Connect with us

Innovations

USERS RATE ‘CREEP FACTOR’ IN NEW PRIVACY-SECURITY PRODUCT GUIDE

Published

on

The Mozilla Foundation, the nonprofit organization behind the Firefox web browser, is expanding a campaign begun last year to help consumers buy safe, secure connected toys and mobile gadgets this holiday season.

Mozilla’s 2018 edition Privacy Not Included buyers’ guide offers an assessment of the privacy and security qualities of 70 products, ranging from connected teddy bears and smart speakers to game consoles and smart home gadgets.

Strong Consumer Interest

More than half the listed products failed to meet the minimum security standards Mozilla created in concert with Consumers International, a global consumer advocacy group, and the nonprofit Internet Society. The guide invites consumers to interact with a “creepy” rating scale.

Some of the failed products may not be the kinds of products consumers generally associate with being vulnerable to misuse of user data. The goal is to make consumers and Internet of Things vendors more aware of privacy safety with respect to connected toys and mobile gadgets.

Last year’s first shopping guide revealed strong consumer interest in the privacy and security of connected toys and smart home products. Some companies that sold products also were interested. This year’s guide took the lessons learned last year and put them to work to build a better guide, according to Mozilla.

The main problem with an approach like this is that the desire for privacy varies among users, and there is no way to show that in Mozilla’s buyers’ guide, according to Shea Drake, content strategist and tech expert withBusiness.org.

“There’s no comparison tool, table of factors, or even standards for what is considered creepy versus whether it is useful/cool enough to be worth the creep factor,” he told the E-Commerce Times. “Alexa is voted as one of the creepiest products, yet there are still over 40 million units sold.”

How It Works

Consumers view pictures of the 70 products Mozilla included in the guide. At the top of the guide’s landing page is a horizontal row of pre-screened categories: Toys & Games, Smart Home, Entertainment, Wearables, Health & Exercise, Pets. Click on a product category to see the included toys or gadgets. Clicking on the image takes users to a product detail page where they can view the product’s characteristics.

Mozilla Buyers Guide

Consumers can rate products on a two-part Creep-O-Meter scale. A slider goes from “not creepy” all the way to “super creepy.” Respondents then can click on a thumbs up or thumbs down button to indicate their likelihood to buy the product.

Mozilla Creepiness Scale

Once a person votes, a display appears with a breakdown of the results, along with an opportunity to post and read other people’s comments on the product. Continue to scroll down the page to see a series of questions about the privacy characteristics of the product. The listings briefly explain what could happen if something should go wrong.

Mozilla includes a “Meets Our Minimum Security Standards” stamp on a page if the product has met its minimum security standards for IoT products.

Basic Safety Standards

Mozilla’s minimum privacy requirements highlight the fundamental ways Internet-connected products can fail when it comes to protecting your data. Mozilla’s researchers have assessed whether each product uses encryption, how easy the privacy policy is to read, how security updates are handled, and whether the maker addresses security vulnerabilities.

Mozilla’s bare minimum standards will reject connected toys and gadgets under the following circumstances:

  • Communications are not encrypted — Only the sender and the receiver should be able to access the information; there should be no eavesdropping.
  • There are no security updates — A product must support automatic security updates by default. Otherwise, companies cannot fix vulnerabilities in a timely matter if at all.
  • Weak passwords are permitted — Many products have default password such as “1-2-3.” Even worse, the passwords are printed on the box.
  • There is no easy way to reach vendors — It is often difficult to get privacy and data protection details from vendors.
  • The privacy policy is indecipherable — Details should not contain complicated security jargon or require an advanced reading level. Many consumers overlook opting out of data collection or learning how to delete their data. Many do not even know what data is being collected and sold.

Product Analysis

Only five of the 18 products listed on the Toys & Games page meet the minimum standards. They are Microsoft’s Xbox One, the Nintendo Switch, Sony PS4, the Harry Potter Kano Coding Kit, and the Amazon Fire Kids Edition.

Just six of the 18 wearables in the guide pass Mozilla’s minimum standards. Consistency within a manufacturer’s product line is not always a given. For instance, Apple AirPods failed, but the Apple Watch Series 4 passed.

In the smart home products category, most smart speakers have safety approval. These products include the Amazon Echo and Dot, Google Home, Apple HomePod, Sonos One and the Mycroft Mark 1.

Want a Nest-based smart home? Forget about it. None of the highlighted products have a safety approval from Mozilla.

Useful or Not

Mozilla’s approach to consumer education may not get the hoped-for results, but anything to build awareness helps, said David Ginsburg, vice president of marketing at Cavirin. Although typical consumers have a low chance of being breached, this awareness helps with their overall cyberposture — for example, proper home router and WiFi configuration, or securing their laptops.

“As with any buyers guide, do not let it lead to a false sense of security or fear,” he told the E-Commerce Times. “This is the case with all guides — Consumer Reports, Yelp, Trip Advisor. It is always the responsibility of the consumers to understand their individual risks versus rewards.”

It’s also likely that the vendors that received a “creepy” rating will take a look at product security and documentation.

“What is perfectly acceptable in one region may not be in another,” Ginsburg said.

These kinds of alerts are only as effective as the audience they are able to reach and who actually read them, noted Nathan Wenzler, senior director of cybersecurity at Moss Adams Cybersecurity Consulting Services.

Mozilla’s guide is definitely a necessary resource, and if anything, it needs to be expanded to include as many products as possible, he suggested.

“Even by their own admission, 70 products is a drop in the bucket in comparison to the number of IoT devices out there,” Wenzler told the E-Commerce Times. “It is a good start on Mozilla’s part, but there needs to be more of this kind of thing for a wider array of products that need to be made available to consumers in more ways.”

Standards Needed

Mandated government standards may become the ultimate solution to regulate privacy guarantees, but self-policing by the industries involved may be a better goal.

Standards could include plain speak about how data is used when it is gathered, and an easy way to opt out. If you are paying for a product, vendors should not make more money on how you use that product, suggested Business.org’s Drake.

“Breaches or improper use should include not only a minimum fine to the government, but also to each user of the product,” he said. “Right now, consequences are fairly minimal, but standards only work if we enforce them.”

A line needs to exist between safety and privacy, ghough one could say that certain security vulnerabilities could result in safety issues, noted Cavirin’s Ginsburg.

“A combination of IoT and privacy regulations (like CCPA) on the national level will probably make it through the new Congress,” he added.

Bare Minimum Goals

Encryption should be used wherever possible, to protect communication between the IoT device and anything it is connected to, as well as any data stored on the device itself, Moss Adams Cybersecurity’s Wenzler suggested.

Minimum standards should include requiring the default password to be changed and not allowing older, weaker connection protocols over wireless or Bluetooth, he said.

Many older security protocols have been broken over the years and could be compromised easily today, Wenzler pointed out.

As customers become more aware of the threats these devices can present, the more they will demand that security features be built into products, he added. That ultimately will be a far more effective way to get manufacturers to make security protocols a standard feature of whatever they produce.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Innovations

Honing your typography skills for UI design — an action plan

Published

on

By

Just recently I felt the need to improve my typography skills for UI design, so I outlined this action plan for myself, and I hope it will also help you in designing better interfaces with better typographic choices!

Action 1. Read

Here are 5 books on typography that I consider must-reads for user interface design.

Thinking with Type: A Critical Guide for Designers, Writers, Editors, & Students

— by Ellen Lupton

I first came across this book as a textbook for a design course. It laid the foundation for a solid understanding of typography.

I was able to use what I learned in design projects right away.

Filled with visual examples, this book is a definitive guide on typography for visual communication.

Get this book on Amazon


The Elements of Typographic Style

by Robert Bringhurst

This is the book to get if you really want to nerd out on typography and get a deep dive into the technical aspects of it.

I love the parts of the book where the history and evolution of typefaces are discussed.

Getting to know the history of typography helped me understand what makes a font look old-timey, what makes it look modern and what gives it a contemporary twist.

This knowledge really comes in handy when choosing the right font pairings.

Parts of this book can be packed with exhausting details that you may not be able to read through in one sitting.

However, you can use the rules and guidelines for reference anytime you want to create that typographic magic for a design project.

