SlideShare a Scribd company logo

Smartphone security and privacy: you're doing it wrong

Download as KEY, PDF
Graham Lee
Graham Lee

Before you can get security or privacy features correct, you must understand how people think and how this will impact any UI you show for your privacy settings. In this presentation, I discuss the user's mental model and see how this impacts on iPhone and Android privacy UI.

Technology
1 of 39
Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited fuzzyaliens.com
Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited
Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited Desktop Server Telecom CO Particle Accelerator
Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited Desktop Server UX Telecom CO Requirements Eng Particle Accelerator Dev Ops Source Control …
Pre-intro Disclaimer
Introductory Story
Introductory Story • I can’t explain why I did what I did
Introductory Story • I can’t explain why I did what I did • It’s not just hard to explain the rules, I don’t know them
Introductory Story • I can’t explain why I did what I did • It’s not just hard to explain the rules, I don’t know them • Ask me, I’ll not only give the wrong answer, I’ll do something different
Introductory Story • I can’t explain why I did what I did • It’s not just hard to explain the rules, I don’t know them • Ask me, I’ll not only give the wrong answer, I’ll do something different • My original plan got replaced at run-time in the face of new inputs
Erm…privacy?
Erm…privacy?
TAP HERE TO SMASH THEM PIGS Erm…privacy?
Erm…privacy?
iOS Example
iOS Example
iOS Example
iOS Example
Historical Example “ The Platform for Privacy Preferences Project (P3P) enables Websites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents. P3P user agents will allow users to be informed of site practices (in both machine- and human-readable formats) and to automate decision-making based on these practices when appropriate. Thus users need not read the privacy policies at every site they visit. ”
What can we draw from this?
What can we draw from this? • People are capricious
What can we draw from this? • People are capricious • We can’t tell you what information we’ll use to make any decision
What can we draw from this? • People are capricious • We can’t tell you what information we’ll use to make any decision • A rational choice made earlier can be overridden by novel changes in environment
What can we draw from this? • People are capricious • We can’t tell you what information we’ll use to make any decision • A rational choice made earlier can be overridden by novel changes in environment amme rs a n d Sp phish e rs k n o w t his
Therefore, give users an easily-digestible amount of pertinent information AT DECISION TIME
Just-in-time information what I’m trying to do how it’s going
Social Media
Social Media Your mum can read what you post! Change privacy settings
Social Media
Social Media IN REPLY TO DM
Confidential Data
Confidential Data Warning: attachment includes credit card data. Delete Attachment
Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
@iamleeg
@iamleeg fuzzyaliens.com
@iamleeg fuzzyaliens.com

Recommended

Smartphone security
Smartphone security Smartphone security
Smartphone security
Nash Atan
 
Textil
TextilTextil
Textillujan.oulton
 
Cierre Habitantes por Alververas
Cierre Habitantes por AlververasCierre Habitantes por Alververas
Cierre Habitantes por Alververas
lujan.oulton
 
Performances
PerformancesPerformances
Performanceslujan.oulton
 
GALA breve presentazione maggio 2015
GALA breve presentazione maggio 2015GALA breve presentazione maggio 2015
GALA breve presentazione maggio 2015Stefano Maria De' Rossi
 
Helicia ftorrente objetoa
Helicia ftorrente objetoaHelicia ftorrente objetoa
Helicia ftorrente objetoalujan.oulton
 
Gallery Nights Octubre
Gallery Nights OctubreGallery Nights Octubre
Gallery Nights Octubrelujan.oulton
 
Presentazione AD Mind 2012
Presentazione AD Mind 2012Presentazione AD Mind 2012
Presentazione AD Mind 2012
Stefano Maria De' Rossi
 

Recommended

Smartphone security
Smartphone security Smartphone security
Smartphone security
Nash Atan
 
Textil
TextilTextil
Textillujan.oulton
 
Cierre Habitantes por Alververas
Cierre Habitantes por AlververasCierre Habitantes por Alververas
Cierre Habitantes por Alververas
lujan.oulton
 
Performances
PerformancesPerformances
Performanceslujan.oulton
 
GALA breve presentazione maggio 2015
GALA breve presentazione maggio 2015GALA breve presentazione maggio 2015
GALA breve presentazione maggio 2015Stefano Maria De' Rossi
 
Helicia ftorrente objetoa
Helicia ftorrente objetoaHelicia ftorrente objetoa
Helicia ftorrente objetoalujan.oulton
 
Gallery Nights Octubre
Gallery Nights OctubreGallery Nights Octubre
Gallery Nights Octubrelujan.oulton
 
Presentazione AD Mind 2012
Presentazione AD Mind 2012Presentazione AD Mind 2012
Presentazione AD Mind 2012
Stefano Maria De' Rossi
 
Mind mapping
Mind mapping Mind mapping
Mind mapping
Stefano Maria De' Rossi
 
Data mining in support of fraud management
Data mining in support of fraud managementData mining in support of fraud management
Data mining in support of fraud management
Stefano Maria De' Rossi
 
introduzione al data mining
introduzione al data mining introduzione al data mining
introduzione al data mining
Stefano Maria De' Rossi
 
Tackling Card not present Fraud
Tackling Card not present FraudTackling Card not present Fraud
Tackling Card not present Fraud
Stefano Maria De' Rossi
 
Cross platform Objective-C Strategy
Cross platform Objective-C StrategyCross platform Objective-C Strategy
Cross platform Objective-C StrategyGraham Lee
 
Las obras en exhibición: Tercera Bienal Kosice
Las obras en exhibición: Tercera Bienal KosiceLas obras en exhibición: Tercera Bienal Kosice
Las obras en exhibición: Tercera Bienal Kosice
lujan.oulton
 
Crm value proposition
Crm value propositionCrm value proposition
Crm value proposition
Stefano Maria De' Rossi
 
Studio Labsus v2009
Studio Labsus v2009Studio Labsus v2009
Studio Labsus v2009
Stefano Maria De' Rossi
 
Usability, User Experience and the Internet in the 21st Century
Usability, User Experience and the Internet in the 21st CenturyUsability, User Experience and the Internet in the 21st Century
Usability, User Experience and the Internet in the 21st Century
Max Soe
 
A quick introduction to User Experience
A quick introduction to User ExperienceA quick introduction to User Experience
A quick introduction to User ExperiencePierre Sauvignon
 
Five Ways to Get Better Data From Our Users
Five Ways to Get Better Data From Our UsersFive Ways to Get Better Data From Our Users
Five Ways to Get Better Data From Our Users
Sajid Reshamwala
 
Meaghan technology report
Meaghan technology reportMeaghan technology report
Meaghan technology report
Marq2014
 
Corp Web Risks and Concerns
Corp Web Risks and ConcernsCorp Web Risks and Concerns
Corp Web Risks and Concerns
PINT Inc
 
Bad Advice Unintended Consequences and Broken Paradigms - Think && Act Differ...
Bad Advice Unintended Consequences and Broken Paradigms - Think && Act Differ...Bad Advice Unintended Consequences and Broken Paradigms - Think && Act Differ...
Bad Advice Unintended Consequences and Broken Paradigms - Think && Act Differ...
Steve Werby
 
User research at VMware Tanzu Labs
User research at VMware Tanzu LabsUser research at VMware Tanzu Labs
User research at VMware Tanzu Labs
VMware Tanzu Developer Center Slides
 
Design For Users, Not Yourself: UX Lessons My Mom Taught Me (Justin Young)
Design For Users, Not Yourself: UX Lessons My Mom Taught Me (Justin Young)Design For Users, Not Yourself: UX Lessons My Mom Taught Me (Justin Young)
Design For Users, Not Yourself: UX Lessons My Mom Taught Me (Justin Young)
Future Insights
 
Finding the Center (2013 Remix)
Finding the Center (2013 Remix)Finding the Center (2013 Remix)
Finding the Center (2013 Remix)
Andrew Heaton
 
Fake Your Research - UX Masterclass
Fake Your Research - UX MasterclassFake Your Research - UX Masterclass
Fake Your Research - UX Masterclass
Sherpas
 
Fake Your Research - UX Masterclass
Fake Your Research - UX MasterclassFake Your Research - UX Masterclass
Fake Your Research - UX Masterclass
ExperienceU
 
Social Media Security: What to Watch out for...
Social Media Security: What to Watch out for...Social Media Security: What to Watch out for...
Social Media Security: What to Watch out for...
Carl B. Forkner, Ph.D.
 
