LWN Weekly Edition
Front pageSecurity
Kernel development
Distributions
Development
Announcements
->One big page
This page
Previous weekFollowing week
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
SecurityPrivacyfixAs even moderately sophisticated users of the web are aware by now, the great majority of web sites that we visit have a keen interest in tracking their users. At the simplest end of the scale, visitor tracking takes the form of web server logs that record the source IP address of an HTTP request, the HTTP request itself, and the browser's user agent string. Further along the scale are simple cookie-based systems used to track the number of unique visitors to a site or to track each user's navigation around a site. Going further still are the cookie-based systems and widget-based systems (Facebook's "like" buttons, Google's "+1" buttons, and the like) that an increasing number of companies are using to track users' surfing habits across web sites, typically to gather a picture of our browsing habits in order to target us with more "personalized" advertising. Furthermore, many of the free web services to which we provide any kind of personal information have a keen interest in monetizing that information as far their stated privacy policies allow. And in some cases those companies are prepared to be flexible about their policies when it suits their business goals. To take just one of the most noted examples, Facebook's constantly morphing range of privacy settings, and their defaults, appear to be designed more to suit the requirements of Facebook's paying advertisers rather than its users. As has been pithily observed, "if you are not paying for it, you're not the customer; you're the product being sold." However, even for sophisticated users, preventing tracking and controlling the privacy of personal data can be challenging. Less sophisticated users can have trouble to even find which part of a web service's interface is used to control the privacy settings that determine how a company uses their data. While many users may be aware of cookies, probably only a minority actively try to control their use. And few of us have any idea how much the information that we provide to free web services might be worth to the companies providing the services. Privacyfix, a plug-in for the Firefox and Chrome browsers released earlier this month, aims to educate users on how they are tracked and how their personal data is used; it also assists them with the task of locking down the privacy of their personal data on some web services. And perhaps most eye-catchingly, it attempts to give the user an estimate of the value of their web surfing habits for a couple of the web service giants. The plug-in is free as in beer, but while the web site mentions some collaborations with open source projects, no mention is made of the plug-in itself as being under a free license; one assumes that it is not. Installation of the plug-in is accomplished by clicking a link on the Privacyfix home page. The actual installation takes just a few seconds, but is followed by a set-up phase whose duration depends on the speed of the user's Internet link. During this phase the plug-in is downloading a data set containing information about a large number of commonly used web sites. The Privacyfix FAQ emphasizes that the data exchange that is going on at this point is almost entirely one way. No browser information (such as cookies, history, or bookmarks) is sent to the Privacyfix site. The only information that goes to the site is unavoidable technical information such as the user's IP address, which PrivacyChoice, the company that produces the plug-in, claims to delete immediately. Once the download is complete, the plug-in analyzes your browser's cookies and browser history, and—if you are logged in—your Facebook privacy settings and Google account settings to give you a picture of just how tracked your life on the web is. The plug-in then presents its results in a tabbed browser display of the form shown to the right.
The right-hand side of the browser display is more practically interesting. A series of horizontal bands provides visual feedback on how locked down your Facebook privacy settings are; hovering the mouse over each indicator provides further explanation about the setting. In this display, a green band indicates that Privacyfix considers your current setting to be good from a privacy point of view. An orange band indicates a setting that needs attention; the display shown above indicates what one unsophisticated Facebook user in this editor's household sees when using the "Facebook" tab. (And yes, there will be a talk at home tonight about Facebook privacy settings.) Simply reading the pop-up explanation on each privacy indicator is informative; I didn't previously know that Facebook may automatically share my profile information when I visit certain web sites. One of the nice features of the plug-in is that each of the indicators can be clicked to change the privacy setting, typically by navigating the user to the appropriate part of the Facebook web interface that controls the setting—a boon to those who have, like your editor, struggled to navigate around Facebook's privacy settings. Once the settings have been changed (in any way), Privacyfix sets the corresponding indicator green. Privacyfix takes a policy-neutral approach to your privacy settings. It will indicate privacy settings that may need attention, but won't automatically change any settings for you. The rationale for that approach is that you may have some quite practical reasons for surrendering some level of privacy; for example, disabling Facebook's "like" button may interfere with the rendering of some web pages. Similarly, disabling Google's recording of your web search history means that future searches may lead to less personalized results. Privacyfix leaves the user to make those choices. The display in the "Google" tab is similar to the Facebook tab. The lower right portion tells me that Google collects data on 60% of the pages I visited in the last 60 days. The big surprise here is the monetary value of my browsing habits for Google: Privacyfix estimates these at US$1179 per year. Although I spend a lot of the day on the web, this number does seem implausibly high, especially when compared to the Facebook number. However, the point is made: our browsing habits are worth a lot of money to Google. Again, a set of clickable indicators on the right-hand side of the display provides a basic education on how Google uses data about the user and allows privacy settings to be changed. The "Websites" tab displays the favicons of web sites that the user has
visited that Privacyfix has rated as having some privacy issues, based on
the sites' privacy policies. Sites that share data outside the parent
company and its affiliates are placed in a special section at the top of
the display. (I was surprised to find that the Deutsche Bahn, the German
railway company, reserves the right to share the personal data that I've
given to them with third parties.) A "fix" button in this part of the
display allows you to automatically generate an email requesting removal of
personal data on these sites; of course, in many cases there is no
guarantee that such a request will be honored. Clicking each favicon drills
down to a page displaying further information about the corresponding web
site's policies and which other companies track your visits to the site and
what their tracking policies are.
Privacyfix's "Tracking" tab provides a visual overview of which companies are currently using tracking cookies to monitor user visits. This sort of visual display provides an impressive reminder of just how tracked we are: most frequent web users are likely to see that they are tracked by at least a couple of hundred web sites. Again, each icon is clickable, leading to further information about the site's tracking policies, and there are "fix" buttons to disable tracking cookies and ad tracking. The final tab, "Healthbar", places a "privacy health" button at the far right of the browser address bar. While browsing the web, you can click this button to obtain a pop-up privacy assessment of the site, if it is one of those in the Privacyfix database. To the right is Privacyfix's health display for Google.com. Again, this sort of display is an effective tool for educating users about web privacy. Most of the web sites that I visited that Privacyfix knows about showed at least some orange indicators to indicate potential privacy issues; notably, Wikipedia had a clean green bill of health. When it comes to understanding and controlling how our private data is used on the web, Privacyfix seems a useful tool on many dimensions. First and foremost among these is its use as an educational tool for web users of all levels of sophistication to gain a better understanding of how they are tracked on the web and to learn about the privacy policies of the companies who are tracking them. Increasing user understanding in this area can only be a good thing, inasmuch as it may lead to greater public pressure on companies to act according to more ethical privacy and tracking policies.
Brief items Security quotes of the week
Because of their proprietary nature and narrowly-specified license and
approval guidelines, medical devices are actually more at risk of catching
computer viruses because they are often outdated, unprotected, and unable
to be modified or upgraded.
-- NaturalNews
learns that not just the patients in a hospital have viruses
Criminals no longer need to stake out a home or a business to monitor the
inhabitants' comings and goings. Now they can simply pick up wireless
signals broadcast by the building's utility meters… Because energy usage often drops to near zero when a house is empty, the readings could be used to identify which owners are at work or on holiday.
-- New
Scientist
We demonstrate that SSL certificate validation is completely broken in many security-critical applications and libraries. Vulnerable software includes Amazon's EC2 Java library and all cloud clients based on it; Amazon's and PayPal's merchant SDKs responsible for transmitting payment details from e-commerce sites to payment gateways; integrated shopping carts such as osCommerce, ZenCart, Ubercart, and PrestaShop; AdMob code used by mobile websites; Chase mobile banking and several other Android apps and libraries; Java Web-services middleware - including Apache Axis, Axis 2, Codehaus XFire, and Pusher library for Android - and all applications employing this middleware. Any SSL connection from any of these programs is insecure against a man-in-the-middle attack.
-- From a paper by M. Georgiev, S. Iyengar, S. Jana, R. Anubhai, D. Boneh, and V. Shmatikov
New vulnerabilities chromium: multiple vulnerabilities
claws-mail: denial of service
cups-pk-helper: privilege escalation
gitolite: directory traversal vulnerability
haproxy: code execution
java-1.7.0-oracle: multiple unspecified vulnerabilities
libproxy: code execution
mom: denial of service
ruby: unintended file creation
tiff: code execution
tinyproxy: denial of service
viewvc: cross-site scripting
Page editor: Jake Edge |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Privacyfix Facebook tab]](/images/2012/privacyfix/Privacyfix_fb_small.png)
![[Privacyfix Google healthbar]](/images/2012/privacyfix/Privacyfix_Google_healthbar_small.png)