tag:blogger.com,1999:blog-80498142025年10月11日 16:44:44 +0000usable privacy and securityhciubicompresearchcooljust plain weirdlocationphishingweb 2.0webdesignessaynoteworthychinesesocial webAndroidcmuteachingInternet of Thingsmobile socialworld of warcraftbookchi2011crowdsourcingcybersecuritydatabasesdesign patternsgamegraduate schoolif only we could use their powers for goodjavapaperpenprogrammingpsychologysketchtechnology adoptiontoyota camryurban analyticsvideowifiwiiworkcraftJason Hong's ConfabulationsA Carnegie Mellon University professor's rants and raves on research, human-computer interaction, Internet of Things, usable privacy and security, Pittsburgh, and teaching.http://confabulator.blogspot.com/noreply@blogger.com (Jason Hong)Blogger469125tag:blogger.com,1999:blog-8049814.post-78170322361951117512024年5月27日 23:15:00 +00002024年05月27日T19:15:20.310-04:00Summary of My Past ResearchWhen doing reappointment and promotion packages for faculty, you're expected to submit a summary of your research and accomplishments. Since I'm a full professor, I'm not required to do this anymore, but I thought it would still be a useful exercise, partly to help me reflect on my work but also to share with the world what I felt were some of my key accomplishments. So here are some highlights http://confabulator.blogspot.com/2024/05/summary-of-my-past-research.htmlnoreply@blogger.com (Jason Hong)1tag:blogger.com,1999:blog-8049814.post-14718507198902077032024年2月28日 22:27:00 +00002024年02月28日T17:27:19.843-05:00Questions for Privacy Risk ModelingIn 2004, my colleagues and I published a paper called Privacy risk models for designing privacy-sensitive ubiquitous computing systems. This paper posed a series of questions about user interface design, system design, and organizational issues that one should consider with respect to privacy when designing new ubicomp systems.In a recently published chapter in the book Mobile Sensing http://confabulator.blogspot.com/2024/02/questions-for-privacy-risk-modeling.htmlnoreply@blogger.com (Jason Hong)1tag:blogger.com,1999:blog-8049814.post-3420599651451831252023年5月30日 19:01:00 +00002023年06月01日T09:09:41.352-04:00SCGSSM 2023 Commencement Address I had the honor of being the 2023 commencement speaker for my old high school, the South Carolina Governor's School for Science and Math. It was especially good timing, since it's been 30 years since I graduated high school, so my friends and I organized a 30 year reunion at the same time. Here's a link to a video of my speech.Here's a link to my speaking notes. I used a table with http://confabulator.blogspot.com/2023/05/speech-for-scgssm-2023-commencement.htmlnoreply@blogger.com (Jason Hong)1tag:blogger.com,1999:blog-8049814.post-69783808086680359802021年1月15日 15:06:00 +00002021年04月23日T09:14:28.761-04:00Caret Browsing for ChromeMy young children have been fascinated by computers, and have a tendency to mash the keyboard. While this hasn't caused too many problems, it did lead to a strange case where the home, end, and arrow keys didn't work as usual in the Chrome browser.That is, instead of the down arrow key scrolling the page down, it would instead go to the next link on the page. Similarly, the end key wouldn't go tohttp://confabulator.blogspot.com/2021/01/caret-browsing-for-chrome.htmlnoreply@blogger.com (Jason Hong)1tag:blogger.com,1999:blog-8049814.post-69567291780902797992018年4月02日 22:40:00 +00002018年04月02日T21:08:54.981-04:00Fake Malware Warning on NYTimes web site
I just got a fake malware warning while reading an article on the New York Times web site. It also locked up my web browser too.
I'm copying and pasting the text here, to help any folks who do a search on the text.
There was a dangerous try to get an access to your personal logins & bank information. Luckily, your Firewall managed to block this suspicious connection. We recommend you to http://confabulator.blogspot.com/2018/04/fake-malware-warning-on-nytimes-web-site.htmlnoreply@blogger.com (Jason Hong)1tag:blogger.com,1999:blog-8049814.post-86164341166745622962018年1月22日 21:54:00 +00002018年01月22日T16:54:44.884-05:00What are the least secure connected devices? A journalist was asking my thoughts about the least secure connected devices out there today. Here's my response:
----------
What's insecure? Almost all of the cheaper consumer electronics available on the market today, including toys, light bulbs, weight scales, bread makers, web cams, and more.
