default search action
Serge Egelman
Person information
- affiliation: University of California, Berkeley, USA
- affiliation: International Computer Science Institute, Berkeley, CA, USA
Refine list
refinements active!
zoomed in on ?? of ?? records
view refined list in
export refined list as
showing all ?? records
2020 – today
- 2024
- [i10]Nikita Samarin, Alex Sanchez, Trinity Chung, Akshay Dan Bhavish Juleemun, Conor Gilsenan, Nick Merrill, Joel Reardon, Serge Egelman:
The Medium is the Message: How Secure Messaging Apps Leak Sensitive Data to Push Notification Services. CoRR abs/2407.10589 (2024) - [i9]Mila Dalla Preda, Serge Egelman, Anna Maria Mandalari, Volker Stocker, Juan Tapiador, Narseo Vallina-Rodriguez:
EU Cyber Resilience Act: Socio-Technical and Research Challenges (Dagstuhl Seminar 24112). Dagstuhl Reports 14(3): 52-74 (2024) - 2023
- [j22]Nikita Samarin
, Shayna Kothari, Zaina Siyed, Oscar Bjorkman, Reena Yuan, Primal Wijesekera
Lessons in VCR Repair: Compliance of Android App Developers with the California Consumer Privacy Act (CCPA). Proc. Priv. Enhancing Technol. 2023(3): 103-121 (2023) - [j21]Alisa Frik
A Model of Contextual Factors Affecting Older Adults' Information-Sharing Decisions in the U.S. ACM Trans. Comput. Hum. Interact. 30(1): 1-48 (2023) - [c68]Aniketh Girish
In the Room Where It Happens: Characterizing Local Communication and Threats in Smart Homes. IMC 2023: 437-456 - [c67]Conor Gilsenan, Fuzail Shakir, Noura Alomar, Serge Egelman:
Security and Privacy Failures in Popular 2FA Apps. USENIX Security Symposium 2023: 2079-2096 - [c66]Allan Lyons, Julien Gamba, Austin Shawaga, Joel Reardon, Juan Tapiador, Serge Egelman, Narseo Vallina-Rodriguez:
Log: It's Big, It's Heavy, It's Filled with Personal Data! Measuring the Logging of Sensitive Information in the Android Ecosystem. USENIX Security Symposium 2023: 2115-2132 - [i8]Nikita Samarin
Lessons in VCR Repair: Compliance of Android App Developers with the California Consumer Privacy Act (CCPA). CoRR abs/2304.00944 (2023) - 2022
- [j20]Nathan Malkin, David A. Wagner, Serge Egelman:
Can Humans Detect Malicious Always-Listening Assistants? A Framework for Crowdsourcing Test Drives. Proc. ACM Hum. Comput. Interact. 6(CSCW2): 1-28 (2022) - [j19]Noura Alomar, Serge Egelman:
Developers Say the Darnedest Things: Privacy Compliance Processes Followed by Developers of Child-Directed Apps. Proc. Priv. Enhancing Technol. 2022(4): 250-273 (2022) - [c65]Aniketh Girish, Vijay Prakash, Serge Egelman, Joel Reardon, Juan Tapiador, Danny Yuxing Huang, Srdjan Matic
Challenges in inferring privacy properties of smart devices: towards scalable multi-vantage point testing methods. StudentWorkshop@CoNEXT 2022: 26-28 - [c64]Nathan Malkin, David A. Wagner, Serge Egelman:
Runtime Permissions for Privacy in Proactive Intelligent Assistants. SOUPS @ USENIX Security Symposium 2022: 633-651 - 2020
- [j18]Eyal Péer, Serge Egelman
Nudge me right: Personalizing online security nudges to people's decision-making styles. Comput. Hum. Behav. 109: 106347 (2020) - [j17]Madelyn R. Sanfilippo
Disaster privacy/privacy disaster. J. Assoc. Inf. Sci. Technol. 71(9): 1002-1014 (2020) - [j16]Catherine Han
The Price is (Not) Right: Comparing Privacy in Free and Paid Apps. Proc. Priv. Enhancing Technol. 2020(3): 222-242 (2020) - [c63]Conor Gilsenan, Noura Alomar, Andrew Huang, Serge Egelman
Decentralized backup and recovery of TOTP secrets. HotSoS 2020: 22:1-22:2 - [c62]Noura Alomar, Primal Wijesekera, Edward Qiu, Serge Egelman:
"You've Got Your Nice List of Bugs, Now What?" Vulnerability Discovery and Management Processes in the Wild. SOUPS @ USENIX Security Symposium 2020: 319-339 - [c61]Joshua Reynolds, Nikita Samarin, Joseph D. Barnes, Taylor Judd, Joshua Mason, Michael D. Bailey, Serge Egelman:
Empirical Measurement of Systemic 2FA Usability. USENIX Security Symposium 2020: 127-143 - [c60]Benjamin Andow, Samin Yaseer Mahmud, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, Serge Egelman:
Actions Speak Louder than Words: Entity-Sensitive Privacy Policy and Data Flow Analysis with PoliCheck. USENIX Security Symposium 2020: 985-1002 - [i7]Nikita Samarin, Alisa Frik, Sean Brooks, Coye Cheshire, Serge Egelman:
Conducting Privacy-Sensitive Surveys: A Case Study of Civil Society Organizations. CoRR abs/2003.08580 (2020)
2010 – 2019
- 2019
- [j15]Madiha Tabassum
Investigating Users' Preferences and Expectations for Always-Listening Voice Assistants. Proc. ACM Interact. Mob. Wearable Ubiquitous Technol. 3(4): 153:1-153:23 (2019) - [j14]Nathan Malkin, Joe Deatrick, Allen Tong, Primal Wijesekera
Privacy Attitudes of Smart Speaker Users. Proc. Priv. Enhancing Technol. 2019(4): 250-271 (2019) - [j13]Joel Reardon, Álvaro Feal, Primal Wijesekera, Amit Elazari Bar On, Narseo Vallina-Rodriguez, Serge Egelman:
50 Ways to Leak Your Data: An Exploration of Apps' Circumvention of the Android Permissions System. login Usenix Mag. 44(4) (2019) - [c59]Alisa Frik
A Promise Is A Promise: The Effect of Commitment Devices on Computer Security Intentions. CHI 2019: 604 - [c58]Nathan Malkin, Serge Egelman
Privacy controls for always-listening devices. NSPW 2019: 78-91 - [c57]Leysan Nurgalieva
Information Design in An Aged Care Context: Views of Older Adults on Information Sharing in a Care Triad. PervasiveHealth 2019: 101-110 - [c56]Alisa Frik, Leysan Nurgalieva, Julia Bernd, Joyce Lee, Florian Schaub, Serge Egelman:
Privacy and Security Threat Models and Mitigation Strategies of Older Adults. SOUPS @ USENIX Security Symposium 2019 - [c55]Joel Reardon, Álvaro Feal, Primal Wijesekera, Amit Elazari Bar On, Narseo Vallina-Rodriguez, Serge Egelman:
50 Ways to Leak Your Data: An Exploration of Apps' Circumvention of the Android Permissions System. USENIX Security Symposium 2019: 603-620 - 2018
- [j12]Primal Wijesekera
Dynamically Regulating Mobile Application Permissions. IEEE Secur. Priv. 16(1): 64-71 (2018) - [j11]Irwin Reyes, Primal Wijesekera
"Won't Somebody Think of the Children?" Examining COPPA Compliance at Scale. Proc. Priv. Enhancing Technol. 2018(3): 63-83 (2018) - [c54]Primal Wijesekera
Contextualizing Privacy Decisions for Better Prediction (and Protection). CHI 2018: 268 - [c53]Robert W. Reeder, Adrienne Porter Felt, Sunny Consolvo, Nathan Malkin, Christopher Thompson, Serge Egelman
An Experience Sampling Study of User Reactions to Browser Warnings in the Field. CHI 2018: 512 - [c52]Michael Carl Tschantz, Serge Egelman
The Accuracy of the Demographic Inferences Shown on Google's Ad Settings. WPES@CCS 2018: 33-41 - [i6]Arunesh Mathur, Nathan Malkin, Marian Harbach, Eyal Péer, Serge Egelman:
Quantifying Users' Beliefs about Software Updates. CoRR abs/1805.04594 (2018) - [i5]Michael Carl Tschantz, Serge Egelman, Jaeyoung Choi, Nicholas Weaver, Gerald Friedland:
The Accuracy of the Demographic Inferences Shown on Google's Ad Settings. CoRR abs/1808.07549 (2018) - [i4]Jaeyoung Choi, Istemi Ekin Akkus, Serge Egelman, Gerald Friedland, Robin Sommer, Michael Carl Tschantz, Nicholas Weaver:
Cybercasing 2.0: You Get What You Pay For. CoRR abs/1811.06584 (2018) - 2017
- [j10]Linda Naeun Lee, David Fifield, Nathan Malkin, Ganesh Iyer, Serge Egelman, David A. Wagner:
A Usability Evaluation of Tor Launcher. Proc. Priv. Enhancing Technol. 2017(3): 90 (2017) - [c51]Sarah Pearman
Let's Go in for a Closer Look: Observing Passwords in Their Natural Habitat. CCS 2017: 295-310 - [c50]Lynn Tsai, Primal Wijesekera, Joel Reardon, Irwin Reyes, Serge Egelman, David A. Wagner, Nathan Good, Jung-Wei Chen:
Turtle Guard: Helping Android Users Apply Contextual Privacy Preferences. SOUPS 2017: 145-162 - [c49]Primal Wijesekera