Connor big data
Connor big dataConnor big data
Connor big dataDavid Jimenez
 
Mobile trends saultstemarie
Mobile trends saultstemarieMobile trends saultstemarie
Mobile trends saultstemarieDan Silivestru
 

More Related Content

Viewers also liked

Mind mapping
Mind mapping Mind mapping
Mind mapping
Stefano Maria De' Rossi
 
Data mining in support of fraud management
Data mining in support of fraud managementData mining in support of fraud management
Data mining in support of fraud management
Stefano Maria De' Rossi
 
introduzione al data mining
introduzione al data mining introduzione al data mining
introduzione al data mining
Stefano Maria De' Rossi
 
Tackling Card not present Fraud
Tackling Card not present FraudTackling Card not present Fraud
Tackling Card not present Fraud
Stefano Maria De' Rossi
 
Cross platform Objective-C Strategy
Cross platform Objective-C StrategyCross platform Objective-C Strategy
Cross platform Objective-C StrategyGraham Lee
 
Las obras en exhibición: Tercera Bienal Kosice
Las obras en exhibición: Tercera Bienal KosiceLas obras en exhibición: Tercera Bienal Kosice
Las obras en exhibición: Tercera Bienal Kosice
lujan.oulton
 
Crm value proposition
Crm value propositionCrm value proposition
Crm value proposition
Stefano Maria De' Rossi
 
Studio Labsus v2009
Studio Labsus v2009Studio Labsus v2009
Studio Labsus v2009
Stefano Maria De' Rossi
 

Viewers also liked (8)

Mind mapping
Mind mapping Mind mapping
Mind mapping
 
Data mining in support of fraud management
Data mining in support of fraud managementData mining in support of fraud management
Data mining in support of fraud management
 
introduzione al data mining
introduzione al data mining introduzione al data mining
introduzione al data mining
 
Tackling Card not present Fraud
Tackling Card not present FraudTackling Card not present Fraud
Tackling Card not present Fraud
 
Cross platform Objective-C Strategy
Cross platform Objective-C StrategyCross platform Objective-C Strategy
Cross platform Objective-C Strategy
 
Las obras en exhibición: Tercera Bienal Kosice
Las obras en exhibición: Tercera Bienal KosiceLas obras en exhibición: Tercera Bienal Kosice
Las obras en exhibición: Tercera Bienal Kosice
 
Crm value proposition
Crm value propositionCrm value proposition
Crm value proposition
 
Studio Labsus v2009
Studio Labsus v2009Studio Labsus v2009
Studio Labsus v2009
 

Similar to Smartphone security and privacy: you're doing it wrong

Usability, User Experience and the Internet in the 21st Century
Usability, User Experience and the Internet in the 21st CenturyUsability, User Experience and the Internet in the 21st Century
Usability, User Experience and the Internet in the 21st Century
Max Soe
 
A quick introduction to User Experience
A quick introduction to User ExperienceA quick introduction to User Experience
A quick introduction to User ExperiencePierre Sauvignon
 
Five Ways to Get Better Data From Our Users
Five Ways to Get Better Data From Our UsersFive Ways to Get Better Data From Our Users
Five Ways to Get Better Data From Our Users
Sajid Reshamwala
 
Meaghan technology report
Meaghan technology reportMeaghan technology report
Meaghan technology report
Marq2014
 
Corp Web Risks and Concerns
Corp Web Risks and ConcernsCorp Web Risks and Concerns
Corp Web Risks and Concerns
PINT Inc
 
Bad Advice Unintended Consequences and Broken Paradigms - Think && Act Differ...
Bad Advice Unintended Consequences and Broken Paradigms - Think && Act Differ...Bad Advice Unintended Consequences and Broken Paradigms - Think && Act Differ...
Bad Advice Unintended Consequences and Broken Paradigms - Think && Act Differ...
Steve Werby
 
