2019 IEEE Symposium on Security and Privacy (SP) 2019
DOI: 10.1109/sp.2019.00054
|View full text |Cite
|
Sign up to set email alerts
|

Demystifying Hidden Privacy Settings in Mobile Apps

Abstract: Mobile apps include privacy settings that allow their users to configure how their data should be shared. These settings, however, are often hard to locate and hard to understand by the users, even in popular apps, such as Facebook. More seriously, they are often set to share user data by default, exposing her privacy without proper consent. In this paper, we report the first systematic study on the problem, which is made possible through an in-depth analysis of user perception of the privacy settings. More sp… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
14
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
4
3
2

Relationship

0
9

Authors

Journals

citations
Cited by 21 publications
(14 citation statements)
references
References 22 publications
0
14
0
Order By: Relevance
“…Dr. Android (Jeon et al, 2012) retrofits apps to allow for the specification of fine-grained variants of Android permissions by accumulating existing permission into a taxonomy, each of which admits some common strategies for deriving subpermissions. In (Do et al, 2014;Chen et al, 2019), the authors introduce a permission removal approach to mitigate privacy leaks in Android. Appguard (Backes et al, 2012;Backes et al, 2013) and RetroSkeleton (Davis and Chen, 2013) are both an app-agnostic flexible and dynamic policy re-writing solutions designed towards enhancing security and privacy in untrusted Android applications.…”
Section: Application-level Modificationmentioning
confidence: 99%
“…Dr. Android (Jeon et al, 2012) retrofits apps to allow for the specification of fine-grained variants of Android permissions by accumulating existing permission into a taxonomy, each of which admits some common strategies for deriving subpermissions. In (Do et al, 2014;Chen et al, 2019), the authors introduce a permission removal approach to mitigate privacy leaks in Android. Appguard (Backes et al, 2012;Backes et al, 2013) and RetroSkeleton (Davis and Chen, 2013) are both an app-agnostic flexible and dynamic policy re-writing solutions designed towards enhancing security and privacy in untrusted Android applications.…”
Section: Application-level Modificationmentioning
confidence: 99%
“…While the existing literature on understanding the landscape of privacy settings is scarce, there has been some work done in the extraction and automation of privacy settings, particularly in mobile apps' context [17,16,15]. Chen et al [3] conducted a large-scale study on the usability of privacy settings for Android applications. Their methodology leverages the semantic relationship between the text descriptions of UI elements and the titles of application views to discover privacy menus hidden in apps.…”
Section: Related Workmentioning
confidence: 99%
“…But the privacy policies that are meant to address these concerns are often lengthy, legally worded documents written to protect the provider [15,59]. Even the interactive permission system found on modern smartphones fails to provide a sufficient understanding of the privacy risks involved with using an application [24,39,78].…”
Section: Introductionmentioning
confidence: 99%