
Ask HN: How can I prevent myself from being doxxed? - cardamomo
I imagine my practices are similar to many other HN readers. I follow some privacy best practices but don&#x27;t generally seek anonymity online. You can google me and find my social media accounts, some articles I&#x27;ve written or for which I was interviewed, and figure out what city I live in. That is to say, my online persona is not entirely locked down.<p>Let&#x27;s say I wanted to prevent myself from being doxxed. What steps could I take to make it more difficult?
======
ggggtez
1) Promptly stop saying anything interesting under your real name. Opt out of
all social media except to post messages like "Congratulations on the baby!".
This will prevent you from making any enemies who know your real name, and
reduce the chances anyone will _want_ to doxx you.

2) Start adopting new pseudonyms. Use a different one on every site, and a
password keeper to help you stay logged in. If you happen to forget, don't
worry. Treat every account as disposable. These are not "you". This is not
"your brand". These are merely tools that allow to into a walled garden party
wearing the mask of anonymity.

3) Do _not_ mix your two online personas. Keep your politics, jokes, and
personality in your pseudononymous accounts. Keep your boring safe opinions
and pictures of dogs in your primary account. Don't talk about _anything_ in
your real life in your pseudonymous accounts, even the weather. Reserve that
kind of discussion for in-person friends only. If you make a mistake, just
delete the account and make a new one.

~~~
kovac
One loophole here is that statistical/machine learning analytics tools may
still be able to correlate these posts as coming from the same writer.

We should probably also use a tool that just converts our posts into a generic
style and remove any personal touches like the usual vocabulary, expressions,
punctuation styles someone might use. Is there anything like that out there?

~~~
GaryNumanVevo
easily fixed: google translate your writing through a few languages before
back to English

~~~
pbhjpbhj
Reporter: how did you catch the suspect?

Police: it turned out Google Translate had a record of all their posts!

------
anigbrowl
If you are just worried about someone trying to steal your identity to abuse
your credit or so, you probably already practice good basic security (like
2-factor authentication, not recycling your passwords etc. etc.) and have no
particular need to worry about. You are more likely to have your security
compromised in a corporate data breach than someone taking the time to dox
you.

If you get in fights online or are a member of some group that frequently
experiences abuse (from inside or outside your community) then you should
consider rebuilding your social media identities, giving up some of them,
compartmentalizing your digital life so that your work or business don't
overlap with your friendships or public persona etc.

If things have gone sideways and you think people are already motivated to go
after you, a determined person can pull your details together very quickly
with a mixture of software tools, access to commercial databases, and some
detective work. It's not difficult for someone with experience. In such a
situation you should probably work with a commercial service like
[https://privacyduck.com](https://privacyduck.com) which will do the work of
erasing your digital footprints.

It's not cheap, last time I looked they charged $600/year or so and depending
on your circumstances and vulnerability that might need to be budgeted as an
ongoing expense. I'm sure there are other competitors int he same field but am
not sufficiently informed to make comparisons.

~~~
strombofulous
I'm looking at their list of websites
[https://www.privacyduck.com/services/](https://www.privacyduck.com/services/)
and it looks like this is pretty similar to services that will pay to remove
your mugshot from the internet... It will probably help deter people who
aren't trying super hard but it's unlikely to actually help defend a dedicated
attacker

~~~
anigbrowl
I haven't had to use privacyduck for myself but I'm willing to give them a
qualified endorsement based on the testimony of people I know who have used
their service and said they were quite dedicated rather than just being an
easy cash shakedown.

That said if they're more useful if you have reason to expect you're going to
be doxxed. If it has already happened and your info found its way onto the
dark web then you've got bigger problems.

Luckily that's not the OP's situation, but for a person who finds themselves
unwillingly in the public eye and whose information has been exposed to
malicious actors it's a difficult judgment call. If they're experiencing such
harassment as to fear for their physical safety, that requires a lawyer's
help, and probably involves moving home setting up a shell company to manage
financial affairs/bills/property titles. That would generally be enough to
shield one from inquiries other than law enforcement, but is obviously going
to be very expensive. I'm not qualified to advise anyone on the specifics of
how to go about that.

If you don't have such resources, think about moving - not so easy to track if
you sublet - and most important, _change your phone number_. Switch to a pay-
as-you-go service and use gift cards to develop a parallel financial identity.
Your phone # is the biggest giveaway, followed by bills and property records.
That won't hide you from private detectives or professional snoopers but will
be sufficient to avoid an internet hate machine.

