05-436 / 05-836 / 08-534 / 08-734 / 19-534 / 19-734 Usable Privacy and Security
Homework 9
Print your homework out and submit it in person at the start of class
(3:00pm) on Monday, May 1. Homework will not be accepted after 3:00pm on that day.
Part 1 (100 points):
Identify a folk model of security or privacy that includes an
inaccurate model that results in users making poor decisions or
failing to take precautions that would be in their best interest.
This may be a folk model discussed in a
paper you have read or that you have observed in practice.
- Describe the folk model
- In what situations have you have observed it? Or where have you
read about it?
- What is
inaccurate about it?
- How does it lead users to make poor decisions
or fail to take security or privacy precautions?
Come up with an approach to help teach users a more accurate model
or guide them to take precautions or make better decisions despite
this model. This may take the form of a web page, poster, video,
software, game etc.
- State the goal(s) of your approach (e.g. Help users understand...., or encourage users to do....)
- Create a mock-up of your proposed approach. For example, design a
web page, write the script of a video and include a rough storyboard
(or create the video if you prefer), create screen shots of
software, etc. If you create something that can't be handed in on
paper in your homework, put it online somewhere and include the URL.
- Write the methodology for a user study to test whether this
approach is successful in meeting your stated goals. Be sure to
include information on type of study, number of participants,
participant selection criteria, type of data to be collected, how
data will be analyzed, etc. (You do not
need to actually carry out the user study.)
Part 2 (9-unit students should not do this part. 12-unit students will
receive between 0 and 75 points for this part): Write a 3--7 sentence
summary and short "highlight" for one optional reading assigned for the
April 12, April 17, April 24, April 26, and May 1 classes.