Scribd Logo
Upload

Welcome to Scribd!

  • 194 views

    Gone (Your Privacy) in 32 Bit by Azra Rizal

    Uploaded by

    Microsoft TechDays APAC
    IE 9 includes new privacy features like Tracking Protection to help limit how websites can track users across the internet. With just 33 bits of information like zip code, date of birth, and gender, it is possible to uniquely identify 87% of people in the United States. IE 9 offers two methods of Tracking Protection using lists and Do Not Track headers to block third-party tracking content and provide more privacy for users. The presentation concluded with a demonstration of IE 9's Tracking Protection features and a question and answer session.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Gone (Your Privacy) in 32 Bit by Azra Rizal

    Uploaded by

    Microsoft TechDays APAC
    194 views16 pages
    IE 9 includes new privacy features like Tracking Protection to help limit how websites can track users across the internet. With just 33 bits of information like zip code, date of birth, and gender, it is possible to uniquely identify 87% of people in the United States. IE 9 offers two methods of Tracking Protection using lists and Do Not Track headers to block third-party tracking content and provide more privacy for users. The presentation concluded with a demonstration of IE 9's Tracking Protection features and a question and answer session.

    Original Description:

    Original Title

    Gone (Your Privacy)in 32 Bit by Azra Rizal

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    IE 9 includes new privacy features like Tracking Protection to help limit how websites can track users across the internet. With just 33 bits of information like zip code, date of birth, and gender, it is possible to uniquely identify 87% of people in the United States. IE 9 offers two methods of Tracking Protection using lists and Do Not Track headers to block third-party tracking content and provide more privacy for users. The presentation concluded with a demonstration of IE 9's Tracking Protection features and a question and answer session.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    194 views16 pages

    Gone (Your Privacy) in 32 Bit by Azra Rizal

    Uploaded by

    Microsoft TechDays APAC
    IE 9 includes new privacy features like Tracking Protection to help limit how websites can track users across the internet. With just 33 bits of information like zip code, date of birth, and gender, it is possible to uniquely identify 87% of people in the United States. IE 9 offers two methods of Tracking Protection using lists and Do Not Track headers to block third-party tracking content and provide more privacy for users. The presentation concluded with a demonstration of IE 9's Tracking Protection features and a question and answer session.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 16

    Gone (Your Privacy)in 32 bit

    Azra Rizal MVP, Consumer Security

    Agenda
    How easy to be trace?

    IE 9 has (some) the answer

    Q&A

    How many information do you need to go from this

    To this

    As of 2009 , it requires only 33 bit of information

    S = - log2 Pr(X=x)
    Total S = 37.4

    Days Population = 365 Population = 6,909,000,000 Population - log Pr(1/365) = 8.51 S = = 6,909,000,000 2 Zip Code log2 Pr(1/6,909,000,000) = 32.68 S = - population = 69,000 5,000 Ethnic Population = S = - log2 Pr(69,000/6,909,000,000) = 16.61 S = - log Pr(1/12.28) = 12.28
    2

    Personal

    Location

    Variable User Agent

    Source Transmitted by HTTP, logged by server Transmitted by HTTP, logged by server Inferred in HTTP, logged by server JavaScript AJAX post JavaScript AJAX post

    Remarks

    HTTP ACCEPT headers Cookies enabled? Screen resolution Timezone Browser plugins, plugin versions and MIME types System fonts

    Days Population = 365 S = - log2 Pr(1/365) = 8.51

    How did we arrived to that number ? S = - log2 Pr(X=x) How did we arrived to that number ? S = -log2 (1/6909000000) = 32.68 bits My postcode is 57000 assuming there is around 100 post code in KL and population of Kuala Lumpur is 6,900,000 so each postcode is assume to be around 69,000 people? S = -log2 (69,000/6909000000) = 16.61 bits My birthday is in December 12 1974 S = -log2 (1/365) = 8.51 bits My Ethnicity is Malay and assuming the world have around 2000 ethnic community S = -log2 (1/5000) = 12.28 bits Combining all there S = 16.61 + 8.51 + 12.28 = 37.4 With just 3 information we can deduce a person Infact there is a study done by Dr Ohm mentioning that you can identify 87% Of people from United States just by 3 information Zipcode, Date of Birth and Gender

    IE 9 Tracking Protection

    Why Tracking Protection?


    Websites track everything Websites share everything

    Whats in Tracking Protection


    Blocked third-party content using an XML list 2 methods of Tracking Protection - Tracking Protection Lists (TPL) - Do Not Track header and DOM property

    Demo #1
    IE 9 Tracking Protection

    Post or not to Post :D

    References
    Dr Ohm MIMOS Security Labs IE 9 TechNet Edge

    Thank You Q&A

    You might also like