Vasile C. Perta, Marco V. Barbera, Gareth Tyson, Hamed Haddadi and Alessandro Mei
Commercial Virtual Private Network (VPN) services have become a popular and convenient technology for users seeking privacy and anonymity. They have been applied to a wide range of use cases, with commercial providers often making bold claims regarding their ability to fulfil each of these needs, e.g., censorship circumvention, anonymity and protection from monitoring and tracking. However, as of yet, the claims made by these providers have not received a sufficiently detailed scrutiny. This paper thus investigates the claims of privacy and anonymity in commercial VPN services. We analyse 14 of the most popular ones, inspecting their internals and their infrastructures. Despite being a known issue, our experimental study reveals that the majority of VPN services suffer from IPv6 traffic leakage. The work is extended by developing more sophisticated DNS hijacking attacks that allow all traffic to be transparently captured.We conclude discussing a range of best practices and countermeasures that can address these vulnerabilities
Jean-Sébastien Légaré, Robert Sumi and William Aiello
Even if a web-based messaging service offered confidential channels, how would users know whether their keys, or indeed even their plaintext, was not being exfiltrated? What if a variety of applications offered confidentiality? How would a user gain trust in all of them?
In this paper we argue that a platform for private web applications is the only practical way for users to gain assurance about the confidentiality claims of a large number of full-featured web-services.We introduce Beeswax, a client-side platform that allows confidential data to be exchanged between users at the behest of an application, through a narrow set of APIs. Beeswax installs in a modern browser to deliver a complete practical solution, from key distribution to isolation of private data from the applications, thereby making an analysis of application code unnecessary. This focuses scrutiny and trust on the platform itself, rather than on all the applications using it.
Wisam Eltarjaman, Rinku Dewri and Ramakrishna Thurimella
The mobile eco-system is driven by an increasing number of location-aware applications. Consequently, a number of location privacy models have been proposed to prevent the unwanted inference of sensitive information from location traces. A primary focus in these models is to ensure that a privacy mechanism can indeed retrieve results that are geographically the closest. However, geo-query results are, in most cases, ranked using a combination of distance and importance data, thereby producing a result landscape that is periodically flat and not always dictated by distance. A privacy model that does not exploit this structure of geo-query results may enforce weaker levels of location privacy. Towards this end, we explore a formal location privacy principle designed to capture arbitrary similarity between locations, be it distance, or the number of objects common in their result sets. We propose a composite privacy mechanism that performs probabilistic cloaking and exponentially weighted sampling to provide coarse grain location hiding within a tunable area, and finer privacy guarantees under the principle inside this area. We present extensive empirical evidence to supplement claims on the effectiveness of the approach, along with comparative results to assert the stronger privacy guarantees.
Tarik Moataz, Erik-Oliver Blass and Guevara Noubir
We present a new, general data structure that reduces the communication cost of recent tree-based ORAMs. Contrary to ORAM trees with constant height and path lengths, our new construction r-ORAM allows for trees with varying shorter path length. Accessing an element in the ORAM tree results in different communication costs depending on the location of the element. The main idea behind r-ORAM is a recursive ORAM tree structure, where nodes in the tree are roots of other trees. While this approach results in a worst-case access cost (tree height) at most as any recent tree-based ORAM, we show that the average cost saving is around 35% for recent binary tree ORAMs. Besides reducing communication cost, r-ORAM also reduces storage overhead on the server by 4% to 20% depending on the ORAM’s client memory type. To prove r-ORAM’s soundness, we conduct a detailed overflow analysis. r-ORAM’s recursive approach is general in that it can be applied to all recent tree ORAMs, both constant and poly-log client memory ORAMs. Finally, we implement and benchmark r-ORAM in a practical setting to back up our theoretical claims.
. Cox, “A Hacker Claims to Have Leaked 40GB of Docs on Government Spy Tool FinFisher,” Aug. 2014. [Online]. Available: http://motherboard.vice.com/read/a-hacker-claims-to-have-leaked-40gb-of-docs-on-government-spy-tool-finfisher
 A. Greenberg, “Hacking Team Breach Shows a Global Spying Firm Run Amok,” Jul. 2015. [Online]. Available: https://www.wired.com/2015/07/hacking-team-breach-shows-global-spying-firm-run-amok/
 FinFisher, “Remote Monitoring & Infection Solutions: FinFly ISP,” Spy Files, 2011, accessed: 30-August-2016. [Online]. Available
Mojtaba Eskandari, Bruno Kessler, Maqsood Ahmad, Anderson Santana de Oliveira and Bruno Crispo
, and William Snavely. Making DidFail Succeed: Enhancing the CERT Static Taint Analyzer for Android App Sets. 2015.
 Mary Carolan. Data protection commissioner to investigate max schrems claims. http://www.irishtimes.com/news/crime-and-law/courts/high-court/data-protectioncommissioner-to-investigate-max-schrems-claims-1.2398728, 2015.
 F. Di Cerbo, D. F. Some, L. Gomez, and S. Trabelsi. Ppl v2.0: Uniform data access and usage control on cloud and mobile. In TEchnical and LEgal aspects of data pRivacy and SEcurity, 2015 IEEE
 Microsoft. Your privacy and Microsoft personalized ads. http://choice.microsoft.com/en-US [Accessed: 15- Jul-2015].
 P. Newenham. Facebook responds to Belgian tracking claims, 2015. http://www.irishtimes.com/business/technology/facebook-responds-to-belgian-tracking-claims-1.2219799 [Accessed: 20- Jul- 2015].
 L. Newman. Here’s how Facebook chooses which ads to show you, 2014. http://www.slate.com/blogs/future_tense/2014/08/14/facebook_s_why_am_i_seeing_this_shows_what_the_company_knows_about_you.html [Accessed: 10- Jun
. Conjoint analysis in consumer research: Issues and outlook. Journal of Consumer Research, 5(2):103-123, 1978.
 P. Green and V. Srinivasan. Conjoint analysis in marketing: New developments with implications for research and practice. The Journal of Marketing, 54(4):3-19, 1990.
 K. Greene. Google faces new privacy class claims over email scanning. http://www.law360.com/articles/699961, 2015. Accessed: 2015-09-11.
 J. Grossklags and A. Acquisti. When 25 cents is too much: An experiment on willingness-to-sell and