6 Hits in 8.4 sec

Why eve and mallory love android

Sascha Fahl, Marian Harbach, Thomas Muders, Matthew Smith, Lars Baumgärtner, Bernd Freisleben
2012 Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12  
Since the lack of visual security indicators for SSL/TLS usage and the inadequate use of SSL/TLS can be exploited to launch Man-in-the-Middle (MITM) attacks, an analysis of 13,500 popular free apps downloaded  ...  Furthermore, an online survey was conducted to evaluate users' perceptions of certificate warnings and HTTPS visual security indicators in Android's browser, showing that half of the 754 participating  ...  ACKNOWLEDGEMENT The authors would like to thank Marten Oltrogge and Felix Fischer for their help during app analysis and the anonymous reviewers for their helpful comments.  ... 
doi:10.1145/2382196.2382205 dblp:conf/ccs/FahlHMSBF12 fatcat:i65axas35nfrdmocpajtv4n4ae

Software engineering techniques for statically analyzing mobile apps: research trends, characteristics, and potential for industrial adoption

Marco Autili, Ivano Malavolta, Alexander Perucci, Gian Luca Scoccia, Roberto Verdecchia
2021 Journal of Internet Services and Applications  
study aimed at identifying, evaluating and classifying characteristics, trends and potential for industrial adoption of existing research in static analysis of mobile apps.  ...  The results of this study give a solid foundation for assessing existing and future approaches for static analysis of mobile apps, especially in terms of their industrial adoptability.Researchers and practitioners  ...  Availability of data and materials The datasets analysed during the current study are available in the github repository, mobile-static-analysis-replication-package.  ... 
doi:10.1186/s13174-021-00134-x fatcat:mlzjbkdi7fhezisn3tcv7wzlbi

Webinos Project Deliverable: Phase 2 Security Framework

Webinos Consortium
2012 Zenodo  
The webinos project defines and delivers an open source web application runtime compatible with a wide range of smart devices, including smartphones, tablets, PCs, in-car systems and set-top boxes.  ...  This document describes the security and privacy rational, threat model and architectural risk analysis used by the project.  ...  Paper: "Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security" (to appear) by Sascha Fahl, Marian Harbach, Thomas Muders, Lars Baumgärtner, Bernd Freisleben, Matthew Smith. 2012 ACM  ... 
doi:10.5281/zenodo.1147031 fatcat:x53nqshe7jfqrnbq6urpvsj2ra

Secure Communication in Disaster Scenarios

Lars Baumgärtner, Freisleben, Bernd (Prof. Dr.), Mathematik Und Informatik
Using these approaches, the security of mobile device-to-device communication, the security of emergency apps running on mobile devices, and the security of server systems hosting cloud services are improved  ...  When available, a connection to cloud services in the Internet is a valuable aid in crisis and disaster management.  ...  TLS is fundamentally capable of preventing both Eve and Mallory from executing their attacks. However, the cases described above open up attack vectors for both Eve and Mallory.  ... 
doi:10.17192/z2019.0044 fatcat:n7vxw37ogbb7pjnvc6sd4q6fqu

On the importance of ecologically valid usable security research for end users and IT workers [article]

Sascha Fahl, University, My
APIs, both APIs providing safe defaults and APIs not providing safe defaults.Disclaimer: The contents of this chapter were previously published as part of the paper "Why Eve and Mallory Love Android:  ...  Administrators: Configuring HTTPS Webservers Disclaimer: The contents of this chapter were previously published as part of the paper "Why Eve and Mallory (Also) Love Webmasters: A Study on the Root Causes  ...  How many of these messages have more than one recipient? Post-Task Please rate the following questions regarding the mechanism you just used.  ... 
doi:10.15488/8668 fatcat:7oh5c5uplrdbdhwnejmhnfo5fi

Developer factor in software privacy [article]

Mohammad Tahaei, University Of Edinburgh, Kami Vaniea, Markulf Kohlweiss
Privacy champions face an uphill battle to counter many of the same privacy misconceptions seen in the general population, [...]  ...  For example, changes in regulations create challenges and hurdles for developers, such as creating privacy policies, managing permissions, and keeping user data private and secure.  ...  Acknowledgements This work was sponsored in part by Microsoft Research through its PhD Scholarship Program and a Google Research Award, and in part by the National Security Agency's Science of Security  ... 
doi:10.7488/era/1485 fatcat:cuv6itafdrdz3dif2s7mdox6ty