{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2019:JMUWAKSM5FQGMKULPNCV66BWNS","short_pith_number":"pith:JMUWAKSM","canonical_record":{"source":{"id":"1906.10873","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-06-26T07:00:22Z","cross_cats_sorted":[],"title_canon_sha256":"9dff30da1724673930127728634cc6d8c8c76fb2da8231ce807390ca6d47806e","abstract_canon_sha256":"7719c7fd75d12ee518ac4b61e8ff917ec96b1a75e5003cefee9627f3a633c7ca"},"schema_version":"1.0"},"canonical_sha256":"4b29602a4ce960662a8b7b455f78366cbd30c90938930dea2260e7e868e06838","source":{"kind":"arxiv","id":"1906.10873","version":2},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1906.10873","created_at":"2026-05-17T23:42:07Z"},{"alias_kind":"arxiv_version","alias_value":"1906.10873v2","created_at":"2026-05-17T23:42:07Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1906.10873","created_at":"2026-05-17T23:42:07Z"},{"alias_kind":"pith_short_12","alias_value":"JMUWAKSM5FQG","created_at":"2026-05-18T12:33:21Z"},{"alias_kind":"pith_short_16","alias_value":"JMUWAKSM5FQGMKUL","created_at":"2026-05-18T12:33:21Z"},{"alias_kind":"pith_short_8","alias_value":"JMUWAKSM","created_at":"2026-05-18T12:33:21Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2019:JMUWAKSM5FQGMKULPNCV66BWNS","target":"record","payload":{"canonical_record":{"source":{"id":"1906.10873","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-06-26T07:00:22Z","cross_cats_sorted":[],"title_canon_sha256":"9dff30da1724673930127728634cc6d8c8c76fb2da8231ce807390ca6d47806e","abstract_canon_sha256":"7719c7fd75d12ee518ac4b61e8ff917ec96b1a75e5003cefee9627f3a633c7ca"},"schema_version":"1.0"},"canonical_sha256":"4b29602a4ce960662a8b7b455f78366cbd30c90938930dea2260e7e868e06838","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-17T23:42:07.694673Z","signature_b64":"rHKTA02RtcQebhDHwdg9mhKrZkrd4OjhOcjzlgqoXlolHhJBaut/ghWfjDvLsyaLQ8ADfFuiNslu1429CkYqCg==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"4b29602a4ce960662a8b7b455f78366cbd30c90938930dea2260e7e868e06838","last_reissued_at":"2026-05-17T23:42:07.694099Z","signature_status":"signed_v1","first_computed_at":"2026-05-17T23:42:07.694099Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1906.10873","source_version":2,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-17T23:42:07Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"kL9LQe4I/hEDXvi+uM6ZezuJwblGaQ0xDYK9PJ6XuZn7Rv79pI/5SlelTl4z9HI5pOoEDAGJVmpkL6ltiPQZCA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-27T19:02:56.278415Z"},"content_sha256":"e63e531b2f2e96e0f0cf26103ea87e21c53a39a1592e7e76b5554a2797c59f2c","schema_version":"1.0","event_id":"sha256:e63e531b2f2e96e0f0cf26103ea87e21c53a39a1592e7e76b5554a2797c59f2c"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2019:JMUWAKSM5FQGMKULPNCV66BWNS","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"Making Smartphone Application Permissions Meaningful for the Average User","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Amer Chamseddine, George Candea","submitted_at":"2019-06-26T07:00:22Z","abstract_excerpt":"Smartphones hold important private information, yet users routinely expose this information to questionable applications written by developers they know nothing about. Users may be tempted to think of smartphones as old-style dumb phones, not as powerful network-connected computers, and this opens a gap between the permissions-based security paradigm (offered by platforms like Android) and what users expect. This makes it easy to fool users into installing applications that steal their information. Not surprisingly, Android is now a more favored target for hackers than Windows.\n  We propose an"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1906.10873","kind":"arxiv","version":2},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-17T23:42:07Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"ze89vWWKEi6mS02L1iAOhlCLbxR12eTH+xQaIfvAgiuNCDpxTi1w7dyqJdAhGX7OPE8u4tO4g1CFSnN2mXzsBw==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-27T19:02:56.278755Z"},"content_sha256":"5231cee034d85781520f1f4c11cd57066f29f5b3ccd88708cdeca8b101008686","schema_version":"1.0","event_id":"sha256:5231cee034d85781520f1f4c11cd57066f29f5b3ccd88708cdeca8b101008686"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/JMUWAKSM5FQGMKULPNCV66BWNS/bundle.json","state_url":"https://pith.science/pith/JMUWAKSM