Online Privacy Technologies

download Online Privacy Technologies

of 61

  • date post

    13-Jan-2016
  • Category

    Documents

  • view

    23
  • download

    0

Embed Size (px)

description

Online Privacy Technologies. NTIA Online Privacy Technologies Workshop. Dr. Lorrie Faith Cranor AT&T Labs-Research http://www.research.att.com/~lorrie/. Why is Cathy concerned?. Cathy. March 1, 2000. How did Irving find this out?. He snooped her email - PowerPoint PPT Presentation

Transcript of Online Privacy Technologies

  • Online Privacy TechnologiesDr. Lorrie Faith CranorAT&T Labs-Research http://www.research.att.com/~lorrie/NTIA Online Privacy Technologies Workshop

  • Why is Cathy concerned?CathyMarch 1, 2000

  • How did Irving find this out? He snooped her emailHe looked at the files on her computerHe observed the chatter sent by her browserHe set cookies through banner ads and web bugs that allowed him to track her activities across web sites

  • What do browsers chatter about?Browsers chatter aboutIP address, domain name, organization, Referring pagePlatform: O/S, browser What information is requestedURLs and search termsCookiesTo anyone who might be listeningEnd serversSystem administratorsInternet Service ProvidersOther third partiesAdvertising networksAnyone who might subpoena log files later

  • A typical HTTP requestGET /retail/searchresults.asp?qu=beer HTTP/1.0Referer: http://www.us.buy.com/default.aspUser-Agent: Mozilla/4.75 [en] (X11; U; NetBSD 1.5_ALPHA i386)Host: www.us.buy.comAccept: image/gif, image/jpeg, image/pjpeg, */*Accept-Language: enCookie: buycountry=us; dcLocName=Basket; dcCatID=6773; dcLocID=6773; dcAd=buybasket; loc=; parentLocName=Basket; parentLoc=6773; ShopperManager%2F=ShopperManager%2F=66FUQULL0QBT8MMTVSC5MMNKBJFWDVH7; Store=107; Category=0

  • What about cookies?Cookies can be usefulused like a staple to attach multiple parts of a form togetherused to identify you when you return to a web site so you dont have to remember a passwordused to help web sites understand how people use themCookies can be harmfulused to profile users and track their activities without their knowledge, especially across web sites

  • YOUWith cooperation from book store, ad company can get your name and address from book order and link them to your search

  • Web bugsInvisible images embedded in web pages that cause cookies to be transferredWork just like banner ads from ad networks, but you cant see them unless you look at the code behind a web pageAlso embedded in HTML formatted email messagesCan also use JavaScript to perform same function without cookiesFor more info on web bugs see: http://www.privacyfoundation.org/education/

  • Referer log problemsGET methods result in values in URLThese URLs are sent in the REFERER header to next hostExample: http://www.merchant.com/cgi_bin/order?name=Tom+Jones&address=here+there&credit+card=234876923234&PIN=1234& -> index.html

  • Low tech solutionsWander around cyber cafesUse free e-mail service instead of ISPSet up a pre-paid cash account with ISPgive all phony informationObtain unusual domain name and get people you trust as name serversForge e-mail, spoof IP, etc.. . . And dont give out any personally-identifiable data!

  • Types of software toolsAnonymity and pseudonymity toolsAnonymizing proxiesMix Networks and similar web anonymity toolsOnion routingCrowdsFreedomAnonymous emailEncryption toolsFile encryptionEmail encryptionEncrypted network connectionsFiltersCookie cuttersChild protection softwareInformation and transparency toolsIdentity management toolsP3POther toolsPrivacy-friendly search enginesComputer cleanersTools to facilitate access

  • Anonymizing proxyActs as a proxy for usersHides information from end servers

    Sees all web trafficFree and subscription services availableSome free services add advertisements to web pages

  • http://www.anonymizer.com

  • Pseudonymity toolsquote.comnytimes.comexpedia.commfjhasefdsfdfProxyAutomatically generate user names, passwords,email addresses, etc. unique to each web site you visitusername

  • iPrivacy private shipping labels

  • Incogno SafeZoneThe merchant offers Incogno SafeZone from its siteUpon checkout, the buyer enters personal information into The Incogno SafeZone a separate server.

  • Incogno SafeZoneIncogno reinforces that the purchase is anonymous.The anonymous purchase is complete with no added software installation or setup for the buyer.

