Response to Security

What were the critical system design and operational flaws that allowed hackers to gain control over Mat Honan's accounts? What lessons should we learn from this about designing secure systems?

It is pretty clear that in the real world, public-key encryption is practically never used to encrypt actual messages. The reason is that it requires so much computation—even on computers, public-key is very slow. According to a widely cited estimate by Schneier, public-key crypto is about a thousand times slower than conventional cryptography. As a result, public-key cryptography is more often used as a solution to the key-management problem, rather than as direct cryptography. People employ public-key to distribute regular, symmetric keys, which are then used to encrypt and decrypt actual messages. In other words, Alice and Bob send each other their public keys.

To investigate further, we looked to existing software to find a program that was representative of the best current user interface design for security, an exemplar of general user interface design as applied to security software

 This, along with much of the detail from our evaluation results, supports our hypothesis that security-specific user interface design principles and techniques are needed

There are several reasons behind the perfectly done hack. The main reason why hackers were able to access all the accounts of Mr Mat Honan is because all his accounts were inter connected somehow. The accounts were daisy-chained together. Getting into Amazon let hackers get into Apple ID account, which helped them get into Gmail, which gave them access to Twitter. Had Mat Honana used two-factor authentication for his Google account, it’s possible that none of this would have happened. But the verifications were not active. The second reason is that because of poor security concern and precaution it made easy for hackers to enter in system and brust it.

The third and most important reason is that all the tech support from apple and amazon made the work of hackers easy and allowed them to enter even if the security questions were provided wrong and they just told about address and phone number, which enabled them access.

Over this all his data was backed up

"Had I been regularly backing up the data on my MacBook, I wouldn’t have had to worry about losing more than a year’s "

One should setup strong security access and multiple entries should be required by the tech support.

Why do Whitten and Tygar think that end-user email encryption software is so difficult to use? What is their suggestion for a better design strategy?

It is pretty clear that in the real world, public-key encryption is practically never used to encrypt actual messages. The reason is that it requires so much computation—even on computers, public-key is very slow. According to a widely cited estimate by Schneier, public-key crypto is about a thousand times slower than conventional cryptography. As a result, public-key cryptography is more often used as a solution to the key-management problem, rather than as direct cryptography. People employ public-key to distribute regular, symmetric keys, which are then used to encrypt and decrypt actual messages. In other words, Alice and Bob send each other their public keys.

To investigate further, we looked to existing software to find a program that was representative of the best current user interface design for security, an exemplar of general user interface design as applied to security software

 This, along with much of the detail from our evaluation results, supports our hypothesis that security-specific user interface design principles and techniques are needed

There are several reasons behind the perfectly done hack. The main reason why hackers were able to access all the accounts of Mr Mat Honan is because all his accounts were inter connected somehow. The accounts were daisy-chained together. Getting into Amazon let hackers get into Apple ID account, which helped them get into Gmail, which gave them access to Twitter. Had Mat Honana used two-factor authentication for his Google account, it’s possible that none of this would have happened. But the verifications were not active. The second reason is that because of poor security concern and precaution it made easy for hackers to enter in system and brust it.

The third and most important reason is that all the tech support from apple and amazon made the work of hackers easy and allowed them to enter even if the security questions were provided wrong and they just told about address and phone number, which enabled them access.

Over this all his data was backed up

"Had I been regularly backing up the data on my MacBook, I wouldn’t have had to worry about losing more than a year’s "

One should setup strong security access and multiple entries should be required by the tech support.

DRONE PLAYGROUND DESIGN

I have explained all my design using drawing and explaining it on white board, handwritten.
These are the photos.

before I start to explain my design, I was curious to know about the existence designs, one of the best one is DJI's South Korean Drone Playground.

But this needs some changes and advancement. So what do we need?

MY DESIGN IS AS FOLLOW.

Let's talk about stake holders,

Stake Holders 

A person, group or organization that has interest or concern in an organization.
Stakeholders can affect or be affected by the organization's actions, objectives and policies. Some examples of key stakeholders are creditors, directors, employees, government (and its agencies), owners (shareholders), suppliers, unions, and the community from which the business draws its resources.

Direct stakeholders are entities that have a visible role in the organization, regulation, operation and support of the bus service; or people, communities and entities that use the service or are impacted by it. 