There are two major reasons. The first is that most of these are made by hardware manufacturers http://confabulator.blogspot.com/2018/01/what-are-least-secure-connected-devices.htmlnoreply@blogger.com (Jason Hong)1tag:blogger.com,1999:blog-8049814.post-40562484407451242822018年1月13日 19:42:00 +00002018年01月13日T14:42:07.433-05:00Future of Education and Training in a World of AutomationA journalist was asking me about the future of automation, especially in terms of how we (society) should change in regards to training and education of workers. Below are my responses.
1) Do you consider your courses at CMU to be training a workforce for an increasingly automated world?
We don't explicitly gear our courses at CMU for training workforces. Generally, our courses are more http://confabulator.blogspot.com/2018/01/future-of-education-and-training-in.htmlnoreply@blogger.com (Jason Hong)2tag:blogger.com,1999:blog-8049814.post-66221516323471216412017年12月21日 20:36:00 +00002017年12月21日T15:36:39.820-05:00Thoughts on the Future of Technology and Well-BeingI just filled out a survey by Pew Internet and Elon College about the future of Internet technologies on well-being. Here are my responses:
Our question: Over the next decade, how will changes in digital life impact people’s overall well-being, physically and mentally?
Many years ago, the famed Nobel laureate Herb Simon pointed out that "[I]nformation consumes the attention of its recipients. http://confabulator.blogspot.com/2017/12/thoughts-on-future-of-technology-and.htmlnoreply@blogger.com (Jason Hong)1tag:blogger.com,1999:blog-8049814.post-74542259247896483732017年5月29日 15:34:00 +00002017年05月29日T11:34:09.021-04:00My Commencement Speech for SCGSSM 2017I was recently honored with Alumni of the Year award from my high school alma mater, the South Carolina Governor's School for Science and Math. For this award, I was also offered some time to give a short speech at this year's commencement ceremonies.
Note that the main speaker was Mick Mulvaney, who is Trump's budget director at the Office of Management and Budget. As you might know, Mulvaney http://confabulator.blogspot.com/2017/05/my-commencement-speech-for-scgssm-2017.htmlnoreply@blogger.com (Jason Hong)3tag:blogger.com,1999:blog-8049814.post-53258235569748228852016年11月15日 20:31:00 +00002016年11月15日T15:31:57.982-05:00cybersecurityInternet of Thingsusable privacy and securityCybersecurity under the Trump AdministrationA journalist asked me about cybersecurity under the Trump administration, whether anything will change. Here are my thoughts. Note that this is just my opinion and does not represent my employers or any of my funders.
--------------
I don't expect much to change. President Obama already made cybersecurity one of his top 10 priorities, and as a result, a lot of the heavy lifting has http://confabulator.blogspot.com/2016/11/cybersecurity-under-trump-administration.htmlnoreply@blogger.com (Jason Hong)0tag:blogger.com,1999:blog-8049814.post-34550212320290369562016年11月15日 20:25:00 +00002016年11月15日T15:25:59.269-05:00usable privacy and securitySome Tips on Protecting Yourself from RansomwareI've been asked by more and more journalists to offer some insights into various aspects of cybersecurity. I figured that since I'm already writing these up, I might as well share them with the public. This one is on ransomware.
------------------
Ransomware is a kind of malware that holds your data hostage. The malware scrambles your data and makes it so that you can't access it, unless you http://confabulator.blogspot.com/2016/11/some-tips-on-protecting-yourself-from.htmlnoreply@blogger.com (Jason Hong)0tag:blogger.com,1999:blog-8049814.post-90766552443119057712016年10月05日 22:35:00 +00002016年11月15日T15:26:29.631-05:00Androidusable privacy and securityAndroid Smartphone Settings for PrivacyI was just asked to write up some tips for managing privacy on smartphones. I figured this would be generally useful to share with folks on the Internet.
