Potential mass surveillance and privacy violations in
proximity-based social applications
Silvia Puglisi, David Rebollo-Monedero and Jordi Forné
Department of Telematics Engineering,
Universitat Politecnica de Catalunya
silvia.puglisi@upc.edu
@nopressure
Introduction
Proximity-based social applications let users interact with resources that are currently close to them.
This information is acquired through passive geo-localisation and used
to build a sense of serendipitous discovery of people, places and interests.
Contributions
1. We classify privacy threats in proximity-based applications [1] to understand privacy violations and to identify privacy problems in a comprehensive and concrete manner.
2. We formalise a location attack showing how these applications are inherently insecure.
[1] D. J. Solove, “A taxonomy of privacy,” University of Pennsylvania law review, pp. 477–564, 2006.
3. We build a Social Graph attack using Facebook likes to profile the victim.
1/11
CLASSIFICATION OF PRIVACY VIOLATIONS
- Collection
- Processing
- Dissemination
- Invasion
2/11
collection
Surveillance, interrogation or information probing.
Watching, reading, listening, recording of individual.
Inference of information
regarding individuals
PROCESSING
Aggregation and identification of data.
Failure to provide data security.
Secondary use of data to which the user has not been informed.
3/11
DISSEMINATION
Breach of confidentiality, unwanted disclosure and exposure of information.
Appropriation and distortion of data about people.
Invasion
Invasion is the threat of intrusion of an entity into someone’s private life and it includes acts that are said to disturb one’s tranquillity or solitude.
4/11
collection
Information collection is possible on these applications
through different techniques.
We have intercepted APIs call from mobile devices through Men In The Middle (MITM) attack in some occasions, and interacted with the APIs directly in other occasions.
5/11
Processing
1) Multilateration attack:
Once we posses the user’s id on the specific application we are able to query their APIs and update our information about the user location constantly.
2) Hyper graph attack:
Facebook token is used to authenticate and/or authorise the app to request and obtain certain information about the user.
6/11
Invasion
Once a user location has being inferred, we can continue
tracking the same users and their preferences for an unlimited amount of fetches.
7/11
Analysed Applications
8/11
Multilateration Attack
9/11
Multilateration measures the difference in distance between two stations which results in an infinite number of locations that satisfy the measurement, forming a hyperbolic curve.
Subsequent measurements taken to a different pair of stations will produce another curve, which intersects with the first. And so on.
Social Graph Attack
10/11
1. Proximity based applications using the users’ actual location commit a number of privacy violations.
2. Privacy violations can be identified and examined with a formal framework .
Conclusions
3. Leveraging on third party
services to identify users and authorise apps is per se a privacy violation if profile information is transferred.
Information shared with third parties can also be stored and eventually transferred without the user explicit consent.
11/11
On the internet you have no expectation of privacy when you willingly reveal information to a third party, and by the way, everyone on the internet is a third party.
Jacob Appelbaum
RATSP2015
By hiropaw
