Home Recent Talks Publications Personal
What's New?
May 06, 2008
Gave a talk at CenSCIR's second annual symposium, on sensor nets and privacy.
      Talk: PPT

Apr 17, 2008
Phishguru.org is our new site for teaching people how to protect themselves from phishing scams.

Feb 27, 2008
Our CHI 2008 paper, entitled You've Been Warned: An Empirical Study of the Effectiveness of Web Browser Phishing Warnings, was nominated for best paper, but alas, did not win.
      Paper: PDF

Feb 27, 2008
I'm temporary director of our undergrad HCI program (while Bob Kraut is on sabbatical). The deadline for applying to our undergrad program is Fri March 21 (note that we had a bug in our slides which previously said April 21).

Nov 2, 2007
Presented our work on User Interfaces and Algorithms for Anti-Phishing as part of UPitt's LERSAIS seminar.
      Talk: PPT
Oct 11, 2007
Now available, a screencast of the Marmite end-user programming system for the web (QuickTime mov, 60megs)

Sep 29, 2007
Anti-Phishing Phil is in the news [1 | 2 | 3 | 4 | 5 | 6 | 7]. Try out the game here!

Sep 28, 2007
Presented our work on User Interfaces and Algorithms for Anti-Phishing as part of MIT's HCI Seminar series.
      Talk: PPT

Sep 26, 2007
Presented our work on User Interfaces and Algorithms for Anti-Phishing as part of CMU's HCII Seminar series.
      Talk: PPT

Sep 16, 2007
Gave an invited talk to the Ubicomp 2007 workshop on privacy, entitled Understanding and Capturing People's Privacy Policies in a People Finder Application.
      Talk: PPT Paper: PDF

Sep 6, 2007
Our paper entitled Getting Users Pay Attention to Anti-Phishing Education: Evaluation of Retention and Transfer was accepted to the APWG eCrime Researchers Summit
      Paper: PDF

August 28, 2007
I'm co-teaching The Social Web this semester, with Bob Kraut

August 20, 2007
Our journal paper entitled End-User Privacy in Human-Computer Interaction has been accepted for publication! This is a survey paper looking at how privacy has been addressed in HCI, with respect to design, implementation, and evaluation. Two years in the works and 57 iterations, it's finally good to go!

August 1, 2007
Gave a CyLab seminar talk entitled User Interfaces and Algorithms for Fighting Phishing. This talk gives an overview of our work to date on anti-phishing.
      Presentation: PPT

July 27, 2007
Wow, this is really cool! Portugal Telecom has taken our Anti-phishing Phil game, but has replaced our fish with a frog. It's like I'm reliving my Frogger days! Try out Anti-Phishing Ze here

July 23, 2007
Our work on Anti-Phishing Phil is mentioned in a news article by AP

July 23, 2007
Our paper entitled The feasibility of a three-dimensional charting interface for general dentistry was just accepted to the Journal of the American Dental Association.

July 17, 2007
Gave a talk at the Microsoft Faculty Summit about HCI issues with sensor nets. A funny thing, email that was supposed to be sent to me was sent to another Jason Hong inside of Microsoft, so I didn't know I was supposed to talk until I got there.
      Presentation: PPT

May 12, 2007
Our paper entitled CANTINA: A Content-Based Approach to Detecting Phishing Web Sites was presented at WWW2007.
      Paper: PDF       Presentation: PPT

May 08, 2007
Our paper Anti-Phishing Phil: The Design and Evaluation of a Game That Teaches People Not to Fall for Phish was accepted to SOUPS 2007. Try out the game!
      Game: Flash       Paper: PDF

May 04, 2007
Gave a talk to Bosch Research Technology Center (Palo Alto) on Mobile and Location Based Services.
      Presentation: PPT

May 03, 2007
Our paper entitled Making Mashups with Marmite: Re-purposing Web Content through End-User Programming was presented at CHI2007.
      Paper: PDF (CHI 2007) Presentation: PDF

May 02, 2007
Our paper entitled Protecting People from Phishing: The Design and Evaluation of an Embedded Training Email System was presented at CHI2007.
      Paper: PDF (CHI 2007) Presentation: PPT

Apr 13, 2007
Was just awarded a grant from Microsoft for their SensorMap program.

