SlideShare una empresa de Scribd logo

How to Analyze the Privacy of 1 Million Smartphone Apps

Descargar como PPTX, PDF
Jason Hong
Jason Hong

These slides are from a briefing to Congressional staffers about privacy, October 30 2014. It talks about our ongoing work with PrivacyGrade.org, which uses crowdsourcing techniques plus static analysis techniques to infer the privacy-related behaviors of apps.

Tecnología
1 de 23
©2014 Carnegie Mellon University : 1 How to Analyze the Privacy of 1 Million Smartphone Apps Oct 30 2014 Jason Hong jasonh@cs.cmu.edu Computer Human Interaction: Mobility Privacy Security
©2014 Carnegie Mellon University : 2 In the near future, our smartphones will know everything about us
©2014 Carnegie Mellon University : 3 Smartphones are Intimate • Mobile phones and millennials (Cisco 2012): • 75% use in bed before sleep • 83% sleep with their phones • 90% check first thing in the morning • A third use in bathroom (!!) • A fifth check every ten minutes
©2014 Carnegie Mellon University : 4 Lots of Data on Smartphones Who we know (contact list) Who we call (call log) Who we text (sms log)
©2014 Carnegie Mellon University : 5 Lots of Data on Smartphones Where we go (gps, foursquare) Photos (some geotagged) Sensors (accel, sound, light)
©2014 Carnegie Mellon University : 6 The Opportunity • We are creating a worldwide sensor network with these smartphones • Can analyze human behavior unprecedented fidelity and scale
©2014 Carnegie Mellon University : 7 These Capabilities Can Be Used for Tremendous Good • Ex. detecting onset of depression • Ex. understanding cities • Ex. next-gen intelligent agents
©2014 Carnegie Mellon University : 8 These Capabilities Can Also Be Creepy and Invasive Shared your location, gender, unique phone ID, phone# with advertisers Uploaded your entire contact list to their server (including phone #s)
©2014 Carnegie Mellon University : 9 Many Smartphone Apps Have “Unusual” Permissions Location Data Unique device ID Location Data Network Access Unique device ID Location Data Unique device ID
Nissan Maxima Gear Shift ©2014 Carnegie Mellon University : 10
©2014 Carnegie Mellon University : 11 Privacy as Expectations • Apply this same idea of mental models for privacy – Compare what people expect an app to do vs what an app actually does – Emphasize the biggest gaps, misconceptions that many people had App Behavior (What an app actually does) User Expectations (What people think the app does)
©2014 Carnegie Mellon University : 12 85% users were surprised this app sent their phone’s unique ID to mobile ads providers. 25% users were surprised this app sent their approximate location to dictionary.com for searching nearby words. 10% users were surprised this app wrote contents to their SD card. 0% users were surprised this app could control their audio settings. See all 95% users were surprised this app sent their approximate location to mobile ads providers. 95% users were surprised this app sent their phone’s unique ID to mobile ads providers. 90% users were surprised this app sent their precise location to mobile ads providers. 0% users were surprised this app can control camera flashlight.
©2014 Carnegie Mellon University : 13 Results for Location Data (N=20 per app, Expectations Condition) App Comfort Level (-2 – 2) Maps 1.52 GasBuddy 1.47 Weather Channel 1.45 • People more Foursquare 0.95 TuneIn Radio 0.60 Evernote 0.15 Angry Birds -0.70 Brightest Flashlight Free -1.15 Toss It -1.2 comfortable when told why app used data (even ads) • Our work helped influence FTC in fining Brightest Flashlight in Dec 2013
Scaling Up to 1 Million Apps ©2014 Carnegie Mellon University : 14
©2014 Carnegie Mellon University : 15 Scaling Up to 1 Million Apps • Crawled 1M apps on Google Play • Created a model to predict concerns – Ex. Contact list for social network mild – Ex. Contact list for ads very bad • Analyzed 1M apps for behaviors – Advertising, analytics, social net, other • Assigned grades based on model
©2014 Carnegie Mellon University : 16
©2014 Carnegie Mellon University : 17 What permissions used and why
©2014 Carnegie Mellon University : 18 Libraries are reusable pieces of code Most sensitive data requests due to third-party libraries
©2014 Carnegie Mellon University : 19 Check it out at privacygrade.org
©2014 Carnegie Mellon University : 20 Reflections on Privacy • FTC overwhelmed by sheer numbers – Too many web sites, hardware, apps • Developers don’t know what to do – State of developer tools also poor • NSF funding flat, unpredictable • Business models predicated on leveraging lots of user data • Too much burden on end-users
©2014 Carnegie Mellon University : 21 Reflections on Privacy • FTC (and third parties) need better tools to detect privacy problems – Scale up what FTC lawyers manually do today – Consider FTC fund 6.1, 6.2, 6.3 research • Expand NSF funding – Both education and research (centers) • Developers – Consider NIST holding developer conferences to work out best practices for privacy – Longer term: fund scholarships for privacy
©2014 Carnegie Mellon University : 22 Reflections on Privacy • Operating Systems / App Markets – Nearly every app distributed via markets – Ex. Make devs more aware of 3rd party issues – Ex. Better tools to help average developer – Not clear if much government can do here other than embarrassing Google, Apple • Businesses – Slap wrist of most egregious to set tone – Need to be careful not to squelch innovation • Ex. Facebook Newsfeed initially unpopular – Clearer rules for advertisers
©2014 Carnegie Mellon University : 23 Thanks! More info at cmuchimps.org or email jasonh@cs.cmu.edu • Shah Amini • Song Luan • Yuvraj Agarwal Special thanks to: • Army Research Office • NSF • Google • CMU Cylab • Jialiu Lin • Norman Sadeh