~~~
cutemonster
> Your phone # is the biggest giveaway

How does that work? (Sorry for maybe a bit silly question)

> setting up a shell company

Can't the doxxers find out who owns the shell company?

Or they won't know about the existence of a shell company? Or how does it work

> use gift cards

One would buy gift cards to oneself, use them oneself, right?

~~~
anigbrowl
People like to hang on to the same phone # so that makes it super-easy for
data brokers/snoops to track. Yes, people could find out who owns a shell
company, but that's the kind of work private detectors or financial
investigators do, and they don't do it unless they get paid, which is an
investment most doxxers wouldn't want to make.

Transparency varies from state to state, but some states let you set up
corporations with very little transparency, iirc Delaware specializes in this
to the point that it's become a problem for financial laundering/tax
avoidance, eg [https://www.theguardian.com/us-news/2016/apr/06/panama-
paper...](https://www.theguardian.com/us-news/2016/apr/06/panama-papers-us-
tax-havens-delaware)

You can buy gift cards that work with Visa or Mastercard, and some vendors
will let you reload them (I think Walmart does this). That would give you a
fair degree of privacy for doing things online and in combination with other
things make you invisible from all but very dedicated investigators (or law
enforcement).

by the way, this article, while aimed at political activists, has lots of
useful information and links on how to prevent and/or deal with such a
situation: [https://crimethinc.com/2020/08/26/doxcare-prevention-and-
aft...](https://crimethinc.com/2020/08/26/doxcare-prevention-and-aftercare-
for-those-targeted-by-doxxing-and-political-harassment)

~~~
cutemonster
Thanks for the explanations and the links. The doxx prevention article was
very informative

------
batch12
This is an interesting question. Given your admission that your identity is
loosely linked to your online accounts, I don't think it's possible to prevent
someone from doxxing you-- someone just needs to tie it all together.

I agree with sibling comments here that the only way to really prevent someone
from identifying you from your online personas would be to start over. If you
want to truly be anonymous, you need to build these new personas with OPSEC in
mind. The process includes 5 general steps:

1\. Identify information you feel is critical. In your case, this could be
anything that ties your online activity to your real life identity.

2\. Identify your threat. This can be simple or complex depending on your
needs. Are you concerned about hiding from pissed off gamers, hacktivists, or
a nation state? Knowing the enemy you face will help you better understand
their potential capabilities to find out information about you and how they
could use this information.

3\. Assess your vulnerabilities. Look at yourself from the viewpoint of the
attacker. What information would you use to dox yourself?

4\. Assess your risk. This can also be pretty involved depending on your
vulnerabilities and threats. What could someone do with this information? How
bad could you be hurt?

5\. Apply countermeasures. Figure out how you can mitigate the risk you found
above. This may include closing old accounts, creating new accounts, creating
alternate personas, disinformation, heading off potential impact from a dox,
etc.

Hope my ramblings helped.

~~~
cardamomo
Fortunately, I'm just asking this question out of curiosity right now.

Putting this in an OPSEC perspective makes the problem a lot clearer. Your
reply complements anigbrowl's sibling comment, which gets into some options
for countermeasures.

------
dcow
Find the courage to post under your real identity. Society can’t cancel
everyone. In my experience whatever political activism you’re engaging in (you
mentioned as much in a sibling comment) will benefit far more from association
with a real humans than with “internet commenters”. Politics happen in the
real world, the internet is not representative in that respect. There are very
few things that require true anonymity, and in a liberalist society political
speech is not and should not be one of them, despite trends of late. The only
effective response is to fight back and speak up for what you believe is
right. Don’t be a coward. I mean this in the most sincere way possible.

~~~
ppf
Why would you let an online hate mob ruin your real life? They generally have
little relation to reality, and there's a decent chance they themselves are
just being manipulated and used by others.

I do feel that I have a place in some online battles (or I'm just yelling into
a whirlwind that someone else is controlling, but it can be fun), but I never
link any of my identities. I take the stance that ideas are more powerful than
solid identities.

Edit: Yes I agree, real world actions are much more powerful, and we should
all spend less time online.

~~~
auganov
Well, yes, why would you let them? I don't want to live a life which could be
ruined by a mob simply pointing out something I have said.

I can't help but wonder if people afraid of "doxxing" are paranoid or really
posting stuff they'd never say in person (in which case you probably don't
want to be posting them).

I understand that people get unfairly fired for social media posts. But that's
what it is, an unfair firing. Why work at this kind of a place? And if you're
very open about your beliefs you probably won't get yourself into this kind of
a situation in the first place.

