Given the importance of privacy, many Internet protocols are nowadays designed with privacy in mind (e.g., using TLS for confidentiality). Foreseeing all privacy issues at the time of protocol design, however, is challenging and may become near impossible when interaction out of protocol bounds occurs. One demonstrably not well understood interaction occurs when DHCP exchanges are accompanied by automated changes to the global DNS, for example to dynamically add hostnames for allocated IP addresses. As we will substantiate in this paper, this is a privacy risk: the presence of specific clients and network dynamics may be learned from virtually anywhere on the Internet, even if other mechanisms to limit tracking by outsiders (e.g., blocking pings) are in place. We present a first of its kind study into this risk. We identify networks that expose client identifiers in reverse DNS records and study the relation between the presence of clients and said records. Our results show a strong link: in 9 out of 10 cases, records linger for at most an hour, for a selection of academic, enterprise and ISP networks alike. We also demonstrate how client patterns and network dynamics can be learned, by tracking devices owned by persons named Brian over time, revealing shifts in work patterns caused by COVID-19 related work-from-home measures, and by determining a good time to stage a heist.
翻译:鉴于隐私的重要性,许多互联网协议现在都是以隐私为思想设计的(例如,使用TLS进行保密);然而,在协议设计时预见所有隐私问题具有挑战性,在出现协议外的相互作用时可能变得几乎不可能;在DHCP交换的同时,对全球DNS进行自动修改,例如,动态地为分配的IP地址添加主机名,这显然是一个隐私风险;在本文件中,我们将证实:具体客户和网络动态可能从互联网上几乎任何地方学到,即使有限制外部人员跟踪的其他机制(例如,阻塞电话),也具有挑战性,而且当出现协议外人员跟踪时,可能几乎变得几乎不可能。我们首次对这一风险进行其同类研究。我们查明了在DNS记录中暴露客户识别特征的网络,并研究了客户和所述记录之间的关系。我们的结果显示,在10个案例中,有9个案例,记录在最多一个小时里留有记录,用于选择学术、企业和ISP网络网络。我们还表明,如何通过跟踪名为C-19的人拥有的良好工作模式,通过跟踪Brian公司拥有的良好工作到与时间有关的设备,从Brian-D阶段,从记录到Brian-hro-hrostststal Stal Stat-his-hing Stat-hing Stal Stat-hing imst imst-hing immacts-hing improdu制成一个良好的工作到Brixxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx