131 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
131 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
132 \mode<presentation>{ |
132 \mode<presentation>{ |
133 \begin{frame}[c] |
133 \begin{frame}[c] |
134 \frametitle{Man-in-the-Middle} |
134 \frametitle{Man-in-the-Middle} |
135 |
135 |
136 |
136 \begin{itemize} |
|
137 \item Border Gateway Protocol (BGP) --- routers believe their neighbours |
|
138 \item it is possible to advertise bad routes |
|
139 \item can be done over continents\bigskip |
|
140 \end{itemize} |
137 |
141 |
138 \hfill\footnotesize\url{http://www.renesys.com/2013/11/mitm-internet-hijacking/} |
142 \hfill\footnotesize\url{http://www.renesys.com/2013/11/mitm-internet-hijacking/} |
139 \end{frame}} |
143 \end{frame}} |
140 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
144 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
141 |
145 |
142 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
146 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
143 \mode<presentation>{ |
147 \mode<presentation>{ |
144 \begin{frame}[c] |
148 \begin{frame}[t] |
145 \frametitle{Facebook Privacy} |
149 \frametitle{Facebook Privacy} |
146 |
150 |
|
151 \begin{itemize} |
|
152 \item \large Who has a Facebook account?\pause\medskip |
|
153 |
|
154 \item \large Who keeps the list of friends private?\pause\medskip |
|
155 |
|
156 \item \large Who knows that this is completely pointless?\pause\medskip |
|
157 \end{itemize} |
|
158 |
|
159 \only<4>{ |
|
160 Create a fake account. Send a friend request. Facebook answers with |
|
161 ``People you may know'' feature. Conveniently it has also a ``see all'' button. |
|
162 } |
|
163 \only<5>{\small\it |
|
164 ``Our policies explain that changing the visibility of people on your friend list controls how they appear on your Timeline, and that your friends may be visible on other parts of the site, such as in News Feed, Search and on other people's Timelines. This behavior is something we'll continue to evaluate to make sure we're providing clarity.'' |
|
165 } |
147 |
166 |
148 \end{frame}} |
167 \end{frame}} |
149 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
168 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
150 |
169 |
151 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
170 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
155 |
174 |
156 Some terminology: |
175 Some terminology: |
157 |
176 |
158 \begin{itemize} |
177 \begin{itemize} |
159 \item \alert{secrecy} is the mechanism used to limit the number of |
178 \item \alert{secrecy} is the mechanism used to limit the number of |
160 principals with access to information (eg, cryptography or access controls) |
179 principals with access to information (e.g., cryptography or access controls) |
161 |
180 |
162 \item \alert{confidentiality} is the obligation to protect the secrets of other people |
181 \item \alert{confidentiality} is the obligation to protect the secrets of other people |
163 or organizations (secrecy for the benefit of an organisation) |
182 or organizations (secrecy for the benefit of an organisation) |
164 |
183 |
165 \item \alert{anonymity} is the ability to leave no evidence of an activity (eg, sharing a secret) |
184 \item \alert{anonymity} is the ability to leave no evidence of an activity (e.g., sharing a secret) |
166 |
185 |
167 \item \alert{privacy} is the ability or right to protect your personal secrets |
186 \item \alert{privacy} is the ability or right to protect your personal secrets |
168 (secrecy for the benefit of an individual) |
187 (secrecy for the benefit of an individual) |
169 |
188 |
170 \end{itemize} |
189 \end{itemize} |
176 \mode<presentation>{ |
195 \mode<presentation>{ |
177 \begin{frame}[t] |
196 \begin{frame}[t] |
178 \frametitle{Privacy vs Anonymity} |
197 \frametitle{Privacy vs Anonymity} |
179 |
198 |
180 \begin{itemize} |
199 \begin{itemize} |
181 \item everybody agrees that anonymity has its uses (e.g., voting, whistleblowers, peer-review) |
200 \item everybody agrees that anonymity has its uses (e.g., voting, whistleblowers, peer-review, exams) |
182 \end{itemize}\bigskip\bigskip\pause |
201 \end{itemize}\bigskip\bigskip\pause |
183 |
202 |
184 |
203 |
185 But privacy?\bigskip\bigskip |
204 But privacy?\bigskip\bigskip |
186 |
