The UI Layer of Security: What could go wrong?
UB4.132 | Day 2 | 13:30 - 13:55 | Speakers: Elio Qoshi, Anja Xhakani
Abstract
We spend enormous amounts of time and money auditing code for security holes. Whole industries are built around it. But for all that effort, we rarely look at the part of the system that is actually clicking the buttons and interpreting the warnings. The person with Dorito dust on their fingers and a coffee ring permanently branded on their desk, someone just trying to get things done in a tool that may or may not be helping them make safe decisions. A surprising number of real-world security failures happen not because the code is flawed, but because the interface leaves too much room for dangerous misunderstandings.
Drawing on our work at Ura with security-critical and open source projects, this talk explores how the user experience itself can introduce or amplify security risks and why these issues often slip through traditional code-focused reviews. We will look at memorable examples of user-driven failures, outline common UX surfaces where security risks emerge, and show why auditing the human side of the system is just as critical as auditing the code.
Speakers
Elio is the founder and executive director of Ura Design, where he leads strategic direction and delivery across teams. He holds certifications in UX and Product Design from the Nielsen Norman Group and MIT. Elio specialises in UX, product design, and branding. He has collaborated with organisations in the free software and privacy space, including Canonical (Ubuntu), Mozilla, the University of Michigan, Freedom of the Press Foundation, and The Tor Project. Since 2018, he has served as a UX partner for the Open Technology Fund, where he developed brand systems and design tools that are still in use. As a board member of Open Labs Albania, Elio has organised over 100 events across Europe, from grassroots workshops to international technology conferences, focused on open knowledge, science, and digital rights.
In addition to his design work, Elio has published over 90 articles for SitePoint on design, open source, and privacy-preserving technologies.
Hey there! I'm a UX researcher specialising in accessibility, usability testing, and secure tool design. By combining computer science and systems thinking, I identify structural and cognitive barriers and deliver WCAG-aligned insights to make complex platforms usable for diverse audiences. If you see me at FOSDEM and want to talk about accessible and usable design, feel free to reach out!
Links
External Links
Notice: The placeholder video image is licensed under CC BY-SA 4.0. The original image can be found hereChanges made to the image are: Cropped the image to a new ratio, part of the image was cut off.