DOCSLIB.ORG

The Impact of Salient Privacy Information on Decision-Making

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
The Impact of Salient Privacy Information on Decision-Making The Impact of Salient Privacy Information on Decision-Making Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Engineering and Public Policy Janice Y. Tsai B.S., Mathematical Methods in the Social Sciences, Northwestern University M.L.I.S., School of Communication and Information, Rutgers M.S., Engineering and Public Policy, Carnegie Mellon University Carnegie Mellon University Pittsburgh, PA December 2009 Thesis Committee: Lorrie F. Cranor, Chair Alessandro Acquisti Baruch Fischhoff Jason Hong Peter Swire Keywords: Privacy, Online Privacy, Mobile-Location Privacy, Technology Adoption, Behavioral Economics Copyright c 2009 Janice Y. Tsai. This work is licensed under the Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-nd/3.0/us/ or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. To grandparents and to my husband Richard W. Sharp III, without whom this would not have been possible. iv Acknowledgments I recently took a trip to Taiwan to visit my grandparents. At their apartment, my grandfather proudly displayed the bookshelf of the theses of his children and grandchildren. The value that my parents and grandparents placed on education makes it possible for me to complete my PhD today. I was drawn to the Department of Engineering and Public Policy because the person who would become my advisor, Lorrie Cranor, took the time to thoughtfully answer my email inquiry about graduate studies at Carnegie Mel- lon. I am thankful for her willingness to always make time for her students. She has been a truly inspirational advisor, and has helped me to transform as a researcher. Her support and encouragement enabled me to pursue and complete my PhD. I am privileged to be a member of the Department of Engineering and Pub- lic Policy. Granger Morgan has created a program whose alumni change the world. I thank him for his vision as well as Patti Steranchak, Vicki Finney, and Barbara Bugosh who make EPP thrive. I would especially like to mention Patrick Wagstrom, whose advice continues to be useful and wise; and Jenny Logue for her encouragement. No one could wish for better collaborators than those found in the CUPS Laboratory. I thank Alessandro Acquisti for his intellectual input: our discus- sions have been essential in my involvement in the areas of behavioral eco- nomics and privacy. Serge Egelman was an instrumental partner in our Privacy Finder research. Patrick Gage Kelley has been a good friend and provided in- sightful comments on my work. I have appreciated the camaraderie provided by Steve Sheng and Aleecia McDonald, my fellow CUPS Lab EPP students. I would also like to recognize Julie Downs and Mandy Holbrook for their advice and expertise in survey design and analysis, Ponnurangam Kumaraguru for his attention and feedback in presentations, and Jennifer Lucas for her admin- istrative knowledge and ability to get things done at Carnegie Mellon. I would like to thank the CMU Mobile Commerce Lab and Norman Sadeh for his leadership of the group; Jason Hong for his input related to location- sharing, privacy, and HCI; and Paul Hankes Drielsma and Eran Toch for their insights and conversations regarding feedback and expressiveness. My friends have contributed a significant amount to my life. I would like to thank Scott Craver for being my inspiration to make a difference in the arena of technology policy, Kate and Pat Zimmerman for their enthusiasm, and Eugene Cheung for always listening. Finally, this work is funded in party by the National Science Foundation un- der Cyber Trust grant CNS-0627513 and by the Army Research Office contract no. DAAD19-02-1-0389 to Carnegie Mellon University’s CyLab. vi Abstract People value their privacy; however, they typically do not make the protec- tion of their privacy a priority. Privacy is oftentimes not tangible, complicating the efforts of technology users to express and act according to their privacy needs. Additionally, people may not be fully aware of the risks they are sub- jecting themselves to once they use the Internet for financial transactions, or create profiles on online social networks. Companies post privacy policies inform people about their informational practices; but, this information is ex- tremely difficult to use and typically not considered in users’ decision-making processes. Privacy concerns have also had an impact on users’ adoption of new tech- nologies that share personal information. A plethora of mobile location-finding technologies applications have become available over the last two decades, but the products and services offered by the technology developers