The User Experience of a Watermelon — What secure design is all about

This article was previuosly published on my Medium blog.

Reading the UX of a Banana — What UX design is all about, I realized that user security has the user experience of a watermelon.

Mmm… watermelons! Tasty, but yet so hard to get.

I have a strong preference for watermelons, but due to their UX, the typical fruit I eat is a banana. (OT: botanically speaking, the watermelon is a berry, but so is the banana.)

 

Likewise, as a security geek I have a strong preference for security solutions, but it wasn’t until the end of last year that I got around to getting myself a password manager. I still don’t use a VPN when travelling, due to the WTF-level of usability of the ovpn client.

Getting my hands on a watermelon is hard:

  • I live in Sweden, where watermelons don’t grow
  • Watermelons are almost never in season, meaning that most of the time they are both costly and tasteless
  • I go shopping using my bike that doesn’t have a basket
  • If I walk to the grocery store, I bring a backpack, and watermelons have the wrong form factor
  • A watermelon may weigh 5 kilos, and the price per kilo of a halved watermelon is often more than double that of a whole. This means that the weight of my groceries double should I choose to buy one.

The worst part: you don’t know if it’s a good specimen until you’ve gone through the tedious process above. The price tag is the best indicator — cheaper meaning in season and thus higher chance of deliciousness — but it may also mean that the watermelon is just about to ferment.

Eating a watermelon

  • Watermelons require additional tooling in the form of a sharp knife and sometimes a spoon or a fork.
  • It requires some training and technique to eat without ending up with dried out fruit sugar all over your lower face and décolleté.
  • Some varieties have seeds that sometimes surprises you and will slow this sugary indulgence down.
  • They produce massive amounts of waste and can’t be thrown on the garden compost.

If it wasn’t for the fantastic taste, I frankly wouldn’t bother at all.

The false dichotomy of usability vs security

It’s long been said that there is always a trade-off between security and usability. The reasoning goes that adding the extra steps of passwords, certificates, slow encryption algorithms etc. will always happen on the expense of the user’s time and joy.

I, and many others, claim that this is a false dichotomy. Yet we still struggle with the perception that security is clumsy and hard — and often it is.

I would argue that the reality of clumsy security is created by the false dichotomy — system architects and system owners accept this as true and never look for solutions that shift the responsibility from the user to the sysadmins and developers.

You know https?

There is no difference in end user experience between unencrypted and encrypted web.

Https is an excellent example of when good security is transparent to the user. Likewise, when Whatsapp rolled out end to end encryption to 1 billion users, their security was enhanced in the blink of the eye, without touching the UX. Whatsapp is not a perfect system, but everyone with an interest can see for themselves where the easiest attack vectors are. It’s no longer in the transmission of the data. 

Shifting responsibility from the user to the experts

So how can the UX of a watermelon be enhanced? Hmm… What’s the primary setting when I get to indulge in watermelon? Hotel breakfast! Fruits are already cut into portion size for me, and I pay the same whether I choose to empty the tray or if I only go for bread, eggs and waffles. The chefs have tasted them for me and gotten rid of the bad melons.

The acquiring, sorting and cutting has been shifted to the people with expertise, and the margin cost for the end user is non-existent.

Likewise, the User Experience of security should be as transparent as possible. Security should simply be there. The information about cipher suites used and vulnerability disclosure policy should be easily available for the interested, but it shouldn’t be a requirement for using the system.