Recomendados

Privacy, Ethics, and Big (Smartphone) Data, at Mobisys 2014
Privacy, Ethics, and Big (Smartphone) Data, at Mobisys 2014Privacy, Ethics, and Big (Smartphone) Data, at Mobisys 2014
Privacy, Ethics, and Big (Smartphone) Data, at Mobisys 2014Jason Hong
 
Introduction to User Experience and User Interface Design: A One-Hour Crash C...
Introduction to User Experience and User Interface Design: A One-Hour Crash C...Introduction to User Experience and User Interface Design: A One-Hour Crash C...
Introduction to User Experience and User Interface Design: A One-Hour Crash C...Jason Hong
 
Social Cybersecurity: Applying Social Psychology to Cybersecurity, at SecHuma...
Social Cybersecurity: Applying Social Psychology to Cybersecurity, at SecHuma...Social Cybersecurity: Applying Social Psychology to Cybersecurity, at SecHuma...
Social Cybersecurity: Applying Social Psychology to Cybersecurity, at SecHuma...Jason Hong
 
PrivacyGrade and Social Cybersecurity, talk at FTC July 2015
PrivacyGrade and Social Cybersecurity, talk at FTC July 2015PrivacyGrade and Social Cybersecurity, talk at FTC July 2015
PrivacyGrade and Social Cybersecurity, talk at FTC July 2015Jason Hong
 
Intelligent Agents for Helping Humanity Reach Its Full Potential
Intelligent Agents for Helping Humanity Reach Its Full PotentialIntelligent Agents for Helping Humanity Reach Its Full Potential
Intelligent Agents for Helping Humanity Reach Its Full PotentialJason Hong
 
Social Cybersecurity , or, A Computer Scientist's View of HCI and Theory, at ...
Social Cybersecurity , or, A Computer Scientist's View of HCI and Theory, at ...Social Cybersecurity , or, A Computer Scientist's View of HCI and Theory, at ...
Social Cybersecurity , or, A Computer Scientist's View of HCI and Theory, at ...Jason Hong
 
Leveraging Human Factors for Effective Security Training, for ISSA 2013 CISO ...
Leveraging Human Factors for Effective Security Training, for ISSA 2013 CISO ...Leveraging Human Factors for Effective Security Training, for ISSA 2013 CISO ...
Leveraging Human Factors for Effective Security Training, for ISSA 2013 CISO ...Jason Hong
 
The Role of Social Influence In Security Feature Adoption, at CSCW 2015
The Role of Social Influence In Security Feature Adoption, at CSCW 2015The Role of Social Influence In Security Feature Adoption, at CSCW 2015
The Role of Social Influence In Security Feature Adoption, at CSCW 2015Jason Hong
 

Recomendados

Privacy, Ethics, and Big (Smartphone) Data, at Mobisys 2014
Privacy, Ethics, and Big (Smartphone) Data, at Mobisys 2014Privacy, Ethics, and Big (Smartphone) Data, at Mobisys 2014
Privacy, Ethics, and Big (Smartphone) Data, at Mobisys 2014Jason Hong
 
Introduction to User Experience and User Interface Design: A One-Hour Crash C...
Introduction to User Experience and User Interface Design: A One-Hour Crash C...Introduction to User Experience and User Interface Design: A One-Hour Crash C...
Introduction to User Experience and User Interface Design: A One-Hour Crash C...Jason Hong
 
Social Cybersecurity: Applying Social Psychology to Cybersecurity, at SecHuma...
Social Cybersecurity: Applying Social Psychology to Cybersecurity, at SecHuma...Social Cybersecurity: Applying Social Psychology to Cybersecurity, at SecHuma...
Social Cybersecurity: Applying Social Psychology to Cybersecurity, at SecHuma...Jason Hong
 
PrivacyGrade and Social Cybersecurity, talk at FTC July 2015
PrivacyGrade and Social Cybersecurity, talk at FTC July 2015PrivacyGrade and Social Cybersecurity, talk at FTC July 2015
PrivacyGrade and Social Cybersecurity, talk at FTC July 2015Jason Hong
 
Intelligent Agents for Helping Humanity Reach Its Full Potential
Intelligent Agents for Helping Humanity Reach Its Full PotentialIntelligent Agents for Helping Humanity Reach Its Full Potential
Intelligent Agents for Helping Humanity Reach Its Full PotentialJason Hong
 
Social Cybersecurity , or, A Computer Scientist's View of HCI and Theory, at ...
Social Cybersecurity , or, A Computer Scientist's View of HCI and Theory, at ...Social Cybersecurity , or, A Computer Scientist's View of HCI and Theory, at ...
Social Cybersecurity , or, A Computer Scientist's View of HCI and Theory, at ...Jason Hong
 
