Security Usability Fundamentals an Important Consideration When You’Re Building an Application Is the Usability of the Security Features That You’Ll Be Employing
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Childnodes 1
Index Home | Projects | Docs | Jargon Bugzilla | LXR | Tree Status | Checkins Feedback | FAQ | Search A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z Index Symbols _content 1 A addEventListener 1 alert() 1 align 1 alinkColor 1 anchors 1 appCodeName 1 appendChild 1 applets 1 appName 1 appVersion 1 attributes 1, 2 http://www.mozilla.org/docs/dom/domref/dom_shortIX.html (1 de 20) [09/06/2003 9:55:09] Index availLeft 1 availTop 1 availWidth 1 B back() 1 bgColor 1 blur 1 blur() 1 body 1 C captureEvents() 1 characterSet 1 childNodes 1 clear 1 clearInterval() 1 clearTimeout() 1 click 1 cloneContents 1 cloneNode 1 cloneRange 1 close 1 http://www.mozilla.org/docs/dom/domref/dom_shortIX.html (2 de 20) [09/06/2003 9:55:09] Index close() 1 closed 1 collapse 1 collapsed 1 colorDepth 1 commonAncestorContainer 1 compareBoundaryPoints 1 Components 1 confirm() 1 contentDocument 1, 2 contentWindow 1, 2 controllers 1 cookie 1 cookieEnabled 1 createAttribute 1 createDocumentFragment 1 createElement 1 createRange 1 createTextNode 1 crypto 1 cssRule 1 cssRule Object 1 http://www.mozilla.org/docs/dom/domref/dom_shortIX.html (3 de 20) [09/06/2003 9:55:09] Index cssRules 1 cssText 1 D defaultStatus 1 deleteContents 1 deleteRule 1 detach 1 directories 1 disabled 1 dispatchEvent 1 doctype 1 document 1 documentElement 1 DOM 1, 2 DOM 2 Range Interface 1 DOM window Interface 1 domain 1 dump() 1 E Elements Interface 1 embeds 1 http://www.mozilla.org/docs/dom/domref/dom_shortIX.html (4 de 20) [09/06/2003 9:55:09] -
A Task-Based Taxonomy of Cognitive Biases for Information Visualization
A Task-based Taxonomy of Cognitive Biases for Information Visualization Evanthia Dimara, Steven Franconeri, Catherine Plaisant, Anastasia Bezerianos, and Pierre Dragicevic Three kinds of limitations The Computer The Display 2 Three kinds of limitations The Computer The Display The Human 3 Three kinds of limitations: humans • Human vision ️ has limitations • Human reasoning 易 has limitations The Human 4 ️Perceptual bias Magnitude estimation 5 ️Perceptual bias Magnitude estimation Color perception 6 易 Cognitive bias Behaviors when humans consistently behave irrationally Pohl’s criteria distilled: • Are predictable and consistent • People are unaware they’re doing them • Are not misunderstandings 7 Ambiguity effect, Anchoring or focalism, Anthropocentric thinking, Anthropomorphism or personification, Attentional bias, Attribute substitution, Automation bias, Availability heuristic, Availability cascade, Backfire effect, Bandwagon effect, Base rate fallacy or Base rate neglect, Belief bias, Ben Franklin effect, Berkson's paradox, Bias blind spot, Choice-supportive bias, Clustering illusion, Compassion fade, Confirmation bias, Congruence bias, Conjunction fallacy, Conservatism (belief revision), Continued influence effect, Contrast effect, Courtesy bias, Curse of knowledge, Declinism, Decoy effect, Default effect, Denomination effect, Disposition effect, Distinction bias, Dread aversion, Dunning–Kruger effect, Duration neglect, Empathy gap, End-of-history illusion, Endowment effect, Exaggerated expectation, Experimenter's or expectation bias, -
The Art of Thinking Clearly
For Sabine The Art of Thinking Clearly Rolf Dobelli www.sceptrebooks.co.uk First published in Great Britain in 2013 by Sceptre An imprint of Hodder & Stoughton An Hachette UK company 1 Copyright © Rolf Dobelli 2013 The right of Rolf Dobelli to be identified as the Author of the Work has been asserted by him in accordance with the Copyright, Designs and Patents Act 1988. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means without the prior written permission of the publisher, nor be otherwise circulated in any form of binding or cover other than that in which it is published and without a similar condition being imposed on the subsequent purchaser. A CIP catalogue record for this title is available from the British Library. eBook ISBN 978 1 444 75955 6 Hardback ISBN 978 1 444 75954 9 Hodder & Stoughton Ltd 338 Euston Road London NW1 3BH www.sceptrebooks.co.uk CONTENTS Introduction 1 WHY YOU SHOULD VISIT CEMETERIES: Survivorship Bias 2 DOES HARVARD MAKE YOU SMARTER?: Swimmer’s Body Illusion 3 WHY YOU SEE SHAPES IN THE CLOUDS: Clustering Illusion 4 IF 50 MILLION PEOPLE SAY SOMETHING FOOLISH, IT IS STILL FOOLISH: Social Proof 5 WHY YOU SHOULD FORGET THE PAST: Sunk Cost Fallacy 6 DON’T ACCEPT FREE DRINKS: Reciprocity 7 BEWARE THE ‘SPECIAL CASE’: Confirmation Bias (Part 1) 8 MURDER YOUR DARLINGS: Confirmation Bias (Part 2) 9 DON’T BOW TO AUTHORITY: Authority Bias 10 LEAVE YOUR SUPERMODEL FRIENDS AT HOME: Contrast Effect 11 WHY WE PREFER A WRONG MAP TO NO -
Two Case Studies of Open Source Software Development: Apache and Mozilla
Two Case Studies of Open Source Software Development: Apache and Mozilla AUDRIS MOCKUS Avaya Labs Research ROY T FIELDING Day Software and JAMES D HERBSLEB Carnegie Mellon University According to its proponents, open source style software development has the capacity to compete successfully, and perhaps in many cases displace, traditional commercial development methods. In order to begin investigating such claims, we examine data from two major open source projects, the Apache web server and the Mozilla browser. By using email archives of source code change history and problem reports we quantify aspects of developer participation, core team size, code ownership, productivity, defect density, and problem resolution intervals for these OSS projects. We develop several hypotheses by comparing the Apache project with several commercial projects. We then test and refine several of these hypotheses, based on an analysis of Mozilla data. We conclude with thoughts about the prospects for high-performance commercial/open source process hybrids. Categories and Subject Descriptors: D.2.9 [Software Engineering]— Life cycle, Productivity, Pro- gramming teams, Software process models, Software Quality assurance, Time estimation; D.2.8 [Software Engineering]— Process metrics, Product metrics; K.6.3 [Software Management]— Software development, Software maintenance, Software process General Terms: Management, Experimentation, Measurement, Human Factors Additional Key Words and Phrases: Open source software, defect density, repair interval, code ownership, Apache, Mozilla This work was done while A. Mockus and J. D. Herbsleb were members of software Production Research Department at Lucent Technologies’ Bell Laboratories. This article is a significant extension to the authors’ paper, “A case study of open source software development: the Apache server,” that appeared in the Proceedings of the 22nd International Con- ference on Software Engineering, Limerick, Ireland, June 2000 (ICSE 2000), 263-272. -
A Review of XML-Compliant User Interface Description Languages
