Chapter 6: Tracking and Surveillance Flashcards
What is UDP?
User Datagram Protocol
It is a protocol that sits on top of IP and is used to transmit data
What is the main difference between TCP and UDP?
TCP guarantees delivery, UDP does not
This allows UDP to transmit faster when speed is more important than reliability (for example, video streaming)
List 3 mail server protocols
Internet Message Access Protocol (IMAP)
Post Office Protocol (POP)
POP3
Which mail server protocol erases data from the server once it is downloaded?
POP and POP3 (depending on configuration)
Which method of sending data to a web server includes additional information in the URL? Get or Post?
Get
What part of a message is required to route it to the proper destination?
The IP header
What do you call it when network hardware examines the full body of a message?
Deep packet inspection
What is the purpose of deep packet inspection?
- Determine whether or not the packets contain malicious content
- Help prevent data leaks (DLP)
- Track users’ online behavior (advertisers)
- Censor or track citizens’ online behaviors (government)
- Allows network traffic and bandwidth shaping based on the content of a packet
- Determine the type of content being sent from one host to another (to apply rate limits)
List 2 common attacks performed through Wi-Fi eavesdropping
Packet-sniffing systems
HTTP session hijacking or side-jacking
List 4 Wi-Fi encryption schemes
WEP - Wired Equivalent Privacy
WPA - Wi-Fi Protected Access
WPA2
WPA3
Which Wi-Fi encryption schemes are considered secure?
WPA2
WPA3
How can spyware monitor user activities?
Capturing cookies to determine browsing history
Performing screen captures and transmitting images back to the attacker
Keylogging
Does HTTPS provide anonymity?
No - network observers still can see the source and destination of traffic
What are first-party cookies?
Those set by the primary page that the user is visiting
What are third-party cookies?
Cookies set from all companies other than the primary website whose URL is displayed in a browser
What are beacons or web bugs?
Elements used for tracking that are not visible to the user in the rendered web page
What are the 2 types of cookies?
Session
Persistent
What is URL rewriting?
Websites tracking the links a user clicks on a web page
Which technology can use a computers Media Access Control (MAC) address for tracking?
IPv6
What means of storage is used by the Adobe Flash plug-in?
Local Shared Objects (LSOs)
AKA Flash cookies
Where are LSOs stored?
On the hard drive, separate from HTTP cookies (so clicking clear cookies may not clear LSOs)
How do many website respawn cookies?
They use LSOs to respawn deleted information
Internet Explorer has it’s own way of storing data on the local hard drive, this is called…
userData storage
Not cleared when cookies are deleted!
What is a pixel hack?
A unique identifier is written into a minuscule image, generated on the fly, in the form of the color values for one or more pixels
Since images are often cached, or stored locally by the browser to avoid having to download the resource again in the future, these tracking values can often be retrieved later
How does HTML5 store information locally?
Either Document Object Model (DOM) storage or web storage Session storage (for a browser window)
What is an entity tag?
Entity tags (ETags) are HTTP headers that allow a browser to permanently tag a previously viewed resource ETags are generally not deleted when a user clears their cookies; rather, ETags may be deleted when a user clears the browser’s cache
What is an Evercookie?
- In 2010, a security researcher prototyped a tracking mechanism, the “Evercookie,” designed to be extremely difficult to delete
- The Evercookie combined multiple techniques, storing unique identifiers in more than ten different locations on a user’s computer
- If data from one storage location were deleted, this data would be respawned from other locations
How can javascript identify links that a user has previously clicked?
Web browsers show links on a page that have already been visited in a different color
JavaScript can access the color property
What is browser history stealing or sniffing?
An unscrupulous page can include thousands of invisible links to popular sites and then use JavaScript to query the color of those links and learn whether a particular page has been visited by the client browser
What is browser fingerprinting?
Leveraging the unique characteristics of an individual user’s browser—the fonts installed, the particular version of the browser running, the idiosyncrasies of a particular graphics card—as a semi-stable, unique identifier in place of cookies
How can images be used to confirm a user opened an email?
HTML code sent in an email to that user can request that content uniquely tied to that user be downloaded automatically from a remote server when the message is opened by the recipient
What 2 approaches do companies use to facilitate cross-device tracking?
Deterministic
Probalistic
Provide examples of how companies use probalistic matching to match users across devices
- Matching IP addresses
* Cookies, location and behavioral data
How does the Do Not Track (DNT) feature work in web browsers?
- HTTP header sent alongside requests for web content
- Header can indicate that the user has requested not to be tracked
- Does not actually block communication
- Relies on companies to honor this request
- Mostly a failure and abandoned
What is P3P?
- Platform for Privacy Preferences Project (P3P) tokens
- Machine-readable language with which websites can express their privacy practices
- The default setting in the Internet Explorer 6 through 10 web browsers blocked third-party cookies when they do not have P3P tokens and when they have P3P tokens indicating a privacy policy considered unsatisfactory by Microsoft’s criteria
- IE is the only browser who used it
- P3P not widely adopted by websites
Name 3 third-party browser extensions for privacy
- Disconnect
- Ghostery
- Privacy Badger
Name 2 general-purpose browser add-ons that can limit web tracking
- Adblock Plus (Firefox and Chrome) - blocks many advertisers
- NoScript (Firefox) - disables JavaScript and Flash
What does Mozilla’s Lightbeam tool do?
Presents a visualization of which third parties track users across particular websites
What is functional privacy?
Users’ willingness to aim for as much privacy as they can get without breaking the functionality of what they hope to accomplish
What privacy functionality does the DuckDuckGo browser offer?
Does not use HTTP cookies except to save preferences about the page layout a user has chosen, nor does it allow the HTTP Referer field to contain information about the search query
What privacy functionality does the TrackMeNot add-on in Firefox and Chrome offer?
Protects a user’s privacy by issuing decoy queries to major search engines
How are phone locations determined?
After determining the phone’s position relative to a handful of towers whose locations are known by the cellular provider, the position of the phone can then be determined geometrically through triangulation
Wi-Fi signals a phone receives can help determine its location
Is location divulged when using GPS?
No, devices receive and do not transmit any signals in the GPS process, devices do not automatically reveal their location
Though, a smartphone that determines its own location by receiving signals from GPS satellites might subsequently, and automatically, share that information with an app or the phone provider
What are the 2 RFID chip types?
- Passive
* Active
What is the main difference between passive and active RFID chips?
Active has its own power source, passive does not
How do RFIDs work?
The unique serial number associated with each RFID tag allows for location tracking
If additional information is stored on the tag, the reader is also able to pick up that information
How can phones be located within buildings?
Receivers installed within the building complex
Why does the FCC require that phone location be trackable?
In case an emergency 911 call is placed
What is near-field communication (NFC)?
Technology that can support location-based advertising via radio waves when the phone is in close proximity
How can privacy be respected when dealing with location-tracking technologies?
- Should only be included when there is a direct benefit
- Should be opt-in rather than opt-out
- Users should be able to see what is stored about them and delete or update any past location data
What is a roving bug?
Remotely activated smartphone microphone
Who is allowed to use remotely activated cell phone-based audio surveillance?
FBI
What are Remote Access Trojans (RATs)?
Malware that allows an attacker to take control of the camera or microphone
What privacy issues exist with smart TVs?
- Voice commands are sent to remote servers for processing - this data could be compromised
- Malware can repurpose the microphones into surveillance devices
- Some smart televisions track what you watch
What is automated content recognition (ACR)?
Technology used by smart TVs to determine what the user is watching
Why is CCTV and Facial Recognition become such an important topic?
The increase in the number of cameras out there combined with advances in the accuracy of facial recognition
What privacy issues exist with voice over IP systems?
- Researchers have demonstrated that simply having access to the encrypted version of a message may be sufficient for using linguistic techniques to reconstruct the call if certain types of encryption are used
- Metadata about a communication can often leak a large amount of the communication
What is ubiquitous computing (or ubicomp)?
Refers to the transition of computing from purpose-built, independent computing devices to computing that occurs at all times and in all places
What is a smart city?
Sometimes, the concept of a smart city refers to a city that aggregates and makes available existing data from its traditional functions in an open format and to all citizens
The concept of a smart city is also used to describe cities that introduce large numbers of new sensors and actuators, adding computerized sensing and control to systems that did not previously have such capabilities
• tracking devices on government-owned vehicles
• automated license plate readers to track nongovernment vehicles similarly
• Analytics for utility systems
• Cameras for a multitude of reasons
• Street corner sensors to detect environmental factors, gunshots or the movement of pedestrians
Why are accelerometers in smartphones a privacy risk?
- An accelerometer alone, even without persistent location awareness, can determine the distance traveled and therefore leak information about the user’s location relative to a previous position
- It can also leak information about the passwords a user types into their phone
What is a major difficulty in communicating privacy information for IoT devices?
They often lack a user interface
