privacy and mobile devices
play

PRIVACY AND MOBILE DEVICES Elizabeth Schlieper Patrick Gage - PowerPoint PPT Presentation

PRIVACY AND MOBILE DEVICES Elizabeth Schlieper Patrick Gage Kelley, Lorrie Faith Cranor, and Norman Sadeh. 2013. Privacy as Lab study with 20 participants and a Mturk survey with 366 part of the app decision- participants making


  1. PRIVACY AND MOBILE DEVICES Elizabeth Schlieper

  2. Patrick Gage Kelley, Lorrie Faith Cranor, and Norman Sadeh. 2013. Privacy as „ Lab study with 20 participants and a Mturk survey with 366 part of the app decision- participants making process. In Proceedings of the SIGCHI „ Comparing their Privacy Facts vs Google Play Permissions for Conference on Human Factors in Computing choosing applications Systems (CHI '13). ACM, New York, NY, USA, „ Also compared privacy facts against Play permissions modified to 3393-3402. be on the main information screen. „ Used mostly unknown apps with between 1,000 -10,000 downloads. „ Some compared well known brands against relatively unknown apps (example: Spotify vs. Rdio) PRIVACY AS PART OF THE APP DECISION-MAKING PROCESS

  3. Patrick Gage Kelley, Lorrie Faith Cranor, and Norman OLD VERSUS NEW PERMISSIONS Sadeh. 2013. Privacy as part of the app decision- making process. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI '13). ACM, New York, NY, USA, 3393-3402.

  4. Patrick Gage Kelley, Lorrie Faith Cranor, and Norman Sadeh. 2013. Privacy as part of the app decision- making process. In „ In two out of four comparisons for app selection, the participants Proceedings of the SIGCHI who saw the privacy facts checklist were more likely to pick the Conference on Human Factors in Computing app with fewer required permissions Systems (CHI '13). ACM, New York, NY, USA, „ When privacy information was inline for both conditions, privacy 3393-3402. facts participants were significantly more likely to choose a lesser known application for twitter viewing. „ While the style of privacy information given made a difference, it was still a less important characteristic to most participants than the UI and ratings of the application. PRIVACY AS PART OF THE APP DECISION-MAKING PROCESS

  5. „ What changes do you see to the permissions since this article was published? „ What are some improvements? „ Is there anything you think is worse than before? DISCUSSION

  6. Adrienne Porter Felt, Elizabeth Ha, Serge Egelman, Ariel Haney, Erika Chin, and David Wagner. 2012. Android „ 308 participant online survey permissions: user attention, „ 25 participant lab study comprehension, and behavior. In Proceedings „ Assessing whether or not the android permissions dialog prior to of the Eighth Symposium on Usable Privacy and installation was usable according to the C-HIP model Security (SOUPS '12). ACM, New York, NY, „ Mostly focus on the first two steps of the model because the USA, , Article 3 , 14 pages. following steps in the model depend on success in the earlier ones. ANDROID PERMISSIONS: USER ATTENTION, COMPREHENSION, AND BEHAVIOR

  7. Adrienne Porter Felt, Elizabeth Ha, Serge Egelman, Ariel Haney, Erika Chin, and David Wagner. 2012. Android „ The first two steps, getting the user’s attention and being permissions: user attention, understandable to the user, fail for the majority of the users. comprehension, and behavior. In Proceedings „ They think that the few users with high understanding of the of the Eighth Symposium on Usable Privacy and permissions could help protect the other users by posting reviews. Security (SOUPS '12). ACM, New York, NY, „ They may have underestimated how much people understand USA, , Article 3 , 14 pages. the permissions because for their statistics they only considered people who got every correct option and no incorrect options as understanding the permission. ANDROID PERMISSIONS: USER ATTENTION, COMPREHENSION, AND BEHAVIOR

  8. „ Take this quiz about how well you understand the permissions tested in this paper. „ Does anyone think they did better than the study participants? PUT IT TO THE TEST

  9. Adrienne Porter Felt, Elizabeth Ha, Serge Egelman, Ariel Haney, Erika Chin, and David „ 1. a, c „ 9. c Wagner. 2012. Android permissions: user „ 2. a, c „ 10. a, d attention, comprehension, and „ 3. d „ 11. a, b, c, d behavior. In Proceedings of the Eighth Symposium on Usable Privacy and „ 4. c, d Security (SOUPS '12). ACM, New York, NY, „ 5. a, b „ How many did you get right? USA, , Article 3 , 14 pages. „ 6. a „ 7. b, c „ 8. b ANSWERS

