About HostView
What are our commitments to protect your privacy?
We are very aware that there are important privacy implications in what we are undertaking. In order to understand users’ concerns and the range of opinions on issues related to a user’s willingness to participate in end-host data collection, we conducted a user survey. A CCR 2010 paper summarizing our findings can be found here. We incorporated the feedback we received into the design of HostView.
We do several things to make sure that your privacy is not compromised unintentionally.
-
•HostView incorporates a "pause" mechanism that lets users turn off all logging (in half an hour increments) when they carry out some activity (say bank transactions), which they do not want recorded.
-
•When we upload the traces from your machine we immediately discard any information regarding machine identity. We scramble machine identities via hashing and retain only the hash, which is used to construct the trace file names. Thus we cannot trace back any given trace to its originator. Our data collection utility does NOT gather any personal data; no documents, emails, chats, etc. are recorded.
-
•Source IP addresses are anonymized using a SHA-256 hash from the cryptopp library.
-
•This data will be used only by the EMD project (see non-disclosure agreement). UPMC agrees to use the data sets only for research purposes and commits never to use them in research that aims at determining the identity of individual volunteers. UPMC also agrees to ensure that all appropriate and any legally required technical and organizational measures are taken to protect confidential information against loss, misuse, and any unauthorized, accidental, or unlawful access.
-
•The data is stored in a machine at LIP6 that cannot be directly accessed from the Internet.