Areas of Expertise:
Lorrie Faith Cranor is an
Associate Professor of Computer Science and of Engineering and
Public Policy at Carnegie Mellon
University where she is director of the CyLab Usable Privacy and Security Laboratory
(CUPS) and co-director of the MSIT-Privacy Engineering masters program. She is also a co-founder of Wombat
Security Technologies, Inc. She has authored over 100 research
online privacy, usable security, phishing, spam, electronic voting, anonymous publishing, and other topics.
played a key role in building the usable privacy and security research
community, having co-edited the seminal book Security and Usability (O'Reilly 2005) and
founded the Symposium On
Usable Privacy and Security (SOUPS). She also chaired the Platform for Privacy Preferences Project
(P3P) Specification Working Group at the W3C and authored the book Web Privacy with P3P (O'Reilly
2002). She has served on a number of boards, including the Electronic
Frontier Foundation Board of Directors, and on the
editorial boards of several journals. In 2003 she was named one of the top 100 innovators 35
or younger by Technology Review magazine. She was previously a
researcher at AT&T-Labs Research and taught in the Stern School of Business at New York University.
Security and Usability
by Lorrie Faith Cranor
, Simson Garfinkel
Web Privacy with P3P
by Lorrie Faith Cranor
by Nelson Minar
, Marc Hedlund
, Clay Shirky
, Tim O'Reilly
, Dan Bricklin
, David Anderson
, Jeremie Miller
, Adam Langley
, Gene Kan
, Alan Brown
, Marc Waldman
, Lorrie Faith Cranor
, Aviel Rubin
, Roger Dingledine
, Michael Freedman
, David Molnar
, Rael Dornfest
, Dan Brickley
, Theodore Hong
, Richard Lethin
, Jon Udell
, Nimisha Asthagiri
, Walter Tuvell
, Brandon Wiley
What Is Phishing (Or, How to Fight Phishing at the User-Interface Level)
Publish Date: Oct. 25, 2005
Phishing attacks use email messages and websites designed to look as if they come from a known and legitimate organization, in order to deceive users into disclosing personal, financial, or computer account information. This type of internet fraud will only grow more sophisticated in the days ahead, so our defenses against it must continue to improve. This excerpt from Security & Usability defines phishing, and offers techniques and advice on fighting phishing at the user-interface level.
A Webmaster's Guide to Troubleshooting P3P
Publish Date: Nov. 19, 2002
If you're a Webmaster you know it can be a frustrating process to P3P-enable your Web sites. Lorrie Cranor, author of Web Privacy with P3P, reviews some troubleshooting strategies and lists some of the mistakes people frequently make.
Help! IE6 Is Blocking My Cookies
Publish Date: Oct. 4, 2002
Lorrie Cranor, author of Web Privacy with P3P offers an introduction to P3P
and an overview of what you need to do to prevent IE6 from blocking your cookies.
P3P: Privacy Primer
Publish Date: Feb. 15, 2002
The Platform for Privacy Preferences (P3P) provides a standard way for Web sites to communicate about their practices regarding the collection, use, and distribution of personal information. This article describes the platform, shows how Microsoft IE 6 implements it, and gives examples of markup code for web designers.
For Inquiries Contact
Find Other Authors
© 2013, O’Reilly Media, Inc.
All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.