Proactive Legal Design for Health Data Sharing based on Smart Contracts

By

Interdisciplinary Research Group in Socio-technical CybersecurityProactive Legal Design for Health Data Sharing based on Smart ContractsArianna Rossi, Helena Haapio, Abstract:The technology of smart contracts neglects the fact that people use contracts as social resources to manage their relations. Th e inflexibility that they introduce, by design, might short-circuit a number of social uses to which … Continued

Cookie Banners, What’s the Purpose? Analyzing Cookie Banner Text Through a Legal Lens

By

Interdisciplinary Research Group in Socio-technical CybersecurityCookie Banners, What’s the Purpose? Analyzing Cookie Banner Text Through a Legal LensCristiana Santos , Arianna Rossi, Lorena Sanchez Chamorro, Kerstin Bongard, Ruba Abu-SalmaAbstract:A cookie banner pops up when a user visits a website for the first time, requesting consent to the use of cookies and other trackers for a … Continued

“I personally relate it to the traffic light”: a user study on security & privacy indicators in a secure email system committed to privacy by default

By

Interdisciplinary Research Group in Socio-technical Cybersecurity“I personally relate it to the traffic light”: a user study on security & privacy indicators in a secure email system committed to privacy by defaultStojkovski Borce, Lenzini Gabriele, Koenig VincentAbstract:Improving the usability and adoption of secure (i.e. end-to-end encrypted) email systems has been a notorious challenge for over two … Continued

I am Definitely Manipulated, Even When I am Aware of it. It s Ridiculous! — Dark Patterns from the End-User Perspective

By

Interdisciplinary Research Group in Socio-technical CybersecurityI am Definitely Manipulated, Even When I am Aware of it. It s Ridiculous! — Dark Patterns from the End-User PerspectiveKerstin Bongard-Blanchy, Arianna Rossi, Salvador Rivas, Sophie Doublet, Vincent Koenig, Gabriele LenziniAbstract:Online services pervasively employ manipulative designs (i.e., dark patterns) to influence users to purchase goods and subscriptions, spend more … Continued

All in one stroke? Intervention Spaces for Dark Patterns

By

Interdisciplinary Research Group in Socio-technical CybersecurityAll in one stroke? Intervention Spaces for Dark PatternsArianna Rossi, Kerstin Bongard-BlanchyAbstract:This position paper draws from the complexity of dark patterns to develop arguments for differentiated interventions. We propose a matrix of interventions with a measure axis (from user-directed to environmentdirected) and a scope axis (from general to specific). We … Continued

Enhancing acetic acid and 5 hydroxymethyl furfural tolerance of C. saccharoperbutylacetonicum through adaptive laboratory evolution

By

Interdisciplinary Research Group in Socio-technical CybersecurityEnhancing acetic acid and 5 hydroxymethyl furfural tolerance of C. saccharoperbutylacetonicum through adaptive laboratory evolutionRafael F. Alves, Ana M. Zetty-Arenas, Huseyin Demirci, Oscar Dias, Isabel Rocha, Thiago O. Basso, Sindelia FreitasAbstract:In this study, adaptive laboratory evolution (ALE) was applied to isolate four strains of Clostridium saccharoperbutylacetonicum able to grow in … Continued

The Framework of Security-Enhancing Friction: How UX Can Help Users Behave More Securely

By

Interdisciplinary Research Group in Socio-technical CybersecurityThe Framework of Security-Enhancing Friction: How UX Can Help Users Behave More SecurelyVerena Distler, Gabriele Lenzini, Carine Lallemand, and Vincent KoenigAbstract:A growing body of research in the usable privacy and security community addresses the question of how to best influence user behavior to reduce risk-taking. We propose to address this … Continued

“The simplest protocol for oblivious transfer” revisited

By

Interdisciplinary Research Group in Socio-technical Cybersecurity“The simplest protocol for oblivious transfer” revisitedZiya Alper Genç, Vincenzo Iovino, Alfredo RialAbstract:In 2015, Chou and Orlandi presented an oblivious transfer protocol that already drew a lot of attention both from theorists and practitioners due to its extreme simplicity and high efficiency. Chou and Orlandi claimed that their protocol is … Continued

Dual-Use Research In Ransomware Attacks: A Discussion on Ransomware Defence Intelligence

By

Interdisciplinary Research Group in Socio-technical CybersecurityDual-Use Research In Ransomware Attacks: A Discussion on Ransomware Defence IntelligenceZiya Alper Genç, Gabriele LenziniAbstract:Previous research has shown that developers rely on public platforms and repositories to produce functional but insecure code. We looked into the matter for ransomware, enquiring whether also ransomware engineers re-use the work of others and … Continued

Authentication and Key Management Automation in Decentralized Secure Email and Messaging via Low-Entropy Secrets

By

Interdisciplinary Research Group in Socio-technical CybersecurityAuthentication and Key Management Automation in Decentralized Secure Email and Messaging via Low-Entropy SecretsItzel Vazquez Sandoval, Arash Atashpendar, Gabriele LenziniAbstract:We revisit the problem of entity authentication in decentralized end-to-end encrypted email and secure messaging to propose a practical and self-sustaining cryptographic solution based on password-authenticated key exchange (PAKE). This not … Continued