DOCSLIB.ORG

A Study on the Use of Mobile-Specific HTML5 Webapi Calls on The

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Study on the Use of Mobile-Specific HTML5 Webapi Calls on The POLITECNICO DI TORINO Corso di Laurea in Computer Engineering Tesi di Laurea A Study on the Use of Mobile-specific HTML5 WebAPI Calls on the Web Relatore prof. Antonio Lioy Francesco Marcantoni Marzo 2019 Alla mia famiglia Summary The growth of smartphones diffusion in the last decade and the pervasiveness of the web in the current lifestyle pose the attention on the privacy and security of the users. While it is well known how browser-related data accessed during navigation can be used to harm the privacy of the user, this work aims to fill the knowledge gap concerning mobile-specific information retrieved by web-pages when visited from a smartphone. In particular this study focuses on Firefox browser for Android devices. To detect the number of websites that have access to mobile-specific information we propose a crawler called FFAutoma- tor, consisting in a Python script, that exploits the possibility to remotely control an Android device from the computer to instrument the browser and scrape the information we need from them. The script is able to open a new instance of the browser, load a website and simulate the user interaction with it. It take cares of injecting touch events corresponding to gestures on the touchscreen. We designed this program to be robust and to run for long time in order to analyze as many websites as possible. Plus, it was developed to successfully handle issues that can come up during simulation of web-navigation and that can compromise the results. An example is an unwanted redirection from the current website to an external one. Detection is done using a proxy server to intercept http traffic coming to the phones and to inject JavaScript code that can log whenever a method is called or a property is read by the website and the contained frames. To allowed code to be run in pages it was necessary to turn off some policies that are enforced by the browser to prevent external JavaScript code to run in it. We then elaborate the logs obtained after having crawled, through the script described before, the first 200k most popular websites according to Alexa ranking. Results are analyzed in a quantitative way, showing the number of websites that exploit APIs retrieving mobile-specific data and which of them are the most used. We also study the source of the JavaScript files that contain those APIs to look at the number of websites that execute external files to gather data. Given that, we differentiate the calls originated from frames and external sources from the one requested by main page. In this study we propose also e mitigation technique, to protect who browse the web from smartphones without affecting the user-experience. This consists in an extension that can be installed in Firefox browser for Android that detects all mobile-specific APIs accessing data from the smartphone and allows also the users to choose to block this data retrieval or not. Plus the user can create custom rules that applies only to some chosen domains and than the default settings applying for all the other pages. The technique used to detect APIs in the extension, is the same exploited for scraping for websites. JavaScript code is injected from external sources loaded in the extension and, being the extension considered a trusted source by the websites, there is not any problem related to security policies. 4 Contents 1 Introduction 8 1.1 Problem statement.................................... 10 1.2 Contributions....................................... 10 1.2.1 Analysis on websites exploiting HTML5 WebAPIs.............. 10 1.2.2 Mitigation technique............................... 11 1.3 Overview......................................... 11 1.4 Environment description................................. 11 2 Related Work 13 2.1 Android smartphones.................................. 13 2.2 Mobile web-browsing................................... 14 2.3 Browser functionalities.................................. 14 2.3.1 Firefox browser architecture........................... 15 2.3.2 Vulnerabilities overview............................. 17 2.3.3 Usage of HTML5 API.............................. 17 2.4 Sensors access in Android mobile devices and related vulnerabilities........ 19 2.5 Browser extensions.................................... 19 3 Approach 21 3.1 HTML5 Mobile Functions selection........................... 21 3.2 JavaScript Calls Interception.............................. 22 3.2.1 Native code interception............................. 22 3.2.2 HTTP response interception.......................... 23 3.3 Injected Code....................................... 23 3.3.1 Hooking methods................................. 23 3.3.2 Hooking properties................................ 23 3.3.3 Getting source of the JavaScript file...................... 24 3.4 Proxy Server....................................... 24 3.4.1 Buffering prevention............................... 25 3.4.2 Injection...................................... 25 3.5 System calls interception................................. 26 3.6 Preliminary Tests..................................... 26 3.6.1 Results...................................... 28 3.6.2 Why Firefox................................... 28 5 4 Web Navigation Automation 29 4.1 Interfacing smartphones with the computer...................... 29 4.2 Instrumenting Touch Gestures.............................. 30 4.2.1 Interaction with the device........................... 30 4.2.2 Simulating navigation.............................. 