Security/Contextual Identity Project/Related Work

From MozillaWiki
Jump to: navigation, search


People forget, why can't machines (on purpose, that is)? Need more tombstone APIs, fewer wayback machines.

Psychology, Sociology

Persona as mask: "One could say, with little exaggeration, that the persona is that which in reality one is not, but which oneself as well as others think one is.” -- Carl Jung

Everyone's got role(s) to play: "All the world is not, of course, a stage, but the crucial ways in which it isn't are not easy to specify." -- Goffman

Policy and privacy

Sharing information is not a privacy violation per se, and is often desireable. It is when information is shared out of context, without regard for social norms and values, that privacy is violated.


Survey of types of posts people regret, why they post, and remediation methods.

Mental models of privacy

Roundup of different mental models (criminal, warfare, physical, medical infection, economic) that inform whether or not users think they are at risk, and what motivates their attackers.

Users are not irrational for not heeding security advice, they are merely making a rational decision that the expected value of following that advice is negative (given the false positive rate, or the probability that not following the advice will lead to compromise).

Mental models are simple by necessity. Having to reason about all the factors that go into a decision is not worth it, so most people satisfice. However, just because a mental model is technically incomplete or incorrect does not mean that it can't lead to a good decision. -->

Merging social graphs

We show that one can link an anonymous Netflix record to external, public data not in the dataset, such as public IMDb ratings, which are associated with a person's identity.

More generalized re-identification attacks.

Social media and privacy

Young people self-report changing privacy settings and taking remediative actions (deleting posts, etc) to preserve privacy than older people. Also some interesting stats about pseudonym use and monitoring digital footprints.


cookies, 3rd party cookies, web bugs, flash cookies, network monitoring, fingerprinting, geolocation, history attacks, there's gotta be a roundup for this already

Usability and privacy