210 likes | 425 Views
Visualizing Privacy II. March 9, 2006 Janice Tsai. Outline. Visualizing privacy Anonymity Levels of Anonymity Usability Building a Successful Anonymity Network Wireless Privacy. Anonymity. Definition: The state of not being identifiable in the anonymity set (the crowd). Purpose:
E N D
Visualizing Privacy II March 9, 2006 Janice Tsai
Outline • Visualizing privacy • Anonymity • Levels of Anonymity • Usability • Building a Successful Anonymity Network • Wireless Privacy
Anonymity • Definition: The state of not being identifiable in the anonymity set (the crowd). • Purpose: • Protects user identity • Actions may be observed, but not linked back to the originator • Achieve privacy goals
Levels of Anonymity • Nymity - amount of information revealed • Verinymity • Pseudonymity • Linkable Anonymity • Unlinkable Anonymity • Examples of Each? I. Goldberg. A pseudonymous communications infrastructure for the internet. PhD thesis, University of California Berkeley, 2000.
Anonymity Tools • Proxy Services (Anonymizer.com) • E-mail Remailers • Type 0: anon.penet.fi • Type I: Cypherpunks Remailers • Type II: MixMaster • Type III: MixMinion • Nymservers • Mix Networks • Onion Routing
Attacks on Anonymity Networks • Some Simple Attacks on Anonymity • Single Points of Failure • Central Location Database • Traffic Analysis • Message Length • Timing Attacks • Others? • Legal Attacks
Usability for Security • Security involves collaboration • Usability risks • Insecure modes of operation • Optional • Inconvenient • Confusing • Badly labeled interface • Too many options • False sense of security
Usability for Anonymity • Anonymity involves collaboration • Anonymity networks • Distributed Trust Infrastructure • Independently controlled nodes • Path of traffic is called a circuit • Two Classes of Networks • High-Latency • Resist strong attacks • Tradeoff: Slow • Low-Latency • Fast(er) • Tradeoff: Susceptible to strong attacks
Usability for Anonymity • Goal: To solicit as many users as possible • Purpose: Create “cover traffic” • Solution: Normalization • Design default configurations to be secure and convenient. • Make it easy to use, but to use properly!
Building a Successful Network • Challenges • Starting up (Bootstrapping) • Attract low-end users • Create an aura of perceived usability • Create a Positive Public Perception • Diversity of user-base - Reputability • Lack of Reputability • Reduces sustainability • Attracts attackers
Examples • Mixminion and MIME • Anonymous email network • MIME: Multipurpose Internet Mail Extensions • Flexibility of MIME makes it easy to distinguish originating email system. • Weakness: • Susceptible to Traffic Analysis • Constricts users of certain email program • Solution: • Normalized as much as possible • Warn users about email program information leakage
Mixminion • Quick Glance: http://mixminion.net/ • First impression?
Java Anon Proxy (JAP) • Anonymous web browsing network • Allows users to choose entrance and exit node locations. • JAP Class Feedback http://anon.inf.tu-dresden.de/index_en.html
Wireless Privacy • Non-encrypted communications easily intercepted • Information intercepted: • Web searches (i.e. Google, MSN, Yahoo!) • Instant Messenger • Email • Online postings (Google Groups, Yahoo Groups)
Peripheral Notification Study • Objective: • Inform users about personal information leakage on the wireless network using a peripheral display. • Experiment: Capture traffic on CMU wireless network • Display high frequency “snippets” • Use a consistent font/text per person • Display word immediately • Protect the privacy of the user
Methods: • Selected a non-CS or engineering graduate workspace for the peripheral display. • Solicit participant from that workspace. • Displayed privacy notifications for a week. • Results: • IM/Network usage did not change significantly. • Several participants did become more self-conscious.
Mental Models: • Peripheral display = capture of IM words. • How could you better convey the problems, risk, and solutions? Discuss for 15 minutes in your groups.
Tools • Instant Messaging • OTR (Off The Record Messaging) http://www.cypherpunks.ca/otr/ • Google Mail • Use HTTPS instead of HTTP. https://mail.google.com/mail • General Web Traffic • VPN (Virtual Private Networking) http://www.cmu.edu/computing/documentation/VPN/index.html
Visualization of Privacy • What symbols indicate “Privacy”?