[liberationtech] Anonymity / privacy considerations of HTTP 'referer' information
It occurred to me that the HTTP 'referer' header field leaks information about your browsing history. In the flurry of recommendations and tips on how to guard your privacy / stay anonymous online that I have seen over the past year (such as the BestVPN.com list), I don't recall seeing the HTTP 'referer' header mentioned. But I could just not have been paying attention to the correct channels. I figured that if any project would be sensitive to this kind of leak, it would be the TOR project. So, using the latest version of the TOR Browser, I created a hyperlink to the following URL on a test web page of mine: http://www.whatismyreferer.com/ Sure enough, clicking on the test link on my personal webpage took that URL, and the webpage dutifully reported the HTTP 'referer' header information. It was not blocked nor obscured. The problem is that people might visit websites that fully or partially identify them, and then follow links to sites that will then track/log the HTTP 'referer' information. It's not clear to me how much damage could be caused by this kind of information leak, but I thought I would ask the experts on this list as to whether this is a legitimate concern or not. Thanks, ~Tomer -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Registration open: Privacy Enhancing Technology Symposium - July 16-18 2014 Amsterdam
* Privacy Enhancing Technology Symposium -July 16-18, 2014 Royal Tropical Institute, Amsterdam, The Netherlands * The 14th Privacy Enhancing Technologies Symposium addresses the design and realization of privacy services for the Internet and other data systems and communication networks by bringing together anonymity and privacy experts from around the world to discuss recent advances and new perspectives. Additional information about the conference can be found at http://petsymposium.org/2014. *Registration is open* at https://www.petsymposium.org/2014/registration.php, travel information can be found here: https://www.petsymposium.org/2014/travel.php, including information for Visa application. *Important dates*: Early bird registration:until June 24th Hotel special rates: until May 30th The conference will be a 3-day event featuring technical presentations of papers, judged based on their quality and relevance through double-blind reviewing. The Symposium will include an invited talk by Martin Ortlieb (Google Zurich) and the rest of the program can be found here: https://www.petsymposium.org/2014/program.php The third day of the symposium will be devoted to HotPETs — the hottest, most exciting research ideas still in a formative state. The program for HotPETs includes an invited tal byWilliam Binney, former intelligence official with the United States National Security Agency, and specialized talks on hot topics related to privacy. The program will be announced here: https://www.petsymposium.org/2014/hotpets.php PETS will be collocated with the GenoPri Workshop (https://genomeprivacy.org/workshop) that will take place on July 15th. The event will explore the privacy issues raised by genomics and the main envisioned solutions"It will include a keynote and a tutorial on genomics for computer scientists by a geneticist. -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
