Case Study: SSL Warnings - example user

Loading...

From the course by University of Maryland, College Park

Usable Security

1146 ratings

University of Maryland, College Park

Usable Security

1146 ratings

Course 1 of 5 in the Specialization Cybersecurity

This course focuses on how to design and build secure systems with a human-centric focus. We will look at basic principles of human-computer interaction, and apply these insights to the design of secure systems with the goal of developing security measures that respect human performance and their goals within a system.

From the lesson

Week 2

Design: design methodology, prototyping, cybersecurity case study

Intro to Design12:08

Design Methodologies15:32

Case Study: SSL Warnings - example user7:34

Case Study: SSL Warnings - paper discussion15:20

Interview: SSL Warnings4:49

Meet the Instructors

Jennifer Golbeck
Director
Human-Computer Interaction Lab

[SOUND].

In this video, we're going to look at an example of usability for the average user.

And in particular, we're going to focus on Firefox's Untrusted Connection Error.

This is an important security error that happens when Firefox tries to connect to

a website that has an invalid security certificate.

But the error is pretty technical and may not be accessible to the average person.

So I've brought in a computer savvy user who's not a computer scientist and

I'm going to have him go through the process of receiving that error.

And he's going to tell us what he thinks it means and what he should do.

All right, so sitting at the desk here we

have our computer savvy non-computer scientist who's going to

go through a process of getting a common security error on the browser.

And we're going to see what he has to say about it.

So computer savvy non-computer scientist, I want you to go Twitter.com, and

it'll probably auto-complete.

So just go in the bar at the top and do Twitter.com.

>> Okay.

>> And hit Enter.

All right.

So I want you to read what's on the screen and then tell me what you think it means.

>> This connection is untrusted.

Want me to read the whole thing?

>> You read whatever you would read if you encountered this in

your normal browsing life.

>> All right.

You've asked Firefox to connect securely to Twitter.com but

we can't confirm that your connection is secure.

>> What do you think that means?

>> That means, they don't know, they,

Firefox doesn't know whether the connection to Twitter is secure.

Then it says, normally sites will present trusted identification to

prove that you're going to the right place.

However, this site's identity can't be verified.

So, Firefox can't be veri, can't verify that it's Twitter, actually Twitter.

>> So what do you think the risks are if you see an error like this?

>> Well, it could be a spoof site or

it could be taking me to somewhere that is not actually Twitter.

>> So what would you do if you got this error?

>> In real life, I would ignore it.

>> And so, what, like in real, so pretend we're in real life.

What would you actually do here, on this screen?

>> I don't know.

Try to click on whatever button they give me.

And then try to type the whole thing into Google.

aha, so it says, I understand the risks.

>> If you're reading, read out loud for us.

>> It says, if you understand what's going on,

and I have a vague notion, I may be wrong.

>> Wait before you continue,

what is your vague notion about what's actually going wrong?

>> That there's a, a disconnect between Firefox and

Twitter and Firefox can't verify that it's going to Twitter.

But it looked like the Twitter addressed it to me.

And it was, you know, I found it also through Google so I, I,

I think it's Twitter.

And so then it says, if you understand what's going on,

you could tell Firefox to start trusting this site's identification.

But even if you trust the site,

this error could mean that someone is tampering with your connection.

>> Do you know what that means when it

says someone is tampering with the connection?

>> I have a vague concept that it means someone might be, have

gained access to my computer or you know, is, I don't know.

Siphoning off information between what Firefox is doing and

what Twitter is doing.

>> Okay.

>> But, it's only Twitter, it's not my bank.

So I'm not sure there's that much harm in this case, but

I don't understand it that well.

>> Would you do this, I understand the risks, saying if it were your bank?

>> Probably not.

Or my credit card.

>> Yeah. >> Statement?

Probably not.

>> Okay.

>> So I can add an exception.

Maybe.

>> If you're reading, read out loud.

>> It says, you are about to override how Firefox identifies this site.

Then it says legitimate banks, stores and

other public sites will not ask you to do this.

And it says, the certificate says, is this site attempts to identify itself with

invalid information, it's outdated information.

The certificate is not currently valid,

it is impossible to verify whether this identity was reported as stolen or lost.

>> Now do you worry about that or not?

>> Yeah, I'm worried about it.

And it seems like Firefox is going to some effort, I think it's Firefox to-

>> Yeah.

>> Not let me do this.

So I'll just not do it.

I'll cancel.

>> Okay.

>> Get me out of here.

Okay.

But I'm still not sure what happened?

>> Thank you computer savvy non-computer scientist for

helping us process this error message.

>> I'm happy to help.

>> So what are some lessons we can take away from watching this video?

First, the user knows that something bad is happening,

but he's not really sure what.

He's able to read back some of the possible errors that the screen is

telling him, but he doesn't really know what those mean or how they would work.

The user also has good general strategies.

For example, he said he'd worry more about sites with sensitive information like

his bank or his credit card, but with Twitter, he's not too worried.

That's a great strategy.

But if he were, for example, to be facing a man in the middle attack where someone

would hijack his password and potentially his email address that he uses to log in.

If that password's repeated,

he actually could make a lot of his accounts vulnerable.

So his strategies are good,

but because he doesn't understand what the possible security risks are,

and they're not communicated to him by this error in a way he can understand,

he may make himself vulnerable if he were to go around this error.

And finally, the error message that Firefox shows relies on a lot of

information that the average user doesn't understand.

The example user we have here is actually quite computer savvy, but

he didn't understand a lot of the technical terms and jargon.

He doesn't understand what security certificates are.

How they work.

When they expire.

What that means.

And how they can be spoofed,

or inaccurate credentials can be sent to allow an attack.

So, the Firefox does a very good job of discouraging people from continuing on,

when they encounter this error message.

They're not doing a very good job of explaining what could be happening.

So a question for you to think about in to having the discussion is,

how could we improve this?

If we wanted to have an error message that appears when there's an invalid

security certificate.

What could we do to make it so a really average user could sort of

understand what's going on there, and make good decisions?

It's not a bad idea to really discourage them from taking a risky action,

but it's even better if we can educate them on what's happening.

So, think about how we can improve that error message

Explore our Catalog

Join for free and get personalized recommendations, updates and offers.

Coursera provides universal access to the world’s best education, partnering with top universities and organizations to offer courses online.

© 2018 Coursera Inc. All rights reserved.

Download on the App Store

Get it on Google Play