Cybersecurity fatigue is a form of work disengagement specific to cybersecurity. It manifests
as a weariness or aversion to cybersecurity-related workplace behaviors or advice and …

Usable privacy and security researchers have developed a variety of approaches to
represent risk to research participants. To understand how these approaches are used and …

Many Android apps have a legitimate need to communicate over the Internet and are then
responsible for protecting potentially sensitive data during transit. This paper seeks to better …

We empirically assess whether browser security warnings are as ineffective as suggested by
popular opinion and previous literature. We used Mozilla Firefox and Google Chrome's in …

End users learn defensive security behaviors from a variety of channels, including a plethora
of security advice given in online articles. A great deal of effort is devoted to getting users to …

The state of advice given to people today on how to stay safe online has plenty of room for
improvement. Too many things are asked of them, which may be unrealistic, time …

Rather than recognizing software engineers' limitations, modern security practice has
created an adversarial relationship between security software designers and the developers …

In this paper, we examine the recent trend to-wards in-browser mining of cryptocurrencies; in
particular, the mining of Monero through Coinhive and similar code-bases. In this model, a …

Internet users today depend daily on HTTPS for secure communication with sites they intend
to visit. Over the years, many attacks on HTTPS and the certificate trust model it uses have …

A cookie banner pops up when a user visits a website for the first time, requesting consent to
the use of cookies and other trackers for a variety of purposes. Unlike prior work that has …