Privacy issues of ISPs in the modern web

In recent years, privacy issues in the networking field are getting more important. In particular, there is a lively debate about how Internet Service Providers (ISPs) should collect and treat data coming from passive network measurements. This kind of information, such as flow records or HTTP logs, carries considerable knowledge from several points of view: traffic engineering, academic research, and web marketing can take advantage from passive network measurements on ISP customers. Nevertheless, in many cases collected measurements contain personal and confidential information about customers exposed to monitoring, thus raising several ethical issues. Modern web is very different from the one we experienced few years ago: web services converged to few protocols (i.e., HTTP and HTTPS) and a large share of traffic is encrypted. The aim of this work is to provide an insight about which information is still visible to ISPs, with particular attention to novel and emerging protocols, and to what extent it carries personal information. We illustrate that sensible information, such as website history, is still exposed to passive monitoring. We illustrate privacy and ethical issues deriving by the current situation and provide general guidelines and best practices to cope with the collection of network traffic measurements

Attacking DoH and ECH: Does Server Name Encryption Protect Users’ Privacy?

Privacy on the Internet has become a priority, and several efforts have been devoted to limit the leakage of personal information. Domain names, both in the TLS Client Hello and DNS traffic, are among the last pieces of information still visible to an observer in the network. The Encrypted Client Hello extension for TLS, DNS over HTTPS or over QUIC protocols aim to further increase network confidentiality by encrypting the domain names of the visited servers. In this article, we check whether an attacker able to passively observe the traffic of users could still recover the domain name of websites they visit even if names are encrypted. By relying on large-scale network traces, we show that simplistic features and off-the-shelf machine learning models are sufficient to achieve surprisingly high precision and recall when recovering encrypted domain names. We consider three attack scenarios, i.e., recovering the per-flow name, rebuilding the set of visited websites by a user, and checking which users visit a given target website. We next evaluate the efficacy of padding-based mitigation, finding that all three attacks are still effective, despite resources wasted with padding. We conclude that current proposals for domain encryption may produce a false sense of privacy, and more robust techniques should be envisioned to offer protection to end users

Navegação segura - análise do uso de HTTPS na perspectiva do utilizador final

Dissertação de mestrado em Engenharia de Redes e Serviços Telemáticos, Diretório de InformáticaThe Internet emerged in the late sixties in a scenario marked by the race of world hegemony between USA and USSR. Besides military applications, it was also initially used by researchers, academics, and college students, enabling file transfer between hosts. After the nineties the Internet reached the general public. It was then focused on other purposes, such as access to hypermedia, social networks, advertising and even products sale. Given the diversification of these accesses, the adoption of protocols for safe browsing has be come essential to protect user’s information. Combined with the classification of encrypted traffic, using appropriate techniques for this purpose, this paper aims to analyze the use of HTTPS pro tocol in various browsing scenarios once considered safe. Through testing scenarios, this research intends to verify changes and impacts that this protocol promotes regarding the data collection from the users during the Internet access experience.A Internet surgiu no final da década de sessenta em um cenário marcado pela disputa da hegemonia mundial entre EUA e URSS. Além de aplicações militares, ela foi utilizada inicial mente por pesquisadores, académicos e estudante universitários, possibilitando a transferência de arquivos entre hospedeiros. A partir da década de noventa a Internet chegou ao grande público. Passou, então, a ser utilizada para outros propósitos, como o acesso a hipermídias, redes sociais, publicidade e até venda de produtos. Diante da diversificação desses acessos, a adoção de protocolos para navegação segura tornou se essencial para proteção das informações dos utilizadores. Aliado à classificação de tráfego encriptado, utilizando técnicas apropriadas para o efeito, este trabalho tem por objetivo analisar o uso do protocolo HTTPS em vários cenários de navegação considerados seguros. Através de cenários de teste, pretende-se verificar mudanças e impactos que este protocolo repercute quanto à exposição de dados na experiência de acesso à Internet de um utilizador final

Adblocking im Internet und seine lauterkeitsrechtliche Bewertung

Die Arbeit untersucht, inwieweit der Vertrieb von Hilfsmitteln zur Blockade, also dem Nichtabruf oder der Nichtanzeige, von in Internetangeboten oder internetfähigen Produkten integrierter Werbung einen Verstoß gegen §§ 4 Nr. 4 und 4a UWG darstellt. Dabei wird zwischen Werbeblockern differenziert, die sämtliche Werbung blockieren (Totalblocker) und solchen, die (ggf. erst anbieterseitig aufzunehmende) Ausnahmen von der Blockade zulassen (differenzierende Werbeblocker). Die Arbeit vertritt die Hypothese, dass der Vertrieb von Werbeblockern grundsätzlich keine der genannten Normen verletzt, lediglich in atypischen Sonderfällen kann ein lauterkeitsrechtliches Verbot sowohl von Totalblockern als auch differenzierenden Blockern auf sie gestützt werden