[Cryptography] fighting designs in habituation since 1883
Ian G
iang at iang.org
Wed Apr 15 08:46:46 EDT 2015
That which I once sarcastically referred to as click-thru syndrome is
now apparently called habituation. And it's being measured using MRIs:
http://arstechnica.com/security/2015/03/mris-show-our-brains-shutting-down-when-we-see-security-prompts/
MRIs show our brains shutting down when we see security prompts
This is your brain after repeated security warnings. Any questions?
by Dan Goodin <http://arstechnica.com/author/dan-goodin/> - Mar 20, 2015
2:53 pm UTC
Ever feel your eyes glazing over when you see yet another security
warning pop up on your monitor? In a first, scientists have used
magnetic resonance imaging to measure a human brain's dramatic drop in
attention that results when a computer user is subjected to just two
security warnings in a short time.
In a paper scheduled to be presented next month at the Association for
Computing Machinery's CHI 2015 conference <http://chi2015.acm.org/>,
researchers will present data that maps regions of the brain responsible
for visual processing. The MRI images show a "precipitous drop" in
visual processing after even one repeated exposure to a standard
security warning and a "large overall drop" after 13 of them.
Previously, such warning fatigue has been observed only indirectly, such
as one study finding that only 14 percent of participants recognized
content changes to confirmation dialog boxes or another that recorded
users clicking through one-half of all SSL warnings in less than two
seconds.
Building a better mousetrap
The inattention is the result of a phenomenon known as habituation
<https://en.wikipedia.org/wiki/Habituation>, or the tendency for
organisms' neural systems to show partial or complete cessations of
responses to stimuli over repeated exposures. Such repetition
suppression, or RS, has long been documented in everything from sea
slugs to humans. By directly measuring RS in the brains of people
exposed to computer security warnings, the scientists were then able to
test more effective ways that software makers can alert people to
potential risks. The paper—titled "How Polymorphic Warnings Reduce
Habituation in the Brain—Insights from an fMRI Study
<http://neurosecurity.byu.edu/media/Anderson_et_al._CHI_2015.pdf>"—is
one of two to be presented at CHI 2015 that studies people's responses
to security warnings. A second paper is titled "Improving SSL Warnings:
Comprehension and Adherence
<https://adrifelt.github.io/sslinterstitial-chi.pdf>."
From Cryptogram: New research: "How Polymorphic Warnings Reduce
Habituation in the Brain -- Insights from an fMRI Study."
http://neurosecurity.byu.edu/media/Anderson_et_al._CHI_2015.pdf
http://neurosecurity.byu.edu/chi_fmri_habituation/
http://arstechnica.com/security/2015/03/mris-show-our-brains-shutting-down-when-we-see-security-prompts/
or http://tinyurl.com/pfqzume
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150415/db634bf4/attachment.html>
More information about the cryptography
mailing list