brain shutting down when we see security prompts

Ever feel your eyes glazing over when you see yet another security warning pop up on your monitor? In a first, scientists have used magnetic resonance imaging to measure a human brain’s dramatic drop in attention that results when a computer user is subjected to just two security warnings in a short time.

In a paper scheduled to be presented next month at the Association for Computing Machinery’s CHI 2015 conference, researchers will present data that maps regions of the brain responsible for visual processing. The MRI images show a “precipitous drop” in visual processing after even one repeated exposure to a standard security warning and a “large overall drop” after 13 of them. Previously, such warning fatigue has been observed only indirectly, such as one study finding that only 14 percent of participants recognized content changes to confirmation dialog boxes or another that recorded users clicking through one-half of all SSL warnings in less than two seconds.

The inattention is the result of a phenomenon known as habituation, or the tendency for organisms’ neural systems to show partial or complete cessations of responses to stimuli over repeated exposures. Such repetition suppression, or RS, has long been documented in everything from sea slugs to humans. By directly measuring RS in the brains of people exposed to computer security warnings, the scientists were then able to test more effective ways that software makers can alert people to potential risks. The paper—titled “How Polymorphic Warnings Reduce Habituation in the Brain—Insights from an fMRI Study“—is one of two to be presented at CHI 2015 that studies people’s responses to security warnings.

Users’ habituation to security warnings is pervasive, and is often attributed to users’ carelessness and inattention. However, we demonstrate that habituation is largely obligatory as a result of how the brain processes familiar visual stimuli. A chief implication of our results is that because habituation occurs unconsciously at the neurobiological level, interventions designed to encourage greater attention and vigilance on the part of users—such as SETA programs—are incomplete on their own. Our findings suggest that a complimentary solution is to develop UI designs that are less susceptible to habituation.

 

 

China admits to hacking

http://thehackernews.com/2015/03/china-cyber-army.html

CHINESE CYBER WARFARE UNITS
According to McReynolds, China has three types of operational military units:
1. Specialized military forces to fight the network — The unit designed to carry out defensive and offensive network attacks.
2. Groups of experts from civil society organizations — The unit has number of specialists from civilian organizations – including the Ministry of State Security (its like China’s CIA), and the Ministry of Public Security (its like FBI) – who are authorized to conduct military leadership network operations.
3. External entities — The unit sounds a lot like hacking-for-hire mercenaries and contains non-government entities (state-sponsored hackers) that can be organized and mobilized for network warfare operations.