Faculty Information for Cranor, Lorrie


Name: Cranor, Lorrie

Homepage: http://lorrie.cranor.org/

Email: lorrie[AT]cs.cmu.edu

Office: 2207 Collaborative Innovation Center

Phone: (412) 268-7534

Fax: 412-268-2338

Research Keywords: Privacy, usable privacy and security software, computers and society, technology policy, voting

Affiliation: CUPS



Publications:

Sleeper, Manya & Cranshaw, Justin & Kelley, Patrick G & Ur, Blase & Acquisti, Alessandro & Cranor, Lorrie F & Sadeh, Norman. (2013). 'I read my Twitter this morning and was astonished': A conversational perspective on Twitter regrets. In the proceedings of CHI 2013, April 27 to May 2, Paris, France., WebSite: [link]

Leon, Pedro G & Ur, Blase & Balebako, Rebecca & Cranor, Lorrie F & Shay, Richard & Wang, Yang. (2012). Why Johnny Can’t Opt Out: A Usability Evaluation of Tools to Limit Online Behavioral Advertising. Carnegie Mellon University, CyLab, Technical Report, CMU-CyLab-11-017, WebSite: [link]

Klemperer, Peter F & Liang, Y & Mazurek, Michelle L & Sleeper, Manya & Ur, Blase & Bauer, Lujo & Cranor, Lorrie F & Gupta, N & Reiter, Michael K . (2012). Tag, You Can See It! Using Tags for Access Control in Photo Sharing. In proceedings of the Conference on Human Factors in Computing Systems (CHI-12), Austin, TX USA, May 5-10, 2012., WebSite: [Link]

Kelley, Patrick G & Consolvo, Sunny & Cranor, Lorrie F & Jung, Jaeyeon & Sadeh, Norman & David, Wetherall. (2012). A Conundrum of Permissions: Installing Applications on an Android Smartphone. In the proceedings of Workshop on Usable Security (USEC2012), collocated with the 16th International Conference on Financial Cryptography and Data Security, March 2012., WebSite: [Link]

Ur, Blase & Kelley, Patrick G & Komanduri, Saranga & Lee, J. K & Maass, Michael & Mazurek, Michelle L & Passaro, Timothy & Shay, Richard & Vidas, Timothy & Bauer, Lujo & Christin, Nicolas & Cranor, Lorrie F . (2012). How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation. in Proceedings of the 21st USENIX Security Symposium, 2012 (Forthcoming), WebSite: [Link]

Shay, Richard & Kelley, Patrick G & Komanduri, Saranga & Mazurek, Michelle L & Ur, Blase & Vidas, Timothy & Bauer, Lujo & Christin, Nicolas & Cranor, Lorrie F . (2012). Correct horse battery staple: exploring the usability of system-assigned passphrases. in Proceedings of the Eighth Symposium on Usable Privacy and Security, New York, NY, USA: ACM, 2012, pp. 7:1-7:20., WebSite: [Link]]

Bravo-Lillo, C & Cranor, Lorrie F & Downs, J. S & Komanduri, Saranga & Schechter, S & Sleeper, Manya. (2012). Operating system framed in case of mistaken identity: Measuring the success of web-based spoofing attacks on OS password-entry dialogs. in Proceedings of the 19th ACM conference on Computer and communications security, ACM, 2012 (Forthcoming).,

Ur, Blase & Leon, Pedro G & Cranor, Lorrie F & Shay, Richard & Wang, Yang. (2012). Smart, Useful, Scary, Creepy: Perceptions of Online Behavioral Advertising. In the proceedings of the Symposium on Usable Privacy and Security, Washington DC, USA, July 11-13, 2012., WebSite: [Link]

Balebako, Rebecca & Leon, Pedro G & Shay, Richard & Ur, Blase & Cranor, Lorrie F . (2012). Measuring the Effectiveness of Privacy Tools for Limiting Behavioral Advertising. In the proceedings of Web 2.0 Security and Privacy Workshop (W2SP). San Francisco, California, May 2012., WebSite: [Link]

Leon, Pedro G & Cranshaw, Justin & Cranor, Lorrie F & Graves, Jim & Hastak, Manoj & Ur, Blase & Xu, Guzi. (2012). What Do Online Behavioral Advertising Disclosures Communicate to Users?. Carnegie Mellon University, CyLab, Technical Report, CMU-CyLab-12-008.,

Ur, Blase & Sleeper, Manya & Cranor, Lorrie F . (2012). Policies in Social Media: Providing Translated Privacy Notice. WWW Workshop on Privacy and Security in Online Social Media (PSOSM). Lyon, France, April 2012., WebSite: [Link]

Cranor, Lorrie F . (2012). Necessary But Not Sufficient: Standardized Mechanisms for Privacy Notice and Choice. Journal of Telecommunications and High Technology Law, Available at SSRN: http://ssrn.com/abstract=2184059, 10, 35.

