Slashdot Mirror

← Back to Stories (view on slashdot.org)

MRIs Show Our Brains Shutting Down When We See Security Prompts

Posted by timothy on from the all-persons-in-this-area-subject-to-palpatio-per-anum dept.

antdude writes with this excerpt from Ars Technica: Magnetic Resonance Imaging (MRIs) show our brains shutting down when we see security prompts. The MRI images show a "precipitous drop" in visual processing after even one repeated exposure to a standard security warning and a "large overall drop" after 13 of them. Previously, such warning fatigue has been observed only indirectly, such as one study finding that only 14 percent of participants recognized content changes to confirmation dialog boxes or another that recorded users clicking through one-half of all SSL warnings in less than two seconds.

3 of 79 comments (clear)

  1. Reflex by Tablizer · · Score: 5, Informative

    Married men learn to ignore nagging.

    --
    Table-ized A.I.
  2. Re:Information content by Pentium100 · · Score: 5, Informative

    Also, the warnings all are very similar even though the problems they warn about are different. Let's take a look at SSL warnings. When a browser puts up the huge warning that there is a problem with SSL, it could mean one of a few things:
    1) The certificate is self-signed. A big problem except for internal sites.
    2) The certificate expired 10 minutes ago or you computer's clock is wrong (not that big a problem).
    3) The certificate is for a different domain. This could be a problem or not, depending on the domain (could be the certificate is issued for www.example.com and I am going to example.com or 127.0.0.1).
    4) The mobile browser does not understand wildcard certificates.

    The problem is that the warnings all look the same and to find out which problem it is, you have to click on the "Technical details" button.

  3. Popup messages are completely ineffective by Tony+Isaac · · Score: 4, Informative

    My company had a customer whose nightly backups were failing. Every time every user in the company (hundreds of them) logged in to the system, they were presented with a message pop-up warning that the backups had been failing. This went on for WEEKS before anyone bothered to notify the software vendor (who managed the backup system).

    There seem to be a couple of principles at work here:
    1. Not my job. Everybody at the company knew it wasn't their job to keep the backups working, so they ignored the warning.
    2. In the way. Everybody had something they needed to do, so they simply clicked whatever they had to (the OK button) to get past the prompt and do their work.

    It's like the license agreements on software installers. Everybody just clicks "I Agree" because they know they have to do so to get to the next screen, not necessarily because they actually agree.