Leveraging Human Factors for Effective Security Training, for ISSA 2013 CISO ...
Leveraging Human Factors for Effective Security Training, for ISSA 2013 CISO ...Leveraging Human Factors for Effective Security Training, for ISSA 2013 CISO ...
Leveraging Human Factors for Effective Security Training, for ISSA 2013 CISO ...Jason Hong
 
The Role of Social Influence In Security Feature Adoption, at CSCW 2015
The Role of Social Influence In Security Feature Adoption, at CSCW 2015The Role of Social Influence In Security Feature Adoption, at CSCW 2015
The Role of Social Influence In Security Feature Adoption, at CSCW 2015Jason Hong
 
Less is More: An Empirical Investigation of the Relationship Between Amount o...
Less is More: An Empirical Investigation of the Relationship Between Amount o...Less is More: An Empirical Investigation of the Relationship Between Amount o...
Less is More: An Empirical Investigation of the Relationship Between Amount o...UXPA International
 
How to use Big Data to drive product strategy and adoption
How to use Big Data to drive product strategy and adoptionHow to use Big Data to drive product strategy and adoption
How to use Big Data to drive product strategy and adoptionUXPA International
 
How to Analyze the Privacy of 750000 Smartphone Apps
How to Analyze the Privacy of 750000 Smartphone Apps How to Analyze the Privacy of 750000 Smartphone Apps
How to Analyze the Privacy of 750000 Smartphone Apps Jason Hong
 
Byod presentation jessica cowart_module_7
Byod presentation jessica cowart_module_7Byod presentation jessica cowart_module_7
Byod presentation jessica cowart_module_7JLCT23
 
Eye Tracking the User Experience of Mobile: What You Need to Know
Eye Tracking the User Experience of Mobile: What You Need to KnowEye Tracking the User Experience of Mobile: What You Need to Know
Eye Tracking the User Experience of Mobile: What You Need to KnowJennifer Romano Bergstrom
 
Cribbett and Redelinghuys - Cutting Edge of NewMR 2015
Cribbett and Redelinghuys - Cutting Edge of NewMR 2015Cribbett and Redelinghuys - Cutting Edge of NewMR 2015
Cribbett and Redelinghuys - Cutting Edge of NewMR 2015Ray Poynter
 
So much UX data! Now what?
So much UX data! Now what?So much UX data! Now what?
So much UX data! Now what?Jennifer Romano Bergstrom
 
Web Survey and Forms Usability Design & Testing
Web Survey and Forms Usability Design & TestingWeb Survey and Forms Usability Design & Testing
Web Survey and Forms Usability Design & TestingJennifer Romano Bergstrom
 
Unifying the UX of a Survey Across Multiple Devices (MoDevEast 2013)
Unifying the UX of a Survey Across Multiple Devices (MoDevEast 2013)Unifying the UX of a Survey Across Multiple Devices (MoDevEast 2013)
Unifying the UX of a Survey Across Multiple Devices (MoDevEast 2013)Jennifer Romano Bergstrom
 
Ontela PicDeck (B): Case Analysis
Ontela PicDeck (B): Case AnalysisOntela PicDeck (B): Case Analysis
Ontela PicDeck (B): Case AnalysisChristopher Ortiz, MBA, PMP
 
Behavioral Analytics with Smartphone Data. Talk at Strata + Hadoop World 2014...
Behavioral Analytics with Smartphone Data. Talk at Strata + Hadoop World 2014...Behavioral Analytics with Smartphone Data. Talk at Strata + Hadoop World 2014...
Behavioral Analytics with Smartphone Data. Talk at Strata + Hadoop World 2014...Joerg Blumtritt
 
Networked worlds and networked enterprises
Networked worlds and networked enterprisesNetworked worlds and networked enterprises
Networked worlds and networked enterprisesPew Research Center's Internet & American Life Project
 
Ontela picdeck
Ontela picdeckOntela picdeck
Ontela picdeckLoukik Huilgolkar
 
Ontella
OntellaOntella
OntellaYamna Rashid
 
Detection and Minimization Influence of Rumor in Social Network
Detection and Minimization Influence of Rumor in Social NetworkDetection and Minimization Influence of Rumor in Social Network
Detection and Minimization Influence of Rumor in Social NetworkIRJET Journal
 
Kipp Bodnar - The Future of Social Media at HUG 2017
Kipp Bodnar - The Future of Social Media at HUG 2017Kipp Bodnar - The Future of Social Media at HUG 2017
Kipp Bodnar - The Future of Social Media at HUG 2017SD Inbound Marketing
 
Boomerangers, teens & app enthusiasts- best practices for deploying mobile app
Boomerangers, teens & app enthusiasts- best practices for deploying mobile appBoomerangers, teens & app enthusiasts- best practices for deploying mobile app
Boomerangers, teens & app enthusiasts- best practices for deploying mobile appMerlien Institute
 
The Testing Planet Issue 7
The Testing Planet Issue 7The Testing Planet Issue 7
The Testing Planet Issue 7Rosie Sherry
 
