No anonymity
Hi% username%! I wanted to show and tell you part of my research on the investigation of this world that I spoke at the Zeronights 2014 conference. The topic was about deanonymization, but there were more questions based on the data, so I decided to talk about it separately.
Well, are you aware that sites collect data about your visit, where did you come from, where do you go, your requests, ip addresses? Now you remember what time and what date you were looking for.
Actually, here is an example of data . They covered Fitch, an example of the data in the comments :)
It’s yours,% username%. If you have a blank page, perhaps you are using the Ghostery, Adblock, Noscript plugins - give the link to your friend, I hope you will be surprised.
Data. The usual data about users who collect a lot of sites. Include search queries, browsers, ip-addresses, visited sites. On them is built age, gender, interests. And this is just one of the examples that one of the many companies has gathered.
Before showing you an ad, they’ll collect data about you where you go and why, then analyze them. They will understand your approximate age, carry you to certain interests, determine your solvency. But it’s true that if I am sitting on the forum of cyclists, it’s nice to show me an advertisement for bicycle accessories, rather than pink panties with ultra-modern elastic from the new collection of European fashion designers.
You go to the lifebol.lol website.
The system assigns you an identifier, for example - 0001 and creates a cookie user = 0001. Itself writes:
Then he goes to the site barefoot.lol , from the site search.lol /? Search = naked + but + not + funny , here you can create 3 records at once.
If on site 1 there is no bug, but you follow the link to site 2, passing the referer, the "system" will already know that you were on both.
Well this is the most primitive option. Only such data are hundreds, thousands of times more. In addition, the devices used are going to (rule of three), your movement, the rest you put on display in social networks.
Because they are exchanged. Imagine, I am a large social network. And you are a store. It’s beneficial for you to know who visits the store; you won’t know without me. And to show ads, it’s also beneficial for me to know. So let's wave without looking?
Debatable. Information is anonymized. Is personal information that a user with the identifier 0001 went to lifebol.lol? And the fact that the user with the identifier 0001 visits the bare asses. Lol on weekends? And the fact that the user with the identifier 0001 has id53083705 on vk.com? Where is the line?
Everything. And whoever has a large resource, but does not collect, is a fool. This is modernity and there is no getting away from it. If you are the owner of the site - most likely you also collect data and send it to uncles who will show you ads. Not? Are you sure?
Now let's go through the main data sources. Most of the information, as I believe, is from Google. I am sure that she knows more about you than you do.
It is logical that advertising banners themselves are information collectors.
For example, Yandex.Metrica with the Webvisor function is a full-fledged keylogger. Put some private chat and Yandex.Metrica and watch what users write. And the counters purely functionally need to collect data.
Do you refer to other people's resources?
Not all. At a minimum - skips, as a maximum - everything is bought and sold .
Well, okay. In addition to cookies, there are many more ways to assign a unique identifier to a user's browser. And it is already being used.
No problem. Providers will sell data about the sites you visit. Here is a list of providers whose data can be bought through the imaker system , about which ValdikSS already wrote
Want to become a spy site? Connect the counter to the site and welcome to the team!
Congratulations, you are now attracting attention! However, I am not sure that the services interested in this monitor suspicious traffic. In general, in the place of services interested in this, I would use deanonymization in practice.
Be sure to read, watch or listen to the speech of Steve Rambam at the Hackers On Planet Earth conference there is no anonymity, reconcile . Live and Enjoy Life. Nothing will change anyway.
Other examples on slides .
Well, are you aware that sites collect data about your visit, where did you come from, where do you go, your requests, ip addresses? Now you remember what time and what date you were looking for.
It’s yours,% username%. If you have a blank page, perhaps you are using the Ghostery, Adblock, Noscript plugins - give the link to your friend, I hope you will be surprised.
What was it?
Data. The usual data about users who collect a lot of sites. Include search queries, browsers, ip-addresses, visited sites. On them is built age, gender, interests. And this is just one of the examples that one of the many companies has gathered.
Why is this data to third parties?
Before showing you an ad, they’ll collect data about you where you go and why, then analyze them. They will understand your approximate age, carry you to certain interests, determine your solvency. But it’s true that if I am sitting on the forum of cyclists, it’s nice to show me an advertisement for bicycle accessories, rather than pink panties with ultra-modern elastic from the new collection of European fashion designers.
How is the data collected?
You go to the lifebol.lol website.
The system assigns you an identifier, for example - 0001 and creates a cookie user = 0001. Itself writes:
March 15-43, user 0001 logged in with the xxxx ip address, User-agent: Calculator 1.2, lifebol.lol site
Then he goes to the site barefoot.lol , from the site search.lol /? Search = naked + but + not + funny , here you can create 3 records at once.
20-43 On March 27, user 0001 came in from the ip address xxxx, the site search.lol /? Search = naked, + but + not + funny
March 20-43, with the xxxx ip address, the search query “naked but not funny”
March 20-43, user 0001 came in from the ip address xxxx, the site is bare popol.lol
If on site 1 there is no bug, but you follow the link to site 2, passing the referer, the "system" will already know that you were on both.
Well this is the most primitive option. Only such data are hundreds, thousands of times more. In addition, the devices used are going to (rule of three), your movement, the rest you put on display in social networks.
Why is there so much data?
Because they are exchanged. Imagine, I am a large social network. And you are a store. It’s beneficial for you to know who visits the store; you won’t know without me. And to show ads, it’s also beneficial for me to know. So let's wave without looking?
Yes, this is personal data! It's illegal!
Debatable. Information is anonymized. Is personal information that a user with the identifier 0001 went to lifebol.lol? And the fact that the user with the identifier 0001 visits the bare asses. Lol on weekends? And the fact that the user with the identifier 0001 has id53083705 on vk.com? Where is the line?
So who collects this data?
Everything. And whoever has a large resource, but does not collect, is a fool. This is modernity and there is no getting away from it. If you are the owner of the site - most likely you also collect data and send it to uncles who will show you ads. Not? Are you sure?
Now let's go through the main data sources. Most of the information, as I believe, is from Google. I am sure that she knows more about you than you do.
Advertising
It is logical that advertising banners themselves are information collectors.
Counters and analytics
For example, Yandex.Metrica with the Webvisor function is a full-fledged keylogger. Put some private chat and Yandex.Metrica and watch what users write. And the counters purely functionally need to collect data.
Plug-in fonts, libraries, pictures
Do you refer to other people's resources?
I have a super plugin that blocks everything
Not all. At a minimum - skips, as a maximum - everything is bought and sold .
I erase the cookie every 34 seconds, change the user-agent and my keyboard
Well, okay. In addition to cookies, there are many more ways to assign a unique identifier to a user's browser. And it is already being used.
I generally view sites through the console
No problem. Providers will sell data about the sites you visit. Here is a list of providers whose data can be bought through the imaker system , about which ValdikSS already wrote
Want to become a spy site? Connect the counter to the site and welcome to the team!
I look at sites through the console, through neighbor Wi-Fi, change my Mac address, flash, js is disabled, for double-vpn from different countries.
Congratulations, you are now attracting attention! However, I am not sure that the services interested in this monitor suspicious traffic. In general, in the place of services interested in this, I would use deanonymization in practice.
What to do?
Be sure to read, watch or listen to the speech of Steve Rambam at the Hackers On Planet Earth conference there is no anonymity, reconcile . Live and Enjoy Life. Nothing will change anyway.
Other examples on slides .