From Paternalistic to User-Centred Security: Putting Users First with Value-Sensitive Design

Usable security research to date has focused on making users more secure, by identifying and addressing usability issues that lead users to making mistakes, or by persuading users to pay attention to security and make secure choices. However, security goals were set by security experts, who were unaware that users often have other priorities and value security differently. In this paper, we present examples of circumventions and non-adoption of secure systems designed under this paternalistic mindset. We argue that security experts need to identify user values and deliver on them. To do that, we need a methodological framework that can conceptualise values and identify those that impact user engagement with security. We show that (a) engagement with, and adherence to security, are mediated by user values, and that (b) it is necessary to model those values to understand the nature of security’s failures and to design viable alternatives

Dead on Arrival: Recovering from Fatal Flaws in Email Encryption Tools

Background. Since Whitten and Tygar’s seminal study of PGP 5.0 in 1999, there have been continuing efforts to produce email encryption tools for adoption by a wider user base, where these efforts vary in how well they consider the usability and utility needs of prospective users. Aim. We conducted a study aiming to assess the user experience of two open-source encryption software tools – Enigmail and Mailvelope. Method. We carried out a three-part user study (installation, home use, and debrief) with two groups of users using either Enigmail or Mailvelope. Users had access to help during installation (installation guide and experimenter with domain-specific knowledge), and were set a primary task of organising a mock flash mob using encrypted emails in the course of a week. Results. Participants struggled to install the tools – they would not have been able to complete installation without help. Even with help, setup time was around 40 minutes. Participants using Mailvelope failed to encrypt their initial emails due to usability problems. Participants said they were unlikely to continue using the tools after the study, indicating that their creators must also consider utility. Conclusions. Through our mixed study approach, we conclude that Mailvelope and Enigmail had too many software quality and usability issues to be adopted by mainstream users. Methodologically, the study made us rethink the role of the experimenter as that of a helper assisting novice users with setting up a demanding technology

Obstacles to the Adoption of Secure Communication Tools

The computer security community has advocated widespread adoption of secure communication tools to counter mass surveillance. Several popular personal communication tools (e.g., WhatsApp, iMessage) have adopted end-to-end encryption, and many new tools (e.g., Signal, Telegram) have been launched with security as a key selling point. However it remains unclear if users understand what protection these tools offer, and if they value that protection. In this study, we interviewed 60 participants about their experience with different communication tools and their perceptions of the tools' security properties. We found that the adoption of secure communication tools is hindered by fragmented user bases and incompatible tools. Furthermore, the vast majority of participants did not understand the essential concept of end-to-end encryption, limiting their motivation to adopt secure tools. We identified a number of incorrect mental models that underpinned participants' beliefs

Are Payment Card Contracts Unfair?

Fraud victims are often refused a refund by their bank on the grounds that they failed to comply with their bank’s terms and conditions about PIN safety. We, therefore, conducted a survey of how many PINs people have, and how they manage them. We found that while only a third of PINs are ever changed, almost half of bank customers write at least one PIN down. We also found bank conditions that are too vague to test, or even contradictory on whether PINs could be shared across cards. Yet, some rather hazardous practices are not forbidden at all by many banks: of the 22.9% who re-use PINs across devices, half also use their bank PINs on their mobile phones. We conclude that many bank contracts fail a simple test of reasonableness, and that ‘strong authentication’, as required by PSD II, should include usability testing

The Security Blanket of the Chat World: An Analytic Evaluation and a User Study of Telegram

The computer security community has advocated widespread adoption of secure communication tools to protect personal privacy. Several popular communication tools have adopted end-to-end encryption (e.g., WhatsApp, iMessage), or promoted security features as selling points (e.g., Telegram, Signal). However, previous studies have shown that users may not understand the security features of the tools they are using, and may not be using them correctly. In this paper, we present a study of Telegram using two complementary methods: (1) a labbased user study (11 novices and 11 Telegram users), and (2) a hybrid analytical approach combining cognitive walk-through and heuristic evaluation to analyse Telegram’s user interface. Participants who use Telegram feel secure because they feel they are using a secure tool, but in reality Telegram offers limited security benefits to most of its users. Most participants develop a habit of using the less secure default chat mode at all times. We also uncover several user interface design issues that impact security, including technical jargon, inconsistent use of terminology, and making some security features clear and others not. For instance, use of the end-to-end-encrypted Secret Chat mode requires both the sender and recipient be online at the same time, and Secret Chat does not support group conversations

Diagnostic Efficiency of Three Fully Automated Serology Assays and Their Correlation with a Novel Surrogate Virus Neutralization Test in Symptomatic and Asymptomatic SARS-COV-2 Individuals

Abstract: To support the deployment of serology assays for population screening during the COVID-19 pandemic, we compared the performance of three fully automated SARS-CoV-2 IgG assays: Mindray CL-900i® (target: spike [S] and nucleocapsid [N]), BioMérieux VIDAS®3 (target: receptor-binding domain [RBD]) and Diasorin LIAISON®XL (target: S1 and S2 subunits). A total of 111 SARS-CoV-2 RT-PCR- positive samples collected at ≥ 21 days post symptom onset, and 127 prepandemic control samples were included. Diagnostic performance was assessed in correlation to RT-PCR and a surrogate virus-neutralizing test (sVNT). Moreover, cross-reactivity with other viral antibodies was investigated. Compared to RT-PCR, LIAISON®XL showed the highest overall specificity (100%), followed by VIDAS®3 (98.4%) and CL-900i® (95.3%). The highest sensitivity was demonstrated by CL-900i® (90.1%), followed by VIDAS®3 (88.3%) and LIAISON®XL (85.6%). The sensitivity of all assays was higher in symptomatic patients (91.1–98.2%) compared to asymptomatic patients (78.4–80.4%). In correlation to sVNT, all assays showed excellent sensitivities (92.2–96.1%). In addition, VIDAS®3 demonstrated the best correlation (r = 0.75) with the sVNT. The present study provides insights on the performance of three fully automated assays, which could help diagnostic laboratories in the choice of a particular assay according to the intended us

Performance evaluation of five ELISA kits for detecting anti-SARS-COV-2 IgG antibodies

ObjectivesTo evaluate and compare the performances of five commercial ELISA assays (EDI, AnshLabs, Dia.Pro, NovaTec, and Lionex) for detecting anti-SARS-CoV-2 IgG. Methods70 negative control samples (collected before the COVID-19 pandemic) and samples from 101 RT-PCR-confirmed SARS-CoV-2 patients (collected at different time points from symptoms onset: ≤7, 8-14, and >14 days) were used to compare the sensitivity, specificity, agreement, positive and negative predictive values of each assay with RT-PCR. A concordance assessment between the five assays was also conducted. Cross-reactivity with other HCoV, non-HCoV respiratory viruses, non-respiratory viruses, and nuclear antigens was investigated. ResultsLionex showed the highest specificity (98.6%, 95%CI: 92.3-99.8), followed by EDI and Dia.Pro (97.1%, 95%CI: 90.2-99.2), NovaTec (85.7%, 95%CI: 75.7-92.1), then AnshLabs (75.7%, 95%CI: 64.5-84.2). All ELISA kits cross-reacted with one anti-MERS IgG positive sample except Lionex. The sensitivity was low during the early stages of the disease but improved over time. After 14 days from symptoms onset, Lionex and NovaTec showed the highest sensitivity at 87.9% (95%CI: 72.7-95.2) and 86.4% (95%CI: 78.5-91.7), respectively. The agreement with RT-PCR results based on Cohen’s kappa was as follows: Lionex (0.89)> NovaTec (0.70)> Dia.Pro (0.69)> AnshLabs (0.63)> EDI (0.55). ConclusionThe Lionex ELISA, which measures antibodies solely to the S1 protein, demonstrated the best performance.This work was made possible by grant No. RRC-2-032 from the Qatar National Research Fund (a member of Qatar Foundation). The statements made herein are solely the responsibility of the authors. GKN would like to acknowledge funds from Qatar University's internal grant QUERG-CMED-2020-2

Antimicrobial resistance among migrants in Europe: a systematic review and meta-analysis

