When we talk about ergonomics, we think about whether something is easy or practical to use, but we often overlook the fact that bad ergonomics can have much more serious implications in terms of risks. In this post, we will see through two examples how ergonomics and user-friendliness can impact risks of using some systems.
There is a trend that has been going on for the past few years in the car industry, and that is – in my opinion – a good example of manufacturers sacrificing ergonomics and security just to have cool features that sound modern. Screens in cars are becoming more and more widespread and are used to control lots of different things. While we could already debate about whether or not this is a good idea in terms of security, there is one thing in particular that is dangerous and that can easily be avoided: with time, there are less and less physical buttons, as all of them are becoming capacitive.
This causes harder interaction between the driver and the car, as it’s much harder to find the buttons while looking at the road (they are often smaller, on an almost flat and perfectly smooth surface), and there is often little to no feedback. While it’s okay to choose your playlist or setting the GPS destination through a screen, it’s a nonsense to remove physical buttons for important and common commands like AC or wipers (yes, in Teslas for example, you need the touch screen to enable wipers).
Fortunately, it looks that the hype will soon be behind us, as we start to see manufacturers introduce cars with physical commands again. It proves how important ergonomics can be and how an aim to look ‘technological’ can actually be dangerous.
This one is not an easy example, but it may be worth mentioning. Cryptocurrencies, as their name imply, rely on cryptography to secure the users’ funds. What is called a “wallet”, is in reality a pair of (pretty usual) cryptographic keys (public key to see the content of a wallet, private key to spend it). Because a wallet (and therefore, its private key) can hold substantial values, it was a common practice, in the early days of Bitcoin, to backup private keys on paper, by hand (because you probably don’t want to trust you connected high-tech printer for this kind of job). Yet, anyone who has already tried to copy random digits and letters by hand knows how painful it is, and more importantly, how likely a mistake is to happen in the process.
In 2013, BIP39 was submitted (BIPs are similar to RFCs), proposing a way of saving wallets in the form of a list of words. In short, the random number generated at the creation of the wallet is divided into 11-bit numbers. Each number is then associated to the corresponding word of a publicly known 2048-word list. This list can be easily backed up by hand.
Then, to determine the seed (more or less corresponding to the private key), we just need to pass that mnemonic phrase to a hashing function, generally PBKDF2.
As a quick side note, starting from here, multiple key pairs can actually be generated, but it’s a bit off-topic; see “Hierarchical Deterministic Wallets” for more information.
So, if we forget the technical stuff for a second and focus on the user experience: instead of having to manually write a (long) string of random characters, the user writes a list of 12 to 24 words (generally english, but available in several other languages as well), reducing the risk or making a mistake, ie. having a non-functional backup (with money at stake). Also, in case of a mistake, it’s also easier to spot and correct, and the wordlist is made so that words are short and different enough from each other. In the end, it speeds up the process and makes it more reliable, hence reducing risks of losing funds.