As careful as some of the things he suggests are...if you're truly wanted by a state-level actor or sufficiently motivated attacker, you won't be able to hide by simply using VPN and Tor. Especially if you're running something with many transactions like AlphaBay. You would need to obfuscate quite a bit more:
- if you're using VPN traffic but most people "around" you aren't, you're a suspicious node; your ISP could easily flag you to your government. If you use wifi at a common point you're likely to be flagged and there isn't an easy way other than keeping on the move. But moving often is another anomalous event, and it's very difficult to do even for Drug Lords ( El Chapo ) or Terrorists that it behooves to do. This puts you in a sort of Zugzwang, to borrow a chess term.
- there's always leakage, for instance, in the way you talk with people in the real world. At some point you send enough communication for sophisticated frequency analysis.
- and there are other patterns of usage that could be used to identify you, like searches or even keyboard frequency on anonymized accounts can be de-anonymized by very specific markers ( ML works! ).
- off ramps for crypto aren't very good. If you're in e.g. Brazil, haha, yeah, good luck spending bitcoin or any other crypto and going unnoticed. Mixers and tumblers will eventually leak and you'll be caught.
- you're very vulnerable to social engineering by people you do business with. one slip where you stop communicating in a transactional mode of communication and that's a weak link in your armor.
In the end, the FBI only has to be right once, and you have to be right every time.
You're absolutely right. It is not enough to use anonymity tools, you also have to make sure everything else around you doesn't compromise your anonymity. Made me think of a Harvard bomb threat incident where the student posting a fake bomb threat (through Tor) to avoid final exams was the only person using Tor on campus at the time, which trivially identified him.
From what I remember about that case, he was one of 8 people who were on the network at the time, but the authorities told him he was the only one, leading to his quick confession. Meaning that if he had stuck to his guns and denied it there wouldn't have been a good way to prove he was the one who did it.
It was indeed his immediate and voluntary confession that did him in. If he had not snitched on himself he would have just been a person of interest. He was one of several people who happened to be using Tor on the campus at the time, but that doesn’t mean anything, the person making the threat could have been someone in LA or Moscow or Beijing just looking to cause mischief and having no connection to the school at all. If he had kept his cool he probably would have gotten away with it.
No, it just means they couldn't have stopped digging at that point. Having dramatically reduced the search scope to a small number of people, they would have just needed to find one other small piece of evidence to narrow down the group suspects further.
I remember being shocked at the time that he had the foresight to use Tor but not to use literally any wifi network other than the campus wifi. That being said, there are a whole list of things he'd have to do to keep anonymous and it only takes one slip to identify someone.
Tor is amateur hour. The Feds can easily deanomymize things where a server is up 24/7 servicing requests.
The author of this article is also very wrong: Anonymity is not on a spectrum. It’s all or nothing. Like a Mario game where any mistaken encounter makes you start over (and that’s if you don’t get in trouble for what you did).
First step is to understand that any system could be bugged. Every IRL confidant could sell you out. Every keyboard could have a keylogger, etc. Every store could have a security camera. Phones are giving out their MAC numbers to every cell tower and wifi radio. They now have chips you can’t turn off, and so forth.
You should also assume there is no such thing as an “anonymous” account and that every service COULD sell out whatever information you gave it. (Yes, even Telegram or ProtonMail, however unlikely that may be.)
The below is a playbook for how to become truly anonymous. Continue to live your everyday life but the below is only for your “anonymous” identities, which you can gradually bootstrap as a hobby:
The first thing you do, therefore, is bootstrap your identity by taking advantage of unlinkability that is available to you. Buy a bunch of Android phones on Craigslist for cash, for example. (Or pay a homeless guy to buy a phone in a store for you.) Do not use SIM cards at all, only WiFi. Never take photos, etc. Keep your phone off or in a faraday cage until you use it. For extra points, always use it through a VPN on WiFi at home, which you purchased using the accounts below:
Then make an anonymous google account on the Android phone. Make some ProtonMail accoung usinf such an anonymous Google account. Now you can bootstrap from email addresses.
Buy some Google Play gift cards and download some apps to get a second number. Now you can bootstrap from a phone number. Sign up to Telegram, Signal and other accounts using this. Now you have end to end encrypted messaging.
Frankly, though, realtime messaging is a bit of a luxury to continue to stay in normie world. To stay truly anonymous, you should continue to:
1. Schedule posts and mail send/receive at random times. Do not ever use realtime audio or video because it might be recorded. You might make an exception for early days of your projects when people would have no reason to go out of their way to record you — just to give them confidence you’re a real person. But afterwarss, stop doing that. Let the people build your movement for you.
2. Never mention your anonymous identity or projects from your real one, and vice versa. This means your anonymous identity MUST NEVER have confidants or colleagues IRL. Build up a network of colleagues who are “fronts” for what you do. Eventually you can step back and let the movement do things for you.
3. Pay and get paid in cryptocurrency. Have smart contracts send you the money (think Richard Heart’s Hex origin address, but actually anonymous).
4. You will only ever be able to spend the crypto on paying people for services and DeFi protocols. You can never cash out to fiat, because the IRL purchases catch up with you when they follow the money. There is a surprising amount of online services you can spend $97 million dollars on, while staying anonymous ;-) If you really do need to spend money IRL (because you went broke somehow in your everyday life) then you can cashout using cross-chain bridges and Monero to pay for goods. But still, never get ostentatious wealth IRL!
5. The weakest link then becomes your writing or coding style. Never publish any code or writing, let others do it for you. Make your communication to others from your anonymous identity sufficiently different than anything saved later would not identify you (this is the weakest link, but you can consider “playing a character” when speaking to others).
6. Any private keys that you used to sign your messages can be periodically published in some conspicuous place, effectively giving you plausible deniability about all your previous and future posts. It’s hard to prove a negative (that no one else has access to your private keys before your public disclosure.)
Is it not, for the non-criminal user? My HN, Reddit and Twitter accounts are "anonymous" (pseudonymous would be more accurate), and it matters to me to the extent I share thoughts I would not on Facebook or if Googling my name lead straight to it - not that I'm ashamed of them, I try to be decent (tho I slip at times and am more brash than I would IRL), it's just that they hold some personal opinions and matters, kind of like that lady in OP's post (except I wouldn't reuse pseudonyms, especially not openly cross-linked to identified accounts). Obviously, a governmental agency that had any reason to look for me would link them in the blink of an eye, but it is "anonymous" enough for my needs: people who matter to me or people like prospective employers do not know of them and hardly could. Even if they leaked to some dark corners of the Internet like my SSN (screw you, Equifax), that hardly doxes me as far as regular humans are concerned. If someone emailed me with my online usernames, it would creep the fuck out of me, but ultimately be inconsequential, at worse it would threaten to shame me for my opinions.
So how's that not on a spectrum of anonymity? OP's post obviously does not say your anonymity when it comes to three letter US agencies is on a spectrum, that is black and white and s-he recognizes it, but rather the link-ability of your online presence(s) to your real life identity. With that Tinder lady at the "IDGAF"-end of it, your paranoid (or criminal) Jane Doe on the other end and me somewhere in between (but much closer to the former).