ÊÚÛ Ó ÅĹ ÓÑÔÐÒØ Í×Ö ÁÒØÖ ×ÖÔØÓÒ ÄÒÙ× ÆØÐ ËÓÙÓÒ Ò ÂÒ ÎÒÖÓÒØ ÍÒÚÖר Ø ÓÐÕÙ ÄÓÙÚ Ò¸ ÁÒרØÙØ ³ÑÒ×ØÖ ØÓÒ Ø ×ØÓÒ ÈÐ × ÓÝÒ׸ ½ ¹ ¹½¿ ! ÄÓÙÚ Ò¹Ð ¹ÆÙÚ¸ Ð#ÙÑ ×ÓÙÓÒ¸ Ú Ò Ö ÓÒ Ø×Ý׺Ùк º ר֨º ÖÚÛ Ó% &ÅĹ ÓÑÔÐ ÒØ Ù×Ö ÒØÖ% × ÖÔØÓÒ Ð Ò¹ #Ù #× × ÔÖÓ Ù Ø Ø ÓÑÔ Ö× ×#Ò¬ ÒØ×Ð ØÓÒÓ%Ú ÖÓÙ× Ð Ò¹ #Ù #× Ö××Ò# «ÖÒØ #Ó Ð׸ ×Ù ×ÑÙÐØ¹ÔÐ Ø%ÓÖÑ Ù×Ö ÒØÖ% ׸ Ú ¹ÒÔ ÒÒ ¸ ÓÒØÒØ ÐÚÖݸ Ò Ù×Ö ÒØÖ% × ÚÖØÙ ÐÐÝ ¹ ¬Òº Ì Ö × - Ò ÐÓÒ# רÓÖÝ Ò ØÖ ØÓÒ ØÓ ØØÑÔØ ØÓ ÔØÙÖ Ø ××Ò Ó% Ù×Ö ÒØÖ% × Ø Ú ÖÓÙ× ÐÚÐ× Ó% -×ØÖ ØÓÒ %ÓÖ «Ö¹ ÒØ ÔÙÖÔ Ó×׺ Ì ÖØÙÖÒ Ó% Ø × ÕÙרÓÒ ØÓ Ý # Ò× ÑÓÖ ØØÖ ØÓÒ¸ ÐÓÒ# ÛØ Ø ××ÑÒ ØÓÒ Ó% &ÅÄ Ñ Ö.ÙÔ Ð Ò#Ù #׸ Ò #Ú× -ÖØ ØÓ Ñ ÒÝ ÔÖÓÔ Ó× Ð× %ÓÖ ÒÛ Ù×Ö ÒØÖ% × ÖÔØÓÒ Ð Ò#Ù #º /ÓÒ×¹ ÕÙÒØÐݸ Ø Ö × Ò ØÓ ÓÒÙ Ø Ò Ò¹ÔØ Ò ÐÝ×× Ó% % ØÙÖ× Ø Ø Ñ . ÐÐ Ø × ÔÖÓÔ Ó× Ð× × ÖÑÒ ÒØ Ò ÔÔÖÓÔÖ Ø %ÓÖ ÒÝ×Ô ¬ ÔÙÖÔ Ó׺ Ì ÖÚÛ × ÜØÒ×ÚÐÝ ÓÒÙ Ø ÓÒ ×#Ò¬ ÒØ ×Ù-ר Ó% ×Ù Ð Ò#Ù #× - × ÓÒ Ò Ò ÐÝ×× #Ö Ò Ù×Ö ÒØÖ% × Ø Ø Û ØÖ ØÓ ÑÔÐÑÒØ ÖÓ×× Ø × Ð Ò#Ù #׺ ½ ÁÒØÖÓ Ù Ø ÓÒ ÓÖ ÝÖ׸ ÀÙÑÒ¹ÓÑÔÙØÖ ÁÒØÖØÓÒ ´ÀÁµ ÛØÒ×× Ô ÖÒÒÐ Ö ÓÖ Ø ÙÐØÑØ Í×Ö ÁÒØÖ ´ÍÁµ ×ÖÔØÓÒ ÄÒÙ ØØ ÛÓÙÐ ÐÐÝ Ô¹ ØÙÖ Ø ××Ò Ó ÛØ ÍÁ ÓÙÐ ÓÖ ×ÓÙÐ º ÍÁ ×ÖÔØÓÒ ÄÒÙ ´ÍÁĵ ÓÒ××Ø× Ó ¹ÐÚÐ ÓÑÔÙØÖ ÐÒÙ ÓÖ ×ÖÒ ÖØÖ×¹ Ø× Ó ÒØÖר Ó ÍÁ ÛØ Ö×Ô Ø ØÓ Ø Öר Ó Ò ÒØÖØÚ ÔÔÐØÓÒº ËÙ ÐÒÙ ÒÚÓÐÚ× ¬ÒÒ ×ÝÒØÜ ´ºº ÓÛ Ø× ÖØÖ×Ø× Ò ÜÔÖ×× Ò ØÖÑ× Ó Ø ÐÒÙµ Ò ×ÑÒØ× ´ºº¸ ÛØ Ó Ø× ÖØÖ¹ ×Ø× ÑÒ Ò Ø ÖÐ ÛÓÖеº ÁØ Ò ÓÒ×Ö × ÓÑÑÓÒ ÛÝ ØÓ ×Ô Ý ÍÁ ÒÔ ÒÒØÐÝ Ó ÒÝ ØÖØ ÐÒÙ ´ºº¸ ÔÖÓÖÑÑÒ ÓÖ ÑÖÙÔµ ØØ ÛÓÙÐ ×ÖÚ ØÓ ÑÔÐÑÒØ Ø× ÍÁº Ì ××Ù Ó ÍÁÄ Û× ¬Öר Ö× ÛÒ Ø Û× ÖÕÙÖ ØÓ ÚÐÓÔ ÍÁ Ð ÑÓ ÙÐ Ó Ò ÒØÖØÚ ÔÔÐØÓÒ ÖØÖ ØÒ ÑÖÐÝ ×Ö× Ó ÐÒ× Ó ×º ÌÒ¸ Ø× ××Ù Û× ÖÒÓÖ ÛÒ Ø ×Ö ÔÔ Ö× ØÓ ÑÓ Ð ÍÁ Ý×ØÓ ×Ô ¬ØÓÒ× ×Ó × -
Visual Validation of SSL Certificates in the Mozilla Browser Using Hash Images
CS Senior Honors Thesis: Visual Validation of SSL Certificates in the Mozilla Browser using Hash Images Hongxian Evelyn Tay [email protected] School of Computer Science Carnegie Mellon University Advisor: Professor Adrian Perrig Electrical & Computer Engineering Engineering & Public Policy School of Computer Science Carnegie Mellon University Monday, May 03, 2004 Abstract Many internet transactions nowadays require some form of authentication from the server for security purposes. Most browsers are presented with a certificate coming from the other end of the connection, which is then validated against root certificates installed in the browser, thus establishing the server identity in a secure connection. However, an adversary can install his own root certificate in the browser and fool the client into thinking that he is connected to the correct server. Unless the client checks the certificate public key or fingerprint, he would never know if he is connected to a malicious server. These alphanumeric strings are hard to read and verify against, so most people do not take extra precautions to check. My thesis is to implement an additional process in server authentication on a browser, using human recognizable images. The process, Hash Visualization, produces unique images that are easily distinguishable and validated. Using a hash algorithm, a unique image is generated using the fingerprint of the certificate. Images are easily recognizable and the user can identify the unique image normally seen during a secure AND accurate connection. By making a visual comparison, the origin of the root certificate is known. 1. Introduction: The Problem 1.1 SSL Security The SSL (Secure Sockets Layer) Protocol has improved the state of web security in many Internet transactions, but its complexity and neglect of human factors has exposed several loopholes in security systems that use it. -
Communication Science to the Public