~~~
CJefferson
People die from doxxing, by getting "swotted".

I have a friend who had death threats sent to her parents. These people are
vicious and relentless.

------
coronadisaster
What I do for things like Reddit and HN, is that I create a new account every
few months to make it harder for them... and of course I try not to post
information that could personally identify me. As a bonus, you almost stop
caring about karma points ;) But of course the provider could still doxx you
unless you take some additional steps to stay anonymous (like Tor, maybe).

~~~
yyyuutt
I've started doing this too. Also email every few years now. Its nice not to
care about karma.

------
gostsamo
What is your threat model? Whom you are hiding from and what will happen when
the info leaks?

If you are the generally paranoid though, never publish photos from around
your home, never make online purchases with home delivery, but choose
midpoints like post stations to collect them.

Assume that if you type your info somewhere, it would be sold and will pop up
somewhere. Currently my name, home address, and phone are published in a
american data broker website. If I want them removed, I need to send them an
id with even more personal data and even then they insist that it will be
hidden from public view, not deleted. I need a lawyer if I want the situation
delt with properly.

~~~
cardamomo
I haven't looked into data brokers yet. (Not tonight's problem!) How did you
go about verifying what data of yours they have?

~~~
gostsamo
I just googled my name one day. It is unusual enough to have a limited number
of results and this website popped up with my name, home address and phone.
They must've slurped from some dodgy website where I've shopped or the like,
not sure.

In case that you have too much results on your name, you can add keywords like
"home", "home address", "phone number", and the like. Additionally, you can
add the exact values, but those will be visible for the search engine, and
maybe for someone who is smart enough to go through all queries in google
trends that include your name.

------
searchableguy
Create many accounts similar to your current ones or buy existing accounts
with activity and change their information to be similar to yours. Muddy the
water enough that anyone googling your real name can never guess you and
misdirect people into clicking unsafe content.

You will leave traces of information no matter how hard you try if you spend
enough time on any site.

Btw, did you know that even if you ask dang to rename your account - people
can easily find you by searching on hn.algolia.com because they don't auto
update indexes on renames?

Same for many other sites. There are many indexes and archives that never
update old data and won't care about GDPR requests.

------
PopeDotNinja
One approach is to simply not care if you are doxxed. What would really happen
if someone figured out who you are? If the answer is not much, maybe don’t
worry about it. This approach makes less sense if you are saying things that
will get you in hot water.

~~~
cardamomo
I'm not likely to say things that will get me in hot water, and I'm not a
public figure by any means. That said, I see doxxing as a tactic increasingly
employed against those who participate in political activism, which, like
many, I am increasingly involved in.

~~~
ggggtez
This is a key point missing in your original post. If being politically active
using your real name or real face is required, you'll need to just accept that
people will be able to tie your name and face together eventually.

You can additionally try to make yourself not stand out in real life: Choose a
non-flashy style of dress. Black hoodie, hat, glasses, mask. Something that
dozens of other people will be wearing at such events.

~~~
userbinator
_mask_

It's interesting how the virus has caused far more widespread acceptance of
wearing a mask in public, something that would arouse suspicion only a year
ago. Covering most of your face no longer causes others to notice you.

------
hartem_
Brian Krebs (krebsonsecurity.com) has a lot of fascinating stories on his blog
on doxxing and revealing identities of people for whom remaining anonymous was
vital (spoiler alert: they couldn't).

Keeping totally separate identities across different services is key (using
unrelated usernames, avatars, emails for every service). It’s also extremely
difficult and unpractical to pull off.

In most doxxing cases perpetrators manage to get access to a single service
and use it as a foothold to penetrate to other services. For example, someone
learns your email from a forum, somehow hacks your email, gains access to
Dropbox and finds the scan of your passport, driver's licence and social
security card. Email in general is the key one's digital kingdom so the surest
way to minimize the blast radius is to keep everything separate and unrelated.

Edit: typos

~~~
paranoidrobot
Fyi: Brian Krebs. No C.
[https://krebsonsecurity.com/](https://krebsonsecurity.com/)

~~~
hartem_
Thank you! I fixed my comment.

