Hacker News new | past | comments | ask | show | jobs | submit login

Not at all. Only from the beginning of a particular persona. Mirimir is about eight years old.[0] But I had numerous personas before Mirimir. Some you could maybe track back to, if you worked at it, and knew where to look. But some are just too old, and unconnected.

I was lots sloppier, when I started going dark, in the late 90s. I even talked about it in meatspace. But gradually, I compartmentalized more and more.

Anyone can do that. Just gradually disappear as your meatspace identity. Or restrict it totally to career, and friends and family. Ideally, keeping those separate, so your friends don't hose your career.

And then create and develop an ~anonymous persona.[1] Or a few of them, one for each ~defined set of interests. And just don't talk about it in meatspace. Or mix stuff among personas.

0) https://www.wilderssecurity.com/members/mirimir.121604/

1) https://www.ivpn.net/privacy-guides/online-privacy-through-o...




How can you keep these various personas unconnected from each other and your 'meatspace' online identity (for family, banking etc I presume, where you simply can't avoid it) with the emergence of browser and device fingerprinting? Also do you always go online through each persona from behind a different VPN IP address so they can't be correlated (except by your VPN provider of course)?


For Mirimir and other ~low anonymity personas, I just use a different VM and nested VPN chain for each persona.[0] If keeping them unlinked is not critical, I use the same host machine, and don't obfuscate writing style.

And because I use nested VPN chains, no individual VPN provider can correlate stuff from different personas. It's the same distribution of trust thing that Tor does. Albeit far weaker, because I'm only using several VPNs, and not thousands of Tor relays. But still, it'd take some effort to obtain logs from enough VPN providers.

If I care more about keeping personas unlinked, I make sure to use different VM OS, given the risk of WebGL fingerprinting. Because using the same virtual graphics driver and physical GPU gives the same fingerprint.

If I care even more, I use Whonix via nested VPN chains. With a different Whonix instance for each persona, or group of somewhat linked personas.

If I care lots more, I do all of that, using a different host machine, on a different LAN, with different nested VPN chains.

0) https://www.ivpn.net/privacy-guides/advanced-privacy-and-ano...


Well, I actually can see where you're going with this, since my HN account is completely disconnected from almost anything else I do online, or even offline.

Apart from the privacy benefits, however, I feel that it is a net negative, because it prevents me from sharing here a lot of interesting stuff that happens in FOSS projects I am a part of, or at work.


This is why granular voluntary information disclosure will be super important in the future.

A good social network should allow you to post under a different identity, while still tying-in some attributes of your other identity to the new one.

For instance you could easily share your real life experience under another name, while still proving you have between 1000 and 1500 karma on another account. This fixes the problems of traditional throwaway accounts (lack of credibility).

The only places I see this idea explored is in crypto(currency) projets. This is great because it will be robust and reliable, but the patterns could already easily be applied to today's centralized social networks.


That is an interesting idea. If the karma proof were reliably blinded, anyway.


Yes, that is an issue. Each persona can share just a limited slice. But you could have multiple HN accounts, I think. Or at least, I see lots of throwaway usage. However, perhaps having multiple stable accounts violates the terms of use.


But do you also segregate the devices and networks you connect to for this identity, or can a sufficiently advanced adversary connect the dots where you link up with the rest of the internet?


No. They all go through the same ISP. And through the same initial VPN, because simultaneously using multiple VPNs would be unusual. But after that, I branch out to multiple VPN chains, and multiple Whonix instances.

Like this: https://www.ivpn.net/blog/wp-content/img/Chains.png

VPN4 is OpenVPN via Tor.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: