ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Googling considered harmful
Full text PdfPdf (139 KB)
Source
New Security Paradigms Workshop archive
Proceedings of the 2006 workshop on New security paradigms table of contents
Germany
SESSION: Recipes for disaster table of contents
Pages: 67 - 76  
Year of Publication: 2006
ISBN:978-1-59593-923-4
Author
Gregory Conti  United States Military Academy, West Point, New York
Sponsor
ACSA : Applied Computer Security Associates
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 24,   Downloads (12 Months): 311,   Citation Count: 4
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1278940.1278951
What is a DOI?

ABSTRACT

Virtually every Internet user on the planet uses the powerful free tools offered by a handful of information service providers in many aspects of their personal and professional lives. As a result, users and organizations are freely providing unprecedented amounts of sensitive information in return for such services as Internet search, email, mapping, blog hosting, instant messaging and language translation. Traditional security measures, such as cryptography and network firewalls, are largely ineffective because of the implicit trust paradigm with the service provider. In this paper, we directly address this problem by providing a threat analysis framework of information disclosure vectors, including fingerprinting of individuals and groups based on their online activities, examine the effectiveness of existing privacy countermeasures and clearly outline the critical future work required to protect our corporate, organizational and individual privacy when using these services.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
InternetWorldStats.com. "Internet Usage Statistics -- The Big Picture." 31 December 2005. http://www.internetworldstats.com/stats.htm, accessed 28 March 2006.
 
2
Google.com. "Corporate Information: Company Overview." http://www.google.com/intl/en/corporate/index.html, accessed 25 March 2006.
 
3
ValleyWag.com. "Cause and effect: Schmidt talks, investors talk back." http://www.valleywag.com/tech/eric-schmidt/causeand-effect-schmidt-talks-investors-talk-back-154574.php, accessed 26 March 2006.
 
4
Google.com. "Google Investor Relations: Google Code of Conduct." http://investor.google.com/conduct.html, accessed 26 March 2006.
 
5
Google Blogoscoped. "Google Removes Its Help Entry on Censorship." 27 January 2006. http://blog.outercourt.com/archive/2006-01-27-n30.html, accessed 28 March 2006.
 
6
Andrew McLaughlin. "Google in China." Official Google Blog, 27 January 2006. http://googleblog.blogspot.com/2006/01/google-in-china.html, accessed 28 March 2006.
 
7
Elinor Mills. "Google balances privacy, reach." CNET News.com, 14 July 2005. http://news.com.com/Google+balances+privacy,+reach/2100-1032_3-5787483.html, accessed 28 March 2006.
 
8
Carolyn Said. "Google says Cnet went too far in googling." San Francisco Chronical, 9 August 2005. http://sfgate.com/cgibin/article.cgi?file=/c/a/2005/08/09/GOOGLE.TMP&type=business, accessed 28 March 2006.
 
9
Google.com. "Google Corporate Information: Our Philosophy." http://www.google.com/corporate/tenthings.html, accessed 28 March 2006.
 
10
Kristin Kovner. "Beyond Google." Smart Money, May 2006, p. 122.
 
11
Danny Sullivan. "Searches Per Day." Search Engine Watch. http://searchenginewatch.com/reports/article.php/2156461, accessed 29 March 2006.
 
12
Wikipedia.com. "Google search." http://en.wikipedia.org/wiki/Google_(search_engine), accessed 29 March 2006.
 
13
Google.com. "Google Language Tools." http://www.google.com/language_tools?hl=en, accessed 28 March 2006.
 
14
Google.com "Google More, More, More." http://www.google.com/intl/en/options/index.html, accessed 28 March 2006.
 
15
Google.com, "Google Labs: Google's technology playground." http://labs.google.com/, accessed 29 March 2006.
 
16
Google.com. "Google Jobs: The engineer's life at Google." http://www.google.com/support/jobs/bin/static.py?page=about.html, accessed 29 March 2006.
 
