This blog post shows how to create a reliable and realistic-looking malicious USB key that can be used in a drop attack.
This paper study how effective the Google's notifications sent to webmasters of hacked web sites are based of over 760000 hacking incidents from July 2014 and June 2015.
As an experiment we dropped nearly 300 USB sticks on the UIUC campus to assess if USB drop attacks work and see if concerns about USB security were justified. We found out that at least 48% of the drive were plugged. This blog post summarizes how we ran the study, highlights the key findings, looks at what motivates people to plug in USB sticks, and discusses possible mitigations to improve USB security.
In this research paper we investigate if people do plug random USB drives and found out that 45-98% do. We analyze the factors that affect opening rate and people motivation for plug-in in their computers those insecure drives.
This blog post recounts how moving this site to a fast joyful responsive design with a lot of images improved session duration by 104% and decreased bounce rate by 53%
What’s the best icon to entice people to share something through their social networks? It turns out to be the one used on Android. While this may contradict guidelines proposed by some designers, this conclusion is based on the results of a survey of 7,500 users. I conducted the survey using Google Consumer Surveys this […]
This is the story of how — and why — Google switched to numeric captchas. Captchas are these wiggly words used as a puzzle to tell humans apart from computers. Over the last few years, based on my work that began at Stanford, I’ve been working on designing a more user-friendly captcha for Google that […]
This paper we describe how we designed a new CAPTCHA schemes for Google that focus on maximizing usability. Our new scheme which is now an integral part of Google sign-up and is served to millions of users, achieved a 95.3% human accuracy, a 6.7% improvement compared to the old one.
We perform a mass-scale user study on how people react to the 21 most popular captcha schemes (13 images, 8 audios). This study reveals that even the most popular captchas scheme are often difficult for humans, with audio captchas being particularly problematic.