While researchers have developed many tools, techniques, and protocols for improving
software security, exploits and breaches are only becoming more frequent. Some of this gap …

Usable privacy and security researchers have developed a variety of approaches to
represent risk to research participants. To understand how these approaches are used and …

Online programming discussion platforms such as Stack Overflow serve as a rich source of
information for software developers. Available information include vibrant discussions and …

Third-party libraries on Android have been shown to be security and privacy hazards by
adding security vulnerabilities to their host apps or by misusing inherited access rights …

Vulnerabilities in Android code--including but not limited to insecure data storage,
unprotected inter-component communication, broken TLS implementations, and violations of …

Potentially dangerous cryptography errors are well-documented in many applications.
Conventional wisdom suggests that many of these errors are caused by cryptographic …

HTTPS is one of the most important protocols used to secure communication and is,
fortunately, becoming more pervasive. However, especially the long tail of websites is still …

Recruiting professional programmers in sufficient numbers for research studies can be
challenging because they often cannot spare the time, or due to their geographical …

Software developers are key players in the security ecosystem as they produce code that
runs on millions of devices. Yet we continue to see insecure code being developed and …

Protecting communication content at scale is a difficult task, and TLS is the protocol most
commonly used to do so. However, it has been shown that deploying it in a truly secure …