Způsoby využívání anonymizační sítě Tor / Ways of using Tor anonymous network

Schamberger, Pavel

January 2017

This diploma thesis deals with ways of using Tor anonymization network both from the point of view of the use in the positive sense and the use in the negative sense, the abuse. The aim of this work is to identify different ways of using the network and to quantify network abuse based on analyzed abuse reports. First, the basic concepts are defined and the development of the Internet and identification technologies in its environment are briefly described. Then, the concept of Onion routing, based on which the Tor network works, together with more technical details about the functioning of the network, is introduced. Last but not least, the Tor Browser is described as the most common tool for using the Tor network along with the types of users who use it. The last chapter of the theoretical part introduces the problem of network abuse. The practical part is primarily solved in the form of a quantitative analysis of abuse, due to their volume of almost 3 million. Quantitative analysis is done using the statistical language R and basic mining data, text mining and statistical methods. The analyzed data are related to several large nodes of the Tor network and contains several years of history. Although the total number of complaints increases almost exponentially over time, complaints about malicious...

Vad gör kakorna med oss? : En studie om internetanvändares kunskap och inställning till datainsamling via cookies / What do the cookies do with us? : A study about internet users knowledge and attitude towards data collection through cookies

Axelsson, Josefin, Killander, Sara

January 2022

Denna studie undersöker svenska internetanvändares kunskaper och inställningar till datainsamling genom cookies. Syftet med studien är att ta reda på vilken nivå deras kunskap ligger på och vad de har för inställning till cookies samt om det finns något samband mellan dessa. Studien baseras på en kvantitativ undersökning genom en webbenkät och kompletteras med en kvalitativ undersökning i form av semi-strukturerade intervjuer. Webbenkäten genererade åttiotre svar och av dessa var det sex respondenter som blev intervjuade. Resultatet visade på en låg kunskapsnivå om datainsamling genom cookies och en neutral eller negativ inställning till dessa. Det fanns en oro bland respondenterna att deras personliga information hamnar i fel händer eller att deras integritet kränks. Trots oron fanns det även en nonchalans och likgiltighet inför internetanvändarnas egna ansvar och agerande till datainsamlingen. Slutsatserna som kunde dras var att inställningen till cookies var mestadels negativ och kunskapsnivån kring dem var generellt väldigt låga. Ett behov av relevant utbildning inom ämnet skulle behövas då kunskapsnivån hos internetanvändare måste bli högre och de behöver utveckla en digital kompetens för att få rätt förutsättningar i dagens digitaliserade samhälle. / This study examines Swedish internet users' knowledge and attitude towards data collection through cookies. The purpose of the study is to find out the level of their knowledge and what attitude they have towards cookies as well as examining if there is a relation between the two. The study is based on quantitative research through an online survey and was strengthened by qualitative research in the shape of semi-structured interviews. The survey generated eighty-three responses and from them six respondents were interviewed. The result showed a low level of knowledge about data collection through cookies and a neutralt or negative attitude towards these. There was a general concern among the respondents of their personal information falling into the wrong hands or having their privacy violated. Despite the concerns there was also a casualness and indifference towards the internet users own responsibility and behavior with data collection. In conclusion the attitude towards cookies was mostly negative and the knowledge was in general very low. There’s a need for relevant education of the subject to raise the level of knowledge by the internet users so that they can develop a digital literacy and get the right conditions in today's digitalized society.

