Other services

Beyond the mechanisms described above, there are numerous other protocols and services that leak significant personal information. For example, numerous Instant Messaging (IM) system do not employ encryption so all user identification information is available to eavesdroppers. Although this information might not be significant on its own, when it is correlated with other sensitive information, it can be used to construct a distinct user profile. Other systems that can be used to fingerprint user behavior are the mail servers that users connect to, information from other networking protocols such as NETBIOS and AppleTalk and even which VPN servers a user connects to.

The growing popularity of Google and other online service portals, has moved a number of user services to central aggregated locations where users can check their RSS feeds and email. Although this configuration changes the network fingerprint that is emitted by services it does not reduce the amount of information that is leaked. For example, the Google homepage includes links to personalized RSS feeds including the user's email address in plain text, which often points to a user's real identity, e.g., john.doe@gmail.com. This information can be readily used to create very accurate user profiles since a tracker can intercept these unencrypted HTTP transfers.

Another serious vector of information leak is (to no surprise) the use of cookies. Cookies are used extensively as a mechanism for servers to identify users and track their access. The threat of Cookies to user privacy has received considerable attention in the literature [23]. In the context of tracknets, the exchange of Cookie information can be used to extract personalized user information based on both the contents of the Cookies and their transmission fingerprint. For example, Google, a company synonymous with Internet search uses cookies that expire in 2036. The cookie uses a 16-digit identifier to track user preferences and, inevitably, track user behavior. Given the popularity of the search engine, it is not unreasonable to assume that a large percentage of the user population will emit this identifier during its lifetime, adding another mechanism for user tracking.

The Dynamic Host Configuration Protocol (DHCP) is a ubiquitous protocol used for automating network configuration. Unfortunately, there is no privacy protection for DHCP messages, so an eavesdropper who can monitor the link between the DHCP server and requesting client can discover the information contained in this option. For example, the following snippet illustrates the kind of information that can be derived from a DHCP request. Information on the types of services and more importantly hostname information is made readily available to eavesdroppers.

Client IP: 10.50.16.205
Client Ethernet Address: 00:17:f2:40:61:65
Vendor-rfc1048:
DHCP:REQUEST
PR:SM+DG+NS+DN+NI+NITAG+SLP-DA+SLP-SCOPE+LDAP+T252
MSZ:1500
CID:[ether]00:17:f2:40:61:65
LT:7776000
HN:"alamak"

We collect and correlate the information derived from DHCP headers. In particular, we are interested in user-identifying information such as the user's hostname. This information might appear innocuous but is often linked to personal information such as the user's name or company information. Again, in this case we associate DHCP-derived information with the base station's ESSID.