17
Google.com. "Google Information for Webmasters." http://www.google.com/webmasters/bot.html, accessed 30 March 2006.
 
18
Internet Assigned Numbers Authority. "IP Address Services." http://www.iana.org/ipaddress/ip-addresses.htm, accessed 30 March 2006.
 
19
MaxMind.com. "Go Ahead -- Locate Your Internet Visitors." http://www.maxmind.com/app/ip_locate, accessed 30 March 2006.
 
20
John Battelle. "The Web Time Axis." http://www.archive.org/web/web.php, accessed 28 March 2006.
 
21
Archive.org. "Internet Archive Wayback Machine." http://www.archive.org/web/web.php, accessed 28 March 2006.
 
22
Yair Amit. "XSS vulnerabilities in Google.com." Email posting to the Web Security Mailing List. http://www.webappsec.org/lists/websecurity/archive/200512/msg00059.html, accessed 30 March 2006.
 
23
Andrew Orlowski. "Phishing with Google Desktop." The Register, 3 December 2005. http://www.theregister.co.uk/2005/12/03/google_desktop_vuln/, accessed 30 March 2006.
 
24
Google.com. "Google Privacy Policy: Changes to this policy." http://www.google.com/intl/en/privacypolicy.html, accessed 29 March 2006.
 
25
Howard Mintz. "Feds after Google data." Mercury News, 19 January 2006. http://www.mercurynews.com/mld/mercurynews/news/13657303.htm accessed 30 March 2006.
 
26
Charlie Kaufman , Radia Perlman , Mike Speciner, Network security: private communication in a public world, Prentice-Hall, Inc., Upper Saddle River, NJ, 1995
 
27
Eric Cole and Sandra Ring. "Insider Threat." Syngress Press, 2005.
 
28
Federal Bureau of Investigation. "Robert Philip Hanssen Espionage Case." Press Release, 20 February 2001. http://www.fbi.gov/libref/historic/famcases/hanssen/hanssen.htm, accessed 29 March 2006.
 
29
Federal Bureau of Investigation. "Famous Cases: Aldrich Hazen Ames." http://www.fbi.gov/libref/historic/famcases/ames/ames.htm, last accessed 29 March 2006.
 
30
ChoicePoint.com. "Privacy at ChoicePoint: 2006 Disclosures of U.S. Data Incidents." http://www.privacyatchoicepoint.com/, accessed 29 March 2006.
 
31
Michael Miller. "Google's Schmidt Clears the Air." PC Magazine online, 17 March 2006. http://news.yahoo.com/s/zd/20060317/tc_zd/173753, accessed 30 March 2006.
 
32
Slashdot.org. "Beware Your Online Presence." Slashdot, 19 March 2006. http://yro.slashdot.org/yro/06/03/19/2231257.shtml, accessed 30 March 2006.
 
33
Seth Finkelstein. "Google Censorship -- How it Works." http://sethf.com/anticensorware/general/google-censorship.php, accessed 30 March 2006.
 
34
EFF.org. "Chinese New Year: Resolutions for Google." Electronic Frontier Foundation, 30 January 2006. http://www.eff.org/deeplinks/archives/004362.php, accessed 30 March 2006.
 
35
EFF.org. "Internet Companies Need Code of Conduct in Authoritarian Regimes." Electronic Frontier Foundation, 15 February 2006. http://www.eff.org/news/archives/2006_02.php, accessed 30 March 2006.
 
36
EFF.org. "Google Copies Your Hard Drive -- Government Smiles in Anticipation." Electronic Frontier Foundation, 9 February 2006. http://www.eff.org/news/archives/2006_02.php, accessed 30 March 2006.
 
37
EPIC.org. "Justice Department Subpoenas Search Records; Google Resists." Electronic Privacy Information Center, 27 January 2006. http://www.epic.org/alert/EPIC_Alert_13.02.html, accessed 30 March 2006.
 
38
SearchEngineWatch.org. "Google's Help Center Page About Censorship Back Online With New Text." Search Engine Watch, 29 January 2006. http://blog.searchenginewatch.com/blog/060129-152723, accessed 30 March 2006.
 
39
Roger Dingledine , Nick Mathewson , Paul Syverson, Tor: the second-generation onion router, Proceedings of the 13th conference on USENIX Security Symposium, p.21-21, August 09-13, 2004, San Diego, CA
 
40
Anonymizer.com. "Internet Privacy and Security Solutions." http://www.anonymizer.com/, accessed 12 April 2006.
41
Michael K. Reiter , Aviel D. Rubin, Anonymous Web transactions with Crowds, Communications of the ACM, v.42 n.2, p.32-48, Feb. 1999  [doi>10.1145/293411.293778]
 
42
Radia Perlman. "The Ephemerizer: Making Data Disappear." Sun Microsystems Technical Report TR-2005-140, February 2005.
43
S Goldwasser , S Micali , C Rackoff, The knowledge complexity of interactive proof-systems, Proceedings of the seventeenth annual ACM symposium on Theory of computing, p.291-304, May 06-08, 1985, Providence, Rhode Island, United States  [doi>10.1145/22145.22178]
 
44
Michael Rabin. "How to exchange secrets by oblivious transfer." Technical Report TR-81, Aiken Computation Laboratory, Harvard University, 1981.
 
45
Ryan MacDonald, "Web-based User Profiling Using Artificial Neural Networks", Honours Thesis, Acadia University, 2001.
 
46
Dave Cartwright. "Customize Your Content With User Profiling." Web Developer's Journal, 4 April 2004. http://www.webdevelopersjournal.com/articles/user_profiling.html, accessed 12 April 2006.
 
47
Proceedings of the 2005 Symposium on Usable Privacy and Security. http://cups.cs.cmu.edu/soups/2005/program.html, accessed 12 April 2006.
 
48
Jeremy Gillick. "Firefox Add-ons: SwitchProxy Tool." https://addons.mozilla.org/extensions/moreinfo.php?id=125, accessed 13 April 2006.
 
49
Mozilla.org. "Using the Cookie Manager." http://www.mozilla.org/projects/security/pki/psm/help_21/using_ priv_help.html, accessed 13 April 2006.
 
50
Mozilla.org. "Firefox Add-ons." https://addons.mozilla.org/extensions/?application=firefox, accessed 30 March 2006.
 
51
James Brelsford. "California Raises the Bar on Data Security and Privacy." FindLaw, 20 September 2003. http://library.findlaw.com/2003/Sep/30/133060.html, accessed 30 March 2006.

CITED BY  4
Gregory Conti , Edward Sobiesk, An honest man has nothing to fear: user perceptions on web-based information disclosure, Proceedings of the 3rd symposium on Usable privacy and security, July 18-20, 2007, Pittsburgh, Pennsylvania
Gregory Conti, Could googling take down a president?, Communications of the ACM, v.51 n.1, January 2008
Kulsoom Abdullah , Gregory Conti , Edward Sobiesk, Self-monitoring of web-based information disclosure, Proceedings of the 2007 ACM workshop on Privacy in electronic society, October 29-29, 2007, Alexandria, Virginia, USA
Edward Sobiesk , Gregory Conti, The Cost of Free Web Tools, IEEE Security and Privacy, v.5 n.3, p.66-68, May 2007

INDEX TERMS

Primary Classification:
  H. Information Systems
  H.3 INFORMATION STORAGE AND RETRIEVAL
      H.3.3 Information Search and Retrieval

Additional Classification:
  K. Computing Milieux
  K.4 COMPUTERS AND SOCIETY
      K.4.2 Social Issues
      K.4.3 Organizational Impacts
      K.4.4 Electronic Commerce


General Terms:
Human Factors, Legal Aspects, Security


Keywords:
AOL, Google, anonymity, anonymization, fingerprinting, googling, information disclosure, privacy, search, usable security

Collaborative Colleagues:
Gregory Conti: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player