  10. Rebecca Balebako, Jaeyeon Jung, Wei Lu, Lorrie Faith Cranor, and Carolyn Nguyen. 2013. „ Created an application called Privacy Leaks that detects data "Little brothers watching you": raising awareness leaving the phone from various applications. of data leaks on smartphones. In „ Filters the data and only presents information about presumably Proceedings of the Ninth Symposium on Usable unexpected data sharing, aka privacy leaks. Privacy and Security (SOUPS '13). ACM, New „ The app creates a visualization of data that is shared after the York, NY, USA, , Article 12 , 11 pages. fact and can provide notifications as data is being shared. „ Lab study with 19 participants, playing game on android phone, once without privacy leaks app and once with it running in the background. “LITTLE BROTHERS WATCHING YOU:” RAISING AWARENESS OF DATA LEAKS ON SMARTPHONES

  11. Rebecca Balebako, Jaeyeon Jung, Wei Lu, Lorrie Faith Cranor, and „ Participants were told that the study was about android games. Carolyn Nguyen. 2013. "Little brothers watching „ After 3-7 minutes of playing, they were asked about what kind of you": raising awareness data was being shared while they played the game. of data leaks on smartphones. In Proceedings of the Ninth „ Three levels of awareness about data sharing Symposium on Usable Privacy and Security „ People who think that the game is self contained, and never (SOUPS '13). ACM, New expected any data to leave the phone. York, NY, USA, , Article 12 , 11 pages. „ People who thought data was being shared with the developer to improve the game „ People who knew that there was marketing data being shared, but not how much. “LITTLE BROTHERS WATCHING YOU:” RAISING AWARENESS OF DATA LEAKS ON SMARTPHONES

  12. Rebecca Balebako, Jaeyeon Jung, Wei Lu, Lorrie Faith Cranor, and Carolyn Nguyen. 2013. "Little brothers watching „ People did want to know that their data was being leaked you": raising awareness of data leaks on „ They would also mostly like to use an app similar to Privacy Leaks smartphones. In Proceedings of the Ninth to know what kind of data is being shared. Symposium on Usable Privacy and Security „ It wouldn’t change most peoples’ minds about using the apps or (SOUPS '13). ACM, New York, NY, USA, , Article 12 , recommending them to others, but they would tell people about 11 pages. the data leaking. „ People weren’t sure if there were problems or benefits to data sharing in these applications. “LITTLE BROTHERS WATCHING YOU:” RAISING AWARENESS OF DATA LEAKS ON SMARTPHONES

  13. Christopher Thompson, Maritza Johnson, Serge Egelman, David Wagner, „ First conducted an online survey to understand how well people and Jennifer King. 2013. understand attribution mechanisms and other aspects of When it's better to ask forgiveness than get Android. permission: attribution mechanisms for „ People don’t understand that background apps can still use smartphone resources. In Proceedings of the Ninth resources and perform as usual. Symposium on Usable Privacy and Security „ They also conducted an in person study that corroborated the (SOUPS '13). ACM, New findings from the first survey. York, NY, USA, , Article 1 , 14 pages. „ Then conducted a lab study to see if adding information to the notification tray would help users to identify what application was causing a particular misbehavior. WHEN IT’S BETTER TO ASK FORGIVENESS THAN GET PERMISSION: ATTRIBUTION MECHANISMS FOR SMARTPHONE RESOURCES

  14. Christopher Thompson, Maritza Johnson, Serge Egelman, David Wagner, and Jennifer King. 2013. When it's better to ask „ Only a third of participants figured out the culprit with the forgiveness than get permission: attribution additional notification. mechanisms for smartphone resources. In „ People usually assumed the foreground application was Proceedings of the Ninth Symposium on Usable responsible for the misbehavior. Privacy and Security (SOUPS '13). ACM, New „ People assumed the permissions of an application based on York, NY, USA, , Article 1 , 14 pages. functionality and did not check the settings. „ Essentially, once it’s on the phone users have no idea what an app has permission to do. WHEN IT’S BETTER TO ASK FORGIVENESS THAN GET PERMISSION: ATTRIBUTION MECHANISMS FOR SMARTPHONE RESOURCES

  15. „ Based on the last two papers, would you rather know every permission an application uses before it installs, or would it be better to have tools built into android that tell you as an application runs what it’s doing? DISCUSSION

  16. QUESTIONS?

Recommend


More recommend