Tracking Users across the Web via TLS Session Resumption

User tracking on the Internet can come in various forms, e.g., via cookies or by fingerprinting web browsers. A technique that got less attention so far is user tracking based on TLS and specifically based on the TLS session resumption mechanism. To the best of our knowledge, we are the first that investigate the applicability of TLS session resumption for user tracking. For that, we evaluated the configuration of 48 popular browsers and one million of the most popular websites. Moreover, we present a so-called prolongation attack, which allows extending the tracking period beyond the lifetime of the session resumption mechanism. To show that under the observed browser configurations tracking via TLS session resumptions is feasible, we also looked into DNS data to understand the longest consecutive tracking period for a user by a particular website. Our results indicate that with the standard setting of the session resumption lifetime in many current browsers, the average user can be tracked for up to eight days. With a session resumption lifetime of seven days, as recommended upper limit in the draft for TLS version 1.3, 65% of all users in our dataset can be tracked permanently.Comment: 11 page

Efficacy of 3D visualization in mobile apps for patient education regarding orthognathic surgery

‘Sur-face’ is an interactive mobile app illustrating different orthognathic surgeries and their potential complications. This study aimed to evaluate the efficacy of Sur-face by comparing two methods of delivering patient information on orthognathic surgeries and their related potential complications: a mobile app with interactive 3D animations and a voice recording containing verbal instructions only. For each method, the participants’ acquired knowledge was assessed using a custom-designed questionnaire. Participants in the ‘app’ group performed significantly better (P<0.0034) than those in the ‘voice’ group and retained more knowledge, suggesting that interactive visualizations play a key role in improving understanding of the orthognathic surgical procedure and its associated complications. This study emphasizes the impact of 3D visualizations in delivering information regarding orthognathic surgery and highlights the advantage of delivering validated patient information through mobile apps

Effective patient–clinician interaction to improve treatment outcomes for patients with psychosis: a mixed-methods design

BACKGROUND:At least 100,000 patients with schizophrenia receive care from community mental health teams (CMHTs) in England. These patients have regular meetings with clinicians, who assess them, engage them in treatment and co-ordinate care. As these routine meetings are not commonly guided by research evidence, a new intervention, DIALOG, was previously designed to structure consultations. Using a hand-held computer, clinicians asked patients to rate their satisfaction with eight life domains and three treatment aspects, and to indicate whether or not additional help was needed in each area, with responses being graphically displayed and compared with previous ratings. In a European multicentre trial, the intervention improved patients’ quality of life over a 1-year period. The current programme builds on this research by further developing DIALOG in the UK. RESEARCH QUESTIONS:(1) How can the practical procedure of the intervention be improved, including the software used and the design of the user interface? (2) How can elements of resource-oriented interventions be incorporated into a clinician manual and training programme for a new, more extensive ‘DIALOG+’ intervention? (3) How effective and cost-effective is the new DIALOG+ intervention in improving treatment outcomes for patients with schizophrenia or a related disorder? (4) What are the views of patients and clinicians regarding the new DIALOG+ intervention? METHODS:We produced new software on a tablet computer for CMHTs in the NHS, informed by analysis of videos of DIALOG sessions from the original trial and six focus groups with 18 patients with psychosis. We developed the new ‘DIALOG+’ intervention in consultation with experts, incorporating principles of solution-focused therapy when responding to patients’ ratings and specifying the procedure in a manual and training programme for clinicians. We conducted an exploratory cluster randomised controlled trial with 49 clinicians and 179 patients with psychosis in East London NHS Foundation Trust, comparing DIALOG+ with an active control. Clinicians working as care co-ordinators in CMHTs (along with their patients) were cluster randomised 1 : 1 to either DIALOG+ or treatment as usual plus an active control, to prevent contamination. Intervention and control were to be administered monthly for 6 months, with data collected at baseline and at 3, 6 and 12 months following randomisation. The primary outcome was subjective quality of life as measured on the Manchester Short Assessment of Quality of Life; secondary outcomes were also measured. We also established the cost-effectiveness of the DIALOG intervention using data from the Client Service Receipt Inventory, which records patients’ retrospective reports of using health- and social-care services, including hospital services, outpatient services and medication, in the 3 months prior to each time point. Data were supplemented by the clinical notes in patients’ medical records to improve accuracy. We conducted an exploratory thematic analysis of 16 video-recorded DIALOG+ sessions and measured adherence in these videos using a specially developed adherence scale. We conducted focus groups with patients (n = 19) and clinicians (n = 19) about their experiences of the intervention, and conducted thematic analyses. We disseminated the findings and made the application (app), manual and training freely available, as well as producing a protocol for a definitive trial. RESULTS:Patients receiving the new intervention showed more favourable quality of life in the DIALOG+ group after 3 months (effect size: Cohen’s d = 0.34), after 6 months (Cohen’s d = 0.29) and after 12 months (Cohen’s d = 0.34). An analysis of video-recorded DIALOG+ sessions showed inconsistent implementation, with adherence to the intervention being a little over half of the possible score. Patients and clinicians from the DIALOG+ arm of the trial reported many positive experiences with the intervention, including better self-expression and improved efficiency of meetings. Difficulties reported with the intervention were addressed by further refining the DIALOG+ manual and training. Cost-effectiveness analyses found a 72% likelihood that the intervention both improved outcomes and saved costs. LIMITATIONS:The research was conducted solely in urban east London, meaning that the results may not be broadly generalisable to other settings. CONCLUSIONS:(1) Although services might consider adopting DIALOG+ based on the existing evidence, a definitive trial appears warranted; (2) applying DIALOG+ to patient groups with other mental disorders may be considered, and to groups with physical health problems; (3) a more flexible use with variable intervals might help to make the intervention even more acceptable and effective; (4) more process evaluation is required to identify what mechanisms precisely are involved in the improvements seen in the intervention group in the trial; and (5) what appears to make DIALOG+ effective is that it is not a separate treatment and not a technology that is administered by a specialist; rather, it changes and utilises the existing therapeutic relationship between patients and clinicians in CMHTs to initiate positive change, helping the patients to improve their quality of life. FUTURE RESEARCH:Future studies should include a definitive trial on DIALOG+ and test the effectiveness of the intervention with other populations, such as people with depression. TRIAL REGISTRATION:Current Controlled Trials ISRCTN34757603. FUNDING:The National Institute for Health Research Programme Grants for Applied Research programme