So, you know who I am or how to reach me? Send me an e-mail (or, better yet, dox Satoshi) and I'll take your point. I don't see how pseudonymity can't be a flavor of anonymity, even cyber-criminals who have every reason to remain truly anonymous online - as in hidden from FBI and gang - can pick some form of pseudonym so people can address them, Dread Pirate Roberts would be an obvious example (tho he failed to be anonymous to govs).
Per Wikipedia:
>Anonymity describes situations where the acting person's identity is unknown. [...] The important idea here is that a person be non-identifiable, unreachable, or untrackable.
Using a phone is probably the first mistake. If you are going to use your home network you are better off using a machine you control and an operating system that is open source.
I suggest these steps:
Step 1: Connect to a popular vpn.
Step 2: Connect to tor
Step 3: Get free vps or pay with cryto you trade for gift cards purchased or some other method
Step 4: Connect to vps with desktop running. Use virtual desktop.
Step 5: Use vpn. This time use vpn with best rep to be accepted as regular traffic.
Step 6: Signup for services
Step 1 solves the k issue. Many people using that vpn will connect to tor
Step 4: Seems slow but at the virtual desktop level out things are fast from that machine to new hosts. Use scripts could help.
Iirc phones will broadcast previously connected access point max addresses. I doubt gp truly understands what it takes to be anonymous (imo it’s probably impossible).
They still had to somehow link your online identity to your phone. And how would they do that? The phone is simply a computer that you use, through VPNs, to send and reveive mail and post messages to groups etc. They’d have to approach ProtonMail, then your VPNs in order, and then get security footage from the place where you were accessing the VPN at that time. And then cross-reference your gait etc. to a database. Maybe in 10 years they would have such coordination, and we will need better tactics.
What’s far more interesting is what to do if VPNs are banned in a country. You can’t be using one there. You’d have to have set up anonymous hosting and port forward stuff yourself.
Again, it’s possible that all anonymous hosting, VPN etc. is shut down and requires KYC by say 2050. That is why you must bootstrap from what are valid but essentially “compromised* accounts now while you still can, and hope they are grandfathered into the new totalitarian surveillance system. Buying phones on craigslist is one example.
Another example is those eyes Anderton installs in Minority Report, but security in that movie is like a bad joke, IRL he’d be outed instantly by his gait, heart patterns via wifi and so on. In fact they didnt even change the access keys after he ran LMAO
It seems that this would work for a while, but if we're trying to bootstrap well into the future, a shiny new phone of the hour Samsung S22 showing up new on the network only 15 years out in 2037 would stick out like a beacon, and that's assuming it would even connect to the then-current comms protocols.
Not nearly on the level as what is being suggested but my company has had several anonymous surveys and I started thinking about writing style when taking them. If you're prone to certain phrases, words, use of contractions or lack thereof, especially when the pool of people is small and you're providing critical (but needed) criticisms, you could potentially be identified by your immediate supervisor. Introducing typos and avoiding phrases you commonly say, adjusting your "tone" is a lot of effort when you can just disengage entirely and/or behave like everything is public (which it may as well be at this point).
Most "anonymous" surveys I've been asked to take through work require listing more than enough information for unique identity. One assured I would be anonymous, then asked me to fill in the name of my manager, my team, and job title.
Fortunately mine have not but at a certain point they're useless because no matter no low the scores go nobody in their right mind wants to provide long-form feedback to identity actionable fixes because product teams are usually small even if there are a lot of developers in the pool your pain points will be unique to what your working on.
Yes, this is usually my experience as well. What makes sense for you to bring up identifies who you are. Hardly anonymous. But sometimes I've also been asked to explicitly identify myself as mentioned yet it's still supposedly anonymous.
We can give anonymous feedback about others where I work. We can submit it at any time about anything, positive or negative. I have never touched it despite knowing that HR doesn't get my name. It's not hard to figure out who's submitted a piece of feedback from their writing style and the specific situation you're writing about. Like if I were to give feedback related to working on a project with one other person, any sort of specifics about the project would make it very obvious that it was me writing the feedback.
One idea I've seen is running through translation services. IE, convert to spanish and then back to english. But unless we have good offline services, it defeats the point.
Maybe not very practical, but to combat targeted writing analysis on the internet you could try running such analysis software on your own writing to find out what makes it stand out. Work to make the writing as "bland" as possible, perhaps with aid of software translators or filters.
The hardest investigation to defend against is the rubber hose investigation. Gotta give them what they want, without them even suspecting you could be that mysterious founder. The only way people suspect you’re someone is if your k is small, eg how many people could be Satoshi?
If you’re efficient, you can retire the mysterious founder identity and simply have multiple “early adopter” addresses that generated rewards early, among actual adopters. Make an exit from your projects as early as you can after they gain momentum with the wider crowd.
There is no way to stop people from starting open source projects, accruing the early rewards and then selling those rewards to others in a decentralized exchange or async OTC deal. If every country worldwide ever closes down all such anonymous mechanisms (maybe by 2050) and makes register in order to sell your rewards, you simply sell your private keys to the wallet in an async OTC deal. The buyer will have to trust that you won’t move the money after they register the address and before they move it.
To not share how you secure anonymity is to rely on security by obscurity. Now I think it’s better to lay out the playbook using Kerchkoff’s principle so k will become far larger than 150. Remember… to improve anonymity, at some point you have to publish your private keys. And where better than Hacker News?
The playbook is yours. Improve it!
Step 1: try to break it. Post how you’d defeat the anonymization scheme. The threat model is that you’re all state level actors combined. I’d love to see what you come up with.
Awesome writeup thanks. That said, anonymity might literally be binary as you point out so eloquently, but the point of the article is that most people only need to think about it as a spectrum and be somewhere on it to be safe. Most people aren't running OmegaBay and need 14 burners handy and always be on the move. Boy would that be tough on one's social life. That said, a little bit of care and attention to the everyday shit we leave out there is a good idea. Bad actors will likely go to the lowest hanging fruit.
> 3. Pay and get paid in cryptocurrency. Have smart contracts send you the money (think Richard Heart’s Hex origin address, but actually anonymous).
My first question about this plan is "what are you getting paid for and how do you advertise your services"? You need to never meet the people paying you in person, and ideally you are selling some purely digital good. So, something like underground illegal programming or hacking or such? Is there anything else that would work?
No, you don’t do work for money. You start an open source project and get many people to run your software. You meanwhile generate as many early rewards as you can (you can even do it under multiple accounts) and when the ecosystem is up and running, you’ll be the mysterious founder, generating millions (or billions) in passive income.
Sounds familiar? It should…
Simply never move money using your first few accounts, and whoever early people you pay, have them stake your currency for a long time, and borrow against it on decentralized lending marketplaces, to avoid spooking people that the mysterious founder has moved their money.
Buy on Craigslist. Go to a store. Or, as mentioned previously, pay a homeless guy to go into the store and buy it.
It’s a modular system. The key is Kerchkoff’s principle — I can describe it to you all day long, but as long as I don’t reveal each identity from the other, you all won’t know what projects I am doing, even if they earned $97 million already.
