|
Application stores use sophisticated user interfaces to help users understand the permissions sought by applications. Unfortunately, these interfaces are complex and may fail to address their goal of helping users give informed consent. As a result, users may inadvertently surrender private information or open themselves up to security attacks.
This project tackles the problem of improving the nature of information provided by these interfaces. It focuses both on new interface designs that will better represent this information, and on techniques to bootstrap the provision of that information. On the user interface side, it designs new interfaces that help untrained users recognize the security and privacy consequences of the sought permissions. To populate this information, it posits the use of crowdsourcing to obtain information at scale about the suitability of permissions. The goal is to eventually populate an application store with this information to encourage adoption and additional feedback from users. The project will study how effectively and accurately crowdsourcing can be used to gather this information.
|
EAGER: By the People, For the People: Community Ratings for App Privacy