I direct the SPUD (Security, Privacy, Usability and Design) Lab at Georgia Tech — and not just because I like potatoes. Our rallying call: How can we design systems that encourage better cybersecur...
Selected writings
A Non-Technical Introduction to Cybersecurity
If you’d rather watch a video with all this content, watch the Crash Course Computer Science — Cybersecurity episode that I helped write, largely based on this post. You probably know a thing or t...
5 tools I use to protect my privacy online
It shouldn’t have to be this way, but the burden of protecting your privacy as you browse the web is your own. I do what I can in my research and consulting to advocate for systemic change in desig...
The crypto wars: How much privacy should we give up for security?
In 2015, there was a mass shooting in San Bernardino, California, claiming the lives of 16 (including the two perpetrators) and injuring 24 others. The incident was a terrorist attack, and a traged...
The paranoia-disaffiliation hypothesis: How us shady geeks put others off security
Like most who entered college in the mid-aughts, I was taken by Facebook. It had a sleek interface. All my friends from high school and college were on it, being super cool with edgy profile pics. ...
Usability is not enough: On why users resist even "usable" security & privacy systems
It’s no secret that many people shirk expert-recommended privacy and security advice. For example, experts commonly recommend the enabling of two-factor authentication for important accounts (e.g.,...
Censorship, SNI, and Privacy Violations
Recently, a colleague forwarded me a request from a journalist at the Korea Times asking about how using server name identification (SNI) to block website requests could constitute a privacy violat...
The Promise and Peril of a Fully Connected World
For much of the developed world, the near future of IoT promises a fully connected and interactive physical environment. Smart home appliances (e.g., the Nest thermostat, smart fridges), AI assista...
Grand Challenges in Sociotechnical Cybersecurity
Take a step back, and ask yourself: What are the largest societal problems that relate to cybersecurity today? Depending on your background, you may come with very different answers. Computer secu...