Network effects presentation for blogger
Network effects presentation for bloggerNetwork effects presentation for blogger
Network effects presentation for bloggerdtait1
 
Mobile Data Analytics
Mobile Data AnalyticsMobile Data Analytics
Mobile Data AnalyticsJoerg Blumtritt
 
Analyzing the Privacy of Smartphone Apps, for CMU Cylab Talk on April 2013
Analyzing the Privacy of Smartphone Apps, for CMU Cylab Talk on April 2013Analyzing the Privacy of Smartphone Apps, for CMU Cylab Talk on April 2013
Analyzing the Privacy of Smartphone Apps, for CMU Cylab Talk on April 2013Jason Hong
 
Using Mobile Technology for Patient Recruitment Webinar
Using Mobile Technology for Patient Recruitment WebinarUsing Mobile Technology for Patient Recruitment Webinar
Using Mobile Technology for Patient Recruitment WebinarPatientWise
 

Más contenido relacionado

La actualidad más candente

Less is More: An Empirical Investigation of the Relationship Between Amount o...
Less is More: An Empirical Investigation of the Relationship Between Amount o...Less is More: An Empirical Investigation of the Relationship Between Amount o...
Less is More: An Empirical Investigation of the Relationship Between Amount o...UXPA International
 
How to use Big Data to drive product strategy and adoption
How to use Big Data to drive product strategy and adoptionHow to use Big Data to drive product strategy and adoption
How to use Big Data to drive product strategy and adoptionUXPA International
 
How to Analyze the Privacy of 750000 Smartphone Apps
How to Analyze the Privacy of 750000 Smartphone Apps How to Analyze the Privacy of 750000 Smartphone Apps
How to Analyze the Privacy of 750000 Smartphone Apps Jason Hong
 
Byod presentation jessica cowart_module_7
Byod presentation jessica cowart_module_7Byod presentation jessica cowart_module_7
Byod presentation jessica cowart_module_7JLCT23
 
Eye Tracking the User Experience of Mobile: What You Need to Know
Eye Tracking the User Experience of Mobile: What You Need to KnowEye Tracking the User Experience of Mobile: What You Need to Know
Eye Tracking the User Experience of Mobile: What You Need to KnowJennifer Romano Bergstrom
 
Cribbett and Redelinghuys - Cutting Edge of NewMR 2015
Cribbett and Redelinghuys - Cutting Edge of NewMR 2015Cribbett and Redelinghuys - Cutting Edge of NewMR 2015
Cribbett and Redelinghuys - Cutting Edge of NewMR 2015Ray Poynter
 
Web Survey and Forms Usability Design & Testing
Web Survey and Forms Usability Design & TestingWeb Survey and Forms Usability Design & Testing
Web Survey and Forms Usability Design & TestingJennifer Romano Bergstrom
 
Unifying the UX of a Survey Across Multiple Devices (MoDevEast 2013)
Unifying the UX of a Survey Across Multiple Devices (MoDevEast 2013)Unifying the UX of a Survey Across Multiple Devices (MoDevEast 2013)
Unifying the UX of a Survey Across Multiple Devices (MoDevEast 2013)Jennifer Romano Bergstrom
 
Behavioral Analytics with Smartphone Data. Talk at Strata + Hadoop World 2014...
Behavioral Analytics with Smartphone Data. Talk at Strata + Hadoop World 2014...Behavioral Analytics with Smartphone Data. Talk at Strata + Hadoop World 2014...
Behavioral Analytics with Smartphone Data. Talk at Strata + Hadoop World 2014...Joerg Blumtritt
 
Detection and Minimization Influence of Rumor in Social Network
Detection and Minimization Influence of Rumor in Social NetworkDetection and Minimization Influence of Rumor in Social Network
Detection and Minimization Influence of Rumor in Social NetworkIRJET Journal
 
Kipp Bodnar - The Future of Social Media at HUG 2017
Kipp Bodnar - The Future of Social Media at HUG 2017Kipp Bodnar - The Future of Social Media at HUG 2017
Kipp Bodnar - The Future of Social Media at HUG 2017SD Inbound Marketing
 
Boomerangers, teens & app enthusiasts- best practices for deploying mobile app
Boomerangers, teens & app enthusiasts- best practices for deploying mobile appBoomerangers, teens & app enthusiasts- best practices for deploying mobile app
Boomerangers, teens & app enthusiasts- best practices for deploying mobile appMerlien Institute
 
The Testing Planet Issue 7
The Testing Planet Issue 7The Testing Planet Issue 7
The Testing Planet Issue 7Rosie Sherry
 
Network effects presentation for blogger
Network effects presentation for bloggerNetwork effects presentation for blogger
Network effects presentation for bloggerdtait1
 

La actualidad más candente (20)

Less is More: An Empirical Investigation of the Relationship Between Amount o...
Less is More: An Empirical Investigation of the Relationship Between Amount o...Less is More: An Empirical Investigation of the Relationship Between Amount o...
Less is More: An Empirical Investigation of the Relationship Between Amount o...
 
