SecurityUI-UX
From MozillaWiki
Please use "Edit with form" above to edit this page.
Status
| Security UI / UX Experiments | |
| Stage | Shelved |
| Status | ` |
| Release target | ` |
| Health | OK |
| Status note | Idea initiation |
Team
| Product manager | Lucas Adamski |
| Directly Responsible Individual | Larissa Co |
| Lead engineer | ` |
| Security lead | Tanvi Yvas |
| Privacy lead | ` |
| Localization lead | ` |
| Accessibility lead | ` |
| QA lead | ` |
| UX lead | Larissa Co |
| Product marketing lead | ` |
| Operations lead | ` |
| Additional members | ` |
Open issues/risks
`
Stage 1: Definition
1. Feature overview
We suspect that current security UI is confusing to users and does not accurately provide them understandable and actionable information that allows them to make proper choices.
Since we have never holistically evaluated the effectiveness of our security and privacy UI, we should do some broad user research to identify shortcomings and design improvements.
2. Users & use cases
Our UI falls into two main areas:
- inline: user is notified of some security or privacy relevant event, and (may) want/have to take action
- task driven: the user wants to perform some specific task such as changing a setting or understanding their situation
Some areas to investigate:
- context information about the current site ("am I on store.com")
- is the current site "secure" ("should I enter my password/credit card")
- historical information ("what information has this site stored on my computer")
- incident driven ("I read about this security issue and I want to disable a cert/feature/etc")
- inline warnings (this is a phishing/malware site, this site wants to install an <X>, mixed content, etc.)
Note the above parenthesized examples are not intended to be exhaustive (or even good).
3. Dependencies
Current Permissions Available to Users and their locations:
- History Settings (Preferences->Privacy)
- Always Private Browsing (Preferences->Privacy->Use custom settings for history)
- Disable Third Party Cookies (Preferences->Privacy->Use custom settings for history)
- Disable Cookies (Preferences->Privacy->Use custom settings for history)
- Awesome bar settngs (Preferences->Privacy->Location Bar)
- View Cookies / Remove Cookies (Preferences->Privacy->Use custom settings for history->Show Cookies)
- Clear private data (Preferences->Privacy->Use custom settings for history->Clear history when Firefox closes->Settings)
- Do-not-track (Preferences->Privacy)
- Per Site permission information (about:permissions, doesn't provide info for all sites, just top sites)
- Enable/Disable Javascript, Images, pop-up windows (Preferences->Content)
- Enable/Disable Javascript to move firefox windows (Preferences->Content->Enable Javascript-Advanced)
- Firefox Session Liftime (Preferences->General->When Firefox starts)
- Add-on install warnings (Preferences->Security)
- Safe browsing (block sites) (Preferences->Security)
- Password Management (Preferences->Security)
- Submit crash reports / performance data to Mozilla (Preferences->Advanced->General)
- Warn on redirects/reloads (Preferences->Advanced->General)
- Warn when website wants Offline Storage (Preferences->Advanced->Network)
- Updates (Preferences->Advanced->Update)
- SSL and certificate preferences (Preferences->Advanced->Encryption)
- Share Location Data with sites (about:config geo.enabled preference)
- Remove per site permission for Location Data/Cookies/Offline Storage, etc (When on the website, Tools->Page Info->Permissions)
- Per site certificate info (When on the website, Tools->Page Info->Security)
4. Requirements
`
Non-goals
`
Stage 2: Design
5. Functional specification
`
6. User experience design
`
Stage 3: Planning
7. Implementation plan
`
8. Reviews
Security review
`
Privacy review
`
Localization review
`
Accessibility
`
Quality Assurance review
`
Operations review
`
Stage 4: Development
9. Implementation
`
Stage 5: Release
10. Landing criteria
`
Feature details
| Priority | Unprioritized |
| Rank | 999 |
| Theme / Goal | ` |
| Roadmap | ` |
| Secondary roadmap | Security |
| Feature list | ` |
| Project | ` |
| Engineering team | ` |
Team status notes
| status | notes | |
| Products | ` | ` |
| Engineering | ` | ` |
| Security | ` | ` |
| Privacy | ` | ` |
| Localization | ` | ` |
| Accessibility | ` | ` |
| Quality assurance | ` | ` |
| User experience | ` | ` |
| Product marketing | ` | ` |
| Operations | ` | ` |
