This part looks at the threats you are going to learn how to guard against throughout the course. During this walkthrough, you will find out about privacy violation and tracking, or the so-called user detection.
Privacy violation
There are a lot of users who confuse privacy and anonymity believing that these notions are either identical or very similar in meaning. In fact, anonymity enables you to visit sites, perform certain actions on web resources, for instance, leave messages without allowing for the possibility of linking your actions with your real identity or location of your connection. Having privacy means that other people, for whom your information is not intended, don’t have access to it.
For instance, you are communicating with someone via an instant messenger, and you are being watched over by agent John. If he attempts to identify you both, he actually performs deanonymization and threatens your anonymity. However, if he reads your correspondence, he violates your privacy by accessing the information confidential between you and your companion and not intended for third parties.
The most frequent privacy violations include viewing correspondence in IM services, accessing emails and eavesdropping on phones. Unfortunately, special services violate the privacy of common Internet users significantly more often than hackers and cybercriminals.
But if special services and law enforcement agencies of your country violate your privacy in the majority of cases, exercising their rights given by the law, the special services of other countries are not entitled to it. But they do, for instance, the email service Yahoo, according to the information leaked into mass media, scanned incoming messages and passed on this information to the US intelligence agency. Following this scandal, Edward Snowden called on everyone to delete their Yahoo accounts, and we wholeheartedly give you the same recommendation.
The correspondence of the Yahoo mail owners was also viewed by hackers who, according to the latest data, compromised three billion accounts of the email service. The actions of Yahoo, US intelligence and hackers blatantly violate user privacy.
There are lesser privacy violations, of course. For instance, email service Gmail was revealed to analyze their users’ emails and use this information to send targeted advertising. This is permitted by the user agreement you accept upon registration.
In this course you will learn how to protect yourself from privacy violations attempted on the part of special services and hackers alike.
Tracking
Have you had a situation when you typed some word in the search box, closed the page with the search results, went to the website and saw the advertising related to your recent search queries? In this event you experienced tracking. A simple example of tracking is targeted advertising on the Google network.
Today many people have an account with Google that by default saves all your search queries in Google’s search system. This information is used by Google AdWords for sending you advertising you could be potentially interested in. Yandex in Russia operates on analogous terms.
Why do they do it? Google earns money when you click an ad. The company is interested in showing you tailored ads. The search engine giant collects other information about you such as gender, age, language, country. If you are a fifty-year-old man from Paisley, you are very unlikely to click an add offering trendy women’s clothes from a London boutique.
There a lot of ways to perform user tracking, for instance, using MAC address. Your mobile device or laptop, if you have your wireless module active, is constantly sending signals that contain technical information including the unique MAC address of your device. This function enables you to always locate the Wi-Fi hotspot near you.
The data sent by devices can be monitored thus allowing for the detection of the owner’s movements. This system is used by retail chains and special services for tracking users.
There are known cases of this system being used for catching criminals, for instance, when the only information available is the MAC address of the criminal’s laptop and the fact that he is going to turn up in one of the downtown’s restaurants. A similar system, with enough coverage within several seconds, will detect the criminal as soon as he switches on his laptop with a wireless module.
There are more advanced tracking technologies, for instance, Cross-device tracking. In this course we are going to give you a breakdown on this technology since it poses a serious threat to user anonymity. But the real disconcerting thing about it is that even researchers know little about it. Cross-device tracking is similar to the 25th frame effect but makes use of sounds.
Originally, the cross-device tracking technology was about embedding special audio beacons into television advertisements to pick up and process mobile devices and then sending these beacons to the data processing center.
For instance, if you are watching a television advertisement, an audio beacon is triggered. Your mobile phone picks up the beacon and passes on the data about you to the statistics center that collects it to analyze users’ television viewing habits: how many people have seen this ad, what channels and when. Needless to say, that this is a lot more effective than calling and online polls. This technology was supposed to perform a highly accurate analysis of television advertising and target audience, but its development made a detour…
You have to agree that such signal can also be emitted by a laptop whose owner wants to remain anonymous, and his mobile phone, if it is not sufficiently protected from anonymity attacks, will pick up this signal and pass on the data about this user to the data processing center.