<html><body><div style="font-family: garamond,new york,times,serif; font-size: 12pt; color: #000000"><p>Steven Englehardt will present his FPO "Automated discovery of privacy violations on the web" on Friday, 6/29/2018 at 10:00am, 402 Computer Science. All are welcome to attend.</p><p>The members of his committee are as follows: Examiners: <span style="font-size: 12pt;" data-mce-style="font-size: 12pt;">Arvind Narayanan (Adviser),</span> Prateek Mittal (ELE), and Jennifer Rexford; Readers: Ed Felten, Nick Feamster</p><p>Abstract follows below.</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">Tracking protection provided by browsers is often ine↵ective, while solutions based</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">on voluntary cooperation, such as Do Not Track, haven’t had meaningful adoption.</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">Knowledgeable users may turn to anti-tracking tools for protection, but we find that</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">even these more advanced solutions fail to fully protect against the techniques we</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">study.</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">In this dissertation, we introduce OpenWPM, a platform we developed for flexible</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">and modular web measurement. We’ve used OpenWPM to run large-scale studies</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">leading to the discovery of numerous privacy and security violations across the web</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">and in emails. These discoveries have curtailed the adoption of tracking techniques,</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">and have informed policy debates and browser privacy decisions.</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">In particular, we present novel detection methods and results for persistent tracking</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">techniques, including: device fingerprinting, cookie syncing, and cookie respawning.</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">Our findings include sophisticated fingerprinting techniques never before measured</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">in the wild. We’ve found that nearly every new API is misused by trackers</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">for fingerprinting. The misuse is often invisible to users and publishers alike, and in</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">many cases was not anticipated by API designers. We take a critical look at how the</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">API design process can be changed to prevent such misuse in the future.</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">We also explore the industry of trackers which use PII-derived identifiers to track</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">users across devices, and even into the o✏ine world. To measure these techniques,</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">we develop a novel bait technique, which allows us to spoof the presence of PII on a</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">large number of sites. We show how trackers exfiltrate the spoofed PII through the</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">abuse of browser features. We find that PII collection is not limited to the web—the</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">act of viewing an email also leaks PII to trackers. Overall, about 30% of emails leak</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">the recipient’s email address to one or more third parties.</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">Finally, we study the ability of a passive eavesdropper to leverage tracking cookies</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">for mass surveillance. If two web pages embed the same tracker, then the adversary</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">can link visits to those pages from the same user even if the user’s IP address varies.</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">We find that the adversary can reconstruct 62—73% of a typical user’s browsing</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;">history</p><p style="margin-left: 50px;" data-mce-style="margin-left: 50px;"> <br>
</p><div><br><br></div></div></body></html>