Tuesday, August 25, 2009

CUPS Director Lorrie Cranor Receives NSF Funding For Interdisciplinary Doctoral Program in Privacy and Security



Patrick Kelly of Tonawanda, N.Y., also said the new program will dovetail nicely with his privacy research. "I'm looking at how to improve the often arcane privacy policies all shoppers experience when surfing the Internet," said Kelly, a Ph.D. student at the Institute for Software Research in the School of Computer Science. "We would ultimately like to create a standard format for privacy rules."



CUPS Director Lorrie Cranor Receives NSF Funding For Interdisciplinary Doctoral Program in Privacy and Security

Carnegie Mellon University’s Lorrie Cranor and her colleagues received a five-year, $3 million grant from the National Science Foundation (NSF) to establish a Ph.D. program in usable privacy and security.
“Carnegie Mellon’s CyLab Usable Privacy and Security (CUPS) Doctoral Training Program will offer Ph.D. students a new cross-disciplinary training experience that helps them produce solutions to ongoing tensions between security, privacy and usability,” said Cranor, associate professor in the Institute for Software Research, the Department of Engineering and Public Policy and Carnegie Mellon CyLab — one of the largest university-based cybersecurity education and research centers in the world.
Cranor said the CUPS doctoral training program is designed to give students both classroom learning as well as collaborative research training with teams of mentors from different disciplines, internships and summer seminars …
The new CUPS program funded through the NSF’s Integrative Graduate Education and Research Traineeship program is now available to Ph.D. students across the university, including the programs in Computation, Organizations and Society, Engineering and Public Policy, Human Computer Interaction, Computer Science, Electrical and Computer Engineering, and Public Policy and Management.
Core faculty in the program include Alessandro Acquisti, an assistant professor of information technology and policy in the H. John Heinz III College and CyLab researcher; Lujo Bauer, a research scientist with Carnegie Mellon CyLab and the Electrical and Computer Engineering Department; Nicolas Christian, associate director in the Information Networking Institute and CyLab researcher; Julie Downs, a research scientist in the Social and Decision Sciences Department; Jason Hong, an assistant professor in the Human Computer Interaction Institute; Norman Sadeh, a professor in the Institute for Software Research and CyLab researcher; and Marios Savvides, director of the Carnegie Mellon CyLab Biometrics Center and a research scientist in the Department of Electrical and Computer Engineering.

Full text of the press release

For more information

Some Related Posts

CyLab CUPS Researchers Release Study on SSL Warning Effectiveness

Reflections on SOUPS 2009: Between Worlds, Cultivating Superior Cleverness, Awaiting a Shift in Consciousness

CyLab's Cranor Publishes in Scientific American --"How to Foil Phishing Scams"

CyLab Research on the Cost of Reading Privacy Policies Makes Waves

CyLab Chronicles: Q&A with Lorrie Cranor

Sunday, August 16, 2009

Android Security, Naked Keystrokes, Selling Viagra, Crying Wolf & More! -- A Report from the 18th USENIX Security Symposium (Montreal, 2009)

Montreal Harbor, 1889


The city proper covers most of the of the Island of Montreal at the confluence of the Saint Lawrence and Ottawa Rivers. The port of Montreal lies at one end of the Saint Lawrence Seaway, which is the river gateway that stretches from the Great Lakes into the Atlantic Ocean.[36] Montreal is defined by its location in between the St. Lawrence river on its south, and by the Rivière des Prairies on its north. The city is named after the most prominent geographical feature on the island, a three-head hill called Mount Royal, topped at 232 m above sea level. Wikipedia

Android Security, Naked Keystrokes, Selling Viagra, Crying Wolf & More! -- A Report from the 18th USENIX Security Symposium (Montreal, 2009)

By Richard Power


The 18th USENIX Security Symposium was held in Montreal, Quebec (August 10-14, 2009). This conference always provides an excellent opportunity to catch up on the thinking of some impressive minds and delivers the most technical content of all the major security-focused IT conferences.

