Re: Installing web apps

2012-02-08 Thread Adrienne Porter Felt
On Feb 1, 2012, at 21:20 , Paul Libbrecht wrote: Le 1 févr. 2012 à 21:03, Boris Zbarsky a écrit : Android goes somewhat in this direction with its app-security model... With all due respect, the app-security model on Android is a joke. Everyone just clicks through the permissions grant

Re: Installing web apps

2012-02-08 Thread Adrienne Porter Felt
I agree that the current UI is not great. However, I disagree about everyone clicking through permission grants. I've done two user studies and found that about ~18% of people look at permissions for a given installation, and about ~60% look occasionally. We found that most have no idea

Re: Adding Web Intents to the Webapps WG deliverables

2011-09-29 Thread Adrienne Porter Felt
Android developers chronically misunderstand and misuse Android Intents, and these mistakes lead to security bugs. To illustrate how prevalent the confusion is, Erika Chin and I found that 9 of 20 popular Android apps (45%!) contain security vulnerabilities due to misusing Intents. I've also