Ame Elliott

7cf08d05c2c8a367865c8bd2a832ef85?s=47 inuse
May 18, 2018

Ame Elliott

UX Design for Trust: Protecting Privacy in a Connected World

7cf08d05c2c8a367865c8bd2a832ef85?s=128

inuse

May 18, 2018
Tweet

Transcript

  1. 1.

    UX PROTECTING DESIGN ame elliott // @ameellio // ame@simplysecure.org FROM

    BUSINESS TO BUTTONS // 15 MAY 2018 TRUST + PRIVACY IN A CONNECTED WORLD
  2. 3.

    | I |--->| H | +---+ +---+ ^ | +---+

    +---+ | | H |--->| I | | +---+ +---+ +---+ ^ | G | / +---+ +---+ +---+ +---+ / | F |--->| H |--->| I | ^ / +---+ +---+ +---+ \ / ^ \/ / +---+ +---+ +---+ +---+ +---+ | F | | G |--->| I |--->| H | | M | +---+ +---+ +---+ +---+ +---+ ^ ^ ^ | / | +------+ +-----------+ +------+ +---+ | TA W |<------| Bridge CA |-------->| TA X |-->| L | +------+ +-----------+ +------+ +---+ / ^ \ \ v \ v v +------+ +------+ +---+ +---+ | TA Y | | TA Z | | J | | N | +------+ +------+ +---+ +---+ / \ / \ \ \ v v v v v v +---+ +---+ +---+ +---+ +---+ +----+ | A | | C | | O | | P | | K | | EE | +---+ +---+ +---+ +---+ +---+ +----+ / \ / \ / \ \ v v v v v v v +---+ +---+ +---+ +---+ +---+ +---+ +---+ | B | | C | | A | | B | | Q | | R | | S | +---+ +---+ +---+ +---+ +---+ +---+ +---+ / \ \ \ \ \ \ v v v v v v v +---+ +---+ +---+ +---+ +---+ +---+ +---+ | E | | D | | B | | B | | E | | D | | T | You don’t need to be a cryptographer to work in security +---+ +---+ ^ | +---+ +---+ | | H |--->| I | | +---+ +---+ +---+ ^ | G | / +---+ +---+ +---+ +---+ / | F |--->| H |--->| I | ^ / +---+ +---+ +---+ \ / ^ \/ / +---+ +---+ +---+ +---+ +---+ | F | | G |--->| I |--->| H | | M | +---+ +---+ +---+ +---+ +---+ ^ ^ ^ | / | +------+ +-----------+ +------+ +---+ | TA W |<------| Bridge CA |-------->| TA X |-->| L | +------+ +-----------+ +------+ +---+ / ^ \ \ v \ v v +------+ +------+ +---+ +---+ | TA Y | | TA Z | | J | | N | +------+ +------+ +---+ +---+ / \ / \ \ \ v v v v v v +---+ +---+ +---+ +---+ +---+ +----+ | A | | C | | O | | P | | K | | EE | +---+ +---+ +---+ +---+ +---+ +----+ / \ / \ / \ \ v v v v v v v +---+ +---+ +---+ +---+ +---+ +---+ +---+ | B | | C | | A | | B | | Q | | R | | S | +---+ +---+ +---+ +---+ +---+ +---+ +---+ / \ \ \ \ \ \ v v v v v v v +---+ +---+ +---+ +---+ +---+ +---+ +---+ | E | | D | | B | | B | | E | | D | | T |
  3. 4.
  4. 6.

    Who are you worried about having your data? It depends

    on your threat model COMPANIES GOVERNMENTS HACKERS STALKERS
  5. 10.

    Why does a bike sharing app need to read your

    home settings and shortcuts and transfer that data?
  6. 19.

    Phishing is the attempt to obtain sensitive information like _

    user names
 _ passwords
 _ credit card details by masquerading as a trustworthy entity in an electronic communication. – Adapted from Wikipedia
  7. 21.

    21 http://berlinstreetwear.com/signup/? id=43289s32 https://berlinstreetwear.siliconalllee.com https://berlinstreetwear.siliconallee.com https://berlinstreetwear.com/ezpay https://berlinstreetwear.ezpay.com https://ezpay.com/berlinstreetwear Easy to

    spoof Your site, not 3rd party http://acm.us2.list-manage.com/track/ clicku=db7c289da&id=e70bf2b789&e Content strategy and site information architecture prevent phishing with good URLs
  8. 24.