SlideShare a Scribd company logo

Smartphone security and privacy: you're doing it wrong

Download as KEY, PDF
Graham Lee, profile picture
Graham Lee

The document discusses the challenges of mobile app privacy, emphasizing that both users and developers share responsibility for protecting personal information. It highlights the inconsistency in user decision-making regarding privacy and the importance of providing digestible privacy information at the point of decision. Moreover, it suggests that affordability is central to privacy improvements and encourages collaborative efforts between users and developers.

Technology
1 of 39
Downloaded 49 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited fuzzyaliens.com
Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited
Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited Desktop Server Telecom CO Particle Accelerator
Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited Desktop Server UX Telecom CO Requirements Eng Particle Accelerator Dev Ops Source Control …
Pre-intro Disclaimer
Introductory Story
Introductory Story • I can’t explain why I did what I did
Introductory Story • I can’t explain why I did what I did • It’s not just hard to explain the rules, I don’t know them
Introductory Story • I can’t explain why I did what I did • It’s not just hard to explain the rules, I don’t know them • Ask me, I’ll not only give the wrong answer, I’ll do something different
Introductory Story • I can’t explain why I did what I did • It’s not just hard to explain the rules, I don’t know them • Ask me, I’ll not only give the wrong answer, I’ll do something different • My original plan got replaced at run-time in the face of new inputs
Erm…privacy?
Erm…privacy?
TAP HERE TO SMASH THEM PIGS Erm…privacy?
Erm…privacy?
iOS Example
iOS Example
iOS Example
iOS Example
Historical Example “ The Platform for Privacy Preferences Project (P3P) enables Websites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents. P3P user agents will allow users to be informed of site practices (in both machine- and human-readable formats) and to automate decision-making based on these practices when appropriate. Thus users need not read the privacy policies at every site they visit. ”
What can we draw from this?
What can we draw from this? • People are capricious
What can we draw from this? • People are capricious • We can’t tell you what information we’ll use to make any decision
What can we draw from this? • People are capricious • We can’t tell you what information we’ll use to make any decision • A rational choice made earlier can be overridden by novel changes in environment
What can we draw from this? • People are capricious • We can’t tell you what information we’ll use to make any decision • A rational choice made earlier can be overridden by novel changes in environment amme rs a n d Sp phish e rs k n o w t his
Therefore, give users an easily-digestible amount of pertinent information AT DECISION TIME
Just-in-time information what I’m trying to do how it’s going
Social Media
Social Media Your mum can read what you post! Change privacy settings
Social Media
Social Media IN REPLY TO DM
Confidential Data
Confidential Data Warning: attachment includes credit card data. Delete Attachment
Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
@iamleeg
@iamleeg fuzzyaliens.com
@iamleeg fuzzyaliens.com

More Related Content

PDF
Smartphone security
Nash Atan
 
PPTX
Textil
lujan.oulton
 
PPTX
Cierre Habitantes por Alververas
lujan.oulton
 
PPTX
Performances
lujan.oulton
 
PDF
GALA breve presentazione maggio 2015
Stefano Maria De' Rossi
 
PPT
Helicia ftorrente objetoa
lujan.oulton
 
PPTX
Gallery Nights Octubre
lujan.oulton
 
PDF
Presentazione AD Mind 2012
Stefano Maria De' Rossi
 
Smartphone security
Nash Atan
 
Textil
lujan.oulton
 
Cierre Habitantes por Alververas
lujan.oulton
 
Performances
lujan.oulton
 
GALA breve presentazione maggio 2015
Stefano Maria De' Rossi
 
Helicia ftorrente objetoa
lujan.oulton
 
Gallery Nights Octubre
lujan.oulton
 
Presentazione AD Mind 2012
Stefano Maria De' Rossi
 

Viewers also liked (8)

PDF
Mind mapping
Stefano Maria De' Rossi
 
PDF
Data mining in support of fraud management
Stefano Maria De' Rossi
 
PDF
introduzione al data mining
Stefano Maria De' Rossi
 
PDF
Tackling Card not present Fraud
Stefano Maria De' Rossi
 
KEY
Cross platform Objective-C Strategy
Graham Lee
 
PDF
Las obras en exhibición: Tercera Bienal Kosice
lujan.oulton
 
PDF
Crm value proposition
Stefano Maria De' Rossi
 
PDF
Studio Labsus v2009
Stefano Maria De' Rossi
 
Mind mapping
Stefano Maria De' Rossi
 
Data mining in support of fraud management
Stefano Maria De' Rossi
 
introduzione al data mining
Stefano Maria De' Rossi
 
Tackling Card not present Fraud
Stefano Maria De' Rossi
 
Cross platform Objective-C Strategy
Graham Lee
 
Las obras en exhibición: Tercera Bienal Kosice
lujan.oulton
 
Crm value proposition
Stefano Maria De' Rossi
 
Studio Labsus v2009
Stefano Maria De' Rossi
 
Ad

Similar to Smartphone security and privacy: you're doing it wrong (20)

