Archives
Data Statements: From Technical Concept to Community Practice
The ‘Invisible’ Materiality of Information Technology
Analyzing the AI Nudification Application Ecosytem
Toward inclusive justice: Applying the Diverse Voices design method to improve the Washington State Access to Justice Technology Principles
Genotype Extraction and False Relative Attacks: Security Risks to Third-Party Genetic Genealogy Services Beyond Identity Inference
This paper analyzes the security practices of GEDmatch, the largest third-party genetic genealogy service, for security and privacy issues. We find that an attacker can extract a large percentage of the genetic markers from other users and that an adversary can construct genetic data files that falsely appear like relatives to other samples in the database. We conclude with security recommendations for genetic genealogy services. This paper is accepted to the 2020 Network and Distributed System Security Symposium (NDSS).
Toward Inclusive Tech Policy Design: A Method for Underrepresented Voices to Strengthen Tech Policy Documents
This journal article, published in 2019 in Ethics and Information Technology, introduces the Diverse Voices method and reports on two case studies demonstrating its use: one with a white paper on augmented reality technology, and the other with a strategy document on automated driving vehicle technologies.
Tyche: A Risk-Based Permission Model for Smart Homes
In this paper, presented at the 2018 IEEE Cybersecurity Development Conference (SecDev 2018), a team with Lab researchers presents Tyche, a secure development methodology to limit the risk that apps pose to smart home users.
How Public Is My Private Life? Privacy in Online Dating
To understand how users reason about privacy risks they can potentially control through decision making, Lab members studied online dating user’s perceptions about and actions governing their privacy. Their study reveals tensions between privacy and competing user values and goals, and they demonstrate how these results can inform future designs. This paper was presented at the 26th International World-Wide Web Conference.
Computer Security and Privacy for Refugees in the United States
Lab faculty and students are examining cultural assumptions built into security mechanisms. In this paper, published at IEEE Security and Privacy 2018, they interviewed refugees in the U.S. about computer security and privacy, finding that many computer security and privacy related practices include deeply embedded U.S. or Western cultural knowledge and norms. They provide and are currently exploring further recommendations based on their interviews for concrete technical directions to better serve the security and privacy of diverse populations in the U.S. and around the world.