36 KiB
Attributions
Sponsors 💖
Torgny Bjers |
Eddy Lazzarin |
Anand Chowdhary |
Shrippen |
David Young |
Zach Biles |
Ulises Gascón |
Digital Archeology |
Brian McGonagill |
Vlad Timofeev |
Jason Ash |
DRXAquosus |
Bastii717 |
Brent |
Contributors 🙌
Thanks goes to these wonderful people
Stargazers 🌟
Special Thanks 🤗
Special Thanks to Stefan Keim and Matt (IPv4) Cowley from JS.org, for providing the domain used for our GitHub Page (security-list.js.org).
And of course, and huge thank you to the awesome developers behind the projects listed in the Privacy-Respecting Software list. The effort, time and love they've put into each one of those applications is immediately apparent, they've done an amazing job 💞
You? 👈
Want to get involved? You can support the continued development of this project by submitting a PR, sponsoring us on GitHub, sharing this repo with your network or staring the repository. Contributions of any kind are very welcome!
Submit an Improvement
Sponsor the Project
Share with your Network
References 📝
"2019 Data Breach Investigations Report - EMEA", Verizon Enterprise Solutions, 2020. [Online]. Available: https://enterprise.verizon.com/resources/reports/2019-data-breach-investigations-report-emea.pdf. [Accessed: 25- Apr - 2020]"Web Browser Privacy: What Do Browsers Say When They Phone Home?", Feb 2020. [Online]. Available: https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf. [Accessed: 27- Apr - 2020]
"Comments on the Competition and Markets Authority’s interim report on online platforms and digital advertising", Privacyinternational.org, Jan 2020. [Online]. Available: https://privacyinternational.org/sites/default/files/2020-04/20.02.12_CMA_PI_Comments_Interim_Report_FINAL.pdf. [Accessed: 02- Ma - 2020]
"Cracking DES: Secrets of Encryption Research, Wiretap Politics, and Chip Design", 1998. [Online]. Available: https://dl.packetstormsecurity.net/cracked/des/cracking-des.htm. [Accessed: 25- Apr - 2020]
"Digital Identity Guidelines", 2020. [Online]. Available: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63-3.pdf. [Accessed: 25- Apr - 2020]
"DNS Security - Getting it Right", Open Rights Group, 2020. [Online]. Available: https://www.openrightsgroup.org/about/reports/dns-security-getting-it-right. [Accessed: 25- Apr - 2020]
"DNS-over-HTTPS performance | SamKnows", Samknows.com, 2020. [Online]. Available: https://www.samknows.com/blog/dns-over-https-performance. [Accessed: 25- Apr - 2020]
J. Eckenrode and S. Friedman, "The state of cybersecurity at financial institutions", 2018. [Online]. Available: https://www2.deloitte.com/us/en/insights/industry/financial-services/state-of-cybersecurity-at-financial-institutions.html. [Accessed: 25- Apr - 2020]
E. Foundation, "Cracking DES", Shop.oreilly.com, 1998. [Online]. Available: http://shop.oreilly.com/product/9781565925205.do. [Accessed: 25- Apr - 2020]
"Google data collection, research and findings", Digital Content Next, 2020. [Online]. Available: https://digitalcontentnext.org/blog/2018/08/21/google-data-collection-research/. [Accessed: 25- Apr - 2020]
S. Lekies, B. Stock, M. Wentzel and M. Johns, "The Unexpected Dangers of Dynamic JavaScript", UseNix & SAP, 2020. [Online]. Available: https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-lekies.pdf. [Accessed: 25- Apr - 2020]
"Privacy concerns with social networking services", 2020. [Online]. Available: https://en.wikipedia.org/wiki/Privacy_concerns_with_social_networking_services. [Accessed: 25- Apr - 2020]
D. Tian, G. Hernandez, J. Choi, V. Frost, C. Ruales, P. Traynor, H. Vijayakumar, L. Harrison, A. Rahmati, M. Grace and K. Butler, "Vulnerability Analysis of AT Commands Within the Android Ecosystem", Cise.ufl.edu, 2020. [Online]. Available: https://www.cise.ufl.edu/~butler/pubs/usenix18-atcmd.pdf. [Accessed: 25- Apr - 2020]
S. Topuzov, "Phone hacking through SS7 is frighteningly easy and effective", Blog.securegroup.com, 2020. [Online]. Available: https://blog.securegroup.com/phone-hacking-through-ss7-is-frighteningly-easy-and-effective. [Accessed: 25- Apr - 2020]
J. Heidemann, Y. Pradkin, R. Govindan, C. Papadopoulos and J. Bannister, "Exploring Visible Internet Hosts through Census and Survey", Isi.edu, 2020. [Online]. Available: https://www.isi.edu/~johnh/PAPERS/Heidemann07c.pdf. [Accessed: 10- Ma - 2020]
Michalevsky, Y., Boneh, D. and Nakibly, G., 2014. Recognizing Speech From Gyroscope Signals. [online] Usenix.org. Available at: https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-michalevsky.pdf [Accessed 26 May 2020].
Favaretto, M., Clercq, E. and Simone Elger, B., 2019. Big Data And Discrimination: Perils, Promises And Solutions. A Systematic Review. [online] springeropen. Available at: https://journalofbigdata.springeropen.com/articles/10.1186/s40537-019-0177-4 [Accessed 26 May 2020].
Web Browser Privacy: What Do Browsers Say When They Phone Home?, n.d. https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf.
A Comprehensive Evaluation of Third-Party Cookie Policies, n.d. https://wholeftopenthecookiejar.com/static/tpc-paper.pdf.
A Study of Scripts Accessing Smartphone Sensors, n.d. https://sensor-js.xyz/webs-sixth-sense-ccs18.pdf.
Acar, Abbas, Wenyi Liu, Raheem Beyah, Kemal Akkaya, and Arif Selcuk Uluagac. “A Privacy‐Preserving Multifactor Authentication System.” Security and Privacy 2, no. 6 (2019). https://doi.org/10.1002/spy2.94.
Afzal, Waseem. “Rethinking Information Privacy-Security: Does It Really Matter?” Proceedings of the American Society for Information Science and Technology 50, no. 1 (2013): 1–10. https://doi.org/10.1002/meet.14505001095.
Battery Status Not Included, Assessing Privacy in Web Standards, n.d. https://www.cs.princeton.edu/~arvindn/publications/battery-status-case-study.pdf. Christl, Wolfie. Corporate Surveillance in Everyday Life, How Companies Collect, Combine, Analyze, Trade, and Use Personal Data on Billions, n.d. https://crackedlabs.org/dl/CrackedLabs_Christl_CorporateSurveillance.pdf.
Das, Anupam, Gunes Acar, Nikita Borisov, and Amogh Pradeep. “The Webs Sixth Sense.” Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018. https://doi.org/10.1145/3243734.3243860.
Englehardt, Steven, Dillon Reisman, Christian Eubank, Peter Zimmerman, Jonathan Mayer, Arvind Narayanan, and Edward W. Felten. “Cookies That Give You Away.” Proceedings of the 24th International Conference on World Wide Web - WWW 15, 2015. https://doi.org/10.1145/2736277.2741679.
Englehardt, Steven, Jeffrey Han, and Arvind Narayanan. “I Never Signed up for This! Privacy Implications of Email Tracking.” Proceedings on Privacy Enhancing Technologies 2018, no. 1 (January 2018): 109–26. https://doi.org/10.1515/popets-2018-0006.
Ferra, Fenia, Isabel Wagner, Eerke Boiten, Lee Hadlington, Ismini Psychoula, and Richard Snape. “Challenges in Assessing Privacy Impact: Tales from the Front Lines.” Security and Privacy 3, no. 2 (2019). https://doi.org/10.1002/spy2.101.
hmathur, arunes. Characterizing the Use of Browser-Based Blocking Extensions To Prevent Online Tracking, n.d. http://aruneshmathur.co.in/files/publications/SOUPS18_Tracking.pdf.
Lebeck, Kiron, Kimberly Ruth, Tadayoshi Kohno, and Franziska Roesner. “Towards Security and Privacy for Multi-User Augmented Reality: Foundations with End Users.” 2018 IEEE Symposium on Security and Privacy (SP), 2018. https://doi.org/10.1109/sp.2018.00051.
Location Tracking using Mobile Device Power Analysis, n.d. https://www.scribd.com/doc/256304846/PowerSpy-Location-Tracking-using-Mobile-Device-Power-Analysis.
Online Tracking, A 1-million-site Measurement and Analysis, n.d. https://www.cs.princeton.edu/~arvindn/publications/OpenWPM_1_million_site_tracking_measurement.pdf.
Pixel Perfect, Fingerprinting Canvas in HTML5, n.d. https://hovav.net/ucsd/dist/canvas.pdf.
Recognizing Speech From Gyroscope Signals, n.d. https://crypto.stanford.edu/gyrophone/.
Roesner, Franziska. Detecting and Defending Against Third-Party Tracking on the Web, n.d. http://www.franziroesner.com/pdf/webtracking-NSDI2012.pdf.
Schneider, Christian. Cross-Site WebSocket Hijacking, n.d. http://www.christian-schneider.net/CrossSiteWebSocketHijacking.html.
Seb, Crypto. Crypto Paper: Privacy, Security, and Anonymity For Every Internet User, n.d. https://github.com/cryptoseb/cryptopaper.
Shining the Floodlights on Mobile Web Tracking — A Privacy Survey, n.d. https://pdfs.semanticscholar.org/80bb/5c9119ff4fc2374103b4f3d6a8f614b3c2ed.pdf.
Su, Jessica, Ansh Shukla, Sharad Goel, and Arvind Narayanan. “De-Anonymizing Web Browsing Data with Social Networks.” Proceedings of the 26th International Conference on World Wide Web, March 2017. https://doi.org/10.1145/3038912.3052714.
The Surveillance Implications of Web Tracking, n.d. https://senglehardt.com/papers/www15_cookie_surveil.pdf.
Trackers Vs Firefox, Comparing different blocking utilities, n.d. https://github.com/jawz101/TrackersVsFirefox.
Understanding Facebook Connect login permissions, n.d. http://jbonneau.com/doc/RB14-fb_permissions.pdf.
Vines, Paul, Franziska Roesner, and Tadayoshi Kohno. “Exploring ADINT.” Proceedings of the 2017 on Workshop on Privacy in the Electronic Society - WPES 17, 2017. https://doi.org/10.1145/3139550.3139567.
Yelp, Luca Wu. Is Google degrading search? Consumer Harm from Universal Search, n.d. https://www.law.berkeley.edu/wp-content/uploads/2015/04/Luca-Wu-Yelp-Is-Google-Degrading-Search-2015.pdf.
Above References apply to the Content in the Following Files:
TLDR | Intro | The Personal Security Checklist | Privacy-Respecting Software | Security Hardware | Further Links
Licensed under Creative Commons, CC BY 4.0, © Alicia Sykes 2022