ScienceDaily (June 2, 2011) research of more than 100 popular Web sites used by tens of millions of people find three districts directly to leak information or unique identifiers for users and third-party sites. The study, the parser by Craig wills, a Professor of computer science at Worcester Federal Institute (WPI), demonstrated how handles leak private information by many sites, including e-mail, physical address, even a user's Web browser-the browser fingerprint "--could allow tracking sites to link to many different pieces of information, including the browsing histories included tracking cookies and the content of the site and take health searchesTo create a detailed profile of the people.
The study, presented last week at the Web 2.0 security and privacy in Auckland, Calif., summed up the efforts made so far to stop this leak of personal information from online Web sites, social networking packages including suggestions made in the report, the Federal Trade Commission (FTC) 2010 protect consumer privacy, that the largely ineffective in preventing leakage is detected and connectivity. They claimed that websites should take more responsibility for privacy protection.
"Despite some suggestions wills and reports upon by researchers, government agencies, and private firms, the issue of privacy has worsened significantly," he said. "With the growing disconnect between existing privacy safeguards, suggested a growing discussion, worries more and more personal information from all Web sites, we believe that the time beyond the clearly what is the battle with third-party aggregators, and what roles first-party sites, you can play in protecting the privacy of their users."
The researchers, who brought in the past that the leak of personal information from many popular social networks, decided to investigate the handling of private information by standard Web sites, in an area where there were mainly vshashorsh, Wales. They encourage users to sites focused on, since users often share personal information, including their names, personal, physical address, an e-mail during the registration process. They also examined health popular tourist attractions, since users conduct searches these sites, point to problems with their health or expose their travel programs.
They found that the leaked information through multiple routes to a third party to track users ' browsing behavior for advertisers. In some cases, the information was passed to the purposely third-party sites. In other cases, it was included, intentionally or accidentally, as part of an ongoing exchange of information with those sites. According to the leakage occurred when people were creating, viewing, editing, or register their accounts, or when navigating Web sites. They are also sensitive search terms (such as pancreatic cancer) have been leaked by the health and for sites to be leaked by sites.
The researchers examined the types of information to be leaked by websites and rate them according to their sensitivity and the ability to identify users. The user name, phone number or email address, and the highest rated on identifiability, for example, when planning tours and information of the highest rated on a scale sensitivity. While most of the information leaked rated low in both scales, the authors said it did not necessarily suggest that users should not be concerned about the privacy leaks from Web sites.
They noted that third-party sites that are tracking a wide variety of popular information from Web sites that can be used to connect various pieces of the leaked information and link them to the identity of the individual user. These include the ID of the user that assigns user Web site (leaked by about half of the sites studied), unique identifiers, such as email addresses, or home address, and the fingerprint browser browser-information about how to set up individual, including the list of installed extensions, leaked the authors found a number of sites.
The study evaluated a variety of actions, Web users can take to prevent their information from being leaked, including blocking the setting of cookies and the use of the advertising block or unblock the utility built into the latest version of some of the most common browsers. They found all of these techniques to miss certain types of leak; Vhosmi advertising, for example, reliably not block third-party sites through the so-called hidden, even impair the usability of Web sites.
They also show the proposals contained in the report of December 2010 release online privacy by the FTC. "The report supports the privacy by design initiative, seeks to embed privacy in the design stage, proactive, defaults to private users and information about Sun access to sensitive data concerning the user is stored in the bcobri," research notes. But even these suggestions fail to provide safeguards against discussion user information by third-party sites or the hidden leak to third parties, and they do not include authentication methods, a third-party sites or penalizing those sound guidelines do not provide.
"As a key report to the FTC, he is ignoring the responsibility of saving their users privacy," said Wales. "These sites have a role in the custody of protecting users leak of sensitive information or identify them. Third-party sites have a strong financial incentive to continue to collect and aggregate user information, so relying on them to protect the privacy of the user continues to be a battle. It's time to put the focus on what you can do a first-party sites. "
Email or share this story:
The source of the story:
The above story is published (with writers adaptations by a teamdaily science) materials provided by the the Federal Institute of Worcester.
Note: If no source is cited, instead.
Disclaimer: hdioth in this article do not necessarily reflect those of his team or ScienceDaily.