DOCSLIB.ORG

Automatic Tracking of Personally Identifiable Information in Windows Meisam Navaki Arefi Geoffrey Alexander Jedidiah R

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

PIITracker: Automatic Tracking of Personally Identifiable Information in Windows Meisam Navaki Arefi Geoffrey Alexander Jedidiah R. Crandall University of New Mexico University of New Mexico University of New Mexico Albuquerque, New Mexico, USA Albuquerque, New Mexico, USA Albuquerque, New Mexico, USA [email protected] [email protected] [email protected] ABSTRACT the network. PIITracker is based on dynamic information flow Personally Identifiable Information (PII) is information that tracking (DIFT) [29], also known as Dynamic Taint Analysis [22], can be used on its own or with other information to distinguish which is a promising technology for making systems transparent. It or trace an individual’s identity. To investigate an application for works by tagging certain inputs or data with meta information and PII tracking, a reverse engineer has to put considerable effort to then propagating tags as the program or system runs, usually at the reverse engineer an application and discover what an application instruction level, so that the transparency of the flow of information does with PII. To automate this process and save reverse engineers can be achieved. substantial time and effort, we propose PIITracker which is anew The PII that we have investigated in this paper are (1) MAC and novel tool that can track PII automatically and capture if any address, (2) hard drive serial number, (3) hard drive model name, processes are sending PII over the network. This is made possible by (4) volume serial number, (5) host name, (6) computer name, (7) 1) whole-system dynamic information flow tracking 2) monitoring security identifier number (SID), (8) CPU model, and (9) Windows specific function and system calls. We analyzed 15 popular chat version and build. applications and browsers using PIITracker, and determined that Our goal is to develop a tool that can automatically reveal how a 12 of these applications collect some form of PII. Windows application treats PII and determine whether an applica- tion sends any form of PII out using the network. For this end, we CCS CONCEPTS have three requirements. (i) We must be to able to monitor reading of PII by the application. As an input to our system, we need to • Security and privacy → Software security engineering; know when and where PII may be read. (ii) We must be able to KEYWORDS track PII throughout the system. Applications often read PII but use it for other purposes, never sending it our over the network. Privacy, Reverse Engineering, Dynamic Information Flow Tracking (iii) We must be able to automatically analyze an application and ACM Reference Format: return the result back to the analyst. Meisam Navaki Arefi, Geoffrey Alexander, and Jedidiah R. Crandall. 2018. To fulfil these requirements, we have developed PIITracker asa PIITracker: Automatic Tracking of Personally Identifiable Information in plugin for PANDA [15], which is a framework for dynamic analysis. Windows. In EuroSec’18: 11th European Workshop on Systems Security , April We have monitored specific function and system calls to track 23–26, 2018, Porto, Portugal. ACM, New York, NY, USA, 6 pages. https: reading PII, and we have used PANDA’s taint analysis engine to //doi.org/10.1145/3193111.3193114 track PII throughout the system. In summary, this paper presents the following contributions: 1 INTRODUCTION Personally Identifiable Information (PII) is information that canbe • We propose PIITracker, a DIFT-based reverse engineering used on its own or along with other information to distinguish or tool for PII tracking, which can automatically track PII and trace an individual’s identity. Other information that is linkable to capture if a process sends any form of PII over the network. an individual, such as a MAC address or hard drive serial number, • We implement PIITracker as a PANDA plugin supporting also counts as PII. As users face new threats to their privacy and Windows 7 as the guest operating system. We also make anonymity, VPNs and anonymity tools such as Tor [14] are becom- PIITracker open source for the community, which is available ing increasingly popular. However, applications that send PII over for public download. the network still pose a threat to user privacy and anonymity. • We analyze 15 popular Windows applications using PIITracker. In this paper, we propose PIITracker, a reverse engineering tool Our analysis show that the majority of these application col- for automatic tracking of PII. PIITracker can determine whether lect some form of PII and send it over the network. an application is collecting PII, and, if so, does it send it out over The paper is organized as follows. Section 2 provides background Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed information on