Talks and presentations
See a map of all the places I've given a talk!
Talk, Vienna University of Technology (TU), Vienna, Austria
In the early age of the internet users enjoyed a large level of anonymity. At the time web pages were just hypertext documents; almost no personalisation of the user experience was offered. The Web today has evolved as a world wide distributed system following specific architectural paradigms. On the web now, an enormous quantity of user generated data is shared and consumed by a network of applications and services, reasoning upon users expressed preferences and their social and physical connections. Advertising networks follow users’ browsing habits while they surf the web, continuously collecting their traces and surfing patterns. We analyse how users tracking happens on the web by measuring their online footprint and estimating how quickly advertising networks are able to profile users by their browsing habits.
Talk, Aalto Univerisity, Helsinki, Finland
Proximity-based social applications let users interact with people that are currently close to them, by revealing some information about their preferences and whereabouts. This information is acquired through passive geo-localisation and used to build a sense of serendipitous discovery of people, places and interests. Unfortunately, while this class of applications opens different interactions possibilities for people in urban settings, obtaining access to certain identity information could lead a possible privacy attacker to identify and follow a user in their movements in a specific period of time. The same information shared through the platform could also help an attacker to link the victim’s online profiles to physical identities. We analyse a set of popular dating application that shares users relative distances within a certain radius and show how, by using the information shared on these platforms, it is possible to formalise a multilateration attack, able to identify the user actual position. The same attack can also be used to follow a user in all their movements within a certain period of time, therefore identifying their habits and Points of Interest across the city. Furthermore we introduce a social attack which uses common Facebook likes to profile a person and finally identify their real identity.
Talk, CCC, Hamburg, Germany
In the post-NSA world it is important to understand the magnitude of our online activities in order to take informative decisions on our ubiquitous shared lives. Personal Tracking Devices is the result of a two years long study on tracking technologies and the inherent nature of the web and telecommunication networks in general. The study, conducted as part of Ph.D. research in privacy and security at UPC Barcelona Tech, collected a large amount of metadata to raise awareness on the footprints left by users on the web and through mobile apps.