McDonald, A & Cranor, Lorrie F . (2011). A Survey of the Use of Adobe Flash Local Shared Objects to Respawn HTTP Cookies. Carnegie Mellon University, School of Computer Science, Institute for Software Research, Technical Report, CMU-CyLab-11-001., [pdf]

Komanduri, Saranga & Shay, Richard & Norcie, Greg & Cranor, Lorrie F . (2011). AdChoices? Compliance with Online Behavioral Advertising Notice and Choice Requirements. Carnegie Mellon University, School of Computer Science, Institute for Software Research, Technical Report, CMU-CyLab-11-001. Also forthcoming in I/S: A Journal of Law and Policy for the Information Society 2012., [pdf]

Reeder, Robert W & Bauer, Lujo & Cranor, Lorrie F & Reiter, Michael K & Vaniea, Kami. (2011). More than skin deep: Measuring effects of the underlying model on access-control system usability. In proceedings of ACM SIGCHI Conference on Human Factors in Computing Systems (CHI '11), Vancouver, BC, Canada, May 7-12, 2011., WebSite: [[Link]]

Komanduri, Saranga & Shay, Richard & Kelley, Patrick G & Mazurek, Michelle L & Christin, Nicolas & Cranor, Lorrie F & Bauer, Lujo. (2011). Of passwords and people: Measuring the effect of password-composition policies. In proceedings of ACM SIGCHI Conference on Human Factors in Computing Systems (CHI '11), Vancouver, BC, Canada, May 7-12, 2011.,

Shay, Richard & Klemperer, Peter F & Mazurek, Michelle L & Takabi, Hassan & Bauer, Lujo & Cranor, Lorrie F . (2011). Exploring Reactive Access Control. In proceedings of ACM SIGCHI Conference on Human Factors in Computing Systems (CHI '11), Vancouver, BC, Canada, May 7-12, 2011. , WebSite: [[Link]]

Kelley, Patrick G & Brewer, Robin & Mayer, Yael & Cranor, Lorrie F & Sadeh, Norman. (2011). An Investigation into Facebook Friend Grouping. In proceedings of 13th IFIP TC13 Conference on Human-Computer Interaction (INTERACT 2011), Lisbon, Portugal, September 5-9, 2011 (Forthcoming).,

Wang, Yang & Komanduri, Saranga & Leon, Pedro G & Norcie, Greg & Acquisti, Alessandro & Cranor, Lorrie F . (2011). I regretted the minute I pressed share: A Qualitative Study of Regrets on Facebook. In proceedings of SOUPS 2011, Pittsburgh, PA, July 20-22, 2011 (Forthcoming).,

Wang, Yang & Norcie, Greg & Cranor, Lorrie F . (2011). Who Is Concerned about What? A Study of American, Chinese and Indian Users Privacy Concerns on Social Network Sites. In proceedings of 4th International Conference on Trust & Trustworthy Computing (TRUST 2011), Pittsburgh, PA, June 22-24, 2011 (Forthcoming)., Springer.

Sleeper, Manya & Sharma, Divya & Cranor, Lorrie F . (2011). I Know Where You Live: Analyzing Privacy Protection in Public Databases. October 2011, Technical Report, CyLab, Carnegie Mellon University, CMU-CyLab-11-015. [Extended version of paper presented at WPES 2011] , WebSite: [ [Link]]

Wiese, Jason & Kelley, Patrick G & Cranor, Lorrie F & Dabbish, Laura & Hong, Jason & Zimmerman, John. (2011). Are You Close with Me? Are You Nearby? Investigating Social Groups, Closeness, and Willingness to Share. In proceedings of the 13th International Conference on Ubiquitous Computing (UbiComp’ 11), September 17-21, 2011, Beijing, China, ACM, Pp. 197-206., WebSite: [Link]

