Initial completion of The Web
Well that was quite an effort. And it is not done yet; see the checklist in notes.org. slides.org (The Web): Note deconstruction. notes.org: Update checklist. images/tp: Add third-party scripts for image downloadmaster
|
@ -1,25 +0,0 @@
|
|||
# Third-party image retrieval
|
||||
#
|
||||
# Licensed under the CC0 1.0 Universal license (public domain).
|
||||
##
|
||||
|
||||
images := sf-cameras.jpg alpr-mounted.png alpr-capture.png \
|
||||
alpr-pips.png
|
||||
|
||||
define imgfetch
|
||||
torify wget -O
|
||||
endef
|
||||
|
||||
all: $(images)
|
||||
|
||||
sf-cameras.jpg:
|
||||
$(imgfetch) "$@" 'https://cbssanfran.files.wordpress.com/2015/09/san_francisco_surveillance_cameras_092315.jpg'
|
||||
|
||||
alpr-mounted.png:
|
||||
$(imgfetch) "$@" 'https://www.eff.org/files/2015/10/20/paxton_and_spencer_.png'
|
||||
|
||||
alpr-capture.png:
|
||||
$(imgfetch) "$@" 'https://www.eff.org/files/2015/10/20/paxton_captures.png'
|
||||
|
||||
alpr-pips.png:
|
||||
$(imgfetch) "$@" 'https://www.eff.org/files/2015/10/15/pipscam9_redacted.png'
|
After Width: | Height: | Size: 16 KiB |
After Width: | Height: | Size: 71 KiB |
After Width: | Height: | Size: 159 KiB |
After Width: | Height: | Size: 100 KiB |
After Width: | Height: | Size: 110 KiB |
After Width: | Height: | Size: 122 KiB |
After Width: | Height: | Size: 103 KiB |
After Width: | Height: | Size: 137 KiB |
After Width: | Height: | Size: 34 KiB |
After Width: | Height: | Size: 37 KiB |
After Width: | Height: | Size: 118 KiB |
|
@ -0,0 +1,6 @@
|
|||
*
|
||||
!gen-makefile
|
||||
!remote-list
|
||||
!SHA256SUM
|
||||
!.gitignore
|
||||
|
|
@ -0,0 +1,17 @@
|
|||
8df6f6442bfb895e2d4d5d599d2d9a477405f590587f2a473c3e59a46d06b325 alpr-mounted.png
|
||||
4b0050a377af1fcd72f14863408eef44d40e7ba6fe31e2121ec7c3a51781a752 alpr-capture.png
|
||||
31597ba3731e6eccf2e68ae8b91ad25b2e6e4685814e723333d9ea1d2579b635 alpr-pips.png
|
||||
e7029f70524f420ef32044aeae8280434d5b03ddbab4e90188409a93597c0726 sf-cameras.jpg
|
||||
9edddcac31bbb09e4ba9f6fea5d36e5298ec65ce88d4c015121fc27edd466947 silverpush-logo.png
|
||||
cfda12117815c35bfc51266d9e8227b1645dcd5ffe054c4ae9922e75595f09b9 ga-dashboard.png
|
||||
d905d3b378daea4c002c873a4ad8192246959cb6df6fb470e29ade9f2b2354c9 piwik-dashboard.png
|
||||
95709a88b709740dfbc4a2c6d68941ec8ac8bfb2f289ddfcfeadd0677c47bf58 fb-like.png
|
||||
72b450aaaa6975645bb79b2345e4ec7178931a8c898ab0b183c2ef2f106a67a0 noscript.png
|
||||
2e4d5628d4f3f1baa20a8534631547c26f85492270d16eb836218e2f29c0535b privacy-badger.png
|
||||
9f38237f96b1cd9c945c55b084cd22aa51e9d210d2533f563be202433beaf3f6 ublock0.png
|
||||
1c4aafb7be008a99683d93acb92174cddb6d6e3fa5d882defed8a7173a114d5d sdcookies.png
|
||||
43c3548d0659cc769bd82c0ce681d21aa9120f7b15c49b77af0d19764621fb18 tor.png
|
||||
ee2c1e8325221cc5ae01b078930d7e74d447cec25cebeb18c0aaa1989994b918 tor-diagram.png
|
||||
f9600308d10debbc56e116087aa83a1ada126f3979f8b528228e1e89a87efd12 torbrowser.png
|
||||
4f231d937e622d9012706d57d5b0faa233f83d1e864db3b1b50d40d714aa8244 tails.png
|
||||
dce3dbf6572077dd495a9413ff11d7017d785142af85286a5ab51b7c7e4da728 whonix.png
|
|
@ -0,0 +1,51 @@
|
|||
#!/bin/bash
|
||||
# Generate Makefile for third-party image download
|
||||
#
|
||||
# Copyright (C) 2017 Mike Gerwitz
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
##
|
||||
|
||||
declare -r remote_file=remote-list
|
||||
|
||||
cat <<EOF
|
||||
### GENERATED BY gen-makefile ###
|
||||
|
||||
images := $( cut -d' ' -f1 "$remote_file" | tr '\n' ' ' )
|
||||
|
||||
.PHONY: all check clean
|
||||
|
||||
all: \$(images)
|
||||
SHA256SUM: \$(images)
|
||||
sha256sum \$(images) > \$@
|
||||
|
||||
check:
|
||||
sha256sum -c SHA256SUM
|
||||
|
||||
clean:
|
||||
\$(RM) \$(images)
|
||||
|
||||
EOF
|
||||
|
||||
while read out url convert; do
|
||||
dest="$out"
|
||||
|
||||
echo "$dest":
|
||||
printf "\ttorify wget -O %q %q\n" "$dest" "$url"
|
||||
|
||||
test -n "$convert" || continue
|
||||
|
||||
printf "\tmogrify %s %q\n" "$convert" "$dest"
|
||||
done < "$remote_file"
|
||||
|
|
@ -0,0 +1,17 @@
|
|||
alpr-mounted.png https://web.archive.org/web/20170318173251/https://www.eff.org/files/2015/10/20/paxton_and_spencer_.png
|
||||
alpr-capture.png https://web.archive.org/web/20170318173346/https://www.eff.org/files/2015/10/20/paxton_captures.png
|
||||
alpr-pips.png https://web.archive.org/web/20170318173427/https://www.eff.org/files/2015/10/15/pipscam9_redacted.png
|
||||
sf-cameras.jpg https://web.archive.org/web/20170318173846/https://cbssanfran.files.wordpress.com/2015/09/san_francisco_surveillance_cameras_092315.jpg
|
||||
silverpush-logo.png https://web.archive.org/web/20160623032522/http://1.bp.blogspot.com/-r9WGkxWE3RI/Vk9wK_RisSI/AAAAAAAAAy0/ZydFsogCrnc/s640/silverpush.png
|
||||
ga-dashboard.png https://web.archive.org/web/20170315055350/https://www.google.com/analytics/images/analytics/features/hero_1x.png -crop 580x370+115+35
|
||||
piwik-dashboard.png https://web.archive.org/web/20170310025254/https://piwik.org/wp-content/themes/piwik/assets/img/piwiklaptop.png -crop 730x520+225+85
|
||||
fb-like.png https://web.archive.org/web/20170318173942/https://upload.wikimedia.org/wikipedia/commons/thumb/5/54/Bot%C3%B3n_Me_gusta.svg/280px-Bot%C3%B3n_Me_gusta.svg.png-rotate 180
|
||||
noscript.png https://web.archive.org/web/20170317063210/https://noscript.net/noscript/logo.png
|
||||
privacy-badger.png https://web.archive.org/web/20170318014732/https://www.eff.org/sites/all/themes/badger/badger-stroke.png
|
||||
ublock0.png https://web.archive.org/web/20170318015725/https://raw.githubusercontent.com/gorhill/uBlock/master/doc/img/icon38@2x.png
|
||||
sdcookies.png https://web.archive.org/web/20170318020257/https://addons.cdn.mozilla.net/user-media/addon_icons/415/415846-64.png?modified=1477354818
|
||||
tor.png https://web.archive.org/web/20170318054354/https://www.torproject.org/images/tor-logo.jpg
|
||||
tor-diagram.png https://web.archive.org/web/20170318055957/https://www.torproject.org/images/htw2.png
|
||||
torbrowser.png https://web.archive.org/web/20170318161549/https://www.torproject.org/images/tb-lg.png -crop 185x135+0+0
|
||||
tails.png https://web.archive.org/web/20170318162345/https://tails.boum.org/lib/banner.png -crop 495x114+30+0
|
||||
whonix.png https://web.archive.org/web/20170318164321/https://upload.wikimedia.org/wikipedia/en/7/75/Whonix_Logo.png
|
358
sapsf.bib
|
@ -5,6 +5,20 @@
|
|||
urldate = {2017-03-08},
|
||||
}
|
||||
|
||||
@online{tor:tails,
|
||||
title = {Tails - Privacy for anyone anywhere},
|
||||
organization = {Tor Project},
|
||||
url = {https://tails.boum.org/},
|
||||
urldate = {2017-03-18},
|
||||
}
|
||||
|
||||
@online{whonix,
|
||||
title = {Whonix},
|
||||
organization = {Whonix},
|
||||
url = {https://www.whonix.org/},
|
||||
urldate = {2017-03-18},
|
||||
}
|
||||
|
||||
@online{whonix:donot,
|
||||
author = {Whonix},
|
||||
title = {DoNot},
|
||||
|
@ -486,7 +500,7 @@
|
|||
url = {https://ssrn.com/abstract=998565},
|
||||
urldate = {2017-03-13},
|
||||
annotation = {GWU Law School Public Law Research Paper No. 289},
|
||||
},
|
||||
}
|
||||
|
||||
@online{metro:goebbels,
|
||||
author = {Nagesh, Ashitha},
|
||||
|
@ -584,3 +598,345 @@
|
|||
urldate = {2017-03-14},
|
||||
annotation = {Telnet right into certain ALPRs.}
|
||||
}
|
||||
|
||||
@online{ftc:silver,
|
||||
author = {Mithal, Maneesha},
|
||||
title = {Sample Silverpush Letter},
|
||||
organization = {United States Federal Trade Commission,
|
||||
Bureau of Consumer Protection,
|
||||
Divison of Privacy and Identity Protection},
|
||||
url = {https://www.ftc.gov/system/files/attachments/press-releases/ftc-issues-warning-letters-app-developers-using-silverpush-code/160317samplesilverpushltr.pdf},
|
||||
urldate = {2017-03-14},
|
||||
annotate = {Sample letter template for Android developers using software
|
||||
created by the company Silvepush.}
|
||||
}
|
||||
|
||||
@online{wired:ultrasonic,
|
||||
author = {Newman, Lily Hay},
|
||||
title = {How to Block the Ultrasonic Signals You Didn’t Know Were Tracking
|
||||
You},
|
||||
organization = {Wired},
|
||||
date = {2016-11-03},
|
||||
url = {https://www.wired.com/2016/11/block-ultrasonic-signals-didnt-know-tracking/},
|
||||
urldate = {2017-03-14},
|
||||
}
|
||||
|
||||
@online{ubeacsec:paper,
|
||||
author = {Mavroudis, V.
|
||||
and Hao, S.
|
||||
and Fratantonio, Y.
|
||||
and Maggi, F.
|
||||
and Kruegel, C.
|
||||
and Vigna, G.},
|
||||
title = {The Ultrasound Tracking Ecosystem},
|
||||
indextitle = {Ultrasound Tracking Ecosystem, The},
|
||||
url = {http://ubeacsec.org/downloads/report.pdf},
|
||||
urldate = {2017-03-14},
|
||||
annotation = {Claims to be ``the first comprehensive security analysis''
|
||||
of this type of tracking.},
|
||||
}
|
||||
|
||||
@online{bleep:ultrasound-tor,
|
||||
author = {Cimpanu, Catalin},
|
||||
title = {Ultrasound Tracking Could Be Used To Deanonymize Tor Users},
|
||||
organization = {Bleeping Computer},
|
||||
date = {2017-01-03},
|
||||
url = {https://www.bleepingcomputer.com/news/security/ultrasound-tracking-could-be-used-to-deanonymize-tor-users/},
|
||||
urldate = {2017-03-14},
|
||||
}
|
||||
|
||||
@online{33c3:talk-behind,
|
||||
author = {Mavroudis, Vasillios
|
||||
and Maggi, Federico},
|
||||
title = {Talking Behind Your Back},
|
||||
subtitle = {On the Privacy \& Security of the Ultrasound Tracking
|
||||
Ecosystem},
|
||||
location = {33^{rd} Chaos Communication Congress},
|
||||
date = {2016-12-29},
|
||||
url = {https://media.ccc.de/v/33c3-8336-talking_behind_your_back},
|
||||
urldate = {2017-03-14},
|
||||
}
|
||||
|
||||
@online{ftc:xdt,
|
||||
title = {Cross-Device Tracking},
|
||||
organization = {Federal Trade Commission},
|
||||
location = {Constitution Center, 400 7^{th}~St~SW, Washington~DC 20024},
|
||||
date = {2015-11-16},
|
||||
url = {https://www.ftc.gov/news-events/events-calendar/2015/11/cross-device-tracking},
|
||||
urldate = {2017-03-15},
|
||||
}
|
||||
|
||||
@online{google:ga:features,
|
||||
title = {Marketing Data Analysis \& Reporting Features},
|
||||
organization = {Google},
|
||||
url = {https://www.google.com/analytics/analytics/features/},
|
||||
urldate = {2017-03-15},
|
||||
}
|
||||
|
||||
@online{w3techs:analytics,
|
||||
title = {Usage Stastics and Market Share of Traffic Analysis Tools for
|
||||
Websites},
|
||||
organization = {W3Techs},
|
||||
url = {https://w3techs.com/technologies/overview/traffic_analysis/all},
|
||||
urldate = {2017-03-15},
|
||||
}
|
||||
|
||||
@online{w3techs:google,
|
||||
author = {Gelbmann, Matthias},
|
||||
title = {Google can't track every click of your web surfing. Only most of
|
||||
them.},
|
||||
organization = {W3Techs},
|
||||
date = {2012-02-27},
|
||||
url = {https://w3techs.com/blog/entry/google_cant_track_every_single_click_of_your_web_surfing_only_most_of_them},
|
||||
urldate = {2017-03-15},
|
||||
}
|
||||
|
||||
@online{piwik,
|
||||
title = {Free Web Analytics Software},
|
||||
organization = {Piwik},
|
||||
url = {https://piwik.org/},
|
||||
urldate = {2017-03-15},
|
||||
}
|
||||
|
||||
@online{piwik:privacy,
|
||||
title = {Web Analytics Privacy in Piwik},
|
||||
organization = {Piwik},
|
||||
url = {https://piwik.org/privacy/},
|
||||
urldate = {2017-03-15},
|
||||
}
|
||||
|
||||
@online{mtg:gitlab-piwik,
|
||||
author = {Gerwitz, Mike},
|
||||
title = {Google Analytics Removed From GitLab.com Instance},
|
||||
date = {2016-01-24},
|
||||
url = {https://mikegerwitz.com/2016/01/Google-Analytics-Removed-from-GitLab.com-Instance},
|
||||
urldate = {2017-03-16},
|
||||
}
|
||||
|
||||
@online{w:fb-like-img,
|
||||
author = {Vt, Enoc},
|
||||
title = {File:Botón Me gusta.svg},
|
||||
date = {2011-10-09},
|
||||
url = {https://en.wikipedia.org/wiki/File:Bot\%C3\%B3n_Me_gusta.svg},
|
||||
urldate = {2017-03-16},
|
||||
}
|
||||
|
||||
@article{pnas:predict,
|
||||
author = {Kosinski, Michal
|
||||
and Stillwell, David
|
||||
and Graepel, Thore},
|
||||
title = {Private traits and attributes are predictable from digital
|
||||
records of human behavior},
|
||||
journal = {PNAS},
|
||||
volume = {110},
|
||||
pages = {5802-5805},
|
||||
doi = {10.1073/pnas.1218772110},
|
||||
date = {2013-02-12},
|
||||
url = {http://www.pnas.org/content/110/15/5802.full.pdf},
|
||||
urldate = {2017-03-16},
|
||||
}
|
||||
|
||||
@online{bloomberg:belgum-fb,
|
||||
author = {Bodoni, Stephanie
|
||||
and Martens, John},
|
||||
title = {Belgium Tells Facebook to Stop Storing Personal Data From
|
||||
Non-Users},
|
||||
organization = {Bloomberg},
|
||||
date = {2015-11-09},
|
||||
url = {https://www.bloomberg.com/news/articles/2015-11-09/facebook-told-to-stop-storing-personal-data-from-belgian-surfers},
|
||||
urldate = {2017-03-16},
|
||||
annotation = {Surely Facebook isn't doing such a thing. Wait: ``Facebook
|
||||
says it will appeal Belgian ruling to higher court''. Imagine that.}
|
||||
}
|
||||
|
||||
@online{w:behavioral-targeting,
|
||||
title = {Behavorial Tracking},
|
||||
organization = {Wikipedia},
|
||||
url = {https://en.wikipedia.org/wiki/Behavioral_targeting},
|
||||
urldate = {2017-03-16},
|
||||
}
|
||||
|
||||
@article{roosendaal:fb-like,
|
||||
author = {Roosendaal, Arnold},
|
||||
title = {Facebook Tracks and Traces Everyone: Like This!},
|
||||
journaltitle = {Tilburg Law School Legal Studies Research Paper Series},
|
||||
date = {2010},
|
||||
doi = {10.2139/ssrn.1717563},
|
||||
url = {https://papers.ssrn.com/sol3/papers.cfm?abstract_id=1717563},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{uld:fb,
|
||||
title = {ULD to website owners: ``Deactivate Facebook web analytics''},
|
||||
organization = {Unabh{\:a}ngiges Landeszentrum f{\:u}r Datenschutz
|
||||
Schleswig-Holstein},
|
||||
date = {2011-08-19},
|
||||
url = {https://www.datenschutzzentrum.de/presse/20110819-facebook-en.htm},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{eff:browser-uniqueness-blog,
|
||||
authors = {Eckersley, Peter},
|
||||
title = {Is Every Browser Unique? Results Fom The Panopticlick Experiment},
|
||||
organization = {Electronic Frontier Foundation},
|
||||
date = {2010-05-17},
|
||||
url = {https://www.eff.org/deeplinks/2010/05/every-browser-unique-results-fom-panopticlick},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{eff:browser-uniqueness,
|
||||
authors = {Eckersley, Peter},
|
||||
title = {How Unique Is Your Web Browser?},
|
||||
organization = {Electronic Frontier Foundation},
|
||||
date = {2010-05-17},
|
||||
url = {https://panopticlick.eff.org/static/browser-uniqueness.pdf},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{eff:panopti2,
|
||||
author = {Budington, Bill},
|
||||
title = {Panopticlick 2.0 Launches, Featuring New Tracker Protection and
|
||||
Fingerprinting Tests},
|
||||
organization = {Electronic Frontier Foundation},
|
||||
date = {2015-12-17},
|
||||
url = {https://www.eff.org/deeplinks/2015/12/panopticlick-20-launches-featuring-new-tracker-protection-and-fingerprinting-tests},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{mozilla:fingerprinting,
|
||||
title = {Fingerprinting - {MozillaWiki}},
|
||||
organization = {Mozilla},
|
||||
url = {https://wiki.mozilla.org/Fingerprinting},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{chromium:identification,
|
||||
author = {Janc, Artur
|
||||
and Zalewski, Michal},
|
||||
title = {Technical analysis of client identification mechanisms},
|
||||
organization = {Google},
|
||||
url = {https://sites.google.com/a/chromium.org/dev/Home/chromium-security/client-identification-mechanisms},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{tor:browser-design,
|
||||
author = {Perry, Mike
|
||||
and Clark, Erin
|
||||
and Murdoch, Steven
|
||||
and Koppen, Georg},
|
||||
title = {The Design and Implementation of the {Tor Browser}},
|
||||
organization = {Tor Project},
|
||||
date = {2017-03-10},
|
||||
url = {https://www.torproject.org/projects/torbrowser/design/},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{stanford:private-browsing,
|
||||
author = {Aggarwal, Gaurav,
|
||||
and Bursztein, Elie
|
||||
and Jackson, Collin
|
||||
and Boneh, Dan},
|
||||
title = {An Analysis of Private Browsing Modes in Modern Browsers},
|
||||
organization = {Stanford University},
|
||||
url = {https://crypto.stanford.edu/~dabo/pubs/papers/privatebrowsing.pdf},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{norte:tor-fingerprint,
|
||||
author = {Norte, Jose Carlos},
|
||||
title = {Advanced Tor Browser Fingerprinting},
|
||||
date = {2016-03-06},
|
||||
url = {http://jcarlosnorte.com/security/2016/03/06/advanced-tor-browser-fingerprinting.html},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{browserleaks,
|
||||
title = {{BrowserLeaks.com} - Web Browser Security Checklist for Identity
|
||||
Theft Protection},
|
||||
url = {https://browserleaks.com/},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@article{hardware-fingerprint,
|
||||
author = {Cao, Yinshi
|
||||
and Li, Song
|
||||
and Wijmans, Erik},
|
||||
title = {(Cross-)Browser Fingerprinting via OS and Hardware Level Features},
|
||||
date = {2017},
|
||||
doi = {10.14722/ndss.2017.23152},
|
||||
url = {http://yinzhicao.org/TrackingFree/crossbrowsertracking_NDSS17.pdf},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@article{ars:fingerprint,
|
||||
author = {Goodwin, Dan},
|
||||
title = {Now sites can fingerprint you online even when you use multiple
|
||||
browsers},
|
||||
subtitle = {Online tracking gets more accurate and harder to evade},
|
||||
organization = {Ars Technica},
|
||||
url = {https://arstechnica.co.uk/security/2017/02/now-sites-can-fingerprint-you-online-even-when-you-use-multiple-browsers/},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{mtg:rof,
|
||||
author = {Gerwitz, Mike},
|
||||
title = {Restore Online Freedom!},
|
||||
date = {2016-03-20},
|
||||
url = {https://media.libreplanet.org/u/libreplanet/collection/restore-online-freedom/},
|
||||
urldate = {2017-03-17},
|
||||
annotate = {My LibrePlanet 2017 talk about issues with an increasing
|
||||
non-free Web, as well as privacy and security implications
|
||||
of running untrusted, unsigned, ephemeral JavaScript
|
||||
code.}
|
||||
}
|
||||
|
||||
@online{noscript,
|
||||
title = {NoScript - {JavaScript}/{Java}/{Flash} blocker for a safer
|
||||
Firefox experience!},
|
||||
url = {https://noscript.net/},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{eff:privacy-badger,
|
||||
title = {Privacy Badger},
|
||||
organization = {Electronic Frontier Foundation},
|
||||
url = {https://www.eff.org/privacybadger},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{gh:ublock-origin,
|
||||
title = {uBlock Origin},
|
||||
subtitle = {An efficient blocker for {Chromium} and {Firefox}. Fast and
|
||||
lean.},
|
||||
url = {https://github.com/gorhill/uBlock},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{moz:sd-cookies,
|
||||
title = {Self-Destructing Cookies},
|
||||
url = {https://addons.mozilla.org/en-US/android/addon/self-destructing-cookies/},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{lp:2016:privacy-badger,
|
||||
author = {Quintin, Cooper},
|
||||
title = {Ending Online Tracking! Privacy Badger and Beyond!},
|
||||
organization = {Electronic Frontier Foundation},
|
||||
url = {https://media.libreplanet.org/u/libreplanet/m/ending-online-tracking-privacy-badger-and-beyond/},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@online{moz:lightbeam,
|
||||
title = {Lightbeam for Firefox},
|
||||
subtitle = {Shine a Light on Who's Watching You},
|
||||
organization = {Mozilla},
|
||||
url = {https://www.mozilla.org/en-US/lightbeam/},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
||||
@cite{tor:browser,
|
||||
title = {Tor Browser},
|
||||
organization = {Tor Project},
|
||||
url = {https://www.torproject.org/projects/torbrowser.html.en},
|
||||
urldate = {2017-03-17},
|
||||
}
|
||||
|
|
803
slides.org
|
@ -518,7 +518,7 @@ Cameras on streets to deter crime.
|
|||
|
||||
#+BEGIN_CENTER
|
||||
#+ATTR_LATEX: :height 1.25in
|
||||
[[./images/sf-cameras.jpg]]
|
||||
[[./images/tp/sf-cameras.jpg]]
|
||||
\incite{cbs:sf-smile}
|
||||
#+END_CENTER
|
||||
|
||||
|
@ -678,11 +678,11 @@ In fact,
|
|||
#+BEGIN_CENTER
|
||||
#+BEAMER: \only<1>{
|
||||
#+ATTR_LATEX: :height 1.5in
|
||||
[[./images/alpr-mounted.png]]\incite{eff:alpr}
|
||||
[[./images/tp/alpr-mounted.png]]\incite{eff:alpr}
|
||||
#+BEAMER: }
|
||||
#+BEAMER: \only<2>{
|
||||
#+ATTR_LATEX: :height 1.5in
|
||||
[[./images/alpr-capture.png]]\incite{eff:alpr}
|
||||
[[./images/tp/alpr-capture.png]]\incite{eff:alpr}
|
||||
#+BEAMER: }
|
||||
#+END_CENTER
|
||||
|
||||
|
@ -958,7 +958,7 @@ Even if you can't find a camera on this site,
|
|||
|
||||
#+BEGIN_CENTER
|
||||
#+ATTR_LATEX: :height 1.5in
|
||||
[[./images/alpr-pips.png]]\incite{eff:alpr}
|
||||
[[./images/tp/alpr-pips.png]]\incite{eff:alpr}
|
||||
#+END_CENTER
|
||||
|
||||
- John Matherly (Shodon author) noticed many web-accessible PIPS
|
||||
|
@ -1059,39 +1059,44 @@ If I'm off in the background when you take a picture of your friends in the
|
|||
#+END_COMMENT
|
||||
|
||||
|
||||
** LACKING The Web [0/6]
|
||||
*** DRAFT Introduction [0/1] :B_ignoreheading:
|
||||
** REVIEWED The Web [0/7]
|
||||
*** REVIEWED Introduction [0/1] :B_ignoreheading:
|
||||
:PROPERTIES:
|
||||
:BEAMER_env: ignoreheading
|
||||
:END:
|
||||
**** DRAFT Introduction :B_fullframe:
|
||||
**** REVIEWED Introduction :B_fullframe:
|
||||
:PROPERTIES:
|
||||
:BEAMER_env: fullframe
|
||||
:DURATION: 00:00:10
|
||||
:END:
|
||||
|
||||
- Much of our lives are no longer in the flesh
|
||||
- Or have some non-fleshy (virtual) analog
|
||||
#+BEGIN_CENTER
|
||||
\Huge Fleshy You $\Longleftrightarrow$ Virtual You
|
||||
#+END_CENTER
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
But you're not just tracked in the flesh.
|
||||
Much of what we do today is virtual.
|
||||
What better way to segue than to bridge the two?
|
||||
So, naturally, there are those that want to bridge them.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
*** LACKING Bridging the Gap [0/1]
|
||||
**** LACKING Ultrasound Tracking
|
||||
*** REVIEWED Bridging the Gap [0/3]
|
||||
**** REVIEWED FTC: They're Watching You :B_fullframe:
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:01
|
||||
:BEAMER_env: fullframe
|
||||
:DURATION: 00:00:30
|
||||
:END:
|
||||
|
||||
- <1-> How do you bridge that analog?
|
||||
- <2-> Particularly insidious example: ultrasound tracking
|
||||
- <2-> Correlates users across devices
|
||||
#+BEGIN_CENTER
|
||||
[[./images/ftc-silver.png]]\incite{ftc:silver}
|
||||
#+END_CENTER
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
This is a sample letter template from the FTC.
|
||||
It states: <read paragraph>.
|
||||
A challenge for advertisers is correlating users across multiple devices,
|
||||
and in the real world.
|
||||
and in the real world.
|
||||
|
||||
Let's say you saw a commercial for some product Foo on TV.
|
||||
And then you went online to research Foo.
|
||||
|
@ -1100,16 +1105,361 @@ And then you bought Foo.
|
|||
Sometimes commercials have you enter promo codes online to know that you
|
||||
arrived at the site from a TV commercial.
|
||||
Or give you a unique URL.
|
||||
|
||||
Others play inaudible sounds that are picked up by your mobile device or
|
||||
computer.
|
||||
|
||||
<...>
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
*** DRAFT Incentive to Betray [0/1]
|
||||
**** DRAFT Summary :B_fullframe:
|
||||
**** REVIEWED Ultrasound Tracking
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:15
|
||||
:END:
|
||||
|
||||
#+BEAMER: \only<1>{
|
||||
#+BEGIN_CENTER
|
||||
\cdots $\Longleftrightarrow$ TV $\Longleftrightarrow$
|
||||
Retail Store $\Longleftrightarrow$
|
||||
Mobile $\Longleftrightarrow$ Web $\Longleftrightarrow$ \cdots
|
||||
#+END_CENTER
|
||||
|
||||
- Correlates users across devices; airgap
|
||||
bridge\cite{ubeacsec:paper,wired:ultrasonic}
|
||||
- Inaudible to humans
|
||||
- Could deanonymize (e.g. Tor users)\cite{33c3:talk-behind,bleep:ultrasound-tor}
|
||||
#+BEAMER: }
|
||||
|
||||
#+BEAMER: \only<2>{
|
||||
#+BEGIN_CENTER
|
||||
[[./images/tp/silverpush-logo.png]]
|
||||
#+END_CENTER
|
||||
|
||||
#+BEGIN_QUOTE
|
||||
``Silverpush could generate a detailed log of the television
|
||||
content viewed while a user’s mobile phone was
|
||||
turned\nbsp{}on.''\cite{ftc:silver}
|
||||
#+END_QUOTE
|
||||
#+BEAMER: }
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Others play inaudible sounds that are picked up by your mobile device or
|
||||
computer.
|
||||
|
||||
This has other serious implications.
|
||||
There are concerns, for example, about this method being able to be used to
|
||||
deanonymize Tor users.
|
||||
|
||||
In that letter, FTC mentions Silverpush by name.
|
||||
There are other companies too;
|
||||
see the references.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
**** REVIEWED Ultrasound Cross-Device Tracking (uXDT)
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:45
|
||||
:END:
|
||||
|
||||
- <1-> Termed ``Ultrasound Cross-Device Tracking''
|
||||
(uXDT)\cite{bleep:ultrasound-tor,ftc:xdt}
|
||||
- <1-> Mitigations?
|
||||
- <2-> SilverDog is a Chromium addon to filter HTML5 audio\cite{ubeacsec:paper}
|
||||
- <3-> Researchers propose Android permission system change
|
||||
- <4-> Don't install software that keep secrets (proprietary)
|
||||
- <5-> Don't run untrusted code on websites (use e.g. NoScript)
|
||||
- <6-> Turn off your device when not in use
|
||||
- <6-> Keep device away from other media
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
This is termed ``Ultrasound Cross-Device Tracking'',
|
||||
or simply ``Cross-Device Tracking''.
|
||||
How do you go about mitigating this type of threat?
|
||||
|
||||
Well, researchers studying this issue wrote SilverDog,
|
||||
a Chromium addon to filter HTML5 audio to remove ultrasonic frequencies.
|
||||
That doesn't help with TorBrowser, though, which is FF-based.
|
||||
The reserachers also propose a change to the Android permission system for
|
||||
audio.
|
||||
|
||||
This type of thing only works when you're keeping some serious secrets.
|
||||
That's easy to do with proprietary software.
|
||||
Much riskier to do (but not impossible) with free software.
|
||||
For websites, don't run untrusted JavaScript code;
|
||||
block it with an addon like NoScript.
|
||||
We'll get into that in a little bit.
|
||||
|
||||
You can also turn off the device when not in use,
|
||||
and maybe keep it away from other media.
|
||||
This is far from the only mobile threat;
|
||||
you may want to take precautions for other things anyway.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
*** REVIEWED Analytics [0/4]
|
||||
**** REVIEWED Introduction :B_fullframe:
|
||||
:PROPERTIES:
|
||||
:BEAMER_env: fullframe
|
||||
:DURATION: 00:00:15
|
||||
:END:
|
||||
|
||||
#+BEGIN_CENTER
|
||||
#+BEAMER: \only<1-3>{\Huge Data Analytics}
|
||||
|
||||
#+BEAMER: \only<2-3>{\LARGE (Building User Profiles)}
|
||||
|
||||
#+BEAMER: \only<3>{\large (Tracking)}
|
||||
|
||||
#+BEAMER: \only<4->{\Huge Spyware}
|
||||
|
||||
#+BEAMER: \only<5>{\LARGE (With Science)}
|
||||
#+END_CENTER
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
This all leads into a larger subject called ``data analytics''.
|
||||
|
||||
Which is really just building, analyzing, and aggregating user profiles.
|
||||
|
||||
Which is generally called tracking.
|
||||
|
||||
...which we usually just call spyware.
|
||||
But this has science!
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
**** REVIEWED Trackers
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:15
|
||||
:END:
|
||||
|
||||
- <1-> Website owners want to know what their visitors are doing
|
||||
- <1-> That in itself isn't an unreasonable concept
|
||||
- <2-> Methods and data define the issue
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Website owners want to know what their visitors are doing.
|
||||
That in itself isn't an unreasonable thing, broadly speaking,
|
||||
but how you go about it and what types of data you collect
|
||||
defines the issue.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
**** REVIEWED Google Analytics
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:30
|
||||
:END:
|
||||
|
||||
***** GA Dashboard
|
||||
:PROPERTIES:
|
||||
:BEAMER_col: 0.45
|
||||
:END:
|
||||
|
||||
#+BEGIN_CENTER
|
||||
#+BEAMER: \only<1>{
|
||||
#+ATTR_LATEX: :height 1.5in
|
||||
[[./images/tp/ga-dashboard.png]]
|
||||
|
||||
\incite{google:ga:features}
|
||||
#+BEAMER: }
|
||||
#+BEAMER: \only<2>{
|
||||
[[./images/analytics-usage.png]]
|
||||
\incite{w3techs:analytics}
|
||||
#+BEAMER: }
|
||||
#+END_CENTER
|
||||
|
||||
***** Description
|
||||
:PROPERTIES:
|
||||
:BEAMER_col: 0.45
|
||||
:END:
|
||||
|
||||
- <1-> User location, screen resolution, time on page, heatmap,
|
||||
etc\cite{w:behavioral-targeting}
|
||||
- <1-> Unique identifier assigned
|
||||
- <1-> Fine-grained reporting for site owner
|
||||
- <2-> Knows many sites user visited across Web\cite{w3techs:google}
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Take Google Analytics for example.
|
||||
It is one of the most widely distributed spyware programs in the world.
|
||||
|
||||
It collects a variety of user data.
|
||||
A lot of it really is what website owners want to know:
|
||||
geography, screen resolution, time on the page, heatmaps, etc.
|
||||
Except...
|
||||
|
||||
And all of this is known to Google.
|
||||
And because services like GA, AdWords, etc are so widely used,
|
||||
all of this can be used to identify users across the entire web.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
**** REVIEWED Piwik
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:30
|
||||
:END:
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
If you must track your users, consider using Piwik, which you can host
|
||||
yourself.
|
||||
This means that your visitor data aren't stored and accessible by Google or
|
||||
other companies.
|
||||
Pwik has some user privacy settings to anonymize, remove logs, respect DNT,
|
||||
provide opt-out, etc.
|
||||
It also gives website owners some privacy by not leaking paths and other
|
||||
information about the website:
|
||||
#+END_COMMENT
|
||||
|
||||
***** Dashboard
|
||||
:PROPERTIES:
|
||||
:BEAMER_col: 0.65
|
||||
:END:
|
||||
|
||||
#+BEGIN_CENTER
|
||||
[[./images/tp/piwik-dashboard.png]]
|
||||
|
||||
\incite{piwik}
|
||||
#+END_CENTER
|
||||
|
||||
|
||||
***** Description
|
||||
:PROPERTIES:
|
||||
:BEAMER_col: 0.35
|
||||
:END:
|
||||
|
||||
- <2-> Data on **your own servers**\cite{mtg:gitlab-piwik}
|
||||
- <2-> Visitor privacy settings\cite{piwik:privacy}
|
||||
- <2-> Privacy as a site owner
|
||||
|
||||
|
||||
*** REVIEWED Social Networking
|
||||
**** REVIEWED Like Buttons
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:30
|
||||
:END:
|
||||
|
||||
#+BEGIN_CENTER
|
||||
#+ATTR_LATEX: :height 1.5in
|
||||
[[./images/tp/fb-like.png]]\incite{w:fb-like-img}
|
||||
#+END_CENTER
|
||||
|
||||
- <2-> Infecting the Web with trackers under guise of
|
||||
community\cite{pnas:predict,w:behavioral-targeting,uld:fb}
|
||||
- <2-> Tracks regardless of whether you are logged in to Facebook
|
||||
\cite{bloomberg:belgum-fb,roosendaal:fb-like}
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Another popular example are "like buttons" and similar little widgets that
|
||||
websites like Facebook offer.
|
||||
It might help get the word out about your stuff,
|
||||
but please don't fall into the trap of betraying your visitors.
|
||||
Please don't fall into the trap of clicking it, either---
|
||||
it's easy to infer a great deal of information about you from what you
|
||||
"like".
|
||||
|
||||
If a user is logged into Facebook,
|
||||
then Facebook now knows that they visited that website,
|
||||
_even if they don't click on the button_.
