Posts
Sauvik Das, Ph.D.
Cancel

Selected writings

What Inhibits Good Cybersecurity and Privacy Behaviors?

I direct the SPUD (Security, Privacy, Usability and Design) Lab at Georgia Tech — and not just because I like potatoes. Our rallying call: How can we design systems that encourage better cybersecur...

A Non-Technical Introduction to Cybersecurity

If you’d rather watch a video with all this content, watch the Crash Course Computer Science — Cybersecurity episode that I helped write, largely based on this post. You probably know a thing or t...

The Marginal Ethics of Privacy

One of the most frustrating critiques I encounter when advocating for stronger privacy protections for consumers is: “But won’t that help criminals and pedophiles?” I consider this question to be a...

Apple's privacy bet — grandstanding or not — is good for consumers

Caring about privacy is finally cool. You know how I can tell? Because Apple is making a bet that foregrounding privacy is how they can best differentiate themselves from the rest of their Silicon ...

5 tools I use to protect my privacy online

It shouldn’t have to be this way, but the burden of protecting your privacy as you browse the web is your own. I do what I can in my research and consulting to advocate for systemic change in desig...

The crypto wars: How much privacy should we give up for security?

In 2015, there was a mass shooting in San Bernardino, California, claiming the lives of 16 (including the two perpetrators) and injuring 24 others. The incident was a terrorist attack, and a traged...

The paranoia-disaffiliation hypothesis: How us shady geeks put others off security

Like most who entered college in the mid-aughts, I was taken by Facebook. It had a sleek interface. All my friends from high school and college were on it, being super cool with edgy profile pics. ...

Usability is not enough: On why users resist even "usable" security & privacy systems

It’s no secret that many people shirk expert-recommended privacy and security advice. For example, experts commonly recommend the enabling of two-factor authentication for important accounts (e.g.,...

Censorship, SNI, and Privacy Violations

Recently, a colleague forwarded me a request from a journalist at the Korea Times asking about how using server name identification (SNI) to block website requests could constitute a privacy violat...

The Promise and Peril of a Fully Connected World

For much of the developed world, the near future of IoT promises a fully connected and interactive physical environment. Smart home appliances (e.g., the Nest thermostat, smart fridges), AI assista...