Lily R. Jenkins and Diane E. Gan CSAFE Centre University of Greenwich
by user
Comments
Transcript
Lily R. Jenkins and Diane E. Gan CSAFE Centre University of Greenwich
Lily R. Jenkins and Diane E. Gan CSAFE Centre University of Greenwich 1 Introduction Background to this work Overview of Tools Experiments Summary of Results Legal implications Recommendations Conclusion C-SAFE - University of Greenwich 2 Most teenagers today have at least one “profile” They reveal a lot of personal information about themselves that anyone can see Their location and identity are turned on by default Twitter users have the ‘handle’ (username) on all their social media sites Makes it easy to identify and follow them through cyber space C-SAFE - University of Greenwich 3 Twitter first appeared on in March 2006 Currently has 200 million active users who send over 400 million tweets per day Added the geo-location function to user profiles in 2009 Many users are not aware that they are exposing their private information Enables followers to know exactly where an individual was tweeting from The question is – do users know how to use this feature or how to protect themselves? C-SAFE - University of Greenwich 4 Twitter’s privacy policy Clearly states that all user profiles and subsequent tweets are by default public Also details how the information will be used through their services such as applications, websites and third parties C-SAFE - University of Greenwich 5 Investigated a range of tools and selected:StreamdIn, Twitonomy and Creepy StreamdIn Application for both android and iOS Displays tweets on Google Maps using the geo-location details attached to each tweet User’s profile picture is displayed on a map Grouped by location View numerous real-time tweets coming in C-SAFE - University of Greenwich 6 Tracking a mobile phone C-SAFE - University of Greenwich 7 Being Tracked on Public Transport C-SAFE - University of Greenwich 8 Twitonomy Web based analytics tool Allow monitoring, managing and tracking your own or another person’s activities Main feature - overall statistics of a user Includes ◦ ◦ ◦ ◦ ◦ how often they retweet time of day they tweet avg number of tweets sent per day gives location details Mentions Map - displays where in the world the most mentions are coming from C-SAFE - University of Greenwich 9 Twitonomy Showing Accounts From Two Different Users That Have Typical Working Days C-SAFE - University of Greenwich 10 Creepy Aggregation program Gathers geo-location information from Twitter, Instagram and Flickr Requires authentication with each social networking site supported Users can be added to a target list and their geolocation data can be retrieved ‘Current Location Details’ gives ◦ ◦ ◦ ◦ social media platform time and date location of the tweet context of the tweet. Using this feature it is possible to identify their current location on the map C-SAFE - University of Greenwich 11 C-SAFE - University of Greenwich 12 Subjects - three users who are prolific tweeters Objective was to see how much information can be retrieved using freely available tools The users will be referred to as User A, User B and User C All have been asked to tweet with their geolocation settings turned on C-SAFE - University of Greenwich 13 User A and User B did not have any tweets appear on the StreamdIn map User C’s profile picture popped up all over London Filtered results display only one user’s tweets C-SAFE - University of Greenwich 14 Filtered view of User C’s profile picture Shows up all over London C-SAFE - University of Greenwich 15 Analyses the last four months’ worth of tweets User A ◦ ◦ ◦ ◦ showed information about where they tweet from mostly use Twitter to re-tweet or reply most activate during the winter months no indication whether this user has a job C-SAFE - University of Greenwich 16 User A Last update - 9 minutes ago Tweet history C-SAFE - University of Greenwich 17 User B ◦ re-tweets and replies which suggests they use Twitter to stay in touch with fellow users ◦ no indication as to where User B worked or lived C-SAFE - University of Greenwich 18 User B More tweets Significant increase in tweet history C-SAFE - University of Greenwich 19 User B’s Tweeting Habits C-SAFE - University of Greenwich 20 User C revealed a distinctive pattern of usage suggests this user has a Monday to Friday job most tweets are outside of the hours of 9 to 5 it can be seen that this person has an iPhone C-SAFE - University of Greenwich 21 User A clusters of tweets can be identified single tweets showing journey information between the clusters home address was identified by reading the tweet content Google street easily found the house Also every Monday they attend ‘Movie Night’ at the same time and place C-SAFE - University of Greenwich 22 C-SAFE - University of Greenwich 23 The Giveaway Tweet C-SAFE, University of Greenwich 24 User B clusters of pins identified their place of work and their home address home residence was given away by tweets that specifically mention the word ‘home’ Gives longitude and latitude co-ordinates C-SAFE - University of Greenwich 25 C-SAFE - University of Greenwich 26 User B’s Route to work C-SAFE - University of Greenwich 27 Locating User B’s work place They actually only sent one tweet from work! C-SAFE - University of Greenwich 28 User C always took the same route to work analysing the route to work showed that the second half of the journey home may change if they needed to go to the supermarket they never mentioned work or home in their tweets however, they were in the area of Southwark week days between 9 and 5 only analysing each tweet and pin drop showed that they were in Southwark every week day but never at weekends also a fixed monthly pattern - every month they travelled to visit their parents revealed by through their tweets C-SAFE - University of Greenwich 29 User C visit’s her parent’s house in Southampton once per month C-SAFE - University of Greenwich 30 User C’s Tweets, which establish a pattern of clusters around home and work C-SAFE - University of Greenwich 31 Three times per week User C goes to this gym Week days between 7 and 10 Weekends between 1 and 3 C-SAFE - University of Greenwich 32 How much did each users’ Tweeting expose the rest of their social media “presence”? Did the three users have accounts on Facebook, LinkedIn, Foursquare and Instagram? User A gave no indication that they had any other social media accounts A Google search revealed their Facebook page The profile pictures confirmed this Logging into a Facebook account that is not “friends” with User A gave a small number of their pictures, as well as where they were living C-SAFE - University of Greenwich 33 User A also had a profile on Instagram using Instagram24.com and User A’s profile name it was possible to locate their pictures including some pictures that they had “liked” Also found them on LinkedIn Google Street View located their front door C-SAFE - University of Greenwich 34 A Google search for User B found their Linkedin, Facebook and Google+ accounts Using these profiles, it was possible to confirm ◦ where they worked ◦ the city they live in ◦ where they were studying C-SAFE - University of Greenwich 35 User C was the easiest to identify with Twitter But the most difficult to locate on other social media sites Only Foursquare revealed their location Back to Twitter Conducted an exhaustive search of their Twitter account, which revealed two tweets with pictures C-SAFE - University of Greenwich 36 Tweet 1 Posted while in hospital Hospital ID tag revealed their surname their date of birth NHS ID C-SAFE - University of Greenwich 37 Tweet 2 e-ticket showed their full name (including a middle name) airports they will pass through how long they will be stopping at each location A gift to a burglar C-SAFE - University of Greenwich 38 Data Protection Act (1998) states that the “data subject has given his consent to the processing” of personal data does not offer any conclusive reasoning as to how social networking sites users are protected by signing up to these sites and using them in a public manner the user has given their consent C-SAFE - University of Greenwich 39 Employers may check your personal life using social networks Example - Kent Police Commissioner’s Youth Advisor Paris Brown forced to withdraw when her twitter content was made public Ref: http://www.dailymail.co.uk/news/article-2312044/Paris-Brown-Foulmouthed-youth-commissioner-quit-offensive-tweets-questioned-policecaution.html C-SAFE - University of Greenwich 40 Reduce your risk Do not tweet where you live, even if it is only the city Do not provide your phone number Avoid using full names Avoid using a profile picture Set your profile to private ‘Protect my Tweets’ Remove geo-location tagging on tweets Remove “Let others find me by my email address” Do not connect your Twitter account to any other social media sites ◦ Limit the amount of apps that have access to your profile ◦ Be very selective about what you put in your tweets ◦ ◦ ◦ ◦ ◦ ◦ ◦ ◦ C-SAFE - University of Greenwich 41 All tools are freely available StreamdIn, Twitonomy and Creepy Creepy was the most successful It was the geo-location data AND the tweet contents that leaked information C-SAFE - University of Greenwich 42 Lily Jenkins [email protected] Diane Gan [email protected] C-SAFE - University of Greenwich 43