User Perceptions of the Privacy and Usability of Smart DNS
Pages 591 - 604
Abstract
Smart DNS (SDNS) services enable their users to avoid geographic restrictions to content (i.e., geoblocking) with minimal internet quality of service overhead. While previous research has shown that usage of SDNS has numerous associated privacy risks, the security and privacy perceptions of users of SDNS are unexplored. In this paper, we perform a survey of n = 63 SDNS users, finding that many have limited understandings both of how these systems work and their overall security/privacy properties. As a result, many users put undue trust in purveyors of SDNS services and in the security they provide.
References
[1]
Sadia Afroz, Michael Carl Tschantz, Shaarif Sajid, Shoaib Asif Qazi, Mobin Javed, and Vern Paxson. 2018. Exploring Server-side Blocking of Regions. arXiv preprint arXiv:1805.11606(2018).
[2]
Alessandro Acquisti and Jens Grossklags. 2005. Privacy and rationality in individual decision making. IEEE Security Privacy 3, 1 (2005), 26–33.
[3]
Allison McDonald, Matthew Bernhardand Luke Valenta, Benjamin VanderSloot, Will Scott, Nick Sullivan, J. Alex Halderman, and Roya Ensafi. 2018. 403 Forbidden: A Global View of CDN Geoblocking. In Proceedings of the Internet Measurement Conference (IMC).
[4]
S. Blake-Wilson, M. Nystrom, D. Hopwood, J. Mikkelsen, and T. Wright. 2003. Transport Layer Security (TLS) Extensions. RFC 3546. Internet Engineering Task Force.
[5]
Roger Dingledine, Nick Mathewson, and Paul Syverson. 2004. Tor: The Second-Generation Onion Router. In USENIX Security Symposium (USENIX).
[6]
ExpressVPN. 2022. Get Started with 5 Awesome Ways to Use ExpressVPN. https://www.expressvpn.com/get-started.
[7]
Rahel A. Fainchtein, Adam J. Aviv, and Micah Sherr. 2022. User Perceptions of the Privacy and Usability of Smart DNS: Codebook and Other Artifacts. https://github.com/GUSecLab/smartdns-study/blob/main/analysis/qualitative_analysis/codebook.pdf.
[8]
Rahel A. Fainchtein, Adam J. Aviv, Micah Sherr, Stephen Ribaudo, and Armaan Khullar. 2021. Holes in the Geofence: Privacy Vulnerabilities in “Smart” DNS Services. Proceedings on Privacy Enhancing Technologies (PoPETS) (2021).
[9]
Kevin Gallagher, Sameer Patil, and Nasir Memon. 2017. New Me: Understanding Expert and Non-Expert Perceptions and Usage of the Tor Anonymity Network. In Symposium on Usable Privacy and Security (SOUPS).
[10]
Gambino, Andrew and Kim, Jinyoung and Sundar, S. Shyam and Ge, Jun and Rosson, Mary Beth. 2016. User Disbelief in Privacy Paradox: Heuristics That Determine Disclosure. In Conference Extended Abstracts on Human Factors in Computing (CHI).
[11]
Gueye Bamba, Arthur Zivani, Mark Crovella, and Serge Fdida. 2004. Constraint based Geolocation of Internet Hosts. In Internet Measurement Conference (IMC).
[12]
HideIPVPN. 2021. What Is Smart DNS? (How Does Smart DNS Work?). https://www.hideipvpn.com/learning-center/what-is-smart-dns-how-does-smart-dns-work/.
[13]
P. Hoffman and P. McManus. 2018. DNS Queries over HTTPS (DoH). RFC 8484. Internet Engineering Task Force.
[14]
Z. Hu, L. Zhu, J. Heidemann, A. Mankin, D. Wessels, and P. Hoffman. 2016. Specification for DNS over Transport Layer Security (TLS). RFC 7858. Internet Engineering Task Force.
[15]
Iulia Ion, Rob Reeder, and Sunny Consolvo. 2015. “...no one can hack my mind”: Comparing Expert and Non-Expert Security Practices. In Symposium On Usable Privacy and Security (SOUPS).
[16]
Josh. 2022. SmartDNS | What Is It and How do You Set it Up? (2022 Guide). All Things Secured. Available at https://www.allthingssecured.com/vpn/faq/what-is-smartdns/.
[17]
Ruogu Kang, Laura Dabbish, Nathaniel Fruchter, and Sara Kiesler. 2015. “My Data Just Goes Everywhere”: User Mental Models of the Internet and Implications for Privacy and Security. In Symposium On Usable Privacy and Security (SOUPS).
[18]
Mohammad Taha Khan, Joe DeBlasio, Chris Kanich, Geoffrey M. Voelker, Alex C. Snoeren, and Narseo Vallina-Rodriguez. 2018. An Empirical Analysis of the Commercial VPN Ecosystem. In ACM SIGCOMM Conference on Internet Measurement (IMC).
[19]
Sheharbano Khattak, David Fifield, Sadia Afroz, Mobin Javed, Srikanth Sundaresan, Damon McCoy, Vern Paxson, and Steven J Murdoch. 2016. Do You See What I See? Differential Treatment of Anonymous Users. In Network and Distributed System Security Symposium (NDSS).
[20]
[20] Martynas Klimas.2021. https://surfshark.com/blog/smart-dns-vs-vpn.
[21]
Laki, Sándor and Mátray, Péter and Hága, Péter and Sebők, Tamás and Csabai, István and Vattay, Gábor. 2011. Spotter: A Model Based Active Geolocation Service. In International Conference on Computer Communications (INFOCOM).