>> If you're in e.g. Brazil, haha, yeah, good luck spending bitcoin or any other crypto and going unnoticed
South America is the greatest tumbler of all. I spent years in Argentina under the currency restrictions and paid my rent in Bitcoin, bought USD and pesos at black market rates in Bitcoin, all with people I met on localbitcoins and never using an exchange. I don't know about Brazil, but there is a huge market for peer to peer BTC in AR and UY, and you can just trade an envelope of cash over the table at a Starbucks in Buenos Aires for anywhere up to $10K USD.
In the USA I would be scared of being on camera, but I really doubt you would have that problem if you meet someone in a bar or on the beach in Brazil.
[edit] Just to explain this comment for people who think of BTC as something that you have to buy or sell on an exchange where you're allowing the endpoints to be tracked; the original reason for cryptocurrency was that you don't have to show your passport or link it to a bank account. That still obtains in lots of places in the world where people will happily give you their shitty paper money for bitcoin, and you can use the paper to pay your rent. Don't buy BTC on an exchange, and don't sell it on an exchange. Buy it from someone in person in a phone-to-phone transfer, or win it in a poker game. Keep it in a private wallet, not an exchange. Sell it P2P in person when you want to. You don't need to use an exchange at all.
For example, you buy a burner phone, but the place you bought it from, even if a second hand shop, had a security camera. Maybe they also record IMEI's before selling phones.
Or you carry your burner phone together with your real phone. Or alternatively, you leave one at home when using the other. Both of these things can be linked by a sufficiently determined actor (FBI/NSA level).
Or they track you to using a public square WiFi one day. Again, cameras are everywhere.
If they got your real name, no matter how, it's game over. You will be surveilled and they will find proof to link you. This is why all those posts "if only DPR used this kind of encryption or dead-men-switch" are ridiculous. Once they knew his real name it was just a matter of time and building a case.
You should just assume a "real phone" is rooted by the FBI and functions to track your movements 24/7, accurate to the meter, is capable of remotely enabling mic/camera and all sensors, including WiFi, accelerometer, GPS, etc. Because even if it isn't, the software on it already (system software, apps, everything) already does a massive amount of snooping, distilling, and uploading. The feds "enabling" targeted surveillance on your phone will not look materially different from what it already does which has been purposely obfuscated to be undetectable.
The surveillance state is already here. The dragnet is on for everyone, and if they miss anything it's because it's hidden in the noise, not that the signal isn't being sent.
I'd argue that real anonymity requires disconnection from digital networks in this age.
I.e. cash, rural, paper letters for last mile
The internet is by definition centralized and the government has privileged access, from a surveillance perspective. Luckily, the number of people who really need this level of anonymity (i.e. I am wanted by every world government as a top priority) is pretty low.
Going analog is really more of an obscurity play than an anonymity one. In which case, you can go online and simply aim to be obscure, to never raise alarms, position oneself as a predatory target, or announce oneself as a threat. Explicit, true thoughts get pushed out to alt accounts, private diaries and the like. You may even allow some degree of linkage to take place, a "if you worked that hard to get here, you know exactly what you were doing" signal. I've done that for years.
I think this is the only way to feel truly at ease with the state of things, really. Keeping a whole self in public or in private is asking a bit much.
The way I look at it is a matter of attack surface and attack distance. Digital vastly increases both.
You have layers and layers of technology in even the simplest modern computers, and core network infrastructure subject to tapping or worse.
And much of this that can be done from anywhere on the planet.
Analog requires physical proximity, a strength and a serious inconvenience. But it also has the property of being legacy, in that you are now immune to state of the art digital methods, and susceptible to older ones that may be out of institutional memory and practice.
Charles Stross has a book series about a family of people that can step between different timelines of alternate Earth's that explores this a little.
**SPOILERS** Once the US that's basically our world discovers the existence of "world walkers" when they nuke the Whitehouse, it quickly steps into an authoritarian surveillance hellstate capable of realtime surveiling the population around the country to the point where they can track people entering their timeline because they were on camera exiting a building they were never recorded entering, or were flagged buying a plane/bus ticket from a city they shouldn't have been in according to previous records, or in one case for leaving a coffee shop with a noticeably empty backpack when she'd entered the shop with it completely full, having passed the contents to a world walker she was meeting. That irregularity automatically flagged everyone entering/leaving that building for review in their system and they backtracked all of these people through their paths that day until finding the gap where he'd stepped through to their world. That all happened in a matter of minutes and then quickly homed in on him.
Anyhow,it goes into detail about the lengths they go to to avoid detection by these systems and honestly didn't strike me at as all farfetched. The technology and capacity exists and it's a concentrated effort on part of the government is all it would take to implement it.
That's why step 0 if you plan on stepping on the U.S. governments toes is:
Move to a country with no extradition treaty with the U.S. and be prepared to spend the rest of your life only traveling between such countries. Make sure to also account for edge cases like countries without an extradition treaty that still enforce it (i.e. Maldives) and countries WITH an extradition treaty that do not enforce it (like Venezuela).
I would say that if you're caught and ... somehow manage to delete all the evidence linking you ( you have device explosives or, idk, 2048 bit encryption ), you may be able to escape, but come on, who are we kidding: the FBI has like a 99.96% conviction rate and that's without even going to into the "parallel construction" or other conspiratorial lines of attack.
I don't know if it's 99.96%, but the FBI is well-known for making sure everything is absolutely airtight before making an arrest. Once they make an arrest, you can be sure they have more than enough evidence to convict and then some. When people do avoid a conviction, it's usually by testifying against others in exchange for immunity or leniency.
It's very odd to list all these (pretty theoretical!) things when, in practice, everyone gets owned by much more basic operational security concerns (except for the last "social engineering" one, where moving to a different communication network is a super common way for law enforcement to close the loop on an investigation).
Like "being super careful isn't enough" _might be true_, but if you did everything on this list and get caught anyways, you are in a super minority of people getting caught.
The example in the article (a hotmail-based email address being used). Everyone sees this and immediately goes "OK the feds can get this info". If such a basic opsec failure was happening, how is it that this person was still able to get as far as they did building up their website?
Being worried about the feds finding you from speech analysis of your posts online seems a bit silly when it's always _not_ that and much more just "finding the one simple thing you did wrong".
Scamming is BOOMING. We are talking entire developing countries getting onboard. The noise ratio is very high on all these services. There are hundreds of "alphabays" running RIGHT now with millions of people using them, right now. This isnt 2013, those big take-downs of high profile sites did nothing but diversify, fracture the community.
Sure, if u piss off the wrong agent and they spend a few years on the case you may get busted. But the vast majority?
Why is this comment the top comment when it's a bunch of conjectures, scare mongering tactics and half-truths at best? Sure if you're on tor and no one else around you is then you stand out, so what? Now there is a faint signal that there is something suspicious going on. To assume one could with sufficient accuracy narrow down a target based on a weak signal like that to see what they're up to is like assuming we're going to general AI any day now because obviously imageNet is so good. Let's not allow the creation of an echo chamber to add confusion to the great work people at the Tor project are doing and to instill even more fear in those who may want to dissent against authoritarian forces.
I’ll start out by saying I agree with you on Tor being a layer in a “defense in depth” strategy but to imply my response to this is fearmongering is quite premature. Feel free to give a point by point rebuttal for the community. I have given quite a bit of thought to how to stay anonymous even though I use my real name and identity here, and have no real issues with government.
