Justin Whitaker

Co-authored papers

2020

• Actions Speak Louder than Words: Entity-Sensitive Privacy Policy and Dataflow Analysis with PoliCheck

  Proceedings of the USENIX Security Symposium

  Benjamin Andow, Samin Yaseer Mahmud, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, and Serge Egelman

  PDF Video Slides

  Up to 42% of Android apps incorrectly disclose or omit privacy-sensitive data flows in their policy policy.

2019

• Thou Shalt Discuss Security: Quantifying the Impacts of Instructions to RFC Authors

  Proceedings of the Security Standardisation Research Conference

  Justin Whitaker, Sathvik Prasad, Bradley Reaves, and William Enck

  DOI PDF

  Mandating security consideration sections in RFCs measurably increased security content volume and breadth across decades of Internet standards.

• PolicyLint: Investigating Internal Privacy Policy Contradictions on Google Play

  Proceedings of the USENIX Security Symposium

  Benjamin Andow, Samin Yaseer Mahmud, Wenyu Wang, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, and Tao Xie

  PDF Video

  Automated analysis found that 14% of 11,430 app privacy policies contradict themselves, indicating misleading data practices.