Hibshi, Hanan & Vidas, Timothy & Cranor, Lorrie F . (2011). Usability of Forensics Tools: A User Study. In proceedings of the 6th International Conference on IT Security Incident Management and IT Forensics (IMF), May 10-12, 2011, Stuttgart, Germany., WebSite: [ [Link]]

Kelley, Patrick G & Komanduri, Saranga & Mazurek, Michelle L & Shay, Richard & Vidas, Timothy & Bauer, Lujo & Christin, Nicolas & Cranor, Lorrie F & Lopez, Julio. (2011). Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms. August 21, 2011, Technical Report, CyLab, Carnegie Mellon University, CMU-CyLab-11-008. , WebSite: [Link]

Bravo-Lillo, C & Cranor, Lorrie F & Downs, J. S & Komanduri, Saranga. (2011). Bridging the Gap in Computer Security Warnings: A Mental Model Approach. IEEE Security & Privacy, 18-26. WebSite: [ [pdf]]

Bravo-Lillo, C & Cranor, Lorrie F & Downs, J. S & Komanduri, Saranga & Sleeper, Manya. (2011). Improving Computer Security Dialogs. In the proceedings of the 13th IFIP TC 13 International Conference on Human-Computer Interaction (INTERACT). Lisbon, Portugal, September 05-09, 2011, pp. 216-233.,

Vidas, Timothy & Christin, Nicolas & Cranor, Lorrie F . (2011). Curbing Android Permission Creep. In proceedings of Web 2.0 Security & Privacy conference. Oakland, CA. May 26, 2011., WebSite: [Link]

Balebako, Rebecca & Kelley, Patrick G & Mugan, J & Acquisti, Alessandro & Cranor, Lorrie F & Sadeh, Norman. (2011). Nudging Users Towards Privacy on Mobile Devices. In proceedings at The 2nd International Workshop on Persuasion, Influence, Nudge & Coercion through mobile devices, May 8, 2011, Vancouver, Canada (at CHI2011)., WebSite: [Link]

Toch, E & Cranshaw, Justin & Hankes Drielsma, Paul & Tsai, Janice & Kelley, Patrick G & Springfield, J & Cranor, Lorrie F & Hong, Jason & Sadeh, Norman. (2010). Empirical models of privacy in location sharing. Proceedings of the 12th ACM International Conference on Ubiquitous Computing. Proceedings of the 12th ACM International Conference on Ubiquitous Computing, 2010. , WebSite: [ [Link] ]

Toch, E & Cranshaw, Justin & Hankes Drielsma, Paul & Springfield, J & Kelley, Patrick G & Cranor, Lorrie F & Sadeh, Norman. (2010). Locaccino: a privacy-centric location sharing application. UbiComp (Adjunct Papers - Demo)., WebSite: [[Link]]

Kelley, Patrick G & Benisch, Michael & Cranor, Lorrie F & Sadeh, Norman. (2010). When Are Users Comfortable Sharing Locations with Advertisers?. CMU Technical Report CMU-ISR-10-126, 2010., [pdf]

Benisch, Michael & Kelley, Patrick G & Sadeh, Norman & Cranor, Lorrie F . (2010). Capturing Location-Privacy Preferences: Quantifying Accuracy and User-Burden Tradeoffs. Personal and Ubiquitous Computing (PUC), 15, 679-694. Springer.

Shay, Richard & Komanduri, Saranga & Kelley, Patrick G & Leon, Pedro G & Mazurek, Michelle L & Bauer, Lujo & Christin, Nicolas & Cranor, Lorrie F . (2010). Encountering stronger password requirements: user attitudes and behaviors.. In Proceedings of the Sixth Symposium on Usable Privacy and Security (SOUPS '10). ACM, New York, NY, USA, 1-20., WebSite: [ [Link] ]

Leon, Pedro G & Cranor, Lorrie F & McDonald, A & McGuire, R. (2010). Token Attempt: The Misrepresentation of Website Privacy Policies through the Misuse of P3P Compact Policy Tokens. WPES 2010., WebSite: [http://www.cylab.cmu.edu/research/techreports/2010/tr_cylab10014.html]

