PILOT: Password and PIN Information Leakage from Obfuscated Typing Videos

This paper studies leakage of user passwords and PINs based on observations of typing feedback on screens or from projectors in the form of masked characters that indicate keystrokes. To this end, we developed an attack called Password and Pin Information Leakage from Obfuscated Typing Videos (PILOT). Our attack extracts inter-keystroke timing information from videos of password masking characters displayed when users type their password on a computer, or their PIN at an ATM. We conducted several experiments in various attack scenarios. Results indicate that, while in some cases leakage is minor, it is quite substantial in others. By leveraging inter-keystroke timings, PILOT recovers 8-character alphanumeric passwords in as little as 19 attempts. When guessing PINs, PILOT significantly improved on both random guessing and the attack strategy adopted in our prior work [4]. In particular, we were able to guess about 3% of the PINs within 10 attempts. This corresponds to a 26-fold improvement compared to random guessing. Our results strongly indicate that secure password masking GUIs must consider the information leakage identified in this paper

Banner News

https://openspace.dmacc.edu/banner_news/1068/thumbnail.jp

Multi-touch For General-purpose Computing An Examination Of Text Entry

In recent years, multi-touch has been heralded as a revolution in humancomputer interaction. Multi-touch provides features such as gestural interaction, tangible interfaces, pen-based computing, and interface customization – features embraced by an increasingly tech-savvy public. However, multi-touch platforms have not been adopted as everyday computer interaction devices; that is, multi-touch has not been applied to general-purpose computing. The questions this thesis seeks to address are: Will the general public adopt these systems as their chief interaction paradigm? Can multi-touch provide such a compelling platform that it displaces the desktop mouse and keyboard? Is multi-touch truly the next revolution in human-computer interaction? As a first step toward answering these questions, we observe that generalpurpose computing relies on text input, and ask: Can multi-touch, without a text entry peripheral, provide a platform for efficient text entry? And, by extension, is such a platform viable for general-purpose computing? We investigate these questions through four user studies that collected objective and subjective data for text entry and word processing tasks. The first of these studies establishes a benchmark for text entry performance on a multi-touch platform, across a variety of input modes. The second study attempts to improve this performance by iv examining an alternate input technique. The third and fourth studies include mousestyle interaction for formatting rich-text on a multi-touch platform, in the context of a word processing task. These studies establish a foundation for future efforts in general-purpose computing on a multi-touch platform. Furthermore, this work details deficiencies in tactile feedback with modern multi-touch platforms, and describes an exploration of audible feedback. Finally, the thesis conveys a vision for a general-purpose multi-touch platform, its design and rationale

Light on horizontal interactive surfaces: Input space for tabletop computing

In the last 25 years we have witnessed the rise and growth of interactive tabletop research, both in academic and in industrial settings. The rising demand for the digital support of human activities motivated the need to bring computational power to table surfaces. In this article, we review the state of the art of tabletop computing, highlighting core aspects that frame the input space of interactive tabletops: (a) developments in hardware technologies that have caused the proliferation of interactive horizontal surfaces and (b) issues related to new classes of interaction modalities (multitouch, tangible, and touchless). A classification is presented that aims to give a detailed view of the current development of this research area and define opportunities and challenges for novel touch- and gesture-based interactions between the human and the surrounding computational environment. © 2014 ACM.This work has been funded by Integra (Amper Sistemas and CDTI, Spanish Ministry of Science and Innovation) and TIPEx (TIN2010-19859-C03-01) projects and Programa de Becas y Ayudas para la Realización de Estudios Oficiales de Máster y Doctorado en la Universidad Carlos III de Madrid, 2010

Human Factors Guidance for the Use of Handheld, Portable, and Wearable Computing Devices

This report provides human factors guidance for the selection and use of handheld, portable, and wearable computing devices, including personal digital assistants (PDAs), tablet computers, and, to a more limited extent, head-mounted display systems. These devices are becoming more common in the workplace. The Federal Aviation Administration (FAA) wanted to know if these devices would be beneficial to maintenance specialists. Human factors researchers from the William J. Hughes Technical Center were asked to identify the advantages and disadvantages of these devices. These systems require different usage guidelines than standard desktop computing systems because of their size, portability, human-computer interface (HCI) designs, and intended work environments. In this report, we discuss differences between different maintenance tasks and how these differences may affect the selection of an appropriate device. We summarize the advantages and disadvantages of common handheld, portable, and wearable systems, specifically focusing on areas such as device size, screen size and resolution, input method, one- or two-handed operation, and headsdown time

Procedural content creation in VR

3D content creation for virtual worlds is a difficult task, requiring specialized tools based on a WIMP interface for modelling, composition and animation. Natural interaction systems for modelling in augmented or virtual reality are currently being developed and studied, making use of pens, handheld controllers, voice commands, tracked hand gestures like pinching, tapping and dragging mid-air, etc. We propose a content creation approach for virtual reality, placing a focus on making procedural content generation (PCG) intuitive and generalizable. Our approach is to start with a library of 3D assets, with which the user populates an initially empty world by placing and replicating objects individually. The user can then construct procedural rules to automate this process on the fly, creating abstract entities that behave like a block of objects while still being treated and manipulated like other singleton objects. To this end, we design a rule system for procedural content generation adequate for virtual reality, including nested object replication, relative placement and spacing, and randomized selection. We then design and prototype a natural interaction model for virtual reality suited to this rule system, based on two-handed object manipulation, controller input and user voice commands. A prototype of this interaction model is built, and finally, a former user evaluation is conducted to assess its viability and identify avenues for improvement and future work

A Wearable communications device

The purpose of this thesis is to develop a concept for a wearable communications device. Proposed for the market of ten years into the future, this device will integrate today\u27s multiple communications devices and be capable of wireless global communications

Designing online social interaction for and with older people

This thesis describes my explorations and reflections regarding the design of online social interaction for and with older people. In 2008 when I started my doctoral investigation only a third of people over 65 years in the UK were using the Internet. This number has now increased to half of the population of 65-75 year-olds being connected to the Internet. From 2000 onwards EU wide directives increasingly encouraged research in the development of online technologies to manage the needs of an ageing population in the EU. Alongside health-related risks, the issue of social isolation is of particular interest to be tackled, considering there is a rapid development of new forms of communication and interaction media based on online technologies that could help in maintaining contact between people. A beneficial design strategy is to involve older people in the design process to ensure that technological developments are welcomed and actually used. However, engaging older people, who are not necessarily familiar with digital technologies, is not without challenges for the design researcher. My research focuses both on design practice (the development of artefacts) and the design process for online social interaction involving older people. The thesis describes practice-led research, for which I built the Teletalker (TT) and Telewalker (TW) systems as prototypes for experimentation and design research interventions. The TT can be described as a simple TV like online audio-video presence system connecting two locations. The TW is based on the same concept has been built specifically for vulnerable older people living in a care home. The work described involves embodied real-world interventions with contemporary approaches to designing with people. In particular I explore the delicate nature of the researcher/participant relationship. The research is reported as four sequential journeys. The first design journey started from a user-centred iterative design perspective and resulted in the construction of a wireframe for a website for older users. The second journey focused on building the TT and investigated its use in the real world by people with varied computer experience. The third journey involved designing the TW system specifically for elderly people in a care home. The fourth journey employed a co-design approach, with invited stakeholders, to reflect on the physical artefacts, discuss narratives of the previous design journeys and to co-create new online social technologies for the future. In summary, my PhD thesis contributes to design theory by providing: a reflected rationale for the choices of design approaches, documented examples of design research for social interaction and a novel approach to research with older people (the extended showroom). It further offers insights into people's online social interaction and proposes guidelines for conducting empirical research with older and vulnerable older people