User research at VMware Tanzu Labs
User research at VMware Tanzu LabsUser research at VMware Tanzu Labs
User research at VMware Tanzu Labs
VMware Tanzu Developer Center Slides
 
Design For Users, Not Yourself: UX Lessons My Mom Taught Me (Justin Young)
Design For Users, Not Yourself: UX Lessons My Mom Taught Me (Justin Young)Design For Users, Not Yourself: UX Lessons My Mom Taught Me (Justin Young)
Design For Users, Not Yourself: UX Lessons My Mom Taught Me (Justin Young)
Future Insights
 
Finding the Center (2013 Remix)
Finding the Center (2013 Remix)Finding the Center (2013 Remix)
Finding the Center (2013 Remix)
Andrew Heaton
 
Fake Your Research - UX Masterclass
Fake Your Research - UX MasterclassFake Your Research - UX Masterclass
Fake Your Research - UX Masterclass
Sherpas
 
Fake Your Research - UX Masterclass
Fake Your Research - UX MasterclassFake Your Research - UX Masterclass
Fake Your Research - UX Masterclass
ExperienceU
 
Social Media Security: What to Watch out for...
Social Media Security: What to Watch out for...Social Media Security: What to Watch out for...
Social Media Security: What to Watch out for...
Carl B. Forkner, Ph.D.
 
Mobile trends saultstemarie
Mobile trends saultstemarieMobile trends saultstemarie
Mobile trends saultstemarieDan Silivestru
 
Innovative technology for universal communication designed to involve the (he...
Innovative technology for universal communication designed to involve the (he...Innovative technology for universal communication designed to involve the (he...
Innovative technology for universal communication designed to involve the (he...
PaloSanto Solutions
 
Defrag 2014
Defrag 2014Defrag 2014
Defrag 2014Keen
 
Tr2016 new final
Tr2016 new finalTr2016 new final
Tr2016 new final
Bruce Shields
 
Future insights
Future insightsFuture insights
Future insights
Scott Jenson
 
Guide Dogs and Digital Devices
Guide Dogs and Digital DevicesGuide Dogs and Digital Devices
Guide Dogs and Digital Devices
Xamarin
 
Content is ux
Content is uxContent is ux
Content is ux
Sarah Richards
 

Similar to Smartphone security and privacy: you're doing it wrong (20)

Usability, User Experience and the Internet in the 21st Century
Usability, User Experience and the Internet in the 21st CenturyUsability, User Experience and the Internet in the 21st Century
Usability, User Experience and the Internet in the 21st Century
 
A quick introduction to User Experience
A quick introduction to User ExperienceA quick introduction to User Experience
A quick introduction to User Experience
 
Five Ways to Get Better Data From Our Users
Five Ways to Get Better Data From Our UsersFive Ways to Get Better Data From Our Users
Five Ways to Get Better Data From Our Users
 
Meaghan technology report
Meaghan technology reportMeaghan technology report
Meaghan technology report
 
Corp Web Risks and Concerns
Corp Web Risks and ConcernsCorp Web Risks and Concerns
Corp Web Risks and Concerns
 
Bad Advice Unintended Consequences and Broken Paradigms - Think && Act Differ...
Bad Advice Unintended Consequences and Broken Paradigms - Think && Act Differ...Bad Advice Unintended Consequences and Broken Paradigms - Think && Act Differ...
Bad Advice Unintended Consequences and Broken Paradigms - Think && Act Differ...
 
User research at VMware Tanzu Labs
User research at VMware Tanzu LabsUser research at VMware Tanzu Labs
User research at VMware Tanzu Labs
 
Design For Users, Not Yourself: UX Lessons My Mom Taught Me (Justin Young)
Design For Users, Not Yourself: UX Lessons My Mom Taught Me (Justin Young)Design For Users, Not Yourself: UX Lessons My Mom Taught Me (Justin Young)
Design For Users, Not Yourself: UX Lessons My Mom Taught Me (Justin Young)
 
Finding the Center (2013 Remix)
Finding the Center (2013 Remix)Finding the Center (2013 Remix)
Finding the Center (2013 Remix)
 
Fake Your Research - UX Masterclass
Fake Your Research - UX MasterclassFake Your Research - UX Masterclass
Fake Your Research - UX Masterclass
 
Fake Your Research - UX Masterclass
Fake Your Research - UX MasterclassFake Your Research - UX Masterclass
Fake Your Research - UX Masterclass
 
Social Media Security: What to Watch out for...
Social Media Security: What to Watch out for...Social Media Security: What to Watch out for...
Social Media Security: What to Watch out for...
 
