marco ghiglieri
play

Marco Ghiglieri Web 2.0 Security & Privacy 2014 Workshop In - PowerPoint PPT Presentation

Dec 06, 2022 •27 likes •287 views

I Know What You Watched Last Sunday A New Survey of Privacy in HbbTV May 18, 2014 Marco Ghiglieri Web 2.0 Security & Privacy 2014 Workshop In conjunction with the IEEE Symposium on Security and Privacy May 18, 2014 | I Know What You

  1. I Know What You Watched Last Sunday A New Survey of Privacy in HbbTV May 18, 2014 Marco Ghiglieri Web 2.0 Security & Privacy 2014 Workshop In conjunction with the IEEE Symposium on Security and Privacy May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 1

  2. What is a Smart Entertainment Device ? May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 2

  3. Smart Entertainment Devices  Smart TVs, Set-Top Boxes, Hi- Fi systems, …  Often as powerful as desktop computers  Interface to the Internet like Wi-Fi and/or LAN  Cameras, Microphones, Motion Sensors , … In this talk: Smart TVs & Set-Top Boxes with HbbTV support May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 3

  4. What is HbbTV and how does it work ? May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 4

  5. HbbTV (Hybrid broadcast broadband TV)  HbbTV (Hybrid broadcast broadband TV)  Pan-European Standard for the presentation of Internet content on a Smart TV or set-top box (Internet technologies like HTML, CSS and JavaScript)  Almost every new Smart TV model supports HbbTV  Discussions about using HbbTV standard worldwide  Long Term: Replacement for Teletext May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 5

  6. The way from a conventional TV to a Smart TV Time DVB Digital Video Broadcast  Cable, terrestrial, satellite  One direction Internet  Start signal for HbbTV Internet  Bidirectional  HbbTV Red Button  HbbTV application May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 6

  7. What kind of data is transferred ? May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 7

  8. What kind of data is transferred ? User Interaction Start of an HbbTV Showing the Start of an HbbTV „Red Button“ Channel application Time Start-Up Requests Periodic Requests   Scripts like (ext.) tracking services Preloading of content, tracking and (pers.) advertisements  Images (channel logos)  Time period 1s – 15 min  HTML, JS, CSS for HbbTV May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 8

  9. How can the collected data be used ? May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 9

  10. Consumers may be tracked  Disclaimer: We do not know if this data is processed.  But , tracking services are not just for fun implemented !  Data is sent before consumers use the HbbTV functionality  Before pressing the „ Red Button“  Broadcasting stations and other third parties are able to track consumers while watching TV or listening to radio May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 10

  11. Personalized Advertisements can be shown  Possibility to show personalized ads to user  On one channel we saw this already. (pers.) Ads  Change the running program in (almost) real time May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 11

  12. Summary of Results in the Smart TV Scenario 2012 2014 Trend Number of Channels 11 26 2012: June – Dec. 2012 2014: January & Feb. 2014 Channels with Tracking 7 8 Services (3rd party)  Some channels we have checked in 2012 have improved their traffic  ARD, Pro Sieben, Sat.1, Kabel.1, Puls 4 Austria  Bibel TV deactivated HbbTV  New channels in this survey used tracking services  RTL , VOX, RTL2, sonneklar.tv, QVC, RTVE  Trackers found were INFOnline, IVW, Google Analytics, etracker and Scorecard Research  More details can be found in the article May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 12

  13. How does HbbTV on digital satellite radio work ? May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 13

  14. Architecture of a Typical Satellite Environment Not necessary in this scenario May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 14

  15. Background: Data may be Used to Count Number of Listeners  One satellite radio sender group (over 20 radio channels) uses HbbTV to deliver information to people listening to radio on a Smart TV  If the set-top box is only connected to an Hi-Fi system the HbbTV notification is loaded from the Internet   Hidden counting of people is possible May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 15

  16. Results in the Radio Scenario  Analyzed in January and Feburary 2014  Over 20 radio channels deploy HbbTV  The broadcasting provider also operates many TV channels: ARD group.  It is possible to create a profile of a consumer consisting of a chain of channels  For example: Turn to Channel 1, Channel 2, Radio Channel 2, Radio Chanel 1,… May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 16

  17. What can a consumer do ? May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 17

  18. What can a consumer do ? Deactivate data services or disconnect your TV or set- top box  No Smart TV anymore, no Internet Radio We have developed a method to protect users‘ privacy What can be done by manufactures or broadcasting stations ? Long Term: Short Term: Modification of the HbbTV standard Modification of HbbTV applications May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 18

  19. Raspberry Pi as Protection Gateway Small, cheap, easy to install Compatible with the HbbTV standard May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 19