32 4.3 Logs Structure...................................... 33 4.4 The Program....................................... 34 4.4.1 Structure..................................... 34 4.4.2 Visiting websites................................. 34 4.4.3 Logs saving.................................... 35 4.4.4 Number of gestures injected........................... 35 4.4.5 Cleaning the environment............................ 36 4.4.6 Files saving.................................... 37 4.5 Issues in automatic browsing.............................. 37 4.5.1 Redirection to external websites........................ 37 4.5.2 Permissions acceptance............................. 39 4.5.3 Malicious websites................................ 41 4.5.4 Unreachable websites............................... 42 4.5.5 Loading time................................... 42 4.5.6 Unhandled corner cases............................. 43 5 Results 44 5.1 Usage analysis...................................... 44 5.1.1 Correspondence with Android calls....................... 45 5.1.2 Distribution.................................... 45 5.2 Sources of the calls.................................... 49 5.2.1 iframes...................................... 49 5.2.2 Analysis of sources................................ 49 6 Extension 52 6.1 Why an extension.................................... 52 6.2 Architecture........................................ 54 6.2.1 Content script.................................. 54 6.2.2 Dynamic extension page............................. 55 6.2.3 Local storage................................... 55 6.3 Programmer manual................................... 55 6.3.1 Permissions.................................... 56 6.3.2 Per website customization............................ 57 6.3.3 Content script (injector.js)........................... 58 6.3.4 Injected code................................... 61 6.3.5 Extension pop-up................................. 63 6.4 User Manual....................................... 68 6.4.1 Installation guide................................. 68 6.4.2 User Interface................................... 69 6 7 Conclusion 71 7.1 Future works....................................... 71 A FFAutomator manuals 73 A.1 User manual........................................ 73 A.1.1 Prerequisites................................... 73 A.1.2 Input....................................... 73 A.1.3 Output...................................... 74 A.1.4 Google SafeBrowsing API............................ 75 A.2 Programmer manual................................... 75 A.2.1 Environment setup................................ 75 A.2.2 Main loop..................................... 77 A.2.3 Functions..................................... 79 Bibliography 92 7 Chapter 1 Introduction Usage of smartphones among population constantly increased in the last ten years. In the United States, almost the totality of mobile phone owners has a smartphone [1]. Among all the function- alities offered by those devices, one of the most employed is web browsing. For the first time, in 2016, internet traffic generated from mobile devices overcame the one produced by desktop com- puters worldwide [2] and in 2016 56% of traffic to top-sites in the United States came from mobile devices [3]. The main factors that influenced this trend are the improvements in communication technology (e.g. the introduction of fast mobile internet connections), the development of web browsers offering now features comparable to the desktop ones and the improvement in smart- phone usability (e.g. the implementation of practical gestures and the usage of bigger screens) [4]. Moreover, smartphones constantly monitor their status and are always aware of what is hap- pening around them. This is possible thanks to the capability of those devices of retrieving information from the surrounding environment (using, for example, the ambient light sensor or the microphone) and from their status, as speed or orientation (using for example gyroscope, accelerometer and GPS). While this characteristic
Load more

Recommended publications
  • Weekly Wireless Report WEEK ENDING September 4, 2015
    Weekly Wireless Report WEEK ENDING September 4, 2015 INSIDE THIS ISSUE: THIS WEEK’S STORIES This Week’s Stories Ad Blocking In Apple’s iOS 9 Highlights Rift Over Ads With Ad Blocking In Apple’s iOS 9 Highlights Rift Over Ads With App Publishers App Publishers September 4, 2015 More Than 225,000 Apple Apple has warned developers that, in the name of privacy and user preference, it is adding ad-blocking iPhone Accounts Hacked capability in its upcoming release of iOS 9 software, which is expected to arrive with new iPhones as early as Sept. 9. And that’s creating some tension with Google, mobile marketing companies, and PRODUCTS & SERVICES publishers alike. A New App That Lets Users’ If iOS 9 and the ad blockers are widely adopted, it could mean significant disruption to the $70 billion Friends ‘Virtually Walk Them mobile marketing business. More ad blocking means that many users simply won’t see as many ads in Home At Night’ Is Exploding In their games or apps. Publishers, ad networks, and marketing tech companies will get less revenue. Popularity Mobile game companies don’t need to panic now, but they’d better pay attention. Sprint Revises Free Service The battle over the legality of ad-blocking software is still playing out on the Web, where online ads are Deal For DirecTV Customers, a $141 billion business. In May, a German court ruled that ad blocking is not illegal. In mobile, Apple Adds Data Options has added the ability to block ads via a change in its platform that allows third-party companies to create ad-blocking apps.
