TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Android permissions demystified
Proceedings of the 18th ACM conference on Computer and communications security
User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Android permissions: user attention, comprehension, and behavior
Proceedings of the Eighth Symposium on Usable Privacy and Security
Proceedings of the 2012 ACM Conference on Ubiquitous Computing
A conundrum of permissions: installing applications on an android smartphone
FC'12 Proceedings of the 16th international conference on Financial Cryptography and Data Security
"Little brothers watching you": raising awareness of data leaks on smartphones
Proceedings of the Ninth Symposium on Usable Privacy and Security
Automatic mediation of privacy-sensitive resource access in smartphone applications
SEC'13 Proceedings of the 22nd USENIX conference on Security
Reconciling mobile app privacy and usability on smartphones: could user privacy profiles help?
Proceedings of the 23rd international conference on World wide web
Hi-index | 0.00 |
We report on a field study that uses a combination of OS measurements and qualitative interviews to highlight gaps between user expectations with respect to privacy and the result of using the existing permissions architecture to install mobile apps. Most of our participants expected advertising and analytics behavior, yet they were often surprised by applications' data collection in the background and the level of data sharing with third parties that actually occurred. Given participant feedback, we propose platform support to reduce this "expectation gap" with transparency of data usage and constrained permissions.