The illusion of anonymity on the web: this is how it neutralizes by crossing the data-leaks

The illusion of anonymity on the web: this is how it neutralizes by crossing the data-leaks

A couple of students from Harvard University, Dasha Metropolitansky and Kian Attari, conducted an experiment that allowed to show how much anonymization of data is actually a false myth and, above all, how much security breaches, "data leaks" and "privacy scandals" are actually much more dangerous than what common thinking has led to believe.

The two students built a tool capable of sifting through those large data collections that originate from episodes of database breach or information theft. Starting from a dataset originating from the violation of the company's systems Experian, which occurred in 2015, and containing the personal information of 6 million individuals, the two students divided the information by state and focused on citizens of the Washington D.C. area.

Crossing data leaks: anonymity crumbles

In this way Attari and Metropolitansky worked on data made up of 69 variables (residence addresses, telephone numbers, credit score, political donations, number of children and so on): in total they had to deal with 40 thousand unique email addresses, corresponding to as many users. Using these addresses with the tool they developed, the two students probed sets of data originating from other incidents of security incidents / violations so as to seek correspondences and possible correlations with other data.

Read This Now:   Vivo V15 Pro with a 48MP camera

Although many of these datasets are "anonymized", the two students were able to correlate data from multiple different datasets and managed to building clear photographs of each person's virtual and real identities present in datasets. A single leak like a piece of a puzzle: alone it may not be particularly important, but together with others it acquires meaning.

A reality, for example, may perhaps only retain some information regarding our person (virtual and / or real that it is), while another reality may retain others. But if they share even one type of this data, it becomes possible to find matches and collect more information about a single person, managing to compose a rather clear identity.

Password reused, a plague still rooted

"What we have been able to do worrying, because it allows to identify vulnerabilities in the online presence of people. For example, if all the credentials associated with a single person were aggregated, it would be possible to see how, where and how many times username and password are reused "explain the students. And precisely in this regard, a worrying data emerges which shows how, despite the fact that security best practices are constantly repeated when accidents that lead to the stealing of private information occur, the public is not inclined to the use of unique passwords or password managers: of 96 thousand passwords contained in one of the datasets, only 26 thousand are unique passwords.

Read This Now:   Nokia to use the Exynos processor in its new smartphone?

Another aspect of particular consideration that in this way a cybercriminal may not necessarily want to target a specific victim, but can actually look for victims who match a certain set of criteria. The two students showed that in less than 10 seconds it was possible to produce a dataset of over 1000 people responding to a specific "identikit": high net worth, married with children and with an account in an extramarital dating site. By changing the filtering parameters it was possible to identify senior politicians with their credit score, the telephone numbers, the addresses of three Senators, three Representatives, the Mayor of Washington and a member of the Cabinet.

The aim of the two students is to try to make the public aware of the fact that although these episodes are problematic already if taken individually, when they are considered as a whole they assume the traits of a real nightmare. Also because the data on which Attari and Metropolitansky have worked are in the public domain: available online on forums or in the dark web but without having to carry out particularly in-depth searches.

Read This Now:   A Cybertruck that travels through time? Here is Tesla's pickup in the movie Back to the Future

Notice: ob_end_flush(): failed to send buffer of zlib output compression (1) in /home/gamefeve/bitcoinminershashrate.com/wp-includes/functions.php on line 5373

Notice: ob_end_flush(): failed to send buffer of zlib output compression (1) in /home/gamefeve/bitcoinminershashrate.com/wp-includes/functions.php on line 5373