Threat Observatory / Early Warning System
The PrivacyFlag Observatory is focused on providing a holistic overview of the privacy landscape in the modern Internet. The basic idea is to inform users, developers, stakeholders and researchers on the level of adoption of best practices as well as how prevalent insecure, obsolete and deprecated technologies are. Furthermore, interested parties can observe the rate of commitment to privacy related technologies for the most important web sites, since PrivacyFlag is based on active and live crowdsourcing.
PrivacyFlag Observatory is organized in three distinct categories, Confidentiality, Security and Privacy of Data. All of them are related to the Privacy of your Data in a direct or indirect way. Find why:
On the Internet nothing can be 100% secure. However, there are some technologies that are less secure than others. Usually, those technologies more prone to security defects are either obsolete and deprecated solutions that are no longer up to modern standards or are new untested solutions that, despite good design intentions, do not meet always all the requirements. Nonetheless, some of these less secure technologies are quite prevalent and they should be used with caution.
EWS regarding embedded links that direct to malicious websites in the last 5'.
PrivacyFlag scans every reviewed website for embedded links which direct users to malware infected web sites. During a malware epidemic it is possible that many innocent sites become infected and unknowingly host malware. Generally, the average number of infected sites should be minimal - close to zero - in comparison to the vast amount of web sites.
Percentage of websites that use Flash, a technology with known security issues
Flash was once the king of multimedia content and was used thoroughly in the Web. Most web sites delivered multimedia video almost exclusively in Flash. Unfortunately, the Flash protocol was also ranked highly as a major source of security risks. Therefore, most modern web sites tend to avoid using the Flash protocol in favour of new multimedia codecs. So, although it is not always possible to avoid using Flash at all, try to use web sites with native HTML5 video players to enjoy your web video experience safely.
Percentage of websites that use potentially dangerous advanced HTML5 APIs - Web Audio API.
HTML5 Web Audio is a very useful technology to capture and store sound streams form various audio input sources as well as the microphone. Naturally, a great deal of care must be taken to protect users from unauthorized recordings, thus this specific functionality should be used with caution.
Percentage of websites that use potentially dangerous advanced HTML5 APIs - WebRTC.
HTML5-WebRTC is a very effective mechanism for providing real time communication but is also used by hackers to leak sensitive information or deanonymize users. This is a promising and useful technology, but whenever privacy is absolute necessary, WebRTC should be avoided.
Percentage of websites that use technologies with known security issues - ActiveX.
ActiveX is a Microsoft technology supported in older Microsoft browsers. It can be used to build complex scripts to automate many tasks. ActiveX normally operates from the web site directly to the users systems. As a consequence, many security issues arise from this approach. If you are using Internet Explorer, you can disable this. For more information on how to disable ActiveX, read How to disable ActiveX controls in Internet Explorer
Percentage of websites that use technologies with known security issues - Java.
Java is a popular programming language. It has been used since the earliest days of the web to develop powerful web applications known as Java Applets. Due to many vulnerabilities that Java suffered during the last years, it is considered bad idea from security perspective for a web site to use Java. Most web browsers deprecate Java code. In case you absolute need to work with a web site which is based on Java Applet, better use a dedicated second browser for that and not your daily use browser.
Percentage of websites that use technologies with known security issues - Silverlight.
Silverlight is a new Microsoft technology based on the .NET framework. It is used for the development of highly interactive applications to enrich user experience .NET as every middleware with direct access to your PC may be a security risk. Better avoid it, if not absolutely necessary.
Percentage of websites that use technologies with known security issues.
A short overview of technologies with bad security record. A more detailed explanation is available in the respective sections.
Percentage of websites that use potentially dangerous advanced HTML5 APIs.
HTML5 is the newest Web standard, it is definitely the future of the WWW and is here to stay. As it happens with any new powerful technology it provides a set of new impressive features. On the other hand, some of them might have some security and privacy issues. PrivacyFlag have identified some potential problematic, from privacy perspective, technologies. Unless there is a good reason for a web site to use this functionality it is better not enable them yet.
Percentage of websites that use following techniques.
A summary of the powerful technologies used in websites.