dynamic information flow tracking systems. Section for profit or commercial advantage and that copies bear this notice and the full citation 3 discusses PIITracker architectural design and implementation on the first page. Copyrights for third-party components of this work must be honored. details. Section 4 presents our experimental results, analysis of false For all other uses, contact the owner/author(s). EuroSec’18, April 23–26, 2018, Porto, Portugal positives and false negatives, as well as performance evaluation. © 2018 Copyright held by the owner/author(s). Section 5 discusses related works and finally section 6 concludes ACM ISBN 978-1-4503-5652-7/18/04. the paper. https://doi.org/10.1145/3193111.3193114 EuroSec’18, April 23–26, 2018, Porto, Portugal M. Navaki Arefi et al. x = 0; char taintedinput; x = y + 1; if (y == 1) char untaintedoutput = 0; (a) Direct flow. x = 1; for (bit = 1; bit < 256; bit <<= 1){ (b) Indirect flow. if (bit & taintedinput) untainedoutput |= bit; Figure 1: Examples of direct and indirect flow } Figure 3: An example of control dependencies in C code const char str1 = "Tainted string"; char str2[80]; char lookuptable[256]; but how to handle them in a purely dynamic environment is still for (i = 0; i < 256; i++) an open area of resaearch. See Espinoza et al. [17] for more details. lookuptable[i] = i; The taint2 PANDA plugin that we utilize in this paper tracks for (j = 0; j < strlen(str1); j++) direct flows in the standard fashion (by copying or combining taint str2[j] = lookuptable[str1[j]]; tags). It also handles one type of indirect flow, namely address de- pendencies. It achieves this by propagating the taint from addresses Figure 2: An example of address dependencies in C code used to load data used in computations or copies. The taint2 plugin does not handle control dependencies. One of the interesting results of our paper is that tracking address dependencies, but not control 2 BACKGROUND - DIFT dependencies, is sufficient to handle common operations applied to Dynamic Information Flow Tracking (DIFT) [29], also called dy- PII such as encryption and hashing. namic taint analysis [22], has been used for over a decade but has still seen limited application in real reverse engineering tasks. DIFT 3 IMPLEMENTATION AND DESIGN works by tagging certain inputs or data and then propagating tags This section describes in details PIITracker architectural design and as the program or system runs. In this way the information flow of implementation details. a program can be determined. There are two main types of flows that DIFT systems can track: 3.1 Architecture direct and indirect [29]. Direct flows are data-flow based, while PIITracker was implemented as a plugin to PANDA [15, 33] which is indirect flows are control-flow based. For example, in Fig. 1a, there an open-source platform for dynamic analysis. PANDA is built upon is a direct flow from y to x. However, in Fig. 1b, the value of x is the QEMU whole-system emulator [5]. PANDA added to QEMU dependent on y, meaning that there is an indirect flow from y to x. three main features: There are two types of direct flows: copy and computation depen- (1) The ability to record and replay executions to enable whole dencies. In a copy dependency, a value is copied from one location system analysis. to another, where a location can be a byte, a word of memory or a (2) An architecture to streamline the addition of other plugins CPU register. The simplest way to track this information flow is to to QEMU. propagate the tag so that the destination location is tainted with the (3) The ability to use LLVM [26] as QEMU’s intermediate lan- same tag as the source location. In computation dependencies, tags guage instead of TCG [4] for analysis. must be combined. For example, after the computation for x = y +z the tag for x should contain the union of the tags for y and z; or, in Figure 4 shows an overview of the PIITracker architecture. PI- single-bit tag DIFT systems, x should be tainted if either y or z is ITracker runs on top of Linux (we used Ubuntu 14.04 for develop- tainted. ment and testing) as the host OS, and supports Windows 7 32-bit as An indirect flow occurs when information dependent on program the guest OS. PIITracker interacts with three other plugins, namely input determines how information flows. There are two types of taint2, syscalls2 and OSI/Win7x86intro which are described below: indirect flows: address and control dependencies. Figure 2 provides • taint2: This plugin tracks information flow throughout the an example of address dependencies. In this figure, if the characters system via whole-system taint analysis. It provides APIs in str1 are tainted then the characters in str2 at the end should and callbacks to tag memory locations and later query a also be tainted, because they carry the exact same information.
Recommended publications
  • Tracking Users Across the Web Via TLS Session Resumption