|
||||
|
||||
But even if you don't have a Facebook account,
|
||||
you are still being tracked.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
*** REVIEWED Fingerprinting [0/3]
|
||||
**** REVIEWED Summary :B_fullframe:
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:15
|
||||
:END:
|
||||
#+BEGIN_CENTER
|
||||
\Huge Fingerprinting
|
||||
#+END_CENTER
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
These methods are part of a broader topic called ``fingerprinting''.
|
||||
It's just what it sounds like:
|
||||
uniquely identify users online.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
**** REVIEWED EFF Research :B_fullframe:
|
||||
:PROPERTIES:
|
||||
:BEAMER_env: fullframe
|
||||
:DURATION: 00:00:20
|
||||
:END:
|
||||
|
||||
#+BEGIN_CENTER
|
||||
#+BEAMER: \only<1>{
|
||||
EFF Research, 2010:\cite{eff:browser-uniqueness-blog,eff:browser-uniqueness}
|
||||
|
||||
#+BEGIN_QUOTE
|
||||
``In our analysis of anonymized data from around half a million distinct
|
||||
browsers, 84% had unique configurations. Among browsers that had Flash or
|
||||
Java installed, 94% were unique, and only 1% had fingerprints that were seen
|
||||
more than twice.''
|
||||
#+END_QUOTE
|
||||
#+BEAMER: }
|
||||
#+BEAMER: \only<2>{
|
||||
That was seven years ago.
|
||||
|
||||
You're really screwed today.*
|
||||
|
||||
#+BEGIN_LATEX
|
||||
\incite{eff:panopti2,eff:browser-uniqueness,mozilla:fingerprinting,%
|
||||
chromium:identification,tor:browser-design,stanford:private-browsing,%
|
||||
norte:tor-fingerprint,browserleaks,ars:fingerprint,hardware-fingerprint}
|
||||
#+END_LATEX
|
||||
#+BEAMER: }
|
||||
#+END_CENTER
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Back in 2010,
|
||||
the EFF released a paper with results from their fingerprinting research
|
||||
project Panopticlick.
|
||||
Back then,
|
||||
they had an 84% success rate;
|
||||
even higher with Flash and Java.
|
||||
|
||||
But we ain't in 2010 anymore.
|
||||
We have options.
|
||||
Very creative ones.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
**** REVIEWED Alarmingly Effective
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:40
|
||||
:END:
|
||||
|
||||
- Panopticlick (EFF)\cite{panopti:about}
|
||||
- User Agent, cookies, screen resolution, fonts, language, session storage,
|
||||
canvas, WebGL, ad blocker, audio, keystrokes, mouse movement, \ldots
|
||||
- Can even track separate browsers on the same
|
||||
hardware\cite{hardware-fingerprint,ars:fingerprint}
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Fingerprinting is alarmingly effective.
|
||||
We don't have time to get into much detail on how it works;
|
||||
I provided plenty of resources for that.
|
||||
But there are some interesting ones.
|
||||
|
||||
We don't just have to rely on basic browser-provied information like user
|
||||
agent, fonts, and cookies anymore.
|
||||
How about tracking how the user moves her mouse and scrolls?
|
||||
What about keystroke analysis?
|
||||
Random noise from audio?
|
||||
Time of CPU-intensive tasks like rendering 3D elements?
|
||||
|
||||
Some of these methods are hardware-based.
|
||||
They can fingerprint even if the user opens a different browser,
|
||||
or maybe even a different operating system,
|
||||
on the same box.
|
||||
|
||||
Some are behavioral.
|
||||
Keystroke patterns will persist wherever the user goes.
|
||||
|
||||
We'll get into some defenses in a bit.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
|
||||
*** REVIEWED Incentive to Betray [0/2]
|
||||
**** REVIEWED Summary :B_fullframe:
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:30
|
||||
:BEAMER_env: fullframe
|
||||
|
@ -1128,121 +1478,230 @@ Incentives to betray users.
|
|||
Many websites make money through advertising.
|
||||
It can be lucrative.
|
||||
And it's _easy_ to do.
|
||||
|
||||
Others get addicted to attention and praise.
|
||||
|
||||
Others simply want to know what their visitors are doing on their website.
|
||||
|
||||
Most website owners don't think or know about these issues.
|
||||
They're unknowing pawns in the Web of surveillance.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
*** LACKING Analytics [0/2]
|
||||
**** LACKING Trackers
|
||||
**** DRAFT Web of Surveillance :B_fullframe:
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:01
|
||||
:BEAMER_env: fullframe
|
||||
:END:
|
||||
|
||||
- <1-> Website owners want to know what their visitors are doing
|
||||
- <1-> That in itself isn't an unreasonable concept
|
||||
- <2-> Methods and data define the issue
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Site analytics is another issue.
|
||||
Website owners want to know what their visitors are doing.
|
||||
That in itself isn't an unreasonable thing broadly speaking,
|
||||
but how you go about it and what types of data you collect
|
||||
defines the issue.
|
||||
|
||||
Take Google Analytics for example.
|
||||
A very popular proprietary analytics service.
|
||||
It is one of the most widely distributed malware programs in the world.
|
||||
|
||||
<<examples of how GA tracks>>
|
||||
|
||||
And all of this is known to Google.
|
||||
All of this can be used to identify users across the entire web.
|
||||
|
||||
<<list others>>
|
||||
|
||||
If you must track your users, consider using Piwik, which you can host
|
||||
yourself.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
**** DRAFT Like Buttons
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:01
|
||||
:END:
|
||||
|
||||
- <1-> Services encourage use of "like" buttons and such
|
||||
- <1-> Infecting the web with trackers under the guise of community
|
||||
- <2-> **Use Privacy Badger**
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Another popular example are "like buttons" and similar little widgets that
|
||||
websites like Facebook offer.
|
||||
If a user is logged into Facebook,
|
||||
then Facebook now knows that they visited that website,
|
||||
_even if they don't click on the button_.
|
||||
|
||||
But even if you don't have a Facebook account,
|
||||
information is being leaked to them
|
||||
you are still being tracked.
|
||||
|
||||
Addons like Privacy Badger will block these.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
*** LACKING Fingerprinting [0/3]
|
||||
**** DRAFT Summary :B_fullframe:
|
||||
#+BEGIN_CENTER
|
||||
Browser Fingerprinting
|
||||
#+BEAMER: \only<1>{
|
||||
#+ATTR_LATEX: :height 2.5in
|
||||
[[./images/lightbeam-ex.png]]
|
||||
|
||||
\incite{moz:lightbeam}
|
||||
#+BEAMER: }
|
||||
#+BEAMER: \only<2>{
|
||||
#+ATTR_LATEX: :height 2.5in
|
||||
[[./images/lightbeam-ex-good.png]]
|
||||
|
||||
(After mitigations)
|
||||
#+BEAMER: }
|
||||
#+END_CENTER
|
||||
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
And I do mean a Web of surveillance.
|
||||
|
||||
This is LightBeam.
|
||||
It's an addon for Firefox that graphs first- and third-party sites that you
|
||||
visit,
|
||||
providing you with a visualization of the Web that's hidden from most
|
||||
users.
|
||||
I created a new FF profile and installed the addon;
|
||||
none of my privacy settings or other addons I'm used to.
|
||||
You can see at the top that I visited five websites:
|
||||
Washington Post, NY Times from Google, Guargian, and---which you can't see
|
||||
here because they're actually disjoint from this graph---The Intercept.
|
||||
Good for them!
|
||||
And yet,
|
||||
it hit /86/ third party sites!
|
||||
NYT alone connected to 47 different third parties!
|
||||
|
||||
I was blown away.
|
||||
|
||||
|
||||
Some of these are trackers.
|
||||
Some of them are remotely hosted scripts and fonts and media.
|
||||
|
||||
So let me show you what I'm used to seeing.
|
||||
This is what happens when I try to mitigate some of these threats.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
*** REVIEWED Mitigations & Anonymity [0/8]
|
||||
**** REVIEWED Summary :B_fullframe:
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:05
|
||||
:BEAMER_env: fullframe
|
||||
:END:
|
||||
|
||||
#+BEGIN_CENTER
|
||||
\Huge How Do We Mitigate?
|
||||
#+END_CENTER
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
These methods are part of a broader topic called "browser fingerprinting".
|
||||
It's just what it sounds like:
|
||||
uniquely identify users online.
|
||||
So how do we do that?
|
||||
|
||||
Well, it depends on your threat model,
|
||||
but let's start with the easy stuff.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
**** LACKING Alarmingly Effective
|
||||
**** REVIEWED Disable the Damn JavaScript!
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:03
|
||||
:BEAMER_env: fullframe
|
||||
:DURATION: 00:00:45
|
||||
:END:
|
||||
|
||||
- Panopticlick (EFF)\cite{panopti:about}
|
||||
- JavaScript opens up a world of possibilities
|
||||
- Clearing cookies et al. won't always help
|
||||
- Can even track separate browsers on the same box
|
||||
#+BEGIN_CENTER
|
||||
#+ATTR_LATEX: :height 1.5in
|
||||
[[./images/tp/noscript.png]]
|
||||
#+END_CENTER
|
||||
|
||||
#+BEAMER: \only<2-3>{
|
||||
- <2-3> Preempt most sophisticated and damning fingerprinting methods
|
||||
- <2-3> Stop hardware profiling
|
||||
- <2-3> Stop keystroke/mouse analysis
|
||||
- <3> Remember those audio beacons?\cite{bleep:ultrasound-tor}
|
||||
#+BEAMER: }
|
||||
#+BEAMER: \only<4-5>{
|
||||
- <4-> Running arbitrary untrusted, unsigned, ephemeral code
|
||||
(/also\nbsp{}from many third parties/)\cite{mtg:rof}
|
||||
- <4-> /Restore Online Freedom!/ (My LibrePlanet 2016 talk)
|
||||
- <5-> LibreJS blocks non-free, but free doesn't mean free of malice
|
||||
#+BEAMER: }
|
||||
#+BEAMER: \only<6>{
|
||||
- NoScript blocks JavaScript based on URL patterns\cite{noscript}
|
||||
- /Warning:/ Allows some sites by default!
|
||||
- Also blocks media and fonts; provides XSS and clickjacking prevention
|
||||
#+BEAMER: }
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
It's alarmingly effective.
|
||||
Okay, I can't say this enough.
|
||||
Disable the damn JavaScript!
|
||||
The Web isn't broken without it,
|
||||
they're breaking the web /with/ it!
|
||||
I write a lot of JavaScript for a living.
|
||||
My GNU project is ease.js, which is a JavaScript library.
|
||||
And yet,
|
||||
/I do not allow JavaScript to run 99% of the time!/.
|
||||
Even on most websites I trust.
|
||||
Some people run LibreJS.
|
||||
But note that free software doesn't mean free of malice.
|
||||
|
||||
Some methods allow fingerprinting even if the user uses multiple browsers
|
||||
and takes care to clear all session data.
|
||||
They can do this by effectively breaking out of the browser's sandbox by
|
||||
doing operations that depend heavily on specifics of users' hardware.
|
||||
It's probably obvious from the logo that I'm talking about the NoScript
|
||||
extension.
|
||||
It does more than just block JS---
|
||||
it also blocks media, custom fonts, prevents against certain types of XSS
|
||||
and clickjacking attacks, and more.
|
||||
If you don't know what XSS and clickjacking is, that's okay.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
**** DRAFT User Agent
|
||||
- <1-> User agents can leak a lot of information
|
||||
- <1-> ~18 bits in my browser on GNU/Linux, 1/~250,000
|
||||
- <2-> Tor Browser\cite{panopti:about}
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Your browser's user agent is a string that it sends with every request
|
||||
identifying itself and some of its capabilities.
|
||||
It can be surprisingly unique.
|
||||
When I tested a Firefox browser on GNU/Linux,
|
||||
I was unique out of nearly 250,000 users.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
*** DRAFT Anonymity [0/4]
|
||||
**** DRAFT Summary :B_fullframe:
|
||||
**** REVIEWED LightBeam NoScript :B_fullframe:
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:01
|
||||
:BEAMER_env: fullframe
|
||||
:DURATION: 00:00:15
|
||||
:END:
|
||||
|
||||
#+BEGIN_CENTER
|
||||
#+BEAMER: \only<1>{
|
||||
#+ATTR_LATEX: :height 2.5in
|
||||
[[./images/lightbeam-ex.png]]
|
||||
|
||||
(Before NoScript)
|
||||
#+BEAMER: }
|
||||
#+BEAMER: \only<2>{
|
||||
#+ATTR_LATEX: :height 2.5in
|
||||
[[./images/lightbeam-ex-noscript.png]]
|
||||
|
||||
(After NoScript)
|
||||
#+BEAMER: }
|
||||
#+END_CENTER
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
So this was our graph before NoScript.
|
||||
|
||||
And here it is after disabling scripts.
|
||||
Without any other mitigations.
|
||||
|
||||
Obviously results will vary depending on the website.
|
||||
|
||||
We're going to get back to JS soon.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
**** REVIEWED Block Ads and Trackers
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:40
|
||||
:END:
|
||||
#+BEGIN_CENTER
|
||||
#+ATTR_LATEX: :height 0.75in
|
||||
[[./images/tp/privacy-badger.png]]
|
||||
#+ATTR_LATEX: :height 0.75in
|
||||
[[./images/tp/ublock0.png]]
|
||||
#+ATTR_LATEX: :height 0.75in
|
||||
[[./images/tp/sdcookies.png]]
|
||||
#+END_CENTER
|
||||
|
||||
- /Privacy Badger/ blocks trackers\cite{eff:privacy-badger,lp:2016:privacy-badger}
|
||||
- /uBlock_0/ filters (primarily) ads\cite{gh:ublock-origin}
|
||||
- /Self-Destructing Cookies/ clears cookies and
|
||||
LocalStorage\cite{moz:sd-cookies}
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
The issue surrounding Ad Blockers is framed such that we're waging war
|
||||
against advertisers.
|
||||
No---they're waging war against /us/.
|
||||
|
||||
You'll find that the bulk of what these addons for Firefox browsers handle
|
||||
is related to ad networks.
|
||||
Privacy Badger works to block sites that appear to be tracking you.
|
||||
Cooper Quintin---developer of Privacy Badger---gave a great talk last year
|
||||
here at LP; go check it out.
|
||||
uBlock Origin describes itself as a ``wide-spectrum blocker'',
|
||||
but it serves primarily as an ad blocker.
|
||||
Self-Destructing cookies clears out a site's cookies and LocalStorage once a
|
||||
tab is closed.
|
||||
There may be better options out there;
|
||||
this seems to be useful for me.
|
||||
|
||||
I don't have time to go into technical details, unfortunately.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
**** REVIEWED Anonymity :B_fullframe:
|
||||
:PROPERTIES:
|
||||
:BEAMER_env: fullframe
|
||||
:DURATION: 00:00:15
|
||||
:END:
|
||||
|
||||
#+BEGIN_CENTER
|
||||
#+BEAMER: \only<1>{
|
||||
#+BEAMER: {\Huge Anonymity}
|
||||
|
||||
\bigskip
|
||||
Origin is unknown to server; no unique identifier known
|
||||
by\nbsp{}server\incite{whonix:donot}
|
||||
#+BEAMER: }
|
||||
#+BEAMER: \only<2>{
|
||||
#+BEAMER: {\Huge Pseudonymity}
|
||||
|
||||
\bigskip
|
||||
Origin is unknown to server; unique identifier /is\nbsp{}available/
|
||||
to\nbsp{}server\incite{whonix:donot}
|
||||
#+BEAMER: }
|
||||
#+END_CENTER
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Another way is to be anonymous or pseudononymous.
|
||||
In the latter case,
|
||||
|
@ -1253,22 +1712,17 @@ In the former case,
|
|||
current session.
|
||||
#+END_COMMENT
|
||||
|
||||
***** Anonymity
|
||||
Origin is unknown to server; no unique identifier known by
|
||||
server\incite{whonix:donot}
|
||||
|
||||
***** Pseudonymity
|
||||
Origin is unknown to server; unique identifier /is available/ to
|
||||
server\incite{whonix:donot}
|
||||
|
||||
|
||||
**** DRAFT IANAAE :B_fullframe:
|
||||
**** REVIEWED IANAAE :B_fullframe:
|
||||
:PROPERTIES:
|
||||
:BEAMER_env: fullframe
|
||||
:DURATION: 00:00:10
|
||||
:END:
|
||||
|
||||
#+BEGIN_CENTER
|
||||
IANAAE (I Am Not An Anonymity Expert)
|
||||
#+BEAMER: {\Huge IANAAE}
|
||||
|
||||
(I Am Not An Anonymity Expert)
|
||||
#+END_CENTER
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
|
@ -1281,52 +1735,103 @@ I provide a number of resources to get you started.
|
|||
#+END_COMMENT
|
||||
|
||||
|
||||
**** DRAFT The Tor Network
|
||||
**** REVIEWED The Tor Network
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:01
|
||||
:DURATION: 00:00:30
|
||||
:END:
|
||||
|
||||
- The Onion Router (Tor)\cite{tor}
|
||||
- Helps defend against traffic analysis
|
||||
- (Routing image)
|
||||
#+BEGIN_CENTER
|
||||
#+BEAMER: \only<1>{
|
||||
#+ATTR_LATEX: :height 1in
|
||||
[[./images/tp/tor.png]]
|
||||
#+BEAMER: }
|
||||
#+BEAMER: \only<2>{
|
||||
[[./images/tp/tor-diagram.png]]
|
||||
#+BEAMER: }
|
||||
#+END_CENTER
|
||||
|
||||
- <1> The Onion Router (Tor)\cite{tor}
|
||||
- <1> Helps defend against traffic analysis
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Most here have probably heard of Tor.
|
||||
Its purpose is to protect against certain kinds of traffic analysis.
|
||||
|
||||
"Tor" stands for "The Onion Router",
|
||||
which describes how it relays data through the Tor network.
|
||||
|
||||
The packet is routed through a number of servers,
|
||||
encrypted with the public key of each server such that the first hop
|
||||
strips off the first layer and so on.
|
||||
strips off the first layer and so on,
|
||||
like an onion.
|
||||
The exit node reveals the packet and delivers it to the destination,
|
||||
then begins relaying the reply back to through the network to the user.
|
||||
then begins relaying the reply back to through the network to the
|
||||
requesting user.
|
||||
|
||||
As long as a sufficient portion of the network can be trusted and has not
|
||||
been compromised by an adversary,
|
||||
it isn't possible to trace data back through the network.
|
||||
|
||||
The most common use of Tor is to route web traffic.
|
||||
Many nodes block most other ports.
|
||||
It's also possible to resolve DNS requests through Tor.
|
||||
|
||||
There are lots of other details that I don't have time to get to here,
|
||||
but I provide a number of resources for you.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
**** DRAFT TorBrowser, Tails, and Whonix
|
||||
**** REVIEWED TorBrowser, Tails, and Whonix
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:02
|
||||
:DURATION: 00:01
|
||||
:END:
|
||||
|
||||
- <1-> Tor alone isn't enough
|
||||
- <1-> Browser needs to be hardened
|
||||
- <2-> TorBrowser is a hardened Firefox derivative
|
||||
- <1-> Operating System needs to be hardened
|
||||
- <2-> Tails, Whonix
|
||||
#+BEGIN_CENTER
|
||||
#+BEAMER: \only<2>{
|
||||
#+ATTR_LATEX: :height 1in
|
||||
[[./images/tp/torbrowser.png]]
|
||||
#+BEAMER: }
|
||||
#+BEAMER: \only<3>{
|
||||
#+ATTR_LATEX: :height 1in
|
||||
[[./images/tp/tails.png]]
|
||||
#+BEAMER: }
|
||||
#+BEAMER: \only<4>{
|
||||
#+ATTR_LATEX: :height 1in
|
||||
[[./images/tp/whonix.png]]
|
||||
#+BEAMER: }
|
||||
#+END_CENTER
|
||||
|
||||
#+BEAMER: \only<1>{
|
||||
- Also need to change browsing habits\cite{whonix:donot}
|
||||
#+BEAMER: }
|
||||
#+BEAMER: \only<2>{
|
||||
- Browser needs to be hardened
|
||||
- Remember: browser leaks a lot of
|
||||
data\cite{panopti:about,eff:browser-uniqueness}
|
||||
- TorBrowser is a hardened Firefox derivative\cite{tor:browser,tor:browser-design}
|
||||
#+BEAMER: }
|
||||
#+BEAMER: \only<3->{
|
||||
- <3-> Operating System needs to be hardened
|
||||
- <3-> Tails---The Amnesic Incognito Live System\cite{tor:tails}
|
||||
- <4> Whonix---Multi-layer isolation in VMs\cite{whonix}
|
||||
#+BEAMER: }
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Tor alone isn't enough to secure your anonymity.
|
||||
But Tor alone isn't enough to secure your anonymity.
|
||||
You also have to change your browsing habits.
|
||||
That is difficult and nuanced advice to give,
|
||||
let alone in a mention in a talk,
|
||||
so I defer to my citations.
|
||||
|
||||
For some people, that's enough.
|
||||
If your threat model involves only advertisers and other snoopers,
|
||||
you might be okay with Tor and privacy extensions.
|
||||
For nearly all of my Web traffic,
|
||||
that's what I care about.
|
||||
|
||||
But if you're a dissident,
|
||||
and your life is in danger,
|
||||
you have more work to do.
|
||||
If you are worried about government surveillance or cracking,
|
||||
you have more work to do.
|
||||
|
||||
It's hard to secure a web browser.
|
||||
|
||||
|
@ -1334,9 +1839,23 @@ TorBrowser is a hardened version of Firefox.
|
|||
The Tor browser recommends that you don't rely on a vanilla Firefox for
|
||||
anonymity with Tor.
|
||||
|
||||
Tails...
|
||||
The operating system needs hardening.
|
||||
There are two major options.
|
||||
The first one is Tails: The Amnesic Incognito Live System.
|
||||
It is an ephemeral OS that you can simply boot from USB on any PC.
|
||||
It routes all traffic through the Tor network.
|
||||
|
||||
Whonix...
|
||||
The second is Whonix.
|
||||
It is not ephemeral: it requires a host OS (or hypervisor) and runs two VMs:
|
||||
one is the guest that the user uses as a desktop,
|
||||
and the other is the VM it routes all traffic through,
|
||||
which goes through Tor.
|
||||
If the guest the user is using is compromised,
|
||||
an attacker cannot subvert the Tor network.
|
||||
|
||||
There's obvious tradeoffs there for both;
|
||||
I encourage you to look into both before deciding which is best for your
|
||||
threat model.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
|
|