Filters








532 Hits in 5.1 sec

Improving SSL Warnings

Adrienne Porter Felt, Alex Ainslie, Robert W. Reeder, Sunny Consolvo, Somas Thyagaraja, Alan Bettes, Helen Harris, Jeff Grimes
2015 Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems - CHI '15  
Unfortunately, users struggle to understand and often disregard real SSL warnings. We report on the task of designing a new SSL warning, with the goal of improving comprehension and adherence.  ...  Subsequently, our proposal was released as the new Google Chrome SSL warning. We raise questions about warning comprehension advice and recommend that other warning designers use opinionated design.  ...  We hope that future work will explore this topic further: how are comprehension and adherence related for SSL warnings?  ... 
doi:10.1145/2702123.2702442 dblp:conf/chi/FeltARCTBHG15 fatcat:mqdpwj6zvbf3vekltnqsjz2iwm

Warning users about cyber threats through sounds

Prerit Datta, Akbar Siami Namin, Keith S. Jones, Rattikorn Hewett
2021 SN Applied Sciences  
: (1) security warnings and features (e.g., blocking out malicious Websites) might overwhelm a typical Internet user and thus the users may overlook or ignore visual and textual warnings and, as a result  ...  Most Internet browsers provide visual cues and textual warnings to help users identify when they are at risk.  ...  Acknowledgements Thanks to Thomas Hughes for creating and formatting the sounds.  ... 
doi:10.1007/s42452-021-04703-4 fatcat:gdy5ymlaxfbu5plkijwz3sof4e

Harnessing the Challenges and Solutions to Improve Security Warnings: A Review

Zarul Fitri Zaaba, Christine Lim Xin Lim Xin Yi, Ammar Amran, Mohd Adib Omar
2021 Sensors  
Secondly, we propose two timelines by addressing the problems, challenges, and approaches to improving security warnings.  ...  This paper determines to achieve two outcomes: firstly, a thorough review of problems, challenges, and approaches to improving security warnings.  ...  All authors have read and agreed to the published version of the manuscript. Acknowledgments: The authors would like to thank Universiti Sains Malaysia for supporting this study.  ... 
doi:10.3390/s21217313 pmid:34770621 pmcid:PMC8588101 fatcat:knshuxixffdztjzdblfnijvpti

From Warning to Wallpaper: Why the Brain Habituates to Security Warnings and What Can Be Done About It

Bonnie Brinton Anderson, Anthony Vance, C. Brock Kirwan, Jeffrey L. Jenkins, David Eargle
2016 Journal of Management Information Systems  
Together, our findings reveal the substantial influence of neurobiology on users' habituation to security warnings and security behavior in general, and we offer our polymorphic warning design as an effective  ...  warnings.  ...  Akhawe and Felt found that the most common browser SSL error had the lowest adherence rate and the shortest response time, and noted that this result was "indicative of warning fatigue" [2, p. 268] ,  ... 
doi:10.1080/07421222.2016.1243947 fatcat:oz5xlleiufa5bb24oroxaqdkay

Tuning Out Security Warnings: A Longitudinal Examination of Habituation Through fMRI, Eye Tracking, and Field Experiments

Anthony Vance, Jeffrey L. Jenkins, Bonnie Brinton Anderson, Daniel K. Bjornn, C. Brock Kirwan
2018 MIS Quarterly  
Together, these findings provide the most complete view yet of the problem of habituation to security warnings and demonstrate that polymorphic warnings can substantially improve adherence.  ...  However, for users who received polymorphic permission warnings, adherence dropped at a substantially lower rate and remained high after three weeks, compared to users who received standard warnings.  ...  Acknowledgments The authors thank the senior editor, associate editor, and reviewers for their rigorous and developmental feedback throughout the review process.  ... 
doi:10.25300/misq/2018/14124 fatcat:wjbjzcix3fe4tlbuaic45yggx4

A Mixed Content Awareness Tool for Safe Browsing

Yoshio Kakizaki
2018 Journal of Computers  
Thus, our tool effectively informs and protects users from mixed content risks.  ...  Such pages are susceptible to eavesdropping and modification by third parties owing to the unsecured HTTP communication.  ...  Felt et al. designed a new SSL warning with the goal of improving comprehension and adherence [11] , [12] .  ... 
doi:10.17706/jcp.13.1.90-99 fatcat:46fxhbw2efde5lq4ae5soguvbm

A Survey on HTTPS Implementation by Android Apps: Issues and Countermeasures

Xuetao Wei, Michael Wolf
2017 Applied Computing and Informatics  
Following this discussion, we compile a set of potential solutions and patches to better secure Android HTTPS and the TLS/SSL protocol in general.  ...  published by HTTPS and Android security researchers.  ...  Evaluation of the solutions presented by the papers was brought together in this survey and including them into the next set of TLS/X.509 protocols and versions of SSL libraries will ensure user data integrity  ... 
doi:10.1016/j.aci.2016.10.001 fatcat:fp55aopjtnbn3frytc25tbmwt4

Measuring SSL Indicators on Mobile Browsers: Extended Life, or End of the Road? [chapter]

