Introduction
Many usability and security researchers over the years have observed the principle that security and usability are usually inversely proportional. To that end, it is imperative that every developer on the FreedomBox project pay attention to the "little details" of usability. Making a secure system like this would challenge even the best-funded commercial projects.
The working group for usability will need to collaborate, deeply, with all other groups. It bears repeating that usability is not a "task domain" that one can just box up and deliver at the end. The usability and security implications run through every decision, particularly for FreedomBox.
My suggestion is to arrive at a core set of user stories. All we need to do here, is tell stories about the *main things* that people will use the FreedomBox for. In this task I encourage people to please exercise restraint. This is first, to establish the common stories. Edge case stories are good for testing the common stories, once we know the common stories.
I have come to prefer user stories, because use-cases can make hidden assumptions that user stories expose. A good story will be Independent, Negotiable, Valuable, Estimateable, Sized Appropriately, and Testable (Cohn, 2004) See also: http://agileconsortium.pbworks.com/f/SDBP04_IntroToUserStories.pdf
For example: Alice needs to send a message to Bob but Alice lives in an oppressive, surveilled environment, and if the message is detected, she will go to jail merely on suspicion of seditious activity. (This story implies many features and possible cases).
Further, I encourage contributors to please pay attention to the work of Peter Gutmann (2009, 2011a, 2011b). He has made some sometimes startling observations about computer and network security and usability. Strongly recommended.
Thanks.
jdpf.plus
References:
Gutmann, P. (2009, June 27). Things that make us stupid. Available from http://www.cs.auckland.ac.nz/~pgut001/pubs/stupid.pdf Gutmann, P. (2011a). Engineering security. Unpublished: Book Draft. Available from http://www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf Gutmann, P. (2011b, May). Security usability fundamentals. In Engineering se- curity (pp. 17–193). Unpublished: Book Draft. Available from http://www.cs.auckland.ac.nz/~pgut001/pubs/usability.pdf Cohn, M. (2004) User stories applied: for Agile software development. Addison-Wesley Professional, 2004
User Stories
Please contribute User Stories for the FreedomBox. Remember, this is a collaborative effort, no single one of us has all the answers.
---