Tor is the definition of deceptively simple, and there are a lot of impressionable people who read articles like this on the web when they’re first starting out who could easily be lulled into a false sense of security and then start transacting on the darknet and think they can’t be touched. OGs on HN know better and remember the threads where tptacek and cperciva would routinely dismantle this notion of tor or VPN anonymity/security.
I'm about to publish an update to it that uses a toolbar popup to fill out forms instead of the current lag approach, which will also protect against keyboard layout leaks[1] (which Tor browser/privacy.resistFingerprinting protects against anyway)
> Don't use mixers and tumblers, use Monero and/or Monero atomic swaps.
Monero doesn’t make your transactions anonymous, it makes them ambiguous. your wallet might default to using an n=6 ring signature, meaning it picks 5 random addresses with balances and creates a transaction that could have plausibly originated from any of those 5 or your own. so you get plausible deniability, but also if your threat actor can unmask the other 5 addresses (which might not be so hard if those accounts are regularly interacting with exchanges) then you’re done.
zcash gets you actual transaction-level anonymity, not just ambiguity. fewer places accept it, but in theory you can still break the link by obtaining zcash and then exchanging it for the currency of your choice on any exchange that doesn’t ask for PII (e.g. a DEX)
> if you're using VPN traffic but most people "around" you aren't, you're a suspicious node
Yes, working from home is very suspicious. :P
(That said, the VPN companies that work in the B2C segment for those who can't set up their own VPN server is small and they're all well-known to the government.)
Are there reported incidents where somebody was caught with such sophisticated techniques? It seems like every time I read about how the FBI caught some big darknet criminal it was pretty much always some trivial mistake on the criminal's side.
But that is just it - you can use all the sophisticated techniques but there are 10000 ways to make a fatal error, and that number increases with every action. So even if you are 99.99% rock solid in your technique, it is a certainty that you will get caught with that one 'dumb' mistake. It only looks dumb in hindsight, but it was inevitable.
Getting to 99.99999% reliability is very difficult for one person, it usually takes a highly diligent team with very well-sorted processes.
VPN providers can also be compelled to share all logs, even if they say they don’t log your info or activity, there are court cases that prove there are weaknesses in VPN providers, whether it was the method of payment you signed up with or if they logged your meta data on sign up, location services and telemetry from a mobile app backend etc.
Privacy is never a guaranteed thing when you introduce ubiquitous computing to the mix, even things outside of computers can profile you like being captured in CCTV around the time when your signals are picked up from a computer/smartphone phoning home or unusual internet activity, like the scene out of Mr. Robot.
Having to be right “every time” is why it’s insane we still rely on things like SSNs and phone numbers that are difficult to replace but highly valuable and damaging if leaked.
We need to be exchanging personal data only in forms that become worthless and unidentifying in a short period of time, requiring secure refreshes to maintain.
It’s a bit like Schneier’s Law. You can put in place protections that you personally cannot workaround, but that doesn’t mean someone with sufficient means and motivation would also be blocked.
Or you can just be a known drug lord, launder billions of USD through a respected international bank, no one goes to jail, small fine, and they're probably still laundering 10 years later and no one cares. No one is anonymous. They're probably all using SMS and corporate email.
Sell a little bit of drugs through the silk road and you'll get royally f-ed! Sell all the opioids in the world through a public pharma corp and you can keep enjoying your jet-set life and yacht.
The allegedly smartest people in the world are focusing on the dumbest problems while being reamed by the frat-boys that went to Wall Street and Politics, guns and drugs. LULZ.
“The pretext of protecting financial privacy is merely a fig leaf covering the shameful role of Swiss banks as collaborators of tax evaders.”
And it's more than tax evasion, "include a human trafficker in the Philippines, a Hong Kong stock exchange boss jailed for bribery, a billionaire who ordered the murder of his Lebanese pop star girlfriend and executives who looted Venezuela’s state oil company, as well as corrupt politicians from Egypt to Ukraine".
My point being, this went on for a long time before they got "busted" and the bank people knew who they were dealing with.
They didn't have to use crypto or tor or whatever to stay anonymous. They just used cash, everyone knew each other. They probably had dinners with coke and champagne. And when they did get "busted", somehow no one goes to prison, there's a small fine (relatively speaking), and everyone walks.
My guess is they're all still in business doing the same thing. The bankers, the regulators, the cartel people...
I've never seen any evidence that that's how it went. All the reporting is long on rhetoric and short on evidence; the only things that actually, provably happened is that HSBC used their judgement in a way that the law said they were supposed to use their judgement, and did not automatically assume the most suspicious possible interpretation of payment flow that was happening.
Having worked in banks, you absolutely don't need to assume moustache-twirling villains to explain what happened; ordinary people doing the best they could to help out small businesses and families doing remittances would have had exactly the same outcome. Having spent a couple of months getting access to my own savings after moving overseas, the AML rules are plenty rigid enough already. Bankers are never going to be 100% perfect judges of whether someone is selling drugs and we shouldn't expect them to be.
>Since 2009, the investigation has resulted in the arrest, extradition, and conviction of numerous individuals illegally using HSBC Mexico accounts in furtherance of BMPE activity.
Sure, big pharma over does it sometimes but remember that people truly need these drugs sometimes and they are prescribed by well intentioned doctors.
I don't think you can compare a legitimate business publishing public accounting figures, operating within the law, subject to policy by elected officials with the illicit drug trade who's supply chains operate in the dark. These supply chains are probably responsible for thousands of deaths, human trafficking, and unfathomable suffering whose actors you have no possible way of mitigating their actions.
I grow weary of hearing this recurring argument that the relatively minor side effects of a free market being compared to pure evil.
Re. big pharma, imagine how weary the roughly 400k families of people who dies feel.
"Three major drug distributors and the pharmaceutical giant Johnson & Johnson have agreed to a $26 billion settlement with states to resolve thousands of lawsuits over the country's opioid crisis, officials announced Wednesday."
None of these executives were anonymous or ever had to be. They made a ton of money doing bad things, they'll keep most of the money and they'll never go to prison.
They way you deal with this is, obviously in my mind, through the rule of law and a robust functioning society that regulates commerce. Not wild-west free market.
In that vein you have to also prosecute alcohol distilleries, tobacco companies, fast food companies, casinos, lotto companies, ice cream makers, and any other company that makes something that people struggle to control their own consumption. And we do, that's why we have government. At least you have a recourse when these companies operate within the law.
There are some important differences. Alcohol distilleries didn't label/market their products as beneficial ailments intended to cure diseases. Pharmaceutical companies should be bound, at least morally, by the same hippocratic oath that govern the medical profession. Clearly they are not.
Good Lord, we'll have to sacrifice Google, Facebook and Microsoft (and probably the two As) to the Gods, I'm fairly sure Facebook is certainly worse than fast food companies.
It's good advice. The problem with anonymity in an environment of ubiquitous surveillance is that it's paradoxical. The point of anonymity is achieving freedom, but staying anonymous expends energy and makes you a target, so you can't actually do any things that anonymity was supposed to get you.
If what you really want is sovereignty, which is what most people confuse anonymity with, the goal is to be like what Ernst Jünger called the anarch (in contrast to the anarchist), which is someone who complies and renders herself indifferent to authority, rather than standing out and drawing attention.