    [Show full text]
  • Mozilla Source Tree Docs Release 50.0A1
    Mozilla Source Tree Docs Release 50.0a1 August 02, 2016 Contents 1 SSL Error Reporting 1 2 Firefox 3 3 Telemetry Experiments 11 4 Build System 17 5 WebIDL 83 6 Graphics 85 7 Firefox for Android 87 8 Indices and tables 99 9 Localization 101 10 mach 105 11 CloudSync 113 12 TaskCluster Task-Graph Generation 119 13 Crash Manager 133 14 Telemetry 137 15 Crash Reporter 207 16 Supbrocess Module 211 17 Toolkit modules 215 18 Add-on Manager 221 19 Linting 227 20 Indices and tables 233 21 Mozilla ESLint Plugin 235 i 22 Python Packages 239 23 Managing Documentation 375 24 Indices and tables 377 Python Module Index 379 ii CHAPTER 1 SSL Error Reporting With the introduction of HPKP, it becomes useful to be able to capture data on pin violations. SSL Error Reporting is an opt-in mechanism to allow users to send data on such violations to mozilla. 1.1 Payload Format An example report: { "hostname":"example.com", "port":443, "timestamp":1413490449, "errorCode":-16384, "failedCertChain":[ ], "userAgent":"Mozilla/5.0 (X11; Linux x86_64; rv:36.0) Gecko/20100101 Firefox/36.0", "version":1, "build":"20141022164419", "product":"Firefox", "channel":"default" } Where the data represents the following: “hostname” The name of the host the connection was being made to. “port” The TCP port the connection was being made to. “timestamp” The (local) time at which the report was generated. Seconds since 1 Jan 1970, UTC. “errorCode” The error code. This is the error code from certificate veri- fication. Here’s a small list of the most commonly-encountered errors: https://wiki.mozilla.org/SecurityEngineering/x509Certs#Error_Codes_in_Firefox In theory many of the errors from sslerr.h, secerr.h, and pkixnss.h could be encountered.
    [Show full text]
  • Firefox for Mac Os 103 9 Download
    Firefox For Mac Os 10.3 9 Download 1 / 5 Firefox For Mac Os 10.3 9 Download 2 / 5 3 / 5 10 3 Supplemental Update, Mac OS X Update, and many more programs Firefox For Mac 10.. Mac OS X 10 3 MacOS X was Apple's replacement for their classic MacOS Download Name Version Language CPU File type File size; Apple Mac OS X 10.. Need to move Bookmarks, Extensions & Add-Ons to another Mac; Is the process to delete cache and cookies for Firefox 3. 1. firefox download 2. firefox quantum 3. firefox extensions 5 - Apple's latest operating system for the Mac Download the latest versions of the best Mac apps at safe and trusted MacUpdate. firefox download firefox download, firefox for android, firefox quantum, firefox update, firefox logo, firefox extension, firefox vpn, firefox addon, firefox send, firefox portable, firefox, firefox for mac, firefox app, firefox extensions, firefox cycles, firefox themes, firefox addons Stereo Spread Vst Download 0 2 54) All users should apply this update. 6 8Firefox For Mac OsMac os x 9 free download - R for Mac OS X, Java Update for Mac OS X 10. Cancionero Salesiano Pdf 4 / 5 Rabbids Go Home Wbfs Download For Mac firefox quantum Plague Inc Evolved V0.7.5 download 3 X (Panther) is now being installed on all new Cal Poly faculty/staff Macintosh workstations and the OS only keeps getting better! It has been designed for users who could also be new the Macintosh, users who have only recently upgraded from OS 9 to OS X, or users who simply want to understand more about the good new features available in 10.
