Institute of Technology and Research (ITE): Old publications at Twitter they could reveal too much about you. More than you think, according to a survey released. Tweets could reveal places you visited, and things you did, even if you didn't mention them.
Researchers from the Institute of Technology and Research (ITE) in Greece and the University of Illinois found this after they wrote a tool called LPAuditor. The software automatically discovers all tweets data that are available to the public using a service API.
Using the tool, researchers analyzed metadata, hidden information from each tweet to identify user homes, workplaces, and sensitive places they visited. In dozens of cases, they were able to identify the exact identity of the users, even behind the anonymous Twitter accounts.
In the research that is titled Please Forget Where I Was Last Summer: The Privacy Risks of Public Location (Meta) Data, (PDF) researchers report:
...even if the users είναι προσεκτικοί και δεν αποκαλύπτουν κάτι στα tweets, οι πληροφορίες τοποθεσίας που μπορούν να ληφθούν κάτι που μπορεί να οδηγήσει σε σημαντική απώλεια προσωπικών data.
Prior to 2015, users simply looking at the Twitter app or the application's website, without knowing it, gave their location and other information. Users did not know the existence of the data because it only appeared on the primary data collected through the API. Although Twitter stopped collecting this data from 2015, the information is still available to the public through the API.
So the researchers were able to obtain GPS coordinates and use commonly available geolocation services to map them to an address. Then, they grouped the tweets that corresponded to the same address, creating clusters of tweets and matching the trends, frequency and timing of the user's tweets from specific locations.
The researchers also mapped the coordinates of users' tweets in relation to other addresses mentioned in the foursquare. This revealed to them what other locations users could have made the tweets from. So they created potentially sensitive clusters (PSCs) that indicated sensitive sites that users probably visited.
They were able to discover all of the above without even looking at the actual content of the tweets. Only by correlating the metadata could they get a clear picture of what the user did. By searching for phrases such as "at home" or "at work", they could confirm that a location was a home or work address.
Similarly, searching for large keyword lists related to medical, religious, and sexual activities or nightlife activities has been able to confirm that a user is in a sensitive location and deals with a specific activity, even though the tweet did not even mention the place nor his behavior.
Researchers were able to infer more about users than their tweets, and they were able to accurately track many anonymous twitter accounts, according to the PDF.
Twitter allows users to delete their tweets or remove their location data. The problem, however, is that data is available to the public, and data "hunters" may already have copies of it.
So deleting location data from Twitter data will not stop someone who wants to find you and knows how.
Researchers will present their study at Network and Distributed System Security Symposium (NDSS) next month.
____________________
- Deep Learning who I kill in the event of an accident
- What is RAID? Guide for Beginners
- Open Sesame: Windows hack with voice command
- University of Yale: brain living without body
- Ingestion LEGO: Who said that pediatricians have no humor