    Tracking Users Across the Web Via TLS Session Resumption

    Tracking Users across the Web via TLS Session Resumption Erik Sy Christian Burkert University of Hamburg University of Hamburg Hannes Federrath Mathias Fischer University of Hamburg University of Hamburg ABSTRACT modes, and browser extensions to restrict tracking practices such as User tracking on the Internet can come in various forms, e.g., via HTTP cookies. Browser fingerprinting got more difficult, as trackers cookies or by fingerprinting web browsers. A technique that got can hardly distinguish the fingerprints of mobile browsers. They are less attention so far is user tracking based on TLS and specifically often not as unique as their counterparts on desktop systems [4, 12]. based on the TLS session resumption mechanism. To the best of Tracking based on IP addresses is restricted because of NAT that our knowledge, we are the first that investigate the applicability of causes users to share public IP addresses and it cannot track devices TLS session resumption for user tracking. For that, we evaluated across different networks. As a result, trackers have an increased the configuration of 48 popular browsers and one million of the interest in additional methods for regaining the visibility on the most popular websites. Moreover, we present a so-called prolon- browsing habits of users. The result is a race of arms between gation attack, which allows extending the tracking period beyond trackers as well as privacy-aware users and browser vendors. the lifetime of the session resumption mechanism. To show that One novel tracking technique could be based on TLS session re- under the observed browser configurations tracking via TLS session sumption, which allows abbreviating TLS handshakes by leveraging resumptions is feasible, we also looked into DNS data to understand key material exchanged in an earlier TLS session.
  • “Hidden Backdoor” in Qihoo 360 Secure Browser

    “Hidden Backdoor” in Qihoo 360 Secure Browser

    Independent Report on Alledged “Hidden Backdoor” in Qihoo 360 Secure Browser . IDF Laboratory Release Date: November 25, 2012 INTELLIGENCE DEFENSE FRIENDS LABORATORY http://www.idf.cn IDF Laboratory Version: <1.4> Independent Report on Alledged “Hidden Backdoor” in Qihoo 360 Date: <24/11/2012> Secure Browser Document Sign:IDF-REPDOC-20121124 Copyright Statement This research report is complied by IDF laboratory, unless it is published and agreed, its copyright belongs to IDF laboratory. While the quoted parts in the report belong to the original writer or corresponding units. Without the permission of IDF laboratory and the writer, any unit and individual are not allowed to transfer the contents of this report or use for other purpose, and this report is only for the reference of the industry research without commercial purposes. Welcome your criticism and correction. IDF Laboratory (Intelligence Defense Friends Laboratory) is a technical civil club for the enthusiasts of network information security, the backbone of which is made up of professionals, technicians and hobbyists from relevant fields. The research direction of IDF mainly focus on: the technical fields such as the development tendency of Internet threat, terminal security management, communication security of wireless network, botnet, as well as product research. IDF laboratory provides universal education of computer security knowledge for a great many enthusiasts of network information security, participates in the evaluation of the technology and market research for the products and development trends of relevant fields within the industry objectively and independently, thus providing the platform and bridge for the enthusiasts of network information security to be grow up as professional security or technical employees.
  • Data Politics;Worlds, Subjects, Rights;

    Data Politics;Worlds, Subjects, Rights;

    DATA POLITICS Data has become a social and political issue because of its capacity to reconfigure relationships between states, subjects, and citizens. This book explores how data has acquired such an important capacity and examines how critical interventions in its uses in both theory and practice are possible. Data and politics are now inseparable: data is not only shaping our social relations, preferences, and life chances but our very democracies. Expert inter- national contributors consider political questions about data and the ways it provokes subjects to govern themselves by making rights claims. Concerned with the things (infrastructures of servers, devices, and cables) and language (code, programming, and algorithms) that make up cyberspace, this book demonstrates that without understanding these conditions of possibility it is impossible to intervene in or to shape data politics. Aimed at academics and postgraduate students interested in political aspects of data, this volume will also be of interest to experts in the fields of internet studies, international studies, Big Data, digital social sciences, and humanities. Didier Bigo is Professor of War Studies at King’s College London and Research Professor at Sciences-Po, CERI Paris. Engin Isin is Professor in International Politics at Queen Mary University of London, UK and University of London Institute in Paris (ULIP). Evelyn Ruppert is Professor of Sociology at Goldsmiths, University of London. Routledge Studies in International Political Sociology Series Editors: Tugba Basaran, University of Kent, UK, Didier Bigo, King’s College London, UK, Emmanuel-Pierre Guittet, University of Manchester, UK, Jef Huysmans, Queen Mary, University of London, UK Routledge Studies in International Political Sociology aims to provide a forum for out- standing empirical and theoretical research engaging with the interplays between the international, the political and the social.
  • Attack Surface Analysis and Code Coverage Improvement for Fuzzing

    Attack Surface Analysis and Code Coverage Improvement for Fuzzing

    This document is downloaded from DR‑NTU (https://dr.ntu.edu.sg) Nanyang Technological University, Singapore. Attack surface analysis and code coverage improvement for fuzzing Peng, Lunan 2019 Peng, L. (2019). Attack surface analysis and code coverage improvement for fuzzing. Master's thesis, Nanyang Technological University, Singapore. https://hdl.handle.net/10356/105642 https://doi.org/10.32657/10356/105642 Downloaded on 07 Oct 2021 23:08:40 SGT Attack Surface Analysis and Code Coverage Improvement for Fuzzing PENG LUNAN School of Physical and Mathematical Sciences 2019 Attack Surface Analysis and Code Coverage Improvement for Fuzzing PENG LUNAN School of Physical and Mathematical Sciences A thesis submitted to the Nanyang Technological University in partial fulfillment of the requirements for the degree of Master of Science 2019 Supervisor Declaration Statement I have reviewed the content and presentation style of this thesis and declare it of sufficient grammatical clarity to be examined. To the best of my knowledge, the thesis is free of plagiarism and the research and writing are those of the candidate’s except as acknowledged in the Author Attribution Statement. I confirm that the investigations were conducted in accord with the ethics policies and integrity standards of Nanyang Technological University and that the research data are presented honestly and without prejudice. Date Wu Hongjun Abstract As cybercrime becoming a worldwide threat in the past decades, research on cyber- security keeps attracting a great deal of attention. During a long time competition between attackers and defenders, vulnerability detection has been considered as the decisive pre-step for both sides. Among the massive methodologies of vulnerability detection, fuzzing test has demonstrated its outstanding performance on finding bugs automatically and effectively.
  • Tencent Cloud Comunication Solutions for China

    Tencent Cloud Comunication Solutions for China

    Tencent Cloud Comunication Solutions for China 28.10.2020 © 2020 Tencent Cloud, LLC. All rights reserved. AGENDA • Tencent: “A Chinese Digital Dragon” • The Chinese opportunity • Who is Tencent? • Globalization strategy • Public Cloud • Cloud Communication Solutions • Tencent VooV Meeting • WeChat Work • Tencent Cloud Conference & Exhibition © 2020 Tencent Cloud, LLC. All rights reserved. - Tencent, “A Chinese Digital Dragon” 4 Founded in 1998 and headquartered in Tencent by the numbers: Shenzhen, Tencent is one of the largest • 550+ billion USD market capitalization** technology companies in the world and a global leader in messaging, social media, gaming, • 1.203+ billion monthly active Weixin/WeChat mobile payment, music streaming, digital users* literature, video and other digital content services. • 112 million video subscriptions* • #1 Mobile Payment in China by monthly active users and daily active users* • 62,000+ employees* *As of March 2020 **As of June 10, 2020 © 2020 Tencent Cloud, LLC. All rights reserved. Tencent - User Centric 360-Degree Ecosystem 6 TEG PCG IEG WXG CSIG CDG Technical Platform & Content Interactive Weixin (WeChat) Cloud & Smart Industries Corporate & Engineering Group Group Entertainment Group Group Group Development Group Tencent QQ Tencent Games WeChat Tencent Cloud Tencent Fintech Big Data Tencent YouTu QQ zone Tencent Tencent Tencent e-Sports Marketing WeChat Pay Transit QR Code AI Lab Tencent App Store Solution Tencent Maps WeiShi Timi Studio Tencent Security WeChat Work Platform Smart Retail Tencent News Lightspeed & Mr. Translator Tencent Quantum Studio QQ Mail Data Center QQ Browser Tencent Mobile Manager Tencent Animation Tencent PC Manager Aurora Studio WeRead Tencent Pictures Tencent Miying Next Studio Auto intelligence Penguin Pictures Mini Program Tencent HealthCare Tencent Video MOREFUN Official Tencent Autonomous Studio Account Driving Kuai Bao Tencent Classroom © 2020 Tencent Cloud, LLC.
  • Live Video Broadcasting Playing Method

    Live Video Broadcasting Playing Method

    Playing Method Product Introduction Live Video Broadcasting Playing Method Product Introduction ©2013-2018 Tencent Cloud. All rights reserved. Page 1 of 53 Playing Method Product Introduction Copyright Notice ©2013-2018 Tencent Cloud. All rights reserved. Copyright in this document is exclusively owned by Tencent Cloud. You must not reproduce, modify, copy or distribute in any way, in whole or in part, the contents of this document without Tencent Cloud's the prior written consent. Trademark Notice All trademarks associated with Tencent Cloud and its services are owned by Tencent Cloud Computing (Beijing) Company Limited and its affiliated companies. Trademarks of third parties referred to in this document are owned by their respective proprietors. Service Statement This document is intended to provide users with general information about Tencent Cloud's products and services only and does not form part of Tencent Cloud's terms and conditions. Tencent Cloud's products or services are subject to change. Specific products and services and the standards applicable to them are exclusively provided for in Tencent Cloud's applicable terms and conditions. ©2013-2018 Tencent Cloud. All rights reserved. Page 2 of 53 Playing Method Product Introduction Contents Playing Method Mobile Play Web Play Web Player TcPlayer Web Player TcPlayer FAQ Web LVB Player 1.0 Web LVB Player 1.0 Problem solving Web VOD Player 1.0 Web VOD Player 1.0 Problem solving ©2013-2018 Tencent Cloud. All rights reserved. Page 3 of 53 Playing Method Product Introduction Playing Method Mobile Play Last updated:2018-06-27 11:08:50 Quick integration You can quickly integrate LVB playback feature into your existing App by following the steps below: Step 1: Activate LVB service Step 2: Download RTMP SDK package Step 3: Complete interfacing process by referring to relevant documents (iOS & Android) Complete solution Mobile LVB is a collection of mobile LVB solutions.
  • China Tech Food Chain

    China Tech Food Chain

    Information Technology / Asia ex Japan 15 November 2013 Standing out from the crowd China Tech Food Chain • We expect investors to focus on China smartphones, tablets, Positive (unchanged) components, and mobile Internet/services in 2014 Neutral • On our forecasts, smartphone and tablet shipments will grow by 43% and 42% YoY, respectively Negative • Our top stock picks for 2014 are: Mediatek, SK Hynix, Tencent, Lenovo and Sunny Optical How do we justify our view? See important disclosures, including any required research certifications, beginning on page 60 China Tech Food Chain 15 November 2013 Contents Standing out from the crowd in 2014 ..........................................................................................3 China Smartphone Sector ............................................................................................................ 5 China Tablet Sector ..................................................................................................................... 8 China Components Sector ......................................................................................................... 10 China Mobile Service/Internet sector ........................................................................................ 12 China smartphone supply chain directory ................................................................................. 15 Company Section AAC Technologies ................................................................................................................... 16 Lenovo
  • FOCUS: Shedding Light on the High Search Response Time in the Wild

    FOCUS: Shedding Light on the High Search Response Time in the Wild

    FOCUS: Shedding Light on the High Search Response Time in the Wild Dapeng Liu†, Youjian Zhao†, Kaixin Sui†, Lei Zou†, Dan Pei†⇤ , Qingqian Tao‡, Xiyang Chen‡, Dai Tan‡ †Tsinghua University †Tsinghua National Laboratory for Information Science and Technology (TNList) ‡Baidu Abstract—Response time plays a key role in Web services, as it 1) What are the HSRT conditions (the combinations of significantly impacts user engagement, and consequently the Web attributes and specific values in search logs which have providers’ revenue. Using a large search engine as a case study, a higher concentration of HSRT)? we propose a machine learning based analysis framework, called FOCUS, as the first step to automatically debug high search 2) Which HSRT condition types are prevalent across days? response time (HSRT) in search logs. The output of FOCUS offers 3) How does each attribute affect SRT in those prevalent a promising starting point for operators’ further investigation. HSRT condition types? FOCUS has been deployed in one of the largest search engines for 2.5 months and analyzed about one billion search logs. The answers to the above questions can offer a promising Compared with a previous approach, FOCUS generates 90% starting point to narrow down the HSRT debugging space to less items for investigation and achieves both higher recall and a few suspect attributes and specific values, based on which higher precision. The results of FOCUS enable us to make several further effective investigation can be done through taking interesting observations. For example, we find that popular advantage of additional data sources (beyond search logs) and queries are more image-intensive (e.g., TV series and shopping), but they have relatively low SRT because they are cached domain knowledge.
  • Understanding Quality of Experiences on Different Mobile Browsers

    Understanding Quality of Experiences on Different Mobile Browsers

    Understanding Quality of Experiences on Different Mobile Browsers: Measurements, Analysis, and Implications Yun Ma and Shuailiang Dong Abstract The web browser is one of the major channels to access the Internet on mobile devices. Based on the smartphone usage logs from millions of real-world Android users, it is interesting to find that about 38% users have more than one browser on their devices. However, it is unclear whether the quality of browsing experiences are different when visiting the same webpage on different browsers. In this paper, we collect 3-week consecutive traces of 337 popular webpages on three popular mobile browsers: Chrome, Firefox, and Opera. We first use a list of metrics and conduct an empirical study to measure the differences of these metrics on different browsers. Then, we explore the variety of loading time and cache performance of different browsers when visiting the same webpage, which has a great impact on the browsing experience. Furthermore, we try to find which metrics have significant effect on the differences, investigating the possible causes. Finally, according to our findings, we give some recommendations to web developers, browser vendors, and end users. 1 Introduction Web browsing is always the major requirement of Internet users. Recent reports show that the number of smartphone users worldwide has been over 2.6 billion, and the web traffic volume from mobile devices has exceeded that from desktop PCs. Compared to desktop PCs, web browsing on smartphones considers more on the quality of experiences (QoE): not only the look-and-feel and page loading time, but also the data traffic and energy consumption.
  • Shedding (Some) Light on Mobile Browsers Energy Consumption

    Shedding (Some) Light on Mobile Browsers Energy Consumption

    Shedding (Some) Light on Mobile Browsers Energy Consumption Matteo Varvello Benjamin Livshits Nokia, Bell Labs Brave Software [email protected] [email protected] Abstract—Following its desktop counterpart, the mobile battery usage, like CPU and bandwidth utilization. TableI browsers ecosystem has been growing from few browsers shows a direct comparison of the measurement study we (Chrome, Firefox, and Safari) to a plethora of browsers, each perform in our work with similar studies that can be found, with unique characteristics (battery friendly, privacy preserving, etc.).The main contribution of this work is a thorough benchmark to the best of our knowledge, among related works. The main of 15 Android browsers using multiple settings (adblocking, dark takeaway from the table is that our work completes previous mode, power savings), devices, workloads (up to 600 websites and works in three aspects. First, we focus on a larger set of 100 concurrent tabs), and network configurations. We perform a browsers (15 versus 1, at most), and browser settings, e.g., battery-centric analysis and show that: 1) 5 out of 8 adblocking also exploring dark and power saving modes. Second, we browsers produce significant battery savings (up to 30% in the case of Brave) compared to more popular browsers like cover a variety of workloads, investigating 7x the number of Chrome or Firefox, 2) Opera is the most efficient browser when websites tested in the largest previous study [4] and using dealing with a large number of concurrent tabs, 3) dark mode several workloads with up to 100 concurrent tabs. Third, we on AMOLED devices offers an extra 12% of battery savings, are the first to evaluate browsers in the wild.
  • Playing Fair in the Privacy Sandbox: Competition, Privacy, and Interoperability Standards

    Playing Fair in the Privacy Sandbox: Competition, Privacy, and Interoperability Standards

    Playing fair in the Privacy Sandbox: competition, privacy, and interoperability standards Mark Nottingham* Abstract Google’s Privacy Sandbox proposals to change the Chrome browser in ways that are likely to further advantage them over other publishers and advertising platforms has attracted the attention of competition regulators, the online advertising industry, and critics of their platform power. At the same time, the Privacy Sandbox appears to answer a call from data protection regulators, privacy advocates and users for ‘privacy by design,’ moving in lockstep with its industry peers. How, then, should this behaviour be evaluated for abuse? I argue that there are several hurdles to considering the most controversial Privacy Sandbox proposal – blocking third-party cookies – as an abuse of market power. Furthermore, I propose that, because web browsers are an architecturally regulated market, competition regulators should distinguish unilateral behaviour by examining it in the context of other browsers’ behaviours, along with signals regarding consensus from the relevant standards bodies. I Introduction The UK Competition and Markets Authority (CMA) recently announced an investigation into Google’s Privacy Sandbox proposals1 because of their potential to ‘undermine the ability of publishers to generate revenue and undermine competition in digital advertising, entrenching Google’s market power.’2 Geradin, Katsifis, and Karanikioti support this view, concluding that ‘Chrome’s policy change raises… antitrust concerns, in that it may distort * Mark Nottingham is a student at Melbourne Law School, Chair of the IETF HTTP Working Group, and recently a member of the Internet Architecture Board. Previously, he was a member of the W3C Technical Architecture Group.
  • The Evolving Israel-China Relationship

    The Evolving Israel-China Relationship

    The Evolving Israel- China Relationship Shira Efron, Howard J. Shatz, Arthur Chan, Emily Haskel, Lyle J. Morris, Andrew Scobell C O R P O R A T I O N For more information on this publication, visit www.rand.org/t/RR2641 Library of Congress Cataloging-in-Publication Data is available for this publication. ISBN: 978-1-9774-0233-2 Published by the RAND Corporation, Santa Monica, Calif. © Copyright 2019 RAND Corporation R® is a registered trademark. Cover: Photo by esfera via Shutterstock. Limited Print and Electronic Distribution Rights This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited. Permission is given to duplicate this document for personal use only, as long as it is unaltered and complete. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial use. For information on reprint and linking permissions, please visit www.rand.org/pubs/permissions. The RAND Corporation is a research organization that develops solutions to public policy challenges to help make communities throughout the world safer and more secure, healthier and more prosperous. RAND is nonprofit, nonpartisan, and committed to the public interest. RAND’s publications do not necessarily reflect the opinions of its research clients and sponsors. Support RAND Make a tax-deductible charitable contribution at www.rand.org/giving/contribute www.rand.org Preface Since the early 2000s, relations between China and Israel have expanded rapidly in numerous areas, including diplomacy, trade, investment, construction, educational partnerships, scientific coopera- tion, and tourism.