    [Show full text]
  • Revised Electronic Filing Question and Answer Document
    Questions and Answers Regarding Electronic Filing TO AVOID FILING MISTAKES PLEASE READ THIS DOCUMENT IN ITS ENTIRETY 1. Is there any means to file a hearing record or pleadings and supporting papers with the Office of State Review (OSR) currently available? Yes. A hearing record may be filed with OSR electronically DURING THE COVID-19 PANDEMIC ONLY. Once a pleading and any supporting papers have been served upon the opposing party, they can also be filed (together with the affidavit of service) through electronic means. 2. Am I required to file documents with OSR electronically? No, documents may be mailed to the Office of State Review in accordance with the usual filing requirements of Part 279 of the Commissioner's Regulations. The ability to file electronically is an added measure available during the COVID-19 pandemic to assist parties in limiting the potential spread of the Coronavirus or to assist parties who have been quarantined. 3. What hardware and software are needed to file documents electronically with OSR? Filing documents with OSR may require the following hardware or software: . A personal computer running a standard platform such as Windows 8/10 or Mac OS X. A recent tablet with an up-to-date operating system such as an iPad with iOS 13 or android tablet. A PDF-compatible word processor like Microsoft Word or Corel WordPerfect. Internet service. A recent web browser, such as Google Chrome, Mozilla Firefox, Safari, or Microsoft Edge or Internet Explorer are recommended. Some users may have positive experiences with other web browsers that OSR staff does not have experience with.
    [Show full text]
  • People's Tech Movement to Kick Big Tech out of Africa Could Form a Critical Part of the Global Protests Against the Enduring Legacy of Racism and Colonialism
    CONTENTS Acronyms ................................................................................................................................................ 1 1 Introduction: The Rise of Digital Colonialism and Surveillance Capitalism ..................... 2 2 Threat Modeling .......................................................................................................................... 8 3 The Basics of Information Security and Software ............................................................... 10 4 Mobile Phones: Talking and Texting ...................................................................................... 14 5 Web Browsing ............................................................................................................................ 18 6 Searching the Web .................................................................................................................... 23 7 Sharing Data Safely ................................................................................................................... 25 8 Email Encryption ....................................................................................................................... 28 9 Video Chat ................................................................................................................................... 31 10 Online Document Collaboration ............................................................................................ 34 11 Protecting Your Data ................................................................................................................
    [Show full text]
  • Firefox Tor for Mac
    Firefox Tor For Mac 1 / 4 Firefox Tor For Mac 2 / 4 Firefox Tor For Mac High SierraFirefox Tor For Mac Windows 10Firefox Tor For Mac CatalinaFirefox Tor Browser MacFirefox On MacDownload Firefox To MacWindows provides a built-in firewall, which controls how programs access the Internet. 1. firefox 2. firefox logo 3. firefox cycles Note: This article only applies to Windows To see instructions, choose the Windows version from the dropdown menu above. firefox firefox download, firefox quantum, firefox for android, firefox update, firefox for windows, firefox soft98, firefox vpn, firefox extensions, firefox addons, firefox for mac, firefox logo, firefox nightly, firefox send Unduh Aplikasi Grab For Android Gratis Get Firefox for Windows, macOS, Linux, Android and iOS today!This tutorial will provide information on how to configure proxy Firefox on your Mac so you can use our proxy servers in 7 easy steps. Free download Free Slideshow Video Maker programs Realtek Rtl8168 And 8111 Family Gigabit Lan Driver For Mac firefox logo Kiwix Mac Download If you're running Windows Firewall and having connection problems in Firefox: On the left side of the Windows Firewall panel, click Allow an app or feature through Windows Firewall. Team fortress 2 download full game tpb movie 3 / 4 firefox cycles Vm Player 14 Osx The Desktop view will open From the Desktop, hover in the lower right-hand corner to access the Charms.. May 20, 2014 Tor Browser Bundle for Mac enables you to securely browse the Web while hiding your identity, proving to be an accessible, feature- rich option.. exe) selected, click the button Confirm that you want to remove the entry Click the button.
