[3489] in WWW Security List Archive
Re: Replacement Netscape PopUp Message
daemon@ATHENA.MIT.EDU (Mary Ellen Zurko)
Thu Nov 7 18:27:36 1996
To: Dave Kinchlea <security@kinch.ark.com>
cc: "Mirick, James R." <692-1709@mcimail.com>,
"David W. Morris" <dwm@xpasc.com>,
www security <www-security@ns2.rutgers.edu>, zurko@osf.org
In-reply-to: Your message of "Thu, 07 Nov 1996 09:47:33 EST."
<Pine.LNX.3.94.961107090617.28318G-100000@kinch.ark.com>
Date: Thu, 07 Nov 1996 15:57:01 -0500
From: Mary Ellen Zurko <zurko@osf.org>
Errors-To: owner-www-security@ns2.rutgers.edu
There's a whole discipline called Computer Human Interaction, with
a whole raft of useful and time-tested techniques for determining what
works and what doesn't work for users (of course, you do have to do
things like state what user population you're targeting, but that doesn't
seem to be the nub of this particular disagreement). CHI researchers
have learned, after years of hard experience, that merely arguing about
what users will or won't do or understand doesn't produce usable
products (after all, if it did, we'd have them!). If there is anyone
out there that's truly concerned about determining how to present
security to end users (a topic I personally find endless fascinating),
and you're not familiar with CHI, I suggest you visit your local Quantum
and pick up a few books (something by Jacob Nielson or Ben Schniderman
or Brenda Laurel), or get the conference proceedings from this year's
CHI and CSCW conferences.
Mez
