Chapter 6: Tracking and Surveillance

Question 1

What is UDP?

Answer 1

User Datagram Protocol

It is a protocol that sits on top of IP and is used to transmit data

Question 2

What is the main difference between TCP and UDP?

Answer 2

TCP guarantees delivery, UDP does not

This allows UDP to transmit faster when speed is more important than reliability (for example, video streaming)

Question 3

List 3 mail server protocols

Answer 3

Internet Message Access Protocol (IMAP)
Post Office Protocol (POP)
POP3

Question 4

Which mail server protocol erases data from the server once it is downloaded?

Answer 4

POP and POP3 (depending on configuration)

Question 5

Which method of sending data to a web server includes additional information in the URL? Get or Post?

Answer 5

Get

Question 6

What part of a message is required to route it to the proper destination?

Answer 6

The IP header

Question 7

What do you call it when network hardware examines the full body of a message?

Answer 7

Deep packet inspection

Question 8

What is the purpose of deep packet inspection?

Answer 8

• Determine whether or not the packets contain malicious content
• Help prevent data leaks (DLP)
• Track users’ online behavior (advertisers)
• Censor or track citizens’ online behaviors (government)
• Allows network traffic and bandwidth shaping based on the content of a packet
• Determine the type of content being sent from one host to another (to apply rate limits)

Question 9

List 2 common attacks performed through Wi-Fi eavesdropping

Answer 9

Packet-sniffing systems

HTTP session hijacking or side-jacking

Question 10

List 4 Wi-Fi encryption schemes

Answer 10

WEP - Wired Equivalent Privacy
WPA - Wi-Fi Protected Access
WPA2
WPA3

Question 11

Which Wi-Fi encryption schemes are considered secure?

Answer 11

WPA2

WPA3

Question 12

How can spyware monitor user activities?

Answer 12

Capturing cookies to determine browsing history
Performing screen captures and transmitting images back to the attacker
Keylogging

Question 13

Does HTTPS provide anonymity?

Answer 13

No - network observers still can see the source and destination of traffic

Question 14

What are first-party cookies?

Answer 14

Those set by the primary page that the user is visiting

Question 15

What are third-party cookies?

Answer 15

Cookies set from all companies other than the primary website whose URL is displayed in a browser

Question 16

What are beacons or web bugs?

Answer 16

Elements used for tracking that are not visible to the user in the rendered web page

Question 17

What are the 2 types of cookies?

Answer 17

Session

Persistent

Question 18

What is URL rewriting?

Answer 18

Websites tracking the links a user clicks on a web page

Question 19

Which technology can use a computers Media Access Control (MAC) address for tracking?

Answer 19

IPv6

Question 20

What means of storage is used by the Adobe Flash plug-in?

Answer 20

Local Shared Objects (LSOs)

AKA Flash cookies

Question 21

Where are LSOs stored?

Answer 21

On the hard drive, separate from HTTP cookies (so clicking clear cookies may not clear LSOs)

Question 22

How do many website respawn cookies?

Answer 22

They use LSOs to respawn deleted information

Question 23

Internet Explorer has it’s own way of storing data on the local hard drive, this is called…

Answer 23

userData storage

Not cleared when cookies are deleted!

Question 24

What is a pixel hack?

Answer 24

A unique identifier is written into a minuscule image, generated on the fly, in the form of the color values for one or more pixels
Since images are often cached, or stored locally by the browser to avoid having to download the resource again in the future, these tracking values can often be retrieved later

Question 25

How does HTML5 store information locally?

Answer 25

``` Either Document Object Model (DOM) storage or web storage Session storage (for a browser window) ```

Question 26

What is an entity tag?

Answer 26

``` Entity tags (ETags) are HTTP headers that allow a browser to permanently tag a previously viewed resource ETags are generally not deleted when a user clears their cookies; rather, ETags may be deleted when a user clears the browser’s cache ```

Question 27

What is an Evercookie?

Answer 27

* In 2010, a security researcher prototyped a tracking mechanism, the “Evercookie,” designed to be extremely difficult to delete * The Evercookie combined multiple techniques, storing unique identifiers in more than ten different locations on a user’s computer * If data from one storage location were deleted, this data would be respawned from other locations

Question 28

How can javascript identify links that a user has previously clicked?

Answer 28

Web browsers show links on a page that have already been visited in a different color JavaScript can access the color property

Question 29

What is browser history stealing or sniffing?

Answer 29

An unscrupulous page can include thousands of invisible links to popular sites and then use JavaScript to query the color of those links and learn whether a particular page has been visited by the client browser

Question 30

What is browser fingerprinting?

Answer 30

Leveraging the unique characteristics of an individual user’s browser—the fonts installed, the particular version of the browser running, the idiosyncrasies of a particular graphics card—as a semi-stable, unique identifier in place of cookies

Question 31

How can images be used to confirm a user opened an email?

Answer 31

HTML code sent in an email to that user can request that content uniquely tied to that user be downloaded automatically from a remote server when the message is opened by the recipient

Question 32

What 2 approaches do companies use to facilitate cross-device tracking?

Answer 32

Deterministic | Probalistic

Question 33

Provide examples of how companies use probalistic matching to match users across devices

Answer 33

* Matching IP addresses | * Cookies, location and behavioral data

Question 34

How does the Do Not Track (DNT) feature work in web browsers?

Answer 34

* HTTP header sent alongside requests for web content * Header can indicate that the user has requested not to be tracked * Does not actually block communication * Relies on companies to honor this request * Mostly a failure and abandoned

Question 35

What is P3P?

Answer 35

* Platform for Privacy Preferences Project (P3P) tokens * Machine-readable language with which websites can express their privacy practices * The default setting in the Internet Explorer 6 through 10 web browsers blocked third-party cookies when they do not have P3P tokens and when they have P3P tokens indicating a privacy policy considered unsatisfactory by Microsoft’s criteria * IE is the only browser who used it * P3P not widely adopted by websites

Question 36

Name 3 third-party browser extensions for privacy

Answer 36

* Disconnect * Ghostery * Privacy Badger

Question 37

Name 2 general-purpose browser add-ons that can limit web tracking

Answer 37

* Adblock Plus (Firefox and Chrome) - blocks many advertisers * NoScript (Firefox) - disables JavaScript and Flash

Question 38

What does Mozilla's Lightbeam tool do?

Answer 38

Presents a visualization of which third parties track users across particular websites

Question 39

What is functional privacy?

Answer 39

Users’ willingness to aim for as much privacy as they can get without breaking the functionality of what they hope to accomplish

Question 40

What privacy functionality does the DuckDuckGo browser offer?

Answer 40

Does not use HTTP cookies except to save preferences about the page layout a user has chosen, nor does it allow the HTTP Referer field to contain information about the search query

Question 41

What privacy functionality does the TrackMeNot add-on in Firefox and Chrome offer?

Answer 41

Protects a user’s privacy by issuing decoy queries to major search engines

Question 42

How are phone locations determined?

Answer 42

After determining the phone’s position relative to a handful of towers whose locations are known by the cellular provider, the position of the phone can then be determined geometrically through triangulation Wi-Fi signals a phone receives can help determine its location

Question 43

Is location divulged when using GPS?

Answer 43

No, devices receive and do not transmit any signals in the GPS process, devices do not automatically reveal their location Though, a smartphone that determines its own location by receiving signals from GPS satellites might subsequently, and automatically, share that information with an app or the phone provider

Question 44

What are the 2 RFID chip types?

Answer 44

* Passive | * Active

Question 45

What is the main difference between passive and active RFID chips?

Answer 45

Active has its own power source, passive does not

Question 46

How do RFIDs work?

Answer 46

The unique serial number associated with each RFID tag allows for location tracking If additional information is stored on the tag, the reader is also able to pick up that information

Question 47

How can phones be located within buildings?

Answer 47

Receivers installed within the building complex

Question 48

Why does the FCC require that phone location be trackable?

Answer 48

In case an emergency 911 call is placed

Question 49

What is near-field communication (NFC)?

Answer 49

Technology that can support location-based advertising via radio waves when the phone is in close proximity

Question 50

How can privacy be respected when dealing with location-tracking technologies?

Answer 50

* Should only be included when there is a direct benefit * Should be opt-in rather than opt-out * Users should be able to see what is stored about them and delete or update any past location data

Question 51

What is a roving bug?

Answer 51

Remotely activated smartphone microphone

Question 52

Who is allowed to use remotely activated cell phone-based audio surveillance?

Answer 52

FBI

Question 53

What are Remote Access Trojans (RATs)?

Answer 53

Malware that allows an attacker to take control of the camera or microphone

Question 54

What privacy issues exist with smart TVs?

Answer 54

* Voice commands are sent to remote servers for processing - this data could be compromised * Malware can repurpose the microphones into surveillance devices * Some smart televisions track what you watch

Question 55

What is automated content recognition (ACR)?

Answer 55

Technology used by smart TVs to determine what the user is watching

Question 56

Why is CCTV and Facial Recognition become such an important topic?

Answer 56

The increase in the number of cameras out there combined with advances in the accuracy of facial recognition

Question 57

What privacy issues exist with voice over IP systems?

Answer 57

* Researchers have demonstrated that simply having access to the encrypted version of a message may be sufficient for using linguistic techniques to reconstruct the call if certain types of encryption are used * Metadata about a communication can often leak a large amount of the communication

Question 58

What is ubiquitous computing (or ubicomp)?

Answer 58

Refers to the transition of computing from purpose-built, independent computing devices to computing that occurs at all times and in all places

Question 59

What is a smart city?

Answer 59

Sometimes, the concept of a smart city refers to a city that aggregates and makes available existing data from its traditional functions in an open format and to all citizens The concept of a smart city is also used to describe cities that introduce large numbers of new sensors and actuators, adding computerized sensing and control to systems that did not previously have such capabilities • tracking devices on government-owned vehicles • automated license plate readers to track nongovernment vehicles similarly • Analytics for utility systems • Cameras for a multitude of reasons • Street corner sensors to detect environmental factors, gunshots or the movement of pedestrians

Question 60

Why are accelerometers in smartphones a privacy risk?

Answer 60

* An accelerometer alone, even without persistent location awareness, can determine the distance traveled and therefore leak information about the user’s location relative to a previous position * It can also leak information about the passwords a user types into their phone

Question 61

What is a major difficulty in communicating privacy information for IoT devices?

Answer 61

They often lack a user interface