The Privacy Conundrum(Do we have secrets to hide?)

Partha DasguptaArizona State University

Tempe, AZ, USA

Overview

Privacy – what, why, and it’s important· Security is different

Privacy leaks via browsing Advertising and the importance of targeting Why we have no privacy even if we have security? Smartphones and things to come

Privacy

The ability of an entity to seclude information about itself. Types of privacy:

· Personal, informational (financial, medical, political, Internet), organizational, spiritual.

Ability to control information flow, limit publicity, enforce the notion of “private information”

Privacy is rooted in cultural aspects. · Western cultures are more concerned with individual privacy. Urban

cultures value privacy more than rural cultures

Right to privacy?

Internet privacy?

Why Hide? Why Privacy?

“If you have nothing to hide, you have nothing to fear”OR

“If you have done nothing wrong, you have nothing to hide”· Eric Schmidt, (CEO of Google):

-- "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place, …”

Pitfalls: · Mistakes, misinterpretation, framing, false opinions, lack of due process· Discrimination based on personal opinions, politics, health,

Cardinal Richelieu (circa 1600): "If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged",

Bruce Schneier: "Too many wrongly characterize the debate as "security versus privacy." The real choice is liberty versus control.“

Scott McNealy, “You have zero privacy anyway. Get over it.” (1998)

Security (and privacy)

Security: Protect against attackers gaining access to property, systems, information and such.

Privacy: Protect against oneself disclosing information that could be harmful if disclosed.

Privacy subsumes security, but not vice versa.· Secure systems can protect privacy, but often do not.· Smartphones may be secure, but are terrible leakers of privacy.

Today, most privacy leaks happen without any security attacks.· People unknowingly leak private information on the internet

Simple Privacy Leaks

Browser

Search History· On cloud, or local (with Javascript tracking)

Google Maps (mobile)

Filter Bubble

Customized searches· Google (and others) provide search results based on what you

searched/liked before· Customized for you

Customization leads to the “filter bubble”· you live in a bubble and see what you would like to see.· The user experience from an algorithm selectively guesses what

information a user would like to see based on information about the user.

Good Food choices, lifestyle choices

Bad Opinions, politics, news

“You are the Product”

The internet applications are free to users….· Since you are not paying, you are not the consumer· You are the product being sold to their clients

Why are you valuable?· Advertising budget: > USD 100 billion (40b for US)

Advertising effectiveness increases dramatically when a product is advertised to a person, who wants it, or may be convinced they want it.· Targeted advertising· The victim has little chance· Serious money is involved, and the better the targeting, the better

the results and hence the higher the cost-per-click.

Why track?

You are the product…targeted advertising is the goal· Profit!

The web is advertiser supported and advertisers want to know and control:· Who sees the ads – demographics, income, location, age, sex and

so on.· What ad should be shown to whom, targeted specials have great

success. Build profiles – databases about humans who brows the

web.· Even if browsing incognito (private modes)

Advertising Driven?

Google:Revenue, 2013: USD 60 billionProfits, 2013: USD 12 billion

Facebook too

Who paid this??Why?Google is free?

Marketing Maxims

You do not buy the product, you buy the brand Perception of a good deal Perception of higher quality Power of marketing

· “I do not care for advertisements” – not true. Targeted advertising

· Preys on peoples weaknesses, yearnings and FUD· FUD: Fear, uncertainty, doubt· “Good” deals too – it is musch better to mark up a $50 product to

$100 and then prividing a 50% discount, than to price it at $50.

Complex Privacy Leaks

Targeting user need in-depth information about the users· Hence breaching users privacy is important

Tracking / Monitoring Eavesdropping Aggregation of information Building profiles Data Mining and other AI/Machine Learning techniques Connection graph

Tracking – Monitoring - Eavesdropping

You know Your friends know some people may know One entity knows about everyone

Third party cookies

Javascript tracking

http://www.forbes.com/http://www.independent.co.uk/http://www.businessinsider.com/http://uk.reuters.com/http://venturebeat.com/

Facebook-style tracking

Facebook icons and likes· Also many other sites· Click not needed· Even when logged off!!

“Sign in with Facebook”

Cloud Computing

Cloud computing: “You have zero privacy anyway. Get over it.”

Storage on the cloud All data is visible to service provider. · Nothing ever gets deleted· Cloud drives, cloud email, financial tracking, health monitoring,

payment systems, calendaring, mapping and routing, call a cab, · Even crowdsourcing sites, social networking sites, photo sharing

sites, and so on.

Aggregation of tracks

Cookies allow a website to see who is repeatedly visiting them

Each website manages its own data about users Aggregation allows a third party to see the global picture

· Tracking techniques make this possible· Resulting data in valuable to marketing people

Graphs and Mining

Relationship graphs reveal a lot about you· Who do you communicate with?· Who communicates with you?· Relationships based on friends, location, age, gender, political

beliefs, religion, hobbies, interests Building profiles

· Data Mining· Machine learning

The Smartphone trap

The final frontier are smartphones “There is a app for it” As smartphone usage is rising, the tracking and monitoring

opportunities are exploding

Smartphone penetration – “HIGH”· US: 50%, China: India: 13%· Growth rate is impressive

Downloaded apps are like viruses, they have too much power· Even though they disclose the “power”

Too many permissions?

Android Security and Privacy

Android has a “well designed, well thought out” security infrastructure

Android has legitimate ways of bypassing security with user permissions – get higher permissions

Users have to be knowledgeable· Want the app? You have to say yes to permissions.

Privacy controls are terrible Apps can leak, aggregate, profile and even collude

· “intents” is a backdoor method of inter-app communication

Google Maps

Device & app history -- retrieve running appsIdentity -- find accounts on the device-- add or remove accountsContacts/Calendar -- read your contacts-- modify your contactsLocation -- precise location (GPS and

network-based)Phone -- write call log-- directly call phone numbersPhotos/Media/Files -- test access to protected storage-- modify or delete the contents of

your USB storageCamera/Microphone -- record audio

Wi-Fi connection information -- view Wi-Fi connectionsDevice ID & call information -- read phone status and identityOther -- view configured accounts-- receive data from Internet-- run at startup-- view network connections-- install shortcuts-- control Near Field Communication-- use accounts on the device-- disable your screen lock-- read Google service configuration-- full network access-- connect and disconnect from Wi-Fi-- control vibration

Facebook (edited)Identity -- find accounts on the device-- add or remove accounts-- read your own contact cardContacts/Calendar -- modify your contacts-- read calendar events plus confidential

information-- add or modify calendar events and send

email to guests without owners' knowledgeLocation -- precise location (GPS and network-based)SMS -- read your text messages (SMS or MMS)Phone -- write call log-- directly call phone numbersPhotos/Media/Files Camera/Microphone -- take pictures and videos-- record audio

Wi-Fi connection information -- view Wi-Fi connectionsDevice ID & call information -- read phone status and identityOther -- download files without notification-- create accounts and set passwords-- view network connections-- install shortcuts-- read Google service configuration-- draw over other apps-- full network access-- change network connectivity-- set wallpaper-- send sticky broadcast-- reorder running apps-- connect and disconnect from Wi-Fi

Brightest Flashlight

Location -- approximate location (network-

based)-- precise location (GPS and

network-based)Photos/Media/Files -- modify or delete the contents of

your USB storage-- test access to protected storageCamera/Microphone -- take pictures and videosWi-Fi connection information -- view Wi-Fi connections

Device ID & call information -- read phone status and identity Other -- disable or modify status bar-- read Home settings and shortcuts-- control flashlight-- prevent device from sleeping-- view network connections-- full network access-- install shortcuts-- uninstall shortcuts

Smartphone Tracking Risks

What can a smartphone do?· Complex apps that gather a lot of information· An aggregation point of a large number of tracking possibilities

Location maps Activity (physical) Transactions (financial) Communications with other people Lifestyle choices Health monitoring Payment systems

“The Ecosystem”· Profile building that is significantly better than what is possible on computers

Payment Systems

Smartphone based banking and payment systems are being marketed heavily

NFC (Near Field Communication) based systems, as well as other methods · Credit card transactions· Wallet based transactions· Monitoring your spending profiles

Gather real information about what the user does and purchases and sees

Comparative shopping systems · Amazon does real market analysis via crowdsourcing

Health Monitoring Systems

Health sensors that interface to your smartphone e.g. FITBIT Sensors can find out a lot about you

· Sleep· Sit, walk, run, climb· Vitals (heart rate, blood pressure, sugar levels)· Food and drink consumption

Data is uploaded to cloud servers· A lot of advantages· Get the ideas…..?

Life Scheduling

Things you should do, and when Calendaring combined with ….

· Location· To-do lists· Things to buy· Friends and connections· Managing time and activities

Yet another wonderful data mining source

Total Ecosystems

The smartphone based ecosystems are almost here Use the smartphone to control your entire existence

· Social· Personal· Professional· Entertainment· Hobbies

Aggregate all information and use it against the poor human· Google, Apple, Microsoft control all the apps you can get on the

respective platforms

Much more to come, things we have not thought of yet· Today marketing, tomorrow worse…

Government Surveillance

Governments use surveillance for various reasons· Defeating terrorism?

Using backbone monitoring· Raw data, as well s other techniques

Get encryption keys via various methods

Not easily defeated, since they have powers of enforcement

Internet of Things

The future – every device will be connected to the Internet· Household devices, sensors, actuators, lights, appliances

IPv6 will make everything have a unique IP address Security and privacy can be compromised in many ways

· Unintended consequences· Not well thought through, just like most technologies

Very useful, but has severe downsides

Conclusions

Scott McNealy was right · (1998 was not when privacy leaks were common)

Since we have lost the right to privacy, we probably will never get it back

Corporate and government interests will win The advantages of giving up privacy entices most people

· Services for free· Quite useful applications· BUT we pay a high price for it…..

“Free is too expensive”