Since the introduction of Android OS 6.0, users are for the first time
empowered to decide over each of the permissions an app receives.
Although very powerful, lay users are often overwhelmed by the
number of options and the technicality of these. Prior work mainly
focussed on automated suggestion of permission settings which are
based on previous smartphone usage profiles. In my talk I will
discuss techniques which offer a prediction without any previous
smartphone usage, using input from other sources like social
networks, blogs, or dedicated short privacy questionnaires as a basis
for the prediction. Our results show there is a significant correlation
between the user's personality according to the big five personality
scores, as well as the IUIPC questionnaire, and the app permission
settings he chooses.
Whereas the prediction can only propose allow or disallow for most
permissions, the location permission can be expressed in a more
fine-grained way. For example by sharing some obfuscated location
instead of the exact position, which allows to preserve the app
functionality while keeping the exact location secret. I will present
SafeLoc, an application which allows to obfuscate the location for an
arbitrary app using different algorithms, and discuss how the
optimal obfuscation algorithm and its settings can be predicted.