“I personally relate it to the traffic light”: a user study on security & privacy indicators in a secure email system committed to privacy by default

Interdisciplinary Research Group in Socio-technical Cybersecurity“I personally relate it to the traffic light”: a user study on security & privacy indicators in a secure email system committed to privacy by defaultStojkovski Borce, Lenzini Gabriele, Koenig VincentAbstract:Improving the usability and adoption of secure (i.e. end-to-end encrypted) email systems has been a notorious challenge for over two … Continued

I am Definitely Manipulated, Even When I am Aware of it. It s Ridiculous! — Dark Patterns from the End-User Perspective

Interdisciplinary Research Group in Socio-technical CybersecurityI am Definitely Manipulated, Even When I am Aware of it. It s Ridiculous! — Dark Patterns from the End-User PerspectiveKerstin Bongard-Blanchy, Arianna Rossi, Salvador Rivas, Sophie Doublet, Vincent Koenig, Gabriele LenziniAbstract:Online services pervasively employ manipulative designs (i.e., dark patterns) to influence users to purchase goods and subscriptions, spend more … Continued

All in one stroke? Intervention Spaces for Dark Patterns

Interdisciplinary Research Group in Socio-technical CybersecurityAll in one stroke? Intervention Spaces for Dark PatternsArianna Rossi, Kerstin Bongard-BlanchyAbstract:This position paper draws from the complexity of dark patterns to develop arguments for differentiated interventions. We propose a matrix of interventions with a measure axis (from user-directed to environmentdirected) and a scope axis (from general to specific). We … Continued

Enhancing acetic acid and 5‐hydroxymethyl furfural tolerance of C. saccharoperbutylacetonicum through adaptive laboratory evolution

Interdisciplinary Research Group in Socio-technical CybersecurityEnhancing acetic acid and 5‐hydroxymethyl furfural tolerance of C. saccharoperbutylacetonicum through adaptive laboratory evolutionRafael F. Alves, Ana M. Zetty-Arenas, Huseyin Demirci, Oscar Dias, Isabel Rocha, Thiago O. Basso, Sindelia FreitasAbstract:In this study, adaptive laboratory evolution (ALE) was applied to isolate four strains of Clostridium saccharoperbutylacetonicum able to grow in the … Continued

The Framework of Security-Enhancing Friction: How UX Can Help Users Behave More Securely

Interdisciplinary Research Group in Socio-technical CybersecurityThe Framework of Security-Enhancing Friction: How UX Can Help Users Behave More SecurelyVerena Distler, Gabriele Lenzini, Carine Lallemand, and Vincent KoenigAbstract:A growing body of research in the usable privacy and security community addresses the question of how to best influence user behavior to reduce risk-taking. We propose to address this … Continued

“The simplest protocol for oblivious transfer” revisited

Interdisciplinary Research Group in Socio-technical Cybersecurity“The simplest protocol for oblivious transfer” revisitedZiya Alper Genç, Vincenzo Iovino, Alfredo RialAbstract:In 2015, Chou and Orlandi presented an oblivious transfer protocol that already drew a lot of attention both from theorists and practitioners due to its extreme simplicity and high efficiency. Chou and Orlandi claimed that their protocol is … Continued

Dual-Use Research In Ransomware Attacks: A Discussion on Ransomware Defence Intelligence

Interdisciplinary Research Group in Socio-technical CybersecurityDual-Use Research In Ransomware Attacks: A Discussion on Ransomware Defence IntelligenceZiya Alper Genç, Gabriele LenziniAbstract:Previous research has shown that developers rely on public platforms and repositories to produce functional but insecure code. We looked into the matter for ransomware, enquiring whether also ransomware engineers re-use the work of others and … Continued

Authentication and Key Management Automation in Decentralized Secure Email and Messaging via Low-Entropy Secrets

Interdisciplinary Research Group in Socio-technical CybersecurityAuthentication and Key Management Automation in Decentralized Secure Email and Messaging via Low-Entropy SecretsItzel Vazquez Sandoval, Arash Atashpendar, Gabriele LenziniAbstract:We revisit the problem of entity authentication in decentralized end-to-end encrypted email and secure messaging to propose a practical and self-sustaining cryptographic solution based on password-authenticated key exchange (PAKE). This not … Continued

Transparency by Design in Data-Informed Research: a Collection of Information Design Patterns

Interdisciplinary Research Group in Socio-technical CybersecurityTransparency by Design in Data-Informed Research: a Collection of Information Design PatternsRossi Arianna, Lenzini GabrieleAbstract:Oftentimes information disclosures describing personal data-gathering research activities are so poorly designed that participants fail to be informed and blindly agree to the terms, without grasping the rights they can exercise and the risks derived from … Continued

Can Visual Design Provide Legal Transparency? The Challenges for Successful Implementation of Icons for Data Protection

Interdisciplinary Research Group in Socio-technical CybersecurityCan Visual Design Provide Legal Transparency? The Challenges for Successful Implementation of Icons for Data ProtectionRossi Arianna, Palmirani MonicaAbstract:Design is a key player in the future of data privacy and data protection. The General Data Protection Regulation (GDPR) established by the European Union aims to rebalance the information asymmetry between … Continued