205 |
220 \begin{itemize} |
239 \begin{itemize} |
221 \item Apple takes note of every dictation (send over the Internet to Apple) |
240 \item Apple takes note of every dictation (send over the Internet to Apple) |
222 \item markets often only work, if data is restricted (to build trust) |
241 \item markets often only work, if data is restricted (to build trust) |
223 \item Social network can reveal data about you |
242 \item Social network can reveal data about you |
224 \item have you tried the collusion extension for FireFox? |
243 \item have you tried the collusion extension for FireFox? |
225 \item I do use Dropbox, store cards\bigskip |
244 \item I do use Dropbox, store cards |
226 \item next week: anonymising data |
245 \end{itemize} |
227 \end{itemize} |
246 |
228 |
247 \begin{textblock}{5}(12,9.9) |
229 \begin{textblock}{5}(12,8.9) |
248 \includegraphics[scale=0.2]{pics/gattaca.jpg}\\ |
230 \includegraphics[scale=0.3]{pics/gattaca.jpg}\\ |
|
231 \small Gattaca (1997) |
249 \small Gattaca (1997) |
232 \end{textblock} |
250 \end{textblock} |
233 |
251 |
234 \end{frame}} |
252 \end{frame}} |
235 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
253 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
359 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
377 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
360 |
378 |
361 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
379 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
362 \mode<presentation>{ |
380 \mode<presentation>{ |
363 \begin{frame}[c] |
381 \begin{frame}[c] |
364 \frametitle{Re-identification Attack} |
382 \frametitle{Re-identification Attacks} |
365 |
383 |
366 Two researchers analysed the data: |
384 Two researchers analysed the data: |
367 |
385 |
368 \begin{itemize} |
386 \begin{itemize} |
369 \item with 8 ratings (2 of them can be wrong) and corresponding dates that can have a margin 14-day error, 98\% of the |
387 \item with 8 ratings (2 of them can be wrong) and corresponding dates that can have a margin 14-day error, 98\% of the |
374 \end{itemize} |
392 \end{itemize} |
375 |
393 |
376 \end{frame}} |
394 \end{frame}} |
377 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
395 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
378 |
396 |
|
397 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
398 \mode<presentation>{ |
|
399 \begin{frame}[c] |
|
400 \frametitle{Re-identification Attacks} |
|
401 |
|
402 |
|
403 \begin{itemize} |
|
404 \item in 1990 insurance databases were made public with names removed, but birth dates, |
|
405 gender, ZIP-code were retained\medskip |
|
406 \item could be cross referenced with public voter registration data in order to find out what the |
|
407 medical record of the governor of Massachusetts was |
|
408 \end{itemize} |
|
409 |
|
410 \end{frame}} |
|
411 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
412 |
379 |
413 |
380 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
414 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
381 \mode<presentation>{ |
415 \mode<presentation>{ |
382 \begin{frame}[c] |
416 \begin{frame}[c] |
383 \frametitle{} |
417 \frametitle{} |
422 \end{itemize}} |
456 \end{itemize}} |
423 |
457 |
424 \end{frame}} |
458 \end{frame}} |
425 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
459 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
426 |
460 |
|
461 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
462 \mode<presentation>{ |
|
463 \begin{frame}<2>[c] |
|
464 \frametitle{Differential Privacy} |
|
465 |
|
466 \begin{itemize} |
|
467 \item Goal: Nothing about an individual should be learnable from the database that |
|
468 cannot be learned without access to the database.\pause\bigskip |
|
469 |
|
470 \item Differential privacy is a protocol which you run on some dataset \bl{$X$} producing |
|
471 some output \bl{$O(X)$}. |
|
472 \end{itemize} |
|
473 |
|
474 \end{frame}} |
|
475 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
427 |
476 |
428 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
477 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
429 \mode<presentation>{ |
478 \mode<presentation>{ |
430 \begin{frame}[c] |
479 \begin{frame}[c] |
431 \frametitle{Differential Privacy} |
480 \frametitle{Differential Privacy} |