Presentation is loading. Please wait.

Presentation is loading. Please wait.

Better web privacy through automation Umesh Shankar Berkeley EECS.

Published byCandice Sherman Modified over 8 years ago

Similar presentations

Presentation on theme: "Better web privacy through automation Umesh Shankar Berkeley EECS."— Presentation transcript:

1 Better web privacy through automation Umesh Shankar Berkeley EECS

2 Configuration everywhere Home wireless access Operating System Web Browser

3 Correct configuration is difficult We have high-level goals… “Allow my computers onto my network and no others” …but low-level configuration languages “Did I get the settings right?” Not always obvious how to express goals in policy terms or to see if they are met

4 Insecurity ensues When policies are too difficult to configure, people disable or bypass them Browser, firewall, OS policy are set to defaults We lose the benefit of configurability: policy reflecting our specific needs Functionality wins over security by default Must retain security subject to users’ patience

5 Browser cookie recap Cookies ClientServer index.html GET /index.html CartID=1234 cart.jsp GET /cart.jsp “Your cart #1234 contains…" … CartID=1234

6 Cookie types Four classes based on context and lifetime: (First party, Third party)  (Session, Persistent) First = cookies from same site as in URL bar Third = cookies from other sites (e.g., ads) Session cookie = lasts until browser is closed Persistent cookie = lasts until expiration date All cookies only sent to originating site

7 Cookies and privacy Problem: The same third party cookie can appear on multiple sites => you can be tracked If anyone knows who you are, everyone does BUY ME!!! Content…~~~~ ~~~~~~~~~~~~ whitehouse.gov BUY ME!!! Content…~~~~ ~~~~~~~~~~~~ whitehouse.com Advertiser Database about you Tracking cookie

8 The sad state of the art Two unpalatable options: Global policy for all sites Constant barrage of dialogs Sufficiently annoying that people accept defaults Functionality trumps privacy concerns Individually tailored policies eliminated

9 Existing approaches Browser bars Expose site cookies to the user Collect user choices for collaborative filtering Violates user privacy (could be fixed) P3P interface A good start P3P still unreliable

10 A new way of thinking Observations: 1.People don’t care about cookies, they care about privacy and functionality 2.People are equipped to make high-level decisions 3.Mistakes happen: error recovery should be easy Solutions: 1.Automated optimization: browser forking 2.Easy, high-level choices: side-by-side comparison 3.Recovery mechanism: backtrack + replay

11 The ideal policy Allow the set of cookies that maximizes the net benefit to the user Net benefit =Benefit – Cost =Functionality – Privacy Loss Having an objective function allows us to start to measure policy quality With a default-deny policy, each user-initiated change represents a unit of error

12 Challenges 1.Benefit is not revealed until after cookie is taken 2.Cost only revealed through hidden P3P policy Making informed decisions is difficult

13 Determining benefit Observation: If a cookie has no benefit, we can reject it outright Idea: Fork the browser 1.One fork takes the cookie, one doesn’t 2.Maintain fork for a few pages 3.If no difference in the output, assume reject 4.Encode the decision into the policy

14 Forking the browser (cookies not needed) Home page Item page View book Cart Add to cart VISIBLE Amazon.com (cookies off) Home page Item page View book Cart Add to cart HIDDEN, FORKED Amazon.com (cookies on)... DENY policy assumed because no difference

15 Forking the browser (cookies needed) Home page Enter ZIP View plans Error page ‘94720’ VISIBLE VerizonWireless.com (cookies off) Home page Enter ZIP View plans List of plans ‘94720’ HIDDEN, FORKED VerizonWireless.com (cookies on) Switch to other window?

16 User choice Last line of defense Idea: Expose cost and benefit to the user Show side-by-side output from forking technique, highlighting differences (=benefit) Show relevant P3P information (=cost) User can simply decide if with-cookie is better than without-cookie

17 Semantic comparison of web pages Necessary for forking and side-by-side highlighting Difficult problem on its own Sources of error: Advertisements Natural nondeterminism (click trackers, news feeds) For now, coarse comparison (viz., page title)

18 Dealing with errors Errors are inevitable Prediction algorithm won’t always guess right Humans make mistakes or change their minds Recovery should be easy and automated

19 “This site requires cookies” The nightmare page Important Note: This section of the site requires the use of cookies. Cookies allow us to keep track of who you are and your placement choices… Once you have changed your browser to accept cookies, please go back to the placement area home page and begin making your choices… 1.Select "Preferences" from the Edit menu. 2.Click on the "Advanced" selector. 3.Click the "Cookies" option. 4.Scroll down to the "Cookies" section. 5.To enable: 6.Select "Enable all cookies." 7.Click "OK."

20 “Fix Me” Home page Item page Empty cart View Item Show cart Home page Item page Cart page View Item (Automatic) Add item (Automatic) Click “Fix Me” Replay stops because page is different Item page Add item Cookies Off (due to prior policy) Session Cookies On (automatic)

21 Notes on Backtracking + replaying How far to go back? Typically start of site Which cookies to enable? Perform an expanding search, start with FP session When to stop? When there is a difference from the history If no difference, expand cookie search & retry Don’t replay through POSTs (non-idempotent)

22 Why replaying is OK No formal proof possible: server can take arbitrary actions in response to a request In practice, server state is the problem Without state, most sites are repeatable Lack of state (cookies) is why we are replaying! Empirically, most problems show up early, so not much to replay

23 Engineering challenges Web is dynamic and nondeterministic We handle most Javascript Heuristics are good in practice at matching elements Browsing is nonlinear (e.g., tabs, back button) Still working on multiple tabs Back button is emulated Firefox is an immature platform

24 Progress report Done: Improved on default mechanism in Firefox Replay + Backtrack work for most sites Most interesting Javascript supported Still to do: Comparison algorithm Heuristics for how far back/forward to replay Heuristics for which cookies to enable with “Fix Me” Multiple tabs

Download ppt "Better web privacy through automation Umesh Shankar Berkeley EECS."

Similar presentations

Lecture 10 Sharing Resources. Basics of File Sharing The core component of any server is its ability to share files. In fact, the Server service in all.

Lecture 10 Sharing Resources. Basics of File Sharing The core component of any server is its ability to share files. In fact, the Server service in all.
For Details Visit : or For any Help Contact the Librarian EBSCOhost 2.0.

For Details Visit : or For any Help Contact the Librarian EBSCOhost 2.0.
Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
® Microsoft Office 2010 Browser and Email Basics.

® Microsoft Office 2010 Browser and Basics.
Unit 11 Using the Internet & Browsing the Web.  Define the Internet and the Web  Set up & troubleshoot an Internet connection  Categorize webs sites.

Unit 11 Using the Internet & Browsing the Web.  Define the Internet and the Web  Set up & troubleshoot an Internet connection  Categorize webs sites.
Accessing and Using the e-Book Collection from EBSCOhost ® When an arrow appears, click to proceed to the next slide at your own pace. To go back, click.

Accessing and Using the e-Book Collection from EBSCOhost ® When an arrow appears, click to proceed to the next slide at your own pace. To go back, click.
6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?

6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?
1 of 6 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 6 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
Operating Systems Day 1. Booting a Computer 1.Switch on the UPS electricity supply - green light electricity failure - red light charging – orange light.

Operating Systems Day 1. Booting a Computer 1.Switch on the UPS electricity supply - green light electricity failure - red light charging – orange light.
New School Websites Teacher Pages. Visit the SCUSD Website for videos tutorials: www.scusd.edu/website-training-teachers For more information.

New School Websites Teacher Pages. Visit the SCUSD Website for videos tutorials: For more information.
Configuring Active Directory Certificate Services Lesson 13.

Configuring Active Directory Certificate Services Lesson 13.
Education Google Calendar (GCal) English. Education Upon completion of this course, you will be able to:  Navigate the GCal interface  Search your calendar.

Education Google Calendar (GCal) English. Education Upon completion of this course, you will be able to:  Navigate the GCal interface  Search your calendar.
Working with SharePoint Document Libraries. What are document libraries? Document libraries are collections of files that you can share with team members.

Working with SharePoint Document Libraries. What are document libraries? Document libraries are collections of files that you can share with team members.
10 Privacy Settings Every Facebook User Should Know.

10 Privacy Settings Every Facebook User Should Know.
You can customize your privacy settings. The privacy page gives you control over who can view your content. At most only your friends, their friends and.

You can customize your privacy settings. The privacy page gives you control over who can view your content. At most only your friends, their friends and.
With Internet Explorer 8© 2011 Pearson Education, Inc. Publishing as Prentice Hall1 Go! with Internet Explorer 8 Getting Started.

With Internet Explorer 8© 2011 Pearson Education, Inc. Publishing as Prentice Hall1 Go! with Internet Explorer 8 Getting Started.
Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.

Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.
Getting started on informaworld™ How do I register with informaworld™? What do I do if I forget my password? My institution does not subscribe to any journals,

Getting started on informaworld™ How do I register with informaworld™? What do I do if I forget my password? My institution does not subscribe to any journals,

Similar presentations

Ads by Google