How to use Big Data to drive product strategy and adoption
How to use Big Data to drive product strategy and adoptionHow to use Big Data to drive product strategy and adoption
How to use Big Data to drive product strategy and adoption
 
How to Analyze the Privacy of 750000 Smartphone Apps
How to Analyze the Privacy of 750000 Smartphone Apps How to Analyze the Privacy of 750000 Smartphone Apps
How to Analyze the Privacy of 750000 Smartphone Apps
 
Byod presentation jessica cowart_module_7
Byod presentation jessica cowart_module_7Byod presentation jessica cowart_module_7
Byod presentation jessica cowart_module_7
 
Eye Tracking the User Experience of Mobile: What You Need to Know
Eye Tracking the User Experience of Mobile: What You Need to KnowEye Tracking the User Experience of Mobile: What You Need to Know
Eye Tracking the User Experience of Mobile: What You Need to Know
 
Cribbett and Redelinghuys - Cutting Edge of NewMR 2015
Cribbett and Redelinghuys - Cutting Edge of NewMR 2015Cribbett and Redelinghuys - Cutting Edge of NewMR 2015
Cribbett and Redelinghuys - Cutting Edge of NewMR 2015
 
So much UX data! Now what?
So much UX data! Now what?So much UX data! Now what?
So much UX data! Now what?
 
Web Survey and Forms Usability Design & Testing
Web Survey and Forms Usability Design & TestingWeb Survey and Forms Usability Design & Testing
Web Survey and Forms Usability Design & Testing
 
Unifying the UX of a Survey Across Multiple Devices (MoDevEast 2013)
Unifying the UX of a Survey Across Multiple Devices (MoDevEast 2013)Unifying the UX of a Survey Across Multiple Devices (MoDevEast 2013)
Unifying the UX of a Survey Across Multiple Devices (MoDevEast 2013)
 
Ontela PicDeck (B): Case Analysis
Ontela PicDeck (B): Case AnalysisOntela PicDeck (B): Case Analysis
Ontela PicDeck (B): Case Analysis
 
Behavioral Analytics with Smartphone Data. Talk at Strata + Hadoop World 2014...
Behavioral Analytics with Smartphone Data. Talk at Strata + Hadoop World 2014...Behavioral Analytics with Smartphone Data. Talk at Strata + Hadoop World 2014...
Behavioral Analytics with Smartphone Data. Talk at Strata + Hadoop World 2014...
 
Networked worlds and networked enterprises
Networked worlds and networked enterprisesNetworked worlds and networked enterprises
Networked worlds and networked enterprises
 
Ontela picdeck
Ontela picdeckOntela picdeck
Ontela picdeck
 
Ontella
OntellaOntella
Ontella
 
Detection and Minimization Influence of Rumor in Social Network
Detection and Minimization Influence of Rumor in Social NetworkDetection and Minimization Influence of Rumor in Social Network
Detection and Minimization Influence of Rumor in Social Network
 
Kipp Bodnar - The Future of Social Media at HUG 2017
Kipp Bodnar - The Future of Social Media at HUG 2017Kipp Bodnar - The Future of Social Media at HUG 2017
Kipp Bodnar - The Future of Social Media at HUG 2017
 
Boomerangers, teens & app enthusiasts- best practices for deploying mobile app
Boomerangers, teens & app enthusiasts- best practices for deploying mobile appBoomerangers, teens & app enthusiasts- best practices for deploying mobile app
Boomerangers, teens & app enthusiasts- best practices for deploying mobile app
 
The Testing Planet Issue 7
The Testing Planet Issue 7The Testing Planet Issue 7
The Testing Planet Issue 7
 
Network effects presentation for blogger
Network effects presentation for bloggerNetwork effects presentation for blogger
Network effects presentation for blogger
 
Mobile Data Analytics
Mobile Data AnalyticsMobile Data Analytics
Mobile Data Analytics
 

Similar a How to Analyze the Privacy of 1 Million Smartphone Apps

Analyzing the Privacy of Smartphone Apps, for CMU Cylab Talk on April 2013
Analyzing the Privacy of Smartphone Apps, for CMU Cylab Talk on April 2013Analyzing the Privacy of Smartphone Apps, for CMU Cylab Talk on April 2013
Analyzing the Privacy of Smartphone Apps, for CMU Cylab Talk on April 2013Jason Hong
 
Using Mobile Technology for Patient Recruitment Webinar
Using Mobile Technology for Patient Recruitment WebinarUsing Mobile Technology for Patient Recruitment Webinar
Using Mobile Technology for Patient Recruitment WebinarPatientWise
 
Mobile App Benchmarks: Engagement & Retention
Mobile App Benchmarks: Engagement & RetentionMobile App Benchmarks: Engagement & Retention
Mobile App Benchmarks: Engagement & RetentionEmmanuel Quartey
 
Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...
Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...
Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...Elissa Redmiles
 
Getting users to trust your Mobile Apps and Mobile Web sites
Getting users to trust your Mobile Apps and Mobile Web sitesGetting users to trust your Mobile Apps and Mobile Web sites
Getting users to trust your Mobile Apps and Mobile Web sitesJanet Jaiswal
 
