{"id":6453,"date":"2017-01-31T16:32:25","date_gmt":"2017-02-01T00:32:25","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/01\/31\/news-290\/"},"modified":"2017-01-31T16:32:25","modified_gmt":"2017-02-01T00:32:25","slug":"news-290","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/01\/31\/news-290\/","title":{"rendered":"How to make PC security alerts better? Make them twirl, jiggle"},"content":{"rendered":"<p><img decoding=\"async\" src=\"http:\/\/zapt1.staticworld.net\/images\/article\/2017\/01\/dsc05611-100706700-large.3x2.jpg\"\/><\/p>\n<p> Have you ever ignored a security alert on your PC? You\u2019re not the only one. <\/p>\n<p> The warnings are designed to save us from malware infections and hacking risks, but often we\u2019ll neglect them. It could be because we\u2019re too busy or we\u2019ve seen them too many times, and we&#8217;ve become conditioned to dismiss them &#8212; even the most serious ones, according to Anthony Vance, a professor at Brigham Young University. <\/p>\n<p> Vance has been studying the problem and he\u2019s found that introducing certain small but noticeable changes can make the alerts more useful &#8212; and harder to ignore. \u00a0 <\/p>\n<p> &#8220;Our security UI (user interface) needs to be designed to be compatible with the way our brains work,&#8221; he said at the USENIX Enigma 2017 conference on Tuesday. &#8220;Not against it.&#8221; <\/p>\n<p> Alert messages tend to appear on a PC or browser in the same, consistent manner. But what if you change the alert\u2019s appearance over time? Say, make it twirl or jiggle when it pops up, or change its color? <\/p>\n<p> Vance experimented with these \u201cpolymorphic\u201d or changeable alerts and found that users did tend to pay more attention them over typical static alerts. He conducted his study by tracking users\u2019 eye movements and brain activity. <\/p>\n<p> \u201cIt seems silly,\u201d he said. \u201cBut when we applied this in the experiment, we looked at the results and found a dramatic difference.\u201d <\/p>\n<p> He proposes that vendors keep this in mind when developing security alert messages for their products.\u00a0 <\/p>\n<p> Vance has previously presented <a href=\"http:\/\/www.pcworld.com\/article\/3109952\/windows\/blame-it-on-your-brain-researchers-discover-why-we-ignore-pc-security-warnings.html\" target=\"_blank\">research<\/a>\u00a0showing that users will often disregard warning messages over their computers when multi-tasking. For instance, over 70 percent of users will ignore the alerts if they pop up when they\u2019re watching a video. <\/p>\n<p> Anthony Vance, a professor at Brigham Young University, speaks at the USENIX Enigma 2017 conference.\u00a0 <\/p>\n<p> To find a possible solution, his research has found that users tend to pay attention to the warning when the alert arrives after a task. \u201cThe timing of the warning really does make a difference,\u201d he said. <\/p>\n<p> That means vendors are better off developing alerts that appear after a user has stopped watching a video, completed a download or finished loading a page. \u201cThese are good times to present the message, because the user is less engaged,\u201d he said. \u00a0 <\/p>\n<p> Vance is also studying how all alerts \u2013 both security and non-security \u2013 often look and appear in the same design style, usually in a box, with the same fonts and colors. <\/p>\n<p> \u201cYou see two different dialogue messages. One is a security message, the other isn\u2019t. And yet they look very similar,\u201d Vance said. The danger with this design choice is that users will more likely ignore the rare system alerts when they appear. <\/p>\n<p> \u201cWhat this implies is we should design security messages to have a different visual appearance,&#8221; he said. &#8220;Or even a different mode of interaction than simply what I call a \u2018click to dismiss.'&#8221; <\/p>\n<p> However, Vance isn&#8217;t advocating developers overload their users with too many notifications either. <\/p>\n<p> \u201cDo we have to ramp up the visual novelty to the point it&#8217;s a burden on the user? That\u2019s obviously not good either,&#8221; he said.\u00a0&#8220;But I think our research shows even variations that are subtle have a big difference.&#8221; \u00a0 <\/p>\n<p><a href=\"http:\/\/www.computerworld.com\/article\/3163457\/security\/how-to-make-pc-security-alerts-better-make-them-twirl-jiggle.html#tk.rss_security\" target=\"bwo\" >http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"http:\/\/zapt1.staticworld.net\/images\/article\/2017\/01\/dsc05611-100706700-large.3x2.jpg\"\/><\/p>\n<article>\n<section class=\"page\">\n<p> Have you ever ignored a security alert on your PC? You\u2019re not the only one.<\/p>\n<p> The warnings are designed to save us from malware infections and hacking risks, but often we\u2019ll neglect them. It could be because we\u2019re too busy or we\u2019ve seen them too many times, and we&#8217;ve become conditioned to dismiss them &#8212; even the most serious ones, according to Anthony Vance, a professor at Brigham Young University.<\/p>\n<p> Vance has been studying the problem and he\u2019s found that introducing certain small but noticeable changes can make the alerts more useful &#8212; and harder to ignore. \u00a0<\/p>\n<p> &#8220;Our security UI (user interface) needs to be designed to be compatible with the way our brains work,&#8221; he said at the USENIX Enigma 2017 conference on Tuesday. &#8220;Not against it.&#8221;<\/p>\n<p class=\"jumpTag\"><a href=\"\/article\/3163457\/security\/how-to-make-pc-security-alerts-better-make-them-twirl-jiggle.html#jump\">To read this article in full or to leave a comment, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[11098,11073,714],"class_list":["post-6453","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-enterprise-applications","tag-malware-vulnerabilities","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/6453","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=6453"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/6453\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=6453"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=6453"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=6453"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}