Overview
Explore a 21-minute IEEE conference talk examining the influence of information sources on code security in Android development. Delve into a comprehensive study that surveyed 295 app developers and conducted a lab experiment with 54 Android developers to assess how different resources affect code security and functionality. Discover the trade-offs between using Stack Overflow, official Android documentation, and books for solving security-related problems. Learn about the prevalence of secure and insecure code snippets in Stack Overflow threads and their impact on real-world applications. Gain insights into the challenges developers face when balancing security and usability in API documentation, and understand the implications for creating more secure-but-usable resources for Android developers.
Syllabus
You Get Where You're Looking For: The Impact Of Information Sources On Code Security
Taught by
IEEE Symposium on Security and Privacy