PPTX
Fostering an Ecosystem for Smartphone Privacy
Jason Hong
 
PPTX
Helping Developers with Privacy
Jason Hong
 
PDF
Over The Air 2010: Privacy for Mobile Developers
Ricardo Varela
 
PDF
Privacy Exposed: Ramifications of Social Media and Mobile Technology
Tom Eston
 
PDF
Ft cmobileprivacyreport
Greg Sterling
 
PDF
UX STRAT USA, Dr. Jen Romano-Bergstrom, "Strategy and Privacy at Facebook"
UX STRAT
 
PDF
Designing for privacy: 3 essential UX habits for product teams
Block Party
 
PPTX
Designing for privacy in mobile applications
Vodafone developer
 
PDF
Privacy vs. Convenience. Challenges for UX with Privacy and Personalization
Agnieszka Maria Walorska
 
PDF
Privacy vs. Convenience. Challenges for UX with Privacy and Personalization
CREATIVE CONSTRUCTION HEROES GMBH
 
PPTX
Designing for Privacy in an Increasingly Public World
Robert Stribley
 
PDF
Privacy Jungle
Dev Khare
 
PPT
Usability Professionals Don't Care About Privacy
Nika Smith
 
PPTX
App Privacy
ConnectSafely
 
PPTX
Privacy on Mobile Apps
Mays Mrayyan
 
PDF
Your place in the new trust ecosystem for UCD Gathering 20202
Ian Forrester
 
PDF
Visualizing Privacy
Lookout
 
PPTX
Mobileprivacyazahir
Azahir Hifzalla
 
PDF
FTC Emphasizes Privacy Protections, Truth in Advertising in Business Guide fo...
Patton Boggs LLP
 
PDF
Designing for Privacy
wrathfulplaza6959
 
Fostering an Ecosystem for Smartphone Privacy
Jason Hong
 
Helping Developers with Privacy
Jason Hong
 
Over The Air 2010: Privacy for Mobile Developers
Ricardo Varela
 
Privacy Exposed: Ramifications of Social Media and Mobile Technology
Tom Eston
 
Ft cmobileprivacyreport
Greg Sterling
 
UX STRAT USA, Dr. Jen Romano-Bergstrom, "Strategy and Privacy at Facebook"
UX STRAT
 
Designing for privacy: 3 essential UX habits for product teams
Block Party
 
Designing for privacy in mobile applications
Vodafone developer
 
Privacy vs. Convenience. Challenges for UX with Privacy and Personalization
Agnieszka Maria Walorska
 
Privacy vs. Convenience. Challenges for UX with Privacy and Personalization
CREATIVE CONSTRUCTION HEROES GMBH
 
Designing for Privacy in an Increasingly Public World
Robert Stribley
 
Privacy Jungle
Dev Khare
 
Usability Professionals Don't Care About Privacy
Nika Smith
 
App Privacy
ConnectSafely
 
Privacy on Mobile Apps
Mays Mrayyan
 
Your place in the new trust ecosystem for UCD Gathering 20202
Ian Forrester
 
Visualizing Privacy
Lookout
 
Mobileprivacyazahir
Azahir Hifzalla
 
FTC Emphasizes Privacy Protections, Truth in Advertising in Business Guide fo...
Patton Boggs LLP
 
Designing for Privacy
wrathfulplaza6959
 
Ad

More from Graham Lee (13)

PPTX
Object-Oriented Programming in Functional Programming in Swift
Graham Lee
 
PDF
The Principled Programmer
Graham Lee
 
KEY
Taking a Test Drive: iOS Dev UK guide to TDD
Graham Lee
 
KEY
Taking a Test Drive
Graham Lee
 
KEY
Crypto storage
Graham Lee
 
PDF
Beyond build and analyze
Graham Lee
 
PDF
Sign your code
Graham Lee
 
KEY
Unit testing for Cocoa developers
Graham Lee
 
KEY
Security and Encryption on iOS
Graham Lee
 
KEY
Dial M For Mitigation
Graham Lee
 
ZIP
Presentations and Podcasts - OxMug July 2009
Graham Lee
 
PDF
Intel Briefing Notes
Graham Lee
 
ZIP
Designing a Secure Cocoa App
Graham Lee
 
Object-Oriented Programming in Functional Programming in Swift
Graham Lee
 
The Principled Programmer
Graham Lee
 
Taking a Test Drive: iOS Dev UK guide to TDD
Graham Lee
 
Taking a Test Drive
Graham Lee
 
Crypto storage
Graham Lee
 
Beyond build and analyze
Graham Lee
 
Sign your code
Graham Lee
 
Unit testing for Cocoa developers
Graham Lee
 
Security and Encryption on iOS
Graham Lee
 
Dial M For Mitigation
Graham Lee
 
Presentations and Podcasts - OxMug July 2009
Graham Lee
 
Intel Briefing Notes
Graham Lee
 
Designing a Secure Cocoa App
Graham Lee
 

Recently uploaded (20)

