5 random links about design

Written on 6 February 2017, 10:31pm

Tagged with: , , , ,

1. When bad design leads to catastrophes

The Three Mile Island accident was a partial nuclear meltdown that occurred on March 28, 1979, in reactor number 2 of Three Mile Island Nuclear Generating Station (TMI-2) in Dauphin County, Pennsylvania, United States. It was the most significant accident in U.S. commercial nuclear power plant history. […]
The mechanical failures were compounded by the initial failure of plant operators to recognize the situation as a loss-of-coolant accident due to inadequate training and human factors, such as human-computer interaction design oversights relating to ambiguous control room indicators in the power plant’s user interface. […]
Despite the valve being stuck open, a light on the control panel ostensibly indicated that the valve was closed. In fact the light did not indicate the position of the valve, only the status of the solenoid being powered or not, thus giving false evidence of a closed valve.
Three Mile Island accident

2. How to deal with the paradox of choice

Reducing the number of choices for a user has, therefore, become the focus for many of today’s apps. This has been done in a number of ways:
1. Make the options more relevant (personalized recommendations)
2. or go a step further by making decisions on the user’s behalf, totally removing the burden of choice (ex. Google Now)
This notion of making decisions for users has been called “anticipatory design” and has become a topic of debate because of the ethics involved in making decisions on behalf of users
How To Build Honest UIs And Help Users Make Better Decisions

(more…)

Security concepts #2

Written on 29 January 2017, 09:40pm

Tagged with: ,

Functional requirements – what a system must do.
Non functional requirements – how the system must behave. On top of performance, usability, maintanability -> security.
CIA – Confidentiality (Privacy), Integrity, Availability + non-repudiation

Attacker levels

kid-level: unskilled, opportunistic, bragging rights
malware/ransomware: automated, opportunistic, financial gain
professional attacker: highly skilled, resources, persistent, adapt to their targets
nation state level: best skills available, big resources, goals – aligned with the country military/geo-strategic objectives

Vulnerability / exposure / security incident

Vulnerability types: bugs and flaws. Bugs – defects in the development process; could be detected by automated tools. Flaws – defects in the design process; could not be detected by automated tools.
A vulnerability does not necessarily cause an impact. It needs 2 more steps:
Exposure: if the vulnerability becomes known to an attacker
Security incident: if the attacker takes advantage of the exposure to perform an attack

Vulnerability assessment: black box vs white box testing
Black box – no access to the source code, hosting environment, etc
White box – full access to the source code, hosting, etc

Some principles:

– minimize the attack area
– secure defaults (coding and configuration)
– fail securely (defensive coding)
– give least privilege (need to know)
– multiple layers (ex. encrypted USB key, in a locked safe)
– no security by obscurity
– keep the design simple

Identification, Authentication, Authorization

Identification – who are you?
Authentication – how can you prove who you are?
Authorization – what can you do once authenticated?

Some specifics

– don’t say why the authentication failed (‘wrong username’ -> enumeration, ‘wrong password’ -> brute force attack)
– do not change data on the server via a HTTP GET request
– allow pasting passwords
– do not make the “Log out” option difficult to find
– just use HTTPS

Distinct Apple IDs for the same GMail account

Written on 28 January 2017, 02:45pm

Tagged with: , ,

It’s probably well known by now the fact that when you create a GMail account, any periods (dot characters) in your username will be ignored by GMail:

If you have a personal account (typically ending in gmail.com), it doesn’t matter if people type the period in your username or not.
For example, emails to all of these addresses will be delivered to the same Gmail account:
johnsmith@gmail.com
jo.hn.smith@gmail.com
john.smith@gmail.com
https://support.google.com/mail/answer/10313?hl=en

What is the impact of this feature on the creation of new Apple IDs?
Well, for Apple the 3 email addresses above are distinct, so they will allow to create 3 separate Apple IDs with the 3 email addresses. During the Apple ID registration process, an email with the subject Verify your Apple ID email address will be sent to confirm the ownership of the email address. Naturally, in all the 3 cases above, the 3 emails will be delivered to the same GMail account.

This is already a bit awkward, but I guess it’s something that does not create any problems, so Apple had no reason to work around it.
The real problem is described below.
(more…)