The Feasibility of Dynamically Granted Permissions: Aligning Mobile Privacy with User Preferences. IEEE Symposium on Security and Privacy 2017: 1077-1093 - [i3]Primal Wijesekera, Arjun Baokar, Lynn Tsai, Joel Reardon, Serge Egelman, David A. Wagner, Konstantin Beznosov:
The Feasibility of Dynamically Granted Permissions: Aligning Mobile Privacy with User Preferences. CoRR abs/1703.02090 (2017) - 2016
- [j9]Nathan Malkin, Marian Harbach, Alexander De Luca, Serge Egelman:
The Anatomy Of Smartphone Unlocking: Why and How Android Users Around the World Lock their Phones. GetMobile Mob. Comput. Commun. 20(3): 42-46 (2016) - [c48]Marian Harbach, Alexander De Luca, Serge Egelman
The Anatomy of Smartphone Unlocking: A Field Study of Android Lock Screens. CHI 2016: 4806-4817 - [c47]Marian Harbach, Alexander De Luca, Nathan Malkin, Serge Egelman
Keep on Lockin' in the Free World: A Multi-National Comparison of Smartphone Locking. CHI 2016: 4823-4827 - [c46]Serge Egelman
Behavior Ever Follows Intention?: A Validation of the Security Behavior Intentions Scale (SeBIS). CHI 2016: 5257-5261 - [c45]Serge Egelman
The Teaching Privacy Curriculum. SIGCSE 2016: 591-596 - [c44]Alain Forget, Sarah Pearman, Jeremy Thomas, Alessandro Acquisti, Nicolas Christin, Lorrie Faith Cranor, Serge Egelman, Marian Harbach, Rahul Telang:
Do or Do Not, There Is No Try: User Engagement May Not Improve Security Outcomes. SOUPS 2016: 97-111 - [c43]Nathan Malkin, Serge Egelman, David A. Wagner:
Recovering High-Value Secrets with SGX and Social Authentication. WAY@SOUPS 2016 - [e1]Carrie Gates, Rainer Böhme, Mohammad Mannan, Serge Egelman:
Proceedings of the 2016 New Security Paradigms Workshop, NSPW 2016, Granby, Colorado, USA, September 26-29, 2016. ACM 2016, ISBN 978-1-4503-4813-3 [contents] - 2015
- [j8]Julia Bernd, Blanca Gordo, Jaeyoung Choi, Bryan Morgan, Nicholas Henderson, Serge Egelman
Teaching Privacy: Multimedia Making a Difference. IEEE Multim. 22(1): 12-19 (2015) - [j7]Serge Egelman, Eyal Péer:
Predicting privacy and security attitudes. SIGCAS Comput. Soc. 45(1): 22-28 (2015) - [c42]Rebecca S. Portnoff, Linda Naeun Lee, Serge Egelman
Somebody's Watching Me?: Assessing the Effectiveness of Webcam Indicator Lights. CHI 2015: 1649-1658 - [c41]Serge Egelman
Is This Thing On?: Crowdsourcing Privacy Indicators for Ubiquitous Sensing Platforms. CHI 2015: 1669-1678 - [c40]Serge Egelman
Scaling the Security Wall: Developing a Security Behavior Intentions Scale (SeBIS). CHI 2015: 2873-2882 - [c39]David Fifield, Serge Egelman
Fingerprinting Web Users Through Font Metrics. Financial Cryptography 2015: 107-124 - [c38]Richard Chow, Serge Egelman
HCI in Business: A Collaboration with Academia in IoT Privacy. HCI (23) 2015: 679-687 - [c37]Serge Egelman
The Myth of the Average User: Improving Privacy and Security Systems through Individualization. NSPW 2015: 16-28 - [c36]Gerald Friedland, Serge Egelman, Daniel D. Garcia:
Teaching Privacy: What Every Student Needs to Know (Abstract Only). SIGCSE 2015: 713 - [c35]Primal Wijesekera, Arjun Baokar, Ashkan Hosseini, Serge Egelman, David A. Wagner, Konstantin Beznosov:
Android Permissions Remystified: A Field Study on Contextual Integrity. USENIX Security Symposium 2015: 499-514 - [i2]Primal Wijesekera, Arjun Baokar, Ashkan Hosseini, Serge Egelman, David A. Wagner, Konstantin Beznosov:
Android Permissions Remystified: A Field Study on Contextual Integrity. CoRR abs/1504.03747 (2015) - [i1]Linda Naeun Lee, Serge Egelman, Joong Hwa Lee, David A. Wagner:
Risk Perceptions for Wearable Devices. CoRR abs/1504.05694 (2015) - 2014
- [j6]Sonia Chiasson, Heather Crawford
Reflections on U-PriSM 2: The Second Workshop on Usable Privacy and Security for Mobile Devices. Int. J. Mob. Hum. Comput. Interact. 6(2): 73-78 (2014) - [c34]Serge Egelman
Are You Ready to Lock? CCS 2014: 750-761 - [c33]Joshua Tan, Khanh Nguyen, Michael Theodorides, Heidi Negrón-Arroyo, Christopher Thompson, Serge Egelman
