Stack overflow considered harmful? the impact of copy&paste on android application security
Online programming discussion platforms such as Stack Overflow serve as a rich source of
information for software developers. Available information include vibrant discussions and …
information for software developers. Available information include vibrant discussions and …
You get where you're looking for: The impact of information sources on code security
Vulnerabilities in Android code--including but not limited to insecure data storage,
unprotected inter-component communication, broken TLS implementations, and violations of …
unprotected inter-component communication, broken TLS implementations, and violations of …
Comparing the usability of cryptographic apis
Potentially dangerous cryptography errors are well-documented in many applications.
Conventional wisdom suggests that many of these errors are caused by cryptographic …
Conventional wisdom suggests that many of these errors are caused by cryptographic …
Usability, security and trust in password managers: A quest for user-centric properties and features
S Chaudhary, T Schafeitel-Tähtinen, M Helenius… - Computer Science …, 2019 - Elsevier
A password manager stores and handles users' passwords from different services. This
relieves the users from constantly remembering and recalling many different login …
relieves the users from constantly remembering and recalling many different login …
Password managers: Attacks and defenses
We study the security of popular password managers and their policies on automatically
filling in Web passwords. We examine browser built-in password managers, mobile …
filling in Web passwords. We examine browser built-in password managers, mobile …
Sok: Lessons learned from android security research for appified software platforms
Android security and privacy research has boomed in recent years, far outstripping
investigations of other appified platforms. However, despite this attention, research efforts …
investigations of other appified platforms. However, despite this attention, research efforts …
Why eve and mallory still love android: Revisiting {TLS}({In) Security} in android applications
Android applications have a long history of being vulnerable to man-in-the-middle attacks
due to insecure custom TLS certificate validation implementations. To resolve this, Google …
due to insecure custom TLS certificate validation implementations. To resolve this, Google …
Phishing attacks on modern android
Modern versions of Android have introduced a number of features in the name of
convenience. This paper shows how two of these features, mobile password managers and …
convenience. This paper shows how two of these features, mobile password managers and …
Replication: No one can hack my mind revisiting a study on expert and {Non-Expert} security practices and advice
K Busse, J Schäfer, M Smith - … on Usable Privacy and Security (SOUPS …, 2019 - usenix.org
A 2015 study by Iulia Ion, Rob Reeder, and Sunny Consolvo examined the self-reported
security behavior of security experts and non-experts. They also analyzed what kind of …
security behavior of security experts and non-experts. They also analyzed what kind of …
Deception task design in developer password studies: Exploring a student sample
A Naiakshina, A Danilova, C Tiefenau… - Fourteenth Symposium on …, 2018 - usenix.org
Studying developer behavior is a hot topic for usable security researchers. While the usable
security community has ample experience and best-practice knowledge concerning the …
security community has ample experience and best-practice knowledge concerning the …