Section 33.3. Results of the Cognitive Walkthrough


33.3. Results of the Cognitive Walkthrough

Recent versions of the KaZaA application have made some progress in addressing access control issues. Default installation of KaZaA for users using a recent version of KaZaA 1.7.1 is relatively safe: it creates a shared file folder, assigns this as the default download file, and indexes these folders for the My KaZaA library. Various versions of KaZaA had various settings, and had different default configurations. The latest version of KaZaA 1.7.2 (the most recent at this time) and other previous versions of KaZaA offered to search for files to share with users during the initial setup. In the latest version at the time of this writing and in some previous versions, file sharing is enabled. While a default setup where file sharing is disabled, as in version 1.7.1, is relatively safe, user modifications of various settings are not. By adding or changing directories to be shared, there are potential interface issues that can create misunderstandings about what files the system is sharing with other users, regardless of the version of KaZaA that the user is using. There are a number of reasons why a user would change default settings. Three common scenarios are driven by users' desire to save the files being downloaded to a different location, to share more files with other users, or to add files to their shared files folder. In the following sections, we will walk through each of these scenarios and the various ways that KaZaA allows these to be accomplished. We will look at the various safeguards that KaZaA employs to prevent users from sharing private files, or files that they do not want others to see, and describe where they seem likely to fail.

33.3.1. Changing the Download File Directory

In KaZaA, as in most P2P applications, the default shared directory provides the dual purpose of specifying the files that the user decides to share with the network, and the place where these files will be stored. The default shared directory is (confusingly) alternatively referred to as My Media, My Shared Folder, My KaZaA, and the folder for downloaded files in KaZaA.

My Shared Folder refers both to a folder created on the machine by KaZaA and abstractly to all folders that the user shares. For simplicity, we will refer to My Shared Folder as the actual folder that KaZaA creates by default to share files, and all files allocated for sharing as the shared files. The My Media and My KaZaA folders list all the shared files, yet organize them according to media type, such as music, video, documents, etc. For purposes of simplicity, we will refer only to My Media. The folder for downloaded files refers to the folder where download files will be stored, but also to the root folder of all shared files. Although each folder is used in a different context, they are essentially different names for the same thing: a list of files that KaZaA can share with others.

While the My KaZaA and My Media folders are accessible through clearly visible buttons, specifying shared files and the folder for downloaded files are managed through the Options menu, in the Tools tab (Figure 33-3). Additionally, the Options Tools tab contains a checkbox for users to determine whether they would like to share files with the KaZaA community. Users may type in the name of the directory they would like to download files to, or alternately browse their filesystem and select the folder they would like to use to store downloaded files (Figure 33-4).

If the user has decided to share files with others, then all files in this directory, as well as the directories below it, are recursively shared and added to My Media files. The wording of the download folder is confusing. The word folder is singular, implying one folder, and

Figure 33-3. The Traffic tab in the Options menu; here is where users specify the download and My Shared directory as well as toggle sharing of all files


Figure 33-4. Browsing and selecting interface for the shared download folder; note that the interface says browse for folder, and does not mention that subfolders will be recursively searched for files


does not hint that all folders below it will be recursively shared with others. More misleadingly, the name download folder implies that it will be used to store files that are downloaded and has nothing to do with sharing. It does not mention that this folder (and the folders and files underneath) will also be shared with others, if sharing is enabled.

Another factor leading to user error is that hierarchical filesystems can be very difficult for some users to navigate and conceptualize. Vicente and Williges[7] demonstrated that users with low spatial ability have trouble navigating hierarchical filesystems compared to those with high spatial ability. Novice users are "notoriously bad" at navigating hierarchical file structures and prefer breadth (as opposed to depth) in browsing and searching for files or information. The tradeoffs between depth and breadth in hierarchical structures have been well studied by the psychological and human-computer interaction communities.[8], [9], [10], [11] Most reach the conclusion that breadth is better than depth. "Shortcuts" on the Windows desktop are frequently created to allow users one-click access to file folders buried in hierarchies. However, by automatically recursing through directories for files, KaZaA presumes, at the same time, that all users have a detailed knowledge of their filesystem and its contents. At the very least, users should be given a choice whether to recursively add files when asked to share a folder.

[7] K. J. Vicente and R. C. Williges, "Accommodating Individual Differences in Searching a Hierarchical File System," International Journal of Man-Machine Studies (1988), 29.

[8] J. I. Kiger, "The Depth/Breadth Tradeoff in the Design of Menu-Driven Interfaces," International Journal of Man-Machine Studies 20 (1984), 201213.

[9] K. Larson and M. Czerwinski, "Web Page Design: Implications of Memory, Structure and Scent for Information Retrieval," Conference Proceedings on Human Factors in Computing Systems, 25-32.

[10] G. A. Milier, "The Magical Number Seven Plus or Minus Two: Some Limits on Our Capacity for Processing Information," Psychological Review 63 (1956), 8197.

[11] D. P. Miller, "The Depth/Breadth Tradeoff in Hierarchical Computer Menus," Proceedings of the Human Factors Society (1981), 296300.

33.3.2. Sharing Files

Two interfaces that KaZaA provides for sharing files are located in the Tools menu, under Find Shared Files for version 1.7 and above. Selecting this menu item brings up a dialog box with several choices (Figure 33-5).

One choice is to have KaZaA automatically discover files for the user by clicking the Search Wizard button. The other is for the user to browse his machine and determine which directories to share, which is accessible by selecting the Folder List tab, or clicking the Folder List button. The Find function uses a wizard interface to walk users through selecting drives to search, and select which folders to share after the process has been completed. After searching, KaZaA returns a list of folders that it recommends that the user share with other KaZaA users (Figure 33-6). In the latest version of KaZaA, it recommends folders containing documents (such as the default Windows My Documents folder), image files, and multimedia files, such as music and video. On a side note, it does not indicate whether any of these directories it has found are already being shared using other means. A message (that could easily be ignored) above the listbox tells users the steps that they will need to perform in order to stop sharing files in the folders that they select.

