Computer Science | Grinnell College

This Friday in CS Table, we will consider recent trends in browser tracking. That is, we will explore the ways in which people who want to know what you are doing on the Web can keep track of you. We have one popular CS article and one research paper.

Nikiforakis, Nick & Güner Acar (2014). Browser Fingerprinting and the Online Tracking Arms Race. IEEE Spectrum, August 2014. Also available at http://spectrum.ieee.org/computing/software/browser-fingerprinting-and-the-onlinetracking-arms-race.

In July 1993, The New Yorker published a cartoon by Peter Steiner that depicted a Labrador retriever sitting on a chair in front of a computer, paw on the keyboard, as he turns to his beagle companion and says, “On the Internet, nobody knows you’re a dog.” Two decades later, interested parties not only know you’re a dog, they also have a pretty good idea of the color of your fur, how often you visit the vet, and what your favorite doggy treat is.

How do they get all that information? In a nutshell: Online advertisers collaborate with websites to gather your browsing data, eventually building up a detailed profile of your interests and activities. These browsing profiles can be so specific that they allow advertisers to target populations as narrow as mothers with teenage children or people who require allergy-relief products. When this tracking of our browsing habits is combined with our self-revelations on social media, merchants’ records of our off-line purchases, and logs of our physical whereabouts derived from our mobile phones, the information that commercial organizations, much less government snoops, can compile about us becomes shockingly revealing.

Here we examine the history of such tracking on the Web, paying particular attention to a recent phenomenon called fingerprinting, which enables companies to spy on people even when they configure their browsers to avoid being tracked.

Gunes Acar, Christian Eubank, Steven Englehardt, Marc Juarez, Arvind Narayana, Claudia Diaz. The Web Never Forgets: Persistent Tracking Mechanisms in the Wild. Preprint available at https://securehomes.esat.kuleuven.be/~gacar/persistent/the_web_never_forgets.pdf.

We present the first large-scale studies of three advanced web tracking mechanisms — canvas fingerprinting, evercookies and use of “cookie syncing” in conjunction with evercookies. Canvas fingerprinting, a recently developed form of browser fingerprinting, has not previously been reported in the wild; our results show that over 5% of the top 100,000 websites employ it. We then present the first automated study of evercookies and respawning and the discovery of a new evercookie vector, IndexedDB. Turning to cookie syncing, we present novel techniques for detection and analysing ID flows and we quantify the amplification of privacy-intrusive tracking practices due to cookie syncing.

Our evaluation of the defensive techniques used by privacy-aware users finds that there exist subtle pitfalls — such as failing to clear state on multiple browsers at once — in which a single lapse in judgment can shatter privacy defenses. This suggests that even sophisticated users face great difficulties in evading tracking techniques.

Computer science table is a weekly meeting of Grinnell College community members (students, faculty, staff, etc.) interested in discussing topics related to computing and computer science. CS Table meets Fridays at noon in the Day PDR (JRC 224A). Contact Sam Rebelsky rebelsky@grinnell.edu for the weekly reading. Students on meal plans, faculty, and staff are expected to cover the cost of their meals. Students not on meal plans can charge their meals to the department.

On Thursday, May 1, a video recording of a recent talk by Edward Snowden, “Here's how we take back the Internet,” will be presented. Mr. Snowden is a former system administrator for the National Security Agency who resigned last May in order to expose widespread violations of civil rights and other abuses of power in the NSA.

Refreshments will be served at 4:15 p.m. in the Computer Science Commons (Noyce 3817). The presentation, “ Here's how we take back the Internet,” will follow at 4:30 p.m. in Noyce 3821. Everyone is welcome to attend!

At this week's Computer Science Table (at noon on Friday, April 18, in Rosenfield 224A), we will discuss privacy in the age of big data and analytics, and specifically the issues are raised in two videos (one recent, one classic):

“Demo: Big data and analytics at work in banking”
IBM Big Data and Analytics, YouTube, September 7, 2013
http://www.youtube.com/watch?v=1RYKgj-QK4I

“Scary pizza”
American Civil Liberties Union, YouTube, January 15, 2009
https://www.youtube.com/watch?v=33CIVjvYyEk

For more extensive discussions of some of these issues, you might want to read:

“Big data and the future of privacy”
John Podesta, whitehouse.gov, March 3, 2014
http://www.whitehouse.gov/blog/2014/01/23/big-data-and-future-privacy

“Comments of the Electronic Privacy Information Center to the Office of Science and Technology Policy: Request for information: Big data and the future of privacy”
Electronic Privacy Information Center, April 4, 2014
https://epic.org/privacy/big-data/EPIC-OSTP-Big-Data.pdf

Computer Science Table is an open weekly meeting of Grinnell College community members (students, faculty, staff, etc.) interested in discussing topics related to computing and computer science.

On Friday, 13 September 2013, the readings for CS Table will be two papers on trust.

The first is a classic paper, written as a Turing Award Speech

Ken Thompson. 1984. Reflections on trusting trust. Commun. ACM 27, 8 (August 1984), 761-763. DOI=10.1145/358198.358210 http://doi.acm.org/10.1145/358198.358210

The second is a recent article from The New York Times

Nicole Perlroth, Jeff Larson, and Scott Shane. September 5, 2013. N.S.A. Able to Foil Basic Safeguards of Privacy on Web. The New York Times. http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html

---

Computer science table is a weekly meeting of Grinnell College community members (students, faculty, staff, etc.) interested in discussing topics related to computing and computer science. CS Table meets Fridays at noon in the Day PDR. Contact Sam Rebelsky (rebelsky@grinnell.edu) for the weekly reading. Students on meal plans, faculty, and staff are expected to pay the cost of their meals. Students not on meal plans can charge their meals to the department.

This Friday, October 14, Kyle and Martin E. will be leading a discussion about Online Health Information Systems. You can find links to the papers for this week at http://foswiki.cs.grinnell.edu/foswiki/bin/view/Courses/HealthCareAndCom... As usual, we'll meet around noon in JRC 224A. Hope to see you there!

This Friday, October 14, Kyle and Martin E. will be leading a discussion about Online Health Information Systems. You can find links to the papers for this week at http://foswiki.cs.grinnell.edu/foswiki/bin/view/Courses/HealthCareAndCom... ng/OHIS As usual, we'll meet around noon in JRC 224A. Hope to see you there!

This Friday at CS Table, Martin and Alicia will be leading a discussion about Personal Health Care Records, discussing some past and current implementations of EHRs. We'll meet at noon in JRC 224A. The readings can be found at the following link: http://foswiki.cs.grinnell.edu/foswiki/bin/view/Courses/HealthCareAndCom... All are welcome!

This Friday at CS Table, Kyle and Josh will be leading a discussion about the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and how to meet its requirements for health information privacy and security. As usual, we'll meet at noon in JRC 224A. See http://foswiki.cs.grinnell.edu/foswiki/bin/view/Courses/HealthCareAndCom... for readings.

This Friday at CS Table, Simon and Jeff will present the information contained in packet headers and lead a continued discussion on network surveillance. We suggest the following reading (as much as you have interest or time for):

• ResNet Guidelines and Policies
• Ellen Nakashima, US seeks ways to wiretap the Internet, Washington Post, Sept 27, 2010.
• Paul Ohm, When Network Neutrality Met Privacy, CACM 53(4):30-32, April 2010.
• Kristina Irion, International Communications Surveillance, CACM 52(2):26-28, Feb 2009.
• TCP Protocol Layers Explained, Dru Lavigne, ONLamp.com, March 14, 2001.
• Capturing TCP Packets, Dru Lavigne, ONLamp.com, March 21, 2001.
• IP Packets Revealed, Dru Lavigne, ONLamp.com, March 28, 2001.

As usual, we'll meet a little after noon in JRC 224A.

Students who are registered for CSC 295: We'll be doing sign-ups for after fall break. Please bring your calendars!

This Friday at CS Table, Dr. Rebelsky and I will be presenting the XKCD comic "Password Reuse".

To add some seriousness to the conversation, please also read

• A. L. Penenberg, Is Google evil?, Mother Jones, October 10, 2006;
• J. Vascellaro, Google Agonizes on Privacy as Ad World Vaults Ahead, Wall Street Journal, August 10, 2010.

As usual, we'll be meeting at noon in JRC 224A. Hope to see you there!