Popular

Free mouse software for people with motor disabilities

Posted in General Interest, Popular, Uncategorized on by admin – Be the first to comment

Washington.edu – The hand moves the computer mouse, but the cursor doesn’t comply. The cursor doesn’t go where told.

The hand tries again. The cursor shoots past the intended target.

The hand tries a third time – and the cursor loops farther from the target than where it started. And the user is frustrated.

So it often goes for computer users whose motor disabilities prevent them from easily using a computer mouse.

As the population ages, more people are having trouble with motor control, but a University of Washington team has invented two mouse cursors that make clicking targets a whole lot easier. And neither requires additional computer hardware – just some free, downloadable software. The researchers hope that in exchange for the software, users offer feedback.

The Pointing Magnifier [click for download page] combines an area cursor with visual and motor magnification, reducing need for fine, precise pointing. The UW’s AIM Research Group, which invented the Pointing Magnifier, learned that users can much more easily acquire targets, even small ones, 23 percent faster with the Pointing Magnifier.

The magnifier runs on Windows-based computer systems. It replaces the conventional cursor with a larger, circular cursor that can be made even larger for users who have less motor control. To acquire a target, the user places the large cursor somewhere over the target, and clicks. The Pointing Magnifier then magnifies everything under that circular area until it fills the screen, making even tiny targets large. The user then clicks with a point cursor inside that magnified area, acquiring the target. Although the Pointing Magnifier requires two clicks, it’s much easier to use than a conventional mouse, which can require many clicks to connect with a target.

Screen magnifiers for people with visual impairments have been around a long time, but such magnifiers affect only the size of screen pixels, not the motor space in which users act, thus offering no benefit to users with motor impairments. The Pointing Magnifier enlarges both visual and motor space.

Software for the Pointing Magnifier includes a control panel that allows the user to adjust color, transparency level, magnification factor, and area cursor size. User preferences are saved when the application is closed. Keyboard shortcuts quickly enable or disable the Pointing Magnifier. The UW team is also making shortcuts customizable.

“It’s less expensive to create computer solutions for people who have disabilities if you focus on software rather than specialized hardware, and software is usually easier to procure than hardware,” said Jacob O. Wobbrock, an assistant professor in the Information School who leads the AIM Group.

His group’s paper on enhanced area cursors, including the Pointing Magnifier, was presented at the 2010 User Interface Software and Technology symposium in New York. A follow-on paper will be presented at a similar conference in May.

Another AIM technology, the Angle Mouse, similarly helps people with disabilities. Like the Pointing Magnifier, it may be downloaded, and two videos, one for general audiences and another for academic ones, are available as well.

When the Angle Mouse cursor initially blasts towards a target, the spread of movement angles, even for people with motor impairments, tends to be narrow, so the Angle Mouse keeps the cursor moving fast. However, when the cursor nears its target and the user tries to land, the angles formed by movements diverge sharply, so the Angle Mouse slows the cursor, enlarges motor space and makes the target easier to get into. The more trouble a user has, the larger the target will be made in motor space. (The target’s visual appearance will not change.)

Wobbrock compares the Angle Mouse to a race car. “On a straightaway, when the path is open, the car whips along, but in a tight corner, the car slows and makes a series of precise corrections, ensuring its accuracy.”

A study of the Angle Mouse included 16 people, half of whom had motor impairments. The Angle Mouse improved motor-impaired pointing performance by 10 percent over the regular Windows™ default mouse and 11 percent over sticky icons – an earlier innovation in which targets slow the cursor when it is inside them.

“Pointing is an essential part of using a computer, but it can be quite difficult and time consuming if dexterity is a problem,” Wobbrock said. “Even shaving one second off each time a person points may save hours over the course of a year.”

Wobbrock suggests that users try both the Pointing Magnifier and the Angle Mouse before deciding which they prefer.

“Our cursors make ubiquitous mice, touchpads, and trackballs more effective for people with motor impairments without requiring new, custom hardware,” Wobbrock said. “We’re achieving accessibility by improving devices that computer users already have. Making computers friendlier for everyone is the whole point of our work.”

The Pointing Magnifier work was funded by the National Science Foundation and the Natural Sciences and Engineering Research Council of Canada.

The Angle Mouse work was supported by Microsoft Research, Intel Research and the National Science Foundation (By Catherine O’Donnell; UW News and Information).

Your web surfing history invisibly stolen via JavaScript

Posted in General Interest, Popular, Uncategorized on by admin – Be the first to comment

UCSD.edu – The Web surfing history saved in your Web browser can be accessed without your permission, especially if you use Internet Explorer as your browser. JavaScript code deployed by real websites and online advertising providers use browser vulnerabilities to determine which sites you have and have not visited, according to new research from computer scientists at the University of California, San Diego.

