Jake Weidman scite author profile

IEEE/ACM Trans. Comput. Biol. and Bioinf.

Aurite

Großklags

2019

Genetics and genetic data have been the subject of recent scholarly work, with significant attention paid towards understanding consent practices for the acquisition and usage of genetic data as well as genetic data security. Attitudes and perceptions concerning the trustworthiness of governmental institutions receiving test-taker data have been explored, with varied findings, but no robust models or deterministic relationships have been established that account for these differences. These results also do not explore in detail the perceptions regarding other types of organizations (e.g., private corporations). Further, considerations of privacy interdependence arising from blood relative relationships have been absent from the conversation regarding the sharing of genetic data. This paper reports the results from a factorial vignette survey study in which we investigate how variables of ethnicity, age, genetic markers, and association of data with the individual's name affect the likelihood of sharing data with different types of organizations. We also investigate elements of personal and interdependent privacy concerns. We document the significant role these factors have in the decision to share or not share genetic data. We support our findings with a series of regression analyses.

Take It or Leave It

Farhang

Kamani

et al. 2018

Software upgrades play a pivotal role in enhancing software performance, and are a critical component of resolving software bugs and patching security issues. However, consumers' eagerness to upgrade to the newest operating system is often tempered after release. In this paper, we focus on the upgrade perceptions and practices of users utilizing Microsoft Windows, with particular consideration given to the current upgrade cycle to Windows 10, which was, for a time, offered at no monetary cost to many users. To better understand the relevant factors for upgrade decisions, we deployed a structured survey, including several open-ended questions to add additional depth. We collected data from 239 Microsoft Windows users and utilized qualitative and quantitative methods to analyze user upgrade practices. Important themes include how to best notify users of upcoming upgrade opportunities, how users perceive privacy issues associated with OS upgrade decisions, and whether security constitutes a significant decision-making factor. We also explore how end-of-life dates, indicating the end of support by the vendor, are perceived by users.

Responding to KRACK: Wi-Fi Security Awareness in Private Households

Freudenreich¹,

Weidman²,

Großklags³

2020

In this paper, we study the update and security practices of individuals in private households with an exploratory interview study. In particular, we investigate participants' awareness regarding KRACK, a patched key vulnerability in the WPA/WPA2 protocol, and similar vulnerabilities in the context of usage and management scenarios in Wi-Fi networks. We show that while most people are aware of certain dangers, they struggle to address Wi-Fi related vulnerabilities. The findings could prove to be beneficial in identifying not only the current security status of average users regarding Wi-Fi security, but also to improve update and information propagation to mitigate related threats in the future.

I Like It, but I Hate It

Großklags

2017

Assessing the current state of information security policies in academic organizations

Großklags

2019

ICS

Purpose Colleges and universities across the USA have seen data breaches and intellectual property theft rise at a heightened rate over the past several years. An integral step in the first line of defense against various forms of attacks are (written) security policies designed to prescribe the construction and function of a technical system, while simultaneously guiding the actions of individuals operating within said system. Unfortunately, policy analysis is an insufficiently discussed topic in many academic communities with very little research being conducted in this space. Design/methodology/approach This work aims to assess the current state of information security policies by analyzing in-use policies from 200 universities and colleges in the USA with the goal of identifying important features and general attributes of these documents. The authors accomplish this through a series of analyzes designed to examine the language and construction of these policies. Findings To summarize high-level results, the authors found that only 54 per cent of the top 200 universities had publicly accessible information security policies, and the policies that were examined lacked consistency with little shared source material. The authors also found that the tonal makeup of these policies lacked a great deal of emotion, but contained a high amount of tentative or ambiguous language leading toward policies that could be viewed as “unclear.” Originality/value This work is an extension of a paper that was presented at ECIS 2018. The authors have added additional analyzes including a cross-policy content and tonal analysis to strengthen the findings and implications of this work for the wider research audience.