View
1.203
Download
1
Embed Size (px)
DESCRIPTION
We provide a huge amount of information about us to many different online services. Naturally, these companies use that information to understand us in ways we have never imagined with only one goal: Sell products, make money. This process will not stop We are living in a new 'industrial revolution' with little regulation and protection. Regulation will happen but very slowly In the meantime, we need to understand what is happening, and learn to adjust and live in this new industrial revolution.
Citation preview
Before we start (what my friend who is lawyer insists I
say)
• This presentation mentions several companies regarding data analysis and privacy in comparison to business
• There are many more companies performing the same services and activities, and the mentioned few are only used as very prominent examples of the process of data storage and data analysis of user data
• This presentation does not intend to present any of those companies in a negative light nor make any implicit or explicit claim that any of those companies are performing any illegal or damaging activities
Person(s) of interestUnderstanding the shift of personal privacy in a world of too much public information
Bozhidar [email protected]@gmail.com
The brave new world• zetabytes of data exist in the digital universe today• Walmart handles more than customer
transactions every hour, which is imported into databases estimated to contain more than petabytes of data.
• In Google was processing a daily data volume of terabytes
• terabytes of data uploaded daily to Facebook• Facebook stores, accesses, and analyzes more than
Petabytes of user generated data. • Akamai analyzes million events per day to better
target advertisements. Source Wikibon Big Data Stats
2.71,000,000
20,000
100 30
75
2008 2.5
Welcome to Your Not-So Private Parts
• Target computers conclude that a teenage girl is pregnant and sent coupons for baby clothes which were found by a very surprised father (NY Times, 2012)
• A social experiment in Gmail resulted in allergy medicine commercials after 3 exchanged mails mentioning illness to a doctor’s mail (Shortinfosec , 2009)
• Unverified – a woman is denied health insurance by her carrier because of high probability of cancer based on social analytics data bought from a social network
What is out there about us?• Location and travelling • IP address whois lookup• Photo tagging• Location sharing
• Personal habits • Site categories visited• Book/movie categorie most browsed• logon times• linger times on sites
• Shopping preferences and interests• Search engine product searches• Online purchases purchases and browsing
What is out there about us?• Personal Data• Facial recognition data (high res images on pinterest,
facebook, google+, twitter…)• Voice recognition data (youtube, vimeo)• Relationship data (social networks first connections,
tags on photos…)• Professional and personal interests (crawling of forum
and discussion group archives)
We have placed cookies on your computer to help make this website better. You can change your cookie settings at any time. Otherwise, we'll assume you're OK to continue.
What is out there about us?
• VERY personal preferences
The nemesis of privacy
2010 2011 2012 2013 (first half)
050
100150200250300
Twitter Revenue Breakdown (million of
$ US)
Advertising Data Licensing
•Sources: Worldstream Internet Marketing (2012), Splatf (2012), San Jose Mercury News (2013)
The nemesis of privacy
If you aren’t buyingand you aren’t selling
YOU ARE THE PRODUCT
Who will be able to (ab)use all this?
• Data collectors and brokers (social network
companies, Infochimps)• Retailers and vendors (Amazon, Target,
Wallmart…)
• Prospective employers and headhunters• Disgruntled employees • Ex girl/boy friends• Social Engineers (Con Men / Hackers …)
Maltego OSINT data search/correlation
Privacy protection ideas?• Regulatory initiatives• Take forever to move off the ground• Prone to huge influence by lobbyists (big money)• Limited to one country/region• Obsolete by the time all legal loops are passed
• Intelligence agencies• Business moves at light speed compared to intelligence• People volunteer information to business• Intelligence agencies are actually using business
gathered data for their own use
Privacy protection ideas?• Non-profit initiatives• Don’t get enough momentum unless there is an actual
publicly known incident. • Even if influence is sufficient, the initiative targets one
specific issue of that incident• By the way…• All data mentioned above is given and published by the
end user, and the service that is provided by the businesses is never ever charged to the use
• There is no such thing as free lunch
Opportunities for someone
• A business (malicious) opportunity• The old model attacks• Bandwidth• Compute resources• Data (financial, corp)
• The new model attacks• Reputation of people• Social networks • Forums• Doctored photos• Donations
MINTRUE1984
The brave new world
What to do• We are living another paradigm shift • the industrial revolution ???• Regulation will occur, but when?
• Young generations embrace and accept it • Understand it• Adjust• Educate early, educate a lot. • Learn from the younger generation• Prepare for reputation defense • The next phase is just around the corner
Custom commercials
?
Thank you
Bozhidar [email protected]@gmail.com