Here they are : 

   

• Children 
• Professional drone drivers
• people who wants to learn driving drone
• Drone gammers 

Indirect stakeholders refer to all other individuals who are otherwise affected by the use of the system. Often the latter are ignored in the design process.

• Drone making companies 
• Staff working to repair 
• Security agencies 

The best part of the assignment was to explain it using white board and designing the ground. I enjoyed doing the project and research associated with it.

UX and Interaction Design

Norman's concept of doors: Pretty Interesting. 

• How did Disney use Norman's concepts of affordances, signifiers, and feedback to help patrons understand how to use the Magic Band? Define each of those terms and provide specific examples of each from the MagicBand system.

Their MagicBands, tech-studded wristbands available to every visitor to the Magic Kingdom, feature a long-range radio that can transmit more than 40 feet in every direction. The hostess, on her modified iPhone, received a signal when the family was just a few paces away. MagicBands and triangulated their location using another receiver in the ceiling. The server—as in waitperson, not computer array—knew what they ordered before they even approached the restaurant and knew where they were sitting.

This term can be stated as a relationship between the object and the how it works with person using it. The presence of an affordance is jointly determined by the qualities of the object and the abilities of the agent that is interacting.

It should be clearly understood that it is not a property although it creates properties in a way to have better affordance for people using the object. An affordance is a relationship. Whether an affordance exists depends upon the properties of both the object and the agent.

The example from disney world can be that if you’re wearing your Disney MagicBand it shows that you’ve made a reservation, you can access the places with the band, you preordered food will come where ever you are sitting. This is a perfect example of affordance as it allows people of any age to wear a band and enjoy the services at disney. 

One need not to carry cash, as the MagicBand is already linked to the credit card. The users are already pre registered and don’t need to wait in long lines. This technology fits the relationship between the object and the how it works with person using it.

A well defined affordance help people figure out what actions are possible without

the need for labels or instructions. But if this task is not completed we use the different other means to make it more accessible and easy to understand, methods used to do so can be stated as “Signifiers”. Affordances determine what actions are

possible where as signifiers communicate where the action should take place.

Their MagicBands, tech-studded wristbands, is provided to every person visiting the Magic Kingdom. It  feature a long-range radio that can transmit more than 40 feet in every direction. The hostess gets notified when you pretty near to them and can note where you sit and what have you preordered. MagicBands and triangulated their location using another receiver in the ceiling. The service is a Signifiers as it can usually used by the costumer easily,  as a access card, credit card and of course a Disney visit band.

Feedback can be defined as communicating the results of an action. It must be immediate: even a delay of a tenth of a second can be disconcerting

The example can be stated from the disney as they have all access just taping the band which allows them to go on rides as well get food, pick parking. All with just a tap of band and instantly.

• How did they use the MagicBand device to deliver a frictionless experience for their patrons?

The perfect balance of  affordances, signifiers, mappings, and feedback led the the MagicBand device to deliver a frictionless experience for their patrons. It allowed the cutovers to do every thing effortlessly and with ease. They not even realized that when patron came to know that they are coming and have already be seated and without any call got their food at the place they were sitting.

" Though the team behind this sprawling platform eventually swelled to more than 1,000 people, the idea started years ago with a handful of insiders.

The Fab Five drew particular inspiration from the then-nascent wearables market

“The whole system gave Disney a way of understanding the business,” says Franklin  "

Just Enough Research by Erika Hall

Hall advocates the use of "design ethnography"—what is that, and how does one do it? What specific user research methods does she suggest?

It is a study to understand the mental model, activities, habits and social relation for a targeted group of people. The study enables us to know a particular cultural group who are observed going about their ordinary activities in their habitual environment. The information can be used differently, from making their life better by making a product to just gathering information. The study here specifically helps in designing as this helps us to know how people actually wants to interact?, what makes them feel more comfortable and easy to use? how they usually use it? what exactly is a common need that needs to be enhanced? and many other observations through ethnography. This is the most important part doing user research. 

Erika Hall states four D’s of design technology. She suggests these methods for more successful user research.

First one is Deep drive, here i would like to state a word from “Design thinking”, empathy.

Deep drive here means same as empathy, it suggests us to understand the situation of the targeted people. “ Walk in their shoes, live in their skins, see through their eyes.” This would not only allow a better user research but also allow an in depth knowledge about their lives and what they really expect.

Second one suggests to get into their daily life schedule and watch them when they enter creepy situations where it is difficult for a person to be normal and relaxed. This will give you a better understanding for the subject and the way their behaviors fluctuates with respect to the situations they fall in.

