I share your interest in providing meaningful communication to non-technical people about the risk they are experiencing on the network. We are looking at explaining different types of risk; and using risk communication ideas from physical risk to do this.
So look at dinner. Imagine you are eating shrimp. You are trusting the Federal food law enforcement, perhaps, but that is not enforced in China where the shrimp originates. You are trusting border food inspections, but these are quite rare. You are trusting the handling of the frozen food by the shipping company, the port, the trucking company and the grocer. Any one of these could let the food go bad. Is that helpful? Would visualizing this chain or seeing it for every food purpose be helpful, or are there indicators you look for? I think this reifies Jason's point about how this degree of constant information - complete transparency - is not really helpful. I love RIck's work. He is doing some additional work on story-telling in security also that should come out soon. Here are a couple of papers, one on using open or closed eyeballs to indicate privacy and one pretty fundamental one risk behaviors. Also one that you probably do not need, on how trust in computing is often designed in direct opposition to observed human behavior. eyeballs: http://www.csee.usf.edu/~labrador/Share/workshops/papers/p291-benton.pdf risk biases: http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=6479448 (let me know if this is behind a pay wall for you, if so I will put it someone you can get it in the next couple of weeks). trust: http://ljean.com/files/Trust.pdf And the Firefox developer position to work on these issues is closing in two weeks, if you or someone else is looking for full time work on securing and communicating risk/trust/security. I will be focusing on this during the summer if you want to chat then. thanks- -- Prof. L. Jean Camp http://www.ljean.com Net Trust http://code.google.com/p/nettrust/ Economics of Security http://www.infosecon.net/ ETHOS http://ethos.indiana.edu Congressional Fellow http://www.ieeeusa.org/policy/govfel/congfel.asp
-- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
