Story automatically generated by StoryBot Version 0.2.2 rel Testing.
Storybot ('Arthur T Knackerbracket') has been converted to Python3
Note: This is the complete story and will need further editing. It may also be covered
by Copyright and thus should be acknowledged and quoted rather than printed in its entirety.
FeedSource: [MITTech]
Time: 2017-02-02 19:08:56 UTC
Original URL: https://www.technologyreview.com/s/603556/neuroscience-explains-why-we-get-hacked-so-easily/ [technologyreview.com] using ISO-8859-1 encoding.
Title: Neuroscience Explains Why We Get Hacked So Easily
--- --- --- --- --- --- --- Entire Story Below --- --- --- --- --- --- ---
Neuroscience Explains Why We Get Hacked So Easily
Arthur T Knackerbracket has found the following story [technologyreview.com]:
A study of how the brain reacts to security alerts led Google to test a new way to warn people that their computers may have been infected with malware.
Companies spend nearly $100 billion on securing computers each year, yet incidents such as ransomware crippling hospitals and personal data leaking online remain common. Anthony Vance thinks that defensive measures could be more effective if we paid more attention to the hardware between our ears.
“Security professionals need to worry not only about attackers but the neurobiology of their users,” said Vance, an associate professor at Brigham Young University, this week at the Enigma security conference in Oakland, California. His lab uses functional MRI scans of people’s brains to reveal the unconscious mechanisms behind the way they perceive—or ignore—security warnings.
One of Vance’s studies led him to collaborate with Google on tests of a new approach to displaying security warnings in the Chrome Web browser that people were less likely to dismiss offhand. Vance says Google's engineers told him they plan to add the feature to an upcoming version of Chrome. Google did not respond to a request for confirmation of when it would be added.
Multitasking is partly to blame. Vance’s collaboration with Google grew out of experiments that showed when people reacted to security warnings while also performing another task, brain activity in areas associated with fully engaging with a warning was significantly reduced. People were three times less likely to correctly interpret a message when they reacted to security warnings while also performing another task.
Vance’s lab teamed up with Google to test a version of Chrome modified to deliver warnings about a person’s computer possibly being infected by malware or adware only when they weren’t deeply engaged in something. For example, it would wait until someone finished watching a video, or was waiting for a file to download or upload, to pop up the message.
Other studies in Vance’s lab have shown that people very rapidly become habituated to security warnings—he’s shown how the brain’s response to a message drops significantly even on just the second time someone sees it.
The researchers also did follow-up experiments in which people were asked to download mobile apps that asked for alarming permissions (for example, “Can delete your photos”). By breaking the usual rules of software design and having the security-related messages change in appearance slightly each time—for example, with different colors—it was possible to reduce the habituation effect.
“This shows the potential to use neuroscience to understand people’s behavior and validate new user interface designs,” said Vance. “Our security UI should be designed to be compatible with the way our brains work.”
Google [soylentnews.org],
Chrome [soylentnews.org],
computer security [soylentnews.org],
online security [soylentnews.org]
Tom Simonite [soylentnews.org]
San Francisco Bureau Chief
Subscribe
See international, alumni and other pricing options
Already an Insider?
Log in. [soylentnews.org]
Have a magazine subscription?
Activate your Insider account. [soylentnews.org]
From the latest smartphones to advances in quantum computing, the hardware behind today's digital age is rapidly changing.
Even though quantum computers don’t exist yet, security companies are preparing to protect against them.
Tom Simonite
D-Wave’s new device is its most advanced yet, but some researchers still question its value.
Jamie Condliffe
Trump’s pick to regulate the telecom industry is pro-business, anti-regulation, and relaxed on privacy.
Jamie Condliffe
In partnership with
Alibaba
In partnership with
Lenovo
In partnership with
Lenovo
In partnership with
Lenovo
-- submitted from IRC