dbosk
commented
7 years ago An alternative is to find good and bad examples of security usability. And also to fix the problems.
Open dbosk opened 8 years ago
dbosk
commented
7 years ago An alternative is to find good and bad examples of security usability. And also to fix the problems.
dbosk
commented
5 years ago See primcomlab/issue 3.
We can adapt the lab from the chid course to a security usability focus.
Have a few aspects that should be investigated, e.g. to set up a MITM connection to yield a certificate warning and observe how people handle it. We could provide several scenarios and the students choose which they want to investigate. Or we group the students and let the group design their investigation. In either case it's more interesting for them to work in groups.
Then we have a session where the students (groups) present their results. This will be interesting for everyone, especially to see if the results coincide --- if not we have to explain why.