USENIX distinguishes itself by being a non-profit organization, and acting like one. Seventy-nine students were given stipends to attend this year’s Security Symposium, at a cost of approximately $100,000. This is how USENIX spent the contributions of its sponsors, as well as a significant chunk of its own funds. None of the commercial conferences can lay claim to any such altruism.

I asked legendary login editor Rik Farrow (well, he is the Editor, and kept up the publication’s high standards for many years, enough to qualify as a legend in this field, and yes, he is my friend) how he would distinguish USENIX Security Symposium from the other major cyber security conferences?

“USENIX Sec is one of four top tier security research conferences, and certainly my favorite because accepted papers must include an implementation. So this goes well beyond theory.”

Rich Cannings, Android Security Leader at Google delivered the keynote, “Securing a Mobile Platform from the Ground Up.”

Here are my notes from the talk --

Cannings started off by breaking down the numbers:

-- 6.77 billion human beings on the planet.
-- 1.48 billion Internet-enabled PCs
-- 4.10 billion mobile phones, with a 12-18 month average replacement rate.
-- 1 billion mobile phone purchases per year

“And 13.5% of them are smart phones. This number will soon compare with the number of Internet enabled PCs, and they will become major security targets.”

Next, Cannings gave some background on Android:

Google’s Android is free, open source mobile program, intended to “empower both users and developers.”

It has a Linux kernel. It relies upon 90+ open source libraries (e.g., SQLite for structured data storage, OpenSSL, etc.). It supports common codes for sound, image, etc.

Android is also “designed to protect battery life.”

Developers don’t understand battery life
Users do.

In outlining Google’s security philosophy in regard to Android, Cannings articulated some of the premises with which they approach the issue:

-- Finite time and resources
-- Humans have difficulty understanding risk
-- Safer to assume that most developers do not understand security
-- Most users do not understand security

The cornerstones of the Android security philosophy, as formulated by Cannings, emphasize some basic needs:

-- Need to prevent security breaches from occurring
-- Need to detect them when they occur
-- Need to minimize their impact
-- Need to react to both to vulnerabilities and breaches swiftly

Cannings went on to explore each of these elements as they came into play in the development, roll-out and support of Android.

No one with serious experience in cyber security could argue with Cannings’ guiding principle: “Security is an ongoing process, not a checkbox.”

But of course, Android means “five millions lines of new code,” utilizing, as I mentioned earlier, one hundred open source libraries. And since Android is open source, Cannings remarked, it “can’t rely on obscurity.”

There are tremendous challenges ahead.

Farrow elaborates.

“I liked the keynote, as I am very concerned about the security of mobile devices. The obvious trend is for people to use their smart phones as their primary method for interacting with the Internet, and I would love to see the security of phone software fare MUCH better than Windows has in this area. Rich Canning did a good job of describing the Android security model, but I was left feeling that there are real weaknesses in the Android security model largely because the Android team is being rushed, and layering their security on top of ancient UNIX security features. The notion of relying on users to permit applications based on the number and importance of privileges required is flawed, as most people make poor security decisions (and there is lots of research to back this up).

“Android does present a chance to create a secure environment,” Farrow adds, “but it must also satisfy both developers and users if it is to be successful.”

The program committee received one hundred seventy submissions for this year’s Symposium, only twenty-six papers were accepted.

Martin Vuagnoux and Sylvain Pasini of LASEC/EPFL received an “Outstanding Paper” award for “Compromising Electromagnetic Emanations of Wired and Wireless Keyboards.” These students cobbled together a system capable of converting broad spectrum radio emissions of keyboards into actual keystrokes.

Roxana Geambasu, Tadayoshi Kohno, Amit A. Levy, and Henry M. Levy of University of Washington also received an “Outstanding Papers” awards for “Vanish: Increasing Data Privacy with Self-Destructing Data.”

