Big Data, Psychological Profiling and the Future of Digital Marketing | Sandra Matz


Separately noted.

Privacy and Threat in Practice: Mobile Messaging by Low-Income New Yorkers | Ame Elliot

Privacy and Threat in Practice: Mobile Messaging by Low-Income New Yorkers
Ame Elliot, Simply Secure


Is a theoretically-secure system any good if it doesn’t address users’ real-world threat models? Is the security community today meeting the needs of a mass, global audience, or simply building tools and features for itself? Do we know how to understand what people really need?

We asked a group of straight-talking New Yorkers about the data-security threats they face. Their answers indicate a significant gap between their lived experience and the way our community thinks about security. To bridge this gap and get privacy-preserving systems into the hands of real people, we need more foundational research to understand user needs, not only late-stage usability studies in a lab.

Through in-context interviews in homes, restaurants, and libraries, our study gained insights into a world of constant surveillance experienced by a group of low-income African-Americans. They shared specific examples of how their phone is threatened at home, work, and on the street. This talk shares our participants’ threat models. From shoulder-surfing, to catfishing, to how a “renter’s mindset” develops around handsets controlled by adversarial telecom providers, understanding privacy and threat in practice has far-reaching implications for the future of information security.

Ame Elliott is Design Director at nonprofit Simply Secure, where she focuses on the user experience of privacy-preserving technologies that empower people. Previously she worked as design research lead for IDEO San Francisco delivering tech strategy for clients such as Acer, Ericsson, and Samsung. Prior to IDEO, she was a research scientist at Xerox PARC, and at Ricoh Innovations. She earned a Ph.D. from the University of California, Berkeley for her work creating hybrid physical-digital interactions to support the architectural design process. Ame holds eight patents and is the author of numerous publications including a chapter in the Oxford Handbook of Internet Psychology. Her design work has been included in the Cooper-Hewitt Smithsonian Design Museum and recognized with awards from the AIGA, IDSA/IDEA, the Edison Awards, and the Webby Awards.


Think Outside the Boss | Trebor Scholz, Public Seminar

; Think Outside the Boss; an essay; In Public Seminar; 2015-04-15.
Teaser: Cooperate alternatives to the sharing economy

Trebor Scholz, professor, Hampshire College

Rethinking Marxism, a peer-reviewed journal produced by the Association for Economic and Social Analysis

Rethinking MarxismA Journal of Economics, Culture & Society; Routledge; since 1988.

Cooperative Alternatives to the Sharing Economy; In Some Blog; 2015-04-29.
Videos? of the panel.

Trackography: You Never Read Alone | Claudio Agosti

Trackography: You Never Read Alone; Presented at the 31st Chaos Communication Congress (31c3); 2014-12-29; slides (howmany?, twenty?)

tl;dr => the web has beacons.  yawn.  the author isn’t in the trade.



  • EU-focused; not US
  • Components
    • PhantomJS
    • GeoIP (MaxMind)
    • traceroute
  • Suggested propylaxis
    • Privacy Badger
    • AdBlock Plus
    • Ghostery
    • Disconnect
    • NoScript
    • ScriptNo
    • RequestPolicy
    • Priv8
    • Beef Taco
    • Click&Clean



  • pale grey is “no coverage”
  • dark violet is “some data”

trackography.orgTrackography API


Watch “Velocity Conference 2014: UA Strings Are Terrible” on YouTube

Alec Heller (Akamai); Velocity Conference 2014: UA Strings Are Terrible; Akamai Technologies; At Velocity Conference; 2014-07-29

Alec Heller, Senior Software Engineer at Akamai.


Assert-Media: (width, 400) and (height: 1234)
Accept: image/webp, image/jpg


  • In the domain of
    • responsive design.
    • using the User Agent string to detect screen size.
  • Presentation
    • The proposal appears at 16:48, and should have been the first and only slide.
    • Lots of ums, very low bandwidth presentation, lots of ums.
    • tl;dr => they minded large logs with Big Data and found factoids
    • Lots of ums, and very painful for the listener.
    • Did I mention that there were lots of ums?
  • RFC 2616
    • Section 14.43 User-Agent
  • RFC 7231
    • Section 5.5.3 User-Agent
  • Combinatorics
    • Apps, each app has a unique string
    • Version Numbers
    • .NET
    • Serial Numbers & UUIDs
    • Typos
  • http-client-hints of Ilya Grigorik
    Headers like…

    • CH-DPR
    • CH-PW


  • 2014-06-08 (full day) from some service
  • 18,506,131 User Agent Strings “top of list”
  • 15,153,962 User Agent Strings were unique