Fostering an Ecosystem for Smartphone Privacy
Fostering an Ecosystem for Smartphone PrivacyFostering an Ecosystem for Smartphone Privacy
Fostering an Ecosystem for Smartphone PrivacyJason Hong
 
Big Data for Privacy, at NSF Workshop on Big Data and Privacy, April 2015
Big Data for Privacy, at NSF Workshop on Big Data and Privacy, April 2015Big Data for Privacy, at NSF Workshop on Big Data and Privacy, April 2015
Big Data for Privacy, at NSF Workshop on Big Data and Privacy, April 2015Jason Hong
 
Making The Leap From Web To Mobile
Making The Leap From Web To MobileMaking The Leap From Web To Mobile
Making The Leap From Web To MobileKris Mihalic
 
Getting Going with Mobile (What Your Users Really Want!)
Getting Going with Mobile (What Your Users Really Want!)Getting Going with Mobile (What Your Users Really Want!)
Getting Going with Mobile (What Your Users Really Want!)Forum One
 
User-Centered (Mobile) Device Strategy
User-Centered (Mobile) Device StrategyUser-Centered (Mobile) Device Strategy
User-Centered (Mobile) Device StrategySøren Engelbrecht
 
260119 a digital approach towards market research upload
260119 a digital approach towards market research upload260119 a digital approach towards market research upload
260119 a digital approach towards market research uploadSyed Yeasef Akbar
 
PERCEPTION OF MOBILE APPS AMONG COMMON PEOPLE PPT
PERCEPTION OF MOBILE APPS AMONG COMMON PEOPLE PPTPERCEPTION OF MOBILE APPS AMONG COMMON PEOPLE PPT
PERCEPTION OF MOBILE APPS AMONG COMMON PEOPLE PPTPalash Banerjee
 
Are my Devices Spying on Me? Living in a World of Ubiquitous Computing
Are my Devices Spying on Me? Living in a World of Ubiquitous Computing Are my Devices Spying on Me? Living in a World of Ubiquitous Computing
Are my Devices Spying on Me? Living in a World of Ubiquitous Computing Jason Hong
 
Mobile Marketing Mix
Mobile Marketing MixMobile Marketing Mix
Mobile Marketing Mixmattpiette
 
Helping Developers with Privacy
Helping Developers with PrivacyHelping Developers with Privacy
Helping Developers with PrivacyJason Hong
 
SharePoint Summit Vancouver: Reach your audience with a SharePoint mobile app
SharePoint Summit Vancouver: Reach your audience with a SharePoint mobile appSharePoint Summit Vancouver: Reach your audience with a SharePoint mobile app
SharePoint Summit Vancouver: Reach your audience with a SharePoint mobile appMallory O'Connor
 
Gg mobile apps_vs_web_july2011-5
Gg mobile apps_vs_web_july2011-5Gg mobile apps_vs_web_july2011-5
Gg mobile apps_vs_web_july2011-5DMI
 

Similar a How to Analyze the Privacy of 1 Million Smartphone Apps (20)

Analyzing the Privacy of Smartphone Apps, for CMU Cylab Talk on April 2013
Analyzing the Privacy of Smartphone Apps, for CMU Cylab Talk on April 2013Analyzing the Privacy of Smartphone Apps, for CMU Cylab Talk on April 2013
Analyzing the Privacy of Smartphone Apps, for CMU Cylab Talk on April 2013
 
Using Mobile Technology for Patient Recruitment Webinar
Using Mobile Technology for Patient Recruitment WebinarUsing Mobile Technology for Patient Recruitment Webinar
Using Mobile Technology for Patient Recruitment Webinar
 
Mobile App Benchmarks: Engagement & Retention
Mobile App Benchmarks: Engagement & RetentionMobile App Benchmarks: Engagement & Retention
Mobile App Benchmarks: Engagement & Retention
 
Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...
Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...
Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...
 
Getting users to trust your Mobile Apps and Mobile Web sites
Getting users to trust your Mobile Apps and Mobile Web sitesGetting users to trust your Mobile Apps and Mobile Web sites
Getting users to trust your Mobile Apps and Mobile Web sites
 
Outline MS PP EH
Outline MS PP EHOutline MS PP EH
Outline MS PP EH
 
Fostering an Ecosystem for Smartphone Privacy
Fostering an Ecosystem for Smartphone PrivacyFostering an Ecosystem for Smartphone Privacy
Fostering an Ecosystem for Smartphone Privacy
 
Big Data for Privacy, at NSF Workshop on Big Data and Privacy, April 2015
Big Data for Privacy, at NSF Workshop on Big Data and Privacy, April 2015Big Data for Privacy, at NSF Workshop on Big Data and Privacy, April 2015
Big Data for Privacy, at NSF Workshop on Big Data and Privacy, April 2015
 
Making The Leap From Web To Mobile
Making The Leap From Web To MobileMaking The Leap From Web To Mobile
Making The Leap From Web To Mobile
 
Getting Going with Mobile (What Your Users Really Want!)
Getting Going with Mobile (What Your Users Really Want!)Getting Going with Mobile (What Your Users Really Want!)
Getting Going with Mobile (What Your Users Really Want!)
 