Cookies

data collection

internet privacy

digital literacy

internet users

Cookies

datainsamling

integritet

digital kompetens

internetanvändare

Media and Communication Technology

Medieteknik

Informing Users About Fingerprinting

Höglund, Salomon

January 2019

In peoples hyperconnected lives, a price to pay is their internet privacy and the different risks it faces the second their browser connects to the web. One such risk comes from how web tracking collect and analyze users information. This paper explores an approach to how web browsers can inform its users about the web tracking technique Fingerprinting, and through the concept presentation of this approach see: what key key aspects of visual aesthetics that affects the users experience when being informed; and to what extent differences in technological interest and knowledge affect users reception of Fingerprinting information, and the implementation implications the differences leads to. For this purpose a high fidelity prototype was created to: represent the concept of web browsers having integrated educational pages meant to inform its users on topics such as Fingerprinting, and to; be used in a user test. The results showed: a lack of knowledge on the existence of Fingerprinting; that differences in technological interest and knowledge among users affected what aspects of visual aesthetics they valued; and that those with less technological interest and knowledge to a higher degree had their attitudes towards Internet Privacy affected by the prototype’s information. It also showed that the differences affects users approach and interactions with software, and that the design implications this brings are to be considered for future browser functionality implementations. / <p>Självständigt Examensarbete (Forskningsartikel)</p>

Fingerprinting

HCI

Human-Computer Interaction

IxD

Interaction Design

Internet Privacy

Privacy

UX

User Experience

UI

User Interface

Visual Aesthetics

Web Tracking

Media and Communication Technology

Medieteknik

Using privacy calculus theory to explore entrepreneurial directions in mobile location-based advertising: Identifying intrusiveness as the critical risk factor

Gutierrez, A., O'Leary, S., Rana, Nripendra P., Dwivedi, Y.K., Calle, T.

25 October 2019

Yes / Location-based advertising is an entrepreneurial and innovative means for advertisers to reach out through personalised messages sent directly to mobile phones using their geographic location. The mobile phone users' willingness to disclose their location and other personal information is essential for the successful implementation of mobile location-based advertising (MLBA). Despite the potential enhancement of the user experience through such personalisation and the improved interaction with the marketer, there is an increasing tension between that personalisation and mobile users' concerns about privacy. While the privacy calculus theory (PCT) suggests that consumers make privacy-based decisions by evaluating the benefits any information may bring against the risk of its disclosure, this study examines the specific risks and benefits that influence consumers' acceptance of MLBA. A conceptual model is proposed based on the existing literature and a standardised survey was developed and targeted at individuals with known interests in the subject matter. From these requests, 252 valid responses were received and used to evaluate the key benefits and risks of MLBA from the users' perspectives. While the results confirmed the importance of internet privacy concerns (IPC) as an important determinant, they also indicate that monetary rewards and intrusiveness have a notably stronger impact on acceptance intentions towards MLBA. Intrusiveness is the most important risk factor in determining mobile users' intentions to accept MLBA and therefore establishing effective means of minimising the perceived intrusiveness of MLBA can be expected to have the greatest impact on achieving effective communications with mobile phone users.

Mobile location-based advertising (MLBA)

Privacy calculus theory (PCT)

Internet privacy concerns (IPC)

Intrusiveness

Personalisation

Monetary rewards

Improving internet usability - a framework for domain name policy evaluation.