McDonald, A & Cranor, Lorrie F . (2010). Americans' Attitudes About Internet Behavioral Advertising Practices. WPES 2010., WebSite: [http://www.aleecia.com/authors-drafts/wpes-behav-AV.pdf]

Meeder, B & Tam, J & Kelley, Patrick G & Cranor, Lorrie F . (2010). RT @IWantPrivacy: Widespread Violation of Privacy Settings in the Twitter Social Network. Web 2.0 Security and Privacy 2010 (W2SP 2010). May 20, 2010., WebSite: [http://patrickgage.com/papers/Meeder-W2SP10.pdf]

Kelley, Patrick G & Cesca, L. J & Bresee, J & Cranor, Lorrie F . (2010). Standardizing Privacy Notices: An Online Study of the Nutrition Label Approach. CHI 2010. , WebSite: [ [Link] ]

Mazurek, Michelle L & Arsenault, J. P & Bresee, J & Gupta, N & Ion, I & Johns, C & Lee, D & Liang, Y & Olson, Jamie & Salmon, Brandon & Shay, Richard & Vaniea, Kami & Bauer, Lujo & Cranor, Lorrie F & Ganger, Gregory R & Reiter, Michael K . (2010). Access Control for Home Data Sharing: Attitudes, Needs and Practices. CHI 2010., [pdf]

Garfinkel, S & Cranor, Lorrie F . (2010). Institutional Review Boards and Your Research. Communications of the ACM, June 2010, p. 38-40., WebSite: [ [Link] ]

Downs, J. S & Holbrook, M & Sheng, S & Cranor, Lorrie F . (2010). Are Your Participants Gaming the System? Screening Mechanical Turk Workers. CHI 2010., WebSite: [[Link]]

Tsai, Janice & Kelley, Patrick G & Cranor, Lorrie F & Sadeh, Norman. (2010). Location Sharing Technologies: Privacy Risks and Controls. I/S: A Journal of Law and Policy for the Information Society, 6, 119-151. [pdf]

Kumaraguru, Ponnurangam & Sheng, S & Acquisti, Alessandro & Cranor, Lorrie F & Hong, Jason. (2010). Teaching Johnny Not to Fall for Phish. ACM Transactions on Internet Technology, 10, Association for Computing Machinery. WebSite: [Link]

Sheng, S & Holbrook, M & Kumaraguru, Ponnurangam & Cranor, Lorrie F & Downs, J. S . (2010). Who Falls for Phish? A Demographic Analysis of Phishing Susceptibility and Effectiveness of Interventions. conference, In proceedings of ACM Conference on Human Factors in Computer Systems (CHI 2010). Atlanta, GA, April 10-15, 2010., WebSite: [Link]

McDonald, A & Cranor, Lorrie F . (2009). An Empirical Study of How People Perceive Online Behavioral Advertising. Carnegie Mellon CyLab Technical Report CMU-CyLab-09-015, November 10, 2009., WebSite: [http://www.cylab.cmu.edu/research/techreports/2009/tr-cylab09015.html]

McDonald, A & Reeder, Robert W & Kelley, Patrick G & Cranor, Lorrie F . (2009). A comparative study of online privacy policies and formats. Privacy Enhancing Technologies Symposium 2009., WebSite: [http://lorrie.cranor.org/pubs/authors-version-PETS-formats.pdf]

Kelley, Patrick G & Bresee, J & Cranor, Lorrie F & Reeder, Robert W . (2009). A "Nutrition Label" for Privacy. SOUPS 2009, WebSite: [http://cups.cs.cmu.edu/soups/2009/proceedings/a4-kelley.pdf]

Egelman, Serge & Tsai, Janice & Cranor, Lorrie F & Acquisti, Alessandro. (2009). Timing Is Everything? The Effects of Timing and Placement of Online Privacy Indicators. CHI '09: Proceedings of the SIGCHI conference on Human Factors in Computing Systems. , WebSite: [[Link]]

Tsai, Janice & Kelley, Patrick G & Cranor, Lorrie F & Sadeh, Norman. (2009). Location-Sharing Technologies: Privacy Risks and Controls. TPRC 2009., WebSite: [Link]

Tsai, Janice & Kelley, Patrick G & Drielsma, P & Cranor, Lorrie F & Hong, Jason & Sadeh, Norman & Reiter, Michael K & Vaniea, Kami. (2009). Who's Viewed You? The Impact of Feedback in a Mobile-location System. CHI 2009., [pdf]

