David Seaward

Director of Trustworthy Services at Purism

Latest posts by David Seaward (see all)

Design principles for simply secure applications

The primary appeal of Librem One is that you get privacy without sacrificing convenience. There is already a wealth of free software available, both applications and services, with numerous security and privacy options. However, learning what they are and keeping up-to-date is generally neither simple nor convenient.

To combat configuration fatigue, we apply the following design principles to Librem One applications:

  • Identify simple security features
  • Make simple security the default
  • Work with upstream
  • Make it easy for everyone

Identify simple security features

Flawed patterns are design patterns and workflows that allow the user to expose themselves without realizing it, and those patterns must be eliminated.

Simple security features are those that make no difference to the everyday user experience. They should be enabled by default, and the corresponding widget removed.

Experimental security features are cutting-edge design patterns that are subject to change: they might burden the everyday user experience, which often leads to poor security hygiene. So, they should be disabled by default, but be available for privacy enthusiasts and experienced users.

In general, we seek to transform experimental security features into simple security features.

Make simple security the default

Moving forward, we aim to make simple security the default. Security features are enabled and cannot be disabled; enhancements are applied when you update. Experimental security features are disabled by default, but you can enable them at any time.

Work with upstream

Once our philosophies are aligned, we will simply push these changes upstream. Some applications and services prefer to keep configuration options open, in this case we will still push bug fixes and enhancements.

Healthy, vibrant upstreams ensure that users have the option to mix and match both services and applications. So you can always use the upstream version of an application if you prefer, or any other compatible app.

Make it easy for everyone

Remember our user personas? With these design principles it’s easy for everyone…

Alice Persona

Alice likes to keep things simple and get on with her day. When she enables a service or installs an application, no further configuration is required. When her services and apps are updated, any simple security enhancements are applied automatically.

Haruto Persona

Haruto likes to try out the latest features, even when they aren’t ready for everyday use. When he enables a service or installs an application, he sometimes looks through the settings. Or he reads a blog post about an experimental feature and wants to try it out; if it’s tedious or doesn’t really work, he disables it.

Thandi Persona

Thandi, on the other hand, is comfortable trying out experimental features in both client and server applications. She also contributes upstream to the design and implementation of new protocols and features, helping shepherd them to everyday use.

And that’s it for today; if you want to know more about Librem One, you can sign up right here!

 


Find out more about Librem One

Recent Posts

Related Content

Tags