1 / 22

Usability and privacy: a study of Kazaa P2P file-sharing

Usability and privacy: a study of Kazaa P2P file-sharing. Nathaniel S. Good Aaron Krekelberg. Abstract. P2P sharing is becoming very popular Intended for multimedia files, but applications like Kaaza allow for other files to be shared With this security concerns need to be addressed

alamea
Download Presentation

Usability and privacy: a study of Kazaa P2P file-sharing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Usability and privacy: a study of Kazaa P2P file-sharing Nathaniel S. Good Aaron Krekelberg

  2. Abstract • P2P sharing is becoming very popular • Intended for multimedia files, but applications like Kaaza allow for other files to be shared • With this security concerns need to be addressed • The applications that allow P2P file sharing make it easy to unintentionally share private information

  3. Introduction • The most popular P2P system was Kazaa • 85 million downloads done worldwide • Interface looks straightforward and easy to use • Good way to share files with others but no security • If sharing is set up incorrectly personal files can be shared • Kazaa has no security measure to protect users

  4. Introduction • Look at how Kazaa is not a secure application • Does Kazaa have responsibilities and obligations to users? • Help users protect personal files

  5. Abuses on Kaaza • Many unintentionally share private files with others • Email folders or credit card information • Scripted searches to run for 12 hours • Did not download any files just did queries • Found 61% of all searches returned one or more hits for inbox.dbx • 156 users with shared inboxes were found

  6. Abuses on Kaaza • Are users taking advantage of this? • Set up a dummy client to see • Created dummy files like Credit Cards.xls and Outlook.pst • 4 different users downloaded the Credit Cards.xls • 2 different users downloaded the inbox.dbx

  7. Usability Guidelines • P2P file sharing software is safe and usable if users: • Are aware of the files that others can download from your system • Can easily and successful start and stop file sharing • Can not accidentally share private files that they don’t want to share • Users should be comfortable with what is being shared with others and the system is handling the sharing correctly

  8. Summary of Cognitive Walkthrough • New Kazaa is safer • Default settings are changed • Users able to change the default settings • Sharing is not turned on by default • Changing the Download file directory • File can be changed under Options-> tools • My Shared folder and all folders below it are shared • Download folder is also automatically shared • Users don’t understand file hierarchical systems • Leads to undesired folder sharing

  9. Summary of Cognitive Walkthrough • Sharing Files • Kazaa has two ways to share folders • Search Wizard • Folder List • Search Wizard will automatically discover files that can be shared • Has no criteria to discover files • Folder List allows the user to select files to share • User can select what files he or she would like to shared by selecting them from a explorer type window

  10. Summary of Cognitive Walkthrough • Adding Files to the My Media folder • This will add files to shared or downloaded folder • Files can be individually turned on and off • Only at file level • Not at the folder level

  11. Summary of Cognitive Walkthrough • Uploading Files • Transfer File Interface • Allows users to select individual files that can be uploaded by Kazaa users • Has a scrollable list to select files • Transfer list cleared every time Kazaa is restarted

  12. Summary of Cognitive Walkthrough • Overview of Results from the Cognitive Walkthrough • Users should know what files are able to be downloaded • Users should know how to share and stop sharing files • Users should not be able to accidentally share files • Users need to know what they are sharing and be comfortable with it

  13. Overview of Results from the Cognitive Walkthrough • Users should be made aware of what files can be downloaded by others • Did not provide information on what kind of file that was intended for sharing • Did not provide a way to indicate if they want all files and folders beneath to be shared • No safeguard is built in so responsibility falls on users

  14. Overview of Results from the Cognitive Walkthrough • Users should be able to stop and start file sharing easily and successfully • Deselecting files to be shared from My Media Folder was shown through the tips page • Must read it first and then have to remember the information later • Has multiple ways to share files and folders • Has only one hard to find way to stop sharing

  15. Overview of Results from the Cognitive Walkthrough • Users should not be able to accidentally share private files • Files and folders shared through the download folder were not indicated by the Share Folders Box • Since there is no coupling of views there is no distinction between shared folders and download folders

  16. Overview of Results from the Cognitive Walkthrough • Users should be comfortable with what is being shared with others • Does not provide a tool to manage types of files and extensions being shared • Relies to much on users understanding the assumptions the program has made

  17. User Study • Wanted to see if users would be confused with the process • Wanted to see if users could determine what is being shared • See if users could determine which if any folders were being shared by Kaaza with others • 10 out of 12 had used some type of file sharing application • All used a computer over 1o hours a week

  18. User Study • All users started from the Kaaza home page and were only allowed to use this UI • The users were given a tutorial on file sharing • All users were given as much time as they needed • Users had to answer precise questions regarding the searching • If answered correctly were asked to stop searching and to share only My Shared Folders

  19. Survey Results • 2 users indicated all files could be shared • 9 out of 10 users believed only multimedia files and software could be shared • 1 out of 10 said possible to share email folders, office documents, and source code files

  20. Task Results • 2 of 12 were able to determine which files and folders were being shared • Both could turn off file sharing, but could not apply it to individual folders • 5 of 12 thought only My Shared Folder was shared • 2 of 12 used search for shared folders • None were checked so believed they weren’t sharing folders • 2 of 12 browsed help to determine incorrectly that My Shared Folder was only thing that could be shared • 1 of 12 could not determine which folder was being shared no matter what approach they took

  21. Suggestions • Prohibit sharing of files that aren’t multimedia files • Limit file sharing to types users expect to be shared • Also, allow for advanced users to permit additional file sharing if desired

  22. Conclusion • File sharing is problematic because of the UI • Design of applications make to many assumptions • Many are not aware of what and how much they are sharing • The My Media interfaces causes more confusion than help • File sharing applications should design applications according to security applications Questions ?

More Related