de

Publications

Attitudes towards Client-Side Scanning for CSAM, Terrorism, Drug Trafficking, Drug Use and Tax Evasion in Germany

Geierhaas, L.; Otto, F.; Häring, M.; Smith, M.
2023 IEEE Symposium on Security and Privacy (SP)

Different Researchers, Different Results? Analyzing the Influence of Researcher Experience and Data Type During Qualitative Analysis of an Interview and Survey Study on Security Advice

Ortloff, A.; Fassl, M.; Ponticello, A.; Martius, F.; Mertens, A.; Krombholz, K.; Smith, M.
Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems

Less About Privacy: Revisiting a Survey about the German COVID-19 Contact Tracing App

Häring, M.; Gerlitz, E.; Smith, M.; Tiefenau, C.
Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems

Evolution of Password Expiry in Companies: Measuring the Adoption of Recommendations by the German Federal Office for Information Security

Gerlitz, E.; Häring, M.; Smith, M.; Tiefenau, C.
Nineteenth Symposium on Usable Privacy and Security (SOUPS 2023)

Privacy Research on the Pulse of Time: COVID-19 Contact-Tracing Apps

Gerlitz, E.; Häring, M.; Gerber, N.; Stöver, A.; Marky, K.

Let's Hash: Helping Developers with Password Security

Geierhaas, L.; Ortloff, A.; Smith, M.; Naiakshina, A.
Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022)

Privacy at a Glance: A Process to Learn Modular Privacy Icons During Web Browsing

Windl, M.; Ortloff, A.; Henze, N.; Schwind, V.
Proceedings of the Conference on Human Information Interaction and Retrieval

Behavioral responses to a cyber attack in a hospital environment

Willing, M.; Dresen, C.; Gerlitz, E.; Haering, M.; Smith, M.; Binnewies, C.; Guess, T.; Haverkamp, U.; Schinzel, S.
Nature Scientific Reports

Please do not use !?_ or your License Plate Number: Analyzing Password Policies in German Companies

Gerlitz, E.; Häring, M.; Smith, M.
Proceedings of the Symposium On Usable Privacy and Security

Never ever or no matter what: Investigating Adoption Intentions and Misconceptions about the Corona-Warn-App in Germany

Häring, M.; Gerlitz, E.; Tiefenau, C.; Acar, Y.; Fahl, S.; Smith, M.; Wermke, D.
Proceedings of the Seventeenth Symposium on Usable Privacy and Security

Do you Really Code? Designing and Evaluating Screening Questions for Online Surveys with Programmers

Danilova, A.; Naiakshina, A.; Horstmann, S.; Smith, M.
Proceedings of the International Conference on Software Engineering

Code Reviewing as Methodology for Online Security Studies with Developers - A Case Study with Freelancers on Password Storage

Danilova, A.; Naiakshina, A.; Rasgauski, A.; Smith, M.
Proceedings of the Seventeenth Symposium on Usable Privacy and Security

Werkzeuge für Usable (Cyber-)Security

Iacono, L. L.; Smith, M.; Gorski, P. L.; Reuter, C.

The Effect of Nudges and Boosts on Browsing Privacy in a Naturalistic Environment

Ortloff, A.; Zimmerman, S.; Elsweiler, D.; Henze, N.
Proceedings of the 2021 Conference on Human Information Interaction and Retrieval

Replication: Measuring User Perceptions in Smartphone Security and Privacy in Germany

Schessler, M.; Gerlitz, E.; Häring, M.; Smith, M.
Proceedings of the European Symposium on Usable Security 2021

Replicating a Study of Ransomware in Germany

Ortloff, A.; Vossen, M.; Tiefenau, C.
Proceedings of the European Symposium on Usable Security 2021

One size does not fit all: a grounded theory and online survey study of developer preferences for security warning types

Danilova, A.; Naiakshina, A.; Smith, M.
Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering

On Conducting Security Developer Studies with CS Students: Examining a Password-Storage Study with CS Students, Freelancers, and Company Developers

Naiakshina, A.; Danilova, A.; Gerlitz, E.; Smith, M.
Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems

Security, Availability, and Multiple Information Sources: Exploring Update Behavior of System Administrators

Tiefenau, C.; Häring, M.; Krombholz, K.; von Zezschwitz, E.
Proceedings of Sixteenth Symposium on Usable Privacy and Security

Replication: On the Ecological Validity of Online Security Developer Studies: Exploring Deception in a Password-Storage Study with Freelancers

Danilova, A.; Naiakshina, A.; Deuter, J.; Smith, M.
Proceedings of the Sixteenth Symposium on Usable Privacy and Security

Implementation and In Situ Assessment of Contextual Privacy Policies

Ortloff, A.; Windl, M.; Schwind, V.; Henze, N.
Proceedings of the 2020 ACM Designing Interactive Systems Conference

"If HTTPS Were Secure, I Wouldn't Need 2FA" - End User and Administrator Mental Models of HTTPS

Krombholz, K.; Busse, K.; Pfeffer, K.; Smith, M.; von Zezschwitz, E.
Proceedings of the Symposium on Security and Privacy

Replication: No One Can Hack My Mind Revisiting a Study on Expert and Non-Expert Security Practices and Advice

Busse, K.; Schäfer, J.; Smith, M.
Proceedings of Symposium on Usable Privacy and Security

A Usability Evaluation of Let's Encrypt and Certbot: Usable Security Done Right

Tiefenau, C.; von Zezschwitz, E.; Häring, M.; Krombholz, K.; Smith, M.
Proceedings of the 2019 ACM Special Interest Group on Security, Audit and Control Conference on Computer and Communications Security

"If you want, I can store the encrypted password": A Password-Storage Field Study with Freelance Developers

Naiakshina, A.; Danilova, A.; Gerlitz, E.; von Zezschwitz, E.; Smith, M.
Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems

Vision: I don’t want to use my Phone! A Cognitive Walkthrough for YubiKeys

Bischoff, C.; Gerlitz, E.; Smith, M.
Proceedings of the 2020 IEEE European Symposium on Security and Privacy Workshops

SentiBooks: Enhancing Audiobooks via Affective Computing and Smart Light Bulbs

Ortloff, A.; Güntner, L.; Windl, M.; Schmidt, T.; Kocur, M.; Wolff, C.
Proceedings of Mensch und Computer 2019

Towards a Graphical User Interface for Quantitative Analysis in Digital Musicology

Ortloff, A.; Windl, M.; Güntner, L.; Schmidt, T.
Proceedings of Mensch und Computer 2019

"Please enter your PIN" -- On the Risk of Bypass Attacks on Biometric Authentication on Mobile Devices

Tiefenau, C.; Häring, M.; Khamis, M.; von Zezschwitz, E.
15th Symposium on Usable Privacy and Security

Making Privacy Graspable: Can we Nudge Users to use Privacy Enhancing Techniques?

Tiefenau, C.; Häring, M.; Gerlitz, E.; von Zezschwitz, E.
15th Symposium on Usable Privacy and Security

In Encryption We Don’t Trust: The Effect of End-to-End Encryption to the Masses on User Perception

Dechand, S.; Naiakshina, A.; Danilova, A.; Smith, M.
Proceedings of the 2019 IEEE European Symposium on Security and Privacy

A Case Study on (Security) Update Processes in Working Environments: Understanding the Context

Häring, M.; Tiefenau, C.; Gerlitz, E.; Brenner, R.; von Zezschwitz, E.
15th Symposium on Usable Privacy and Security

Evaluation kontextueller Datenschutzerklärungen

Ortloff, A.; Güntner, L.; Windl, M.; Feth, D.; Polst, S.
Proceedings of Mensch und Computer 2018 - Workshopband

Deception Task Design in Developer Password Studies: Exploring a Student Sample

Naiakshina, A.; Danilova, A.; Tiefenau, C.; Smith, M.
Proceedings of the Fourteenth Symposium on Usable Privacy and Security

Exploring Design Directions for Wearable Privacy

Krombholz, K.; Dabrowski, A.; Smith, M.; Weippl, E.
Proceedings of Usable Security

Obstacles to the Adoption of Secure Communication Tools

Abu-Salma, R.; Sasse, M. A.; Bonneau, J.; Danilova, A.; Naiakshina, A.; Smith, M.
Proceedings of the 2017 IEEE Symposium on Security and Privacy

Why Do Developers Get Password Storage Wrong? A Qualitative Usability Study

Naiakshina, A.; Danilova, A.; Tiefenau, C.; Herzog, M.; Dechand, S.; Smith, M.
Proceedings of the Special Interest Group on Security, Audit and Control

Debunking Security-Usability Tradeoff Myths

Sasse, M. A.; Smith, M.; Herley, C.; Lipford, H.; Vaniea, K.
IEEE Security & Privacy

Developers are Not the Enemy!: The Need for Usable Security APIs

Green, M.; Smith, M.
IEEE Security & Privacy Magazine

Usable Security—The Source Awakens

Smith, M.
USENIX Enigma

Helping Johnny to Analyze Malware: A Usability-Optimized Decompiler and Malware Analysis User Study

Yakdan, K.; Dechand, S.; Gerhards-Padilla, E.; Smith, M.
Proceedings of the Symposium on Security and Privacy

SoK: Lessons Learned from Android Security Research for Appified Software Platforms

Acar, Y.; Backes, M.; Bugiel, S.; Fahl, S.; McDaniel, P.; Smith, M.
Proceedings of the 2016 IEEE Symposium on Security and Privacy

The Security-Usability Tradeoff Myth [Guest editors' introduction]

Sasse, M. A.; Smith, M.
IEEE Security Privacy

Ok Glass, Leave Me Alone: Towards a Systematization of Privacy Enhancing Technologies for Wearable Computing

Krombholz, K.; Dabrowski, A.; Smith, M.; Weippl, E.
Proceedings of Financial Cryptography and Data Security

No More Gotos: Decompilation Using Pattern-Independent Control-Flow Structuring and Semantics-Preserving Transformations – NDSS Symposium

Yakdan, K.; Eschweiler, S.; Gerhards-Padilla, E.; Smith, M.
Proceedings of the 2015 Network and Distributed System Security Symposium

