Usable Security and Privacy
Problem Set 4
Due on Canvas at 10:45am on Thursday, May 2nd.
Problem 1 (20 points)
People reuse passwords across accounts. As a result, password breaches cause major security issues in many cases. For this problem, imagine that you are in charge of IT Security for UChicago, and that Facebook recently suffered a major password breach. You find plaintext passwords from Facebook on the dark web, and some of the usernames and passwords in that leaked data are the same (or similar to) username-password pairs at UChicago. Follow the NEAT and SPRUCE guidelines to craft a notification to potentially impacted UChicago users. You should turn in:
Problem 2 (15 points)
Political activists frequently fear being surveilled by a wide range of adversaries (ranging from governments to opposing factions), yet often lack the technical knowledge to keep themselves secure and private.
To help bridge this gap, create a 1-2 page overview for (non-technical) activists outlining what you believe to be the essential steps they can take to protect their privacy and security, including everything you think they need to know. We'd like to actually distribute some of these (with your permission), so style counts! Think about what you could imagine receiving as a handout (one-sided or two-sided). Think also about the best designed infographics you have seen and use those as aesthetic inspiration. Please turn in the following:
Here are some starting resources you might consider when deciding what advice to include or leave out:
Problem 3 (50 points)
Twitter provides an API to collect data posted on Twitter. The Twitter API allows you to get a real-time, random sample of all tweets containing a set of keywords being posted on Twitter.
Utilize the Twitter API to collect all the tweets that was posted about information security and information privacy in real time for 8 hours. Note that you need to create a Twitter developer account for the data collection. You will have to choose your keywords carefully so that you obtain sufficiently relevant data from the API. Write code to filter out non-English tweets from your collection.
Create a word cloud from the filtered text of your tweets after removing all stop words, punctuation, and user mentions (tokens starting with "@").
Finally, we would like to know what are the most prominent information security and privacy concerns that Twitter users talked about during your data collection. To that end, randomly sample 50 English tweets from your collected set and manually divide them into at most 6 thematic categories representing information privacy and security issues. Turn in the following:
Problem 4 (15 points)
Write a first draft of the methodology section for your group's research project. For the purpose of the homework assignmet, each team member should do this individually. Afterwards, your team will have a whole set of methodology drafts, which will allow you to combine the strongest aspects of each.