I Know What You Did Last Summer: Your Smart Home Internet of Things and Your iPhone Forensically Ratting You Out

The adoption of smart home Internet of Things (IoT) devices continues to grow. What if your devices can snitch on you and let us know where you are at any given point in time? In this work we examined the forensic artifacts produced by Nest devices, and in specific, we examined the logical backup structure of an iPhone used to control a Nest thermostat, Nest Indoor Camera and a Nest Outdoor Camera. We also integrated the Google Home Mini as another method of controlling the studied Smart Home devices. Our work is the primary account for the examination of Nest artifacts produced by an iPhone, and is also the first open source research to produce a usable forensics tool we name the Forensic Evidence Acquisition and Analysis System (FEAAS). FEAAS consolidates evidentiary data into a readable report that can infer user events (like entering or leaving a home) and what triggered an event (whether it was the Google Assistant through a voice command, or the use of an iPhone application). Our results are important for the advancement of digital forensics, as there are cases starting to emerge in which smart home IoT devices have already been used as culpatory evidence

Understanding the Use of Crisis Informatics Technology among Older Adults

Mass emergencies increasingly pose significant threats to human life, with a disproportionate burden being incurred by older adults. Research has explored how mobile technology can mitigate the effects of mass emergencies. However, less work has examined how mobile technologies support older adults during emergencies, considering their unique needs. To address this research gap, we interviewed 16 older adults who had recent experience with an emergency evacuation to understand the perceived value of using mobile technology during emergencies. We found that there was a lack of awareness and engagement with existing crisis apps. Our findings characterize the ways in which our participants did and did not feel crisis informatics tools address human values, including basic needs and esteem needs. We contribute an understanding of how older adults used mobile technology during emergencies and their perspectives on how well such tools address human values.Comment: 10 page

Image use in field guides and identification keys: review and recommendations

We review image use in field guides and keys, and formulate a set of best practices for image use. The review covers the full range of guides, from those that consist only of species descriptions, to lavishly illustrated technical guides