Research

Research interests

Publications

James M. Clarke, Maryam Mehrnezhad, Ehsan Toreini (2024)Invisible, Unreadable, and Inaudible Cookie Notices: An Evaluation of Cookie Notices for Users with Visual Impairments, In: ACM transactions on accessible computing17(1)1pp. 1-39 ACM

This article investigates the accessibility of cookie notices on websites for users with visual impairments (VI) via a set of system studies on top UK websites (n=46) and a user study (n=100). We use a set of methods and tools—including accessibility testing tools, text-only browsers, and screen readers—to perform our system studies. Our results demonstrate that the majority of cookie notices on these websites have some form of accessibility issue, including contrast issues, not having headings, and not being read aloud immediately when the page is loaded. We discuss how such practices impact the user experience and privacy and provide a set of recommendations for multiple stakeholders for more accessible websites and better privacy practices for users with VIs. To complement our technical contribution, we conduct a user study, finding that people with VIs generally have a negative view of cookie notices and believe our recommendations could help their online experience.

Vinod Sarjerao Khandkar, Nishanth Ramakrishna Sastry, Ehsan Toreini Secret generation by shaking devices

We proposed a novel method to generate a secret between two people using a smartphone gyroscope assisted by the Fast Fourier Transform~(FFT) without communicating between two smartphones for a secret agreement. The secret generation process requires natural smartphone movements while performing day-to-day activities. Our evaluation by implementing it on Android smartphones shows a success rate above 90% with entropy above 6/8 bits. The code implements the secret generation method and its evaluation in Python.

Vinod Sarjerao Khandkar, Nishanth Ramakrishna Sastry, Ehsan Toreini Android App for secret generation by shaking smartphones

The code implements the Android App to generate a secret using smartphone gyroscope data. It uses the publically available FFT library and is written in Android Java.

Vinod Sarjerao Khandkar, Nishanth Ramakrishna Sastry, Ehsan Toreini (2024)Talk : FFT-assisted Secret Generation via Gyroscope Measurements on Smartphones
Vinod Sarjerao Khandkar, Nishanth Ramakrishna Sastry, Ehsan Toreini Shake it to the rescue: Gyroscope-based secret generation method to prevent domestic abuse

Technology-facilitated Intimate Partner Violence (IPV) is especially pernicious because it is common for one person (assumed to be an abusive partner) to be responsible for setting up the household's technical infrastructure, which can be used to snoop over the victim. In this paper, we proposed a novel method to generate a secret between the victim and an external supportive agent using a smartphone gyroscope assisted by the Fast Fourier Transform (FFT) without any communication between two smartphones for secret agreement. The secret generation process requires natural smart-phone movements while performing day-today activities. Our evaluation by implementing it on Android smartphones shows a success rate between 90 − −99%. We proved the resilience of the generated secret under spoofing and brute-force attacks. Thus, the method allows IPV victims to generate a secret to encrypt their communication with an external supporting agent over conventional communication services in the presence of a powerful IPV adversary.