The Next Battleground for Mid-Size Businesses—Multi-Channel Customer Experience Analyst Webinar
Online Privacy, the next Battleground
-
Upload
sensepost -
Category
Technology
-
view
2.362 -
download
0
description
Transcript of Online Privacy, the next Battleground
Online Privacy, the next Battleground
Dominic White, SensePost
1
About Me • Dominic White
– Security guy talking about privacy
– Work: • Consulting @ SensePost • http://www.sensepost.com/blog/
– Academic • MSc Computer Security
– Personal • http://singe.za.net/ • @singe
2
3
Agenda
• What’s Changed
• Defining Privacy & Private Data
• Collecting Online Private Information
• Online Privacy Attacks
• Defences
What’s changed?
• Initial reactions were based on new technology to record and disseminate information
• Later reactions driven by active recording from governments and companies
• Today, many lives are no longer just recorded online, but lived online
4
Reactions to New Technology
“[Recent inventions] have invaded the sacred precincts of private and domestic life; and numerous mechanical devices threaten to make good the prediction that "what is whispered in the closet shall be proclaimed from the house-tops.“ Warren and Brandeis “The Right to Privacy”
1890
5
Total Information Awareness Post 9/11 project to: “[Create] enormous computer databases to
gather and store the personal information of everyone in the United States, including personal e-mails, social network analysis, credit card records, phone calls, medical records, and numerous other sources, without any requirement for a search warrant. Additionally, the program included funding for biometric surveillance technologies that could identify and track individuals using surveillance cameras, and other methods.”
6 https://secure.wikimedia.org/wikipedia/en/wiki/Information_Awareness_Office
Your Typical Day Plan Day
Check Mail
Plan Route
Doctor’s Appointment
Write Report
Phone a Friend
Visit Friends
Watch TV
Google Calendar
Gmail
Google Maps
Google Health
Google Docs
Google Voice
Google Latitude
YouTube
7
Follow the Money
The primary business model of today’s most successful corporation is the monetisation of the mass collection,
correlation & analysis of individual private data
8
Private Info Monetised • Acxiom – 750 billion pieces of information or 1 500 facts
on ½ billion people – Correlate ‘consumer’ info from signups, surveys, magazine
subscriptions – $1.38 billion turnover for 2008 FY
• Colligent – Actionable consumer research derived from social networks
• Rapleaf – 450 million social network profiles – Submit request and aggregated social network profiles returned
within a day • Phorm
– uses "behavioural keywords" - keywords derived from a combination of search terms, URLs and even contextual page analysis, over time - to find the right users.
9
10
Agenda
• What’s Changed
• Defining Privacy & Private Data
• Collecting Online Private Information
• Online Privacy Attacks
• Defences
What is Privacy • Privacy is misunderstood, undefined, arbitrary and
disregarded • Many people don’t care about online privacy, the few who do
are accused of extremism • Poor understanding of actual threats
• What do you think privacy is? – Secrecy,Concealment,Seclusion,Solitude,Confidentiality,Anonymity – Prejudicial Information – Personally Identifiable Information (PII) – Whatever you want
• Intuitionist approaches abound
11
Privacy in Philosophy
• No single answer • One century of philosophy and law summarized as:
1. Privacy as Control over Information 2. Privacy as Human Dignity 3. Privacy as Intimacy 4. Privacy as Social Relationships 5. Privacy as Restricted Access 6. Privacy as Plurality
12
Private Data Defined • Isn’t Privacy just Security applied to a data subset?
The “C” in CIA? • Keeping something private is not keeping something
secret • Implies access control & authorised use • Example:
– Credit card number used to pay for Pizza • Access control : employee at Pizzeria • Authorised use: pay for my order
– Privacy Violation • Employee shares number with fraudster • Company sells purchase detail to third party • Additional facts deduced through data mining
13
Aggregation, Correlation & Meta-Data
Online Privacy Leaks
White’s Taxonomy of Online Privacy Invasion
14
Application Data
Rich Browser Environments
Cross Site Tracking
Web Request
Application Stack Danger
Taxonomy | Web Request
• A single web request, e.g. an image on a website • One webpage is made of multiple requests
• What they can find out – Location (Latitude, Longitude, City, Country) – Language – Operating System & Browser used – What site you came from – Internet Service Provider – Have you been here before?
15
Web Request
Taxonomy | Cross Site Tracking
• Using cookies to track across computers and affiliated sites
• Cookie is stored on your computer and sent with every request
• Cookies usually associated with logon details
• What they can find out – Who you are – What sites you visit (affiliates) – Behavioral profiles
16
Cross Site Tracking
Advertisers Allowing Opt-Out • Acerno • Adtech • Advertising.com • AOL • Akamai • AlmondNet • Atlas • Microsoft • Audience Science • Blue Kai • Bluestreak
Source: www.dubfire.net/opt-out/
• Next Action • NexTag • Media 6 Degrees • Media Math • MindSet Media • Nielsen Online • Omniture • OpenX • PrecisionClick • Safecount • Question Market • Smart Adserver
17
• BrightRoll • BTBuckets • Collective Media • Cossette • Eyeblaster • Exelator • Fox Audience
Network • Google • Doubleclick • interCLICK • Lotame
• Tacoda Audience Networks
• Traffic Marketplace
• Tribal Fusion • Exponential • Turn • Undertone
Networks • Zedo • ValueClick • Mediaplex • [x+1]
Taxonomy | Rich Browser Environments
• Rich Web 2.0 Technologies – JavaScript / AJAX – Flash / Silverlight
• What they can find out – Browser history – Clipboard data – Key presses – Visual stimulus – Browser plug-ins – Desktop display preferences
18
Rich Browser Environments
CSS History Hack
available at http://singe.za.net/privacy/privacy.html modified from http://ha.ckers.org/weird/CSS-history.cgi stolen from http://blackdragon.jungsonnstudios.com/
19
Taxonomy | Application Data • Rich information inputs • Structured & unstructured data (previously only structured)
– Search requests – E-mails – Calendar items – Instant Message Communications
• What they can find out – Who you are – Who your friends are – What you’re doing on Sunday – Your interests
20
Application Data
Application Data Example
21
• Search logs • Far less information rich than e-mail • Or are they …
• “Anonymised” search logs released by AOL • AOL User 4417749
• Thelma Arnold • Lilburn, Georgia
Taxonomy | Aggregation, Correlation & Meta -Data • Combining the previous levels • Meta - Data – Include interactions with applications • Aggregation – combining the information from various
sources • Correlation – normalising entities across sources • Provides information you may not be aware of
– e.g. Advertising profile
• What they can find out – Social networks – Behavioural profiles – Psychological profiles – Deep databases
22
Aggregation, Correlation & Meta-
Data
23
Agenda
• What’s Changed
• Defining Privacy & Private Data
• Collecting Online Private Information
• Online Privacy Attacks
• Defences
Correlation Demo • Demo - How much information do you really leak publicly
– Name and Surname • Known aliases
– Contacts • Email addresses • Physical location / street address • Phone numbers
– Physical / Mobile – IM/Skype details
– Associations and memberships (social networks + real life) – Education – Employment history – Profiles of
• Family • Friends
24
Meta Data Demo
• Data you may not be aware of leaking • Complex insights into relationships available
• Social network example – Twitter – Facebook
25
26
Agenda
• What’s Changed
• Defining Privacy & Private Data
• Collecting Online Private Information
• Online Privacy Attacks
• Defences
Threat Information • Information leads to more information
– Don’t view info in isolation • Simple leaks become fixation points for correlation
– Just mentioning a child’s name… • Combining information leads to new, possibly undisclosed
information
• You leak more than you know • Don’t trust people based on their knowledge of you • View your disclosures as a whole (think correlation points) • Err on the side of caution, you can’t undo a leak
27
Defences • Connection
– MAC rotation – Secured Medium – Egress Firewall Filtering
• Network – VPN: Prevents local
disclosure, Easy to spot – Covert Channels: DNS, ICMP,
Steganography – Proxies – TOR
• Web Browser – SRWare – NoScript – CookieButton
• Applications – Don’t use if possible – Don’t Identify – Limit your disclosure – Limit public disclosure – Ensure authoritative source
• Correlation/Aggregation – Temporary Information (e.g.
Mailinator) – False Information (e.g.
FaceCloak) – Split Across Providers – Isolate cross-web invaders
• Plan for privacy breach! – Request removal, offload risk,
change details, muddy waters
29
QUESTIONS? Thanks to Paterva, Chris Sumner & Moxie Marlinspike
31