5FQGMKULPNCV66BWNS/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/JMUWAKSM5FQGMKULPNCV66BWNS/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-27T19:02:56Z","links":{"resolver":"https://pith.science/pith/JMUWAKSM5FQGMKULPNCV66BWNS","bundle":"https://pith.science/pith/JMUWAKSM5FQGMKULPNCV66BWNS/bundle.json","state":"https://pith.science/pith/JMUWAKSM5FQGMKULPNCV66BWNS/state.json","well_known_bundle":"https://pith.science/.well-known/pith/JMUWAKSM5FQGMKULPNCV66BWNS/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2019:JMUWAKSM5FQGMKULPNCV66BWNS","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"7719c7fd75d12ee518ac4b61e8ff917ec96b1a75e5003cefee9627f3a633c7ca","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-06-26T07:00:22Z","title_canon_sha256":"9dff30da1724673930127728634cc6d8c8c76fb2da8231ce807390ca6d47806e"},"schema_version":"1.0","source":{"id":"1906.10873","kind":"arxiv","version":2}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1906.10873","created_at":"2026-05-17T23:42:07Z"},{"alias_kind":"arxiv_version","alias_value":"1906.10873v2","created_at":"2026-05-17T23:42:07Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1906.10873","created_at":"2026-05-17T23:42:07Z"},{"alias_kind":"pith_short_12","alias_value":"JMUWAKSM5FQG","created_at":"2026-05-18T12:33:21Z"},{"alias_kind":"pith_short_16","alias_value":"JMUWAKSM5FQGMKUL","created_at":"2026-05-18T12:33:21Z"},{"alias_kind":"pith_short_8","alias_value":"JMUWAKSM","created_at":"2026-05-18T12:33:21Z"}],"graph_snapshots":[{"event_id":"sha256:5231cee034d85781520f1f4c11cd57066f29f5b3ccd88708cdeca8b101008686","target":"graph","created_at":"2026-05-17T23:42:07Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Smartphones hold important private information, yet users routinely expose this information to questionable applications written by developers they know nothing about. Users may be tempted to think of smartphones as old-style dumb phones, not as powerful network-connected computers, and this opens a gap between the permissions-based security paradigm (offered by platforms like Android) and what users expect. This makes it easy to fool users into installing applications that steal their information. Not surprisingly, Android is now a more favored target for hackers than Windows.\n  We propose an","authors_text":"Amer Chamseddine, George Candea","cross_cats":[],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-06-26T07:00:22Z","title":"Making Smartphone Application Permissions Meaningful for the Average User"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1906.10873","kind":"arxiv","version":2},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:e63e531b2f2e96e0f0cf26103ea87e21c53a39a1592e7e76b5554a2797c59f2c","target":"record","created_at":"2026-05-17T23:42:07Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"7719c7fd75d12ee518ac4b61e8ff917ec96b1a75e5003cefee9627f3a633c7ca","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-06-26T07:00:22Z","title_canon_sha256":"9dff30da1724673930127728634cc6d8c8c76fb2da8231ce807390ca6d47806e"},"schema_version":"1.0","source":{"id":"1906.10873","kind":"arxiv","version":2}},"canonical_sha256":"4b29602a4ce960662a8b7b455f78366cbd30c90938930dea2260e7e868e06838","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"4b29602a4ce960662a8b7b455f78366cbd30c90938930dea2260e7e868e06838","first_computed_at":"2026-05-17T23:42:07.694099Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-17T23:42:07.694099Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"rHKTA02RtcQebhDHwdg9mhKrZkrd4OjhOcjzlgqoXlolHhJBaut/ghWfjDvLsyaLQ8ADfFuiNslu1429CkYqCg==","signature_status":"signed_v1","signed_at":"2026-05-17T23:42:07.694673Z","signed_message":"canonical_sha256_bytes"},"source_id":"1906.10873","source_kind":"arxiv","source_version":2}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:e63e531b2f2e96e0f0cf26103ea87e21c53a39a1592e7e76b5554a2797c59f2c","sha256:5231cee034d85781520f1f4c11cd57066f29f5b3ccd88708cdeca8b101008686"],"state_sha256":"15cb7cfe1395e2c85594008e0014830b1212c8153fe8df5b574c610e0f7b4322"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"7vZgyRaLiUuPbPuJDPXKXBLaZCE6Jjl7dCNjp/TrMLCW53mLzoHqMLpjjYy/NY6W29Nv+wXGZXLwdgZ57R3ACg==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-27T19:02:56.280668Z","bundle_sha256":"82060068a5ab995b18961d359d12b3efd1f3ebc9bc3456813b27ca1c9794ba78"}}