Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
public:papers:ifipsec2021 [2021-03-26 11:26] – x242168 | public:papers:ifipsec2021 [2022-04-06 14:21] (current) – xukrop | ||
---|---|---|---|
Line 6: | Line 6: | ||
<TEXT size=" | <TEXT size=" | ||
- | \_{{fa> | + | \_{{fa> |
{{fa> | {{fa> | ||
Line 12: | Line 12: | ||
{{fa> | {{fa> | ||
- | \_{{fa> | + | \_{{fa> |
</ | </ | ||
</ | </ | ||
Line 19: | Line 19: | ||
<TEXT align=" | <TEXT align=" | ||
/* <popover trigger=" | /* <popover trigger=" | ||
- | <button type=" | + | <button type=" |
/* </ | /* </ | ||
\_ | \_ | ||
Line 31: | Line 31: | ||
< | < | ||
@InProceedings{2021-ifipsec-kraus, | @InProceedings{2021-ifipsec-kraus, | ||
- | | + | |
- | Author | + | Author |
- | BookTitle | + | BookTitle |
- | Pages = {}, | + | Pages = {}, |
- | Publisher | + | Publisher |
- | Year = {2021}, | + | Year = {2021}, |
- | Keywords | + | Keywords |
- | | + | } |
- | } | + | |
</ | </ | ||
Line 48: | Line 46: | ||
===== Selected conclusions ===== | ===== Selected conclusions ===== | ||
- | TBD | + | |
+ | * Our results show that email account topologies are diverse, but that many include elements of line and loop topologies. | ||
+ | * Loop topologies are especially concerning, as they allow attackers who already have access to one account to easily gain access to a further account. | ||
+ | * We also found that users created other vulnerabilities in their topologies by placing the final recovery nodes in inaccessible accounts, or by using accounts owned by somebody else as a recovery option. | ||
+ | * Users also tended to keep accounts with physical recovery options (which could be strong recovery options) separate from the rest of the recovery topology. | ||
+ | * Participants were often unaware of the connections between their accounts and only realized during the study that there are recovery links they are not happy with. | ||
===== Research artifacts (supplementary material) ===== | ===== Research artifacts (supplementary material) ===== |