Abstract: Internet users now rely on a whole arsenal of tools to protect their security and privacy. Experts recommend that computer users install personal firewalls, anti-virus software, spyware blockers, spam filters, cookie managers, and a variety of other tools to keep themselves safe. Users are told to pick hard-to-guess passwords, use a different password at every Web site, and not to write any of their passwords down. They are told to read privacy policies before providing personal information to Web sites, look for lock icons before typing in a credit card number, refrain from opening email attachments from people they don't know, and even to think twice about opening email attachments from people they do know. With so many do's and don'ts, it is not surprising that much of this advice is ignored. In this talk I will highlight usability problems that make it difficult for people to protect their privacy and security on the Web, and I will discuss a number of approaches to addressing these problems.

Biography: Dr. Lorrie Faith Cranor is an Associate Research Professor in the School of Computer Science at Carnegie Mellon University. She is a faculty member in the Institute for Software Research, International and in the Engineering and Public Policy department. She is director of the CMU Usable Privacy and Security Laboratory (CUPS). She came to CMU in December 2003 after seven years at AT&T Labs-Research. While at AT&T she also taught in the Stern School of Business at New York University. Dr. Cranor's research has focused on a variety of areas where technology and policy issues interact, including online privacy, electronic voting, and spam. She is chair of the Platform for Privacy Preferences Project (P3P) Specification Working Group at the World Wide Web Consortium and author of the book Web Privacy with P3P (O'Reilly 2002). In 2003 she was named one of the top 100 innovators 35 or younger by Technology Review magazine. Dr. Cranor received her doctorate degree in Engineering & Policy from Washington University in St. Louis in 1996. While in graduate school she helped found Crossroads, the ACM Student Magazine, and served as the publication's editor-in-chief for two years. Dr. Cranor was chair of the Tenth Conference on Computers Freedom and Privacy (CFP2000) and program committee chair for the 29th Research Conference on Communication, Information and Internet Policy (TPRC 2001). In the Spring of 2000 she served on the Federal Trade Commission Advisory Committee on Online Access and Security. She also serves on the editorial boards of the journals ACM Transactions on Internet Technology, The Information Society, and Journal of Privacy Technology. Dr. Cranor has been studying electronic voting systems since 1994 and in 2000 served on the executive committee of a National Science Foundation sponsored Internet voting taskforce. Dr. Cranor was also a member of the project team that developed the Publius censorship-resistant publishing system. In February 2001, the Publius team was honored by Index on Censorship magazine for the "Best Circumvention of Censorship." Dr. Cranor spends most of her free time with her husband, Chuck, her son, Shane, and her daughter Maya, but sometimes she finds time to play the tenor saxophone or design and create award-winning quilts. For more Information on LERSAIS Information Assurance seminar please visit: http://www.sis.pitt.edu/%7Elersais/semiSAIS_f05.htm