privacy

Best Practices for Notification Studies for Security and Privacy Issues on the Internet

Researchers help operators of vulnerable and non-compliant internet services by individually notifying them about security and privacy issues uncovered in their research. To improve efficiency and effectiveness of such efforts, dedicated notification …

Snail Mail Beats Email Any Day: On Effective Operator Security Notifications in the Internet

In the era of large-scale internet scanning, misconfigured websites are a frequent cause of data leaks and security incidents. Previous research has investigated sending automated email notifications to operators of insecure or compromised websites, …

Effective Notification Campaigns on the Web: A Matter of Trust, Framing, and Support

Misconfigurations and outdated software are a major cause of compromised websites and data leaks. Past research has proposed and evaluated sending automated security notifications to the operators of misconfigured websites, but encountered issues …

Towards Transparency in Email Tracking

Tracking technologies have become ubiquitous, not only on websites but also in email messages. However, while protection and transparency tools exist for the web, no such tools exist for email messages, thus obscuring privacy violations. We introduce …

PrivacyMail

An email privacy transparency tool.

Privacyscore

An online privacy transparency tool.

On the Difficulties of Incentivizing Online Privacy through Transparency: A Qualitative Survey of the German Health Insurance Market

Today, online privacy is the domain of regulatory measures and privacy-enhancing technologies. Transparency in the form of external and public assessments has been proposed for improving privacy and security because it exposes otherwise hidden …

PrivacyScore: Analyse von Webseiten auf Sicherheits- und Privatheitsprobleme -- Konzept und rechtliche Zulässigkeit

PrivacyScore ist ein öffentliches Web-Portal, mit dem automatisiert überprüft werden kann, ob Webseiten gängige Mechanismen zum Schutz von Sicherheit und Privatheit korrekt implementieren. Im Gegensatz zu existierenden Diensten ermöglicht …

PrivacyScore: Improving privacy and security via crowd-sourced benchmarks of websites

Website owners make conscious and unconscious decisions that affect their users, potentially exposing them to privacy and security risks in the process. In this paper we introduce PrivacyScore, an automated website scanning portal that allows anyone …

Evaluating the security of a DNS query obfuscation scheme for private web surfing

The Domain Name System (DNS) does not provide query privacy. Query obfuscation schemes have been proposed to overcome this limitation, but, so far, they have not been evaluated in a realistic setting. In this paper we evaluate the security of a …