150 likes | 302 Views
privacy and data mining part 2 4/12/2010. SOCIAL WEB MEDIA. A Primer on Information Theory and Privacy Peter Eckersley https://www.eff.org/deeplinks/2010/01/primer-information-theory-and-privacy Around 7 billion people on planet...
E N D
privacy and data mining part 2 4/12/2010 SOCIAL WEB MEDIA
A Primer on Information Theory and Privacy Peter Eckersley https://www.eff.org/deeplinks/2010/01/primer-information-theory-and-privacy Around 7 billion people on planet... gender, zip code and birth date is each partially identifying information combining these pieces of information is likely to get you a unique person if you can combine that info w/ a dataset tied to names or ssn then you can probably ID the individual
IP address - guess at zipcode by where they log in from? - track visits w/ “cookies” - image cache
IP address (WHOIS) 192.77.77.100 - track visits w/ “cookies” - image cache
USER AGENT STRING HTTP Protocol browser sends info about itself to server when making request http://www.useragentstring.com/
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6 tells website what browser version, operating system and version. (Can be used by developers to format content for different browsers.)
"if you pick a random person's browser, only one in 1,500 other Internet users will share their User Agent string."
type this into browser window: javascript:alert(navigator.userAgent) Panopticlick – EFF https://panopticlick.eff.org/ "I'M UNIQUE!!!"
If Javascript enabled server can even detect what fonts you have installed variety of plug-ins and screen sizes helps add identifying info phone browsers tend to be less uinique because less variables in plugins and screen sizes
could disable javascript but many sites require javascript to work correctly could toggle javascript but you don't always know when you need it Browser mfgs. could make data less sepcific or could provide two modes - specific and generalized
TOR software + network of virtual tunnels journalists whistleblowers dissidents those not wanting to reveal “socially sensitive” info about themselves – illnesses, victims of abuse https://www.torproject.org/index.html.en http://www.iusmentis.com/society/privacy/remailers/onionrouting/#OnionroutingwithTor
makes browsing slower “Tor anonymizes the origin of your traffic, and it encrypts everything between you and the Tor network and everything inside the Tor network, but it can't encrypt your traffic between the Tor network and its final destination. If you are communicating sensitive information, you should use as much care as you would on the normal scary Internet — use HTTPS or other end-to-end encryption and authentication.”
“While Tor blocks attackers on your local network from discovering or influencing your destination, it opens new risks: malicious or misconfigured Tor exit nodes can send you the wrong page, or even send you embedded Java applets disguised as domains you trust. Be careful opening documents or applications you download through Tor, unless you've verified their integrity.”