Back in September 2011, Rick Wash and I attended the New Security Paradigms Workshop (NSPW 2011) which was held at the Marconi Conference Center in Marin County, CA. (I’m a little late getting this posted, but that’s better than never, right?)

Here’s a photo of the grounds of the conference center — it was a gorgeous place, and a really interesting procedural setup for a workshop. There were only around 30-40 participants, and an hour was devoted to each paper. The presenter was given 5 uninterrupted minutes at the beginning of that hour to say whatever they wanted to say about the paper, and then the floor was opened to the rest of the workshop to ask questions. There was also a discussant assigned to each paper whose job it was to call on people who signaled that they had questions, and generally keep the discussion on track in a direction that would be helpful for the presenter rather than an off-topic or destructive rathole.

Rick presented our paper, and we got a lot of really excellent and thought-provoking feedback, particularly about the idea that a mental model doesn’t necessarily have to be accurate to achieve a desirable effect or result. In the context of computer security, this might mean that a person who believes hackers are all teenage boys out to commit mischief could feel like they are more likely to be a target and take more steps to protect their computers, than someone who believes hackers are criminals out to make money (and therefore might only target online businesses or something like that). There was a very interesting conversation during our session about whether creating interventions that lead to incorrect mental models is ever OK, even when the result is that people may behave in a more secure manner. People at the workshop even came up with instances in the real world where this exact thing happens — for example, the way the temperature controls on a fridge/freezer combo work. Look it up! (hint: there’s only one compressor / cooling device)

It was extremely valuable for me to attend, because I don’t have much experience with the computer security community, and this was a great way for me to learn more about what current and emerging topics are in that area, as well as to experience and think about the reactions to our ideas. All in all, a great experience, and an interesting group of people to get to know! The oysters were fabulous, too

well, we are about to leave for Boston, to visit friends and attend CHI 2009. i present my note, which received an honorable mention in the ‘best note’ category, on Thursday morning, 9am in room 311. mine is the 4th presentation, so it will hopefully be toward the end of that session, but yes, it is very very early, on the last day of the conference.

the note is titled, “Yours, Mine, and (Not) Ours: Social Influences on Group Information Repositories” and is about some results from my dissertation research. i interviewed users of CTools, a learning management system that also includes support for creating sites for sharing files with a group of people, similar to shared folders. i think the most important finding from this research was the subtle, pervasive and enduring influence that social factors had on the information structure of the CTools sites, despite the perception that such information repositories are for “storage”, and not social systems at all.

also: i’m still on the job market, and looking for a postdoc position, or a permanent position in an industry research organization.

i’ve spent much of the last week rewriting my research statement—or, as i’ve started thinking of it—my manifesto. i have presented my dissertation research several times now, and talked with a bunch of people about it; i feel like my story has become more clear and focused, the more i have talked through it. dissertating can be a very isolating experience, so i guess one thing i’ve learned through all this is even if you’re not quite sure what you’re talking about yet, it *really helps* to get out and tell your story anyway. you’ll be glad you did.