Carnegie Mellon University was represented by Joshua Sunshine, who presented “Crying Wolf: An Empirical Study of SSL Warning Effectiveness,” headline-grabbing research conducted with Serge Egelman, Hazim Almuhimedi, and Neha Atri, under the guidance of Lorrie Cranor, Director of CyLab’s Usability of Privacy and Security Lab.

Of course, CyBlog covered this compelling research, recently, when the story broke. (See CyLab CUPS Researchers Release Study on SSL Warning Effectiveness)

CyLab corporate partners can read my full report on the 2009 USENIX Security Symposium, including my notes on Vern Paxson's “How the Pursuit of Truth Led Me to Selling Viagra” and interview with Metronics 4.0 chair, Jennifer Bayuk, in the Intelligence Briefing section of the CyLab partners-only portal.

Sunday, August 9, 2009

Report from An Ancient Future: Auspicious Day of Celebration for the 7th Graduating Class of Carnegie Mellon’s Silicon Valley Campus



“Over the next twenty, thirty, forty years, when the Carnegie Mellon leadership looks back at this campus, and at 2008 … Some- times, when you look back at a decision, you say, ‘What was I thinking when I did this?’ But with this decision people are going to look back, and say, ‘Was the person a genius who did this?’ That is the kind of impact this campus is going to create.” Pradeep Khosla, 8-7-09

Report from An Ancient Future: Auspicious Day of Celebration for the 7th Graduating Class of Carnegie Mellon’s Silicon Valley Campus

By Richard Power


For the ancient Greek philosopher Pythagoras, all the numbers were sacred and carried spiritual meaning, but he considered seven the “perfect number,” because it contained both the triangle and the square; and he saw it as the basis for his “Music of the Spheres.” Down through history, from pagan pantheons of pre-Christian Europe to the pages of Genesis, from the fortune-tellers of the Roma to the blues artists of the Mississippi Delta, and from the symbolism of the Masons to the gaming tables from Monaco to Macau, seven has been known as a “lucky number.”

So it is not surprising, and certainly worthy of note that the circumstances surrounding the seventh graduating class of Carnegie Mellon’s Silicon Valley campus strike the careful observer as particularly auspicious.

Consider the perspective of Pradeep Khosla, Dean of the College of Engineering and founder of Carnegie Mellon CyLab, shared with over one hundred Silicon Valley alumni at a gathering on the eve of the graduation ceremony.

“Even though it is just only one building, a very small campus in relation to Pittsburgh, but nonetheless, it is a high-impact campus. The people that come here as students are typically non-traditional students; these are not typically 22-year-old students coming here to get their Master’s, these are people of experience, with a clear zeal for what they do, and a clear goal for what they want to accomplish.

“Over the next twenty, thirty, forty years, when the Carnegie Mellon leadership looks back at this campus, and at 2008 … Sometimes, when you look back at a decision, you say, ‘What was I thinking when I did this?’ But with this decision people are going to look back, and say, ‘Was the person a genius who did this?’ That is the kind of impact this campus is going to create.”

“Over the last year and a half, several changes have happened: there are several new programs on this campus, instead of just being a part-time evening campus, there are full-time programs. Now if you come here during the day you see people running around … there is a new, state-of-the-art distance learning class-room that has been built, and two more are going to be built. These changes are all coupled to our vision of being an international campus … We have several international locations – Portugal, Greece, Japan, Korea, Australia, and right now we are working on a project for Africa, in Rwanda. I look at this campus as one of the transit points, one of the stations that many of our international students will visit during their two years in our international programs. There is no better place than Silicon Valley to show the world what America is all about, what entrepreneurship is all about, what a can-do culture is all about. This campus really epitomizes that.”

Martin Griss, who has taken over as Director of the Silicon Valley Campus , added some granularity to the bold strokes of Dean Khosla’s vision:

“We have started a full-time software engineering program. Tomorrow we will graduate nine students who are part of our full-time program. We will graduate 44 part-time students. The incoming class is really exciting. We will have 21 full-time students, and seventy-one part-time students. We have started a PhD. program, which is a bi-coastal with ECE – something we have already wanted to have. We will have 8 PhD. students by December.”

