Kami Vaniea's Avatar

Kami Vaniea

@kaniea

Usable Security and Privacy researcher

189
Followers 111
Following 93
Posts 19.11.2024
Joined
Posts Following

Latest posts by Kami Vaniea @kaniea

Preview
Samsung makes ads on $3,499 smart fridges official with upcoming software update Update introduces two ways for the fridges to show ads.

Update and get ads on your smart fridge. Opt-out of update possible, but will then block other feature improvements and likely security patches. Interested to see how many opt-out.
arstechnica.com/gadgets/2025...

29.10.2025 12:55 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Training LLMs that are both safe and accurate presents challenges such as carbon footprint, fine tuning, accuracy on main tasks, and not having easy work arounds to avoid safeguards.

28.10.2025 14:40 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Sirisha Rambhatla presenting at the @uwaterloo.ca cybersecurity and privacy institute industry day. Building efficient and safe LLMs.

28.10.2025 14:33 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Preview
Windows 11's October update just broke the Windows Recovery Environment β€” USB keyboards and mice unusable in Windows RE after latest bug hits Another week, another OS-breaking bug.

Incidents like this make patch management challenging. Windows patch broke mouse and keyboard support in *recovery mode*. Normal operation still fine, but if anything breaks.... recovery is now gone. How many admins even test for this?
www.tomshardware.com/software/win...

20.10.2025 17:19 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Canada’s big banks, telecoms and tech firms are joining forces to fight scams - The Logic From Bell to Google, major firms in Canada are following Australia’s model of sharing information to fight fraudsters

Canadian Anti-Scam Coalition set to launch this afternoon, its an alliance between credit card companies, banks, telecoms, Canadian government, and tech companies. The aim is to share information and reduce fraud.
thelogic.co/news/big-ban...

09.09.2025 14:00 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Post image

@lujobauer.bsky.social starting off USENIX security to a large packed room.

13.08.2025 16:06 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Closing #soups2025 remarks by our incredible general chair Patrick Gage Kelly.

12.08.2025 23:52 πŸ‘ 3 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

This work reminds me greatly of the book: Taming Information Technology which was written in response to the proposal to automate system administrator tasks.

12.08.2025 23:48 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

ICS are also under lots of regulation.

12.08.2025 23:48 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Post image Post image

Clement Fung presenting about industrial control systems (ICS). They interviewed people who protect ICS. Current alarm systems have a great variety in how they are designed and even who is in charge of managing them.
#soups2025
www.usenix.org/conference/s...

12.08.2025 23:48 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Post image

Increase self-efficacy. <- mirrors my own experiences that are hard to tell if it is even working.

12.08.2025 23:31 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

If security and privacy was a character, what traits would they have?

12.08.2025 23:31 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Post image Post image Post image

Nina Gerber @ninag72.bsky.social presenting on social and emotional dimensions of security. How can security and privacy be made more enjoyable? Used sentence completion tasks. People found important but not interesting.
#soups2025
www.usenix.org/conference/s...

12.08.2025 23:31 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Post image Post image

Qiurong Song presenting on predatory monetization in video games such as Roblox. Loot boxes being a example. Developers are adding predatory design on purpose. Use of possess and in-have currency make it harder to stay aware of how much is spent. #soups2025
www.usenix.org/conference/s...

12.08.2025 23:15 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image Post image Post image

Teens and privacy in terms of barrier management. Navigate self disclosure. Issues like ambiguous norms. Also the ability to trust an audience.
#soups2025
www.usenix.org/conference/s...

12.08.2025 22:57 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image

Lots of great discussions around yours of errors in papers. Sadly statistics errors are common.

12.08.2025 22:15 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Jenny Tang presenting about doing and reporting statistics in research papers. #soup2025
There are many ways to do statistics incorrectly and even if the test is correct the necessary numbers to interpret them may not be provided.
@lujobauer.bsky.social
www.usenix.org/conference/s...

12.08.2025 22:15 πŸ‘ 1 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Post image Post image

Annalina Buckmann (soon on job market) presenting on sociodemographic factors and barriers to security and privacy adoption. Mapped findings to SPAF factors.
#soups2025
www.usenix.org/conference/s...

12.08.2025 22:04 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

Anna-Marie Ortloff presenting a replication of the "No one can hack my mind" paper. #soups2025
Experts have even more focus on authentication. End users also using 2FA increasing anf anti virus usage going down.
www.usenix.org/conference/s...

12.08.2025 21:45 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

Laura Marie Abels presenting on Social Desirability and developing a scale to measure it. #soups2025
www.usenix.org/conference/s...

12.08.2025 21:33 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

Lily Klucinec presenting about mobile money in Kenya which is a financial system tied to SIM cards. To withdraw money personal information currently have to be shared with a mobile money in-person agent. #soups2025 @lorriecranor.bsky.social
www.usenix.org/conference/s...

12.08.2025 19:31 πŸ‘ 3 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image

Security keys had a range of usability challenges linked to their physical nature, such as having to carry them and find a comparable USB slot for them.

12.08.2025 19:13 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Time based one time passwords, such as those generated by Google Authenticator app. Part of the FIDO Alliance. The paper compares physical secury keys to TOTPs+passwords.
#soups2025
www.usenix.org/conference/s...

12.08.2025 19:13 πŸ‘ 0 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0

Primary password typing meant that participants saw no improvement in time use. Why type a password just so the software could enter a password. Easier to just enter the password directly.

12.08.2025 18:58 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Peter Mayer presenting about forest time users of password managers #soups2025
Before the study on average had 36 passwords, some of which were reused. There was use of the manager such as adding new passwords.
www.usenix.org/conference/s...

12.08.2025 18:58 πŸ‘ 0 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0

Thank you for the resource, I am always looking at ways to fit ethics into my cyber security course.

12.08.2025 18:48 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Knowledge based questions also no longer recommended, but still common.

12.08.2025 18:43 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image Post image Post image

Analysis of NIST authentication advice in standards documents. #soups2025
Multi factor advice is followed by many universities. Password regular password changes (no longer recommended) still common.
www.usenix.org/conference/s...

12.08.2025 18:43 πŸ‘ 0 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Post image Post image

People take videos of strangers and then use TikTok to identify the person. Many people are identified this way. While sometimes heartwarming, it can also be used for abuse and stalking people.
#soups2025
www.usenix.org/conference/s...

12.08.2025 17:18 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image

Norms are different between services. People did think that forced reciprocity is fair.

12.08.2025 17:05 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0