Difference between revisions of "User Intent"
(→Context) |
(→Context) |
||
| Line 5: | Line 5: | ||
==Context== | ==Context== | ||
In the past [[User Intent]] was inferred from postings of [[Privacy Statements]] written in dense legalese supported by a [[Contract of Adhesion]] which was typically supplied as a [[Terms of Service]] which were typically invoked by references with a URL to more dense legalese. Some [[Web Site]]s realizing that they were on shaky legal ground began requiring users to page though a long PDF of the [[Terms of Service]] as proof that the users were fully informed. Everyone involved in that stratagem knew it as a sham, but continued it none-the-less. | In the past [[User Intent]] was inferred from postings of [[Privacy Statements]] written in dense legalese supported by a [[Contract of Adhesion]] which was typically supplied as a [[Terms of Service]] which were typically invoked by references with a URL to more dense legalese. Some [[Web Site]]s realizing that they were on shaky legal ground began requiring users to page though a long PDF of the [[Terms of Service]] as proof that the users were fully informed. Everyone involved in that stratagem knew it as a sham, but continued it none-the-less. | ||
| + | |||
| + | ==Problems== | ||
| + | |||
| + | A user who checks those boxes will have a hard time arguing later that they didn't understand what they were signing. -- Digital signatures – no proof of intent. http://www.pcworld.com/article/253523/how_to_make_sure_that_digital_signature_is_legit.html | ||
| + | The human prover signals her intent to authenticate to a particular verify by acquiring the verifier’s QR code with her Pico device. https://books.google.com/books?id=TGUcBQAAQBAJ&pg=PA175&lpg=PA175&dq=prove+user+intent+computer&source=bl&ots=PJla77v1n1&sig=JGbBd9O8ydEsoacW50igG_VDp1Y&hl=en&sa=X&ved=0CCwQ6AEwAzgoahUKEwja2N6Iy77IAhXEOogKHZxAAZI#v=onepage&q=prove%20user%20intent%20computer&f=false | ||
| + | Current practice is to try to infer user intent. http://www-ksl.stanford.edu/people/glass/GlassDissertation.pdf | ||
| + | http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=69&cad=rja&uact=8&ved=0CFUQFjAIODxqFQoTCKef6qLNvsgCFdBIiAodS2QBYQ&url=http%3A%2F%2Fdl.acm.org%2Fcitation.cfm%3Fid%3D1242739&usg=AFQjCNExvyQaXUTMc9wgINbxCBoc-GyDxw&sig2=BdgpttgU_0HAjxbh2vm2gA&bvm=bv.104819420,d.cGU | ||
| + | User intent used to detect malware http://www.covert.io/research-papers/security/Gyrus%20-%20A%20Framework%20for%20User-Intent%20Monitoring%20of%20Text-Based%20Networked%20Applications.pdf | ||
| + | |||
| + | |||
| + | ==References== | ||
Revision as of 11:17, 1 September 2018
Full Title or Meme
User Intent implies free will exercised by a fully informed and competent user.
Context
In the past User Intent was inferred from postings of Privacy Statements written in dense legalese supported by a Contract of Adhesion which was typically supplied as a Terms of Service which were typically invoked by references with a URL to more dense legalese. Some Web Sites realizing that they were on shaky legal ground began requiring users to page though a long PDF of the Terms of Service as proof that the users were fully informed. Everyone involved in that stratagem knew it as a sham, but continued it none-the-less.
Problems
A user who checks those boxes will have a hard time arguing later that they didn't understand what they were signing. -- Digital signatures – no proof of intent. http://www.pcworld.com/article/253523/how_to_make_sure_that_digital_signature_is_legit.html The human prover signals her intent to authenticate to a particular verify by acquiring the verifier’s QR code with her Pico device. https://books.google.com/books?id=TGUcBQAAQBAJ&pg=PA175&lpg=PA175&dq=prove+user+intent+computer&source=bl&ots=PJla77v1n1&sig=JGbBd9O8ydEsoacW50igG_VDp1Y&hl=en&sa=X&ved=0CCwQ6AEwAzgoahUKEwja2N6Iy77IAhXEOogKHZxAAZI#v=onepage&q=prove%20user%20intent%20computer&f=false Current practice is to try to infer user intent. http://www-ksl.stanford.edu/people/glass/GlassDissertation.pdf http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=69&cad=rja&uact=8&ved=0CFUQFjAIODxqFQoTCKef6qLNvsgCFdBIiAodS2QBYQ&url=http%3A%2F%2Fdl.acm.org%2Fcitation.cfm%3Fid%3D1242739&usg=AFQjCNExvyQaXUTMc9wgINbxCBoc-GyDxw&sig2=BdgpttgU_0HAjxbh2vm2gA&bvm=bv.104819420,d.cGU User intent used to detect malware http://www.covert.io/research-papers/security/Gyrus%20-%20A%20Framework%20for%20User-Intent%20Monitoring%20of%20Text-Based%20Networked%20Applications.pdf