User-Centered (Mobile) Device Strategy
User-Centered (Mobile) Device StrategyUser-Centered (Mobile) Device Strategy
User-Centered (Mobile) Device Strategy
 
260119 a digital approach towards market research upload
260119 a digital approach towards market research upload260119 a digital approach towards market research upload
260119 a digital approach towards market research upload
 
PERCEPTION OF MOBILE APPS AMONG COMMON PEOPLE PPT
PERCEPTION OF MOBILE APPS AMONG COMMON PEOPLE PPTPERCEPTION OF MOBILE APPS AMONG COMMON PEOPLE PPT
PERCEPTION OF MOBILE APPS AMONG COMMON PEOPLE PPT
 
Are my Devices Spying on Me? Living in a World of Ubiquitous Computing
Are my Devices Spying on Me? Living in a World of Ubiquitous Computing Are my Devices Spying on Me? Living in a World of Ubiquitous Computing
Are my Devices Spying on Me? Living in a World of Ubiquitous Computing
 
Mobile Marketing Mix
Mobile Marketing MixMobile Marketing Mix
Mobile Marketing Mix
 
Mobile2013
Mobile2013Mobile2013
Mobile2013
 
Helping Developers with Privacy
Helping Developers with PrivacyHelping Developers with Privacy
Helping Developers with Privacy
 
Hc2013 my journey mobile app presentation
Hc2013 my journey mobile app presentationHc2013 my journey mobile app presentation
Hc2013 my journey mobile app presentation
 
SharePoint Summit Vancouver: Reach your audience with a SharePoint mobile app
SharePoint Summit Vancouver: Reach your audience with a SharePoint mobile appSharePoint Summit Vancouver: Reach your audience with a SharePoint mobile app
SharePoint Summit Vancouver: Reach your audience with a SharePoint mobile app
 
Gg mobile apps_vs_web_july2011-5
Gg mobile apps_vs_web_july2011-5Gg mobile apps_vs_web_july2011-5
Gg mobile apps_vs_web_july2011-5
 

Último

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 

Último (20)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 

How to Analyze the Privacy of 1 Million Smartphone Apps

  • 1. ©2014 Carnegie Mellon University : 1 How to Analyze the Privacy of 1 Million Smartphone Apps Oct 30 2014 Jason Hong jasonh@cs.cmu.edu Computer Human Interaction: Mobility Privacy Security
  • 2. ©2014 Carnegie Mellon University : 2 In the near future, our smartphones will know everything about us
  • 3. ©2014 Carnegie Mellon University : 3 Smartphones are Intimate • Mobile phones and millennials (Cisco 2012): • 75% use in bed before sleep • 83% sleep with their phones • 90% check first thing in the morning • A third use in bathroom (!!) • A fifth check every ten minutes
  • 4. ©2014 Carnegie Mellon University : 4 Lots of Data on Smartphones Who we know (contact list) Who we call (call log) Who we text (sms log)
  • 5. ©2014 Carnegie Mellon University : 5 Lots of Data on Smartphones Where we go (gps, foursquare) Photos (some geotagged) Sensors (accel, sound, light)
  • 6. ©2014 Carnegie Mellon University : 6 The Opportunity • We are creating a worldwide sensor network with these smartphones • Can analyze human behavior unprecedented fidelity and scale
  • 7. ©2014 Carnegie Mellon University : 7 These Capabilities Can Be Used for Tremendous Good • Ex. detecting onset of depression • Ex. understanding cities • Ex. next-gen intelligent agents
  • 8. ©2014 Carnegie Mellon University : 8 These Capabilities Can Also Be Creepy and Invasive Shared your location, gender, unique phone ID, phone# with advertisers Uploaded your entire contact list to their server (including phone #s)
  • 9. ©2014 Carnegie Mellon University : 9 Many Smartphone Apps Have “Unusual” Permissions Location Data Unique device ID Location Data Network Access Unique device ID Location Data Unique device ID
  • 10. Nissan Maxima Gear Shift ©2014 Carnegie Mellon University : 10
  • 11. ©2014 Carnegie Mellon University : 11 Privacy as Expectations • Apply this same idea of mental models for privacy – Compare what people expect an app to do vs what an app actually does – Emphasize the biggest gaps, misconceptions that many people had App Behavior (What an app actually does) User Expectations (What people think the app does)
  • 12. ©2014 Carnegie Mellon University : 12 85% users were surprised this app sent their phone’s unique ID to mobile ads providers. 25% users were surprised this app sent their approximate location to dictionary.com for searching nearby words. 10% users were surprised this app wrote contents to their SD card. 0% users were surprised this app could control their audio settings. See all 95% users were surprised this app sent their approximate location to mobile ads providers. 95% users were surprised this app sent their phone’s unique ID to mobile ads providers. 90% users were surprised this app sent their precise location to mobile ads providers. 0% users were surprised this app can control camera flashlight.
  • 13. ©2014 Carnegie Mellon University : 13 Results for Location Data (N=20 per app, Expectations Condition) App Comfort Level (-2 – 2) Maps 1.52 GasBuddy 1.47 Weather Channel 1.45 • People more Foursquare 0.95 TuneIn Radio 0.60 Evernote 0.15 Angry Birds -0.70 Brightest Flashlight Free -1.15 Toss It -1.2 comfortable when told why app used data (even ads) • Our work helped influence FTC in fining Brightest Flashlight in Dec 2013
  • 14. Scaling Up to 1 Million Apps ©2014 Carnegie Mellon University : 14
  • 15. ©2014 Carnegie Mellon University : 15 Scaling Up to 1 Million Apps • Crawled 1M apps on Google Play • Created a model to predict concerns – Ex. Contact list for social network mild – Ex. Contact list for ads very bad • Analyzed 1M apps for behaviors – Advertising, analytics, social net, other • Assigned grades based on model
  • 16. ©2014 Carnegie Mellon University : 16
  • 17. ©2014 Carnegie Mellon University : 17 What permissions used and why
  • 18. ©2014 Carnegie Mellon University : 18 Libraries are reusable pieces of code Most sensitive data requests due to third-party libraries
  • 19. ©2014 Carnegie Mellon University : 19 Check it out at privacygrade.org
  • 20. ©2014 Carnegie Mellon University : 20 Reflections on Privacy • FTC overwhelmed by sheer numbers – Too many web sites, hardware, apps • Developers don’t know what to do – State of developer tools also poor • NSF funding flat, unpredictable • Business models predicated on leveraging lots of user data • Too much burden on end-users
  • 21. ©2014 Carnegie Mellon University : 21 Reflections on Privacy • FTC (and third parties) need better tools to detect privacy problems – Scale up what FTC lawyers manually do today – Consider FTC fund 6.1, 6.2, 6.3 research • Expand NSF funding – Both education and research (centers) • Developers – Consider NIST holding developer conferences to work out best practices for privacy – Longer term: fund scholarships for privacy
  • 22. ©2014 Carnegie Mellon University : 22 Reflections on Privacy • Operating Systems / App Markets – Nearly every app distributed via markets – Ex. Make devs more aware of 3rd party issues – Ex. Better tools to help average developer – Not clear if much government can do here other than embarrassing Google, Apple • Businesses – Slap wrist of most egregious to set tone – Need to be careful not to squelch innovation • Ex. Facebook Newsfeed initially unpopular – Clearer rules for advertisers
  • 23. ©2014 Carnegie Mellon University : 23 Thanks! More info at cmuchimps.org or email jasonh@cs.cmu.edu • Shah Amini • Song Luan • Yuvraj Agarwal Special thanks to: • Army Research Office • NSF • Google • CMU Cylab • Jialiu Lin • Norman Sadeh