Connor big data
Connor big dataConnor big data
Connor big data
 
Mobile trends saultstemarie
Mobile trends saultstemarieMobile trends saultstemarie
Mobile trends saultstemarie
 
Innovative technology for universal communication designed to involve the (he...
Innovative technology for universal communication designed to involve the (he...Innovative technology for universal communication designed to involve the (he...
Innovative technology for universal communication designed to involve the (he...
 
Defrag 2014
Defrag 2014Defrag 2014
Defrag 2014
 
Tr2016 new final
Tr2016 new finalTr2016 new final
Tr2016 new final
 
Future insights
Future insightsFuture insights
Future insights
 
Guide Dogs and Digital Devices
Guide Dogs and Digital DevicesGuide Dogs and Digital Devices
Guide Dogs and Digital Devices
 
Content is ux
Content is uxContent is ux
Content is ux
 

More from Graham Lee

Object-Oriented Programming in Functional Programming in Swift
Object-Oriented Programming in Functional Programming in SwiftObject-Oriented Programming in Functional Programming in Swift
Object-Oriented Programming in Functional Programming in Swift
Graham Lee
 
The Principled Programmer
The Principled ProgrammerThe Principled Programmer
The Principled Programmer
Graham Lee
 
Taking a Test Drive: iOS Dev UK guide to TDD
Taking a Test Drive: iOS Dev UK guide to TDDTaking a Test Drive: iOS Dev UK guide to TDD
Taking a Test Drive: iOS Dev UK guide to TDD
Graham Lee
 
Taking a Test Drive
Taking a Test DriveTaking a Test Drive
Taking a Test Drive
Graham Lee
 
Crypto storage
Crypto storageCrypto storage
Crypto storage
Graham Lee
 
Beyond build and analyze
Beyond build and analyzeBeyond build and analyze
Beyond build and analyze
Graham Lee
 
Sign your code
Sign your codeSign your code
Sign your code
Graham Lee
 
Unit testing for Cocoa developers
Unit testing for Cocoa developersUnit testing for Cocoa developers
Unit testing for Cocoa developers
Graham Lee
 
Security and Encryption on iOS
Security and Encryption on iOSSecurity and Encryption on iOS
Security and Encryption on iOS
Graham Lee
 
Dial M For Mitigation
Dial M For MitigationDial M For Mitigation
Dial M For Mitigation
Graham Lee
 
Presentations and Podcasts - OxMug July 2009
Presentations and Podcasts - OxMug July 2009Presentations and Podcasts - OxMug July 2009
Presentations and Podcasts - OxMug July 2009
Graham Lee
 
Intel Briefing Notes
Intel Briefing NotesIntel Briefing Notes
Intel Briefing Notes
Graham Lee
 
Designing a Secure Cocoa App
Designing a Secure Cocoa AppDesigning a Secure Cocoa App
Designing a Secure Cocoa App
Graham Lee
 

More from Graham Lee (13)

Object-Oriented Programming in Functional Programming in Swift
Object-Oriented Programming in Functional Programming in SwiftObject-Oriented Programming in Functional Programming in Swift
Object-Oriented Programming in Functional Programming in Swift
 
The Principled Programmer
The Principled ProgrammerThe Principled Programmer
The Principled Programmer
 
Taking a Test Drive: iOS Dev UK guide to TDD
Taking a Test Drive: iOS Dev UK guide to TDDTaking a Test Drive: iOS Dev UK guide to TDD
Taking a Test Drive: iOS Dev UK guide to TDD
 
Taking a Test Drive
Taking a Test DriveTaking a Test Drive
Taking a Test Drive
 
Crypto storage
Crypto storageCrypto storage
Crypto storage
 
Beyond build and analyze
Beyond build and analyzeBeyond build and analyze
Beyond build and analyze
 