  20. Raspberry Pi connected to the Set-Top Box May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 20

  21. Software used on Raspberry Pi  Linux based: Mitmproxy  Custom script  Dynamic Detection of HbbTV applications <object type="application/oipfApplicationManager" id="oipfAppMan"></object> May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 21

  22. Next Tasks / Future Work  Development of a system that can measure the viewing behavior with PET (Privacy Enhancing Technologies)  The number of Smart Devices is increasing ! More research for the right level of protection is required.  Long Term: Security Gateway for the Smart Home May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 22

  23. The End: The Talk at a Glance  HbbTV is a great functionality  Much data is transferred before consumers use HbbTV  The methods and techniques used should be HbbTV Internet traffic more privacy-friendly  Simple Protection System with Raspberry Pi Red No traffic to the Internet Button Green No user interaction Button May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 23

  24. Contact Marco Ghiglieri, M.Sc. Technische Universität Darmstadt Security in Information Technology Mornewegstraße 30 64293 Darmstadt, Germany http://www.sit.informatik.tu-darmstadt.de/ marco.ghiglieri@sit.tu-darmstadt.de May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 24

  25. Appendix May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 25

  26. Appendix The references can be found in the publication „ I Know What You Watched Last Sunday “ and are not listed here. List of Photographers/Source of Pictures  Slide 1: Erik Tews/CASED  Slide 5: Teletext/Wikipedia EN  Slide 6,7,8,11,13,19,20,21,23: Marco Ghiglieri/CASED May 18, 2014 | I Know What You Watched Last Sunday | Marco Ghiglieri | 26

Recommend

Transport coefficients of QCD at NLO Jacopo Ghiglieri, CERN in collaboration with Guy Moore and

Transport coefficients of QCD at NLO Jacopo Ghiglieri, CERN in collaboration with Guy Moore and

Transport coefficients of QCD at NLO Jacopo Ghiglieri, CERN in collaboration with Guy Moore and Derek Teaney SEWM2018, Barcelona, June 27 2018 Outline Transport coefficients: introduction and motivation Transport from an effective

1.17k views • 67 slides
Inference, Learning and Laws of Nature Salvatore Frandina 1 Marco Gori 1 Marco Lippi 1 Marco

Inference, Learning and Laws of Nature Salvatore Frandina 1 Marco Gori 1 Marco Lippi 1 Marco

Introduction Variational Laws of Nature Summary Bridging Logic and Perception Inference, Learning and Laws of Nature Salvatore Frandina 1 Marco Gori 1 Marco Lippi 1 Marco Maggini 1 Stefano Melacci 1 1 University of Siena, Italy NeSy 13

493 views • 22 slides
NEOCC observations with the ESA OGS, VLT, and LBT Marco Micheli (marco.micheli@esa.int) NEO

NEOCC observations with the ESA OGS, VLT, and LBT Marco Micheli (marco.micheli@esa.int) NEO

Observers Meeting NEOCC observations with the ESA OGS, VLT, and LBT Marco Micheli (marco.micheli@esa.int) NEO Statistics ~ 13 700 known NEOs of which ~ 510 (4 %) have impact solutions (VIs) in the next century (according to NEODyS

590 views • 22 slides
Reasoning with Deep Learning: an Open Challenge Marco Lippi marco.lippi@unimore.it Marco Lippi

Reasoning with Deep Learning: an Open Challenge Marco Lippi marco.lippi@unimore.it Marco Lippi

URANIA Workshop Genova, November 28th, 2016 Reasoning with Deep Learning: an Open Challenge Marco Lippi marco.lippi@unimore.it Marco Lippi Reasoning with Deep Learning 1 / 22 The connectionism vs. symbolism dilemma A central question in AI

384 views • 22 slides
Multicore debugging from a SW compiler perspective Marco Roodzant, marco@ace.nl ACE Associated

Multicore debugging from a SW compiler perspective Marco Roodzant, marco@ace.nl ACE Associated

MAD2013 Multicore debugging from a SW compiler perspective Marco Roodzant, marco@ace.nl ACE Associated Compiler Experts Amsterdam, The Netherlands Products and services for professional compiler developers www.ace.nl version Presentation

272 views • 10 slides
Two lesser-known works Marco Huysmans Ni Hao - Good afternoon; my name is Marco Huysmans.

Two lesser-known works Marco Huysmans Ni Hao - Good afternoon; my name is Marco Huysmans.

Two lesser-known works Marco Huysmans Ni Hao - Good afternoon; my name is Marco Huysmans. Let me start by saying how very honoured I am to be standing here today in the company of so many eminent scholars and distinguished guests who

447 views • 22 slides
C-SPARQL: A Continuous Extension of SPARQL Marco Balduini marco.balduini@polimi.it Share,

C-SPARQL: A Continuous Extension of SPARQL Marco Balduini marco.balduini@polimi.it Share,

Stream Reasoning For Linked Data M. Balduini, J-P Calbimonte, O. Corcho, D. Dell'Aglio, E. Della Valle, and J.Z. Pan http://streamreasoning.org/sr4ld2013 C-SPARQL: A Continuous Extension of SPARQL Marco Balduini marco.balduini@polimi.it

528 views • 38 slides
Marco Cavallo Merging Worlds: A Location-based Approach to Mixed Reality Marco Cavallo Master

Marco Cavallo Merging Worlds: A Location-based Approach to Mixed Reality Marco Cavallo Master

Marco Cavallo Merging Worlds: A Location-based Approach to Mixed Reality Marco Cavallo Master Thesis Presentation POLITECNICO DI MILANO Introduction: A New Realm of Reality 2 http://www.samsung.com/sg/wearables/gear-vr/ Marco Cavallo

608 views • 47 slides
C-SPARQL: A Continuous Extension of SPARQL Marco Balduini marco.balduini@polimi.it Share,

C-SPARQL: A Continuous Extension of SPARQL Marco Balduini marco.balduini@polimi.it Share,

Stream Reasoning for Linked Data M. Balduini, J-P Calbimonte, O. Corcho, D. Dell'Aglio, E. Della Valle http://streamreasoning.org/events/sr4ld2014 C-SPARQL: A Continuous Extension of SPARQL Marco Balduini marco.balduini@polimi.it Share,

707 views • 37 slides
Matrix Calculus Marco Chiarandini (marco@imada.sdu.dk) Department of Mathematics and Computer

Matrix Calculus Marco Chiarandini (marco@imada.sdu.dk) Department of Mathematics and Computer

FF505 Computational Science Matrix Calculus Marco Chiarandini (marco@imada.sdu.dk) Department of Mathematics and Computer Science (IMADA) University of Southern Denmark Resume Vectors and Matrices MATLAB, numerical computing vs symbolic

456 views • 20 slides
California Public Records Act Marco A. Gonzalez marco@coastlawgroup.com March 18, 2015 When

California Public Records Act Marco A. Gonzalez marco@coastlawgroup.com March 18, 2015 When

California Public Records Act Marco A. Gonzalez marco@coastlawgroup.com March 18, 2015 When information which properly belongs to the public is systematically withheld by those in power, the people soon become ignorant of their own

1.03k views • 59 slides
Reviews Using Off-The-Shelf Argumentation Mining Marco Passon*, Marco Lippi, Giuseppe Serra* ,

Reviews Using Off-The-Shelf Argumentation Mining Marco Passon*, Marco Lippi, Giuseppe Serra* ,

Predicting the Usefulness of Amazon Reviews Using Off-The-Shelf Argumentation Mining Marco Passon*, Marco Lippi, Giuseppe Serra* , Carlo Tasso* * University of Udine University of Modena and Reggio Emilia Artificial Intelligence Laboratory

471 views • 18 slides
I nternet , intranet and W eb I ntroduction Marco Solieri marco.solieri@lipn.univ-paris13.fr Info

I nternet , intranet and W eb I ntroduction Marco Solieri marco.solieri@lipn.univ-paris13.fr Info

I nternet , intranet and W eb I ntroduction Marco Solieri marco.solieri@lipn.univ-paris13.fr Info et Rseaux en Apprentissage, Sup Galile, Paris 13 November 3 rd, 2014 C ontent overview Lectures: 1 Internet technologies: application

228 views • 4 slides
History and Community Marco Gil-Cervantes Chief Executive marco@promo.cymru 07970 662341

History and Community Marco Gil-Cervantes Chief Executive marco@promo.cymru 07970 662341

History and Community Marco Gil-Cervantes Chief Executive marco@promo.cymru 07970 662341 @marcogilcer To work with local communities and beyond, to create a centre of excellence to be proud of, in which people can participate , learn,

384 views • 17 slides
Elastic distinguishability metrics for Location Privacy Marco Stronati marco@stronati.org joint

Elastic distinguishability metrics for Location Privacy Marco Stronati marco@stronati.org joint

Elastic distinguishability metrics for Location Privacy Marco Stronati marco@stronati.org joint work with K. Chatzikokolakis and C. Palamidessi 1 / 14 Privacy for LBS Goal: limit semantic inference (not anonymity) Reasonable utility for

701 views • 30 slides
C-SPARQL:Hands on Session Marco Balduini marco.balduini@polimi.it Share, Remix, Reuse

C-SPARQL:Hands on Session Marco Balduini marco.balduini@polimi.it Share, Remix, Reuse

Stream Reasoning For Linked Data M. Balduini, J-P Calbimonte, O. Corcho, D. Dell'Aglio, E. Della Valle, and J.Z. Pan http://streamreasoning.org/sr4ld2013 C-SPARQL:Hands on Session Marco Balduini marco.balduini@polimi.it Share, Remix, Reuse

463 views • 29 slides
Introduction to the course Marco Chiarandini (marco@imada.sdu.dk), Claudio Pica

Introduction to the course Marco Chiarandini (marco@imada.sdu.dk), Claudio Pica

FF505 Computational Science Introduction to the course Marco Chiarandini (marco@imada.sdu.dk), Claudio Pica (pica@cp3-origins.net, Paolo Sibani (paolo.sibani@sdu.dk) a joint course between IMADA and FKF University of Southern Denmark Course

806 views • 16 slides
Overview of hadrontherapy Marco Schwarz marco.schwarz@apss.tn.it Why hadrons? From physics to

Overview of hadrontherapy Marco Schwarz marco.schwarz@apss.tn.it Why hadrons? From physics to

Proton Therapy Department Trento Hospital Trento(IT) Overview of hadrontherapy Marco Schwarz marco.schwarz@apss.tn.it Why hadrons? From physics to biological effect From physics to technology Hadron-specific medical physics issues Why

798 views • 65 slides
Network Valuation in Financial Systems Paolo Barucca*, Marco Bardoscia, Fabio Caccioli, Marco

Network Valuation in Financial Systems Paolo Barucca*, Marco Bardoscia, Fabio Caccioli, Marco

Network Valuation in Financial Systems Paolo Barucca*, Marco Bardoscia, Fabio Caccioli, Marco DErrico, Gabriele Visentin, Guido Caldarelli, Stefano Battiston * University of Zurich CoSyDy - July 6, Queen Mary University of IMT Lucca London

184 views • 16 slides
Programming: Control Flow Functions, Graphics Marco Chiarandini (marco@imada.sdu.dk) Department

Programming: Control Flow Functions, Graphics Marco Chiarandini (marco@imada.sdu.dk) Department

FF505/FY505 Computational Science Lecture 3 Programming: Control Flow Functions, Graphics Marco Chiarandini (marco@imada.sdu.dk) Department of Mathematics and Computer Science (IMADA) University of Southern Denmark Exercise: MC Simul.

937 views • 75 slides
Empirical Methods for the Analysis of Optimization Heuristics Marco Chiarandini Department of

Empirical Methods for the Analysis of Optimization Heuristics Marco Chiarandini Department of

Empirical Methods for the Analysis of Optimization Heuristics Marco Chiarandini Department of Mathematics and Computer Science University of Southern Denmark, Odense, Denmark www.imada.sdu.dk/~marco www.imada.sdu.dk/~marco/COMISEF08 October

1.34k views • 130 slides
Matrix Algebra Marco Chiarandini (marco@imada.sdu.dk) Department of Mathematics and Computer

Matrix Algebra Marco Chiarandini (marco@imada.sdu.dk) Department of Mathematics and Computer

FF505 Computational Science MATLAB Section - Introduction 1 Matrix Algebra Marco Chiarandini (marco@imada.sdu.dk) Department of Mathematics and Computer Science (IMADA) University of Southern Denmark Getting Started More on Matrix

606 views • 39 slides
Graph Processing Marco Serafini COMPSCI 532 Lecture 9 Graph Analytics Marco Serafini 2 2

Graph Processing Marco Serafini COMPSCI 532 Lecture 9 Graph Analytics Marco Serafini 2 2

Graph Processing Marco Serafini COMPSCI 532 Lecture 9 Graph Analytics Marco Serafini 2 2 Scaling Graph Algorithms Type of algorithms PageRank Shortest path Clustering Connected component Requirements Support

482 views • 31 slides
Novita in tema di terapia delle emofilie Marco Marie3a - Modena marco.marie)a@unimore.it

Novita in tema di terapia delle emofilie Marco Marie3a - Modena marco.marie)a@unimore.it

Novita in tema di terapia delle emofilie Marco Marie3a - Modena marco.marie)a@unimore.it Relazioni con sogge9 portatori di interessi commerciali in campo sanitario Ai sensi dellart. 3.3 sul Confli3o di Interessi, pag. 17 del Regolamento

759 views • 33 slides

More recommend