Publications about tracking and spying technologies
Publications about tracking and spying technologies
Mass Surveillance by Eavesdropping on Web Cookies
Abstract: The autors investigate the ability of a passive network observer to leverage third-party HTTP tracking cookies for mass surveillance (like it is done by NSA). If two web pages embed the same tracker which emits a unique pseudonymous identifier, then the adversary can link visits to those pages from the same user (browser instance) even if the user’s IP address varies. Furthermore, almost half of the most popular web pages will leak a logged-in user’s real-world identity to an eavesdropper in unencrypted traffic. Together, these provide a novel method to link an identified individual to a large fraction of her entire web history.
FPDetective: Dusting the web for fingerprinters
Fingerprinting Canvas in HTML5
Abstract: Browser can use grafic hardware with WebGL in HTML5 ti improve rendering speed. Using a <canvas> element is was possible to create a new, high-entropy fingerprint based on the computer hardware used by websurfers.
Defending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices
Abstract: Anytime you travel internationally, especially into the USA, you risk a broad, invasive search of your laptop, phone, and other digital devices – including the copying of your data and seizing of your property for an indefinite time. To help travelers protect themselves and their private information during the busy holiday travel period, the Electronic Frontier Foundation (EFF) released a report with important guidance for safeguarding your personal data at the U.S border. Use a second mobile phone without any personal data inside, and remove any sensitive data from your laptop. Encryption is not a good and sufficient idea, as it usually results in pasword request, and theft of the device if you refuse to reveal the password.
Opinions on the "Staatstrojaner" (Germany)
Abstract: checking the "Staatstrojaner" against German law and recent judgements of the constitutional tribunal
Website Fingerprinting in Onion Routing Based Anonymization Networks
Mike Perry wrote a Critique of Website Traffic Fingerprinting Attacks in real-world scenarios and shows defence options.
Schutzlücken durch Wegfall der Vorratsdatenspeicherung? Data retention in Germany
Abstract: Investigations by Max-Planck-Institut (MPI) für ausländisches und internationales Strafrecht (Institute for criminal law) about effect of preventive data retention. The conclusion is that there is no significant benefit (reduced occurrence of crime or improved investigation success rate) of data retention.
Abstract: A team of researchers from Concordia University has developed an effective new technique to determine the authorship of anonymous emails. Tests showed their method has a high level of accuracy - and unlike many other methods of ascertaining authorship, it can provide presentable evidence in courts of law.
Flash Cookies and Privacy II: Now with HTML5 and ETag Respawning
Abstract: In this followup study, we reassess the Flash cookies landscape and examine a new tracking vector, HTML5 local storage and Cache-Cookies via ETags. We found over 5,600 standard HTTP cookies on popular sites, over 4,900 were from third parties. Google-controlled cookies were present on 97 of the top 100 sites, including popular government websites. Seventeen sites were using HTML5, and seven of those sites had HTML5 local storage and HTTP cookies with matching values. Flash cookies were present on 37 of the top 100 sites. We found two sites that were respawning cookies, including one site – hulu.com – where both Flash and cache cookies were employed to make identifiers more persistent. The cache cookie method used ETags, and is capable of unique tracking even where all cookies are blocked by the user and "Private Browsing Mode" is enabled.
Find me if you can
Abstract: Improving geographical prediction with social and spatial proximity. The paper presents a measurement of the home position of facebook user by known position of friends. In case of 5 or more friends with known home position it outperforms geolocation by IP addresses.
Challenges in Measuring Online Advertising Systems
Abstract: This paper takes a first principled look at measurement methodologies for ad networks. It proposes new metrics that are robust to the high levels of noise inherent in ad distribution, identifies measurement pitfalls and artifacts, and provides mitigation strategies. It also presents an analysis of how three different classes of advertising - search, contextual, and social networks, use user profile information today. (gay users outed to advertisers)
Feasibility and Real-World Implications of Web Browser History Detection
Certified Lies - Detecting and Defeating Government Interception Attacks against SSL
Abstract: C. Soghoian and S. Stamm introduced a new attack, the compelled certificate creation attack, in which government agencies compel a certificate authority to issue false SSL certificates that are then used by intelligence agencies to covertly intercept and hijack individuals’ secure Web-based communications. They reveal alarming evidence that suggests that this attack is in active use.
A Practical Attack to De-Anonymize Social Network Users
Abstract: Deanonymisation in the Social network Xing.
Zusammenfassung: the paper present a novel method that applies common text mining techniques to the normalised frequency distribution of observable IP packet sizes. Our classifier correctly identifies up to 97% of requests on a sample of 775 sites and over 300,000 real-world traffic dumps recorded over a two-month period. It outperforms previously known methods like Jaccard's classifier and Naïve Bayes that neglect packet frequencies altogether or rely on absolute frequency values, respectively. Our method is system-agnostic: it can be used against any PET without alteration. Closed-world results indicate that many popular single-hop and even multi-hop systems like Tor and JonDonym are vulnerable against this general fingerprinting attack.
Remote physical device fingerprinting by TCP timestamps
Abstract: The paper introduce the area of remote physical device fingerprinting, or fingerprinting a physical device, as opposed to an operating system or class of devices, remotely, and without the fingerprinted device's known cooperation. Example applications include: computer forensics, tracking (with some probability), counting the number of devices behind a NAT even when the devices use constant or random IP IDs and unanonymizing anonymized network traces.