Token attempt
| Autor: | Aleecia M. McDonald, Pedro Giovanni Leon, Robert McGuire, Lorrie Faith Cranor |
|---|---|
| Rok vydání: | 2010 |
| Předmět: |
Information privacy
Data collection Computer science business.industry Privacy policy Workaround Internet privacy Security token Computer security computer.software_genre TheoryofComputation_MATHEMATICALLOGICANDFORMALLANGUAGES User agent TheoryofComputation_LOGICSANDMEANINGSOFPROGRAMS The Internet Syntax error business computer |
| Zdroj: | WPES |
| DOI: | 10.1145/1866919.1866932 |
| Popis: | P3P compact policies (CPs) are a collection of three-character and four-character tokens that summarize a website's privacy policy pertaining to cookies. User agents, including Microsoft's Internet Explorer (IE) web browser, use CPs to evaluate websites' data collection practices and allow, reject, or modify cookies based on sites' privacy practices. CPs can provide a technical means to enforce users' privacy preferences if CPs accurately reflect websites' practices. Confirming the accuracy of CPs would require first-hand knowledge of each site's practices. However, through automated analysis we can identify CPs that are erroneous due to syntax errors or semantic conflicts. We collected CPs from 33,139 websites and detected errors in 11,176 of them. We found large numbers of sites using identical invalid CPs that had been recommended as workarounds for IE cookie blocking. Other sites had CPs with typos in their tokens, or other errors. Most invalid CPs resulted in cookies remaining unblocked by IE under it's default cookie settings. It appears that large numbers of websites that use CPs are misrepresenting their privacy practices, thus misleading users and rendering privacy protection tools ineffective. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|