|CMU CyLab's Dr. Lorrie Cranor, Founder of CUPS and SOUPS preps|
for welcoming remarks at SOUPS 2014
Perhaps more poignantly than any previous SOUPS keynote, Christopher Soghoian of American Civil Liberties Union (ACLU) articulated the vital nature of research into usable privacy and security. Putting flesh and blood on these issues, Soghoian used examples from the shadow world of investigative reporters and whistle-blowers to highlight the need for privacy and security software that is not only robust but eminently usable. One great benefit of the revelations brought forth by Glenn Greenwald in the Edward Snowden affair, Soghoian opined, is that there has been increased crypto adoption by journalists.
But the heightened engagement has also brought long-standing problems into a harsh new light. For example, Soghoian told SOUPS attendees, many investigative journalists using PGP still do not realize subject lines are not encrypted. "The best our community has to offer sucks, the usability and the default values suck," Soghoian declared, "the software is not protecting journalists and human rights activists, and that's our fault as researchers"
As contributing markets factors for why we still don't have usable encryption, Soghoian cited: potential data loss ("telling your customer that they've just lost every photo of their children is a non starter"), current business models, and of course, government pressure.
|Facebook HQ Signage, 1 Hacker Way, Menlo Park|
[NOTE: Full-length video of Soghoian's keynote is available via the CyLab YouTube Channel.]
Several awards were also announced during the opening sessions, including:
The 2014 IAPP SOUPS Privacy Award for the paper with the most practical application in the field of privacy went to Would a Privacy Fundamentalist Sell Their DNA for $1000...If Nothing Bad Happened as a Result? The Westin Categories, Behavioral Intentions, and Consequences authored by Allison Woodruff, Vasyl Pihur, Sunny Consolvo, and Lauren Schmidt of Google; and Laura Brandimarte and Alessandro Acquisti of Carnegie Mellon University.
The 2014 SOUPS Impact Award for a SOUPS paper "published between 2005 and 2009 that has had a significant impact on usable privacy and security research and practice" went to Usability of CAPTCHAs or Usability Issues in CAPTCHA Design authored in 2008 by Jeff Yan and Ahmad Salah El Ahmad of Newcastle University (UK).
Two Distinguished Papers awards were presented:
Understanding and Specifying Social Access Control Lists, authored by Mainack Monda of Max Planck Institute for Software Systems (MPI-SWS), Yabing Liu of Northeastern University, Bimal Viswanath and Krishna P. Gummadi of Max Planck Institute for Software Systems (MPI-SWS), and Alan Mislove of Northeastern University.
Crowdsourcing Attacks on Biometric Systems, authored by Saurabh Panjwani, an independent consultant and Achintya Prakash of University of Michigan.
Carnegie Mellon University (CMU), home to the CyLab Usable Privacy and Security (CUPS) Lab and the MSIT-Privacy Engineering Masters Program was well-represented in the proceeding.
In addition to the IAPP SOUPS Privacy Award winning "Would a Privacy Fundamentalist Sell Their DNA for $1000...If Nothing Bad Happened as a Result? The Westin Categories, Behavioral Intentions, and Consequences," co-authored with Google researchers, several other CMU papers were presented:
Parents’ and Teens’ Perspectives on Privacy In a Technology-Filled World, authored by Lorrie Faith Cranor, Adam L. Durity, Abigail Marsh, and Blase Ur, Carnegie Mellon University
Privacy Attitudes of Mechanical Turk Workers and the U.S. Public, authored by Ruogu Kang, Carnegie Mellon University, Stephanie Brown, Carnegie Mellon University and American University, Laura Dabbish and Sara Kiesler, Carnegie Mellon University
|CMU researcher Ruogu Kang presenting|
Privacy Attitudes of Mechanical Turk Workers and the U.S. Public
The Effect of Social Influence on Security Sensitivity, authored by Sauvik Das, Tiffany Hyun-Jin Kim, Laura A. Dabbish, and Jason I. Hong, Carnegie Mellon University
Modeling Users’ Mobile App Privacy Preferences: Restoring Usability in a Sea of Permission Settings, authored by Jialiu Lin, Bin Liu, Norman Sadeh, and Jason I. Hong, Carnegie Mellon University
The full proceedings of SOUPS 2014 are available via USENIX.
-- Richard Power
Check out CyLab CyBlog's Archive of SOUPS Coverage
A Distinguish Paper Award for CUPS, and Other News from Ninth Annual SOUPS 2013
CyLab's SOUPS 2012 Continues Its Ongoing, Deepening Dialogue on What Works and What Doesn't
SOUPS 2011 Advances Vital Exploration of Usability and Its Role in Strengthening Privacy and Security
SOUPS 2010: Insight into Usable Privacy & Security Deepens at 6th Annual Symposium
Reflections on SOUPS 2009: Between Worlds, Cultivating Superior Cleverness, Awaiting a Shift in Consciousness
Glimpses into the Fourth Annual Symposium on Usable Security and Privacy (SOUPS 2008)
|Mike Farb of CyLab's SafeSlinger project presents during the 2014 EFF Crypto Usability Prize (EFF CUP)|
Workshop on Day One of SOUPS 2014