulate, their privacy.
[…] As the first steps toward meeting this challenge, we propose three new principles for developers to consider and apply when building mobile data-gathering applications.”