David M. Berube North Carolina State University ▪ HOW WE COMMUNICATE. In The Age of American Unreason, Jacoby posited that it trickled down from the top, fueled by faux-populist politicians striving to make themselves sound approachable rather than smart. (Jacoby, 2008). EX: The average length of a sound bite by a presidential candidate in 1968 was 42.3 seconds. Two decades later, it was 9.8 seconds. Today, it’s just a touch over seven seconds and well on its way to being supplanted by 140/280- character Twitter bursts. ▪ DATA FRAMING. ▪ When asked if they truly believe what scientists tell them, NEW ANTI- only 36 percent of respondents said yes. Just 12 percent expressed strong confidence in the press to accurately INTELLECTUALISM: report scientific findings. ▪ ROLE OF THE PUBLIC. A study by two Princeton University researchers, Martin TRENDS Gilens and Benjamin Page, released Fall 2014, tracked 1,800 U.S. policy changes between 1981 and 2002, and compared the outcome with the expressed preferences of median- income Americans, the affluent, business interests and powerful lobbies. They concluded that average citizens “have little or no independent influence” on policy in the U.S., while the rich and their hired mouthpieces routinely get their way. “The majority does not rule,” they wrote. ▪ Anti-intellectualism and suspicion (trends). ▪ Trump world – outsiders/insiders. ▪ Erasing/re-writing history – damnatio memoriae. ▪ False news. ▪ Infoxication (CC) and infobesity. ▪ Aggregators and managed reality. ▪ Affirmation and confirmation bias. ▪ Negotiating reality. ▪ New tribalism is mostly ideational not political. ▪ Unspoken – guns, birth control, sexual harassment, race… “The amount of technical information is doubling every two years. -
Computer-Supported Cooperative Work: History and Focus
Computer-Supported Cooperative Work: Historv and Focus d Jonathan Grudin, University of California, Irvine en years ago, hen Greif of MIT and Paul Cashman of Digital Equipment Corporation organized a workshop that had far-reaching effects. Twenty people from different fields -but with a shared interest in how people work -gathered to explore technology’s role in the work environment and coined the term “computer-supported cooperative work” to describe it. Since then, thousands of researchers and developers have responded to this ini- tiative. Although the first CSCW conferences were held in the United States, the topic was picked up immediately in Europe and Asia, where related work and seri- ous interest already existed. This article describes the people and the work found under the CSCW umbrella. Why i984? An earlier approach to group support, called “office automation,” had run out of steam by 1984. OA’s primary problem was not technical, although technical chal- lenges certainly existed; it was in understanding system requirements. In the mid- CSCW and groupware 1960s, tasks such as filling seats on airplane flights or printing payroll checks had emerged in the 1980s been translated into requirements that resulted (with some trial and error) in suc- cessful mainframe systems. In the mid-l970s, minicomputers promised to support from shared interests groups and organizations in more sophisticated, interactive ways, and OA was born. OA tried to extend and integrate single-user applications, such as word processors and among product spreadsheets, to support groups and departments. But what were the precise re- developers and quirements for such systems? Building technology was not enough. -
Social Computing-Driven Activism in Youth Empowerment Organizations: Challenges and Opportunities Farnaz Irannejad Bisafar1, Lina Itzel Martinez2, Andrea G