Notas del editor

  1. Professor in School of Computer Science at Carnegie Mellon University Past work Anti-phishing research Wombat Security Location privacy
  2. Jason Hong / jasonh@cs.cmu.edu I’m a computer scientist, and I’ve been working with sensor-based systems for 15 years My claim: in the near future, smartphones will know everything about us Our Smartphones will know if we are depressed or not / what our carbon footprint is / what our information needs are before we even know what we need Images from http://www.androidtapp.com/how-simple-is-your-smartphone-to-use-funny-videos/ http://www.sfgate.com/crime/article/Absorbed-device-users-oblivious-to-danger-4876709.php#photo-5278749 http://www.reneweduponadream.com/2012/09/business-without-smartphone-dont-let-it.html
  3. Main stats on this page are from: http://www.cisco.com/c/en/us/solutions/enterprise/connected-world-technology-report/index.html#~2012 Additional stats about mobile phones: http://www.pewinternet.org/fact-sheets/mobile-technology-fact-sheet/ ----------------------- What’s also interesting are trends in how people use these smartphones http://blog.sciencecreative.com/2011/03/16/the-authentic-online-marketer/ http://www.generationalinsights.com/millennials-addicted-to-their-smartphones-some-suffer-nomophobia/ In fact, Millennials don’t just sleep with their smartphones. 75% use them in bed before going to sleep and 90% check them again first thing in the morning.  Half use them while eating and third use them in the bathroom. A third check them every half hour. Another fifth check them every ten minutes. A quarter of them check them so frequently that they lose count. http://www.androidtapp.com/how-simple-is-your-smartphone-to-use-funny-videos/ Pew Research Center Around 83 percent of those 18- to 29-year-olds sleep with their cell phones within reach.  http://persquaremile.com/category/suburbia/
  4. Pushing further, smartphone data is really intimate Location, call logs, SMS, pics, more
  5. A grand challenge for computer science http://www.flickr.com/photos/robby_van_moor/478725670/
  6. On the left is Nissan Maxima gear shift. It turns out my brother was driving in 3rd gear for over a year before I pointed out to him that 3 and D are separate. The older Nissan Maxima gear shift on the right makes it hard to make this mistake.
  7. Lin et al, Expectation and Purpose: Understanding User’s Mental Models of Mobile App Privacy thru Crowdsourcing. Ubicomp 2012.
  8. In expectations condition, people were told app used a permission but not why.
  9. We created a predictive model of people’s concerns using a combination of static analysis and crowdsourcing.
  10. DARPA Google CMU CyLab