Predrag Klasnja
David Wetherall
ABSTRACT
Increasingly, users access online services such as email, e-commerce, and social networking sites via 802.11-based wireless networks. As they do so, they expose a range of personal information such as their names, email addresses, and ZIP codes to anyone within broadcast range of the network. This paper presents results from an exploratory study that examined how users from the general public understand Wi-Fi, what their concerns are related to Wi-Fi use, and which practices they follow to counter perceived threats. Our results reveal that while users understand the practical details of Wi-Fi use reasonably well, they lack understanding of important privacy risks. In addition, users employ incomplete protective practices which results in a false sense of security and lack of concern while on Wi-Fi. Based on our results, we outline opportunities for technology to help address these problems.
- Anonymous. Wigle.net, http://wigle.net.Google Scholar
- Cranor, L.F. 'I didn't' buy it for myself': Privacy and ecommerce personalization. In Proc. WPES '03, ACM Press, (2003). Google ScholarDigital Library
- Csikszentmihalyi, M. and Larson, R. Validity and reliability of the Experience Sampling Method. Journal of Nervous and Mental Disease, 175, 9, (1987), 526--536.Google ScholarCross Ref
- Dhamija, R., Tygar, J.D. and Hearst, M. Why phishing works. In Proc. CHI '06, ACM Press, (2006). Google ScholarDigital Library
- Dourish, P., Grinter, R., Delgado De La Flor, J. and Joseph, M. Security in the wild: user strategies for managing security as an everyday, practical problem. Personal and Ubiquitous Computing, 8, 6, (2004), 391--401. Google ScholarCross Ref
- Friedman, B., Howe, D.C. and Felton, E. Informed consent in the Mozilla browser: Implementing value-sensitive design. In Proc. 35th Hawaii International Conference on System Sciences, IEEE, (2002). Google ScholarDigital Library
- Friedman, B., Hurley, D., Howe, D.C., Felten, E. and Nissenbaum, H. Users' conceptions of web security: a comparative study. In Proc. CHI '02: CHI '02 extended abstracts on Human factors in computing systems, (2002). Google ScholarDigital Library
- Gideon, J., Cranor, L., Egelman, S. and Acquisti, A. Power strips, prophylactics, and privacy, oh my! In Proc. SOUPS '06, (2006). Google ScholarDigital Library
- Goffman, E. The presentation of self in everyday life. Doubleday, Garden City, NY, 1959.Google Scholar
- Greenstein, B., McCoy, D., Pang, J., Kohno, T., Seshan, S. and Wetherall, D. Improving wireless privacy with an identifier-free link layer protocol. In Proc. MobiSys '08, (2008). Google ScholarDigital Library
- Horrigan, J.B. Home broadband adoption 2008, Pew Internet&American Life Project, Washington, DC, 2008, http://www.pewinternet.org/pdfs/PIP_Broadband_2008.pdf.Google Scholar
- Jensen, C., Potts, C.,&Jensen, C. Privacy practices of Internet Users: Self-report versus observed behavior. IJHCS, 63, 1--2, (2005). Google ScholarDigital Library
- Jung, J., Sheth, A., Greenstein, B., Wetherall, D., Maganis, G. and Kohno, T. Privacy oracle: A system for finding application leaks using black-box differential testing. In Proc. CCS 2008, ACM Press, (2008). Google ScholarDigital Library
- Kindberg, T., O'Neill, E., Bevan, C., Kostakos, V., Fraser, D.S. and Jay, T. Measuring trust in Wi-Fi hotspots. In Proc. CHI '08, ACM Press, (2008). Google ScholarDigital Library
- King, J. and McDiarmid, A. Where's the beep? Security, privacy, and user misunderstandings of RFID. In Proc. Usenix, (2008). Google ScholarDigital Library
- Kowitz, B. and Cranor, L. Peripheral privacy notifications for wireless networks. In Proc. WPES '05, ACM Press, (2005). Google ScholarDigital Library
- Owyang, J. Social network stats: Facebook, MySpace reunion (Jan, 2008), 2008, http://tinyurl.com/ywnsgv.Google Scholar
- Poole, E.S., Chetty, M., Grinter, R.E. and Edwards, W.K. More than meets the eye: transforming the user experience of home network management. In Proc. DIS '08, ACM Press, (2008). Google ScholarDigital Library
- Stoll, J., Tashman, C.S., Edwards, W.K. and Spafford, K. Sesame: Informing user security decisions with system visualization. In Proc. CHI 2008, ACM Press, (2008). Google ScholarDigital Library
- Strauss, A. and Corbin, J. Basics of qualitative research: Techniques and procedures for developing grounded theory. SAGE, Thousand Oaks, 1998.Google Scholar
- Wu, M., Miller, R.C. and Garfinkel, S.L. Do security toolbars actually prevent phishing attacks? In Proc. CHI '06, ACM Press, (2006). Google ScholarDigital Library
Index Terms
- "When I am on Wi-Fi, I am fearless": privacy concerns & practices in eeryday Wi-Fi use
Recommendations
The Wi-Fi privacy ticker: improving awareness & control of personal information exposure on Wi-Fi
UbiComp '10: Proceedings of the 12th ACM international conference on Ubiquitous computingAnyone within range of an 802.11 wireless network ("Wi-Fi") can use free software to collect the unencrypted web traffic of others on the network. However, many Wi-Fi users are completely unaware of the risk that this creates. This work aims to improve ...
Towards a Wi-Fi ecosystem: Technology integration and emerging service models
This paper outlines emerging business models of heterogeneous wireless networks that are mainly Wi-Fi centric. Wi-Fi networks can be integrated with the Internet and cellular infrastructures to offer innovative services (data and voice) to individuals ...
On the effectiveness of integrating WiMAX and Wi-Fi
In this paper, we give a quantitative evaluation on the effect of integrating WiMAX and Wi-Fi, as compared to the case of separate WiMAX and Wi-Fi systems, with respect to the system capacity under QoS constraint. We focus particularly on the VoIP ...
Comments