1 / 61

L12: Privacy Protecting Technologies

L12: Privacy Protecting Technologies. CSCI E-170 December 7, 2004 Simson L. Garfinkel. Agenda. HW6 – Grades sent out. (sorry for the delay) Projects – How are people doing? Privacy Protecting Technologies Course Evaluations In class or on the website. Technology: Value Neutral?.

libertyd
Download Presentation

L12: Privacy Protecting Technologies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. L12: Privacy Protecting Technologies CSCI E-170December 7, 2004Simson L. Garfinkel

  2. Agenda • HW6 – Grades sent out. (sorry for the delay) • Projects – How are people doing? • Privacy Protecting Technologies • Course Evaluations • In class or on the website

  3. Technology: Value Neutral? • Does technology, on average, help or hinder personal privacy?

  4. The Big Idea • We can use technology to improve privacy

  5. Privacy Protecting Tools for Web Browsing • Browser • pop-up blocking • Client Side: • Web proxy – works with anything • IE plug-in – “helper object” • Web Service: • Browser agnostic • You must trust the service!

  6. Browser protection • Safari and Mozilla provide: • pop-up blocking • Cookie Management • Demo; look at what’s offered

  7. Client-side Protection • Ad-Subtract • http://www.intermute.com/adsubtract/ • Bugnosis • http://www.bugnosis.org/ • SpoofGuard • http://crypto.stanford.edu/SpoofGuard/ • WebPwdHash • http://crypto.stanford.edu/PwdHash/

  8. Ad Subtract

  9. “Search Sanity”

  10. Advantages: Multiplatform Easy to debug Client/server Disadvantages: Doesn’t work with SSL Install footprint Need to parse HTML Ad Subtract: Client-Side Java Proxy

  11. Ad Blockers • Ad-Subtract • Junkbuster Proxy • Discussion?

  12. Bugnosis

  13. Features: Browser helper object Accesses HTTP & HTTPS Downloads updates Designed for journalists Bugnosis

  14. SpoofGuard • Browser plug-in (IE only) • Rule-based; “spamassassin for websites”

  15. SpoofGuard Controls • Not quite sure how to set these? You’re not alone

  16. SpoofGuard rules • Domain Name Check • http://www.paypai.com/ • URL check • http://www.paypai.com@123.123.123.123/ • Email Check • Arriving at a URL by email is bad • Password Field Check • Lower threshold for pages asking for passwords • Link Check • Suspicious links are links that have suspicious URLs • Image Check • Images on one website similar to those on another website • Password Tracking • Password at one website same as another website

  17. SpoofGuard URL Check

  18. SpoofGuard Image Check

  19. SpoofGuard Download • OpenSource - Good template for doing a browser plug-in • Internet Explorer only • http://crypto.stanford.edu/SpoofGuard/download.html Discussion?

  20. WebPwdHash • The problem: Users tend to use the same username & password at every site • The solution: Hash the password with the domain at the browser and send the hash to the remote website

  21. WebPwdHash • Advantages: • Each site gets a different password • Protects against phishing • Disadvantages: • Must trust the browser (doing that anyway) • Can’t run without the plug-in (unless you go to a remote website) • Users must “reset” all of their passwords • Doesn’t work with handhelds, cell phones, etc. Discussion?

  22. Privacy Protecting Web Services • Web Caches & Open Proxies • Remailers • Anonymizer • Anonymous Transport Services: • Freedom • Onion Routing • Anonymous Publishing Services

  23. Why use a privacy service? • Prevent tracing to your IP address • Get around a national, ISP, or business block • China • Saudi Arabia • Fidelity

  24. Mix-Nets • Anonymity Loves Company • Chaum’s mix-net scheme • 1 mix: you trust the mixer • More mixes -> Less Trust • Mixing needs to be in space and time

  25. Practical applications of mixers: • Anonymous Remailers • Anonymous Browsing • Anonymous Publishing

  26. Anonymous Remailers • Anonymous posting on Usenet • anon.penet.fi • Based in Finland • Operated by Julf Helsingius • 70,000 registered users; 10,000 messages/day • February 1995 – Church of Scientology demands the True Name of a nym an144108@anon.penet.fi • Revealed on February 8 to belong to tc@alumni.caltech.edu under order from Finish Court • (Information applied to the Finish court had apparently been somewhat misleading) • August 30 – After second court case, anon.penet.fi shut down • full details at www.xs4all.nl/~kspaink/cos/rnewman/anon/penet.html

  27. Craig’s List

  28. Key features of an anonymous remailer • Strips identity from messages passing through • Provides mapping of nyms to “true names” • But only if replies are important • Optional: • Mixing - only if traffic in and out is observable • Encryption – Prevents intermediaries from knowing what’s going on.