[22]
Tim Morcan. 2019. What Is Smart DNS Tech & How Does Smart DNS Work?https://www.cactusvpn.com/beginners-guide-to-smart-dns/what-is-smart-dns/#legality.
[23]
Muir, James A. and Oorschot, Paul C. Van. 2009. Internet Geolocation: Evasion and Counterevasion. Comput. Surveys 42, 1 (December 2009).
[24]
Moses Namara, Daricia Wilkinson, Kelly Caine, and Bart P Knijnenburg. 2020. Emotional and Practical Considerations Towards the Adoption and Abandonment of VPNs as a Privacy-Enhancing Technology. Proceedings on Privacy Enhancing Technologies (PoPETS) 2020, 1(2020), 83–102.
[25]
NordVPN. 2022. NordVPN. https://nordvpn.com/.
[26]
Ingmar Poese, Steve Uhlig, Mohamed Ali Kaafar, Benoit Donnet, and Bamba Gueye. 2011. IP Geolocation Databases: Unreliable?ACM SIGCOMM Computer Communication Review 41, 2 (April 2011), 53–56.
[27]
Rick Wash and Emilee Rader. 2015. Too Much Knowledge? Security Beliefs and Protective Behaviors Among United States Internet Users. In Symposium on Usable Privacy and Security (SOUPS).
[28]
Scott Ruoti and Tyler Monson and Justin Wu and Daniel Zappala and Kent Seamons. 2017. Weighing Context and Trade-offs: How Suburban Adults Selected Their Online Security Posture. In Symposium on Usable Privacy and Security (SOUPS).
[29]
Rachee Singh, Rishab Nithyanand, Sadia Afroz, Paul Pearce, Michael Carl Tschantz, Phillipa Gill, and Vern Paxson. 2017. Characterizing the Nature and Dynamics of Exit Blocking. In USENIX Security Symposium (USENIX).
[30]
StrongVPN. 2022. Why Do I Need a VPN? | StrongVPN. https://strongvpn.com/vpn-uses/.
[31]
S. Shyam Sundar. 2008. The MAIN Model: A Heuristic Approach to Understanding Technology Effects on Credibility. The MIT Press, 72––100.
[32]
Marketa Trimble. 2012. The Future of Cybertravel: Legal Implications of the Evasion of Geolocation. Fordham Intellectual Property, Media & Entertainment Law Journal 22 (April 2012).
[33]
Marketa Trimble. 2021. A New CJEU Judgment on Copyright-Related Geoblocking – One Step Forward or One Step Back in the EU Commission’s Fight Against Geoblocking? (Guest Blog Post) in Technology & Marketing Law Blog. https://blog.ericgoldman.org/archives/2021/01/a-new-cjeu-judgment-on-copyright-related-geoblocking-one-step-forward-or-one-step-back-in-the-eu-commissions-fight-against-geoblocking-guest-blog-post.htm.
[34]
Zachary Weinberg, Shinyoung Cho, Nicolas Christin, Vyas Sekar, and Phillipa Gill. 2018. How to Catch when Proxies Lie: Verifying the Physical Locations of Network Proxies with Active Geolocation. In ACM SIGCOMM Conference on Internet Measurement (IMC).
[35]
Bernard Wong, Ivan Stoyanov, and Emin Gün Sirer. 2007. Octant: A Comprehensive Framework for the Geolocalization of Internet Hosts. In USENIX Symposium on Networked Systems Design and Implementation (NSDI).
[36]
Zhao Zhang, Tavish Vaidya, Kartik Subramanian, Wenchao Zhou, and Micah Sherr. 2020. Ephemeral Exit Bridges for. In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).
[37]
Zhao Zhang, Wenchao Zhou, and Micah Sherr. 2020. Bypassing Exit Blocking with Exit Bridge Onion Services. In ACM Conference on Computer and Communications Security (CCS).
Index Terms
- User Perceptions of the Privacy and Usability of Smart DNS
Recommendations
User Perceptions of Smart Home IoT Privacy
Smart home Internet of Things (IoT) devices are rapidly increasing in popularity, with more households including Internet-connected devices that continuously monitor user activities. In this study, we conduct eleven semi-structured interviews with smart ...
Extending layered privacy language to support privacy icons for a personal privacy policy user interface
HCI '18: Proceedings of the 32nd International BCS Human Computer Interaction ConferenceThe LPL Personal Privacy Policy User Interface (LPL PPP UI) is designed to allow for informed and free consent. An extension for the Layered Privacy Language and the Privacy Icons Overview is introduced here. The capabilities of the LPL PPP UI consist ...
Perceptions and reactions to conversational privacy initiated by a conversational user interface
AbstractIn 2019, media reports raised awareness about privacy and security violations in Conversational User Interfaces (CUI) like Alexa, Siri and Google. Users report that they perceive CUI as creepy and that they are concerned about their ...
Highlights- Some privacy messages significantly improve privacy and security perceptions.
- ...
Comments
Information & Contributors
Information
Published In
December 2022
1021 pages
ISBN:9781450397599
DOI:10.1145/3564625
Copyright © 2022 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 05 December 2022
Check for updates
Badges
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
Conference
ACSAC
Acceptance Rates
Overall Acceptance Rate 104 of 497 submissions, 21%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 344Total Downloads
- Downloads (Last 12 months)202
- Downloads (Last 6 weeks)32
Reflects downloads up to 13 Jan 2025
Other Metrics
Citations
View Options
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML FormatLogin options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in