User-Friendly Firewalling [Re: ZeroConf in Ubuntu Edgy]

Micah J. Cowan micah at cowan.name
Thu Jul 6 08:44:20 BST 2006 

On Thu, Jul 06, 2006 at 07:04:20AM +0200, John Nilsson wrote:
> On Wed, 2006-07-05 at 13:08 -0700, Micah J. Cowan wrote:
> > the cited problem was that
> > it would teach people to ignore the pop-up messages. I have not seen
> > this to be true for Windows Firewall (though I'll admit poor experience
> > in that area), but I really believe that, if someone is consistently
> > ignoring helpful and well-written instructions, the problem really does
> > exist outside of the physical computer.
> 
> I recognize the spirit of your argument, and I'll grant you that there
> are instances where users aren't worth the effort, but if you KNOW that
> the user will ignore your "warnings" than it is bad design to use that
> kind of warnings.

Emphatically agreed. However, I did /not/ know this, nor agree that it
would be as commonplace as has been claimed.

However, I've now heard a few other people voice the same concern, so
perhaps it's true. I certainly don't have any empirical evidence to back
up my suspicions, but I'm still a little doubtful.

> As for your particular example:
> It is a known fact that a when a sequence of actions is repeated for a
> specific desired goal they will eventually become a single action. In
> practice this mean that the action to press "Yes" to "are you
> sure?"-dialogs WILL become physiologically impossible to suppress. It's
> not a simple matter of ignoring warnings.

Sure, when such messages are the results of direct action taken by the
user. My own experience with the Windows Firewall messages has been that
they show up quite sporadically (there really aren't that many things
that require opening a port, for desktop users), and there's often
enough of a delay for the message to come up after I've launched a
program, as to offer some degree of disassociation from my direct
actions.

Both of those things just might be less true on a Linux system,
though...

At any rate, I haven't seen a /better/ solution in practice: I don't
think that asking an uneducated user to figure out how to edit
firewalling rules (even if they're prettied up and/or abstracted to some
degree) is going to be a step up from this.

But I will concede that the messages thing does appear to have at least
a /risk/ of being another thing that users might habitually click away.
I think it would take some study to actually ascertain whether this is
the case...

Of course, firewalls can tend to be a bit of a security red herring to
begin with...  popping up a nice user interface that warns the nice user
that he's opening a port and would he please like to affirm it is well
and good, but won't solve issues of insecurity in the program itself; if
Avahi /does/ have exploitable problems (though it sounds like care has
been taken in its implementation), then a firewall will be of little
help...

-- 
Micah J. Cowan
Programmer, musician, typesetting enthusiast, gamer...
http://micah.cowan.name/

More information about the ubuntu-devel mailing list