Sign your code
Sign your codeSign your code
Sign your code
 
Unit testing for Cocoa developers
Unit testing for Cocoa developersUnit testing for Cocoa developers
Unit testing for Cocoa developers
 
Security and Encryption on iOS
Security and Encryption on iOSSecurity and Encryption on iOS
Security and Encryption on iOS
 
Dial M For Mitigation
Dial M For MitigationDial M For Mitigation
Dial M For Mitigation
 
Presentations and Podcasts - OxMug July 2009
Presentations and Podcasts - OxMug July 2009Presentations and Podcasts - OxMug July 2009
Presentations and Podcasts - OxMug July 2009
 
Intel Briefing Notes
Intel Briefing NotesIntel Briefing Notes
Intel Briefing Notes
 
Designing a Secure Cocoa App
Designing a Secure Cocoa AppDesigning a Secure Cocoa App
Designing a Secure Cocoa App
 

Recently uploaded

JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 

Recently uploaded (20)

JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 

Smartphone security and privacy: you're doing it wrong

  • 1. Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited fuzzyaliens.com
  • 2. Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited
  • 3. Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited Desktop Server Telecom CO Particle Accelerator
  • 4. Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited Desktop Server UX Telecom CO Requirements Eng Particle Accelerator Dev Ops Source Control …
  • 7. Introductory Story • I can’t explain why I did what I did
  • 8. Introductory Story • I can’t explain why I did what I did • It’s not just hard to explain the rules, I don’t know them
  • 9. Introductory Story • I can’t explain why I did what I did • It’s not just hard to explain the rules, I don’t know them • Ask me, I’ll not only give the wrong answer, I’ll do something different
  • 10. Introductory Story • I can’t explain why I did what I did • It’s not just hard to explain the rules, I don’t know them • Ask me, I’ll not only give the wrong answer, I’ll do something different • My original plan got replaced at run-time in the face of new inputs
  • 13. TAP HERE TO SMASH THEM PIGS Erm…privacy?
  • 19. Historical Example “ The Platform for Privacy Preferences Project (P3P) enables Websites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents. P3P user agents will allow users to be informed of site practices (in both machine- and human-readable formats) and to automate decision-making based on these practices when appropriate. Thus users need not read the privacy policies at every site they visit. ”
  • 20. What can we draw from this?
  • 21. What can we draw from this? • People are capricious
  • 22. What can we draw from this? • People are capricious • We can’t tell you what information we’ll use to make any decision
  • 23. What can we draw from this? • People are capricious • We can’t tell you what information we’ll use to make any decision • A rational choice made earlier can be overridden by novel changes in environment
  • 24. What can we draw from this? • People are capricious • We can’t tell you what information we’ll use to make any decision • A rational choice made earlier can be overridden by novel changes in environment amme rs a n d Sp phish e rs k n o w t his
  • 25. Therefore, give users an easily-digestible amount of pertinent information AT DECISION TIME
  • 26. Just-in-time information what I’m trying to do how it’s going
  • 28. Social Media Your mum can read what you post! Change privacy settings
  • 30. Social Media IN REPLY TO DM
  • 32. Confidential Data Warning: attachment includes credit card data. Delete Attachment
  • 33. Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
  • 34. Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
  • 35. Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
  • 36. Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
  • 38. @iamleeg fuzzyaliens.com
  • 39. @iamleeg fuzzyaliens.com

Editor's Notes

  1. \n
  2. \n
  3. \n
  4. \n
  5. \n
  6. \n
  7. \n
  8. \n
  9. \n
  10. \n
  11. \n
  12. \n
  13. \n
  14. \n
  15. \n
  16. \n
  17. \n
  18. \n
  19. \n
  20. \n
  21. \n
  22. \n
  23. \n
  24. \n
  25. \n
  26. \n
  27. \n
  28. \n
  29. \n
  30. \n
  31. \n
  32. \n
  33. \n
  34. \n
  35. \n
  36. \n
  37. \n
  38. \n
  39. \n
  40. \n
  41. \n
  42. \n
  43. \n