Social Computing-Driven Activism in Youth Empowerment Organizations: Challenges and Opportunities Farnaz Irannejad Bisafar1, Lina Itzel Martinez2, Andrea G. Parker1,2 1College of Computer and Information Science 2Bouvé College of Health Sciences Northeastern University 360 Huntington Ave. Boston, MA 02115 Boston, United States [email protected], [email protected], [email protected] ABSTRACT significantly higher rates of health problems (e.g., diabetes) Throughout the world, organizations empower youth to than more affluent communities [17,29,44]. Previous work participate in civic engagement to impact social change, has examined how youth-led activism can be effective in and adult-youth collaborations are instrumental to the addressing these challenges and affecting social change success of such initiatives. However, little is known about [9,47]. In fact, throughout the world, many organizations how technology supports this activism work, despite the have created youth-led programs with the goals of solving fact that tools such as Social Networking Applications community problems and empowering youth to educate (SNAs) are increasingly being leveraged in such contexts. their peers about issues of concern [33]. These We report results from a qualitative study of SNA use organizations provide youth with resources needed to run within a youth empowerment organization. Using the social action initiatives (e.g., support for collective analytical lens of object-oriented publics, our findings organizing). As adult staff work together with youth, they reveal opportunities and challenges that youth and staff face create an environment that nurtures youth’s confidence that when they use SNAs. We describe the illegibility of youth they can take on social problems. -
More Than Writing Text: Multiplicity in Collaborative Academic Writing
More Than Writing Text: Multiplicity in Collaborative Academic Writing Ida Larsen-Ledet Ph.D. Thesis Department of Computer Science Aarhus University Denmark More Than Writing Text: Multiplicity in Collaborative Academic Writing A Thesis Presented to the Faculty of Natural Sciences of Aarhus University in Partial Fulfillment of the Requirements for the Ph.D. Degree. by Ida Larsen-Ledet November 2, 2020 Abstract This thesis explores collaborative academic writing with a focus on how it is medi- ated by multiple technologies. The thesis presents findings from two empirical stud- ies with university students and researchers: The first combined semi-structured interviews with visualizations of document editing activity to explore transitions through co-writers’ artifact ecologies along with co-writers’ motivations for per- forming these transitions. The second study was a three-stage co-design workshop series that progressed from dialog through ideation to exploration of a prototype for a shared editor that was based on the participants’ proposed features and designs. The contribution from the second study to this thesis is the analysis of participants’ viewpoints and ideas. The analyses of these findings contribute a characterization of co-writers’ practical and social motivations for using multiple tools in their collaborations, and the chal- lenges this poses for sharing and adressing the work. Multiplicity is also addressed in terms of co-writers bringing multiple and diverse needs and preferences into the writing, and how these may be approached in efforts to design and improve support for collaborative writing. Additionally, the notion of text function is introduced to describe the text’s role as a mediator of the writing. -
Infographic I.10