A much better practice is to be as open as possible about the boring stuff, so you're not constrained and can do what everyone else does. Trying to be absolutist about anonymity is automatically like wearing a straitjacket.
One thing I noticed out of many of the list items given in the post here:
> Only use Tor
> Always use a VPN
> Never use Google -- only DuckDuckGo
> Disable JavaScript on your browser
> Watch all incoming and outgoing network calls regularly and scan for abnormalities
> Encrypt your laptop and any external drives
> End-to-end encrypted communication only
> Don't use Gmail -- use ProtonMail
> Never pay with cards. Use cryptocurrencies.
> Turn off all location services from your laptop and phone
Is that these can actually be solved with technology in a way that these are thedefault and popular behavior (as TLS 1.3 is in HTTPS).
So it's important that we realize that these technologies (or something like them) are important anddesired by everyone, but just need a bit of development to work. Https and signal are great examples. Many of my parents and grandparents are on signal now, because it's better than most other apps (whatscrap, Facebook msg, imsg, etc). Is the Loki network and Session better? Sure. Of course. But grandparents aren't using it yet because not everyone they know is on it yet like signal, just the tech knowledgeable, or many of their grandchildren.
But ultimately, None of this should require any effort whatsoever.
The rest of the points about concealing your name or not is more obviously a choice by the user, as they have to provide it knowingly - so it's less of an issue because they're more likely aware of their choice.
> Don't buy domain names
I'm not sure I understand this one - anyone have an explanation?
> Don't buy domain names I'm not sure I understand this one - anyone have an explanation?
When you buy a domain name, you are supposed to supply accurate ownership information. If you do not, the registry can yank your domain when they discover that. Most registrars obfuscate/hide the information in their whois service, but they still need to have it to comply with the rules of the registry. That information can be subpoenaed.
The purchase/renewal transaction(s) also leave a trail that can be followed.
> Don't buy domain names I'm not sure I understand this one - anyone have an explanation?
Even if you put bogus contact info (this is not a problem, honestly) you still need to pay for it somehow. If you would use your own CC for this then... Bonus/prepaid/gift cards are usually not accepted (too much fraud), so the best solution would be to actually steal someone's CC data and hope they wouldn't notice 10 bucks.
Once a year "John Doe" receives the e-mail with WHOIS info and a question if that info is still valid:
> We are required by ICANN to send you the whois information for these domains once a year. If the information is correct, no action is needed. Otherwise please visit our website and update your whois information
That's all.
Just don't use GoDaddy or some other shit registrar what can yank everything from you just because they are a stupid behemoth without humans in support.
Or do you think registrar has nothing to do all day and casually stalks it's customers? Sends their info to FBI to check? HOW?
Your adversary disputes the ownership of example.com claiming they're the real John Doe, but the victim of a crazy stalker-hacker who hacked their e-mail and forced them to change address and phone number.
The registrar looks at the details they have on record. The adversary can't prove any of the details - but neither can you.
> If what you really want is sovereignty, which is what most people confuse anonymity with, the goal is to be like what Ernst Jünger called the anarch (in contrast to the anarchist), which is someone who complies and renders herself indifferent to authority, rather than standing out and drawing attention.
This works right up until the thing you want to do - or the person you find yourself to be - is something authority is not indifferent to.
The article touches on a good point: one mistake and you're out. It doesn't even have to be your mistake - you didn't choose to put your SSN out there after all, yet here we are.
This gave me a radical company idea, on the other end of the spectrum: spam as a service. Something that'll take your name, email, and other things and put it all over the internet in questionable and plausibly denial ways. That way, even when someone is trying to find things out about you, it'll be hard to find, and easy to deny. (I'm kidding of course).
This is the crucial piece. It doesn't matter how careful you are; everyone who knows you has to be careful too. I have a... well, I hesitate to use the word stalker, because that makes them sound more motivated than they really are. But someone on that spectrum, anyway. After a few years of being harassed I managed to elude them. Then they found me again. You know how? They pieced together two pieces of information posted publicly by other people. That's all it took.
"Something that'll take your name, email, and other things and put it all over the internet in questionable and plausibly denial ways."
What if instead of spamming the correct information out, spam slightly incorrect information out.
Correct address, incorrect middle initial, wrong birth month, and a machine generated SSN would be from the right time period, area number, but with an incorrect group and serial number.
IMO by ¾ it had gone south; the best bit was around (or just before?) the middle, the youngsters driving through rural Facebook Country. The end was too much silly in-game mechanics for my tastes. Bit of a surprise, really; the rest of his works have held up all the way through for me.
McAfee would likely still be around if he hadn't made such a blatant point of publicly thumbing his nose at the US Tax authorities. While it's possible that he was already under investigation and just decided to make a spectacle of it, one thing you do NOT want to do is piss off the bureaucrats. They'll then have literally nothing better to do than track you down, and the largest network in the world to do it, and that network has insane inertia - once they're hunting for you, it just keeps going, they don't get bored.
Example A: Apparent Nazi sympathizers planted inside the Canadian protests- some people thought they were provocateurs, others assumed they were legit and cast a negative light on the protests overall
Example B: Hunter Biden's laptop (before it was acknowledged to be real). Saying he was a target for disinformation campaigns mostly worked
Kidding aside, this is exactly how it will go down. Politician in a scrape of financial corruption or etc.? Deepfake s*x video or other viral blatant misinformation & obfuscation; what's the risk? Upside, no one knows what to believe. Exactly what various "countries" are doing. It will be extreme; to the point where, don't believe half of what you actually see.
It should be noted that this is a pretty bad end state. Reporting is already an extremely weak force for preventing corruption on the part of the powerful. Journalists entering a state of total uselessness is only going to make the problem bigger.
In a realm of total bullshit the winners are the one who are best at lying. "I don't know what to believe and everyone involved is probably corrupt" is usually just an excuse to disengage and follow base instincts.
> It should be noted that this is a pretty bad end state
I agree. The parent poster didn't ask what's the downside, and I think it's this: when no one knows what to believe and starts to distrust most things, society may start to fall apart, as society relies on us trusting each other.
So while I think disinformation is one of the best privacy strategies (not so different from differential privacy efforts by Google and others, suggested by the OP but without the term name), I think the more we lie to hide, the more we spin others and ourselves in circles.
I really like Sam Lessin's essay on this at The Information, where he talks about how, with the nature of the internet being so easy to share info, we have to start spreading disinfo to even close colleagues, so far as even lying to ourselves.
I think this paradox is one of the most challenging paradoxes of our time: the internet makes it so easy for us to open up and share and yet it makes it so hard for us to not open up and share.
>> "I don't know what to believe and everyone involved is probably corrupt" is usually just an excuse to disengage and follow base instincts.
It is ALSO the primary goal of dezinformatsia and "flood the zone with bullshit" (promoted by e.g., Steve Bannon) techniques. While some will believe even the most stupid conspiracy theories put out there, many more will just conclude that finding the real truth is impossible/impractical and just disengage. This is a deadly threat to democracy and a key tool to anyone who wants to destroy a society or own it as an autocrat.
> In a realm of total bullshit the winners are the one who are best at lying. "I don't know what to believe and everyone involved is probably corrupt" is usually just an excuse to disengage and follow base instincts.
