Why Snoopy Loves Online Services: An Analysis of (Lack of) Privacy in Online Services

Vittoria Cozza; Zisis Tsiatsikas; Mauro Conti; Georgios Kambourakis

doi:10.5220/0006207204310438

Why Snoopy Loves Online Services: An Analysis of (Lack of) Privacy in Online Services

Vittoria Cozza, Zisis Tsiatsikas, Mauro Conti, Georgios Kambourakis

2017

Abstract

Over the last decade online services have penetrated the market and for many of us became an integral part of our software portfolio. On the one hand online services offer flexibility in every sector of the social web, but on the other hand these pros do not come without a cost in terms of privacy. This work focuses on online services, and in particular on the possible inherent design errors which make these services an easy target for privacy invaders. We demonstrate the previous fact using a handful of real-world cases pertaining to popular online web services. More specifically, we show that despite the progress made in raising security/privacy awareness amongst all the stakeholders (developers, admins, users) and the existence of mature security/privacy standards and practices, there still exist a plethora of poor implementations that may put user’s privacy at risk. We particularly concentrate on cases where a breach can happen even if the aggressor has limited knowledge about their target and/or the attack can be completed with limited resources. In this context, the main contribution of the paper at hand revolves around the demonstration of effortlessly exploiting privacy leaks existing in widely-known online services due to software development errors.

Download

Paper Citation

in Harvard Style

Cozza V., Tsiatsikas Z., Conti M. and Kambourakis G. (2017). Why Snoopy Loves Online Services: An Analysis of (Lack of) Privacy in Online Services . In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-209-7, pages 431-438. DOI: 10.5220/0006207204310438

in Bibtex Style

@conference{icissp17,
author={Vittoria Cozza and Zisis Tsiatsikas and Mauro Conti and Georgios Kambourakis},
title={Why Snoopy Loves Online Services: An Analysis of (Lack of) Privacy in Online Services},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2017},
pages={431-438},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006207204310438},
isbn={978-989-758-209-7},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Why Snoopy Loves Online Services: An Analysis of (Lack of) Privacy in Online Services
SN - 978-989-758-209-7
AU - Cozza V.
AU - Tsiatsikas Z.
AU - Conti M.
AU - Kambourakis G.
PY - 2017
SP - 431
EP - 438
DO - 10.5220/0006207204310438