BACKGROUND: Rates of antimicrobial resistance (AMR) are rising globally and there is concern that increased migration is contributing to the burden of antibiotic resistance in Europe. However, the effect of migration on the burden of AMR in Europe has not yet been comprehensively examined. Therefore, we did a systematic review and meta-analysis to identify and synthesise data for AMR carriage or infection in migrants to Europe to examine differences in patterns of AMR across migrant groups and in different settings. METHODS: For this systematic review and meta-analysis, we searched MEDLINE, Embase, PubMed, and Scopus with no language restrictions from Jan 1, 2000, to Jan 18, 2017, for primary data from observational studies reporting antibacterial resistance in common bacterial pathogens among migrants to 21 European Union-15 and European Economic Area countries. To be eligible for inclusion, studies had to report data on carriage or infection with laboratory-confirmed antibiotic-resistant organisms in migrant populations. We extracted data from eligible studies and assessed quality using piloted, standardised forms. We did not examine drug resistance in tuberculosis and excluded articles solely reporting on this parameter. We also excluded articles in which migrant status was determined by ethnicity, country of birth of participants' parents, or was not defined, and articles in which data were not disaggregated by migrant status. Outcomes were carriage of or infection with antibiotic-resistant organisms. We used random-effects models to calculate the pooled prevalence of each outcome. The study protocol is registered with PROSPERO, number CRD42016043681. FINDINGS: We identified 2274 articles, of which 23 observational studies reporting on antibiotic resistance in 2319 migrants were included. The pooled prevalence of any AMR carriage or AMR infection in migrants was 25·4% (95% CI 19·1-31·8; I2 =98%), including meticillin-resistant Staphylococcus aureus (7·8%, 4·8-10·7; I2 =92%) and antibiotic-resistant Gram-negative bacteria (27·2%, 17·6-36·8; I2 =94%). The pooled prevalence of any AMR carriage or infection was higher in refugees and asylum seekers (33·0%, 18·3-47·6; I2 =98%) than in other migrant groups (6·6%, 1·8-11·3; I2 =92%). The pooled prevalence of antibiotic-resistant organisms was slightly higher in high-migrant community settings (33·1%, 11·1-55·1; I2 =96%) than in migrants in hospitals (24·3%, 16·1-32·6; I2 =98%). We did not find evidence of high rates of transmission of AMR from migrant to host populations. INTERPRETATION: Migrants are exposed to conditions favouring the emergence of drug resistance during transit and in host countries in Europe. Increased antibiotic resistance among refugees and asylum seekers and in high-migrant community settings (such as refugee camps and detention facilities) highlights the need for improved living conditions, access to health care, and initiatives to facilitate detection of and appropriate high-quality treatment for antibiotic-resistant infections during transit and in host countries. Protocols for the prevention and control of infection and for antibiotic surveillance need to be integrated in all aspects of health care, which should be accessible for all migrant groups, and should target determinants of AMR before, during, and after migration. FUNDING: UK National Institute for Health Research Imperial Biomedical Research Centre, Imperial College Healthcare Charity, the Wellcome Trust, and UK National Institute for Health Research Health Protection Research Unit in Healthcare-associated Infections and Antimictobial Resistance at Imperial College London

Honey, a Gift from Nature to Health and Beauty: A Review

Benefits of honey are contributed by the composition of its elements such as glucose, fructose, glucose oxidase, vitamins and phenolic compounds. For health, honey can be used to treat wounds due to the antibacterial activity conferred by the hydrogen peroxide produced by glucose oxidase in honey. Anti-inflammatory, anti-oxidant, deodorizing and tissue regeneration activities in honey also help in the wound healing process. It can also be an alternative sweetener for diabetic patients to ensure compliance to a healthy diet. Moreover, honey exerts several effects such as lowering low density lipids and increasing high density lipids, thus reducing risk of atherosclerosis. In terms of beauty, honey can be used on skin and hair. It moisturizes skin through its natural humectant properties contributed by high contents of fructose and glucose. Honey treats acne on the skin due to its antibacterial activity, anti-inflammatory action and tissue repair. The hair can benefit from honey in such a way that the hair has abundance, and becomes easier to comb. However, there have not been as many studies regarding the use of honey in skin in comparison to its use for health. Therefore, future studies on honey could research its use, action and benefits in both cosmetics and dermatology

Global economic burden of unmet surgical need for appendicitis

Background: There is a substantial gap in provision of adequate surgical care in many low-and middle-income countries. This study aimed to identify the economic burden of unmet surgical need for the common condition of appendicitis. Methods: Data on the incidence of appendicitis from 170 countries and two different approaches were used to estimate numbers of patients who do not receive surgery: as a fixed proportion of the total unmet surgical need per country (approach 1); and based on country income status (approach 2). Indirect costs with current levels of access and local quality, and those if quality were at the standards of high-income countries, were estimated. A human capital approach was applied, focusing on the economic burden resulting from premature death and absenteeism. Results: Excess mortality was 4185 per 100 000 cases of appendicitis using approach 1 and 3448 per 100 000 using approach 2. The economic burden of continuing current levels of access and local quality was US $92 492 million using approach 1 and$73 141 million using approach 2. The economic burden of not providing surgical care to the standards of high-income countries was $95 004 million using approach 1 and$75 666 million using approach 2. The largest share of these costs resulted from premature death (97.7 per cent) and lack of access (97.0 per cent) in contrast to lack of quality. Conclusion: For a comparatively non-complex emergency condition such as appendicitis, increasing access to care should be prioritized. Although improving quality of care should not be neglected, increasing provision of care at current standards could reduce societal costs substantially