Security questions and warnings are effectively confirmation requests

May 24, 2020

Every so often, well intentioned people throw up security questions and warning messages and so on in an attempt to help people, as in the recent case of the new warning on many extensions on addons.mozilla.org. These don't work in practice, as I've written about before (for example, that asking users questions never increases security). However there is an important reason for this beyond things like users not knowing enough to make the right choice, which I want to mention explicitly and clearly for once.

To put it simply:

Security questions and warnings are a form of requesting confirmation, and people almost always say yes to that in general.

When Firefox throws up a 'this addon requests these permissions, do you agree' dialog when you install an addon, what it really asking in practice is 'do you want to install this addon?' Of course most people are going to say yes. Installing the addon is what they set out to do, so yes of course they want to do it, can you please stop asking all the time.

The one time requesting confirmation can work is when the person actually did something different from what they intended to. They wanted to delete file A, but now you're warning them that they're also deleting files B, C, and D. If they're deleting file A and you only ask them 'are you sure you want to delete file A', they're going to be annoyed with your interruption (which is why systems have mostly moved away from this sort of interface).

(Also, if you ask people these questions all the time, question fatigue sets in and people develop the reflex of saying yes without reading the questions.)

But most security questions and warnings are not telling you that you've done something different than you wanted to do. Instead they're of the 'do you really want to delete file A, are you sure' form, and so people automatically say yes, just as they automatically say yes to all of the other confirmation popups and so on that they deal with. Do you want to install this addon that asks for these permissions? Yes, that's why I I clicked on '+ Add to Firefox' button.

PS: The application of this to rewording various browser TLS warnings is left as an exercise to the reader, although such rewording would probably be somewhat controversial because it might wind up having to say things that aren't always true, like 'you have connected to something other than website <X> because the TLS certificate says this is <Y> and <Z>'.


Comments on this page:

By John Wiersba at 2020-05-24 16:43:20:

I wrote my custom rm and rmfr commands for this exact reason. They list the specified target files or directories and prompt for confirmation, but only if they've been given more than one file/directory to remove. This allows me to be confident when I use wildcards, that I will not remove more than the intended target files/directories, and gets out of the way for the vast majority of cases when I'm targeting only a single file or directory for removal.

By Nieve at 2020-05-27 01:38:32:

The threshold is different, but the GNU version of rm has the -I option to do basically the same thing:

-I   prompt once before removing more than three files, or when removing recursively; less intrusive than -i, while still giving protection against most mistakes
Written on 24 May 2020.
« Mixed feelings about Firefox Addons' new non-Recommended extensions warning
A cheatsheet for Python's pip for how I use it »

Page tools: View Source, View Normal, Add Comment.
Search:
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Sun May 24 00:05:35 2020
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.