Naïve Security in a Wi-Fi World

Wednesday, November 4, 2009 - 16:30
TH 331
Dr. Edward Lank (University of Waterloo)
Despite nearly ubiquitous access to wireless networks, many users still engage in risky behaviors, make bad choices, or are indifferent to the concerns that security and privacy researchers work diligently to address. At present, research on user attitudes toward security and privacy on public wireless networks is rare. This paper explores wireless security and privacy by interpreting users' current actions and analyzing users' reluctance to change. Through interviews and concrete demonstrations of vulnerability, we show that users currently make irrational choices about security based on mistaken analogy to their experiences in the physical world. We show that, despite awareness of vulnerabilities, users remain ingenuous; that is, they fail to develop a realistic view of risk. Finally, we observe that users practice a form of naïve security, where superficial misunderstandings of risk and vulnerability pose significant challenges to the design of security tools. We argue that tools need to use this understanding of naïve security to better inform user behavior in our WiFi world.

Dr. Edward Lank is an Assistant Professor in the David R. Cheriton School of Computer Science at the University of Waterloo. His research is in the area of Human-Computer Interaction (HCI), including applications of tablet computing, the study of motion kinematics in interfaces, and the design of pervasive computing applications. Prior to joining the faculty at Waterloo, Dr. Lank was an Assistant Professor of Computer Science at San Francisco State University, was a research intern at the Palo Alto Research Center in the Perceptual Document Analysis Area; was Chief Technical Officer of MediaShell Corporation, a Queen's University research start-up; and was an Adjunct Professor in the Department of Computing and Information Science at Queen's University. He received his Ph.D. in Computer Science from Queen's University in Kingston, Ontario, Canada in 2001 under the supervision of Dr. Dorothea Blostein. He also holds a Bachelor's Degree in Physics with a Minor in Computer Science from the University of Prince Edward Island.