Presentation on theme: "SOCIAL WEB MEDIA privacy and data mining part 2 4/12/2010."— Presentation transcript:
SOCIAL WEB MEDIA privacy and data mining part 2 4/12/2010
A Primer on Information Theory and Privacy Peter Eckersley https://www.eff.org/deeplinks/2010/01/primer-information-theory-and-privacy Around 7 billion people on planet... gender, zip code and birth date is each partially identifying information combining these pieces of information is likely to get you a unique person if you can combine that info w/ a dataset tied to names or ssn then you can probably ID the individual
IP address - guess at zipcode by where they log in from? - track visits w/ cookies - image cache
IP address (WHOIS) track visits w/ cookies - image cache
USER AGENT STRING HTTP Protocol browser sends info about itself to server when making request
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv: ) Gecko/ Firefox/ tells website what browser version, operating system and version. (Can be used by developers to format content for different browsers.)
"if you pick a random person's browser, only one in 1,500 other Internet users will share their User Agent string."
TOR software + network of virtual tunnels journalists whistleblowers dissidents those not wanting to reveal socially sensitive info about themselves – illnesses, victims of abuse https://www.torproject.org/index.html.en
makes browsing slower Tor anonymizes the origin of your traffic, and it encrypts everything between you and the Tor network and everything inside the Tor network, but it can't encrypt your traffic between the Tor network and its final destination. If you are communicating sensitive information, you should use as much care as you would on the normal scary Internet use HTTPS or other end-to-end encryption and authentication.
While Tor blocks attackers on your local network from discovering or influencing your destination, it opens new risks: malicious or misconfigured Tor exit nodes can send you the wrong page, or even send you embedded Java applets disguised as domains you trust. Be careful opening documents or applications you download through Tor, unless you've verified their integrity.