The effect of developer-specified explanations for permission requests on smartphone user behavior. CHI 2014: 91-100 - [p2]Serge Egelman
Crowdsourcing in HCI Research. Ways of Knowing in HCI 2014: 267-289 - 2013
- [c32]Serge Egelman
My profile is my password, verify me!: the privacy/convenience tradeoff of facebook connect. CHI 2013: 2369-2378 - [c31]Serge Egelman
Does my password go up to eleven?: the impact of password meters on password selection. CHI 2013: 2379-2388 - [c30]Serge Egelman
The Importance of Being Earnest [In Security Warnings]. Financial Cryptography 2013: 52-59 - [c29]Sonia Chiasson, Heather Crawford, Serge Egelman
U-PriSM 2: the second usable privacy and security for mobile devices workshop. Mobile HCI 2013: 630-632 - [c28]Serge Egelman
Markets for zero-day exploits: ethics and implications. NSPW 2013: 41-46 - [c27]Christopher Thompson, Maritza L. Johnson, Serge Egelman
When it's better to ask forgiveness than get permission: attribution mechanisms for smartphone resources. SOUPS 2013: 1:1-1:14 - [p1]Serge Egelman
Choice Architecture and Smartphone Privacy: There's a Price for That. The Economics of Information Security and Privacy 2013: 211-236 - 2012
- [j5]Blase Ur, Patrick Gage Kelley, Saranga Komanduri, Joel Lee, Michael Maass, Michelle L. Mazurek, Timothy Passaro, Richard Shay, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Serge Egelman, Julio C. López:
Helping Users Create Better Passwords. login Usenix Mag. 37(6) (2012) - [c26]Adrienne Porter Felt, Serge Egelman
I've got 99 problems, but vibration ain't one: a survey of smartphone users' concerns. SPSM@CCS 2012: 33-44 - [c25]Serge Egelman
It's Not Stealing If You Need It: A Panel on the Ethics of Performing Research Using Public Data of Illicit Origin. Financial Cryptography Workshops 2012: 124-132 - [c24]Adrienne Porter Felt, Elizabeth Ha, Serge Egelman
Android permissions: user attention, comprehension, and behavior. SOUPS 2012: 3 - [c23]Maritza L. Johnson, Serge Egelman
Facebook and privacy: it's complicated. SOUPS 2012: 9 - [c22]Adrienne Porter Felt, Serge Egelman, Matthew Finifter, Devdatta Akhawe, David A. Wagner:
How to Ask for Permission. HotSec 2012 - [c21]Serge Egelman, Adrienne Porter Felt, David A. Wagner:
Choice Architecture and Smartphone Privacy: There's a Price for That. WEIS 2012 - 2011
- [j4]Janice Y. Tsai, Serge Egelman
The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study. Inf. Syst. Res. 22(2): 254-268 (2011) - [c20]Serge Egelman
Oops, I did it again: mitigating repeated access control errors on facebook. CHI 2011: 2295-2304 - [c19]Saranga Komanduri, Richard Shay, Patrick Gage Kelley, Michelle L. Mazurek, Lujo Bauer
Of passwords and people: measuring the effect of password-composition policies. CHI 2011: 2595-2604 - [c18]Nicolas Christin
It's All about the Benjamins: An Empirical Study on Incentivizing Users to Ignore Security Advice. Financial Cryptography 2011: 16-30 - 2010
- [c17]David Molnar, Serge Egelman
This is your data on drugs: lessons computer security can learn from the drug war. NSPW 2010: 143-149 - [c16]Serge Egelman, David Molnar, Nicolas Christin, Alessandro Acquisti, Cormac Herley, Shriram Krishnamurthi:
Please Continue to Hold: An Empirical Study on User Tolerance of Security Delays. WEIS 2010
2000 – 2009
- 2009
- [c15]Serge Egelman
Timing is everything?: the effects of timing and placement of online privacy indicators. CHI 2009: 319-328 - [c14]Stuart E. Schechter, Serge Egelman
It's not what you know, but who you know: a social approach to last-resort authentication. CHI 2009: 1983-1992 - [c13]Stuart E. Schechter, A. J. Bernheim Brush, Serge Egelman:
It's no secret: measuring the security and reliability of authentication via 'secret' questions. SOUPS 2009 - [c12]Stuart E. Schechter, Serge Egelman, Robert W. Reeder:
It's not what you know, but who you know: a social approach to last-resort authentication. SOUPS 2009 - [c11]Janice Y. Tsai, Serge Egelman, Lorrie Faith Cranor
