Half Baked: The Opportunity to Secure Cookie-based Identifiers from Passive Surveillance
Andrew Hilts, Citizen Lab, University of Toronto and Open Effect; Christopher Parsons, Citizen Lab, University of Toronto
Documents released by Edward Snowden have revealed that the National Security Agency, and its Australian, British, Canadian, and New Zealand equivalents, routinely monitor the Internet for the identifiers that are contained in advertising and tracking cookies. Once collected, the identifiers are stored in government databases and used to develop patterns of life, or the chains of activities that individuals engage in when they use Internet-capable devices. This paper investigates the extent to which contemporary advertising and analytics identifiers that are used in establishing such patterns continue to be transmitted in plaintext following Snowden’s revelations. We look at variations in the secure transmission of cookie-based identifiers across different website categories, and identify practical steps for both website operators and ad tracking companies to take to better secure their audiences and readers from passive surveillance.
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
BibTeX
@inproceedings {192002,
author = {Andrew Hilts and Christopher Parsons},
title = {Half Baked: The Opportunity to Secure Cookie-based Identifiers from Passive Surveillance},
booktitle = {5th USENIX Workshop on Free and Open Communications on the Internet (FOCI 15)},
year = {2015},
address = {Washington, D.C.},
url = {https://www.usenix.org/conference/foci15/workshop-program/presentation/hilts},
publisher = {USENIX Association},
month = aug
}
