Category Archives: user-error

Anti-lock brakes

Chances are, if you bought a new car or even a new motorcycle within the last few years, you didn’t even get an option on ABS. It came as standard, and in your car was legally mandated. Anti-lock brakes work … Continue reading

Posted in tool-support, user-error | Leave a comment

A brief history of talking on the interwebs (or: why I’m not on app.net)

When I first went to university, I was part of an Actual September, though it took place in October. Going from a dial-up internet service shared with the telephone line to the latest iteration of SuperJANET with its multi-megabit connection … Continue reading

Posted in Twitter, user-error | 2 Comments

An apology and an opportunity

Today’s earlier post, UX is snake-oil bullshit, was indeed an April Fool. Sorry to the people who had their “WTF blood boil”, among other reactions. I’m also sorry to the people I parodied in the post. Please feel comfortable knowing … Continue reading

Posted in user-error | 1 Comment

UX is snake-oil bullshit

There, I said it. I feel better already. There are people in the world who’ll tell you that the most important thing in the world is UX, that if your software isn’t UX-compliant it isn’t worth shit. Here’s why that’s … Continue reading

Posted in software-engineering, user-error | 6 Comments

Why your security UI sucks

The principle recurring problem in user experience is creating a user interface that supports the user’s mental model of how an app works, while simultaneously enabling the actions that are actually supported by the implementation’s model of the problem domain. … Continue reading

Posted in software-engineering, UI, user-error | Comments Off on Why your security UI sucks

On the top 5 iOS appsec issues

Nearly 13 months ago, the Intrepidus Group published their top 5 iPhone application development security issues. Two of them are valid issues, the other three they should perhaps have thought longer over. The good Sensitive data unprotected at rest Secure … Continue reading

Posted in buffer-overflow, code-level, Crypto, Data Leakage, Encryption, iPad, iPhone, ssl, Updates, user-error, Vulnerability | 2 Comments

On phone support scams and fake AV

A couple of weeks ago, I posted on Twitter about a new scam: Heard about someone who was phoned by a man “from Windows” who engineered his way into remote access to the mark’s computer. Fast forward to now, the … Continue reading

Posted in antivirus, Malware, Phishing, Scam, user-error | 2 Comments

On Fitt’s Law and Security

…eh? Don’t worry, read on and all shall be explained. I’ve said in multiple talks and podcasts before that one key to good security is good user interface design. If users are comfortable performing their tasks, and your application is … Continue reading

Posted in iPad, iPhone, Mac, threatmodel, UI, user-error | 1 Comment