PPTX
Modernising the Digital Integration Hub
Daniel Toomey
 
PDF
Getting Started with Data Integration: FME Form 101
Safe Software
 
PPTX
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
PDF
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PDF
Hybrid model detection and classification of lung cancer
IAESIJAI
 
PDF
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
PPTX
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
PDF
2021 HotChips TSMC Packaging Technologies for Chiplets and 3D_0819 publish_pu...
KeXue5
 
PDF
August Patch Tuesday
Ivanti
 
PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
PDF
NewMind AI Weekly Chronicles – August ’25 Week III
NewMind AI
 
PDF
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
PPT
What is a Computer? Input Devices /output devices
GulJan8
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PDF
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
PDF
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
PDF
Web App vs Mobile App What Should You Build First.pdf
KodekX
 
PPTX
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
PDF
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
Modernising the Digital Integration Hub
Daniel Toomey
 
Getting Started with Data Integration: FME Form 101
Safe Software
 
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
Hybrid model detection and classification of lung cancer
IAESIJAI
 
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
2021 HotChips TSMC Packaging Technologies for Chiplets and 3D_0819 publish_pu...
KeXue5
 
August Patch Tuesday
Ivanti
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
NewMind AI Weekly Chronicles – August ’25 Week III
NewMind AI
 
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
What is a Computer? Input Devices /output devices
GulJan8
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
Web App vs Mobile App What Should You Build First.pdf
KodekX
 
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 

Smartphone security and privacy: you're doing it wrong

  • 1. Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited fuzzyaliens.com
  • 2. Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited
  • 3. Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited Desktop Server Telecom CO Particle Accelerator
  • 4. Mobile App Privacy — You’re Doing It Wrong (and so am I) Graham Lee, Smartphone Security Boffin, Fuzzy Aliens Limited Desktop Server UX Telecom CO Requirements Eng Particle Accelerator Dev Ops Source Control …
  • 7. Introductory Story • I can’t explain why I did what I did
  • 8. Introductory Story • I can’t explain why I did what I did • It’s not just hard to explain the rules, I don’t know them
  • 9. Introductory Story • I can’t explain why I did what I did • It’s not just hard to explain the rules, I don’t know them • Ask me, I’ll not only give the wrong answer, I’ll do something different
  • 10. Introductory Story • I can’t explain why I did what I did • It’s not just hard to explain the rules, I don’t know them • Ask me, I’ll not only give the wrong answer, I’ll do something different • My original plan got replaced at run-time in the face of new inputs
  • 13. TAP HERE TO SMASH THEM PIGS Erm…privacy?
  • 19. Historical Example “ The Platform for Privacy Preferences Project (P3P) enables Websites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents. P3P user agents will allow users to be informed of site practices (in both machine- and human-readable formats) and to automate decision-making based on these practices when appropriate. Thus users need not read the privacy policies at every site they visit. ”
  • 20. What can we draw from this?
  • 21. What can we draw from this? • People are capricious
  • 22. What can we draw from this? • People are capricious • We can’t tell you what information we’ll use to make any decision
  • 23. What can we draw from this? • People are capricious • We can’t tell you what information we’ll use to make any decision • A rational choice made earlier can be overridden by novel changes in environment
  • 24. What can we draw from this? • People are capricious • We can’t tell you what information we’ll use to make any decision • A rational choice made earlier can be overridden by novel changes in environment amme rs a n d Sp phish e rs k n o w t his
  • 25. Therefore, give users an easily-digestible amount of pertinent information AT DECISION TIME
  • 26. Just-in-time information what I’m trying to do how it’s going
  • 28. Social Media Your mum can read what you post! Change privacy settings
  • 30. Social Media IN REPLY TO DM
  • 32. Confidential Data Warning: attachment includes credit card data. Delete Attachment
  • 33. Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
  • 34. Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
  • 35. Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
  • 36. Summary • Users can help themselves to privacy… • …if app developers do their part and help out • AFFORDABILITY IS KEY (in everything) • Read these books ➡
  • 38. @iamleeg fuzzyaliens.com
  • 39. @iamleeg fuzzyaliens.com

Editor's Notes