    [Show full text]
  • Cnet Downloads Windows 7 Mozilla Firefox What Version Firefox Release Notes
    cnet downloads windows 7 mozilla firefox what version Firefox Release Notes. Release Notes tell you what’s new in Firefox. As always, we welcome your feedback. You can also file a bug in Bugzilla or see the system requirements of this release. Download Firefox — English (US) Your system may not meet the requirements for Firefox, but you can try one of these versions: Download Firefox — English (US) Download Firefox Download Firefox Download Firefox Download Firefox Download Firefox Download Firefox Download Firefox Download Firefox Firefox for Android Firefox for iOS. We'd also like to extend a special thank you to all of the new Mozillians who contributed to this release of Firefox! Yandex set as default search provider for the Turkish locale. Bing search now uses HTTPS for secure searching. Improved protection against site impersonation via OneCRL centralized certificate revocation. Opportunistically encrypt HTTP traffic where the server supports HTTP/2 AltSvc. Fixed. Changed. Disabled insecure TLS version fallback for site security. Improved certificate and TLS communication security by removing support for DSA. Extended SSL error reporting for reporting non-certificate errors. TLS False Start optimization now requires a cipher suite using AEAD construction. Developer. New Inspector animations panel to control element animations. New Security Panel included in Network Panel. Debugger panel support for chrome:// and about:// URIs. Added logging of weak ciphers to the web console. Web Platform. Implemented a subset of the Media Source Extensions (MSE) API to allow native HTML5 playback on YouTube (Windows Vista or later only) Firefox Release Notes. Release Notes tell you what’s new in Firefox.
    [Show full text]
  • Security Now! #785 - 09-22-20 Formal Verification
    Security Now! #785 - 09-22-20 Formal Verification This week on Security Now! This week we look at an important security update to Android for Firefox. We bid a fond farewell to Firefox Send and Notes, we look at the promise and growing popularity of the disastrously-named DuckDuckGo Internet search service, we dig into what's behind last Friday's Emergency Directive 20-04 from the DHS/CISA. We'll also take a look at the recent privacy and security improvements incorporated into Android 11 and iOS 14. We have a bit of errata, closing the loop feedback, and SpinRite news. Then we're going to take a look at the need for Formal Verification of our complex security protocols going forward in the context of another critical failure of a massively widespread system. Browser News Update to Firefox 79 for Android An important LAN attack bug was recently fixed in Firefox 79 for Android. Firefox locates other devices on the same LAN to share or receive content. An example might be sharing video streams with a Roku player. To accomplish this, Firefox uses the Simple Service Discovery Protocol, SSDP. And if that sounds familiar to you it's because we've often spoken of it and its mixed-blessing capabilities, limitations, and security shortfalls. Although it was originally intended to be a freestanding protocol, its adoption by the infamous Universal Plug n' Play (UPnP) system moved it into the UPnP specification. It's a simple text-based protocol based on HTTP over UDP. The system uses LAN-wide multicast addressing.
    [Show full text]
  • Automating Navigation Sequences in AJAX Websites
    Automating Navigation Sequences in AJAX Websites Paula Montoto, Alberto Pan, Juan Raposo, Fernando Bellas, and Javier López Department of Information and Communication Technologies, University of A Coruña Facultad de Informática, Campus de Elviña s/n 15071 A Coruña, Spain {pmontoto,apan,jrs,fbellas,jmato}@udc.es Abstract. Web automation applications are widely used for different purposes such as B2B integration, automated testing of web applications or technology and business watch. One crucial part in web automation applications is to allow easily generating and reproducing navigation sequences. Previous proposals in the literature assumed a navigation model today turned obsolete by the new breed of AJAX-based websites. Although some open-source and commercial tools have also addressed the problem, they show significant limitations either in usability or their ability to deal with complex websites. In this paper, we propose a set of new techniques to deal with this problem. Our main contributions are a new method for recording navigation sequences supporting a wider range of events, and a novel method to detect when the effects caused by a user action have finished. We have evaluated our approach with more than 100 web applications, obtaining very good results. Keywords: Web automation, web integration, web wrappers. 1 Introduction Web automation applications are widely used for different purposes such as B2B integration, web mashups, automated testing of web applications or business watch. One crucial part in web automation applications is to allow easily generating and reproducing navigation sequences. We can distinguish two stages in this process: − Generation phase. In this stage, the user specifies the navigation sequence to reproduce.