Bauer, Lujo & Cranor, Lorrie F & Reeder, Robert W . (2009). Real life challenges in access-control management. In CHI 2009: Conference on Human Factors in Computing Systems, pages 899-908, April 2009., [pdf]

Reeder, Robert W & Bauer, Lujo & Cranor, Lorrie F & Reiter, Michael K & Vaniea, Kami. (2009). Effects of Access-Control Policy Conflict-Resolution Methods on Policy-Authoring Usability. CyLab Technical Report CMU-CyLab-09-006, March 2009., WebSite: [http://www.cylab.cmu.edu/research/techreports/2009/tr-cylab09006.html]

Sunshine, J & Egelman, Serge & Almuhimedi, H & Atri, N & Cranor, Lorrie F . (2009). Crying Wolf: An Empirical Study of SSL Warning Effectiveness. USENIX Security 2009., [pdf]

Salmon, Brandon & Schlosser, Steven W & Cranor, Lorrie F & Ganger, Gregory R . (2009). Perspective: Semantic Data Management for the Home. 7th USENIX Conference on File and Storage Technologies (FAST '09). February 23-27, 2009, San Francisco, CA., [pdf]

Spiekermann, Sarah & Cranor, Lorrie F . (2009). Engineering Privacy. IEEE Transactions on Software Engineering. Vo. 35, No. 1, January/February, 2009, pp. 67-82. , WebSite: [http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1085333]

Sadeh, Norman & Hong, Jason & Cranor, Lorrie F & Fette, I & Kelley, Patrick G & Prabaker, M & Rao, J. (2009). Understanding and Capturing People’s Privacy Policies in a Mobile Social Networking Application. Journal of Personal and Ubiquitous Computing, 13, WebSite: [Springer link] [pdf]

Kumaraguru, Ponnurangam & Cranshaw, Justin & Acquisti, Alessandro & Cranor, Lorrie F & Hong, Jason & Blair, Mary Ann & Pham, John. (2009). A School of Phish: A Real-Word Evaluation of Anti-Phishing Training. technical report, WebSite: [Link]

Sheng, S & Wardman, Brad & Warner, Gary & Cranor, Lorrie F & Hong, Jason & Zhang, Yue. (2009). An Empirical Analysis of Phishing Blacklists. In conference proceedings at Conference on Email and Anti-Spam (CEAS 2009). July 16-17, 2009 in Mountain View, CA., WebSite: [Link]

Kumaraguru, Ponnurangam & Cranor, Lorrie F & Mather, Laura. (2009). Anti-Phishing Landing Page: Turning a 404 into a Teachable Moment for End Users. In conference proceedings at Conference on Email and Anti-Spam (CEAS 2009). Mountain View, CA. July 16-17, 2009.,

Egelman, Serge & Cranor, Lorrie F & Hong, Jason. (2008). Youve Been Warned: An Empirical Study of the Effectiveness of Web Browser Phishing Warnings. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, April 5-10, 2008, Florence, Italy, WebSite: [ [Link] ]

Kumaraguru, Ponnurangam & Sheng, S & Acquisti, Alessandro & Cranor, Lorrie F & Hong, Jason. (2008). PhishGuru: Lessons From a Real World Evaluation of Anti-Phishing Training. To appear in e-Crime Researchers Summit, Anti-Phishing Working Group, October 15 - 16, 2008, Atlanta, USA. ,

Kumaraguru, Ponnurangam & Sheng, S & Acquisti, Alessandro & Cranor, Lorrie F & Hong, Jason. (2008). Anti-Phishing Education. In Proceedings of The International Conference on E-Learning in the Workplace (ICELW 2008). ,

Cranor, Lorrie F . (2008). How to Foil "Phishing" Scams . Scientific American, December, WebSite: [ http://www.sciam.com/article.cfm?id=how-to-foil-phishing-scams ]

McDonald, A & Cranor, Lorrie F . (2008). The Cost of Reading Privacy Policies. I/S: A Journal of Law and Policy for the Information Society 2008 Privacy Year in Review issue. [Paper originally presented at TPRC 2008, Sept 26-28, 2008, Arlington, VA.], [pdf]

Cranor, Lorrie F & Egelman, Serge & Sheng, S & McDonald, A & Chowdhury, Abdur. (2008). P3P Deployment on Websites. Electronic Commerce Research and Applications, Volume 7, Issue 3, Autumn 2008, Pages 274-293., WebSite: [http://lorrie.cranor.org/pubs/p3p-deployment.html]

Reeder, Robert W & Kelley, Patrick G & McDonald, A & Cranor, Lorrie F . (2008). A User Study of the Expandable Grid Applied to P3P Policy Visualization. Workshop on Privacy in the Electronic Society (WPES 2008). Oct. 2008., WebSite: [[Link]]

Reeder, Robert W & Bauer, Lujo & Cranor, Lorrie F & Reiter, Michael K & Bacon, K & How, K & Strong, H. (2008). Expandable Grids for Visualizing and Authoring Computer Security Policies. ACM SIGCHI Conference on Human Factors in Computing Systems (CHI '08). 2008. , WebSite: [ [Link] ]

Bauer, Lujo & Cranor, Lorrie F & Reiter, Michael K & Vaniea, Kami. (2008). A User Study of Policy Creation in a Flexible Access-Control System. ACM SIGCHI Conference on Human Factors in Computing Systems (CHI '08). 2008., WebSite: [ [Link] ]

Cranor, Lorrie F . (2008). A Framework for Reasoning About the Human in the Loop. Usability, Psychology and Security 2008., [pdf]

Studer, Ahren & Johns, C & Kase, Jaanus & O'Meara, Kyle & Cranor, Lorrie F . (2008). A Survey to Guide Group Key Protocol Development. Annual Computer Security Applications Conference (ACSAC) 2008, December 8-12, 2008, Anaheim, CA., WebSite: [http://www.acsac.org/openconf2008/modules/request.php?module=oc_program&action=summary.php&req=committee&id=119]

Kelley, Patrick G & Hankes Drielsma, Paul & Sadeh, Norman & Cranor, Lorrie F . (2008). User-Controllable Security and Privacy for Pervasive Computing. Proceedings of the 8th IEEE Workshop on Mobile Computing Systems and Applications (“HotMobile 2007”), February 26-27, 2007, Westin La Paloma, Tucson, Arizona., [pdf]

Benisch, Michael & Kelley, Patrick G & Sadeh, Norman & Sandholm, Tuomas & Cranor, Lorrie F & Drielsma, P & Tsai, Janice. (2008). The Impact of Expressiveness on the Effectiveness of Privacy Mechanisms for Location Sharing. Carnegie Mellon University, School of Computer Science, Institute for Software Research, Technical Report CMU-ISR-08-141., [pdf]

Tsai, Janice & Egelman, Serge & Cranor, Lorrie F & Acquisti, Alessandro. (2007). The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study. Paper presented at the Workshop on the Economics of Information Security, June 7-8, 2007, Pittsburgh, PA, [pdf]

Cranor, Lorrie F & Egelman, Serge & Hong, Jason & Zhang, Yue. (2007). Phinding Phish: An Evaluation of Anti-Phishing Toolbars. NDSS: Proceedings of the ISOC Symposium on Network and Distributed System Security, 2007, [pdf]

Kumaraguru, Ponnurangam & Sheng, S & Rhee, Yong & Acquisti, Alessandro & Cranor, Lorrie F & Hong, Jason. (2007). Getting users to pay attention to anti-phishing education: Evaluation of retention and transfer. e-Crime Researchers Summit, Anti-Phishing Working Group, [pdf]

Kumaraguru, Ponnurangam & Rhee, Yong & Acquisti, Alessandro & Cranor, Lorrie F & Hong, Jason & Nunge, Elizabeth. (2007). Protecting people from phishing: the design and evaluation of an embedded training email system. CHI 07: Proceedings of the SIGCHI conference on Human factors in computing systems, 905914. ACM Press: New York. WebSite: [ [Link] ]

Sheng, S & Magnien, B & Kumaraguru, Ponnurangam & Acquisti, Alessandro & Cranor, Lorrie F & Hong, Jason & Nunge, Elizabeth. (2007). Anti-phishing phil: The design and evaluation of a game that teaches people not to fall for phish. In SOUPS 07: Proceedings of the 3rd symposium on usable privacy and security (New York, NY, USA, March 2007), ACM, pp.8899., WebSite: [ [Link] ]

Kumaraguru, Ponnurangam & Cranor, Lorrie F & Lobo, Jorge & Calo, Seraphin B . (2007). A survey of privacy policy languages. Workshop on Usable IT Security Management (USM 07). In SOUPS '07: Proceedings of the 3rd symposium on Usable privacy and security (New York, NY, USA, March 2007), ACM. , WebSite: [ [Link] ]

Prabaker, M & Rao, J & Fette, I & Kelley, Patrick G & Cranor, Lorrie F & Hong, Jason & Sadeh, Norman. (2007). Understanding and capturing people’s privacy policies in a mobile social networking application. 2007 Ubicomp Workshop on Privacy, Austria, Sept. 2007., WebSite: [http://www.springerlink.com/content/g46m83354720h563/]

Cornwell, J & Fette, I & Hsieh, G & Prabaker, M & Rao, J & Tang, K & Vaniea, Kami & Bauer, Lujo & Cranor, Lorrie F & Hong, Jason & Vaniea, Kami & Reiter, Michael K & Sadeh, Norman. (2007). User-Controllable Security and Privacy For Pervasive Computing. Proceedings of the 8th IEEE Workshop on Mobile Computing Systems and Applications (HotMobile 2007)., [pdf]

Bauer, Lujo & Cranor, Lorrie F & Reiter, Michael K & Vaniea, Kami. (2007). Lessons Learned from the Deployment of a Smartphone-Based Access-Control System. In Proceedings of the 2007 Symposium On Usable Privacy and Security, Pittsburgh, PA, July 18-20, 2007., [pdf]

Downs, J. S & Holbrook, M & Cranor, Lorrie F . (2007). Behavioral Response to Phishing Risk. In proceedings of 2nd Annual eCrime Researches Summit, October 4-5, 2007. Pittsburgh, PA, p.37-44., WebSite: [Link]

Zhang, Yue & Egelman, Serge & Cranor, Lorrie F & Hong, Jason. (2007). Phinding Phish: Evaluating Anti-Phishing Tools. In Proceedings of the 14th Annual Network & Distributed System Security Symposium (NDSS 2007), San Diego, CA, 28th February - 2nd March, 2007, WebSite: [Link]

Cranor, Lorrie F & McDonald, A & Egelman, Serge & Sheng, S. (2006). 2006 Privacy Policy Trends Report. CyLab Privacy Interest Group, January 31 2007,

Cranor, Lorrie F & Egelman, Serge & Hong, Jason & Zhang, Yue. (2006). Phinding Phish: An Evaluation of Anti-Phishing Toolbars. Cylab Technical Report, CMU-CYLAB-06-018, November 13, 206, [pdf]

Egelman, Serge & Cranor, Lorrie F & Chowdhury, Abdur. (2006). An Analysis of P3P-Enabled Web Sites among Top-20 Search Results. Proceedings of the Eighth International Conference on Electronic Commerce, [pdf]

Gideon, Julia & Egelman, Serge & Cranor, Lorrie F & Acquisti, Alessandro. (2006). Power Strips, Prophylactics, and Privacy, Oh My!. Proceedings of the 2006 Symposium On Usable Privacy and Security, July 2006, [pdf]

Egelman, Serge & Tsai, Janice & Cranor, Lorrie F & Acquisti, Alessandro. (2006). Studying the Impact of Privacy Information on Online Purchase Decisions. Workshop on Privacy and HCI: Methodologies for Studying Privacy Issues at CHI2006, April 2006,

Kumaraguru, Ponnurangam & Acquisti, Alessandro & Cranor, Lorrie F . (2006). Trust modeling for online transactions: A phishing scenario. In the proceedings of Privacy Security Trust, Oct 30 - Nov 1, 2006, Ontario, Canada. ,

Cranor, Lorrie F & Guduru, P & Arjula, M. (2006). User Interfaces for Privacy Agents. Conference, ACM Transactions on Computer-Human Interaction, June 2006, pp 135-178., WebSite: [ [Link] ]

Cranor, Lorrie F . (2006). What do they "indicate?": evaluating security and privacy indicators. Interactions, 13, 45-57. WebSite: [http://portal.acm.org/citation.cfm?id=1125890&jmp=cit&coll=portal&dl=ACM&CFID=514855545&CFTOKEN=514855545#CIT]

McDonald, A & Cranor, Lorrie F . (2006). How Technology Drives Vehicular Privacy. I/S: A Journal of Law and Policy for the Information Society, 2, ISJLP. [pdf]

Sheng, X & Cranor, Lorrie F . (2006). An Evaluation of the Effectiveness of US Financial Privacy Legislation Through the Analysis of Privacy Policies. I/S: A Journal of Law and Policy for the Information Society, 2, 943-979. WebSite: [http://www.chariotsfire.com/pub/financial-privacy.v6-sx-lfc.pdf]

Kuo, C & Romanosky, S & Cranor, Lorrie F . (2006). Human Selection of Mnemonic Phrase-Based Passwords. n Proceedings of the 2006 Symposium On Usable Privacy and Security, 12-14 July 2006, Pittsburgh, PA., [pdf]

Fette, I & Sadeh, Norman & Cranor, Lorrie F . (2006). Web Security Requirements: A Phishing Perspective. Position Statement. Proceedings of W3C Workshop on Transparency and Usability of Web Authentication, New York City, March 2006., [pdf]

Tsai, Janice & Cranor, Lorrie F & Craver, Scott. (2006). Vicarious infringement creates a privacy ceiling. In Proceedings of the ACM Workshop on Digital Rights Management, Alexandria, Virginia, October 30 - 30, 2006., WebSite: [Link]

Downs, J. S & Holbrook, M & Cranor, Lorrie F . (2006). Decision Strategies and Susceptibility to Phishing. In Proceedings of the 2006 Symposium On Usable Privacy and Security, 12-14 July 2006, Pittsburgh, PA., WebSite: [Link]

Egelman, Serge & Cranor, Lorrie F . (2005). The Real ID Act: Fixing Identity Documents with Duct Tape. I/S: A Journal of Law and Policy for the Information Society, Fall/Winter, [pdf]

Kumaraguru, Ponnurangam & Cranor, Lorrie F & Newton, Elaine. (2005). Privacy Perceptions in India and the United States: An Interview Study. In The 33rd Research Conference on Communication, Information and Internet Policy (TPRC), Sep 23 - Sep 25, 2005, The National Center for Technology and Law, George Mason University School of Law, USA. ,

Geiger, M & Cranor, Lorrie F . (2005). Counter-Forensic Privacy Tools: A Forensic Evaluation. ISRI Technical Report. CMU-ISRI-05-119, 2005.,

Kowitz, B & Cranor, Lorrie F . (2005). Peripheral Privacy Notifications for Wireless Networks. In Proceedings of the 2005 Workshop on Privacy in the Electronic Society, 7 November 2005, Alexandria, VA. , WebSite: [http://lorrie.cranor.org/pubs/wpes05.html]

Kumaraguru, Ponnurangam & Cranor, Lorrie F . (2005). Privacy Indexes: A Survey of Westin's Studies. ISRI Technical Report. CMU-ISRI-05-138, 2005., [pdf]

Kumaraguru, Ponnurangam & Cranor, Lorrie F . (2004). Privacy in India: Attitudes and Awareness.. In Proceedings of the 2005 Workshop on Privacy Enhancing Technologies (PET 2005), 30 May - 1 June 2005, Dubrovnik, Croatia. ,

Byers, Simon & Cranor, Lorrie F & Kormann, Dave & McDaniel, Patrick. (2004). Searching for Privacy: Design and Implementation of a P3P-Enabled Search Engine. In Proceedings of the 2004 Workshop on Privacy Enhancing Technologies (PET2004), 26-28 May, 2004, Toronto, Canada., WebSite: [Link]

Cranor, Lorrie F . (2003). 'I Didn't Buy it for Myself': Privacy and Ecommerce Personalization. Proceedings of the 2nd ACM Workshop on Privacy in the Electronic Society, October 30, 2003, Washington, DC., WebSite: [ [Link] ]

Sadeh, Norman & Dively, Mary J & Kauffman, Robert & Labrou, Yannis & Shehory, O & Telang, Rahul & Cranor, Lorrie F . (2003). Proceedings of the Fifth International Conference on Electronic Commerce. ACM International Conference Proceeding Series, 50, ACM Press. WebSite: [ [Link] ]

Cranor, Lorrie F . (2002). Web Privacy with P3P. Book, O'Reilly & Associates, Inc.. WebSite: [http://p3pbook.com/]

Back