Popup Usability

I’ve just seen the most wonderful demonstration of the (lack of) usability of security popups.

I am sitting in an XTech talk on XHTML 2. A moment ago, during the presentation, the presenter’s laptop popped up a “Zone Alarm” alert on top of his presentation. He immediately clicked “Yes”, without reading it, and carried on talking!

I have some experience of Zone Alarm, and I know that it’s very popup-happy, particularly in the default configuration where it tries hard to justify its existence by alerting the user to every incoming unknown packet. Its creators should consider how having a great deal of popups, in fact, decreases security.

9 thoughts on “Popup Usability

  1. That’s actually one of the reasons why I recommend the Windows XP SP2 firewall over ZoneAlarm (and also use it myself). Joe Average User won’t know the difference between svchost.exe and scvhost.exe, but he’ll still be distracted by the (returning popups) – mainly if he doesn’t take advantage of the “Remember my answer” option. As long as he’s using a (less popup happy) virus scanner, he’d even get better protection without an outgoing firewall. (If you’ve been working with ZoneAlarm for a while and then with the XP2 firewall, you’ll see what I mean, when you get back to a ZoneAlarm infested machine.)

  2. Well, personal firewalls are mostly snake oil anyway, according to this guy, who I assume knows more about secure networking than I ever will:

    http://www.samspade.org/d/firewalls.html

    ZoneAlarm likes to justify its existence because they want you to upgrade to the paid version and it’s hard to do that without scaring their userbase first. Hence all the “Look! Your router just sent an ICMP packet to your computer! Panic!” alerts.

    That said, I still use ZoneAlarm when I’m in Windows.

  3. > “Look! Your router just sent an ICMP packet to your computer! Panic!” alerts

    As I work for a manufacturer of ADSL modems (heck, we’re almost the inventor), I often get similar accusations. Some people actually claim that /my/ modem hacked their computer, just because they saw some kind of popup about an ICMP or ARP-request. Ridiculous.

    I once got a formal complaint from my ISP acouple of years ago (it was even a cable-network, not even ADSL !) that I hacked my neighbours computer with an ARP packet. I had to go to the police station to explain everything, I swear. This guy had filed a complaint to almost the entire street (remember: cable), but I was the only one that could give a reasonable explanation. Idiot.

    We have a dart-board hanging in the lab, with the name ZoneAlarm of it :-)

  4. And don’t even start talking about ‘multicast’ (IGMP). Most ISP’s have never heard about it. I remember when the first Apple betas were released that used Rendezvous (now: Bonjour). I got another complaint from the same ISP, who accused me before with the ARP packet (see above). Sigh.

    Luckily, I changed my ISP before I started to experiment with IPv6 :-) They might have tought it was some kind of Al-Quada attack or something.

  5. Nevermind the popup hell with ZA, it’s widely know to corrupt downloads aswell :P

  6. I use Microsoft AntiSpyware (in addition to other programs) and know that it is also a bit pop-up happy as is ZA, but it’s not too dumb. I can always choose for it to remember things, and every new application installed must get permission to be installed via a pop-up. It’s not too annoying, except for little things like Norton’s security box/bar in Windows Explorer, which MS AntiSpyware tells me is launching everyday, but since it’s in a green box, it’s known to be spyware-free. I’m not sure how ZA works with colors, but with MS AntiSpyware I really like how it’s pretty obvious with the color of the boxes that pop-up. Green: OK, Blue: Unkown, Red: Probably a risk.

    Not the same type of program but same usability issues.

  7. ZoneAlarm disappeared from my computer about a year ago. It was causing all sorts of problems. Kerio seems to fit into my system (XP Home, Athlon4) much more seamlessly.

  8. That was me giving the presentation. Of course I read the pop up, but I am so used to them that I know where to look and can click it away in a flash.

    The usability problem (in all systems really) is when you are typing in one window and a popup comes up just as you type a space or newline and the popup gets accepted before you get a chance to read it.

  9. I always thought Zone Alarm was quite good at letting users know that an alert need not be anything to worry about. Hmmm, maybe users that are a just dumber than I first thought or are too lazy to read a little bit of documentation.

    I think also the terminology “alert” is misleading and should be changed to simply “message” for less serious situations.

    Personally, when I knew less than I do know, I liked knowing what was going on in my computer and enjoyed following the “more info” links and learning something new. Now I know that, of course, I just switch all the alerts off apart from out-going traffic alerts which I still think are a good thing to have (especially if you are using free anti-virus products) just to be on the safe side.