Potential mass surveillance and privacy violations in

proximity-based social applications

Silvia Puglisi, David Rebollo-Monedero and Jordi Forné

Department of Telematics Engineering,

Universitat Politecnica de Catalunya

silvia.puglisi@upc.edu

@nopressure

Introduction

Proximity-based social applications let users interact with resources that are currently close to them.

This information is acquired through passive geo-localisation and used

to build a sense of serendipitous discovery of people, places and interests.

Contributions

1. We classify privacy threats in proximity-based applications [1]  to understand privacy violations and to identify privacy problems in a comprehensive and concrete manner.

2. We formalise a location attack showing how these applications are inherently insecure.

[1] D. J. Solove, “A taxonomy of privacy,” University of Pennsylvania law review, pp. 477–564, 2006.

3. We build a Social Graph attack using Facebook likes to profile the victim.

1/11

CLASSIFICATION OF PRIVACY VIOLATIONS

  • Collection
  • Processing
  • Dissemination
  • Invasion

2/11

collection

Surveillance, interrogation or information probing.

Watching, reading, listening, recording of individual.

Inference of information

regarding individuals

PROCESSING

Aggregation and identification of data.

Failure to provide data security.

Secondary use of data to which the user has not been informed.

3/11

DISSEMINATION

Breach of confidentiality, unwanted disclosure and exposure of information.

Appropriation and distortion of data about people.

Invasion

Invasion is the threat of intrusion of an entity into someone’s private life and it includes acts that are said to disturb one’s tranquillity or solitude.

4/11

collection

Information collection is possible on these applications

through different techniques.

 

We have intercepted APIs call from mobile devices through Men In The Middle (MITM) attack in some occasions, and interacted with the APIs directly in other occasions.

5/11

Processing

1) Multilateration attack:

Once we posses the user’s id on the specific application we are able to query their APIs and update our information about the user location constantly.

 

2) Hyper graph attack:

Facebook token is used to authenticate and/or authorise the app to request and obtain certain information about the user.

6/11

Invasion

Once a user location has being inferred, we can continue

tracking the same users and their preferences for an unlimited amount of fetches.

7/11

Analysed Applications

8/11

Multilateration Attack

9/11

Multilateration measures the difference in distance between two stations which results in an infinite number of locations that satisfy the measurement, forming a hyperbolic curve.

Subsequent measurements taken to a different pair of stations will produce another curve, which intersects with the first. And so on.

Social Graph Attack

10/11

1. Proximity based applications using the users’ actual location commit a number of privacy violations.

 

2. Privacy violations can be identified and examined with a formal framework .

Conclusions

3. Leveraging on third party

services to identify users and authorise apps is per se a privacy violation if profile information is transferred.

Information shared with third parties can also be stored and eventually transferred without the user explicit consent.

11/11

On the internet you have no expectation of privacy when you willingly reveal information to a third party, and by the way, everyone on the internet is a third party.

Jacob Appelbaum