Wirtschaftsuniversität Wien Magisterarbeit - SemanticLab
Wirtschaftsuniversität Wien Magisterarbeit - SemanticLab
Wirtschaftsuniversität Wien Magisterarbeit - SemanticLab
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
5. Evaluation of Existing Privacy Tools<br />
In this chapter, existing privacy tool will be evaluated and on overview about the most<br />
popular representatives of browsers, plug-ins and proxy-software in regards to privacy<br />
will be given. Although all evaluations are based on the criteria defined in chapter<br />
4, they are not scientifically measured and are solely based on a textual description.<br />
However, to ensure that all tested tools have the same technical basis, the evaluation<br />
will be executed in a sandbox (that is Windows XP SP3 on Microsoft Virtual PC 2007).<br />
As most of the tools have a different objective, it is not always possible to compare them.<br />
5.1. Browsers<br />
In this section, the most frequently used browsers [W3S09] will be evaluated in terms<br />
of build-in P3P support: Microsoft’s Internet Explorer, Mozilla’s Firefox, Apple’s Safari<br />
and Opera Software’s Opera browser.<br />
5.1.1. Microsoft Internet Explorer<br />
Since version 6 Microsoft’s Internet Explorer (MSIE) has built in support for P3P Version<br />
1 compact policies [MS07a, MS07b]. Although users may not be aware of it, the<br />
“Privacy” settings in the “Internet Options” of MSIE define how to treat cookies by<br />
using a “Zone-System”: In the “Local Intranet” and “Trusted” zones, all cookies are<br />
accepted. When using the “Medium” level (which is set by default), MSIE “blocks thirdparty<br />
cookies that do not have a compact policy [...] or third-party cookies that have<br />
a compact policy that specifies that personally identifiable information is used without<br />
your implicit consent.” [MS07a]. First-party cookies that store personally identifiable<br />
information without implicit consent are downgraded to session cookies whereas firstparty<br />
cookies without a compact policy are restricted so that they can be read only by<br />
the issuing domain. In the “Restricted” zone, all cookies are blocked [MS07a].<br />
When visiting a website which does not match the users’ privacy preferences, a Privacy<br />
Report icon is displayed in the MSIE status bar which users can double click to view<br />
the websites’ privacy report [MS07c]. Although the privacy report clearly parses P3P<br />
policies and shows the generated information to the user via the privacy report (cp.<br />
Figure 5.2), the user does not have any options to actively change settings regarding<br />
P3P as MSIE only deals with compact policies. There is a way to import so called<br />
“Customized Privacy Settings” using XML-files but still, one can only define how MSIE<br />
handles cookies [MSDN] - there is no way to configure any other settings P3P offers.<br />
43