Participatory Design for Security-Related User Interfaces – NDSS Symposium

Weber, S.; Harbach, M.; Smith, M.
Proceedings of the 2015 Network and Distributed System Security Symposium

Where Have You Been? Using Location-Based Security Questions for Fallback Authentication

Hang, A.; Luca, A. D.; Smith, M.; Richter, M.; Hussmann, H.
Proceedings of the Eleventh Symposium On Usable Privacy and Security

VCCFinder: Finding Potential Vulnerabilities in Open-Source Projects to Assist Code Audits

Perl, H.; Dechand, S.; Smith, M.; Arp, D.; Yamaguchi, F.; Rieck, K.; Fahl, S.; Acar, Y.
Proceedings of Special Interest Group on Security, Audit and Control

To Pin or Not to Pin—Helping App Developers Bullet Proof Their TLS Connections

Oltrogge, M.; Acar, Y.; Dechand, S.; Smith, M.; Fahl, S.
Proceedings of the 24th USENIX Security Symposium

SoK: Secure Messaging

Unger, N.; Dechand, S.; Bonneau, J.; Fahl, S.; Perl, H.; Goldberg, I.; Smith, M.
Proceedings of the 2015 IEEE Symposium on Security and Privacy

It’s a Hard Lock Life: A Field Study of Smartphone ( Un)Locking Behavior and Risk Perception

Harbach, M.; Zezschwitz, E. v.; Fichtner, A.; Luca, A. D.; Smith, M.
Proceedings of the 10th Symposium On Usable Privacy and Security

Now you see me, now you don't: protecting smartphone authentication from shoulder surfers

De Luca, A.; Harbach, M.; von Zezschwitz, E.; Maurer, M.; Slawik, B. E.; Hussmann, H.; Smith, M.
Proceedings of the Special Interest Group on Computer–Human Interaction Conference

You Won’t Be Needing These Any More: On Removing Unused Certificates from Trust Stores

Perl, H.; Fahl, S.; Smith, M.
Proceedings of Financial Cryptography and Data Security

Why eve and mallory (also) love webmasters: a study on the root causes of SSL misconfigurations

Fahl, S.; Acar, Y.; Perl, H.; Smith, M.
Proceedings of the 9th symposium on Information, computer and communications security

Who's Afraid of Which Bad Wolf? A Survey of IT Security Risk Awareness

Harbach, M.; Fahl, S.; Smith, M.
Proceedings of the 27th Computer Security Foundations Symposium

Using personal examples to improve risk communication for security & privacy decisions

Harbach, M.; Hettig, M.; Weber, S.; Smith, M.
Proceedings of the Special Interest Group on Computer–Human Interaction Conference

Privacy/performance trade-off in private search on bio-medical data

Perl, H.; Mohammed, Y.; Brenner, M.; Smith, M.
Future Generation Computer Systems

On the Awareness, Control and Privacy of Shared Photo Metadata

Henne, B.; Koch, M.; Smith, M.; Christin, N.; Safavi-Naini, R.
Proceedings of Financial Cryptography and Data Security

Hey, NSA: Stay Away from my Market! Future Proofing App Markets against Powerful Attackers

Fahl, S.; Dechand, S.; Perl, H.; Fischer, F.; Smrcek, J.; Smith, M.
Proceedings of the Conference on Computer and Communications Security

Rethinking SSL development in an appified world

Fahl, S.; Harbach, M.; Perl, H.; Koetter, M.; Smith, M.
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Sorry, I Don’t Get It: An Analysis of Warning Message Texts

Harbach, M.; Fahl, S.; Yakovleva, P.; Smith, M.; Adams, A. A.; Brenner, M.; Smith, M.
Proceedings of the Conference on Financial Cryptography and Data Security

On the ecological validity of a password study

Fahl, S.; Harbach, M.; Acar, Y.; Smith, M.
Proceedings of the Ninth Symposium on Usable Privacy and Security

On the Acceptance of Privacy-Preserving Authentication Technology: The Curious Case of National Identity Cards

Harbach, M.; Fahl, S.; Rieger, M.; Smith, M.; De Cristofaro, E.; Wright, M.
Privacy Enhancing Technologies

Hey, You, Get Off of My Clipboard

Fahl, S.; Harbach, M.; Oltrogge, M.; Muders, T.; Smith, M.; Sadeghi, A.
Proceedings of Financial Cryptography and Data Security

Helping Johnny 2.0 to encrypt his Facebook conversations

Fahl, S.; Harbach, M.; Muders, T.; Smith, M.; Sander, U.
Proceedings of the Eighth Symposium on Usable Privacy and Security

Big data privacy issues in public social media

Smith, M.; Szongott, C.; Henne, B.; von Voigt, G.
Proceedings of 2012 6th IEEE International Conference on Digital Ecosystems and Technologies

Why eve and mallory love android: an analysis of android SSL (in)security

Fahl, S.; Harbach, M.; Muders, T.; Baumgärtner, L.; Freisleben, B.; Smith, M.
Proceedings of the Conference on Computer and communications security