![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
SOUPS2015 2日目
-
akirakanaoka
- 1954
- 0
- 0
- 0
![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
Text #classification #mobile #app text description top keywords: #gps, #location #map #restaurant #direction | #soups2015 Watanabe et. al.
2015-07-25 00:31:57![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
methods for analyzing text descript. of #privacy resources in #mobile apps - #code analysis & text #classification #datascience #soups2015 …
2015-07-25 00:32:28![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
Watanabe: used Chinese (third party) and English (official android market). ~100K apps surveyed. #soups2015
2015-07-25 00:35:23![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
Watanabe: Most text descriptions do not mention privacy-sensitive resources that are used. Worse for third party Chinese market #soups2015
2015-07-25 00:36:09![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
learn more about the #mobile #app text #datascience project @mariawolters & I are live tweeting at #soups2015: nsl.cs.waseda.ac.jp/projects/acode/
2015-07-25 00:36:18![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
Watanabe: sometimes, a small number of developers account for many apps with bad descriptions #soups2015
2015-07-25 00:37:47![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
47% (50,000) #mobile #app may have permission to SEND_SMS #privacy #infosec #woah from #soups2015 paper: bit.ly/1DBZcD0
2015-07-25 00:39:13![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
Watanabe: In third-party market, many apps use undisclosed third-party ad libraries that need fine location. #soups2015
2015-07-25 00:39:58![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
Watanabe: big risk of cross-site scripting attacks, often "dangerous permissions" not mentioned. #soups2015
2015-07-25 00:40:46![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
Watanabe: ACODE can be used to identify rogue developers that spam markets with apps that want too much info #soups2015
2015-07-25 00:41:38![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
This was Watanabe's first ever international presentation - congratulations on a clear (and interesting!) talk :) #soups2015
2015-07-25 00:43:57![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
ACODE website nsl.cs.waseda.ac.jp/projects/acode/ #soups2015
2015-07-25 00:44:55![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
Now: Cherapau on Whats and Whys of iPhone Passcode and Touch ID #soups2015
2015-07-25 00:45:36![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
Love presentations that start with interactive exercises! Konstantin Beznosov at #soups2015 bit.ly/1KpfDdy #touchid impact #iphone
2015-07-25 00:47:37![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
Cherapau: passcode strength matters bc we need to defend against on-device guess attacks. Apple only allows 1 guess per 80 secs #soups2015
2015-07-25 00:50:08![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
#touchid has had no significant impact on #iphone #password DESPITE #apple claims to the contrary. Findings from #soups2015 Cherapau et al
2015-07-25 00:52:01![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
Two methods: Turk and in-person survey in mall. Resulted in quite representative sample #soups2015
2015-07-25 00:52:24![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
Interesting talk (w great slides) on TouchID and its effects on iPhone passcode strength by @beznosov #soups2015
2015-07-25 00:54:57![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
#iphone #passcode is weak non-touch id and touch-id equally weak | will take 30-60 minutes to #hack #infosec #mobile #iphone #soups2015
2015-07-25 00:55:31![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
People's #iPhone passcode (PINs) tend to be weak, can be cracked in 1.30h. Clear case for strong backup auth! #soups2015
2015-07-25 00:56:04![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
Big opportunity to help users get mobile app permissions + security. Text descriptions aren't working. bit.ly/1JD9t47 #soups2015
2015-07-25 00:56:18![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
Want to know how quickly we can #hack your #iphone passcode? TouchID doesn't matter. @beznosov #soups2015 bit.ly/1KpfDdy
2015-07-25 00:56:28![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
The second most popular reasons for ppl to use PIN, not password is that they don't know password is possible. (I didn't either!) #soups2015
2015-07-25 00:57:10![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
People lock their iPhone against strangers (all), room mates, friends, family (60%) ... #soups2015
2015-07-25 00:57:45![](https://tgfile.tg-static.com/static/web/img/placeholder.gif)
Most users of TouchID choose it for convenience #soups2015
2015-07-25 01:00:26