may not comprehensively address the privacy implications and privacy concerns sur- rounding their use. The design considerations for these products may not pro- vide the necessarily amount of control or risk mitigation for users to ensure that their location information is not misused. In this thesis, I focus on the impact of salient privacy information on pri- vacy concerns and behavior in two contexts: online shopping and the use of a mobile-location sharing technology. I examine several case studies focusing on the evolution of privacy attitudes after people use specific technologies. Based on the examination of the use of a location-sharing system, I highlight several design considerations for mobile-location application developers to ensure they address their usersÕ privacy concerns. I use the results of online surveys and user studies to provide concrete information on the impact of feedback on the comfort with using location-sharing technology. This research shows that users will pay a premium to purchase from websites that offer better privacy policies IF that privacy information is made visible and understandable. This research points to the importance of control in the management of privacy concerns. Whether it be mandated by legislation, or recommended in industry standards or design standards, offering users control in the form of understandable pri- vacy policy information, or control over the disclosure of personal information by technology, is essential. viii Contents Acknowledgments iv Abstract vii I Overview1 1 Introduction3 1.1 Research Questions...............................5 1.2 Research Overview...............................6 1.2.1 Mobile Location Privacy Concerns Study...............7 1.2.2 Location-Sharing Feedback Study I (Locyoution)...........8 1.2.3 Location-Sharing Feedback Study II (Locaccino)...........8 1.2.4 Online Privacy Concerns Study.....................9 1.2.5 Privacy Information Purchasing Study.................9 1.2.6 Privacy Premium Survey........................ 10 1.2.7 Privacy Information Timing Purchase Study.............. 10 1.2.8 Privacy Finder Usage Study...................... 11 2 Background and Related Work 13 2.1 Information Salience.............................. 13 2.2 Privacy Concerns................................ 14 ix 2.2.1 Online Privacy Concerns........................ 14 2.2.2 Location-Based Privacy Concerns................... 14 2.3 Dimensions of Privacy Concern........................ 16 2.4 Invisible Privacy................................. 17 2.5 Previous Privacy Research........................... 20 2.5.1 The Valuation of Privacy........................ 20 2.5.2 Studies of Privacy in Location-Based Applications........... 22 2.6 Privacy Indicators................................ 23 2.6.1 P3P................................... 23 2.6.2 Privacy Finder.............................. 24 2.7 Technology Adoption in Ubiquitous Computing Environments........ 27 II Privacy Implications of Mobile Location Technologies 29 3 Mobile Location Privacy Concerns Study 31 3.1 Locating Technologies............................. 32 3.1.1 Development Platforms for Locating-Technologies.......... 34 3.2 Privacy Controls in Location-Sharing Applications............... 35 3.2.1 Method.................................. 36 3.2.2 Data Analysis.............................. 37 3.3 Location-Sharing Risk/Benefit Analysis.................... 43 3.3.1 Method.................................. 44 3.3.2 Survey Data Analysis.......................... 45 3.4 The Ability of LBS Applications to Address Users’ Perceived Risks...... 56 3.4.1 Addressing risks with privacy controls................. 57 3.4.2 Discussion and Limitations....................... 62 4 Location-Sharing Feedback Study I (Locyoution) 65 x 4.1 Technology................................... 66 4.1.1 User Interface.............................. 68 4.1.2 Home Screen.............................. 69 4.1.3 Rules Screen.............................. 70 4.1.4 Who Has Viewed Me.......................... 70 4.1.5 Facebook Privacy Settings....................... 71 4.2 Locyoution Study................................ 71 4.2.1 Method.................................. 72 4.2.2 Data Analysis.............................. 73 4.2.3 Usage.................................. 75 4.3 Results...................................... 75 4.3.1 Privacy.................................. 75 4.3.2 Feedback................................ 78 4.3.3 Rule Expressiveness.......................... 79 4.3.4 Technology Adoption.......................... 82 4.4 Discussion.................................... 84 4.4.1 Context.................................. 84 4.4.2 Control.................................. 85 4.4.3 Bells & Whistles............................
Load more

Recommended publications
  • Mapping the Space of Location-Based Services 5
    CHARLIEDETAR MAPPINGTHESPACEOFLOCATION- BASEDSERVICES 2 charlie detar Abstract This paper is an attempt to both summarize the current state of Lo- cation Based Services (LBS), and to unpack and problematize the underlying assumptions on which they operate. Location based ser- vices — including applications for mapping and navigation, social networking, gaming, and tourism and information services — are all based on the idea that information about a user’s location can be used to adapt the content and user interface of a service, improving it. However, the “location” used by these systems is usually restricted to data-poor representations such as geographic coordinates, and as such provides an insufficient cue for the rich and culturally contin- gent context embodied in the notion of a “place”. I will argue that developers should consider both the salience of the particular place- or space-based context to their application domain, and the potential impacts the application will have on a user’s sense of place when designing location based services. Contents 1 Introduction: Location, Location, Location 4 2 Space: the geometry of location 7 3 Place: the interpretation of location 12 4 Technology of space and place 17 5 Space, place, and location based services 22 6 Conclusion 45 7 Bibliography 46 1 Introduction: Location, Location, Location Location is a deep component of how we experience the world — it encapsulates not only a mathematical abstraction for our positions in space, but also a rich set of cultural meanings that we associate with particular places, which bound and contextualize our experience. The concept of “place” combines both geography and sociality — one has a “place” in relation to other people (and deviant behavior is “out of place”).
    [Show full text]
  • GPS Unit Or Cell Phone with GPS/Maps GPS Devices
    GPS Unit or Cell Phone with GPS/Maps GPS Devices Survey/GIS High quality GIS grade (Trimble, Astech, Javad) Consumer Handheld (Garmin, Magellan, Lowrance) Car (TomTom, Magellan, Garmin) Fishing (Lowrance, Garmin, Hummingbird) Cell Phones Early models (no GPS/AGPS) Current Phones (with GPS/AGPS to support GPS for E911 calls) Simple Phone –not web/data (prepaid or plan) Basic Phone with ability to access web/data Smart Phone Limit to accuracy ~ 5m (16ft) GPS/GNSS ‐ Smartphones (quick tips; there are many others) Regular Web Based iOS Phones Basic ; waypoints/tracks Verizon VZ Navigator MotionX‐GPS, Gaia GPS, GPS Kit AT&T TeleNav GPS Navigator Drive –Car ‐ Traffic Google Maps, MotionX‐Drive, Cheap Gas!, Scout, Navigon‐$, Tom Tom 1.3, Magellan RoadMate‐$, Garmin‐$ AmAze, Waze (crowdsourcing) Social Foursquare, Facebook Places, Twitter Geolocation Android Window Mobile Basic ; waypoints/tracks Gaia GPS‐$, GPS Essential, GPS Status (various; will update soon) Symbian‐Nokia Drive –Car‐ Traffic Ovi Map Google Maps Navigation, Gas Buddy Waze Now Windows Sygic, MapQuest, Waze (crowdsourcing) Mobile Social Foursquare, Facebook Places, Twitter Geolocation Thomas Friedman, NY TIMES, 3/2/2012; " Six years ago Facebook did exist, Tweet was a sound, the Cloud was still in the sky, 4G was a parking place, LinkedIn was a prison, applications were what you sent to college and Skype was a typo for most people." GPS/GNSS ‐ Smartphones‐ Minor mention iOS or Android apps Trapster GeoCaching Extra credit option: Find a Geocache http://www.geocaching.com 1 point for each cache found & recorded (up to 5 points maximum) To record your “finds” you will need to sign up at http://www.geocaching.com (free) and “friend” my ID, so I can verify your “finds” My geocaching.com ID is ajenks.
    [Show full text]
  • T O D a Y Software Magazine
    No. 14 • August 2013 • www.todaysoftmag.ro • www.todaysoftmag.com TODAY TSM SOFTWARE MAGAZINE Provocările unui business analyst în Agile Scurtă introducere în mediul SAP Load Test folosind Windows Azure Haskell (IV) Project Manager și Business Analyst - un duet care poate face diferența în IEEE Congress on Evolutionary outsourcingul românesc Computation, 2013, Cancun ITC Spring 2013 (II) Migrare website MVC 3 și DB în Azure (III) Cum invata un artizan software: deliberate practice Istoria IT-ului clujean: Ford și Șincai Team building (II) WPF – cum stăm cu performanța? Conferința Romanian Testing Startup Transilvania Community 2013 6 27 ICT SPRING Team EUROPE 2013 (II) building (II) Ovidiu Mățan Andreea Pârvu 9 29 Istoria Provocările unui business IT-ului analyst în Agile Marius Mornea Monica Petraru 10 32 Conferința Project Manager și Business Romanian Testing Analyst - un duet care poate Community face diferența în outsourcin- 2013 gul românesc Marius Mornea Adrian Cighi 11 34 Startup Recenzia cărții: Android Apps Transilvania with Eclipse de Onur Cinar Cristian Dascălu Silviu Dumitrescu 12 36 Despre finaliștii Romanian Load Test folosind Windows Startup Awards Azure Bogdan Iordache Radu Vunvulea 15 39 Aplicații pentru previziuni Programare financiare la IEEE Congres on Funcțională Evolutionary în Computation, 2013, Cancun Haskell (IV) Silvia Răușanu Mihai Maruseac 18 41 Cum învață un artizan soft- Migrare website MVC 3 și DB în ware: deliberate practice Azure (III) Alexandru Bolboaca și Adrian Bolboacă Dragoș Andronic 21 43 Scurtă introducere Design pattern-ul în mediul SAP MVVM Victor Ionescu Andrei Moldovan 23 45 WPF – cum stăm cu Complicat performanța? sau complex Daniel Lăcătuș Simona Bonghez editorial remea vacanțelor a început, o parte am fost norocoși și ne-am luat deja concedi- ile așa că putem să ne reluăm plini de elan lucrul la birou.
    [Show full text]
  • Data Collection – a Road Map
    2013 MASITE Annual Meeting September 20, 2013 Data Collection – A Road Map Bridget Bitto, KMJ Consulting, Inc. Traffic Engineering Technology Session September 20, 2013 1 Road Map • Data Sources • Study Types • Conclusions September 20, 2013 2 Data Sources Probe-Based Spot Sensor-Based September 20, 2013 3 Data Sources Probe-Based Measures Technology Definition Providers Identifies and matches MAC AWAM, TRAFFAX, TrafficCast, Bluetooth address of Bluetooth enabled Savari Networks devices as they pass reader Readers record toll tag ID Toll Tag Readers E-ZPass numbers Private 3rd Party Combination of probe data form INRIX, TomTom, TrafficCast, HERE Data Providers multiple technologies Uses signaling information from Wireless Location cell phones to anonymously track Cellient, AirSage, Delcan devices Obtaining real-time traffic Google Maps, TomTom MapShare, Crowd-Sourcing information from GPS-enabled Trapster, Waze mobile phones September 20, 2013 4 Data Sources Spot Sensor-Based Measures Technology Definition Loop detectors or magnetic In-Road Sensors detectors Directly measures speeds of Radar vehicles Video image vehicle detection Video system September 20, 2013 5 Study Types Origin- Travel Time Destination Speed & Pedestrian & Volume Bicycle September 20, 2013 6 Origin-Destination Studies • Find out where vehicles are coming from, where they are going, and when trips occur. • Used to support: – Travel demand model – Regional transportation system analysis September 20, 2013 7 Origin-Destination Studies Ability to Roadway Type Area Type
    [Show full text]
  • The Under-Appreciated Dimension of Time in Location-Based Systems Karen P
    The Under-Appreciated Dimension of Time in Location-Based Systems Karen P. Tang1,2 , Jason W. Wiese2 , Jason I. Hong2 , Daniel P. Siewiorek2 1Department of Informatics 2Human-Computer Interaction Institute University of California, Irvine Carnegie Mellon University [email protected] {jwwiese,jasonh,dps}@cs.cmu.edu ABSTRACT In fact, the LBSs that share current locations are arguably useful Empirical evidence from past studies has shown that current for only a few scenarios (e.g., for coordination or okayness location-based services (LBSs) are not individually compelling checking). However, empirical evidence from past studies enough to drive LBS adoption. To boost the adoption rate, suggests that these services do not individually provide enough researchers should consider an under-explored research area: the value to drive the overall LBS adoption. In this paper, we time dimension of location information. We provide examples present an overview of current LBSs, examine areas that have of such LBSs that share past and future locations. We also been overlooked in the LBS design space, and provide describe several challenges for designing these types of LBSs. suggestions of how to move forward to address these new areas. Specifically, we advocate that LBS research should look at what we believe is a relatively unexplored area: the time element of Categories and Subject Descriptors location information (i.e., past and future locations). While there H5.m. Information interfaces and presentation (e.g., HCI): has been some research in this area, we think that there are still Miscellaneous. many outstanding challenges which we outline here as research questions. We also posit that, by addressing these challenges, we General Terms can diversify the LBS landscape to support other types of Design, Human Factors.
    [Show full text]
  • Mergers & Acquisitions of the Geoinformation Market (2001-2020)
    Mergers & Acquisitions of the Geoinformation Market (2001-2020). A.N. Pirogov, GISGeo.org, 2020 Acquiree Name Acquirer Name Year Acquiree Name Acquirer Name Year nFrames (SURE) Esri 2020 Airborne Hydrography Hexagon 2013 HALIS Surveying And Mapping 2020 Devex Hexagon 2013 Midland GIS Solutions Surveying And Mapping 2020 IQ Irrigation Trimble 2013 Kuebix Trimble 2020 Rainwave LLC Trimble 2013 2GIS Sberbank 2020 Coordina TomTom 2013 Mapillary Facebook 2020 Waze Google 2013 Routematch Software Uber 2020 Star Net Geomatics Ltd. UTEC Survey 2013 Vricon Maxar Technologies 2020 Colorado Surveying Firm Landpoint 2013 Moovit Intel 2020 MANFRA Hexagon 2013 FreckleIOT PlaceIQ 2020 LISTECH Hexagon 2013 Factual Foursquare 2020 Navgeocom Hexagon 2013 AreaMetrics Point Inside 2020 New River Kinematics Hexagon 2013 sPARK Parking Technologies Arrive 2020 Trimble MAPS Trimble 2013 Geoslope Seequent 2019 GTA Geoinformatik Hexagon 2012 Cityworks Trimble 2019 Everlater MapQuest 2012 Placed Foursquare 2019 earthmine Inc. Nokia 2012 Geographica CARTO 2019 SSL Maxar Technologies 2012 Geomap-Imagis 1Spatial 2019 Thinknear Telenav 2012 indoo.rs Esri 2019 Geoloqi Esri 2012 Thermopylae Sciences and Technology Hexagon Geospatial 2019 UpNext Amazon 2012 Pitney Bowes - Software Solutions Business Syncsort 2019 GeoTrac Trimble 2012 Boundless Spatial Planet 2018 myVR Software Hexagon 2012 Where Is My Train Google 2018 Gatewing Trimble 2012 Geosoft Seequent 2018 MicroSurvey Software Hexagon 2012 Bricsys Hexagon 2018 Louisiana GIS Firm Landpoint 2012 FeatureX Orbital Insight 2018 Gowalla Facebook 2011 ThunderBuild BV Topcon Positioning Group 2018 Integrated Mapping Service Ubisense 2011 Geosys UrtheCast 2018 EJustice Solutions Interact Public Safety 2011 Opto-Tech Srl FARO 2018 ITIS Holdings INRIX 2011 Mergers & Acquisitions of the Geoinformation Market (2001-2020).
    [Show full text]
  • MOBILE LOCATION-BASED APPS Lecture in University of Tartu Jaak Laineste, 16.10.2012 Part 1 LOCATION-BASED SERVICE OVERVIEW Jaak Laineste
    MOBILE LOCATION-BASED APPS Lecture in University of Tartu Jaak Laineste, 16.10.2012 Part 1 LOCATION-BASED SERVICE OVERVIEW Jaak Laineste • GIS/LBS experience 17 years in GIS/mapping, 12 years in LBS Mobile operator LBS in all over the world Nutiteq since 2006 • Nutiteq and mobile development Part of Mobi Solutions group since 2009 J2ME, Android, BlackBerry, iPhone teams Naval navigation apps Location-Based Services 1. Location-based: 80% of data 2. Service (or mobile application) 3. Mobile technologies (phones, networks) 4. Mobile positioning • LBS is a technology, not application type Can be aspect of any application type Two meanings of LBS • „Classical“ definition: Mobile Positioning – MPS Mobile operators User Interface: SMS, Web, WAP, USSD, IVR • Today’s LBS : Smartphones with GPS, tablets mobile apps, web services, HTML5 Google Maps, PND, Check-ins, Google Now Operator-based LBS • Mobile Positioning Find location using mobile network Works with any mobile, no requirements Accuracy with Cell-ID: 300m ... 30 km (~1 km avg) Operator can also use in-phone GPS with A-GPS Only operator can do it, Can give to trusted 3rd party • Typical services FriendFinder, Games Find Nearest SMS Fleet Management • Recent trends Operators open APIs, including location There are aggregators: e.g. LocationLabs, Loc-Aid Location-based advertising – www.flipper.ee (EMT, Estonia) Popular LBS apps in smartphones • Navigation Tomtom, Navigon, Garmin, Nokia maps etc. Also Waze • Business around you Reviews, events, classifieds etc Yelp, Loopt, Qype, Zvents, Eventful,
    [Show full text]
  • Estimate Benefits of Crowdsourced Data from Social Media Task 4 Project Report
    Estimate Benefits of Crowdsourced Data from Social Media Task 4 Project Report www.its.dot.gov/index.htm Final Report — February 2015 Publication Number: FHWA-JPO-14-165 1.1.1.1.1.1 Produced by Noblis, Inc. U.S. Department of Transportation ITS Joint Program Office Notice This document is disseminated under the sponsorship of the Department of Transportation in the interest of information exchange. The United States Government assumes no liability for its contents or use thereof. The U.S. Government is not endorsing any manufacturers, products, or services cited herein and any trade name that may appear in the work has been included only because it is essential to the contents of the work. Technical Report Documentation Page 1. Report No. 2. Government Accession No. 3. Recipient’s Catalog No. FHWA-JPO-14-165 4. Title and Subtitle 5. Report Date Estimate Benefits of Crowdsourced Data from Social Media December 18, 2014 6. Performing Organization Code 7. Author(s) 8. Performing Organization Report No. Jeffrey Adler, John Horner, Jeanette Dyer, Alan Toppen, Lisa Burgess, and Greg Hatcher 9. Performing Organization Name And Address 10. Work Unit No. (TRAIS) Noblis 600 Maryland Ave., SW, Suite 755 11. Contract or Grant No. Washington, DC 20024 DTFH61-11-D-00018 12. Sponsoring Agency Name and Address 13. Type of Report and Period Covered ITS-Joint Program Office Final Report 1200 New Jersey Avenue, S.E. 14. Sponsoring Agency Code Washington, DC 20590 HOIT-1 15. Supplementary Notes Jimmy Chu, FHWA, Government Task Manager Marcia Pincus, ITS JPO, COR 16. Abstract Traffic Management Centers (TMCs) acquire, process, and integrate data in a variety of ways to support real-time operations.
    [Show full text]
  • Trapster Free
    Trapster free click here to download Find www.doorway.ru software downloads at CNET www.doorway.ru, the most comprehensive source for safe, trusted, and spyware-free downloads on the Web. From www.doorway.ru: Trapster(R), your iPhone alerts you as you approach police speed traps, red light cameras, and other kinds of traps. It's a high tech way to do. Like anything on your phone, you want to be careful about using Trapster while you're driving, but fortunately Trapster's mobile apps help you. Trapster - Trapster, your Android phone alerts you by spoken warnings such as "Live Police" or "Red Light Camera". Trapster®, your mobile phone alerts you as you approach police speed traps. Download Trapster Never get lost in the city again with this and Transportation. Trapster. Trapster icon More info. License: Free. Op. System: Android. Download Trapster APK (latest version) for Samsung, Huawei, Xiaomi, LG, HTC, Lenovo and all other Android phones, The Trapster app is a free service. Trapster for Android free. Download fast the latest version of Trapster for Android: Get very useful information of the road: Speed limits, radars, accidents and a. Trapster for iPhone free. Download fast the latest version of Trapster for iPhone: Speed radars, traffic jams and all the information of the roads in real time; now. Download Trapster (Android) For Free on www.doorway.ruer is your #1 driving companion. The worldwide community of over 20 million drivers. Trapster: Trapster for Android alerts you as you approach police speed traps, red light and speed cameras, via spoken warnings in fun voices.
    [Show full text]
  • Mobile Device Security
    Mobile Device Security Adam C. Champion and Dong Xuan CSE 4471: Information Security Based on materials from Tom Eston (SecureState), Apple, Android Open Source Project, and William Enck (NCSU) Organization • Quick Overview of Mobile Devices • Mobile Threats and Attacks • Mobile Access Control • Information Leaking Protection • Case Studies Overview of Mobile Devices • Mobile computers: – Mainly smartphones, tablets – Sensors: GPS, camera, accelerometer, etc. – Computation: powerful CPUs (≥ 1 GHz, multi-core) – Communication: cellular/4G, Wi-Fi, near field communication (NFC), etc. • Many connect to cellular networks: billing system • Cisco: 7 billion mobile devices will have been sold by 2012 [1] Organization Organization • Quick Overview of Mobile Devices • Mobile Threats and Attacks • Mobile Access Control • Information Leaking Protection • Case Studies Mobile Threats and Attacks • Mobile devices make attractive targets: – People store much personal info on them: email, calendars, contacts, pictures, etc. – Sensitive organizational info too… – Can fit in pockets, easily lost/stolen – Built-in billing system: SMS/MMS (mobile operator), in-app purchases (credit card), etc. • Many new devices have near field communications (NFC), used for contactless payments, etc. • Your device becomes your credit card • Much Android malware, much less for iOS • NFC-based billing system vulnerabilities Mobile Device Loss/Theft • Many mobile devices lost, stolen each year – 113 mobile phones lost/stolen every minute in the U.S. [15] – 56% of us misplace
    [Show full text]
  • Opportunities and Challenges of Smart Mobile Applications in Transportation
    journal of traffic and transportation engineering (english edition) 2016; x (x): 1e11 Available online at www.sciencedirect.com ScienceDirect journal homepage: www.elsevier.com/locate/jtte Original Research Paper Opportunities and challenges of smart mobile applications in transportation * Saidi Siuhi a, , Judith Mwakalonge b a Department of Civil Engineering, Abu Dhabi University, Abu Dhabi, United Arab Emirates b Department of Civil and Mechanical Engineering Technology and Nuclear Engineering, South Carolina State University, Orangeburg, SC 29117, USA article info abstract Article history: Smart mobile applications are software applications that are designed to run on smart Available online xxx phones, tablets, and other mobile electronic devices. In this era of rapid technological advances, these applications have become one of the primary tools we use daily both in our personal and professional lives. The applications play key roles in facilitating many ap- Keywords: plications that are pivotal in our today's society including communication, education, Smart mobile applications business, entertainment, medical, finance, travel, utilities, social, and transportation. Distracted driving This paper reviewed the opportunities and challenges of the applications related to Distracted walking transportation. The opportunities revealed include route planning, ridesharing/carpooling, Transportation safety traffic safety, parking information, transportation data collection, fuel emissions and Travel information consumption, and travel information. The potential users of these applications in the field of transportation include (1) transportation agencies for travel data collection, travel in- formation, ridesharing/carpooling, and traffic safety, (2) engineering students for field data collection such as travel speed, travel time, and vehicle count, and (3) general traveling public for route planning, ridesharing/carpooling, parking, traffic safety, and travel information.
    [Show full text]
  • Social Edens Building, Mining, and Monetizing Dynamic Online Communities
    Social Edens Building, mining, and monetizing dynamic online communities Author Dr. Yoav Intrator, GM Enterprise Architecture, Microsoft Services Publication Date: May 2013 Acknowledgments The author wants to thank the following people who contributed to, reviewed, and helped improve this white paper: Norm Judah Marc Mercuri George Anderson Marc Ashbrook Jon Tobey Mark Hoffman Yuri Misnik Introduction Imagine that you’re working in Macau for six months, and your wife has come to visit you. Several weeks before her visit, you joined an online social environment that alerts you whenever any groups in that environment form to alert you of events and topics near you that might interest you, such as Macanese folk-pop concerts, sailing events, and natural disasters. This morning, you left for work just as your wife left to play golf with a friend on Coloane Island to the south. At 9:37 a.m., the building where you work in central Macau starts to shake violently. You run outside and see hundreds of other workers from surrounding buildings. You try several times to call your wife’s smart phone but can’t get through. Then you receive a text message on your smart phone that asks if you want to join a group in the social environment called “Macau earthquake group,” or MEG for short. You click a link on the text message, enter your credentials for the social environment, and see on your smart phone the home page for MEG. It’s fully configured for an emergency and includes a link to the Global Disaster Alert and Coordination System web site (www.gdacs.org) complemented with suggestions about what to do during and after a major earthquake, along with emergency organizations and rescue locations in and near Macau.
    [Show full text]