The impact of privacy indicators on search engine browsing patterns. SOUPS 2009 - [c10]Stuart E. Schechter, A. J. Bernheim Brush, Serge Egelman
It's No Secret. Measuring the Security and Reliability of Authentication via "Secret" Questions. SP 2009: 375-390 - [c9]Joshua Sunshine, Serge Egelman, Hazim Almuhimedi, Neha Atri, Lorrie Faith Cranor:
Crying Wolf: An Empirical Study of SSL Warning Effectiveness. USENIX Security Symposium 2009: 399-416 - 2008
- [j3]Lorrie Faith Cranor
P3P deployment on websites. Electron. Commer. Res. Appl. 7(3): 274-293 (2008) - [c8]Serge Egelman
You've been warned: an empirical study of the effectiveness of web browser phishing warnings. CHI 2008: 1065-1074 - [c7]Serge Egelman
Family accounts: a new paradigm for user accounts within the home environment. CSCW 2008: 669-678 - 2007
- [c6]Serge Egelman
Security user studies: methodologies and best practices. CHI Extended Abstracts 2007: 2833-2836 - [c5]Lorrie Faith Cranor, Serge Egelman, Janice Y. Tsai, Alessandro Acquisti:
The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study. ICIS 2007: 20 - [c4]Lorrie Faith Cranor, Serge Egelman, Jason I. Hong, Yue Zhang:
Phinding Phish: An Evaluation of Anti-Phishing Toolbars. NDSS 2007 - [c3]Janice Y. Tsai, Serge Egelman, Lorrie Faith Cranor, Alessandro Acquisti:
The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study. WEIS 2007 - 2006
- [j2]Janice Y. Tsai, Serge Egelman
Soups 2006. IEEE Secur. Priv. 4(6): 53-55 (2006) - [c2]Serge Egelman
An analysis of P3P-enabled web sites among top-20 search results. ICEC 2006: 197-207 - [c1]Julia Gideon, Lorrie Faith Cranor
Power strips, prophylactics, and privacy, oh my! SOUPS 2006: 133-144 - 2004
- [j1]Serge Egelman:
Suing Spammers for Fun and Profit. login Usenix Mag. 29(2) (2004)
Coauthor Index
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
Unpaywalled article links
Add open access links from to the list of external document links (if available).
Privacy notice: By enabling the option above, your browser will contact the API of unpaywall.org to load hyperlinks to open access articles. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Unpaywall privacy policy.
Archived links via Wayback Machine
For web page which are no longer available, try to retrieve content from the of the Internet Archive (if available).
Privacy notice: By enabling the option above, your browser will contact the API of archive.org to check for archived content of web pages that are no longer available. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Internet Archive privacy policy.
Reference lists
Add a list of references from ,
, and
to record detail pages.
load references from crossref.org and opencitations.net
Privacy notice: By enabling the option above, your browser will contact the APIs of crossref.org, opencitations.net, and semanticscholar.org to load article reference information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Crossref privacy policy and the OpenCitations privacy policy, as well as the AI2 Privacy Policy covering Semantic Scholar.
Citation data
Add a list of citing articles from and
to record detail pages.
load citations from opencitations.net
Privacy notice: By enabling the option above, your browser will contact the API of opencitations.net and semanticscholar.org to load citation information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the OpenCitations privacy policy as well as the AI2 Privacy Policy covering Semantic Scholar.
OpenAlex data
Load additional information about publications from .
Privacy notice: By enabling the option above, your browser will contact the API of openalex.org to load additional information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the information given by OpenAlex.
last updated on 2024-10-07 21:19 CEST by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by: