CITP Blog - Formerly Freedom to Tinker

Tag: Privacy

  • Anonymous programmers can be identified by analyzing coding style

    – by

    Comments

    Every programmer learns to code in a unique way which results in distinguishing “fingerprints” in coding style. These fingerprints can be used to compare the source code of known programmers with an anonymous piece of source code to find out which one of the known programmers authored the anonymous code. This method can aid in…

  • Verizon's tracking header: Can they do better?

    – by

    Comments

    Verizon’s practice of injecting a unique ID into the HTTP headers of traffic originating on their wireless network has alarmed privacy advocates and researchers. Jonathan Mayer detailed how this header is already being used by third-parties to create zombie cookies. In this post, I summarize just how much information Verizon collects and shares under their…

  • How cookies can be used for global surveillance

    – by

    Comments

    Today we present an updated version of our paper [0] examining how the ubiquitous use of online tracking cookies can allow an adversary conducting network surveillance to target a user or surveil users en masse.  In the initial version of the study, summarized below, we examined the technical feasibility of the attack. Now we’ve made the…

  • Striking a balance between advertising and ad blocking

    – by

    Comments

    In the news, we have a consortium of French publishers, which somehow includes several major U.S. corporations (Google, Microsoft), attempting to sue AdBlock Plus developer Eyeo, a German firm with developers around the world. I have no idea of the legal basis for their case, but it’s all about the money. AdBlock Plus and the closely…

  • How do we decide how much to reveal? (Hint: Our privacy behavior might be socially constructed.)

    – by

    Comments

    [Let’s welcome Aylin Caliskan-Islam, a graduate student at Drexel. In this post she discusses new work that applies machine learning and natural-language processing to questions of privacy and social behavior. — Arvind Narayanan.] How do we decide how much to share online given that information can spread to millions in large social networks? Is it always our…

  • The hidden perils of cookie syncing

    – by

    Comments

    [Steven Englehardt is a first-year Ph.D. student in the computer security group at Princeton. In this post he talks about the implications of a recent study that we published in collaboration with researchers at KU Leuven, Belgium. — Arvind Narayanan] Online tracking is becoming more sophisticated and thus increasingly difficult to block. Modern browsers expose many surfaces that enable users…

  • A Scanner Darkly: Protecting User Privacy from Perceptual Applications

    – by

    Comments

    “A Scanner Darkly”, a dystopian 1977 Philip K. Dick novel (adapted to a 2006 film), describes a society with pervasive audio and video surveillance. Our paper “A Scanner Darkly”, which appeared in last year’s IEEE Symposium on Security and Privacy (Oakland) and has just received the 2014 PET Award for Outstanding Research in Privacy Enhancing Technologies, takes a closer look at…

  • "Loopholes for Circumventing the Constitution", the NSA Statement, and Our Response

    – by

    Comments

    CBS News and a host of other outlets have covered my new paper with Sharon Goldberg, Loopholes for Circumventing the Constitution: Warrantless Bulk Surveillance on Americans by Collecting Network Traffic Abroad. We’ll present the paper on July 18 at HotPETS [slides, pdf], right after a keynote by Bill Binney (the NSA whistleblower), and at TPRC…

  • No silver bullet: De-identification still doesn't work

    – by

    Comments

    Paul Ohm’s 2009 article Broken Promises of Privacy spurred a debate in legal and policy circles on the appropriate response to computer science research on re-identification techniques. In this debate, the empirical research has often been misunderstood or misrepresented. A new report by Ann Cavoukian and Daniel Castro is full of such inaccuracies, despite its claims of “setting…

  • Privacy Implications of Social Media Manipulation

    – by

    Comments

    The ethical debate about Facebook’s mood manipulation experiment has rightly focused on Facebook’s manipulation of what users saw, rather than the “pure privacy” issue of which information was collected and how it was used. It’s tempting to conclude that because Facebook didn’t change their data collection procedures, the experiment couldn’t possibly have affected users’ privacy…