zenon/bachelorarbeit
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Review text so far, add titlepage and erklaerung

Browse Source
This commit is contained in:
Tobias Eidelpes 2020-03-31 17:49:05 +02:00
parent 50e9bdac73
commit 3eb33ae783
5 changed files with 100 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.gitignore vendored
View File

@ -18,3 +18,9 @@ main.pdf
main.run.xml main.run.xml
main.synctex.gz main.synctex.gz
main.toc main.toc
main.acr
main.alg
main.glg
main.gls
main.ilg
main.ind

29
chapters/erklaerung.tex Normal file
View File

@ -0,0 +1,29 @@
\documentclass[../main.tex]{subfiles}
\begin{document}
\chapter*{Erklärung zur Verfassung der Arbeit}
\textsf{Tobias Eidelpes} \\
Hiermit erkläre ich, dass ich diese Arbeit selbständig verfasst habe, dass ich
die verwendeten Quellen und Hilfsmittel vollständig angegeben habe und dass
ich die Stellen der Arbeit---einschließlich Tabellen, Karten und Abbildungen---,
die anderen Werken oder dem Internet im Wortlaut oder dem Sinn nach entnommen
sind, auf jeden Fall unter Angabe der Quelle als Entlehnung kenntlich gemacht habe.
\vspace{2cm}
\bigskip
\begin{minipage}{0.55\textwidth}
\textsf{Wien, 31. März 2020} \\
\end{minipage}
\begin{minipage}{0.45\textwidth}
\begin{tabular}{c}
\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_ \\
\textsf{Tobias Eidelpes}
\end{tabular}
\end{minipage}
\end{document}

23
chapters/methods.tex
View File

@ -27,7 +27,7 @@ identifiers.
\section{Session-based Tracking Methods} \section{Session-based Tracking Methods}
\label{sec:session-based tracking methods} \label{sec:session-based tracking methods}
One of the simplest and most used forms of tracking on the Internet rely on One of the simplest and most used forms of tracking on the Internet relies on
sessions. Since HTTP is a stateless protocol, web servers cannot by default keep sessions. Since HTTP is a stateless protocol, web servers cannot by default keep
track of any previous client requests. In order to implement specific features track of any previous client requests. In order to implement specific features
such as personalized advertising, some means to save current and recall previous such as personalized advertising, some means to save current and recall previous
@ -94,7 +94,7 @@ web \cite{westMeasuringPrivacyDisclosures2014}.
\subsection{Hidden Form Fields} \subsection{Hidden Form Fields}
\label{subsec:hidden form fields} \label{subsec:hidden form fields}
The \gls{HTML} provides a specification for form elements, which allow users to The \gls{HTML} provides a specification for form elements, which allows users to
submit information (e.g., for authentication) to the server via POST or GET submit information (e.g., for authentication) to the server via POST or GET
methods. Normally, a user would input data into a form and on clicking methods. Normally, a user would input data into a form and on clicking
\emph{submit} the input would be sent to the server. Sometimes it is necessary \emph{submit} the input would be sent to the server. Sometimes it is necessary
@ -172,7 +172,7 @@ be beneficial in some cases. Facebook for example, allows their users to
configure what they want to share with the public and their friends. Research configure what they want to share with the public and their friends. Research
has shown however, that managing which posts get shown to whom is not as has shown however, that managing which posts get shown to whom is not as
straightforward as one might think. straightforward as one might think.
\todo{Wrong chapter?} \citeauthor{liuAnalyzingFacebookPrivacy2011} \citeauthor{liuAnalyzingFacebookPrivacy2011}
\cite{liuAnalyzingFacebookPrivacy2011} conducted a survey where they asked \cite{liuAnalyzingFacebookPrivacy2011} conducted a survey where they asked
Facebook users about their desired privacy and visibility settings and Facebook users about their desired privacy and visibility settings and
cross-checked them with the actual settings they have used for their posts. The cross-checked them with the actual settings they have used for their posts. The
@ -279,7 +279,7 @@ soon as the session is `torn down'. By adding an expiration date (demonstrated
in Listing~\ref{lst:permanent cookie header}) or a maximum age, the cookie in Listing~\ref{lst:permanent cookie header}) or a maximum age, the cookie
becomes permanent. Additionally, the domain attribute can be specified, meaning becomes permanent. Additionally, the domain attribute can be specified, meaning
that cookies which list a different domain than the origin, are rejected by the that cookies which list a different domain than the origin, are rejected by the
user agent \cite[Section 4.1.2.3]{barthHTTPStateManagement2011}. The same-origin user agent \cite[section 4.1.2.3]{barthHTTPStateManagement2011}. The same-origin
policy applies to cookies, disallowing access by other domains. policy applies to cookies, disallowing access by other domains.
\begin{listing} \begin{listing}
@ -370,7 +370,7 @@ development of the HTML5 standard, \citeauthor{buhovFLASH20thCentury2018}
Flash content is still served by 7.5\% of the top one million web sites (2017). Flash content is still served by 7.5\% of the top one million web sites (2017).
The W3Techs Web Technology Survey shows a similar trend and also offers an The W3Techs Web Technology Survey shows a similar trend and also offers an
up-to-date measurement of 2.7\% of the top ten million web sites for the year up-to-date measurement of 2.7\% of the top ten million web sites for the year
2020 \cite{w3techsHistoricalYearlyTrends2020}. Due to the security concerns in 2020 \cite{w3techsHistoricalYearlyTrends2020}. Due to the security concerns with
using Flash, Google's popular video sharing platform YouTube switched by default using Flash, Google's popular video sharing platform YouTube switched by default
to the HTML5 <video> tag in January of 2015 to the HTML5 <video> tag in January of 2015
\cite{youtubeengineeringYouTubeNowDefaults2015}. In 2017 Adobe announced that they \cite{youtubeengineeringYouTubeNowDefaults2015}. In 2017 Adobe announced that they
@ -558,7 +558,7 @@ tracking domains.
\label{subsec:html5 indexed database api} \label{subsec:html5 indexed database api}
The need for client side storage to provide performant web applications that can The need for client side storage to provide performant web applications that can
also function offline, has prompted the inception of alternative methods to also function offline has prompted the inception of alternative methods to
store and retrieve information. Consequently, the development of the HTML5 store and retrieve information. Consequently, the development of the HTML5
standard has tried to fill that need by introducing HTML5 Web Storage and the standard has tried to fill that need by introducing HTML5 Web Storage and the
HTML5 Indexed Database \gls{API}. HTML5 Indexed Database \gls{API}.
@ -641,7 +641,6 @@ A variety of caches exist and they are utilized for different purposes, leading
to different forms of information exploitability for tracking users. This to different forms of information exploitability for tracking users. This
section introduces methods which are in most cases not prevalent but are more section introduces methods which are in most cases not prevalent but are more
sophisticated and can thus be much harder to circumvent or block. sophisticated and can thus be much harder to circumvent or block.
\todo{Insert structure}
\subsection{Web Cache} \subsection{Web Cache}
\label{subsec:web cache} \label{subsec:web cache}
@ -830,11 +829,11 @@ own cache (e.g., browsers).
\citeauthor{kleinDNSCacheBasedUser2019} \cite{kleinDNSCacheBasedUser2019} \citeauthor{kleinDNSCacheBasedUser2019} \cite{kleinDNSCacheBasedUser2019}
demonstrated a tracking method which is using \gls{DNS} caches to assign unique demonstrated a tracking method which is using \gls{DNS} caches to assign unique
identifiers to client machines. In order for the technique to work, the tracker identifiers to client machines. In order for the technique to work, the tracker
has to have control over a web server as well as an authoritative \gls{DNS} has to have control over one web server (or multiple) as well as an
server which associates the web servers with a domain name under the control of authoritative \gls{DNS} server which associates the web servers with a domain
the tracker. The tracking process starts once a user agent requests a web site name under the control of the tracker. The tracking process starts once a user
which loads a script from one of the web servers the attacker is controlling. agent requests a web site which loads a script from one of the web servers the
The process can then be sketched out as follows (see attacker is controlling. The process can then be sketched out as follows (see
\cite[p.~5]{kleinDNSCacheBasedUser2019} for a detailed description). \cite[p.~5]{kleinDNSCacheBasedUser2019} for a detailed description).
\begin{enumerate} \begin{enumerate}

BIN
chapters/titlepage.pdf Normal file
View File

Binary file not shown.

11
main.tex
View File

@ -19,6 +19,7 @@
\usepackage{xr} \usepackage{xr}
\usepackage[acronym]{glossaries} \usepackage[acronym]{glossaries}
\usepackage{lastpage} \usepackage{lastpage}
\usepackage{pdfpages}
\glsenablehyper \glsenablehyper
@ -87,8 +88,15 @@
\input{abbrev/acronym.tex} \input{abbrev/acronym.tex}
\includepdf[pages=-]{chapters/titlepage.pdf}
\newpage
\pagenumbering{roman} \pagenumbering{roman}
\subfile{chapters/erklaerung.tex}
\thispagestyle{frontmatter}
\subfile{chapters/abstract-de} \subfile{chapters/abstract-de}
\thispagestyle{frontmatter} \thispagestyle{frontmatter}
@ -104,7 +112,8 @@
\listoflistings \listoflistings
\thispagestyle{frontmatter} \thispagestyle{frontmatter}
\printglossaries \printglossary
\printglossary[type=\acronymtype]
\thispagestyle{frontmatter} \thispagestyle{frontmatter}
\subfile{chapters/introduction} \subfile{chapters/introduction}