[messaging] Fingerprint usability study (experiment design)
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Jun 17 11:55:15 PDT 2014
On 06/16/2014 09:59 AM, David Leon Gil wrote:
> *Factor C.* Psychological incentive to accept fakes:
>
> 1. None
> 2. Game-like (e.g., performance compensation + directive to answer as quickly as possible)
> 3. Realistic pressure (e.g., pressure to please experimenter)
In the real world, the incentive to accept fakes is slightly different
than either of the above. In nearly all scenarios [0] where a
fingerprint is presented and needs to be confirmed or denied, it is *an
obstacle in the way of doing what you were trying to do*.
That is, if you say "this doesn't match", then you don't get to talk to
the other person, or you don't get to visit the web site, or you don't
get to log into the server.
I'm not sure how you'd model this incentive properly in an experiment.
--dkg
[0] OTR is just about the only exception to this obstacle situation, and
in practice, many users of OTR simply skip the fingerprint comparison or
SMP confirmation step entirely (which i think might even be strictly
worse than accepting an unverified fingerprint once and getting
TOFU-like alerts upon peer key change).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1010 bytes
Desc: OpenPGP digital signature
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140617/23bcf6f7/attachment.sig>
More information about the Messaging
mailing list