Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kazaa Usability Study

Posted by michael on from the painful-lessons dept.

Anonymous Coward writes "We have just finished a study that shows how user interface design flaws allow users on Kazaa to share their personal files without their knowledge. In a laboratory user study, only 2 out of 12 subjects were able to correctly determine that Kazaa was sharing their entire hard drive. We looked at the current Kazaa network and discovered that many users are sharing personal information such as email and data for financial programs such as Microsoft Money. To see if other users on Kazaa were aware of this and taking advantage of users ignorance, we ran a Kazaa client for 24 hours with dummy personal files. During this time, files named "Inbox.dbx" and "Credit Cards.xls" were downloaded from our client by several unique users. The tech report is online, or see our lab web page."

1 of 279 comments (clear)

  1. Example of full write access over Kazza network by lanner · · Score: 0, Redundant


    Last April of this year a former coworker of mine called me and asked me to come over in a plea of help. He had downloaded Kazza and installed it onto his computer. Four days later he discovered that his second hard drive that he had been keeping all of his most valuable data upon had suddenly lost a lot of data. His most important files were gone, deleted from his hard drive. He had turned on this file sharing utility without knowing what it was actually doing to his computer. Users over the Kazza network had randomly gone and deleted files across his shared drives over the course of the four days that he had first used Kazza.

    This was a case of failure to design a product which requires the user to know what they are doing before they can use the product.

    It was also a failure of the user to understand what the product was doing to his computer.

    I blame the user more than the software in this case because I had previously warned him that Kazza sucked, included spyware, and to use Gnucleus instead of Kazza to perform file sharing. The Win32 version of Gnucleus is currently read only, and does not allow write access to user's systems, which is ideal for the design of the network. He listened to someone else instead.

    Bad him.

    He made dinner for me while I used a hard drive sector scanning utility to undeleted some of the lost data. Not all of his data was restored. A good portion of it was permanently deleted. This included business and personal contact lists, his most prized data.