Hang With Your Buddies to Resist Intersection Attacks

Some anonymity schemes might in principle protect users from pervasive network surveillance - but only if all messages are independent and unlinkable. Users in practice often need pseudonymity - sending messages intentionally linkable to each other but not to the sender - but pseudonymity in dynamic networks exposes users to intersection attacks. We present Buddies, the first systematic design for intersection attack resistance in practical anonymity systems. Buddies groups users dynamically into buddy sets, controlling message transmission to make buddies within a set behaviorally indistinguishable under traffic analysis. To manage the inevitable tradeoffs between anonymity guarantees and communication responsiveness, Buddies enables users to select independent attack mitigation policies for each pseudonym. Using trace-based simulations and a working prototype, we find that Buddies can guarantee non-trivial anonymity set sizes in realistic chat/microblogging scenarios, for both short-lived and long-lived pseudonyms.Comment: 15 pages, 8 figure

Seeking Anonymity in an Internet Panopticon

Obtaining and maintaining anonymity on the Internet is challenging. The state of the art in deployed tools, such as Tor, uses onion routing (OR) to relay encrypted connections on a detour passing through randomly chosen relays scattered around the Internet. Unfortunately, OR is known to be vulnerable at least in principle to several classes of attacks for which no solution is known or believed to be forthcoming soon. Current approaches to anonymity also appear unable to offer accurate, principled measurement of the level or quality of anonymity a user might obtain. Toward this end, we offer a high-level view of the Dissent project, the first systematic effort to build a practical anonymity system based purely on foundations that offer measurable and formally provable anonymity properties. Dissent builds on two key pre-existing primitives - verifiable shuffles and dining cryptographers - but for the first time shows how to scale such techniques to offer measurable anonymity guarantees to thousands of participants. Further, Dissent represents the first anonymity system designed from the ground up to incorporate some systematic countermeasure for each of the major classes of known vulnerabilities in existing approaches, including global traffic analysis, active attacks, and intersection attacks. Finally, because no anonymity protocol alone can address risks such as software exploits or accidental self-identification, we introduce WiNon, an experimental operating system architecture to harden the uses of anonymity tools such as Tor and Dissent against such attacks.Comment: 8 pages, 10 figure

Me, Myself and I: Aggregated and Disaggregated Identities on Social Networking Services

In this article I explore some of the legal issues arising from the transformation of SNS operators to providers of digital identity. I consider the implications of the involvement of private sector entities in the field of identity management and discuss some of the privacy implications, as well as the prospects for conciliation between online anonymity and pseudonymity, on the one hand, and the need for identifiability and accountability on the other hand.

From Bonehead to @realDonaldTrump : A Review of Studies on Online Usernames

In many online services, we are identified by self-chosen usernames, also known as nicknames or pseudonyms. Usernames have been studied quite extensively within several academic disciplines, yet few existing literature reviews or meta-analyses provide a comprehensive picture of the name category. This article addresses this gap by thoroughly analyzing 103 research articles with usernames as their primary focus. Despite the great variety of approaches taken to investigate usernames, three main types of studies can be identified: (1) qualitative analyses examining username semantics, the motivations for name choices, and how the names are linked to the identities of the users; (2) experiments testing the communicative functions of usernames; and (3) computational studies analyzing large corpora of usernames to acquire information about the users and their behavior. The current review investigates the terminology, objectives, methods, data, results, and impact of these three study types in detail. Finally, research gaps and potential directions for future works are discussed. As this investigation will demonstrate, more research is needed to examine naming practices in social media, username-related online discrimination and harassment, and username usage in conversations.Peer reviewe

The masked demos: Associational anonymity and democratic practice

The increased use of anonymous digital platforms raises substantive concerns about accountability in digital spaces. However, contemporary evaluations of anonymity focus too narrowly on its protective function: its ability to protect a diversity of speakers and ideas. Drawing on two examples of anonymous political engagements – Publius’s writing of the Federalist Papers and college students’ use of the social media platform Yik Yak – we develop an account of anonymity’s associational function: the processes by which people generate and negotiate collective identities, discussions, and actions in wider publics. As we argue, anonymity’s associational function can (1) generate conditions under which individuals develop collective interests and identities to foster collective action, and (2) enable novel interactions between these individuals and communities and the larger publics of which they are part. We conclude with a discussion of how attention to associational anonymity can contribute to a more nuanced account of democracy in practice

The exposure of Kataryna: how Polish journalists and bloggers debatch online anonymity

This article starts with the premise that anonymity is under attack and that we are experiencing the consequences of a slow but steady process of deanonymisation. While we are aware of the ambiguity of anonymity, we want to make an argument in defence of anonymous speech. The social productivity of anonymity will be demonstrated through an analysis of the doxing of Polish blogger Kataryna, whose real life identity was revealed by journalists. Her exposure in 2009 sparked one of the most heated debates in the history of the Polish internet. It triggered a controversy across several newspapers and blogging platforms. Using critical discourse analysis this study investigates how the Kataryna case was constructed, evaluated and interpreted by three traditional daily newspapers and by bloggers on two blogging platforms. The analysis reveals that the debate on online anonymity reflects three underlying conflicts: (1) conflict over the vision of the public sphere, (2) conflict over the professional identities of journalists and bloggers, and (3) conflict over the process of democratisation in Poland

From Social Data Mining to Forecasting Socio-Economic Crisis

Socio-economic data mining has a great potential in terms of gaining a better understanding of problems that our economy and society are facing, such as financial instability, shortages of resources, or conflicts. Without large-scale data mining, progress in these areas seems hard or impossible. Therefore, a suitable, distributed data mining infrastructure and research centers should be built in Europe. It also appears appropriate to build a network of Crisis Observatories. They can be imagined as laboratories devoted to the gathering and processing of enormous volumes of data on both natural systems such as the Earth and its ecosystem, as well as on human techno-socio-economic systems, so as to gain early warnings of impending events. Reality mining provides the chance to adapt more quickly and more accurately to changing situations. Further opportunities arise by individually customized services, which however should be provided in a privacy-respecting way. This requires the development of novel ICT (such as a self- organizing Web), but most likely new legal regulations and suitable institutions as well. As long as such regulations are lacking on a world-wide scale, it is in the public interest that scientists explore what can be done with the huge data available. Big data do have the potential to change or even threaten democratic societies. The same applies to sudden and large-scale failures of ICT systems. Therefore, dealing with data must be done with a large degree of responsibility and care. Self-interests of individuals, companies or institutions have limits, where the public interest is affected, and public interest is not a sufficient justification to violate human rights of individuals. Privacy is a high good, as confidentiality is, and damaging it would have serious side effects for society.Comment: 65 pages, 1 figure, Visioneer White Paper, see http://www.visioneer.ethz.c