Get this book on Amazon


Type on Screen: A Critical Guide for Designers, Writers, Developers, and Students

by Ellen Lupton

This book concerns mainly typography in digital forms, such as how people read on different devices and common interaction patterns.

It also includes lots of example case studies that can immediately be put to use by a digital product designer.

I especially love the highly applicable do’s and don’ts on elements like navigation, tables and data display.

Get this book on Amazon


On Web Typography

by Jason Santa Maria

I wish I had read this book when I was a junior designer. It covers the essential aspects of typography that a digital product designer uses on a daily basis.

It includes sections on choosing and pairing fonts, setting hierarchy and creating contrast when composing a typographic system.

My favorite section of the book is when Jason cautions designers on using free fonts.

Before you go download and use that free font from a random corner of the internet, read this book first!

Get this book on A Book Apart


Webfont Handbook

by Bram Stein

When it comes time to implement the fonts that you have chosen for your designs, this is the book to get.

Whether you’re in a position to implement your own fonts of choice or you’re working with a developer, knowing the technicalities outlined in this book will help get your fonts to load fast and render correctly.

This will greatly reduce your chance of hearing: “Well, maybe we’ll just switch back to using Arial…”

Get this book on A Book Apart

Action 2. Practice

I wanted to give myself a chance to experiment with choosing and pairing fonts for a variety of projects.

You don’t always get to do that in a work situation, so here are two ways that I found that offer designers a chance to play and experiment.

Daily UI Challenge

You’ve probably heard of the daily UI challenge before. It’s a great way to experiment with typography with a project a day sent by email.

These projects can be small and quick. Over time you may be surprised by the amount of work and progress you’ve made!

Check out Daily UI Challenge


UX Challenge

If you want to practice your typographic skills for a design project that involves a specific audience and a problem space, hop over to UX Challengeand pick a challenge to work on (like this one).

Focus on how your typographic choices influence the user’s overall experience.

Check out UX Challenge

Action 3. Observe

Have the critical eye running in the background of your daily life

There are tons of typographical user interfaces in the physical environment that we live in.

For example, highway signs, furniture assembling instructions and emergency exit signs to name a few.

Keep an eye on how these text and signage look, and your experience interacting with them.


Keep a visual collection

When you encounter interesting typography examples in digital products or design inspirations from around the web, take a screenshot and save them in a collection that you can go back to later.

When you need some inspiration for a project, you may just find the perfect solution from your personal visual collection.


It’s time for action

I hope this action plan gives you some steps that you can take right away to start honing your typographic skills for UI design.

I believe that no amount of reading or looking can replace doing the actual design work.

So go forth and design something with typography today!

source: Uxdesign

Continue Reading

Innovations

Editor’s Corner—Apple TV will die so TV+ can live

Published

on

By

Apple may have whiffed on its Apple TV+ announcement Monday by offering too few key details about the service. But the company did say that its TV app was coming to Roku and Fire TV devices, essentially sounding the death knell for Apple TV.

Apple had been telegraphing this move for months. At CES, the company announced that a version of iTunes was launching on Samsung smart TVs later this year and touted incoming AirPlay 2.0 support for smart TVs from Samsung, Sony, LG and Vizio. These moves, while not a complete distribution strategy by any means, signaled Apple’s willingness to break down its walled garden for the sake of getting its video service further out into the world.

Wide distribution is key if Apple wants to take on Netflix—which is the notable holdout for Apple’s video aggregation scheme. As Strategy Analytics pointed out, Apple’s new TV app (arriving via update in May) is starting out with a huge built-in disadvantage, with only 175 million addressable TVs compared to more than 900 million for Netflix.

Apple has plans to close the gap. The company is launching the TV app on Mac this fall; launching on smart TVs, starting with Samsung in spring followed by LG, Sony and Vizio; and on Roku and Amazon Fire TV devices “in the future.”

The Roku and Fire TV agreements were the announcements of the day, according to Alan Wolk, co-founder and lead analyst at consulting firm TV[R]EV. He pointed toward a tweet from Prashanth Pappu, founder of Vizbee, as a good summation of why those two deals are significant.

