Internet-of-Things (IoT) devices are increasingly deployed at home, at work, and in other shared and public spaces. IoT devices collect and share data with service providers and third parties, which poses privacy concerns. Although privacy enhancing tools are quite advanced in other applications domains (\eg~ advertising and tracker blockers for browsers), users have currently no convenient way to know or manage what and how data is collected and shared by IoT devices. In this paper, we present VBIT, an interactive system combining Mixed Reality (MR) and web-based applications that allows users to: (1) uncover and visualize tracking services by IoT devices in an instrumented space and (2) take action to stop or limit that tracking. We design and implement VBIT to operate at the network traffic level, and we show that it has negligible performance overhead, and offers flexibility and good usability. We perform a mixed-method user study consisting of an online survey and an in-person interview study. We show that VBIT users appreciate VBIT's transparency, control, and customization features, and they become significantly more willing to install an IoT advertising and tracking blocker, after using VBIT. In the process, we obtain design insights that can be used to further iterate and improve the design of VBIT and other systems for IoT transparency and control.

翻译：物联网设备在家庭、工作场所及其他共享与公共空间中的部署日益广泛。这些设备会收集数据并与服务提供商及第三方共享，从而引发隐私担忧。尽管隐私增强工具在其他应用领域（例如浏览器广告与追踪器拦截工具）已相当成熟，但目前用户仍缺乏便捷途径来了解或管理物联网设备收集与共享数据的类型及方式。本文提出VBIT，一种结合混合现实与Web应用的交互式系统，使用户能够：（1）在受监测空间中揭示并可视化物联网设备的追踪服务；（2）采取行动阻止或限制此类追踪。我们设计并实现了在网络流量层面运行的VBIT系统，实验表明其性能开销可忽略不计，且具备良好的灵活性与可用性。通过包含在线问卷与实地访谈的混合方法用户研究，我们发现VBIT用户高度认可其透明度、控制力与定制功能，且在使用VBIT后安装物联网广告与追踪拦截工具的意愿显著提升。在此过程中，我们获得了可用于进一步迭代改进VBIT及其他物联网透明度与控制系统的设计洞见。