“What I see as our mission moving forward is to continue strengthening and growing education, it’s doing great but we want to expand it, while building up research even more, we have a good research program, which started in Mobility last year, and we want to do more in that area, and we are particularly excited about growing entrepreneurship outreach, growing the program both inside the campus and connecting more to Silicon Valley.”

In their remarks, both Khosla and Griss honored founder Jim Morris.

Khosla described Morris’ effort as “revolutionary and impactful.”

Griss added, “When Jim started there was nothing here but his vision.”

Underscoring the theme of Carnegie Mellon’s commitment to globalism, Mara Barker, Director for Regional Programs, Alumni Relations, spoke of the Multidimensional Global Perspective:

“We have campuses and programs all over the world, but it is more than that. We have faculty and students from all over the world. And when you mix global campuses, global students, global faculty and global research, you have global impact. That is something quite powerful and wonderful that many universities don’t have.”

The graduation ceremony was held in a large white tent on a grassy field, under yet another azure sky. Over 45 students from 10 countries stepped to the stage to receive their hard-earned diplomas. They were led to the ceremony by a bagpiper in kilt.

The precise historical origin of the bagpipe is as yet undetermined; its visage began to appear in the iconography of Europe early in the second Millennium, and they are mentioned in the Canterbury Tales, i.e., approximately, 1380 (although it is quite possible that it is as ancient as Pythagorean science of numbers).

However they found their way into this world, whenever they are heard, they have a powerful effect on the listener. The stirring sound bagpipe is an integral element of formal occasions within the Carnegie Mellon University tradition, reflecting the influence of Andrew Carnegie’s Scottish roots. (Indeed, Carnegie Mellon is one of the few universities in the U.S. to offer a degree in bagpipes.)

The keynote speaker for the graduation ceremony was Liz King, a Vice-President and General Manager for Hitachi.

“Throughout her career,” Griss said in his introduction,” she has been responsible for building relationships with strategic alliance partners on a global basis, and for leveraging those relationships to drive new growth of both existing and new markets and has successfully assisted companies in world-wide strategies and international business development.”

King shared some insights from her rich experience, exhorting the graduates to cultivate both a strong network of colleagues and a fiercely open mind:

“A deep and active people network will provide you with a dazzling array of opportunities and choices.”

“The best way to cope with this chaotic world is to have an open mind. Conscious or unconscious constraints on how we view ourselves, our employers, our products and our competitors, everything needs to be critically examined on a real-time basis.”

But King also cautioned against trying to be successful running 20th Century strategies in a 21st Century world:

“How do you navigate through this dynamic high-tech world? Years ago, when the world was much more linear, the conventional wisdom was to set specific goals and manage to them. Well, anyone with a pulse-rate over 50 knows today life outcomes are more closely modeled by quadratic equations and pathways that look more like a strand of DNA than a straight line. The modern world is anything but linear, so stay in friendly relationship with that fact. Why don’t you replace the goal orientation with the vector orientation. Go ahead and set your goals, but detach from the outcomes, and focus on the vector, the path … For every one goal you would like to achieve there exist many others of equal or greater value that you can’t even imagine.”

Ray Bareiss, Director of Educational Programs, presented two of the graduating students with awards.

Alok Rishi received the Dean’s Return on Education Award:

“Having worked for Sun Microsystems for 19 years, this year’s recipient of the Return on Education Award joined the Carnegie Mellon Software Management program, seeking to ‘step out of his comfort zone.’ Shortly after enrolling in the program, he was able to gain the skills and confidence to begin thinking and behaving like a leader. His actions were clearly recognized by his global peer group of 1,500 engineers at Sun, who nominated him to be Principle Engineer. But he didn’t stop there … he left Sun after nearly 21 years to start Yunteq, a software company developing key enabling technology for Cloud computing … By continuing to tell his own story of transformation to his peers, he hopes to inspire others to make similar changes in their own professional lives.”