  • PrivadaMulti-server design to shield real-world infoInfo is compartmentalized & encrypted, then processed by servers on a need-to-know basisOnline identities and activity are kept distinct from real-world identitiesPatent-pending privacy management infrastructure

  • Mixes [Chaum81]Sender routes message randomly through network of Mixes, using layered public-key encryption.Mix ASenderDestinationMix CMix B

  • Freedom by Zero-Knowledge

  • Freedom nymsCreate multiple psuedonymsSurf without a nymSelect a nym and surf

  • CrowdsExperimental system developed at AT&T ResearchUsers join a Crowd of other usersWeb requests from the crowd cannot be linked to any individualProtection fromend serversother crowd memberssystem administratorseavesdroppersFirst system to hide data shadow on the web without trusting a central authorityhttp://www.research.att.com/projects/crowds/

  • Crowds illustrated126354351624Crowd membersWeb servers

  • Anonymous emailAnonymous remailers allow people to send email anonymouslySimilar to anonymous web proxiesSome can be chained and work like mixeshttp://anon.efga.org/~rlist

  • Encryption toolsFile encryptionEmail encryptionMany email programs include encryption features built in or available as plug-insWeb-based encrypted emailEmail that self-destructs Disappearing, Inc.Encrypted network connectionsSecure socket layer (SSL)Secure shell (SSH)Virtual private networks

  • Disappearing, Inc.

  • FiltersCookie CuttersBlock cookies, allow for more fine-grained cookie control, etc.Some also filter ads, referer header, and browser chatterhttp://www.junkbusters.com/ht/en/links.html#measuresChild Protection SoftwareBlock the transmission of certain information via email, chat rooms, or web forms when child is using computerLimit who a child can email or chat withhttp://www.getnetwise.org/

  • Identity management toolsServices and tools that help people manage their online identitiesOffer convenience of not having to retype data and/or remember passwordsSome let consumers opt-in to targeted advertising (permission marketing), sharing data with sites, etc.Some pay consumers for providing data Some check for privacy policies before releasing data or require minimum privacy standards for participating sitesExamplesAllAdvantage.comDigitalMeEnonymousLumeriaPersonaPrivacyBank.com

  • PersonaConsumer fills out Persona with personal informationConsumer can decide how each field is shared with online businesses and 3rd parties

  • PersonaValetA free toolbar Four views provide features that include Cookie Management, P3P reader, automatic log-in, form-fill, quick access to top sites, search engines & comparison capabilities Allows user to accept or reject cookies while surfingCookie Watcher tells users when cookies are being droppedP3P Viewer alerts user to site with valid P3P policy; allows comparison to users privacy settingsPop-up Menu

  • PrivacyBank.Com

  • Infomediary example: PrivacyBankPrivacyBank bookmark

  • Platform for Privacy Preferences (P3P)Offers an easy way for web sites to communicate about their privacy policies in a standard machine-readable formatCan be deployed using existing web serversThis will enable the development of tools (built into browsers or separate applications) that:Provide snapshots of sites policiesCompare policies with user preferencesAlert and advise the userFor more info see http://www.w3.org/P3P/

  • Using P3P on your Web siteFormulate privacy policyTranslate privacy policy into P3P formatUse a policy generator toolPlace P3P policy on web siteOne policy for entire site or multiple policies for different parts of the siteAssociate policy with web resources:Place P3P policy reference file (which identifies location of relevant policy file) at well-known location on server;Configure server to insert P3P header with link to P3P policy reference file; orInsert link to P3P policy reference file in HTML content

  • The P3P vocabularyWho is collecting data?What data is collected?For what purpose will data be used?Is there an ability to opt-in or opt-out of some data uses?Who are the data recipients (anyone beyond the data collector)?To what information does the data collector provide access?What is the data retention policy?How will disputes about the policy be resolved? Where is the human-readable privacy policy?

  • TransparencyP3P clients can check a privacy policy each time it changesP3P clients can check privacy policies on all objects in a web page, including ads and invisible images

    http://adforce.imgis.com/?adlink|2|68523|1|146|ADFORCEhttp://www.att.com/accessatt/

  • Microsoft/AT&T P3P browser helper objectA prototype tool designed to work with Microsoft Internet Explorer BrowserNot yet fully tested, still missing some features

  • Preference settings

  • When preferences are changed toDisallow profiling, the privacy check warns us that this site profiles visitors

  • IDcide Privacy CompanionA browser plug-in that adds functionality to Netscape or Internet Explorer browsersIncludes icons to let users know that sites use first- and/or third-party cookiesEnables users to select a privacy level that controls the cookie types allowed (1st or 3rd party)Prevents data spills to 3rd parties through refererLets users view tracking historyPrototype P3P-enabled Privacy Companion allows for more fine-grained automatic decision making based on P3P policieshttp://www.idcide.com

  • Searching for a P3P policyNo P3P policy foundP3P policy is NOT acceptableP3P policy is acceptableIDcide P3P Icons

  • Double clicking on the P3P icon in