Document

Transcript Document

Could Googling Take Down A President, a Prime Minister, or an Average Citizen?

Greg Conti | United States Military Academy | [email protected]

http://www.whitehouse.gov/omb/budget/fy2005/images/justice-7.jpg

Who is familiar with the AOL dataset disclosure?

Who has seen the data?

The AOL Dataset Debacle SIGIR – IR List (August 2006) Subject: research.aol.com AOL is embarking on a new direction for its business making its content and products freely available to all consumers. To support those goals, AOL is also embracing the vision of an open research community. To get started, we invite you to visit us at http://research.aol.com, where you will find: • 20,000 hand labeled, classified queries • 3.5 million web question/answer queries (who, what, where, when, etc.) • Query streams for 500,000 users over 3

months (20 million queries)

• 2 million queries against US Government domains Also, please feel free to provide feedback on the site, datasets you'd like to see in the future, and any other comments about our vision.

The AOL Dataset Debacle SIGIR – IR List (August 2006) Subject: research.aol.com AOL is embarking on a new direction for its business making its content and products freely available to all consumers. To support those goals, AOL is also embracing the vision of an open research community. To get started, we invite you to visit us at http://research.aol.com, where you will find: AOL Stalker • 20,000 hand labeled, classified queries • 3.5 million web question/answer queries (who, what, where, when, etc.) • Query streams for 500,000 users over 3

months (20 million queries)

• 2 million queries against US Government domains Also, please feel free to provide feedback on the site, datasets you'd like to see in the future, and any other comments about our vision. AOL Psycho

AOL Demo • User #10291 • User #2708

Knowledge of the AOL Dataspill Question no Are you familiar with the AOL data disclosure of August 2006?

84% vaguely somewhat very 7% 7% 2%

Knowledge of the AOL Dataspill Question no Are you familiar with the AOL data disclosure of August 2006?

84% vaguely somewhat very 7% 7% 2%

Outline • Information Disclosure – Computing Platform – Network Eavesdropping – Destination Websites / ISPs • Vectors • Cross-site Tracking – Advertising and Embedded Content • Where we are and where we are going

Definitions

googling: The full spectrum of free online tools and services (such as search, mapping, email, Web-based word processing and calendaring etc.)

web-based information

disclosure: the information we disclose as we surf the web

“Free” web tools and services aren’t free, we pay for them with micropayments of personal information.

Eliot Spitzer Former-Governor of New York “Never talk when you can nod, and never nod when you can wink, and never write an e-mail because it's death. You're giving prosecutors all the evidence we need.” - Eliot Spitzer Two Years before his resignation http://abcnews.go.com/Blotter/story?id=4424507&page=1

Maf54 (7:43:27 PM): well dont ruin my mental picture

Xxxxxxxxx (7:43:32 PM): oh lol...sorry

Maf54 (7:43:54 PM): nice Maf54 (7:43:54 PM): youll be way hot then

Xxxxxxxxx (7:44:01 PM): haha...hopefully

http://abcnews.go.com/WNT/BrianRoss/Story?id=2509586&page=2 Mark Foley Former-US Congressman

Can anyone help me please! This stalking thing is not funny at all. When I type my name in keyword it gives a list of places that show where I have been on aol on the net. This is nobodys business. I have not done anything wrong at all and I have contacted aol about this matter and they keep saying they will do something about it but never do. -Debbie How do I get stuff removed from aol stalker? Can anyone tell me? Aol won't respond even though they claim willingness to remove data when requested. Someone, anyone, please help!

-Sally http://blogs.ittoolbox.com/security/investigator/archives/aol-stalker-website-unleashed-11133

In the news… • Administration Demands Search Data; Google Says No; AOL, MSN & Yahoo Said Yes – – – – – http://blog.searchenginewatch.com/blog/060119-060352 • Hit Pause On The Evil Button: Google Assists In Arrest Of Indian Man http://www.washingtonpost.com/wp-dyn/content/article/2008/05/18/AR2008051800657.html

• Moroccan Man Jailed For Fake Facebook Profile http://www.techcrunch.com/2008/02/07/moroccan-man-jailed-for-fake-facebook-profile/ • Group: Yahoo Assisted China With Torture http://origin.foxnews.com/wires/2007Apr19/0,4670,YahooChina,00.html

• Google ordered to give YouTube user data to Viacom http://afp.google.com/article/ALeqM5hty1hXgakr7zoviTVNKalsStgSOw

3000 Number of Times Data is Collected on Each Visitor in a Month (Average) Data Collection Yahoo MySpace AOL Google Facebook Microsoft Ebay Amazon http://www.nytimes.com/2008/03/10/technology/10privacy.html?pagewanted=1&_r=1&hp / Comscore

Millions Unique Visitors per Month 180 Unique Visitors Yahoo MySpace AOL Google Facebook Microsoft Ebay Amazon http://www.nytimes.com/2008/03/10/technology/10privacy.html?pagewanted=1&_r=1&hp & Comscore

source: http://www.internetworldstats.com/stats.htm

Global Computing Statistics • World Population • Cell Phones • Personal Computers • MP3 Players • Digital Cameras • Webcams • PDAs • DVRs • Servers ~6.6 Billion ~3.3 Billion ~1.2 Billion ~220 Million ~120 Million ~100 Million ~85 Million ~44 Million ~27 Million Kevin Kelly, “The Planetary Computer.” Wired, 16.07, July 2008, pp52-55

Data Retention/Anonymization • Ask • Google • Microsoft • Yahoo “hours” 18 months 18 months 13 months • Other logs… • Other companies… • The cookie fallacy.

• ISPs?

http://www.webmonkey.com/blog/Yahoo_Trumps_Google_With_New_Data_Retention_Policy http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9027924&source=rss_news50

Ebay

Amazon

“Career Watcher” Profiling • Google hackers • Security researchers • Political activists • Company XXX employee • Corporate leaders • Law enforcement officer • Government official “Active Gamer” Tacoda, The Home of Behavioral Targeting, http://www.tacoda.com/