Demystifying Hidden Privacy Settings in Mobile Apps

Explore a comprehensive analysis of hidden privacy settings in mobile applications presented at the 2019 IEEE Symposium on Security & Privacy. Delve into the findings of two user studies involving nearly 1,000 participants, which shed light on user perceptions of privacy settings and identify hard-to-find options. Learn about the novel semantics-based UI tracing technique used to extract 14 unique features characterizing hidden privacy settings. Discover the development and implementation of Hound, a tool achieving 93.54% accuracy in automatically detecting hidden privacy settings. Examine the results of applying this tool to 100,000 apps from Google Play and third-party markets, revealing that over 36% of identified privacy settings are "hidden." Investigate the reasons behind the difficulty in discovering and understanding these settings, including problematic categorization and confusing descriptions. Gain insights into the persistence of usability issues despite an increase in privacy options over time. Understand the concerning trend that 82.16% of hidden privacy settings are set to leak user data by default. Conclude with valuable suggestions for improving the usability of privacy settings in mobile applications.