Prashanth Pappu@prashanth_pappu

Apple is compensating for two mistakes (1) the failure of Apple TV. (2) big investment in content too quickly without figuring out distribution.

Wolk said that Apple used to be able to sit back, wait until an emerging product category became nascent, and then swoop in with a superior product and take over. But lately that strategy has failed, with Apple Music still dwarfed by Spotify and the pricey HomePod lagging behind Amazon and Google in the smart speaker market.

Apple TV is another example of the company’s hardware strategy falling flat. According to Parks Associates figures from the first quarter of 2018, Amazon and Roku combined control more than 50% of the streaming device market among U.S. broadband households. Apple has about 15% of the market. A big contributing factor to Roku and Google’s market dominance over Apple TV has to do with their $30 price points compared to Apple’s $180.

“There aren’t that many people going ‘I want to spend six times as much money,’” Wolk said.

Apple has been able to create perceived value because its products are so expensive. But Apple’s rigid adherence to premium pricing has come back to bite the company in the form of iPhone sales plateaus and sagging revenues for the company’s other devices.

“They’ve hit a point of diminishing returns,” Wolk said.

That hardware conundrum had sparked Apple’s renewed focus on growing its service revenues. The strategy appears to be paying off. In January, Apple said fiscal first-quarter services revenue reached an all-time high of $10.9 billion, up 19% over the previous year. That figure could keep climbing considering that, in addition to its video streaming service, Apple on Monday announced a subscription news and magazine service, a credit card and a streaming video game service.

The tradeoff for this services pipeline, at least in terms of video, appears to be the abandonment of the Apple TV. Once the Roku, Amazon and various smart TV deals are in place for the TV app, the Apple TV will essentially become an overpriced streaming box stripped of some of its exclusivity with Apple software and services like TV+.

Wolk said that at that point, Apple can let the Apple TV slowly die off and stop pushing upgrades; or do a complete reboot and put out a less expensive version of the device, similar to what the company did with the iPod Nano.

“I would think the former is more likely,” Wolk said. — Ben | @fierce__video

Continue Reading

Innovations

Google Stadia Gaming Service ‘Will Not Have Any Adults-Only’ Content, Executive Says

Published

on

By

A Google executive offered new details on Wednesday about the company’s upcoming video game streaming service, telling Reuters that game makers may use competing cloud providers and must avoid some inappropriate content.

Google, owned by Alphabet Inc, unveiled Stadia on Tuesday, saying the service launching this year would make playing high-quality video games in an internet browser as easy as watching a movie on its YouTube service.

The game would operate on Google’s servers, receiving commands from a user’s controller and sending video streams to their screen. Player settings, leaderboards, matchmaking tools and other data related to the game would “not necessarily” have to reside on Google’s servers, Phil Harrison, a Google vice president, said in an interview.

Hosting the data elsewhere, however, could lead to slower loading times or less crisp streaming quality, he said.

“Obviously, we would want and incentivize the publisher to bring as much of their backend as possible” to Google servers, he said. “But Stadia can reach out to other public and private cloud services.”

The approach could limit Google’s revenue from Stadia. It has declined to comment on the business model for the new service, but attracting new customers to Google’s paid cloud computing program is one of Stadia’s aims.

If a game publisher was using Amazon for some tools, “the first thing I would do is introduce you to the Google Cloud team,” Harrison said.

In addition, Stadia will require games to follow content guidelines that build upon the system of Entertainment Software Rating Board (ESRB), a self-regulatory body, he said.

“We absolutely will not have A-O content,” Harrison said, referring to the ESRB’s moniker for the rare designation of a game as adult-only because of intense violence, pornography or real-money gambling.

He said Stadia’s guidelines would not be public.

Asked about growing public concerns about game addiction, Harrison said Stadia would empower parents with controls on “what you play, when you play and who you play with.”

Google views Stadia as connecting its various efforts in gaming, including selling them on its mobile app store, Harrison said. But game streaming, he said, is an opportunity to tackle among the most complex technical challenges around and potentially apply breakthroughs to other industries.

“We think we can grow a very significant games market vertical,” he said. “And by getting this right we can advance the state of the art of computing.”

Continue Reading
Advertisement

Trending

%d bloggers like this: