Course Overview - PowerPoint PPT Presentation

About This Presentation
Title:

Course Overview

Description:

Most PCs infected with spyware (avg. = 25) ... Free download http://privacybird.com/ Compares user preferences with P3P policies ... – PowerPoint PPT presentation

Number of Views:40
Avg rating:3.0/5.0
Slides: 58
Provided by: lorrie2
Learn more at: http://cups.cs.cmu.edu
Category:

less

Transcript and Presenter's Notes

Title: Course Overview


1
Course Overview
  • January 17, 2006

2
Outline
  • Introduction to usable privacy and security
  • Review syllabus and course policies
  • Distribute survey
  • Faculty research overview
  • Introduce students

3
Unusable security privacy
  • Unpatched Windows machines compromised in minutes
  • Phishing web sites increasing by 28 each month
  • Most PCs infected with spyware (avg. 25)
  • Users have more passwords than they can remember
    and practice poor password security
  • Enterprises store confidential information on
    laptops and mobile devices that are frequently
    lost or stolen

4
Grand Challenge
  • Give end-users security controls they can
    understandand privacy they can control forthe
    dynamic, pervasive computing environments of the
    future.
  • - Computing Research Association 2003

5
Just work
6
security/privacy researchers and system
developers
human computer interaction researchers and
usability professionals
7
Mark your calendarfor SOUPS 2006 - July 14-16 at
CMU
Symposium On Usable Privacy and
Security (SOUPS) July 6-8, 2005Pittsburgh, PA
USAhttp//cups.cs.cmu.edu/soups/
8
A preview of some topics well cover in this
course
  • Problems and approaches
  • Passwords
  • Symbols metaphors
  • Rethinking cookies
  • Making Web privacy visible

9
Problems and approaches
1.
10
How do you stay safe online?
11
Experts recommend
12
(No Transcript)
13
After installing all that security and privacy
software
14
Do you have any time left to get any work done?
15
Secondary tasks
16
Approaches to usable security
  • Make it just work
  • Invisible security
  • Make security/privacy understandable
  • Make it visible
  • Make it intuitive
  • Use metaphors that users can relate to
  • Train the user

17
Make decisions
  • Developers should not expect users to make
    decisions they themselves cant make

18
Present choices, not dilemmas
  • - Chris Nodder (in charge of user
    experience for XP SP2)

19
(No Transcript)
20
(No Transcript)
21
Passwords
2.
22
Typical advice
  • Pick a hard to guess password
  • Dont use it anywhere else
  • Change it often
  • Dont write it down

23
What do users do when every web site wants a
password?
24
Bank b3aYZ Amazon aa66x! Phonebill
p2ta1
25
(No Transcript)
26
Symbols Metaphors
3.
27
Netscape SSL icons
28
Privacy Bird icons
Privacy policymatches usersprivacy preferences
Privacy policydoes not match users privacy
preferences
29
Rethinking cookies
4.
30
(No Transcript)
31
(No Transcript)
32
Making Web privacy visible
5.
33
Web site privacy policies
  • Many posted
  • Few read

34
What if your browser could read privacy policies
for you?
35
Platform for Privacy Preferences (P3P)
  • 2002 W3C Recommendation
  • XML format for Web privacy policies
  • Protocol enables clients to locate and fetch
    policies from servers

36
Privacy Bird
  • P3P user agent
  • Free download http//privacybird.com/
  • Compares user preferences with P3P policies

37
Chirping bird is privacy indicator
38
Red bird indicates mismatch
39
Privacy settings
40
ExampleSending flowers
41
(No Transcript)
42
(No Transcript)
43
Wireless privacy
  • Many users unaware that communications over
    wireless computer networks are not private

44
Wall of sheep
45
Defcon 2001
Photo credit Kyoorius _at_ techfreakz.org
http//www.techfreakz.org/defcon10/?slide38
46
Defcon 2004
Photo credit http//www.timekiller.org/gallery/De
fconXII/photo0003
47
Peripheral display
  • Help users form more accurate expectations of
    privacy
  • Without making the problem worse

48
(No Transcript)
49
Experimental trial
  • 11 subjects in student workspace
  • Data collected by survey and traffic analysis
  • Did they refine their expectations of privacy?

50
Results
  • No change in behavior
  • Peripheral display raised privacy awareness in
    student workspace
  • But they didnt really get it

51
Privacy awareness increased
  • I feel like my information /activity / privacy
    are not being protected . seems like someone
    can monitor or get my information from my
    computer, or even publish them.

52
But only while the display was on
  • Now that words projected on the wall are
    gone, I'll go back to the same.

53
Questions to ask about a security or privacy cue
  • Do users notice it?
  • Do they know what it means?
  • Do they know what they are supposed to do when
    they see it?
  • Will they actually do it?
  • Will they keep doing it?

54
Syllabus
  • http//cups.cs.cmu.edu/courses/ups-sp06/
  • Homework (25)
  • Lecture (25)
  • Project (50)
  • Textbook and readings
  • Schedule

55
Survey
  • Please fill out course survey and bring it with
    you to class on Thursday

56
Faculty research overview
Lorrie Cranor
MichaelReiter
JasonHong
57
Student introductions
  • Introduce yourself to your neighbor and tell them
    your background. Tell them why youre taking the
    course and what you want to get out of the course
  • Form a group of 4 and repeat
  • Form a group of 8 and repeat
  • Pick someone to stand up in front of the class,
    introduce your group members, and summarize the
    reasons people in your group are taking the
    course and what you want to get out of the course
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Course Overview" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!