@inproceedings{47844, author = {{Jancar, Jan and Fourné, Marcel and Braga, Daniel De Almeida and Sabt, Mohamed and Schwabe, Peter and Barthe, Gilles and Fouque, Pierre-Alain and Acar, Yasemin}}, booktitle = {{2022 IEEE Symposium on Security and Privacy (SP)}}, publisher = {{IEEE}}, title = {{{“They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks}}}, doi = {{10.1109/sp46214.2022.9833713}}, year = {{2022}}, } @inproceedings{47286, author = {{Gutfleisch, Marco and Klemmer, Jan H. and Busch, Niklas and Acar, Yasemin and Sasse, M. Angela and Fahl, Sascha}}, booktitle = {{43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022}}, pages = {{893–910}}, publisher = {{IEEE}}, title = {{{How Does Usable Security (Not) End Up in Software Products? Results From a Qualitative Interview Study}}}, doi = {{10.1109/SP46214.2022.9833756}}, year = {{2022}}, } @inproceedings{47287, author = {{Stransky, Christian and Wiese, Oliver and Roth, Volker and Acar, Yasemin and Fahl, Sascha}}, booktitle = {{43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022}}, pages = {{860–875}}, publisher = {{IEEE}}, title = {{{27 Years and 81 Million Opportunities Later: Investigating the Use of Email Encryption for an Entire University}}}, doi = {{10.1109/SP46214.2022.9833755}}, year = {{2022}}, } @inproceedings{47283, author = {{Kaur, Harjot and Amft, Sabrina and Votipka, Daniel and Acar, Yasemin and Fahl, Sascha}}, booktitle = {{31st USENIX Security Symposium, USENIX Security 2022, Boston, MA, USA, August 10-12, 2022}}, editor = {{Butler, Kevin R. B. and Thomas, Kurt}}, pages = {{4041–4058}}, publisher = {{USENIX Association}}, title = {{{Where to Recruit for Security Development Studies: Comparing Six Software Developer Samples}}}, year = {{2022}}, } @article{47290, author = {{Huaman, Nicolas and Amft, Sabrina and Oltrogge, Marten and Acar, Yasemin and Fahl, Sascha}}, journal = {{IEEE Secur. Priv.}}, number = {{2}}, pages = {{49–60}}, title = {{{They Would Do Better If They Worked Together: Interaction Problems Between Password Managers and the Web}}}, doi = {{10.1109/MSEC.2021.3123795}}, volume = {{20}}, year = {{2022}}, } @inproceedings{47843, author = {{Wermke, Dominik and Wohler, Noah and Klemmer, Jan H. and Fourné, Marcel and Acar, Yasemin and Fahl, Sascha}}, booktitle = {{2022 IEEE Symposium on Security and Privacy (SP)}}, publisher = {{IEEE}}, title = {{{Committed to Trust: A Qualitative Study on Security & Trust in Open Source Software Projects}}}, doi = {{10.1109/sp46214.2022.9833686}}, year = {{2022}}, } @inproceedings{47288, author = {{Jancar, Jan and Fourné, Marcel and Braga, Daniel De Almeida and Sabt, Mohamed and Schwabe, Peter and Barthe, Gilles and Fouque, Pierre-Alain and Acar, Yasemin}}, booktitle = {{43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022}}, pages = {{632–649}}, publisher = {{IEEE}}, title = {{{"They’re not that hard to mitigate": What Cryptographic Library Developers Think About Timing Attacks}}}, doi = {{10.1109/SP46214.2022.9833713}}, year = {{2022}}, } @inproceedings{47285, author = {{Wermke, Dominik and Wöhler, Noah and Klemmer, Jan H. and Fourné, Marcel and Acar, Yasemin and Fahl, Sascha}}, booktitle = {{43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022}}, pages = {{1880–1896}}, publisher = {{IEEE}}, title = {{{Committed to Trust: A Qualitative Study on Security & Trust in Open Source Software Projects}}}, doi = {{10.1109/SP46214.2022.9833686}}, year = {{2022}}, } @inproceedings{47284, author = {{Munyendo, Collins W. and Acar, Yasemin and Aviv, Adam J.}}, booktitle = {{43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022}}, pages = {{2304–2319}}, publisher = {{IEEE}}, title = {{{"Desperate Times Call for Desperate Measures": User Concerns with Mobile Loan Apps in Kenya}}}, doi = {{10.1109/SP46214.2022.9833779}}, year = {{2022}}, } @article{47281, author = {{Krause, Alexander and Klemmer, Jan H. and Huaman, Nicolas and Wermke, Dominik and Acar, Yasemin and Fahl, Sascha}}, journal = {{CoRR}}, title = {{{Committed by Accident: Studying Prevention and Remediation Strategies Against Secret Leakage in Source Code Repositories}}}, doi = {{10.48550/arXiv.2211.06213}}, volume = {{abs/2211.06213}}, year = {{2022}}, } @inproceedings{47265, author = {{Huaman, Nicolas and von Skarczinski, Bennet and Stransky, Christian and Wermke, Dominik and Acar, Yasemin and Dreißigacker, Arne and Fahl, Sascha}}, booktitle = {{30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021}}, editor = {{Bailey, Michael and Greenstadt, Rachel}}, pages = {{1235–1252}}, publisher = {{USENIX Association}}, title = {{{A Large-Scale Interview Study on Information Security in and Attacks against Small and Medium-sized Enterprises}}}, year = {{2021}}, } @inproceedings{47268, author = {{Stransky, Christian and Wermke, Dominik and Schrader, Johanna and Huaman, Nicolas and Acar, Yasemin and Fehlhaber, Anna Lena and Wei, Miranda and Ur, Blase and Fahl, Sascha}}, booktitle = {{Seventeenth Symposium on Usable Privacy and Security, SOUPS 2021, August 8-10, 2021}}, editor = {{Chiasson, Sonia}}, pages = {{437–454}}, publisher = {{USENIX Association}}, title = {{{On the Limited Impact of Visualizing Encryption: Perceptions of E2E Messaging Security}}}, year = {{2021}}, } @inproceedings{47267, author = {{Huaman, Nicolas and Amft, Sabrina and Oltrogge, Marten and Acar, Yasemin and Fahl, Sascha}}, booktitle = {{2021 IEEE Symposium on Security and Privacy (SP)}}, publisher = {{IEEE}}, title = {{{They Would do Better if They Worked Together: The Case of Interaction Problems Between Password Managers and Websites}}}, doi = {{10.1109/sp40001.2021.00094}}, year = {{2021}}, } @inproceedings{47266, author = {{Haney, Julie M. and Acar, Yasemin and Furman, Susanne}}, booktitle = {{30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021}}, editor = {{Bailey, Michael and Greenstadt, Rachel}}, pages = {{411–428}}, publisher = {{USENIX Association}}, title = {{{"It’s the Company, the Government, You and I": User Perceptions of Responsibility for Smart Home Privacy and Security}}}, year = {{2021}}, } @inproceedings{47264, author = {{Oltrogge, Marten and Huaman, Nicolas and Amft, Sabrina and Acar, Yasemin and Backes, Michael and Fahl, Sascha}}, booktitle = {{30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021}}, editor = {{Bailey, Michael and Greenstadt, Rachel}}, pages = {{4347–4364}}, publisher = {{USENIX Association}}, title = {{{Why Eve and Mallory Still Love Android: Revisiting TLS (In)Security in Android Applications}}}, year = {{2021}}, } @inproceedings{47269, author = {{Neil, Lorenzo and Bouma-Sims, Elijah and Lafontaine, Evan and Acar, Yasemin and Reaves, Bradley}}, booktitle = {{Seventeenth Symposium on Usable Privacy and Security, SOUPS 2021, August 8-10, 2021}}, editor = {{Chiasson, Sonia}}, pages = {{359–376}}, publisher = {{USENIX Association}}, title = {{{Investigating Web Service Account Remediation Advice}}}, year = {{2021}}, } @phdthesis{47271, author = {{Acar, Yasemin}}, publisher = {{University of Marburg, Germany}}, title = {{{Human Factors in Secure Software Development}}}, year = {{2021}}, } @inbook{47261, author = {{Haney, Julie M. and Furman, Susanne M. and Acar, Yasemin}}, booktitle = {{HCI for Cybersecurity, Privacy and Trust}}, isbn = {{9783030503086}}, issn = {{0302-9743}}, publisher = {{Springer International Publishing}}, title = {{{Smart Home Security and Privacy Mitigations: Consumer Perceptions, Practices, and Challenges}}}, doi = {{10.1007/978-3-030-50309-3_26}}, year = {{2020}}, } @inproceedings{47260, author = {{Wermke, Dominik and Huaman, Nicolas and Stransky, Christian and Busch, Niklas and Acar, Yasemin and Fahl, Sascha}}, booktitle = {{Sixteenth Symposium on Usable Privacy and Security, SOUPS 2020, August 7-11, 2020}}, editor = {{Lipford, Heather Richter and Chiasson, Sonia}}, pages = {{359–377}}, publisher = {{USENIX Association}}, title = {{{Cloudy with a Chance of Misconceptions: Exploring Users’ Perceptions and Expectations of Security and Privacy in Cloud Office Suites}}}, year = {{2020}}, } @inproceedings{47262, author = {{Gorski, Peter Leo and Acar, Yasemin and Lo Iacono, Luigi and Fahl, Sascha}}, booktitle = {{Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems}}, publisher = {{ACM}}, title = {{{Listen to Developers! A Participatory Design Study on Security Warnings for Cryptographic APIs}}}, doi = {{10.1145/3313831.3376142}}, year = {{2020}}, }