Escalating Commitment: Business Investments and CSR

There are many instances, in all areas of business, in which individuals can become committed to a course of action that begins costing more than it is producing. Because it is often possible for persons who have suffered a setback to recoup their losses through an even greater commitment of resources to the same course of action, a cycle of escalating commitment can be produced (Staw, 1981). This thesis serves to address prior literature and prior studies based on the theory of escalation behavior . We furthered our research by conducting an experiment using university students to test certain said theory with the incorporation of specific variables (i.e. tax-avoidance strategies vs. sustainable investing). As such, this thesis was designed with the purpose of trying to understand why such behavior exists and what factors may have significant influence on the cycle known as escalating commitment

AdSplit: Separating smartphone advertising from applications

A wide variety of smartphone applications today rely on third-party advertising services, which provide libraries that are linked into the hosting application. This situation is undesirable for both the application author and the advertiser. Advertising libraries require additional permissions, resulting in additional permission requests to users. Likewise, a malicious application could simulate the behavior of the advertising library, forging the user's interaction and effectively stealing money from the advertiser. This paper describes AdSplit, where we extended Android to allow an application and its advertising to run as separate processes, under separate user-ids, eliminating the need for applications to request permissions on behalf of their advertising libraries. We also leverage mechanisms from Quire to allow the remote server to validate the authenticity of client-side behavior. In this paper, we quantify the degree of permission bloat caused by advertising, with a study of thousands of downloaded apps. AdSplit automatically recompiles apps to extract their ad services, and we measure minimal runtime overhead. We also observe that most ad libraries just embed an HTML widget within and describe how AdSplit can be designed with this in mind to avoid any need for ads to have native code

Transforming New Zealand Employment Relations: At the Intersection of Institutional Dispute Resolution and Workplace Conflict Management

In New Zealand, the contemporary shift from highly regulated, collectivist employment rights to individual employment relationships included statutory direction to mediation. Good faith negotiation in the workplace and state provision of mediation were to be the primary mechanisms for resolution of ‘employment relationship problems’ (ERP). This paper investigates the intersection between workplace conflict management and institutional provision of mediation. We investigated ERP resolution by drawing on empirical evidence from 38 narrative interviews where participants recounted experiences of employment relationship problem (ERP) resolution. We analysed 243 ERP by comparing settlements to end employment relationships with resolution of ERP where relationships endured. We sought to understand why some ERP remained unresolved and/or escalated. We found that collaborative reflective sense-making had a positive impact on early workplace problem resolution while investigation and confidential settlement negotiations risked injustice. We present, therefore, some suggestions for embedding collaborative conflict management in the workplace

Danger is My Middle Name: Experimenting with SSL Vulnerabilities in Android Apps

This paper presents a measurement study of information leakage and SSL vulnerabilities in popular Android apps. We perform static and dynamic analysis on 100 apps, downloaded at least 10M times, that request full network access. Our experiments show that, although prior work has drawn a lot of attention to SSL implementations on mobile platforms, several popular apps (32/100) accept all certificates and all hostnames, and four actually transmit sensitive data unencrypted. We set up an experimental testbed simulating man-in-the-middle attacks and find that many apps (up to 91% when the adversary has a certificate installed on the victim's device) are vulnerable, allowing the attacker to access sensitive information, including credentials, files, personal details, and credit card numbers. Finally, we provide a few recommendations to app developers and highlight several open research problems.Comment: A preliminary version of this paper appears in the Proceedings of ACM WiSec 2015. This is the full versio

Mobile Application Security Platforms Survey

Nowadays Smartphone and other mobile devices have become incredibly important in every aspect of our life. Because they have practically offered same capabilities as desktop workstations as well as come to be powerful in terms of CPU (Central processing Unit), Storage and installing numerous applications. Therefore, Security is considered as an important factor in wireless communication technologies, particularly in a wireless ad-hoc network and mobile operating systems. Moreover, based on increasing the range of mobile application within variety of platforms, security is regarded as on the most valuable and considerable debate in terms of issues, trustees, reliabilities and accuracy. This paper aims to introduce a consolidated report of thriving security on mobile application platforms and providing knowledge of vital threats to the users and enterprises. Furthermore, in this paper, various techniques as well as methods for security measurements, analysis and prioritization within the peak of mobile platforms will be presented. Additionally, increases understanding and awareness of security on mobile application platforms to avoid detection, forensics and countermeasures used by the operating systems. Finally, this study also discusses security extensions for popular mobile platforms and analysis for a survey within a recent research in the area of mobile platform security