CS006 - Privacy

Which companies described in the lecture slides suffered from data breaches?

-Dropbox (email addresses, passwords) -Linkedin (email addresses, passwords)

Why do people reveal themselves online?

1. Follow "nothing to hide, nothing to fear" principle 2. People voluntarily disclose information online to create online presence/persona

What is Personally Identifiable Information (PII)?

Any information about a person that can be used to identify them. ex. Date, place of birth, biometric records

What are hardware fingerprinting

Data is recorded about the device's hardware to generate a unique fingerprint. This can include the number of CPU cores, the GPU model, whether the device has a touch screen, etc.

True or false: Scraping is illegal

False. Scraping is pretty much legal because it is public information, but selling the data is not legal

True or false: Linkedin scraping is considered a data breach

False. The data was available publicly and so it was easily stolen

What amendments are associated with privacy?

First, Third, Fourth, Fifth, Ninth ( Fuk these shts)

What are LinkedIn Scraped Data?

Linkedin was targeted by attackers who scraped data from hundreds of millions of public profiles and later sold them online

What is digital privacy?

Protection and personal information and the right to control and secure one's digital activity/behavior and data associated with it

What are Super Cookies?

Super cookies are stored in obscure locations like local storage, IndexedDB, web cache allows for a unique identifier to be surreptitiously stored that persists after removal of regular cookies

What are user credentials?

Used to authenticate unique user of a service/website ex. Username/password

What is Audio Context Fingerprinting

Uses Web Audio API to generate unique fingerprint based on how the device processes audio

What is browser fingerprinting?

Web browsers have unique characteristics that can be used to identify user -browser version, type of operating system and version, screen resolution, time zone, plugins and extensions installed, etc.

What is WebGL fingerprinting?

WebGL API to render 3D graphics in the browser, similar to canvas fingerprinting where image varies from one device to another to create unique fingerprint

What is device fingerprinting?

technique used by online trackers to gather unique characteristics about a device/user. Used for targeted advertising (personalized ads) as well as security/fraud prevention

What is data scraping?

the collection of information from website/computer screen and putting it into ordered document

What is the definition of Privacy?

the right of people to choose freely and under what circumstances and to what extent they will reveal themselves, attitude, and behavior to others

What is credential stuffing?

type of cyberattack where malicious actor uses a large number of stolen username/passwords to attempt to access user accounts on various websites or services

What is canvas fingerprinting?

website draw invisible image using HTML5 canvas element where image varies from one device to another -operating system -graphics card -installed fonts

What is password reuse?

when same password is used across multiple websites creating a master password When master password is guessed, can access all other accounts