[Freedombox-discuss] Initial User Experience (was: Tor .onion domains)
dr at jones.dk
Mon May 9 10:43:16 UTC 2011
On 11-05-09 at 07:36am, Michael Blizek wrote:
> On 18:16 Sun 08 May , Jonas Smedegaard wrote:
> > I imagine a box offering these - as yes/no or as gradual sliders:
> > * Selfish -- [ ] modest [ ] medium [ ] mostly
> > [ ] store own secrets
> > [ ] ask friends to keep backups of my secrets
> > [ ] fetch torrents
> > [ ] connect to Tor
> > ...
> > * Among friends -- [ ] modest [ ] medium [ ] mostly
> > [ ] keep backups of friends' secrets
> > [ ] share files
> > ...
> > * Public -- [ ] modest [ ] medium [ ] mostly
> > [ ] publish documents ( website, blog...)
> > [ ] act as mirror for friends' public documents
> > [ ] contribute to WikiLeaks-like mirror of others' secrets
> > [ ] run a Tor exit node
> > The idea is to emphasize egocentric vs. friend-oriented vs.
> > world-contributing, and for each sort by how controversial the tools
> > are.
> I think a sharing page which make a distinction based on the risk
> rather than friends vs. public is more straightforward.
> Whatever you publish or for yourself should not be here. There should be a
> separate page where you can configure whether you want to run web/mail/...
> servers or not.
And slightly later, Michael added:
> OK, maybe this "quick configuration" is not such a good idea in this
> Maybe more like:
> ( ) no sharing
> ( ) run low risk low traffic services
> ( ) run all low risk services
> ( ) custom
> ... or directly showing the custom config...
I believe that from a user point of view, before even considering risk
level, there is a question of "who do I want to provide freedoms?".
Risk level can even be skipped - default is obviously "no risk".
If I gave such a box to my mom, then - even though being my mom and
therefore quite curious and encouraging about what I do myself - she
would likely turn off the box again, not run such a thing under her own
bed, if its main question communicated to her was "how much risk are you
willing to take?"
But let's not talk about my mom. Let's invent a persona - Jimmy:
Jimmy is not at all interested in engaging in cyberwar - he just wants
to hang out with friends. Some of his friends do not appear at Facebook
and asking them about it In Real Life, they suggest him to go buy one of
those FreedomBoxes to join their virtual hood. Sure, some of those
friends may be Freedom Fighters, but he is not (yet).
Jim activates the box, is asked a few questions, and is then hooking up
with his friends.
What was he asked? Was he - up front - asked about risk level? Nope,
that was not necessary, because anything that can be applied a default
need not be asked - and the sensible default here is "no risk!"
The "no risk" of being killed in traffic is to stay in bed - or no,
wait, then you can still be killed by a car or jumbo jet crashing into
your house, so really the "no risk" of being killed in traffic is to
commit suicide so that you are sure to be killed by something else.
The act of buying (or accepting as a gift) the FreedomBox is slightly
risky, and turning it on raise the risk. As does telling the box your
maiden name, and teaching it the names of all your
friends/lovers/crime-buddies or the pin code of your creditcard.
So really it is not "no risk" but "tiny risk" or "in the safe zone".
First, Jim is asked the very minimal of personalizing his box: Give it a
name! Technically there is more to it - a cryptograhically unique blob
is generated, which stays on the box for now but is used later as basis
for e.g. WebID and GPG. If later creating additional names for other
members of the household then more such blobs are created, and if later
doing a reset then the blob(s) are erased from the box.
Next he is asked if the name is a) private, b) can be revealed when
anyone asks, or c) is proactively promoted to the world.
Above he implicitly made choices affecting the risk level. The machine
cannot know if he stupidly named the box after his creditcard pin code,
but if he chose b) or c), we can start show a little "risk meter", still
far down in the "safe zone". Jim can perhaps (depending on the UI)
click on this risk meter to get to those questions on preferred risk
level, but if not it is simply informed to him what his actions cause on
the risk meter.
With name and exposure-of-name, Jim now has a machine which he can
reach, and if he chose b) or c) then others can too. It does nothing
other than that, because no services was activated. So he is not yet
finished with its initial activation.
There is a bunch (well, in first revision a rather tiny bunch, but
still) of services on the box, and he is done when picking and
activating at least one of those.
The box need to somehow prioritize what to suggest first - to rate the
services. Jim already tought the box a tiny hint about risk level in
the answer of the exposure-of-name question. But too little yet.
We don't wanna scare off neither Jim nor the friendly journalists
checking out the potential doomsday machine, so by default we want to
suggest some harmless services.
If Jim chose a) as exposure-of-name, then e.g. Backup-of-PC would be
proposed first, as that involves only himself and the box. When
multiple services rank equally high then (depending on UI) they are
shuffled around at each view.
If he chose c) then also Live-chat and Public-website (with optional
blog and microblog extensions) would rank highest.
If activating e.g. Host-public-web-forum or Public-website with blog AND
public comments enabled, then in addition to the risk meter would emerge
an altruism meter, being low initially (so far _interest_ in altruism
exist, but none practiced yet).
If Jim chose b) or c) then a Find-friends feature emerge. Until some
friends are actually located it is possible to activate friends-only
services, but they rank at most next-highest as it makes little sense
to socialize alone.
With at least one friend located, e.g. Offer-backup-mirror-for-friends,
Friends-only-chat and Friends-only-website rank highest together with
selfish and self-centered (and if c) chosen also altruistic) services.
If Jim chose a) then e.g. Offer-backup-mirror-for-friends would still
rank pretty high, because maybe Jim didn't realize initially the
consequence of avoiding the social network. If then selecting a service
which require proactive exposure of machine name to his friends, before
it is activated he is asked if ok to change his former choice for
exposure-of-name - and the risk meter then goes up accordingly.
The meters not only measure based on core exposure-of-name config and
choice of activated services. As mentioned already, altruism meter also
measures how much offers to the public is in fact being used. Similarly
risk meter takes into account what kind of services are active, and the
meter can be configured to weigh e.g. "public exposure" or "friends not
part of selected GPG web of trust" as especially risky.
What do you think?
Anyone wanna actually implement it?
I imagine the "intelligence" of slowly more personalized prioritizing
done by clever use of SPARQL interactions to a local 4store database.
4store is in Debian now. Clever queries still pending.
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 836 bytes
Desc: Digital signature
More information about the Freedombox-discuss