    [Show full text]
  • Web Usability Glossary
    USABILITY GLOSSARY TERM DEFINITION above the fold / : The fold' marks the end of the visible part of the web page. Therefore, 'above the below the fold fold' means the area of the web page that is visible without scrolling. 'below the fold' is the area of the web page that requires scrolling to see. accessibility : Accessibility is a prerequisite to usability. If a person can not access a web page he certainly can not use it. Accessibility refers to web page information/content being obtainable and functional to the largest possible audience. It is about providing access to information for those who would otherwise lose their opportunity to use the web. In contrast inaccessible means unobtainable, nonfunctional. accessibility aids : Assistive technology; tools to help people with disabilities to use computers more effectively. affordance / : A situation where an object's sensory characteristics intuitively imply its perceived affordance functionality and use: a button, by being slightly raised above an otherwise flat surface, suggests the idea of pushing it. A lever, by being an appropriate size for grasping, suggests pulling it. A blinking red light and buzzer suggests a problem and demands attention. A chair, by its size, its curvature, its balance, and its position, suggests sitting on it. An affordance is a desirable property of a user interface - software which naturally leads people to take the correct steps to accomplish their goals. banner blindness : This is the situation where a website user ignores banner-like information on a website. The banner information may or may not be an ad. breadcrumbs : Type of web navigation where current location within the website is indicated by a list of pages above the current page in the hierarchy, up to the main page.
    [Show full text]
  • An Algorithm for Gaze Region Estimation on Web Pages
    INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 6, ISSUE 08, AUGUST 2017 ISSN 2277-8616 An Algorithm For Gaze Region Estimation On Web Pages John K. Njue, Simon G. Maina, Ronald Waweru Mwangi, Michael Kimwele Abstract: Accurate gaze region estimation on the web is important for the purpose of placing marketing advertisements in web pages and monitoring authenticity of user’s response in web forms. To identify gaze region on the web, we need cheap, less technical and non-laboratory setup that minimize user interruptions. This study uses the mouse and keyboard as input devices to collect web usage data. The data collected is categorized into mouse activities, keyboard activities and scroll activities. A regression model is then used to estimate gaze region from the categorized data. The results indicate that although mouse cursor data is generated throughout the user session, the use of data from keyboard presses and scroll from both keyboard and mouse improves the accuracy of identified gaze regions in web usage data. Index Terms: Gaze tracking, gaze region, linear regression model, mouse activities, keyboard activities, scroll activities, web page. ———————————————————— 1 INTRODUCTION 2 LITERATURE REVIEW Eye gaze tracking records eye movements whilst a participant A significant feature of web applications is possibility for non- examines a visual stimulus [1]. Tracking user’s eye gaze and sequential navigation to access items on web documents. eye movements are some of the main ways of studying There is no definite order of determining the sequence in attention on web pages as they provide rich details on user which the text is read in web documents [4].
    [Show full text]
  • Foraging Goes Mobile: Foraging While Debugging on Mobile Devices
    2017 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC) Foraging Goes Mobile: Foraging While Debugging on Mobile Devices David Piorkowski1, Sean Penney2, Austin Z. Henley3, Marco Pistoia1, Margaret Burnett2, Omer Tripp4* , Pietro Ferrara5* 1IBM Research 2Oregon State University 3University of Memphis 4Google 5Julia SRL Yorktown Heights, NY, USA Corvallis, OR, USA Memphis, TN, USA New York, NY, USA Verona, Italy [email protected] {penneys, burnett} [email protected] [email protected] [email protected] [email protected] @eecs.oregonstate.edu Abstract—Although Information Foraging Theory (IFT) re- Perhaps programmers of larger mobile applications could search for desktop environments has provided important in- also reap such benefits, if their foraging was supported on sights into numerous information foraging tasks, we have been mobile devices. Thus, in order to investigate where foraging unable to locate IFT research for mobile environments. Despite a complex information space on a mobile platform is the same the limits of mobile platforms, mobile apps are increasingly and where it differs from desktop foraging, we conducted a serving functions that were once exclusively the territory of dual replication study. Mobile and desktop platforms are dif- desktops—and as the complexity of mobile apps increases, so ferent, so our study is the type known as a conceptual repli- does the need for foraging. In this paper we investigate, through cation, which “test<s> the same fundamental idea or hypoth- a theory-based, dual replication study, whether and how forag- esis behind the original study, but the operationalizations of ing results from a desktop IDE generalize to a functionally sim- the phenomenon, … may all differ” [9] (italics added).
    [Show full text]