1. Many Android phones track a person's location history. You can check if Google has your location history by logging into your Google account and going to:
https://www.google.com/maps/timeline
If you want to turn this feature http://confabulator.blogspot.com/2016/10/android-smartphone-settings-for-privacy.htmlnoreply@blogger.com (Jason Hong)0tag:blogger.com,1999:blog-8049814.post-30229751701001243852016年7月28日 16:45:00 +00002016年11月15日T15:27:17.959-05:00Internet of ThingsubicompToward a Safe and Secure Internet of Things
I wrote up a white paper about the cybersecurity issues that we will face as the Internet of Things becomes more common. I discuss issues like physical security, scale, lack of experience by manufacturers, and lack of tools and best practices.
One idea I also advance is this pyramid of IoT Devices. At the top tier we will all have a few devices that have a lot of computational horsepower, suchhttp://confabulator.blogspot.com/2016/07/toward-safe-and-secure-internet-of.htmlnoreply@blogger.com (Jason Hong)0tag:blogger.com,1999:blog-8049814.post-71643347275262578222016年7月13日 16:17:00 +00002016年07月13日T12:17:40.003-04:00Chase Fraud Alert from SMS 28107I got a fraud alert on my phone this morning from SMS short code 28107. Is this legitimate? The short story, from what I can tell, is yes.
The alert I got was:
FREE MSG: Chase Fraud-Did you use card ending xxxx for $xx.xx at INGLES MARKETS on 07/13? If YES reply 1, NO reply 2
In cybersecurity, getting these kinds of alerts is a pretty common kind of scam. Attackers will send out lots of these http://confabulator.blogspot.com/2016/07/chase-fraud-alert-from-sms-28107.htmlnoreply@blogger.com (Jason Hong)16tag:blogger.com,1999:blog-8049814.post-15485135449799771512016年3月16日 22:57:00 +00002016年03月16日T18:57:46.462-04:00Should companies be allowed to "hack back" against thieves?
Here are my comments on New America responding to the question of whether companies should be allowed to hack back against thieves.
Companies should absolutely not hack back against cyber thieves. One major concern is attribution, namely knowing that you have identified the right parties. Intruders typically use other people’s computers and servers, so odds are high that a company would simply http://confabulator.blogspot.com/2016/03/should-companies-be-allowed-to-hack.htmlnoreply@blogger.com (Jason Hong)0tag:blogger.com,1999:blog-8049814.post-22792552747858701952016年3月16日 22:54:00 +00002016年03月16日T18:54:22.721-04:00My Article in Slate on Human Weaknesses in CybersecurityI published an article on Slate about human aspects of cybersecurity.
A great deal of metadata and surrounding context can still be inferred from unclassified emails. These inferences might include the social connections between people, the names of projects a person is working on, how emails are formatted, and what jargon a person uses. On the surface, this kind of information might seem http://confabulator.blogspot.com/2016/03/my-article-in-slate-on-human-weaknesses.htmlnoreply@blogger.com (Jason Hong)0tag:blogger.com,1999:blog-8049814.post-21826153022819944002015年11月29日 22:53:00 +00002015年11月29日T17:53:35.323-05:00World Economic Forum IdeasLab talk on Smartphones and HealthcareHere is a YouTube video of my talk at the World Economic Forum on Smartphones, Personal Data, and Healthcare.
http://confabulator.blogspot.com/2015/11/world-economic-forum-ideaslab-talk-on.htmlnoreply@blogger.com (Jason Hong)0tag:blogger.com,1999:blog-8049814.post-72196902864203477482015年11月29日 22:50:00 +00002015年11月29日T17:50:28.872-05:00Article in Quartz Magazine about Usability and CybersecurityI recently wrote up an article on Quartz looking at why public officials are using personal email accounts for business, looking at it from a usability and security perspective.
Why are so many politicians turning to personal email in the first place?This trend may justifiably raise concerns about transparency and legality. But why are so many politicians turning to personal email in the first http://confabulator.blogspot.com/2015/11/article-in-quartz-magazine-about.htmlnoreply@blogger.com (Jason Hong)0tag:blogger.com,1999:blog-8049814.post-13552930899765482782015年7月31日 15:36:00 +00002015年07月31日T11:36:36.050-04:00Conflict Management and NegotiationOne thing we do in our Master's of Human-Computer Interaction program is to have our students participate in workshops about conflict management. Conflict is inevitable, but how you deal with it is not.
This year, we also sent our students some web resources about negotiation strategies. These are, for the most part, very positive ways of looking at negotiation, rather than making it something http://confabulator.blogspot.com/2015/07/conflict-management-and-negotiation.htmlnoreply@blogger.com (Jason Hong)0tag:blogger.com,1999:blog-8049814.post-54215281377541272992015年7月02日 17:49:00 +00002015年07月02日T13:49:20.036-04:00Computer Science, Internet of Things, Privacy, and Advice for StudentsI wrote up an article for my old high school's alumni magazine, about my work and advice for the students. Here's the article below.
-------------
In the near future, our smart homes, smart cars, and
smartphones will essentially know everything about us. In many ways, this will
be a good thing, as these devices can help us in terms of healthcare,
sustainability, safety, and more. At the same http://confabulator.blogspot.com/2015/07/computer-science-internet-of-things.htmlnoreply@blogger.com (Jason Hong)3tag:blogger.com,1999:blog-8049814.post-84379717855874852332015年3月03日 02:15:00 +00002015年03月02日T21:15:16.250-05:00Visualizations of Phishing EmailsI've been collecting all phishing emails that have come into my inbox since 2010. I thought it would be fun to create some simple visualizations, to look for interesting patterns.
Below is a wordle of 95 different Nigerian email scams. These are the scams where the sender of the email has a business proposition for you, with millions of dollars in a bank or secret fund, and they need your help http://confabulator.blogspot.com/2015/03/visualizations-of-phishing-emails.htmlnoreply@blogger.com (Jason Hong)0tag:blogger.com,1999:blog-8049814.post-80452248473944026422015年2月22日 01:48:00 +00002015年02月21日T20:50:11.651-05:00Notes on Running the Mobisys 2015 Program CommitteeMarco Gruteser and I recently finished co-chairing the Mobisys 2015 technical program committee. Some of the TPC members said that it was the best run, least stressful program committee that they had been on, and were amazed that we were able to discuss over 60 papers.
I thought it would be good to share what tools and processes we used to keep things running smoothly, to help other programhttp://confabulator.blogspot.com/2015/02/notes-on-running-mobisys-2015-program.htmlnoreply@blogger.com (Jason Hong)0tag:blogger.com,1999:blog-8049814.post-10045381925931456882014年11月29日 20:20:00 +00002014年11月29日T15:20:28.684-05:00PrivacyGrade is outPrivacyGrade.org is our web site that presents our privacy analysis of a million Android smartphone apps. It's a deeper and broader analysis of apps beyond the previous blog posts on this site.http://confabulator.blogspot.com/2014/11/privacygrade-is-out.htmlnoreply@blogger.com (Jason Hong)0tag:blogger.com,1999:blog-8049814.post-7068468292078171382012年11月30日 05:52:00 +00002013年01月10日T10:04:38.028-05:00Analysis of Most Unexpected Permissions for Android Apps
Our team has been analyzing Android apps for unusual behaviors, using crowdsourcing techniques to find differences between what people expect an app to do and what an app does in reality.
Here are the top 10 most unexpected permissions, based on our crowdsourcing approach to analyze the behavior of Android apps. Each circle represents the level of surprise people had for each permission (N=20http://confabulator.blogspot.com/2012/11/analysis-of-top-10-most-unexpected.htmlnoreply@blogger.com (Jason Hong)0tag:blogger.com,1999:blog-8049814.post-54459572648465810712012年11月30日 05:21:00 +00002012年11月30日T00:57:25.651-05:00Analysis of Brightest Flashlight Free for Android
Brightest Flashlight Free
GoldenShores
Technologies, LLC
Category: Tools
Price: Free
Description
Brightest Flashlight Free - Turns on all available lights.
Brightest Flashlight App – Free of Charge
* Turns on all available lights on the device
* Camera Flash LED at Maximum
* Screen at Bright Maximum
* Keyboard Backlight at Maximum
* Soft Keys Backlight at Maximum
http://confabulator.blogspot.com/2012/11/analysis-of-brightest-flashlight-free.htmlnoreply@blogger.com (Jason Hong)1