Apr 10, 2007
This fall, Robert Kraut and I will be teaching a course entitled The Social Web: Content, Communities, and Context (links to PDF of our course flier).

Apr 10, 2007
Our paper entitled Design Challenges and Principles for Wizard of Oz Testing of Location-Enhanced Applications is in the latest issue of IEEE Pervasive Computing.

Research Overview
 
My research interests are in:
  • ubiquitous computing, especially mobile social services, context-aware computing, and location-based services
  • usable privacy and security for ubicomp and anti-phishing
I used to do work in:
I work with the CUPS lab (CMU Usable Privacy and Security) and am also an associate editor for IEEE Pervasive (heading up the conference reports column).
Current Research
 
Internet users are increasingly being asked to make trust decisions, and the consequences of a wrong decision can lead to viruses, spyware, and identity theft. Our goal is to understand how people make trust decisions, currently in the context of phishing scams, and to develop user interfaces, algorithms, and other support tools to help people make better decisions. This work is funded by National Science Foundation CCF-0524189

This project is focused on capturing end-user security and privacy policies in pervasive computing environments. Our goal is to (1) develop novel user interfaces, (2) weave learning, dialog, and explanation technologies to minimize end-user burden, and (3) conduct field studies to evaluate combinations of these techniques. This work is funded by National Science Foundation Award CNS-0627513, NSF grant CNS-0433540, and ARO research grant DAAD19-02-1-0389 to Carnegie Mellon University's CyLab, Portugal Telecom, France Telecom, Nokia, and IBM.

inTouch: Awareness and Messaging for Mobile Groups
inTouch is a mobile social platform that helps small groups (such as families, research work groups, carpools, etc) coordinate. inTouch does this by providing shared awareness as well as facilitating messaging and communication. inTouch also aims to better address breakdowns that typically occur in short-term planning and coordination. This work is funded by National Science Foundation IIS-0534406

The goal of Marmite is to make it easy to create "mashups" that combine content from multiple web sites and web services. Marmite lets end-users (1) extract content from web pages, (2) process it in a data-flow manner, and (3) direct the output to a variety of useful sinks, such as saving to a database, displaying on a map, summarizing as a chart, creating a custom web page, or generating compilable source code that can be further edited. Our user tests showed that people with spreadsheet experience can create an equivalent of the Craigslist housingmaps.com mashup in about 15 minutes. This work is funded by National Science Foundation IIS-0646526 and Microsoft SensorMap.

Hitchhiking: Privacy-Sensitive Location-Based Services
Hitchhiking is a way of building a class of location-based services in a privacy-sensitive manner. Bustle is an example Hitchhiking application that can answer questions like "How busy is it at the cafe?" and "How long are the lines at the airport?" Bustle works by counting the number of wireless devices in an area and using that count to estimate the number of people.

Students I work with
I work with an amazingly talented group of students:

Some Stuff I Helped Create
Web Design Patterns Design Patterns for Ubiquitous Computing Rapid Prototyping and Evaluation Tools Instructor Guides Anti-Phishing Phil
Teaching
Courses taught at Carnegie Mellon University: Past courses taught at University of California at Berkeley:
  • Inventing The Future: User Interface Design, Prototyping, and Evaluation (2001 2002 2004)
  • Spring 2001 - Freshman Seminar: The Past, Present, and Future of Interactive Computing
Service
Odds and Ends

"Magnetism, as you recall from physics class, is a powerful force that causes certain items to be attracted to refrigerators."
  — Dave Barry

"If you want to build a ship, don't drum up the men to gather wood, and don't assign them tasks and give orders. Instead, teach them to long for the vast and endless immensity of the sea."
  — Antoine de Saint-Exupéry

"Make no little plans. They have no magic to stir men's blood and probably themselves will not be realized. Make big plans; aim high in hope and work, remembering that a noble, logical diagram once recorded will never die, but long after we are gone will be a living thing, asserting itself with ever-growing insistency. Remember that our sons and grandsons are going to do things that would stagger us. Let your watchword be order and your beacon beauty. Think big."
  — Daniel Burnham

"Civilization advances by extending the number of operations we can perform without thinking about them."
  — Alfred North Whitehead

I co-authored a book on web site design, which uses the notion of web design patterns as a way for facilitating the construction of customer-centered web sites. Check out the web site for our book The Design of Sites.