{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,12]],"date-time":"2026-02-12T08:40:47Z","timestamp":1770885647252,"version":"3.50.1"},"reference-count":26,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2017,7,1]],"date-time":"2017-07-01T00:00:00Z","timestamp":1498867200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Information"],"abstract":"<jats:p>Smartphones and other mobile devices have proliferated in the past five years. The expectation of mobile device users to always be online has led to Wi-Fi networks being offered by a variety of providers. Using these networks introduces multiple security risks. In this work, we assess to what extent the privacy stance of mobile device users corresponds with their actual behavior by conducting a study with 108 participants. Our methodology consists of monitoring Wi-Fi networks that the participants\u2019 devices connect to and the connections made by apps on these devices, for a period of 30 days. Afterwards, participants are surveyed about their awareness and privacy sensitiveness. We show that while a higher expertise in computer networks corresponds to more awareness about the connections made by apps, neither this expertise nor the actual privacy stance of the participant translates to better security habits. Moreover, participants in general were unaware about a significant part of connections made by apps on their devices, a matter that is worsened by the fact that one third of Wi-Fi networks that participants connect to do not have any security enabled. Based on our results, we provide recommendations to network providers, developers and users on how to improve Wi-Fi security for mobile devices.<\/jats:p>","DOI":"10.3390\/info8030076","type":"journal-article","created":{"date-parts":[[2017,7,3]],"date-time":"2017-07-03T10:27:31Z","timestamp":1499077651000},"page":"76","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":10,"title":["Insecure Network, Unknown Connection: Understanding Wi-Fi Privacy Assumptions of Mobile Device Users"],"prefix":"10.3390","volume":"8","author":[{"given":"Bram","family":"Bonn\u00e9","sequence":"first","affiliation":[{"name":"Hasselt University\u2014tUL\u2014imec, Expertise Centre for Digital Media (EDM), Wetenschapspark 2, 3590 Diepenbeek, Belgium"}]},{"given":"Gustavo","family":"Rovelo","sequence":"additional","affiliation":[{"name":"Hasselt University\u2014tUL\u2014imec, Expertise Centre for Digital Media (EDM), Wetenschapspark 2, 3590 Diepenbeek, Belgium"}]},{"given":"Peter","family":"Quax","sequence":"additional","affiliation":[{"name":"Hasselt University\u2014tUL\u2014imec, Expertise Centre for Digital Media (EDM), Wetenschapspark 2, 3590 Diepenbeek, Belgium"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1888-6383","authenticated-orcid":false,"given":"Wim","family":"Lamotte","sequence":"additional","affiliation":[{"name":"Hasselt University\u2014tUL\u2014imec, Expertise Centre for Digital Media (EDM), Wetenschapspark 2, 3590 Diepenbeek, Belgium"}]}],"member":"1968","published-online":{"date-parts":[[2017,7,1]]},"reference":[{"key":"ref_1","unstructured":"Eurostat (2017, April 27). ICT Usage in Households and by Individuals. Available online: http:\/\/ec.europa.eu\/eurostat\/web\/digital-economy-and-society\/data\/database."},{"key":"ref_2","unstructured":"Poushter, J. (2016). Smartphone Ownership and Internet Usage Continues to Climb in Emerging Economies, Pew Research Center."},{"key":"ref_3","first-page":"393","article-title":"Your mobile phone is a traitor!\u2014Raising awareness on ubiquitous privacy issues with SASQUATCH","volume":"6","author":"Quax","year":"2014","journal-title":"Int. J. Inf. Technol. Secur."},{"key":"ref_4","unstructured":"Troianovski, A. (2017, June 22). Phone Firms Sell Data on Customers. Available online: http:\/\/www.wsj.com\/articles\/SB10001424127887323463704578497153556847658."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Georgiev, M., Iyengar, S., Jana, S., Anubhai, R., Boneh, D., and Shmatikov, V. (2012, January 16\u201318). The Most Dangerous Code in the World: Validating SSL Certificates in Non-browser Software. Proceedings of the 2012 ACM Conference on Computer and Communications Security (CCS \u201912), Raleigh, NC, USA.","DOI":"10.1145\/2382196.2382204"},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Klasnja, P., Consolvo, S., Jung, J., Greenstein, B.M., LeGrand, L., Powledge, P., and Wetherall, D. (2009, January 4\u20139). \u201cWhen I am on Wi-Fi, I am fearless\u201d: Privacy concerns & practices in everyday Wi-Fi use. Proceedings of the 27th International Conference on Human Factors in Computing Systems (CHI \u201909), Boston, MA, USA.","DOI":"10.1145\/1518701.1519004"},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"100","DOI":"10.1111\/j.1745-6606.2006.00070.x","article-title":"The privacy paradox: Personal information disclosure intentions versus behaviors","volume":"41","author":"Norberg","year":"2007","journal-title":"J. Consum. Aff."},{"key":"ref_8","unstructured":"Yee, K.P. (2002, January 9\u201312). User interaction design for secure systems. Proceedings of the International Conference on Information and Communications Security (ICICS \u201902), Singapore."},{"key":"ref_9","unstructured":"Lella, A., and Lipsman, A. (2017, April 27). 2016 U.S. Cross-Platform Future in Focus. Available online: https:\/\/www.comscore.com\/Insights\/Presentations-and-Whitepapers\/2016\/2016-US-Cross-Platform-Future-in-Focush."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Consolvo, S., Jung, J., Greenstein, B., Powledge, P., Maganis, G., and Avrahami, D. (2010, January 26\u201329). The Wi-Fi privacy ticker: Improving awareness & control of personal information exposure on Wi-Fi. Proceedings of the 12th ACM International Conference on Ubiquitous Computing, Copenhagen, Denmark.","DOI":"10.1145\/1864349.1864398"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Swanson, C., Urner, R., and Lank, E. (2010, January 16\u201318). Na\u00efve security in a Wi-Fi world. Proceedings of the IFIP International Conference on Trust Management, Morioka, Japan.","DOI":"10.1007\/978-3-642-13446-3_3"},{"key":"ref_12","unstructured":"Kang, R., Dabbish, L., Fruchter, N., and Kiesler, S. (2015, January 22\u201324). \u201cMy Data Just Goes Everywhere:\u201d User Mental Models of the Internet and Implications for Privacy and Security. Proceedings of the Eleventh Symposium on Usable Privacy and Security (SOUPS \u201915), Ottawa, ON, Canada."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Chin, E., Felt, A.P., Sekar, V., and Wagner, D. (2012, January 11\u201313). Measuring user confidence in smartphone security and privacy. Proceedings of the Eighth Symposium on Usable Privacy and Security (SOUPS \u201912), Washington, DC, USA.","DOI":"10.1145\/2335356.2335358"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Clark, J.W., Snyder, P., McCoy, D., and Kanich, C. (2015, January 18\u201323). I Saw Images I Didn\u2019t Even Know I Had: Understanding User Perceptions of Cloud Storage Privacy. Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, Seoul, Korea.","DOI":"10.1145\/2702123.2702535"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Tews, E., and Beck, M. (2009, January 16\u201319). Practical Attacks Against WEP and WPA. Proceedings of the Second ACM Conference on Wireless Network Security (WiSec \u201909), Zurich, Switzerland.","DOI":"10.1145\/1514274.1514286"},{"key":"ref_16","unstructured":"Schuermann, D. (2017, April 27). Kicelo AdAway Hosts File. Available online: https:\/\/adaway.org\/hosts.txt."},{"key":"ref_17","unstructured":"Google Play (2017, April 27). Top Communication Apps. Available online: https:\/\/play.google.com\/store\/apps\/category\/COMMUNICATION\/collection\/topselling_free."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Dainotti, A., Gargiulo, F., Kuncheva, L.I., Pescap\u00e8, A., and Sansone, C. (2010, January 23\u201327). Identification of traffic flows hiding behind TCP port 80. Proceedings of the 2010 IEEE International Conference on Communications (ICC), Capetown, South Africa.","DOI":"10.1109\/ICC.2010.5502266"},{"key":"ref_19","unstructured":"Pew Research Center (2017, April 27). Pew Research Center\u2019s Internet Project\/GFK Privacy Panel Survey #2 Topline. Available online: http:\/\/www.pewinternet.org\/files\/2015\/05\/Privacy-and-Security-Attitudes-5.19.15_Topline_FINAL.pdf."},{"key":"ref_20","unstructured":"Roth, V., Polak, W., Rieffel, E., and Turner, T. (April, January 31). Simple and Effective Defense against Evil Twin Access Points. Proceedings of the First ACM Conference on Wireless Network Security (WiSec \u201908), Alexandria, VA, USA."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Friedman, B., Hurley, D., Howe, D.C., Felten, E., and Nissenbaum, H. (2002, January 20\u201325). Users\u2019 conceptions of web security: A comparative study. Proceedings of the CHI\u201902 Extended Abstracts on Human Factors in Computing Systems, Minneapolis, MN, USA.","DOI":"10.1145\/506443.506577"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"391","DOI":"10.1007\/s00779-004-0308-5","article-title":"Security in the Wild: User Strategies for Managing Security as an Everyday, Practical Problem","volume":"8","author":"Dourish","year":"2004","journal-title":"Pers. Ubiquitous Comput."},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Shaik, A., Seifert, J., Borgaonkar, R., Asokan, N., and Niemi, V. (2016, January 21\u201324). Practical Attacks against Privacy and Availability in 4G\/LTE Mobile Communication Systems. Proceedings of the 23nd Annual Network and Distributed System Security Symposium (NDSS 2016), San Diego, CA, USA.","DOI":"10.14722\/ndss.2016.23236"},{"key":"ref_24","unstructured":"Balebako, R., Leon, P.G., Almuhimedi, H., Kelley, P.G., Mugan, J., Acquisti, A., Cranor, L.F., and Sadeh, N. (2011, January 7\u201312). Nudging users towards privacy on mobile devices. Proceedings of the CHI 2011 Workshop on Persuasion, Nudge, Influence and Coercion, Vancouver, BC, Canada."},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Bonn\u00e9, B., Lamotte, W., Quax, P., and Luyten, K. (2014, January 2\u20135). Raising Awareness on Smartphone Privacy Issues with SASQUATCH, and solving them with PrivacyPolice. Proceedings of the 11th International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, London, UK.","DOI":"10.4108\/icst.mobiquitous.2014.258025"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Ikram, M., Vallina-Rodriguez, N., Seneviratne, S., Kaafar, M.A., and Paxson, V. (2016, January 14\u201316). An Analysis of the Privacy and Security Risks of Android VPN Permission-enabled Apps. Proceedings of the 2016 ACM Internet Measurement Conference, Santa Monica, CA, USA.","DOI":"10.1145\/2987443.2987471"}],"container-title":["Information"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2078-2489\/8\/3\/76\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T18:41:07Z","timestamp":1760208067000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2078-2489\/8\/3\/76"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,7,1]]},"references-count":26,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2017,9]]}},"alternative-id":["info8030076"],"URL":"https:\/\/doi.org\/10.3390\/info8030076","relation":{},"ISSN":["2078-2489"],"issn-type":[{"value":"2078-2489","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,7,1]]}}}