Chaitrali Amrutkar, Patrick Traynor, Paul C. van Oorschot
2012 Lecture Notes in Computer Science  
Like their desktop counterparts, these applications can enable SSL/TLS to provide strong security guarantees for communications over the web.  ...  However, the drastic reduction in screen size and the accompanying reorganization of screen real estate significantly changes the use and consistency of the security indicators and certificate information  ...  All other browsers adhere to this guideline, as shown in Tables 3 and 4 .  ... 
doi:10.1007/978-3-642-33383-5_6 fatcat:e3ok37bk4nc27ecnt7rqkuuseq

Your Reputation Precedes You: History, Reputation, and the Chrome Malware Warning

Hazim Almuhimedi, Adrienne Felt, Robert Reeder
unpublished
We provide recommendations for warning designers and pose open questions about the design of malware warnings.  ...  Next, we present results of an online, survey-based experiment that we ran to gain more insight into the effects of reputation on warning adherence.  ...  Differentiate Malware and SSL Warnings Some participants confused Chrome's malware and SSL warnings.  ... 
fatcat:3amb7ukbsfe6je7ruz7yltlpgu

A Week to Remember The Impact of Browser Warning Storage Policies

Joel Weinberger, Adrienne Felt
unpublished
Ideally, a browser would not ask someone about the same warning over and over again.  ...  Google Chrome 45 adopted our proposal, and it has proved successful since deployed. Subsequently, we ran Mechanical Turk and Google Consumer Surveys to learn about user expectations for warnings.  ...  When we reduced the number of unnecessary warnings, the overall adherence rate improved significantly with little cost to the regret rate.  ... 
fatcat:omnrkaodmre4rd256qpmoamxyy

An effective security warning approach for malware attacks on mobile devices [article]

Jana Fruth, Universitäts- Und Landesbibliothek Sachsen-Anhalt, Martin-Luther Universität
2019
Furthermore, the research eld of security warnings is relatively new. Most warning research results are published after the year 2009 and often focus browse [...]  ...  In this thesis a warning approach is introduced, which is so designed, that lay users could understand the warning information and handle the instructions for technical design.  ...  They could improve the adherence rates (measurement whether users heed warnings) of their warnings.  ... 
doi:10.25673/13449 fatcat:6euwnpparfcltcywsd3fhodcwy

Can an online clinical data management service help in improving data collection and data quality in a developing country setting?

Maarten A Wildeman, Jeroen Zandbergen, Andrew Vincent, Camelia Herdini, Jaap M Middeldorp, Renske Fles, Otilia Dalesio, Emile van der Donk, I Bing Tan
2011 Trials  
Acknowledgements The authors would like to thank Sri Wahyuni for the data collection and Donny Artika for arranging all permissions needed to conduct this study.  ...  Transmission of data is SSL encrypted using RSA 1024 bit Public Key encryption.  ...  As such, the CTDMS can serve as a tool to train and educate medical doctors and can improve treatment protocols.  ... 
doi:10.1186/1745-6215-12-190 pmid:21824421 pmcid:PMC3175171 fatcat:ggddtwtehrd3zagosl6nceygii

Personalized support for chronic conditions

Pierluigi D'Antrassi, Miloš Ajčević, Kira Stellato, Andrea Di Lenarda, Sara Marceglia, Agostino Accardo, Irene Lasorsa
2016 Applied Clinical Informatics  
Personalized support for chronic conditions: a novel approach for enhancing self-management and improving lifestyle  ...  SummarySolutions for improving management of chronic conditions are under the attention of healthcare systems, due to the increasing prevalence caused by demographic change and better survival, and the  ...  Moreover, the implemented DSSs generate medication reminders and warn patients on the consequences of non-adherence to the prescribed protocol.  ... 
doi:10.4338/aci-2016-01-ra-0011 pmid:27452661 pmcid:PMC5052537 fatcat:xd4unuwztreqjpsetn2ffpuode

Web Server Security on Open Source Environments [chapter]

Dimitrios X. Gkoutzelis, Manolis S. Sardis
2010 Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering  
to E-Commerce and privacy issues.  ...  Our goal is to state and face the most known problems in data handling and consequently propose the most appealing techniques to face these challenges through an open solution.  ...  is an open source implementation of the SSL and TLS protocols.  ... 
doi:10.1007/978-3-642-11631-5_22 fatcat:l2zymazklfa4bmvolr4lsgcpvu

A Stitch in Time

Duc Cuong Nguyen, Dominik Wermke, Yasemin Acar, Michael Backes, Charles Weir, Sascha Fahl
2017 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security - CCS '17  
We point out the advantage of a low-time-cost tool both to teach better secure coding and to improve app security.  ...  Frequently, Android developers fail to adhere to security best practices, leaving applications vulnerable to a multitude of attacks.  ...  This work was supported by the German Federal Ministry of Education and Research (BMBF) through funding for the Center for IT-Security, Privacy and Accountability (CISPA) (FKZ: 16KIS0656).  ... 
doi:10.1145/3133956.3133977 dblp:conf/ccs/NguyenWA0WF17 fatcat:iwbo4j2imbb67navyqqtx6w3j4
« Previous Showing results 1 — 15 out of 532 results