------
wtt604
Start new accounts with no reference to your old ones, your name or your
location. Be careful about what you put online publicly. I think most people
would be horrified at what the likes of Facebook, amazon or google knows about
them.

~~~
disposekinetics
I'd add to this use some sort of random word generator to come up with
usernames since humans are bad at not picking patterns.

------
ghufran_syed
I’m actually trying to address this problem by creating a place for “kind,
clear and constructive” discussion online, which uses anonymous identities, so
that all users can express themselves in safety. Of course, the hard thing is
to have _both_ high quality discussion _and_ anonymity, take a look at
conferacity.com if that sounds interesting.

~~~
srtjstjsj
Doesn't moderation solve the quality problem? Content is only low quality when
the admins intentionally don't moderate.

~~~
ghufran_syed
Yes, but what we’re really trying to see is what happens if essentially
_everyone_ is a moderator? Or more specifically, what if the only people who
can take part in the discussion are those who can care enough about high
quality discussion to ensure that they and others adhere to some set of
principles that encourage that kind of discussion. Those are obviously the
kind of people who should be moderators, but if the whole community of
contributors is that kind of person, maybe you could maintain the quality of
the discussion as you scale?

Of course, you’d grow _much_ slower, and maybe it’s impossible to get that
kind of site to a critical mass of contributors. But it seems worth trying :)

------
aaron695
"You can google me and find my social media account"

Why can i do this? Sounds like you know the problem already and want a push ;)

A lot of people I know have, no photo of their face, and not their real full
name, and goes without saying totally private. Use Facebooks feature to check
you have no accidental public ones.

Using photos people have taken from their house, I've found the location and
unit numbers before. So all these need to be private if you are really
worried.

Wives/husbands/family are good attack vectors. Not much you can do here to
begin with. But you want things locked down to at least friends of friends.

I shouldn't be able to easily escalate from necessary public profiles to
private ones.

But it's all about working towards the goal. Just make a start. Every little
bit reduces the chance you'll get doxxed. You might just have to be the
stronger gazelle.

Maybe privacy is dead, maybe it's about having a job you can't be fired from
or a gun in the house? Some peoples incomes depend on the public profiles.

~~~
cardamomo
Perhaps I've put too much trust in social media companies' privacy controls. I
trust you can find my accounts but see very little of my profiles or posts of
relevance to my offline life. Perhaps it's time to make myself less
searchable.

~~~
aaron695
A real interesting point someone else makes is, it's probably like a code
review. You'll find it hard to find your own errors, but it's always fun for
someone else to find your mistakes.

------
password4321
_Extreme Privacy: What It Takes to Disappear_ by Michael Bazzell

[https://www.amazon.com/dp/B0898YGR58](https://www.amazon.com/dp/B0898YGR58)

This guy sells books on both sides, OSINT and privacy.

------
Hakashiro
Interestingly, nobody seems to have talked about email.

I run my own mail server, and I have a domain registered for handling incoming
mail. Every single website, and I mean every single one, has a different email
address under that domain.

Now, while it could be relatively easy to correlate all usernames with domain
part of the email, I make it as difficult as possible.

Additionally, some handles are further separated. For example, my professional
handles (so stuff I use at work but on my name, my GitHub public email, and
similar stuff like that) are under other domain names from a professional
(paid) email service. And even those aliases get changed over time (damn you
automated email crawlers).

So even if the database of a website was leaked and my mail was in that
database, I would , as soon as I’m made aware of the breach, delete the
account immediately and instruct my mail server to discard all incoming mail
to that address. Of course, every online identity of mine has a different
name. This onr has a Japanese name, but I have others with common American
names, tongue twisters, and sometimes keysmashes. Good luck correlating it
all.

------
d3nj4l
At the most basic level, don't say anything online you wouldn't want seen
again. Not in discord, not on twitter, nowhere. Always treat anything you
disclose online as if it's public knowledge from that point on. Even if you
delete it, there's a tonne of third parties that archive data you post, even
on more "ephemeral" services.

~~~
pbhjpbhj
Isn't it a given that the OP still wants to take part in online society.