Rowe, Joshua Luke, josh@email.nu

January 2009

A domain name is a unique alphanumeric designation that facilitates reference to sets of numbers which actually locate a particular computer on the Internet. Domain names are a fundamental part of the Internet's user interface. Improving the usability of the Internet depends upon effective domain name policy. This study is intended to contribute to improvement in Internet usability for the end users of domain names. Benefits of more usable domain names include: higher sales, customer satisfaction and productivity, and reduced support costs. Domain name policies worldwide vary considerably. Consequently, end users are inconvenienced by contradictory domain name policies, diminishing the predictability of an entity's domain name, and thus decreasing usability for end users. The study objective was to develop criteria with which policy makers can evaluate their domain name policies, in order to improve the usability of domain names for end users. The main research question posed was: What are the criteria for an effective domain name policy? The research methodology included a literature review, domain name policy examination and an ethnographic narrative. The literature review found existing research examining either domain names or usability in isolation. However, research examining the intersection of the two is scarce. The existing research describes domain names as part of the web user interface. In practical terms, this is about how people use domain names to access web sites, email addresses and other Internet resources. It was established that the predictability (and thus usability) of domain names relies on effective domain name policy. The non-standardised and widely delegated process of domain name policy development leads to unpredictable and inconsistent domain names. The narrative recollection presented the researcher's inside perspective on the domain name industry, with a focus on domain name usability. The researcher provided first-hand insights into the evolution of the industry and policy development process, from Australian and international perspectives. To address the problem of poor domain name usability, a framework for domain name policy evaluation is proposed. The framework extends the current research that treats domain names as a user interface by proposing criteria which address usability concerns. The framework allows policy makers to critically assess domain name policies with end users in mind. Examples of the criteria include: understanding who are its intended and untended users, and whether it's consistent with other domain names. The framework has the potential to set an international standard for the critical evaluation of domain name policy, and become the basis for further research. This study was developed from the researcher's perspective as a participant in the domain name industry. A secondary lens regarding the usability of domain names was then applied. This study has only scraped the surface in terms of how the research fields of domain names and usability may be considered together. The research methodology for this study was primarily qualitative and interpretive. A quantitative study of domain name policies globally could provide further insight into areas including: the differences in second level country code domain names, and language implications of domain names.

Domain name usability

domain names

usability

Internet governanance

Internet politics

Internet economics

electronic identifiers

telecommunications

Internet standards

domain name policy

intellectual property

trademarks

Internet security

Internet privacy

web site design

web site usability

human-computer interaction

online marketing

online brands.

A disposição para revelar informações pessoais a sistemas de recomendação: um estudo experimental

Oliveira, Bruna Miyuki Kasuya de

31 July 2017

Submitted by Bruna Oliveira (brunamiyuki@gmail.com) on 2017-08-29T17:05:38Z No. of bitstreams: 1 Tese_versãofinal.pdf: 3842360 bytes, checksum: 086bcf268fcb7702a198316e866fa6a2 (MD5) / Approved for entry into archive by Pamela Beltran Tonsa (pamela.tonsa@fgv.br) on 2017-08-29T19:48:14Z (GMT) No. of bitstreams: 1 Tese_versãofinal.pdf: 3842360 bytes, checksum: 086bcf268fcb7702a198316e866fa6a2 (MD5) / Made available in DSpace on 2017-08-30T13:07:01Z (GMT). No. of bitstreams: 1 Tese_versãofinal.pdf: 3842360 bytes, checksum: 086bcf268fcb7702a198316e866fa6a2 (MD5) Previous issue date: 2017-07-31 / A privacidade de informações na internet é uma das maiores preocupações advindas da ascensão da web 2.0. Entretanto, cada vez é mais comum a requisição e manejamento de dados pessoais por empresas que, por meio de Sistemas de Recomendação (SR), visam garantir aos usuários serviços ou produtos personalizados às suas necessidades. Porém, frequentemente os consumidores enfrentam um paradoxo de privacidade-personalização, pois precisam conceder informações, mas temem como elas serão utilizadas pelas empresas. O uso incoerente de tais dados pode dar ao indivíduo a sensação de que sua liberdade está sendo cerceada, levando-o a reagir de maneira diversa da intenção do sistema. Trata-se, efetivamente, de um efeito bumerangue, entendido como uma resposta oposta à ameaça de sua liberdade na web. Tendo em vista que a literatura de SI explora de maneira insuficiente os efeitos da percepção de intrusão na disposição em revelar informações, sobretudo por meio da teoria da reatância psicológica – de onde advém o efeito bumerangue – o objetivo desta pesquisa foi verificar como a percepção dos usuários sobre a intrusão do Sistema de Recomendação pode afetar a sua disposição em revelar suas informações. Foram realizados dois experimentos, sendo um nos Estados Unidos e outro no Brasil, com amostras válidas de 213 e 237 participantes, respectivamente. Para isto, foi desenvolvido um protótipo de Sistema de Recomendação Experimental na plataforma Qualtrics. As técnicas utilizadas para análise de dados foram a análise de variância de um fator (one-way ANOVA) e a análise de covariância (ANCOVA). Dentre os resultados obtidos, demonstrou-se o efeito bumerangue do SR, pois quanto maior o nível de intrusão do SR, menor a disposição para revelar suas informações; verificou-se a existência de apenas dois níveis de intrusão percebida pelo usuário; foi constatado o impacto das preocupações de privacidade na internet na relação entre percepção de intrusão e disposição em revelar suas informações, além da uniformidade no comportamento entre as duas amostras. Com base nos resultados, espera-se que desenvolvedores de SR e empresas que os utilizam evitem futuros efeitos bumerangue em suas recomendações, o que afugentaria um potencial cliente. / Information privacy on internet is one of the biggest concerns that arise with web 2.0. However, it is increasingly common for companies that use Recommendation Systems (RS) the request and manage of personal data aiming to guarantee personalized services or products to the users. However, consumers often face a privacy-personalization paradox because they need to provide information, but fear how companies will use it. Incoherent use of such data can give to the individual the feeling that their freedom is being curtailed, causing reactions differently than the system’s intention. It is a boomerang effect, understood as an opposed response to the threat of its freedom on the web. Considering that the IS literature insufficiently explores the effects of the perception of intrusion on the willingness to disclose information, especially through the theory of psychological reactance – where the boomerang effect comes from – the objective of this research is to verify how the users' perception of the intrusion of the Recommendation System may affect your willingness to disclose your information. Two experiments were conducted in the United States and Brazil, with valid samples of 213 and 237 participants, respectively. A prototype of an Experimental Recommendation System (ERS) was developed on the Qualtrics platform. The techniques used for data analysis were the analysis of one-way variance (one-way ANOVA) and covariance analysis (ANCOVA). Among the results, the boomerang effect of RS was demonstrated, because the higher the level of SR intrusion, the less is the willingness to disclose its information. It was verified the existence of only two levels of intrusion perceived by the user. The impact of Internet privacy concerns on the relationship between perception of intrusion and willingness to disclose information was verified, as well as the behavioral indifference between the two samples. Based on the results, RS developers and companies that use them are expected to avoid future boomerang effects in their recommendations, which would scare away a potential customer.

