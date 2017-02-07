Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


72% of 'Anonymous' Browsing History Can Be Attached To the Real User (thestack.com) 6

Posted by BeauHD from the breadcrumb-trail dept.
An anonymous reader quotes a report from The Stack: Researchers at Stanford and Princeton have succeeded in identifying 70% of web users by comparing their web-browsing history to publicly available information on social networks. The study "De-anonymizing Web Browsing Data with Social Networks" [PDF] found that it was possible to reattach identities to 374 sets of apparently anonymous browsing histories simply by following the connections between links shared on Twitter feeds and the likelihood that a user would favor personal recommendations over abstract web browsing. The test subjects were provided with a Chrome extension that extracted their browsing history; the researchers then used Twitter's proprietary URL-shortening protocol to identify t.co links. 81% of the top 15 results of each enquiry run through the de-anonymization program contained the correct re-identified user -- and 72% of the results identified the user in first place. Ultimately the trail only leads as far as a Twitter user ID, and if a user is pseudonymous, further action would need to be taken to affirm their real identity. Using https connections and VPN services can limit exposure to such re-identification attempts, though the first method does not mask the base URL of the site being connected to, and the second does not prevent the tracking cookies and other tracking methods which can provide a continuous browsing history. Additionally UTM codes in URLs offer the possibility of re-identification even where encryption is present. Further reading available via The Atlantic.

  • Pr0n (Score:5, Funny)

    by felixrising ( 1135205 ) on Tuesday February 07, 2017 @07:50PM (#53822979)
    As long as my wife can't see my porn browsing history, no worries!

  • Idiots (Score:3)

    by DontBeAMoran ( 4843879 ) on Tuesday February 07, 2017 @07:53PM (#53822993)

    ... by comparing their web-browsing history to publicly available information on social networks.

    Well, there's your problem. STOP USING SOCIAL NETWORKS.

  • First, they talk about a user's identity. Later they merely talk about Twitter links and finding the user's Twitter ID. So what is it? Can they identify users or Twitter accounts? If it's the former, that's concerning. But it seems to be more likely that they found a Twitter account user by comparing the browser history to a Twitter account that had been sharing those links. The latter doesn't seem as impressive now does it?
  • Wouldn''t this part of the problem be solved simply by using the privacy mode of the browser? If not, use a Linux Live distribution, which typically have no persistent storage (although some of them have an overlay filesystem that can be enabled especially for this purpose). This can be combined with anonymizing software like Tor for enough protection against everybody else but government-backed attackers.

    • Wouldn''t this part of the problem be solved simply by using the privacy mode of the browser? If not, use a Linux Live distribution, which typically have no persistent storage (although some of them have an overlay filesystem that can be enabled especially for this purpose). This can be combined with anonymizing software like Tor for enough protection against everybody else but government-backed attackers.

      Whoops, bad advice. While it prevents the addition of new sites to the browser history, incognito mode doesn't erase the record of sites already visit. So it's better simply to create a new profile from scratch and then delete that profile. Now I think incognito mode is really a brain damaged idea, because it raises false expectations of privacy.