One problem with the Search Wizard interface (Figure 33-6) is that it does not describe what criteria it uses to find folders to share. For example, it does not say what files in the

Figure 33-5. Selection interface to find or select shared folders


My Documents folder will be shared, or describe the particular attributes of the My Documents folder that caused it to be recommended for sharing. The interface relies on the user's knowledge of what is capable of being shared by a file sharing program and what the program is looking for. It presumes that users have perfect knowledge of what kinds of files (and subdirectories with further files) are contained in those folders and that these contents will be shared recursively.

The "tip" portion is the only part of the interface that warns users that they risk sharing files that they would rather not. It is unclear whether users read this message and, if so, remember the instructions and places they need to go in order to stop sharing such files. It also mentions that users must remove the files one by one if they choose not to share them. Overall, while the search interface affords sharing more files, it makes browsing, searching, and stopping the sharing of specific files within shared folders difficult and tedious.

The other function, which we will call the Folder Select function, has a UI that allows the user to browse the current filesystem and select a folder or folders to share (Figure 33-7). Folders are shared by selecting a checkbox, and are restricted from sharing by deselecting

Figure 33-6. Search interface


the checkbox. When a user selects a directory, the directories below it are selected automatically for the user (Figure 33-8). When they deselect a directory, the directories below are also deselected.

If a user selects a drive (such as the C drive), a message pops up (Figure 33-9) warning the user that this action will share all files with all KaZaA users for this drive. This warning will not appear again if any user on a given machine decides to check "Do not show this again," and future users sharing the same machine will not be able to see this warning.

We noticed that if file sharing was enabled (through the UI in Figure 33-3) and the user had changed the download directory to something else, this change was not reflected in the Folder Select window (Figure 33-7). For example, if a user changes his download directory to C:\ and sharing is enabled, he is sharing his whole hard drive. All of these files are indexed by My Media, but there is no indication in the checkbox, like the one in Figure 33-9, in the Folder Select function (Figure 33-7). We found this to be a critical flaw that the participants in the study discussed shortly found to be misleading. In effect, it allowed users to share anything through the download folder, and not be aware of it through the Folder Select function. In the user studies discussed shortly, this error had serious repercussions for user expectations of shared folders and files.

Figure 33-7. Folder Select Function to share or stop sharing folders


Figure 33-8. Expanded view of folders selected by selecting Documents and Settings


33.3.3. Adding Files to the My Media Folder

KaZaA, like most file sharing programs, comes with a built-in media player that allows playback of a variety of audio and video formats. Playback of these formats is done through the My KaZaA tab, which organizes files based on their content into file folders, similar to the interface provided by Microsoft Internet Explorer. To add files to the My

Figure 33-9. Warning to not share the entire folder from the Folder Select Function


Media folder, they must be shared or included in the download directory as described earlier or through another button that "imports" files into My Media, using similar techniques to those described earlier.

Files imported into the My Media folder can be turned on and off individually via a context menu, accessible by right-clicking the file with the mouse, or with an icon above the file folders. The context menu is activated only for individual files, and does not work at the top folders or root folders of the directory structure. For example, if a user wanted to disable sharing of applications in the software folder, the only choice he has is to disable sharing entirely, or stop sharing each individual file. Also, there is no indication of exactly what folders are being shared on the user's hard drive. In the usability study described shortly, the My Media folder was a source of general confusion. The participants' opinions about its purpose and contents varied greatly.

33.3.4. Uploading Files

During the walkthrough, we examined the Transfer File interface that allows users to determine what is currently being uploaded to and downloaded from the KaZaA network. It consisted of two scrollable lists. Files being transferred to others are appended to the bottom of the file transfer list, and this list is cleared every time KaZaA is restarted, erasing any past transactions. Users therefore have to be very attentive to what is being transferred in KaZaA, in order to be aware of any unwanted file shares.

33.3.5. Summary of Usability Guidelines

Here we summarize the results of the cognitive walkthrough in relation to how well KaZaA satisfies each of the earlier proposed guidelines:

  1. FAILED: Users should be made clearly aware of what files are being offered for others to download.

    From the cognitive walkthrough, we see that bugs, assumptions of users' knowledge in searching and selecting files, and unclear labeling clearly make it difficult for users to determine what is offered for others to download. Nowhere in the interface were we able to determine which types of files can be shared.

  2. FAILED: Users should be able to determine how to successfully share and stop sharing files.

    The cognitive walkthrough revealed many ways to share files, but demonstrated that there are few ways to stop sharing files. The ways that do exist are complicated and difficult to find. Again, unclear labeling is confusing and misleading, complicating the problem.

  3. FAILED: Users should not be able to make dangerous errors that can lead to unintentionally sharing private files.

    Files and folders shared through the download folder are not indicated as such in other parts of the interface. This is a serious flaw that could easily allow users to make fatal mistakes.

  4. FAILED: Users should be sufficiently comfortable with what is being shared with others and confident that the system is handling this correctly.

    In the cognitive walkthrough, it was difficult to determine which types of files could be shared, when KaZaA was sharing them, and with whom. Without constantly monitoring KaZaA, it is difficult to tell what the system is doing with the files and with whom they are sharing them.



Security and Usability. Designing Secure Systems that People Can Use
Security and Usability: Designing Secure Systems That People Can Use
ISBN: 0596008279
EAN: 2147483647
Year: 2004
Pages: 295

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net