You're comment is more like "stop your eyes stinging when you're in the pool
by never going in the pool", but they're looking for mitigations not
avoidance.

~~~
d3nj4l
That's not the same. I'm not suggesting giving up social networks. What I mean
by "never say anything you don't want sticking around" is that you should
never disclose things that could be used to dox you. Never give anything more
than a very general general area for location, or speak about which college
you went to, or where you work. Talking about hobbies is fine, preferably on
multiple accounts so nobody can link them together into a complete profile.

------
unusximmortalis
[https://jameswmontgomery.com/2020/08/15/how-to-create-a-
pseu...](https://jameswmontgomery.com/2020/08/15/how-to-create-a-pseudonomous-
identity-on-the-internet/)

------
AmericanChopper
If you’re trying to prevent an online persona from being tied to your real
identity, then you just have to be incredibly paranoid about anonymity. It’s
not enough to hide your name, you have to consider hiding anything that makes
you identifiable. If I knew somebody was a software engineer, well I wouldn’t
know how to find out who they were. If I knew they were a software engineer
from Arkansas who contributed to Rust projects, all of a sudden my search
would have been narrowed down significantly.

If you want to prevent somebody who knows your identity from finding your
phone number, address, etc... good luck. Whether somebody can find that would
pretty much boil down to how much effort they’re willing to invest.

Source: I used to do some of these sorts of OSINT investigations as part of a
fraud investigations team.

------
rurban
The problems are not kids, the problems are grownups. Like police, border
control, visa applications, which can harass you if you dare to voice your
opinions.

Which is a problematic turn of events. When I grew up, the western world was
not like China or Eastern Europe, as it is now. So you didn't use pseudonyms,
because your name was your brand. Only immature kids or lgbt people used
pseudonyms, the rest was honest, and it helped you with your job prospects.
Now a new wave of fear, bullshit and lies has taken over cooperate and public
matters. You can now even trust the Eastern Europeans more than westerners.

------
082349872349872
Have your lawyer transact your business. Have your holding companies own shell
companies that own your assets.

The above is not complete snark: a friend's brother, whose daughter's _fiesta
de quinceañera_ I'd attended, was put in a coma working full-time for a fellow
who employed two full-time accountants as part of his "family office" but who
was not only too cheap to carry insurance but then even explicitly said the
brother, as an independent contractor, should've had his own and refused to
contribute anything towards his medical bills. I spent an afternoon trying to
track down assets, and the structure I managed to reveal was ... interesting.

~~~
srtjstjsj
What are you trying to say?

~~~
082349872349872
that following recommendations of the first para makes doxxing difficult (the
second para is to say I can confirm).

------
miguelmota
If it can happen, it most likely will happen if someone really wanted to (ie
by doing phising attacks, looking up public records, hiring private
investigators, etc), so the best thing to do is to think about what can be
done to minimize any collateral damage after the fact (ie protecting your
image, securing online accounts, keeping your home safe, etc), since any
sensitive information (ie confidential or embarrassing) they can acquire can
be used to blackmail. It's pretty hard to remain anonymous online for a long
time given how everything is connected and archived on the internet these
days.

------
exolymph
The easiest way is to be insignificant. But it's still no guarantee.

~~~
prostoalex
People have landed in hot water for something they wrote or said decades ago.
I'm guessing the OP is asking for a strategy that's reasonably future-proof.

~~~
srtjstjsj
Insignificant people? Who?

------
xenocyon
It depends on what you mean by being 'doxxed'. It is trivially easy to find
out what city I live in and a few other non-identifying details. It's harder
to pinpoint my real name or address without the active cooperation of website
owners (and maybe not even then).

Miniscule levels of risk are not worth worrying about, unless you are a figure
in the public spotlight or likely to be a person of interest to police or
intelligence orgs, in which case you should probably seek advice specific to
your situation.

~~~
cardamomo
> in which case you should probably seek advice specific to your situation

This is really the key takeaway I'm getting from your comment and others so
far: what is meant by doxxing and what I can do about it are very context-
specific.

------
coderobe
Easy, just dox yourself first.

------
Causality1
Effectively you've already doxxed yourself. The ability to associate a real
name with an address without excessive effort predates the internet and these
days it is even easier, so with the internet the only winning move is not to
play. Stop using your real name, period. Creating fame and an online persona
that can pay your bills is directly at odds with maintaining privacy.

------
m3kw9
Essentially any info you have posted that you remember that can be linked to
any of your real ID can be traced to you. Sometime it doesn’t need to be
public as hackers sell a lot of these info from hacked sites. I would say
difficult to hide unless you don’t really use the internet or you are so
careful it takes the joy out of it.

------
ppf
Don't use your real name online. I don't have any complicated privacy best
practices, I'm just not on social media and don't use my real name online if I
can at all help it.

