Results 1 to 1 of 1
  1. #1
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Cardiff, UK
    Thanked 554 Times in 460 Posts

    Alice in Warningland. or browser warning fatigue. PDF

    The following paper may be of interest, it's due to be presented next week at the USENIX Security Symposium 2013 in Washington, DC.

    Alice in Warningland:
    A Large-Scale Field Study of Browser Security Warning Effectiveness


    We empirically assess whether browser security warnings are as ineffective as suggested by popular opinion and previous literature. We used Mozilla Firefox and Google Chrome’s in-browser telemetry to observe over 25 million warning impressions in situ.

    During our field study, users continued through a tenth of Mozilla Firefox’s malware and phishing warnings, a quarter of Google Chrome’s malware and phishing warnings, and a third of Mozilla Firefox’s SSL warnings. This demonstrates that security warnings can be effective in practice; security experts and system architects should not dismiss the goal of communicating security information to end users. We also find that user behavior varies across warnings. In contrast to the other warnings, users continued through 70.2% of Google Chrome’s SSL warnings. This indicates that the user experience of a warning can have a significant impact on user behavior. Based on our findings, we make recommendations for warning designers and researchers.

  2. The Following 2 Users Say Thank You to satrow For This Useful Post:

    bobby-p (2013-08-11),ruirib (2013-08-10)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts