pocket informers privacy problems with portable
play

Pocket informers: Privacy problems with portable communication - PowerPoint PPT Presentation

Pocket informers: Privacy problems with portable communication objects Mathieu Cunche mathieu.cunche@inria.fr @Cunchem INSA-Lyon CITI, Inria Privatics 10th European e-Accessibility Forum e-Accessibility in a connected world 30 May 2016,


  1. Pocket informers: Privacy problems with portable communication objects Mathieu Cunche mathieu.cunche@inria.fr @Cunchem INSA-Lyon CITI, Inria Privatics 10th European e-Accessibility Forum e-Accessibility in a connected world 30 May 2016, Paris M. Cunche (INSA-Lyon - Inria ) Pocket informers 1 / 18

  2. Wi-Fi networking Wi-Fi specified by IEEE 802.11 standard Information transmitted in frames over the radio channels M. Cunche (INSA-Lyon - Inria ) Pocket informers 2 / 18

  3. 802.11 frame Address fields contain MAC addresses (src., dest., ...) MAC address: a unique identifier allocated to a network interface M. Cunche (INSA-Lyon - Inria ) Pocket informers 3 / 18

  4. Wi-Fi service discovery I Discover surrounding APs and Networks Passive mode: Wi-Fi Beacons Active mode: Probe requests and Probe Responses Probe requests contain an SSID field to specify the searched network Active is less costly in energy Preferred mode for mobile devices Passive Active M. Cunche (INSA-Lyon - Inria ) Pocket informers 4 / 18

  5. Active service discovery Probing Frequency: several times per minutes Information available in cleartext (headers are not encrypted) M. Cunche (INSA-Lyon - Inria ) Pocket informers 5 / 18

  6. Personal information from SSIDs SSIDs: name of the previously connected networks Stored in the Configured Network List (CNL) Observed up to 80 configured networks ! SSIDs: personal data Travel history GPS coordinates Social links M. Cunche (INSA-Lyon - Inria ) Pocket informers 6 / 18

  7. Wi-Fi tracking Wi-Fi enabled smartphone: portable personal beacon Broadcast a unique ID (MAC addr.) Range: several 10s meters Wi-Fi tracking system 1 Set of sensors collect Wi-Fi signal Detect and track Wi-Fi devices and their owners 1 A. B. M. Musa and Jakob Eriksson. “Tracking unmodified smartphones using Wi-Fi monitors”. In: Proceedings of the 10th ACM Conference on Embedded Network Sensor Systems . 2012. M. Cunche (INSA-Lyon - Inria ) Pocket informers 7 / 18

  8. Wi-Fi tracking: applications I Road monitoring Wi-Fi sensor deployed along the road Measure traffic density Detect traffic jam Estimate point-to-point travel time M. Cunche (INSA-Lyon - Inria ) Pocket informers 8 / 18

  9. Wi-Fi tracking: applications II Shops & shopping center monitoring 2 Physical analytics: Frequency and length of visit, number of visitor, M. Cunche (INSA-Lyon - Inria ) Pocket informers 9 / 18

  10. Wi-Fi tracking: applications III Profiling & Targeted advertisement Example: London’s Wi-Fi bins Detect individuals via Wi-Fi Targeted advertisement displayed on screen Based on a user profile: consuming habits, gender, ... 2 Source: Euclid Analytics M. Cunche (INSA-Lyon - Inria ) Pocket informers 10 / 18

  11. Wi-Fi tracking: privacy Privacy concerns of civil society ”People have a fundamental right to privacy, and I think neglecting to ask consumers for their permission to track them violates that right” – Senator Al Franken Regulation of data protection agencies CNIL decision on Fidz’up/JCDecaux initiative (La Defense) M. Cunche (INSA-Lyon - Inria ) Pocket informers 11 / 18

  12. Wi-Fi tracking: privacy The MAC address a 48 bits identifier The MAC address is a personal information Unique ID & Personally identifiable information Easy to obtain the MAC addr. of an individual Collected by mobile applications along with other personal information (phone number, email, name, ...) M. Cunche (INSA-Lyon - Inria ) Pocket informers 12 / 18

  13. Countermeasures Use a random MAC address Periodically change MAC address to a random value 3 Currently being deployed in major Operating Systems iOS8, Windows10, Android, Linux ... Limitations of random MAC addr. Tracking may still be possible: fingerprinting 4 Using MAC address may disrupt networks 3 Marco Gruteser and Dirk Grunwald. “Enhancing location privacy in wireless LAN through disposable interface identifiers: a quantitative analysis”. In: Mobile Networks and Applications 10.3 (2005), pp. 315–325. 4 Mathy Vanhoef et al. “Why MAC Address Randomization is not Enough: An Analysis of Wi-Fi Network Discovery Mechanisms”. In: ACM AsiaCCS . Xi’an, China, May 2016. M. Cunche (INSA-Lyon - Inria ) Pocket informers 13 / 18

  14. Countermeasures Geofencing Wi-Fi only activated in trusted places (home, office, ...) Apps: Wi-Fi Matic 5 and AVG Privacy Fix 6 (only for Android) 5 https://play.google.com/store/apps/details?id=org.cprados.wificellmanager 6 https://play.google.com/store/apps/details?id=com.avg.privacyfix M. Cunche (INSA-Lyon - Inria ) Pocket informers 14 / 18

  15. The case of Bluetooth Bluetooth is a short range radio technology Found in many connected objects Also use a MAC address as radio identifier Potentially expose to privacy issues (In)Visibility mode Device don’t advertise their presence Random radio identifier (since v4.0) 7 Prevent tracking Fully integrated in the protocol: do not disrupt network functionnalities 7 http://blog.bluetooth.com/bluetooth-technology-protecting-your-privacy/ M. Cunche (INSA-Lyon - Inria ) Pocket informers 15 / 18

  16. Role of the industry and standardisation bodies Technological legacy Wi-Fi designed in late 1990’s Unexpected applications: Wi-Fi in every pocket Security (confidentiality) was considered, but not privacy Privacy is now a real concern for the industry Privacy preserving features deployed in major systems Dedicated working groups at IETF and IEEE Privacy by design approach Privacy needs to be considered early in the design process Too late for current technologies like Wi-Fi Patches and temporary fixes Ex: Random MAC address being deployed by major OSs (iOS, Android, Windows, ...) M. Cunche (INSA-Lyon - Inria ) Pocket informers 16 / 18

  17. Conclusion Privacy is not restrained to applications (Web, Apps, ...) Radio technologies can also leak personal information Privacy needs to be considered early in the design process Imagination of trackers not to be underestimated Motivated by commercial applications ... or population surveillance & control M. Cunche (INSA-Lyon - Inria ) Pocket informers 17 / 18

  18. Thank you Figure : Artist’s interpretation 8 . 8 credit P. Treimany M. Cunche (INSA-Lyon - Inria ) Pocket informers 18 / 18

Recommend


More recommend