Balance (Security vs. Usability)

I suppose this should be filed under “Get More Pageviews”, but nonetheless, I took the click-bait to Sophos’ calling Apple out on making the iPhone 4S safer to use while driving easy to access by bypassing your passcode. My main issue is that they take what is a legitimate concern regarding the tradeoffs between security and ease of use (and even safety of use while driving) and instead paint it as a deliberately cavalier attitude towards data security.

What’s disappointing to me though is that Apple had a clear choice here.
They could have chosen to implement Siri securely, but instead they decided to default to a mode which is more about impressing your buddies than securing your calendar and email system.

You see what he did there?

Ever notice how an expert in a certain field will only ever see choices from the perspective of that field? Interesting how there is the assumption that the only options were secure and insecure. It’s like he just assumes that nobody will ever try to use a phone while driving, something that seems like it would gain a huge safety improvement by reducing phone interaction.

On my lowly iPhone 4, if I want to call my wife while I’m on the freeway to see if I need to stop at the store, I’d have to:

  • Pick up the phone
  • Press the home button or the power button
  • Swipe across the bottom of the screen
  • Tap in my passcode, or, as suggested in the Sophos article, my complex alphanumeric-with-symbols password
  • Tap the Phone icon
  • Tap the Favorites button if it’s not already on the Favorites page
  • Tap my wife’s entry

With an iPhone 4S and Siri, I’d presumably need only to:

  • Pick up the phone
  • Tap the button that activates Siri
  • Speak: “Siri, call my wife.”
  • Acknowledge Siri’s confirmation of my request by saying, “Yes.”

I wouldn’t ever have to look at the phone. The only touch target I’d need is a physical button on the phone, which is easy to locate without looking. It’s only marginally more complicated than asking a real person sitting in the car with you to dial the phone for you, because you have to push a button two times. I’m reasonably certain it’s this use case which Apple designers and engineers had in mind when setting the default options on the iPhone 4S, with the assumption that the security-conscious people could find and disable the “enable Siri while iPhone is locked” option themselves.

After all, while the iPhone is a popular device for businesses, it’s not the only market Apple sells to. Apple is going to make the choice, every time, to make it’s products easy and delightful to use for its primary customer base.

You know, ordinary people.

Advertisements
Balance (Security vs. Usability)

One thought on “Balance (Security vs. Usability)

  1. On my lowly 3GS, My steps are:

    1. Pull the Bluetooth headset out of the dash, turning it on as I bring it to my ear
    2. Hit the headset button for Voice Control (even if the phone is locked)
    3. Say “Call $WIFE”

    Granted, the old incarnation of Voice Control is no match for Siri in terms of recognition ability, but it’s not really that big of an improvement in speed/steps.

    But maybe I’m just trying hard to be content without the latest shiny. I do wish I had a 4S, of course.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s