W3C home > Mailing lists > Public > public-privacy@w3.org > July to September 2012

[article] Keeping Information Safe from Social Networking Apps

From: Karl Dubost <karld@opera.com>
Date: Sun, 19 Aug 2012 09:59:46 -0400
Message-Id: <3CBB5919-97D0-4415-A3FA-7369F7DF1306@opera.com>
To: "public-privacy@w3.org mailing list)" <public-privacy@w3.org>

Abstract of 
Keeping Information Safe from Social Networking Apps
Bimal Viswanath, Emre Kıcıman, and Stefan Saroiu
17 August 2012
The ability of third-party applications to aggregate and re- purpose personal data is a fundamental privacy weakness in today’s social networking platforms. Prior work has pro- posed sandboxing in a hosted cloud infrastructure to prevent leakage of user information [22]. In this paper, we extend simple sandboxing to allow sharing of information among friends in a social network, and to help application devel- opers securely aggregate user data according to differential privacy properties. Enabling these two key features requires preventing, among other subtleties, a new “Kevin Bacon” at- tack aimed at aggregating private data through a social net- work graph. We describe the significant architectural and security implications for the application framework in the Web (JavaScript) application, backend cloud, and user data handling.
— http://research.microsoft.com/apps/pubs/default.aspx?id=163323

In the PDF… excerpts:

For example, even the simplest third-party applications on Facebook com- monly require access to information such as message post- ings, interests, photo albums, and birthdays. Today’s archi- tectures not only allow this information to be replicated on third-party application servers, but some actually require it. These servers are outside of the OSN’s control, and many are hosted in countries that lack privacy laws, exposing private information to misuse. To date, some applications have un- intentionally leaked personal information to advertisers and exposed private profiles publicly [6, 7]. Other applications have purposefully sold private user data to marketers and advertisers [24,29].


To protect user data, our strawman system lets informa- tion flow from developers to users without restriction, but any information flow from users to developers is restricted.


In the Kevin Bacon attack, an application silently shares personal information with a users’ friends. When a friend runs the same application, that application silently receives this information and forwards it to a new set of friends. This process repeats, spreading the original personal information throughout the social network until it reaches the OSN ac- count of the application developer. Because this sharing follows the social graph, it does not strictly violate our re- striction of sharing information only with friends. But, be- cause this sharing is done without the awareness of users, and given the relatively small diameter of social graphs [17], large amounts of personal data can be collected by the ap- plication developer without user knowledge or permission.


Karl Dubost - http://dev.opera.com/
Developer Relations, Opera Software
Received on Sunday, 19 August 2012 14:00:21 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:49:23 UTC