UCL  IRIS
Institutional Research Information Service
UCL Logo
Please report any queries concerning the funding data grouped in the sections named "Externally Awarded" or "Internally Disbursed" (shown on the profile page) to your Research Finance Administrator. Your can find your Research Finance Administrator at http://www.ucl.ac.uk/finance/research/post_award/post_award_contacts.php by entering your department
Please report any queries concerning the student data shown on the profile page to:

Email: portico-services@ucl.ac.uk

Help Desk: http://www.ucl.ac.uk/ras/portico/helpdesk
Publication Detail
No Good Reason to Remove Features: Expert Users Value Useful Apps over Secure Ones
  • Publication Type:
    Report
  • Authors:
    Dodier-Lazaro S, Becker I, Krinke J, Sasse M
  • Publisher:
    UCL Computer Science
  • publication date:
    13/02/2017
  • Place of publication:
    London
  • Report number:
    17/03
  • Series name:
    UCL Computer Science Research Notes
  • Keywords:
    Value-Sensitive Design, Productive Security, Security, Sandboxing, Apps, Appropriation
  • Addresses:
    University College London
    Computer Science
    London
    WC1E 6BT
    United Kingdom
Abstract
Application sandboxes are an essential security mechanism to contain malware. Yet, they are seldom used on Desktops. We hypothesise this is because sandboxes are incompatible with plugins, and with APIs used to implement a wide variety of Desktop features. To verify this, we interviewed 13 expert users about their app appropriation decisions, and illustrate how they recruit values like usefulness, productivity or reliability in their decisions. We found that (a) security is an unimportant factor for appropriation; (b) plugins considerably support productivity needs and (c) users may abandon apps that remove a feature, especially for feature removals justified by security. Productivity-oriented expert Desktop users place more value in a stable user experience and in having flexible apps than in security benefits. Sandboxing thus conflicts with their values. We conclude that for sandboxed apps to be systematically adoptable by expert users, sandboxes must no longer require the sacrifice of plugins and features found in Desktop apps.
Publication data is maintained in RPS. Visit https://rps.ucl.ac.uk
 More search options
UCL Researchers
Author
Dept of Computer Science
Author
Dept of Computer Science
University College London - Gower Street - London - WC1E 6BT Tel:+44 (0)20 7679 2000

© UCL 1999–2011

Search by