Edit: Sounds like it's too late for you, but don't be an activist online using
your real name unless you have some real, physical security.

------
tmaly
Avoid politics at all costs.

Stay quiet and mainly share content about food, gardening, and occasionally
programming.

------
probinso
You have to define your threat model. The easiest way to not get doxxed is to
always use a throwaway account. Don't bother having persistent identities
online.

------
ydnaclementine
Google your full name (and any variations, Edward -> Ed, etc) and remove
yourself from these whitepage direcetory type websites that people can look up
your past/current residences

do your family a favor and remove them too

------
tracker1
1) get a "burner" cell phone, pay in advance service that isn't tied to you.
Use cash to buy "gift card" or prepaid ahead of time for anything you do with
this phone or online. Disable location tracking.

2) get a chromebook or other cheap laptop that isn't connected to "you"

Use the laptop and phone for anything you do online. Do not connect to public
wifi, or use the accounts on other devices or your personal accounts on these
devices.

You should be able to stay relatively anonymous this way. You will have a
phone and laptop to run whatever operations/statements or other activities you
want to remain private from your real life person.

You may want to go a step farther and use a pre-paid VPN service for all
activities as well. But by all means, don't mingle your devices...

------
yyyuutt
Its almost worth changing your name if you have an unusual one. It must be
great to be have a name like John Smith because no one can google you to find
anything interesting.

------
rishabhd
Read everything ever written by thegrugq and apply it.

------
grimzucchini
One thing: Delete url of your HN bio with information about who you are and
hide your real name in the footer your website.

------
lazyant
Maybe adding false information?

Harder in blog articles if you already have an identity and a real name, but
if you are in twitter or reddit, you can post about fake locations, hobbies,
family members etc. This way at least is harder to be doxxed by automated
tools and add some plausible deniability.

------
bra-ket
I’d say, vote.

------
notomorrow
ask gwern

------
RickJWagner
My technique is to use my real name and offer only opinions that I think are
quite reasonable. Of course I still run risks, but I imagine everything is
knowable to someone determined enough to go looking for you. I'd hate to have
posted something I wouldn't be proud of later.

~~~
AnimalMuppet
That lets you live as a person of integrity (in the sense of "integral", that
is, there's only one of you).

But it's not going to save you from the mob. Things that are quite reasonable
can still set off the mob, because the mob is very much _not_ reasonable.

------
thetechimist
It seems to me that the whole threat of being doxxed relies on two things: (1)
that you’ve done something in one sphere of life that would be reprehensible
(and maybe actionable) to another sphere of life, and (2) that the unholy
Russian Twitter not mob can influence that other sphere of life.

It may not be possible to have different spheres of life cohabitate
peacefully, especially if the doxxing involves shining light on old character
flaws you’ve since remedied, but thanks to the digital world we live in, can
be easily surfaced. I’d say “get off social media forever” to at least prevent
your self 20 years in the future having this same worry about whatever it is
you are innocently sharing this month, but that always seems to draw a gasp
from people who apparently can’t imagine life without the internet.

Seems to me that everyone who has ever been doxxed is doing “something” that
draws attention to them. That doesn’t make it right, but I haven’t heard of
doxxing of any quiet Amish families, or guys building cabins in the woods
minding their own business.

It’s usually some loudmouth on some open source software forum, or some
politician’s operative, or someone being a potential whistleblower.

What you are asking is, in essence, how can I keep from getting punched in the
mouth? It’s not too difficult, if you think about it. Someone randomly
punching you in the mouth “for no reason” is about as statistically probable
as being struck my lightning twice in the same week.

Some people attack punches more than others. I’m not saying it’s right, or
even deserved. Just that there are life choices that can increase the odds.

Maybe what you’re really asking is how can I avoid the risks of some life
choices I am making or want to make?

All the advice here will only partially mitigate the risk. The only real way
to eliminate it would be to make different choices to stop unwanted
attraction.

I somewhat laughed at all the “privacy” tips here. My friend, if you tick off
the wrong person, they will find you or hire someone good to do it for them.
And if doxxing is their chosen revenge, you can’t choose to then decide to be
a quiet mild-mannered ordinary citizen when you already opened your mouth and
drew attention to yourself.

I’m sure everyone who flips someone off across the street wishes the same when
they see the scrawny guy reach into his jacket and pull out a gun.

