Alert! Study finds Internet users heed browser warnings
Warnings are better designed now, which has led to users paying more attention
IDG News Service - Security warnings displayed by Web browsers are far more effective at deterring risky Internet behavior than was previously believed, according to a new study.
The study looked at how users reacted to warnings displayed by Mozilla's Firefox and Google's Chrome browsers, which warn of phishing attempts, malware attacks and invalid SSL (Secure Sockets Layer) certificates.
It was widely thought that most users ignored the warnings, based on several studies released between 2002 and 2009. However, in the past four years, browser warnings have been redesigned, but the effect of the new designs on users had not been studied.
For example, toolbars that warned of possible phishing attacks have been replaced with full-page warnings that may have influenced people's behavior, the researchers who conducted the study wrote.
More than 25 million warning impressions displayed by Chrome and Firefox in May and June were analyzed. The data was collected from telemetry programs used by Mozilla and Google, which collect what the researchers term 'pseudonymous' data from the browsers of consenting users.
In the case of both browsers, less than 25 percent of users opted to bypass malware and phishing warnings, and only a third of users cruised through the SSL warnings displayed by Firefox.
"This demonstrates that security warnings can be effective in practice; security experts and system architects should not dismiss the goal of communicating security information to end users," according to the paper, which was submitted to the Usenix Annual Technical Conference 2013 in San Jose, California, late last month.
The analysis uncovered other interesting details. It appears that more technical users bypassed security warnings more often. The researchers considered technical users as those who used Linux and pre-release browsers.
"Technically advanced users might feel more confident in the security of their computers, be more curious about blocked websites or feel patronized by warnings," the paper said.
Despite the positive influence of the warnings, the researchers found users clicked through more than 70 percent of Google's SSL warnings. By contrast, Firefox users clicked through them just 33 percent of the time.
There are a few thoughts why Chrome's SSL click-through rate is higher. Users can bypass Chrome's warning with a single click, whereas Firefox requires three clicks. Firefox displays a more stern warning, showing an image of a policeman and using the word "untrusted" to describe the site.
There may also be other mitigating factors, the researchers said. Nevertheless, Chrome's high SSL click-through rate "is undesirable," they wrote. "Our positive findings for the other warnings demonstrate that this warning has the potential for improvement."
The study was written by Devdatta Akhawe of the University of California, Berkeley, and Adrienne Porter Felt, a research scientist at Google.
Send news tips and comments to firstname.lastname@example.org. Follow me on Twitter: @jeremy_kirk
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Platfora Big Data Analytics for Network Security Platfora amplifies the effectiveness of network security analysis, providing Big Data Analytics capability to augment existing security infrastructure for known threats, and advanced...
- Big Data, Big Mess: Sound Risk Intelligence Through Complete Context This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Cyberwarfare White Papers | Webcasts