Perhaps what you have said and referenced here should become the initial content of http://wiki.debian.org/FreedomBox/UserStories and the individual stories should be subpages?
On Wed, Jul 20, 2011 at 10:37 AM, [email protected] wrote: > hi > > As a former usability/security researcher, I would like to call attention to > the principle that security and usability are usually inversely proportional. > This has been observed by many usability and security researchers over the > years. > > The working group for usability will need to collaborate, deeply, with all > other groups. It bears repeating that usability is not a "task domain" that > one can just box up and deliver at the end. The usability and security > implications run through every decision, particularly for FreedomBox. > > My suggestion is to arrive at a core set of user stories. All we need to do > here, is tell stories about the *main things* that people will use the > FreedomBox for. In this task I encourage people to please exercise restraint. > This is first, to establish the common stories. Edge case stories are good > for testing the common stories, once we know the common stories. The "use > cases" part of the Wiki is a good start, I just added a User Stories page > too, as use cases come from stories: http://wiki.debian.org/FreedomBox. > > I have come to prefer user stories, because use-cases can make hidden > assumptions that user stories expose. A good story will be Independent, > Negotiable, Valuable, Estimateable, Sized Appropriately, and Testable (Cohn, > 2004) See also: > http://agileconsortium.pbworks.com/f/SDBP04_IntroToUserStories.pdf > > For example: Alice needs to send a message to Bob but Alice lives in an > oppressive, surveilled environment, and if the message is detected, she will > go to jail merely on suspicion of seditious activity. (This story implies > many features and possible cases). > > Further, I encourage the list to please pay attention to the work of Peter > Gutmann (2009, 2011a, 2011b). He has made some sometimes startling > observations about computer and network security and usability. Strongly > recommended. > > Thanks. > > have a day.yad > jdpf > > References: > > Gutmann, P. (2009, June 27). Things that make us stupid. Available from > http://www.cs.auckland.ac.nz/~pgut001/pubs/stupid.pdf > Gutmann, P. (2011a). Engineering security. Unpublished: Book Draft. Available > from http://www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf > Gutmann, P. (2011b, May). Security usability fundamentals. In Engineering se- > curity (pp. 17–193). Unpublished: Book Draft. Available from > http://www.cs.auckland.ac.nz/~pgut001/pubs/usability.pdf > Cohn, M. (2004) User stories applied: for Agile software development. > Addison-Wesley Professional, 2004 > > On Jul 14, 2011, at 8:43 AM, James Vasile wrote: > >> The idea of working groups has been proposed a few times by a few >> different people. From my point of view, this seems like a good idea. >> It's time. >> >> There are two questions here. First, what working groups should we >> form. Second, how shall those groups operate? I think if we answer the >> first, each group can answer the second on its own. I'm happy to >> arrange hosted infrastructure to the extent debian.org or github don't >> suit. >> >> We've had many suggestions for which working groups to form. Let's >> gather them in this thread, choose a minimal starting set and see if we >> can define and populate them. >> >> Best regards, >> James >> >> _______________________________________________ >> Freedombox-discuss mailing list >> [email protected] >> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss > > > _______________________________________________ > Freedombox-discuss mailing list > [email protected] > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss > > _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