  29. Freedom / Onion Routing

  30. Web Caches: Less Sophisticated, but easier to use • No special software to install – support for caches is already built in. • Can work both ways – a cache can also monitor you.

  31. Web Caches cache-ntc-ah12.proxy.aol.com - - [10/May/2003:22:47:31 -0400] "GET /clips/1999.TR.LCS35-FountainOfIdeas.pdf HTTP/1.0" 200 65536 "http://aolsearch.aol.com/aol/search?query=fountain+ideas&page=2" "Mozilla/4.0 (compatible; MSIE 6.0; AOL 7.0; Windows NT 5.1; .NET CLR 1.0.3705)“ cache-ntc-ah12.proxy.aol.com - - [10/May/2003:22:47:39 -0400] "GET /clips/1999.TR.LCS35-FountainOfIdeas.pdf HTTP/1.1" 206 688128 "-" "Mozilla/4.0 (compatible; MSIE 6.0; AOL 7.0; Windows NT 5.1; .NET CLR 1.0.3705)“ cache-ntc-ah12.proxy.aol.com - - [10/May/2003:22:47:44 -0400] "GET /clips/1999.TR.LCS35-FountainOfIdeas.pdf HTTP/1.1" 206 1024 "-" "Mozilla/4.0 (compatible; MSIE 6.0; AOL 7.0; Windows NT 5.1; .NET CLR 1.0.3705)“ cache-ntc-ah12.proxy.aol.com - - [10/May/2003:22:47:47 -0400] "GET /clips/1999.TR.LCS35-FountainOfIdeas.pdf HTTP/1.1" 206 75 "-" "Mozilla/4.0 (compatible; MSIE 6.0; AOL 7.0; Windows NT 5.1; .NET CLR 1.0.3705)“

  32. Cache with anonymity

  33. Anonymizer

  34. Anonymizer.com rewrites URLs <td width=90 style='background:aqua; text-align:center; font:bold; font-family:Arial'> <a href='http://anon.free.anonymizer.com/http://www.simson.net/photos.php' title='Photos by and of Simson Garfinkel'> Photos </a> </td> <td width=90 style='background:lime; text-align:center; font:bold; font-family:Arial'> <a href='http://anon.free.anonymizer.com/http://www.simson.net/pubs.php' title='Publications, both academic and journalistic.'> Pubs </a> </td> <td width=90 style='background:magenta; text-align:center; font:bold; font-family:Arial'> <a href='http://anon.free.anonymizer.com/http://www.simson.net/projects.php' title='Current projects'> Projects </a> </td>

  35. Open Proxy • Like a cache, but no cache! • No logs (usually) • Anybody running an open proxy server • Also used by bad guys

  36. Unresolved Issues • How do you buy a book anonymously?

  37. Anonymous Publishing Services • anon.penet.fi was really about the right to anonymous publication on Usenet (1996) • The Eternity Service • Ross J. Anderson • http://www.cl.cam.ac.uk/users/rja14/eternity/eternity.html • Publius: • http://www.freehaven.net/anonbib/cache/publius.pdf • Waldman, Rubin & Cranor • Free Haven • KaZaA?

  38. Key Items Required for Anonymous Publishing Service • Server Management • Naming of Documents • Publishing • Updating • Deleting • Indexing • Payment

  39. Private Messaging • PGP – first generation • Hush Mail – web based • The Martus Project – application specific • Groove • Disappearing Ink (Omniva) – Deletion • c.f. Microsoft Rights Management System

  40. PGP • Add-on • Plug-in • S/MIME vs. OpenPGP • Political Baggage

  41. Hush Mail • Second-generation • Web-based • Java Crypto Client

  42. Hush Mail

  43. Hush Mail

  44. Hush Mail

  45. Hush Mail

  46. Hush Mail Interface

  47. HushMail Diagram

  48. Matrus • Closed system for filing human rights reports • Oriented around “bulletins” • Lots of clever ideas

More Related