Paradoxo de privacidade-personalização

Sistema de recomendação

Reatância psicológica

Efeito bumerangue

Internet privacy concerns

Privacy-personalization paradox

Recommendation system

Psychological reactance

Boomerang effect

Administração de empresas

Proteção de dados

Direito à privacidade

Internet - Aspectos sociais

Tecnologia da informação

Detekce metod zjišťujících otisk prohlížeče / Browser Fingerprinting Detection

Saloň, Marek

January 2021

The main goal of this thesis is to design and implement a mechanism that provides protection against stateless tracking with browser fingerprint. Implemented tool has a form of module that takes part of JavaScript Restrictor extension. The module allows to specify heuristics used for evaluation of visited sites that may contain browser fingerprint extraction. If suspicious activity is detected, all subsequent HTTP requests from that site are blocked to prevent the extracted fingerprint from being sent to the server. The implementation and defined heuristics were tested. The resulting module represents an effective tool against stateless tracking. The main limitation of the implementation is possible corruption of sites by blocking HTTP requests.

網路企業自律機制對消費者信任影響之研究：隱私保護及交易安全認知觀點

潘兆娟, Pan,JJ,joujuan

Unknown Date

本研究之目的在於探究何謂完整之網路企業自律機制？目前廣為採用之信賴標章、規範承諾、網路評分等網路企業自律機制，何者能夠得到消費者信任？網路企業如何透過不同的自律機制，使得消費者認知其交易安全與資訊隱私已被保護？網路消費者如何經由認知其交易安全及資訊隱私已被保護，進而產生其對於網路企業之信任?信賴標章、規範承諾、網路評比等網路企業之自律機制，何者較能夠得到網路消費者的信任？ 過去研究極少著墨於網路自律機制對於消費者信任之影響，本研究除了希望對於缺乏資源及品牌聲譽之網路企業有所啟發外，也探討網路企業在既有的法律、管理及技術之環境架構下，應如何取得消費者信心，並以文獻探討、問卷分析及個案討論與分析等方法來驗證網路自律機制對於消費者信任之影響。 在文獻探討上，本研究針對國內外學者對保護資訊隱私及交易安全之制度及作法、企業自律機制之規範及作法、消費者信心等相關研究加以歸納，並輔以國內外個案研究，一方面摘要學者對以上議題的研究成果與看法，一方面彙整相關文獻，進而發展出本研究相關之研究假設。並從文獻彙整摘要中，提出研究架構及假設，並就各構面及假設之變數賦予操作型定義，選定適宜之統計方法予以檢測，且根據前測問卷之結果，於全省各地進行717份之問卷調查及回收作業。回收之問卷均透過檢查、編碼、整理，並進行樣本特徵、信度與效度分析，進一步驗證及解釋各研究假設。 除了定量分析外，本研究亦由十個與問卷相關的個案中，研究該些網路企業之營運模式、產品、服務及交易流程，了解其自律機制與消費者保護之作法，進而與統計分析相關的資料做交叉分析，並對應先前之研究假設，以進一步分析網路企業自律機制、消費者保護構面與消費者信任之間的關係。 本研究結果包含三部份，分別為自律機制(信賴標章、承諾規範、網路評比)與消費者保護(資訊隱私保護認知、交易安全保護認知)之關係、消費者保護與消費者信任之關係、自律機制與消費者信任之關係；最後提出五項管理意涵，包括網路企業得到消費者信任之重要因素及關鍵因素、網路企業如何建立專屬的自律機制及消費者保護機制、進而發展值得信賴的網路購物環境。 / The objective of this article is to study on what a complete self-regulatory mechanism of an internet business is, The article also explore if the existing online self-regulatory mechanisms including trustmarks, commitments and rankings are able to get trust of consumers, in order to let consumers recognize their personal data and security of online transactions being protected, thus consumers are able to trust the internet business they deal with? Which of the above existing self-regulatory mechanisms is more capable to get trust of consumers? Even though limited literatures focus on the impact of online self-regulatory mechanisms to trust of consumers, by methodology of literature reviews, quantitative research and case studies, this article not only contributes to internet businesses with limited resources and brand awareness, but also contributed to those internet businesses, under a framework of regulations, management and technology, willing to get trust of consumers. There are also hypotheses to testify relationships between online self-regulatory mechanisms, consumer protection (of personal data and security for online transactions) and trust of consumers. After reviews on literatures of various self-regulatory mechanisms, internet data privacy, transactional security, consumer protection, trust of consumers, this article proposes a research framework including 3 main hypotheses, 3 independent variables, 2 intermediary variables, 1 dependent variables and their operational model. To testify the hypotheses, this article collected 717 samples of survey around the island and 10 case studies. Utilizing multiple regressions and related statistics analyses, most of the hypotheses are supported. Comparing with 3 dimensions of transactional process, self-regulatory mechanisms and consumer protection, 10 cases are found similar to the testing result of hypotheses, but also remained spaces of improvement. At last, this article concludes with 5 managerial implications, including key successful factors and critical factors to get trust of online consumers, how to build a proprietary self-regulatory and a consumer protection mechanisms, thus to set up a complete trustworthy online shopping environment.

網路企業

自律機制

信賴標章

承諾規範

網路評比

資訊隱私保護

交易安全

消費者信任

internet business

self-regulatory

trustmark

commitment

ranking

internet privacy

online transactional security

consumer trust

Das Privatleben Prominenter als Verfassungsproblem : ein Rechtsvergleich mit Frankreich und England unter Einbezug von Internetpublikationen /

Straky, Randolf.

January 2006

Univ., Diss.--Mannheim, 2005. / Literaturverz. S. 237 - 261.