Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Making SSL Warnings Work - Improving Security and User Experience

OWASP Foundation via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the challenges and solutions for improving SSL warnings in web browsers in this 52-minute conference talk from OWASP AppSec California 2015. Delve into Adrienne Porter Felt's insights as a Google Chrome security engineer on making HTTPS more effective and user-friendly. Learn about techniques for automatically identifying and resolving false positive warnings, redesigning SSL warnings for better user comprehension, and the importance of opinionated design in security interfaces. Discover strategies for traffic shaping, explaining threats to users, and creating clear, attractive security choices. Gain valuable knowledge on balancing security with usability to enhance online privacy protection and user experience in modern web browsers.

Syllabus

Improving SSL warnings Adrienne Porter Felt Chrome security team
How can browsers stop crying wolf?
Traffic shaping
define, identify
How do we explain this to users?
Threat source: the attacker is on the network, not a malicious website
False positives: be more concerned about errors on well-regarded sites
Your connection is not private. Attackers might be trying to steal your information from www.irs.gov (for example, passwords, messages, or credit cards).
Clear instruction Attractive preferred choice Unattractive other choice
Opinionated design works where text fails
TODO LIST • Warn only when under attack • Users understand warnings e Users follow warning advice

Taught by

OWASP Foundation

Reviews

Start your review of Making SSL Warnings Work - Improving Security and User Experience

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.