"Misconceptions Plague Security and Privacy Tools"
A study conducted by researchers at Carnegie Mellon University's CyLab found that people have many misconceptions about the available security and privacy tools meant to protect their privacy and online security. The researchers surveyed 500 demographically representative U.S. participants to measure their use and perceptions of five web browsing-related tools, including private browsing, Virtual Private Networks (VPNs), Tor Browser, ad blockers, and antivirus software. They were asked about the effectiveness of each tool in different scenarios, such as blocking hackers from gaining access to their devices or preventing law enforcement from seeing the websites they visit. For all but one scenario, participants answered over half of the assessment questions incorrectly. That one scenario is the prevention of friends or family with physical access to your device from seeing visited websites in their browser history. People were found to know some things about these tools' capabilities, but they tended to incorrectly assume that the tools could do other things too. Those who were more familiar with these tools were more likely to answer a question about them correctly or incorrectly than to recognize that they were not sure. For example, one participant said that private browsing could be effective at preventing their employer from seeing their browsing history on the employer's network, but this is false. The most concerning misconception participants had, was that they often confused tools' privacy protections with security protections as some suggested that private browsing, VPNs, and Tor Browser would protect them from security threats. The researchers have provided some recommendations for designing nudging interventions, which could promote security and privacy tools, as well as help people use them effectively. This article continues to discuss the key findings from the study regarding users' misconceptions about security and privacy tools, along with suggestions for combating these misconceptions.
CyLab reports "Misconceptions Plague Security and Privacy Tools"