Daniel Maycock received the Outstand- ing Service Award:

“Dan has been a great ambass- ador for Carnegie Mellon at Boeing in Washing- ton State and tirelessly worked to help us set up inform- ation sessions, promote our programs, and connect with the larger Boeing community ... He serves as an admissions ambassador, speaking with prospective students and answering questions about the Master’s degree program and curriculum …. His enthusiasm for the school and for his program is contagious and generates excitement among his classmates and colleagues, several of whom have applied to the program as a direct result of his outreach.”
Here are some of the many faces of this year’s graduating class, the seventh in the young life of Silicon Valley. Many of you will soon be hearing their names, investing in their ideas, leveraging their work, and vying for their vision, energy and skills.

They are after all the sons and daughters of the seventh year.




Monday, August 3, 2009

CyLab CUPS Researchers Release Study on SSL Warning Effectiveness



"People get pop-ups in their browsers and they say something about security and they don't know what they are, so they swat them away," said Lorrie Cranor, associate professor of computer science and engineering at Carnegie Mellon. "Nothing bad happened before and they think nothing bad will happen again." ABC News, 7-30-09



CyLab CUPS Researchers Release Study on SSL Warning Effectiveness

Josh Sunshine will be presenting the paper Crying Wolf: An Empirical Study of SSL Warning Effectiveness at the USENIX 2009 Security Symposium.

Co-authored by with Serge Egelman, Hazim Almuhimedi, Neha Atri, and Lorrie Faith Cranor, Crying Wolf is another compelling example of how Carnegie Mellon University CyLab is helping to both frame the dialogue and deliver the goods on how best to raise awareness and deliver effective user education:

We conducted a survey of over 400 Internet users to examine their reactions to and understanding of current SSL warnings.
We then designed two new warnings using warnings science principles and lessons learned from the survey … Our results suggest that, while warnings can be improved, a better approach may be to minimize the use of SSL warnings altogether by blocking users from making unsafe connections and eliminating warnings in benign situations.
Crying Wolf: An Empirical Study of SSL Warning Effectiveness

Dr. Cranor, Director of the CyLab Center for Usable Privacy and Security (CUPS), was quoted in several news media stories breaking the study’s results.

Here is a sampling with links to the full texts:

After studying the behavior of more than 400 Internet users, Carnegie Mellon University computer researchers concluded that because users encounter so many pop-up warnings in benign situations, they have become immune to the messages … People get pop-ups in their browsers and they say something about security and they don't know what they are, so they swat them away," said Lorrie Cranor, associate professor of computer science and engineering at Carnegie Mellon. "Nothing bad happened before and they think nothing bad will happen again." ABC News, 7-30-09

“The big takeaway is that computer security warnings are not an effective way of addressing computer security,” study researcher and co-author Lorrie Faith Cranor, an associate professor of computer science, engineering and public policy at Carnegie Mellon University, told SCMagazineUS.com on Tuesday. “People don't read warnings and don't understand them when they do read them” … In addition, researchers also surveyed experts – those with an IT-related degree, computer security work experience or programming knowledge – to see if they would behave any differently when receiving a warning. Researchers found that even experts often ignored the warnings, indicating that the system of relying on warnings to communicate computer security risks is “fundamentally broken,” Cranor said. SC Magazine, 7-28-09

"Everyone knew that there was a problem with these warnings," said Joshua Sunshine, a Carnegie Mellon graduate student and one of the paper's co-authors. "Our study showed dramatically how big the problem was … hey found that people often had a mixed-up understanding of certificate warnings. For example, many thought they could ignore the messages when visiting a site they trust, but that they should be more wary at less-trustworthy sites. "That's sort of a backwards understanding of what these messages mean," Sunshine said. "The message is validating that you're visiting the site you think you're visiting, not that the site is trustworthy." Computerworld, 7-24-09