“The most interesting insights will come when you keep your eyes open and go of script.”

The third one is data analysis, this is a important step to work over. Once you are done with collection of data, sit down try to connect the dots and see how better have understood your subject. The analysis will surely take your understanding to new level. Take your time in analyzing each data.

This step takes the product down to real world and gives you a chance to test its abilities You should remember that you are designing the product for the targeted people not for yourself and only the targeted people can better tell you about the final product assuming that you are not one of the targeted person for the product. 

What is a "user persona" and why are they useful? What sort of danger might a user persona create, and how could you mitigate that danger?

A persona is a fictional user archetype, it is completely user centered and explains the a prototype of what user want. It is in other words is a imaginary model you develop after data analysis. This could be connected to the last method for enhancing design technology. Creating a user persona helps designer and developers to make their product in every aspect. It certainly helps creating a empathetic mind set rather a specific point of view from one person. 

The literal meaning of persona is “the aspect of someone's character that is presented to or perceived by others.”

The persona description should have just enough detail to showcase the perfect example of a target user and what important aspects designers should keep in mind. It should not be very lengthy with all the marks but should be as short as possible with all important difference that makes a difference on the product and some how helps the developer. The persona should  as small as possible, while representing all plausible behavior patterns.

"Design targets are not marketing targets" - Erika Hall

This statement clearly explains that people who may be highly valuable to your business may not be so valuable for your user persona and design.  
The persona should be created after relating this to many real targeted people, more the data has been collected better the persona will be.

It is important to understand that once you’ve created a set of personas, you can reuse them over time, even for different products and make most of the use out f them as data gathering takes a lot of time and work. 

I want to quote this sedately that a persona should be User Centered only.

"Design Thinking" is much more than Art and Craft !

Coffee problem in INFO 200 Class

When people think of a "designer" they often imagine someone in a black turtleneck who makes already-designed products look more pretty. How does this differ from the portrayal of design thinking and user-centered design in the article by Tim Brown of IDEO and the shopping cart redesign video? Use one of the examples from the article or video to help explain how user-centered design is much more than making products look attractive.

An open mind, a boss who demands fresh ideas who clashes his own, a chaos which can be constructive and team work are the recipe for a great innovation.”

The article enables us to think about the “ Design thinking”  in a very clear cut way. It defines a “designer” not just as a person in a a black turtleneck making changes to a saturated designed product but, portrays a designer whose skills include that of psychologist, physicist, biologist, artisan and many more.
Design thinking is a discipline that uses the designer’s sensibility and
ideas to meet with people’s needs with what is technologically
feasible and is worth buying for the consumers, which may even create market opportunities.
According to Tim Brown, these are different characteristic which puts designers and thinkers into a different pack and makes them unique.

The first one is Empathy, this in my view is the mother of an idea for Design thinkers. By giving people preference and taking care of different perspectives, they can imagine what problems are need to be solved and what design fits best for a specific group of people. It allows a Design thinker to take into view the needs of some unrepresented people. “ Aravind eye care system ” is a brilliant example of how Design thinkers use empathy.

The second one is Integrative thinking. This allows a design thinker to take into account both the sides of an idea and put this into prospective using empathy. They not only rely on analytical processes and data analysis but also exhibit the ability to see all of the salient.

The most important one for a Design thinker is “Optimism”, being optimistic not only increases the chances of being successful in creating the idea into reality but also acts as a booster if the idea fails. This helps one find a better solution to an alternative we already have.

The forth and the last one according to Tim brown is collaboration, also know as team work.

“Pick good people, use a team and give them great tools and they are ready to bring change” - Bill Gates
 
Rather than making one person with all the skills of a psychologist, physicist, idealist make a team having each one of them with specialized knowledge. This will not only bring great designers together but will rather make the whole team as a “Design Thinker”

“ At IDEO we employ people who are engineers and marketers, anthropologists and industrial designers, architects and psychologists” - Tim Brown


The video explaining how Design thinkers work at IDEO makes it very clear that user-centered design is much more than making products look attractive. The way the team working on the shopping cart enhanced the ability of a cart from what it was before avows that Design thinkers not only bring art into a product but also increases its worth value and consumer value. This enables the consumers to be more comfortable and this directly effects the business market. This video clear shows the interconnection between designing, consumer satisfaction, change and business enrichment