The researchers documented JavaScript code secretly collecting browsing histories of Web users through “history sniffing” and sending that information across the network. While history sniffing and its potential implications for privacy violation have been discussed and demonstrated, the new work provides the first empirical analysis of history sniffing on the real Web.

“Nobody knew if anyone on the Internet was using history sniffing to get at users’ private browsing history. What we were able to show is that the answer is yes,” said UC San Diego computer science professor Hovav Shacham.

The computer scientists from the UC San Diego Jacobs School of Engineering presented this work in October at the 2010 ACM Conference on Computer and Communications Security (CCS 2010) in a paper entitled, “An Empirical Study of Privacy-Violating Information Flows in JavaScript Web Applications.”

History Sniffing

History sniffing takes place without your knowledge or permission and relies on the fact that browsers display links to sites you’ve visited differently than ones you haven’t: by default, visited links are purple, unvisited links blue. History sniffing JavaScript code running on a Web page checks to see if your browser displays links to specific URLs as blue or purple.

History sniffing can be used by website owners to learn which competitor sites visitors have or have not been to. History sniffing can also be deployed by advertising companies looking to build user profiles, or by online criminals collecting information for future phishing attacks. Learning what banking site you visit, for example, suggests which fake banking page to serve up during a phishing attack aimed at collecting your bank account login information.

“JavaScript is a great thing, it allows things like Gmail and Google Maps and a whole bunch of Web 2.0 applications; but it also opens up a lot of security vulnerabilities. We want to let the broad public know that history sniffing is possible, it actually happens out there, and that there are a lot of people vulnerable to this attack,” said UC San Diego computer science professor Sorin Lerner.

The latest versions of Firefox, Chrome, and Safari now block the history sniffing attacks the computer scientists monitored. Internet Explorer, however, does not currently defend against history sniffing. In addition, anyone using anything but the latest versions of the patched browsers is also vulnerable.

Sniffing out History Sniffing

“We built a dynamic data flow engine for JavaScript to track history sniffing in the wild. I don’t know of any other practical tool that can be used to do this kind of extensive study,” said Dongseok Jang, the UC San Diego computer science Ph.D. student who developed the JavaScript monitoring technology. The researchers plan to broaden their work and study what information is being leaked by applications on social media and other Web 2.0 sites.

The computer scientists looked for history sniffing on the front pages of the top 50,000 websites, according to Alexa global website rankings. They found that 485 of the top 50,000 sites inspect style properties that can be used to infer the browser’s history. Out of 485 sites, 63 transferred the browser’s history to the network. “We confirmed that 46 of them are actually doing history sniffing, one of these sites being in the Alexa global top 100,” the UC San Diego computer scientists write in the CCS 2010 paper.

Table 1 in the paper outlines the websites the computer scientists found that performed history sniffing during the data collection period. In some cases, the websites created their own history sniffing systems. In other cases, advertisements served by outside companies contained JavaScript code performing the history sniffing.

History Sniffing in Perspective

The computer scientists say that history sniffing does not pose as great a risk to your privacy or identity as malicious software programs (malware) that can steal your banking information or your entire Facebook profile. But, according to Shacham, “history sniffing is unusual in effectively allowing any site you visit to learn about your browsing habits on any other site, regardless if the two sites have any business relationship.”

To see history sniffing in action, visit: www.whattheinternetknowsaboutyou.com

“I think people who have updated or switched browsers should now worry about things other than history sniffing, like keeping their Flash plug-in up to date so they don’t get exploited. But that doesn’t mean that the companies that have engaged in history sniffing for the currently 60 percent of the user population that is vulnerable to it should get a free pass,” said Shacham.

Tracking History Sniffing

The UC San Diego history-sniffing detection tool analyzes the JavaScript running on the page to identify and tag all instances where the browser history is being checked. The way the system tags each of these potential history tracking events can be compared to the ink or paint packets that banks add to bags of money being stolen.

“As soon as a JavaScript tries to look at the color of a link, we immediately put ‘paint’ on that. Some sites collected that information but never sent it over the network, so there was all this ‘paint’ inside the browser. But in other cases, we observed ‘paint’ being sent over the network, indicating that history sniffing is going on,” explained Lerner. The computer scientists only considered it history sniffing when the browser history information was sent over the network to a server.

“We detected when browser history is looked at, collected on the browser and sent on the network from the browser to their servers. What servers then do with that information is speculation,” said Lerner.

The “paint” tracking approach to monitoring JavaScript could be useful for more than just history sniffing, Lerner explained. “It could be useful for understanding what information is being leaked by applications on Web 2.0 sites. Many of these apps use a lot of JavaScript.”

Reference: Dongseok Jang, Ranjit Jhala, Sorlin Lerner, and Hovav Shacham. “An Empirical Study of Privacy-Violating Information Flows in JavaScript Web Applications.”In A. Keromytis and V. Shmatikov, eds., Proceedings of CCS 2010, pages 270–83. ACM Press, Oct. 2010.