The Digital Health Revolution: Leaving No One Behind The global AI in healthcare market is growing fast, with an expected increase from $4.9 billion in 2020 to $45.2 billion by 2026. There are new solutions introduced every day that address all areas: from clinical care and diagnosis, to remote patient monitoring to EHR support, and beyond. But, AI is still relatively new to the industry, and it can be difficult to determine which solutions can actually make a difference in care delivery and business operations. 59 Jan 2021 % of Americans believe returning Jan-June 2019 to pre-coronavirus life poses a risk to health and well being. 11 41 % % ...expect it will take at least 6 The pandemic has greatly increased the 65 months before things get number of US adults reporting depression % back to normal (updated April and/or anxiety.5 2021).4 Up to of consumers now interested in telehealth going forward. $250B 76 57% of providers view telehealth more of current US healthcare spend % favorably than they did before COVID-19.7 could potentially be virtualized.6 The dramatic increase in of Medicare primary care visits the conducted through 90% $3.5T telehealth has shown longevity, with rates in annual U.S. health expenditures are for people with chronic and mental health conditions. since April 2020 0.1 43.5 leveling off % % Most of these can be prevented by simple around 30%.8 lifestyle changes and regular health screenings9 Feb. 2020 Apr. 2020 OCCAM’S RAZOR • CONJUNCTION FALLACY • DELMORE EFFECT • LAW OF TRIVIALITY • COGNITIVE FLUENCY • BELIEF BIAS • INFORMATION BIAS Digital health ecosystems are transforming• AMBIGUITY BIAS • STATUS medicineQUO BIAS • SOCIAL COMPARISONfrom BIASa rea• DECOYctive EFFECT • REACTANCEdiscipline, • REVERSE PSYCHOLOGY • SYSTEM JUSTIFICATION • BACKFIRE EFFECT • ENDOWMENT EFFECT • PROCESSING DIFFICULTY EFFECT • PSEUDOCERTAINTY EFFECT • DISPOSITION becoming precise, preventive,EFFECT • ZERO-RISK personalized, BIAS • UNIT BIAS • IKEA EFFECT and • LOSS AVERSION participatory. -
Organizational Search in Email Systems Sruthi Bhushan Pitla Western Kentucky University, [email protected]
Western Kentucky University TopSCHOLAR® Masters Theses & Specialist Projects Graduate School 5-2012 Organizational Search in Email Systems Sruthi Bhushan Pitla Western Kentucky University, [email protected] Follow this and additional works at: http://digitalcommons.wku.edu/theses Part of the Databases and Information Systems Commons Recommended Citation Pitla, Sruthi Bhushan, "Organizational Search in Email Systems" (2012). Masters Theses & Specialist Projects. Paper 1161. http://digitalcommons.wku.edu/theses/1161 This Thesis is brought to you for free and open access by TopSCHOLAR®. It has been accepted for inclusion in Masters Theses & Specialist Projects by an authorized administrator of TopSCHOLAR®. For more information, please contact [email protected]. ORGANIZATIONAL SEARCH IN EMAIL SYSTEMS A Thesis Presented to The Faculty of the Department of Mathematics and Computer Science Western Kentucky University Bowling Green, Kentucky In Partial Fulfillment Of the Requirements for the Degree Master of Science By Sruthi Bhushan Pitla May 2012 ACKNOWLEDGMENTS It was a great pleasure working under my graduate advisor, Dr. Guangming Xing, who provided me with everything I need to succeed. His inspiration and guidance at each and every step made this Master of Science degree so rewarding and satisfactory. He always encouraged my work in every possible way and also gave me the freedom to express and implement my ideas without any restrictions. I feel very fortunate and proud to have been his student and really think the experience which I gained working under him is invaluable. I would like to whole heartedly thank Dr. Xing for the immense trust and patience he has over me.