Yeah, that's how you win referenda and presidential elections nowadays.
Personas like someone who posts content during 08:34:40 - 09:23:23 except 08:43:30-08:55:23, never seems to be active during 22:00 - 06:00, can be narrowed down to something like a person commuting via bus route A from stop B to C changing to a train route from C to D through passageway E in the station.
From there you can look for a man looking down at a phone, or couple information with other factors, or throw in a bait like a giant stinking dead fish or a rare and loud car in front of him and watch for responses he'd make. IMSI catchers and Bluetooth scanners can be useful as well if your adversaries are resourceful. Time and location of transmissions and time of receptions can be correlated, in theory.
This type of attacks can't be mitigated on fast-paced social media at all; both posts and requests has to be queued and obfuscated for time.
That's a bultin feature of messaging systems like I2P-bote (running on I2P darknet). It's been a while since experimenting with Bitmessage but I think they queue/batch messages as well. But for forum like software that's definitely true, can't easily have variable delayed posting.
Another aspect that's important and often ignored, is writing style anonymization. You practically want an offline tool, that removes idiosyncrasies from the text you write and makes it sound as bland as possible.
edit:
A related story. Around 2010-2012 I was working for a company, and I was part of a somewhat managerial group. At one point we decided to pull in direct employee feedback in an anonymous free-text form. Due to their writing style being reflective on the way they spoke, it was possible to point exactly who wrote what message. Of course, few exceptions existed, I didn't personally know all the employees in the company.
The conclusion is a weird one, given the premise. The crux of the argument is basically true. Its an all or nothing proposition.
Or you can lead a double life. One for your public persona, where you don't care at all about security, and your real persona, where you do. This has been my approach on the internet since basically it started and handles were a common thing.
> The crux of the argument is basically true. Its an all or nothing proposition.
No, it's not.
Every online account (that doesn't involve money or legal paperwork) can have its own name. Then you can decide whether to have _some_ accounts ultimately link back to your legal name, or all accounts, or none.
> Or you can lead a double life. ... This has been my approach on the internet since basically it started and handles were a common thing.
That's exactly what I'm doing, and neither of us are living in the Brazilian rainforest, so anonymity really is a spectrum.
> Then you can decide whether to have _some_ accounts ultimately link back to your legal name,
No, you don't. Someone else could, if there is one with high enough affection to you. I think you'll have to think of bulk ingestion and on-prem processing to be sure your activities won't trace back to you.
I don’t think it’s all or nothing. Look at anonymous public personas like Banksy or Dril. People have tracked them down, and you can look up who they are if you try.
But for the most part these people are anonymous, and get to enjoy some of the benefits of that.
Which is kind of the point. You can choose where you stand on a spectrum of how hard it is to identify you. It's a tradeoff between how much effort you make and how hard you want to make it for others.
I don't care about being anon, but I don't want all my info sitting in databases, so I've made done the following and trying to evolve over time and fix gaps that I currently have. This is things I've done...
* Use Brave browser with ublock origins and privacy badger
* Use pihole + unbound to resolve my own DNS and do not use google
* Run wireguard on my home network that I connect to when I'm out and need to use wifi
* Be anti-google as much as possible. I'm still in the process of this, i'll switch my domain based email off of google soon
* Be anti-facebook and delete all accounts (whatsapp and insta included)
* Be anti-reddit
* Be anti-cloud and host everything internally as much as possible (except for encrypted backups, say for video cam footage)
* All of my home automation is local and blocked from the internet. If I want access, I'll connect to my VPN.
* Use signal with disappearing chats to communicate with my friends.
Brave is amazing for encouraging wide-spread use of privacy tools. It's so easy to get my family and friends to use, and does a lot to improve security, privacy and quality of life, even for the absolutely not tech-inclined.
Many people hate the browser for mistaken reasons (some bugs/other normal behaviors have been exaggerated and the mistaken stories don't die), are suspicious about the crypto in general (fair) or don't like Eich (fair).
Interesting. Please let me know if you have a better alternative. Ideally I'd like to just run chromium but then I have to build it myself or use some build by some untrusted person so I've decided I'll trust Brave for now...
Aside from Tor Browser, Firefox with arkenfox/user.js is ideal for privacy [1].
Chromium-based browsers like Brave are ideal for security [2].
An ideal solution for privacy and security would be running Firefox+user.js in Qubes OS [3], or for even more anonymity, Tor Browser in Qubes-Whonix [4]. However, even this isn't bulletproof, and a 3 letter agency can still determine who you are with techniques like keystroke deanonymization [5] or other techniques [6] like traffic analysis. Tor is also not reliable for anonymity because the project is kind of a shitshow [7], so there's really nothing you can do to truly hide.
Degoogling was fun. I dreaded changing my email address, but it was only a couple of hours of low intensity work, to change the email in the 50+ services I was registered to, including things like utilities. /e/ also works on my phone like a charm. Not suprising though, because I bought that model exactly for that reason. And discovering other online services was also cool, it's how I happened upon ONLYOFFICE, which I use ever since, even on desktop. For some reason, I never even heard about them before.
You know what's a challenge? Finding a good robot vacuum without the cloud connectivity stuff. After all this degoogling I'm not keen on the idea of syncing the plans of my house to whichever cloud service.
Maybe Eric S. Raymond's advice from 21 years ago is no longer true in today's internet:
> Concealing your identity behind a handle is a juvenile and silly behavior characteristic of crackers, warez d00dz, and other lower life forms. Hackers don't do this; they're proud of what they do and want it associated with their real names. So if you have a handle, drop it. In the hacker culture it will only mark you as a loser.
In the late 90s I remember being advised to always use an anonymous handle by my older privacy and security conscious friends. I don't think that Raymond's advice was widely accepted.
Practices had long varied across the spectrum. You can find plenty of examples of people who used real names, or variants of them, or pseudonyms or handles, going back to the earliest days of the Net.
ESR has long injected his own personal biases as established fact. The consistent fact noted here is that specific error, not the claims made through them.
That said, it was the gradual intrusion of ever-more insistent exhortations to use real names, and the rise of surveillance services which convinced me that the practice of using given names was no longer advisable. I'd date this to well before Facebook and Google+, notably with the rise of information brokers in the early 2000s. By the time Google+ rolled out as an "identity service", I pretty much declared last straw and ceased virtually all my own real-name interactions. Call that circa 2011, or over a decade ago.
I'd already been curtailing any such use for about a decade.
We're on Hacker News. I think we understand what he means by the term. Even if you're not doing anything remotely illegal or harmful it's still not a good idea to be overly open about who you are on the internet.
In a tribe of people who tend to do illegal things, or are perceived that way, especially by those employed by three letter acronym agencies, I don't want to be among the few who are using their real name.
I mix @realname and @pseudonym accounts. I'm generally pretty careful about what I post under my real name and less so under an alias.
However, over time I drop enough clues that people could figure my real identity with a little work. That leaves me with the worst of both worlds. It seems safest to assume that your identity is always tied to everything you do online.
I think with ML getting smarter and people posting (either with their identity or anonymously) more and more content, it will be trivial to crossmatch anonymously posted content to real identities by ML examining "styles" of text: from punctuation to sentence structure to vocabulary use, and it will have an accurate estimation of who that "anonymous" person is.
This would be pretty easy to counter by having a tool that would analyze any comment you post and strip all the identifying marks out of it; no punctuation other than periods, no complex or compound sentences, all words replaced by equivalents from the list of the most common thousand English words, all voices and tenses normalized, no paragraphs, no capitalization, etc.
There is another side of the coin though. If the "countering" software is smart enough to analyze the semantics and the meaning of the sentence (which I think will definitely have the ability to), it can easily convert it to an intermediate representation and create an actually gramatically correcy, good looking, easy to understand sentences.
It can even improve the original text, making it more clear and anonymous-style.
I do this and accept that the cost of finding my real identity would be fairly low. I think most people do something similar. I don't want my employer searching "I work at $EMPLOYER_NAME" and finding me, but I don't mind if people paying attention can figure it out. I wouldn't post my address directly for any bored person to cause trouble with, but I don't particularly worry about people knowing where I live. Etc.
"Ultimately, anonymity comes down to one thing: Control. You should educate yourself on data privacy and make sure that you know what data you're sharing and what is possibly out there."
And be OK that sometimes some people don't want to interact with anonymous randos... Credentials are not everything, but they are a filter on medias with large amounts of time-wasters...
I make sure that I can be found and attributed. I deleted my last anonymous account, a couple of years ago. In the Days of Yore, I was pretty much "Dick From the Internet." A real neckbeard troll.
There's a lot of reasons that I do it. The biggest, is that I want to be in control of my narrative. I learned from a couple of folks that are really good at curating their SEO results.
Also, these days (for a change), I'm pretty well-behaved. Doing it this way, helps to keep it that way.
Alex Cazes had bad op-sec. His #2, DeSnake, didn't, and is still alive and well and has restarted his marketplace and gives anonymous interviews to media outlets:
I think the point about most people not choosing anonymity at all is a bit misleading. It assumes that these people are making a reason, informed choice, and going ahead and living the way they do. I don't think that's the case.
Most "normal" people, and even many tech people, don't know what companies like Google and Facebook are capable of. If you showed someone exactly what information of theirs was collected, for how long, the predictions they could make with it,and god knows what else is being done with it, I think many people would change their behavior. But they don't know, and this is not an accident.
Most people do not even know what the business model of Facebook and Google are. If you ask, they'd probably say something like "oh they're an email company" or "they help me share photos of my grand kids" or god-forbid, they're "helping connect people connect". Both are surveillance-based, personal information-driven ad companies. That's it. No amount of Google X or Android or Gmail or Libra or FB Live or any other program will change what their business is. And they will never, ever admit to this.
Privacy is on a spectrum, but is also compounded by time and once the cats out the bag it can be impossible to turn back. In the example given of Alex Cazes he could change the from email but the damage was already done - there's no way to recall the emails already sent that led a trail back to him.
The article presents a spectrum, dismisses both extremes, and advocates that people aim for the middle. The problem is, you may think you are hanging out in the middle, but you probably have much less privacy than you think you do. Even if you are making the right choices for today, you can't trust that the future will keep things private (advances in ML, ubiquitous surveillance) and you don't know that futures isn't here yet.
Personally, I hang out at the fully open end of that spectrum. This has worked out pretty well for me; I don't think I've run into any downsides.
What do we want to achieve by protecting our online identity?
For me, escaping the pervasive tracking and profiling by FAANG is one goal. I'm sure that tracking me across the internet is a lot more difficult (not impossible) than tracking the average user. Hopefully it can't be done in an automated fashion. That way tracking me is hopefully just not worth doing just for a few advertising dollars.
This reminds me of a time I was having a yelling match with a guy on reddit and he started calling me names. I google searched his username and he had used it across multiple sites, several being porn sites, and he also posted his reddit user name on his Facebook and a Facebook search I found his real name and pictures of him. When I called him by his real name and linked a picture of him he immediately changed his tune. In the end he and I both laughed and thought it was funny and he was more curious how I found all those thing. I told him he used the same username across multiple sites including Facebook. He said he was a lot younger and didn’t think of those things when he originally did it. I removed any post where I used his name and tried not to dox him for others to see.
I would strongly advise anyone who really wants to be anonymous on the internet such as a freedom activist in a totalitarian country, not to follow the advice listed at the end of the article.
Or rather: these are very basic and very naive recommendations, certainly good first steps, but absolutely nowhere near enough to guarantee strong anonymity on the internet.
Remaining truly anonymous on the net is extremely hard, especially in these days where ML can be used to statistically narrow down and pinpoint who wrote a specific piece of text only based on things like use of punctuation, vocabulary, sentence structure and style.
>especially in these days where ML can be used to statistically narrow down and pinpoint who wrote a specific piece of text only based on things like use of punctuation, vocabulary, sentence structure and style.
I think you can fight ML with ML - for example, use GPT-like algorithms generate text for you. But then you must also be careful about when you post - I remember some of the Russian trolls were exposed because their bursts of activity coincided with 9am-6pm Moscow time. So you have to use a random number generator decide when to appear online if you want to hide your location. There's always something which can narrow down their search. One small mistake and you are busted. They don't even need to pinpoint you exactly, if it's narrowed down to 1000-10000 people who meet the criteria, they already win because they have the capacity to go through the list one by one and eventually find you.
Would the solution be a digital version of the old newspaper cutout ransom letter?
Generate via GPT-3 a text giving roughly the impression you want to make and then copy/paste sentences from online news media if you need the names of particular persons or events.
Would be rather crude though, but less tedious than literally cutting and pasting letters was.
I had a similar idea in a sibling post. But this only works if you basically have a secret alter ego which has nothing to do with your work/public persona, because otherwise they can match your favorite topics in those GPT-3 generated texts to your interests in real life, by factoring in also other little facts, like when you usually appear online, etc. It's probably enough to protect the average Joe but imho not enough to protect a targeted freedom activist, unless their activism is their alter ago and publicly they aren't known to be activists. Otherwise their every step is monitored in a typical dictatorship and it's not that hard for them to connect the dots who was the author of a certain message.
> I don't know about you, but I don't want to do all of that. [...] I don't recommend being on either extreme of this spectrum.
It's a list of extreme techniques for protecting ones' identity online. Of course, completely sanitizing your online presence is difficult, and probably unnecessary. I thought the two lists were a nice rhetorical framing - present a dilemma (total openness vs. total anonymity) and then wiggle out of it to a compromise.
The closed nature of MacOS and Windows means that you have no guarantees (and no audit mechanism) to determine how much the machine is passing your data back to HQ. As the post very clearly states, most people don't need to care - but someone with extreme paranoia has only one obvious choice here.
Your aggressive negativity is far less interesting than this blog, and serves no purpose whatsoever.
Of course they do.
On top of being OSS and easier to inspect and analyse, Linux is less likely to be a target, there is no online account connected to your system account
Living in the rainforest is an extra step to get outside of spying jurisdictions.
As long as something doesn't eat you.
holy cow!
I literally laughed out loud when i read the rainforest remark. Chill out dude, you're reading something called 'Thoughts' by some random dude on the internet lol
I agree that ProtonMail and GMail are not the same in terms of privacy protections. But, the article implies that the bulk of advice provided in the article is somehow a guarantee to anonymity. A reader may easily assume that ProtonMail doesn't log any IP addresses at all based on that misconception. ProtonMail even used to claim exactly that in their sales page until that incident I linked to.
In fact, the article is the anti-thesis of itself. Blanket anonymity advice is the worst anonymity advice.
I have been afraid of sharing my ideas, post history, etc. in a way that could be easily traced back to my identity for years. I made sure my accounts and usernames bore no personally identifiable tid-bits. I use a VPN religiously (that won't change).
I've since decided that I am done with all that.
I was afraid my employer might question my Reddit posting history (they wouldn't.) I was worried someone who Googled me would think my past self was dumb (who cares).
Now my ideas are almost all public and growing more so by the day. I am working up the energy to start a personal blog, if anything just to document my ideas over time. I am adding my real name and email to my Github, HN, (not Reddit, yet, though it would not be hard to connect), IH, etc.
I want someone to be able to Google me and find my best work.
On the other hand, there are clearly cases and types of info/accounts that should remain private. I self-host as much as possible. I encrypt personal files before uploading. I have multiple Protonmail accounts. I use custom DNS, etc.
Ideas should be public. Information is a case by case basis, but I generally care a lot less than I used to.
It is a matter of choosing what to disclose. I think most people in free countries can disclose a lot, if not most about themselves while withholding things like their sexuality or medical/mental challenges without withholding everything.
And reddit is a special case, even I am tempted to open that up.
<tinfoil>In the world of global governmental (often extra-legal) surveillance, aren't attempts to be anonymous likely to make you a person of interest?</tinfoil>
As an experiment, a few years ago I put my mobile phone number on my blog, and to date I've only received 2 anonmous messages on Signal but no calls besides recruiters.
The old adage "No one is thinking about you as much as they are thinking about themselves" is true.
While it's good to practice good security hygiene, be mindful of also being practical.
What you do online doesn't have to spill over to real life. Anonymity isn't just about committing crime, it's about not getting stalked over petty arguments online, be it by insane people, potential employers, or other scary things.
It's liberating to be able to silo your social interactions. We used to have this.
On personal anecdotes, I've used the same internet identity across all platforms and it's not hard to locate my real life identity from there...since like 20 years ago when I got on the internet. So all the good reputation and bad reputation followed me through, and surprised me in best and worst way.
There're times when I wished I had concealed myself saying certain things (or just haven't said it), and times when I felt the joy of recognition when people connected dots about me and became closer friend. Now as I'm getting old, it's just a habit, no longer about risks or rewards.
Yet, both younger me and older me will probably be very indecisive about doing this if they've never done it and are told about all the fortune/misfortune this has brought to me, including meeting my wife and thinking about suicides.
> On personal anecdotes, I've used the same internet identity across all platforms and it's not hard to locate my real life identity from there...since like 20 years ago when I got on the internet.
Me too.
> So all the good reputation and bad reputation followed me through, and surprised me in best and worst way.
Not so much for me, AFAIK. I think quite simply, pretty much nobody could be bothered to look for it.
> Sure, a "bad guy" could use that info and blackmail her
This is the place where I lost OP. How can anybody be blackmailed with publicly available info?
On the topic: I believe that the serious level of anonymity makes life extremely inconvenient and uncomfortable. Always using VPNs, keeping small hosts in different places as exit points, checking and rechecking everything when connecting to WiFi or roaming. Keeping separate hardware, for that matter.
I don't see how all this parafernalia justified. Identity stealing? Just use 2FA for your key service accounts. Don't reuse passwords, use a password manager - those are today's basics every schoolchild knows. Use debit card instead of credit and never keep it's balance above $100. Turn on 3D-security on all your cards. Don't get involved into drug dealing. Things like this.
> How can anybody be blackmailed with publicly available info?
By pointing out to people who haven't gone looking for that info, or who might have come across it but not connected it to you, that it is indeed about or by you.
> Make a developer account on Twilio and buy a number from them. Use this whenever a phone number is required online
Non-carrier numbers won't work for many services, and unless I'm mistaken, you are required to provide an address, recurring payment method, and a phone number for 2FA to sign up.
There’s been a push in recent years to teach the non-tech public that reusing passwords is bad, in part because if there is a leak in one service it’s easy to try the same somewhere else. Easy enough to relate to.
I wish the messaging would include email addresses as well. It’s easy for everyone to use different passwords nowadays with deep integrations everywhere. But generated email addresses still require a lot of extra steps for most users.
To change this has to first become a mainstream concern.
Today there is iCloud email forwarding.
But it’s still new and not as convenient to use outside of iOS.
Also I have no idea about the longevity of that service. Wouldn’t trust it as recovery mail for important accounts
Can anyone explain this? Assuming your data isn't in the WHOIS record, why does this increase your exposure more than any other company knowing your name?
A search shows up options for anonymous domain name services.
If you don't provide a real name when registering a domain, you lose the domain as soon as the registrar gets served with papers. This is an ICANN policy, you can't escape it.
All the registrars sell access to the real names behind their "privacy protection" service. They do not bother checking if the requester has a warrant or is even affiliated with law enforcement. They simply charge a fee (around $50 per request) to prevent bulk extraction, and possibly review the top 50-100 highest-volume requesters.
njalla is really the only way around this, but you have to trust them with legal ownership of your domain.
live offline. as long as you’re not completely socially incompetent you can be largely yourself in most situations, find people you jive with, and then be completely yourself with them. unless your threat level is “my phone’s recording everything in the room 24/7 and sending that to authorities”, you’re free to do all the illegal drugs you want with your friends, use the N-word, do all the other things which you thing you should be able to freely do but for some reason aren’t able to do comfortably in public.
if you must do things online that are best kept detached from your IRL/govt identity, setup a box running something like Tails that doesn’t accept any non-Tor traffic, and interact with it through a text-only interface (i.e. a shell, or links-like keyboard-driven web browser).
people sometimes discourage using obscure setups because they allow better fingerprinting but that’s not always as bad as it’s made out to be. primarily you want to break the link between your pseudonymous identity and your IRL identity. it doesn’t matter how fingerprintable your pseudonym is so long as the overlap between it and your IRL identity is small. and that’s the reason to prefer simpler interfaces like text-only: they prevent leaking things like cursor movements which might otherwise build a tie between those identities.
I don’t know if dating app users understand that it doesn’t take much information to find out who they really are. Sometimes all that’s needed is a first name, profession, or university is enough if one of the three is somewhat unique for the area. If you’re concerned about privacy on dating apps, you’re better off being really vague about basic aspects of your life, or trying a bar instead :)
If you are participating in discussion forums under pseudonym, you quite easily give quite many bits of personal information over time even if you try to be careful about it.
You give hints about your age, where you have lived, maybe about hobbies, education, work history, time when you are online. Each individual bit is not much, but when you combine few of these, they actually identify you exactly.
I miss the point of this discussion. Does the HN readership really include a substantial number of drug lords, cyber criminals, spies, informants or live under a regime where they fear for their lives from state actors? I'm not cheating on my taxes or my spouse. Are there really many people being paid in cybercash from a genuine need to avoid state or corporate interest?
I believe that truly anonymous can only be achieved in bursts, and not continuously maintained. For day to day existence, blending in with the common population is hiding in plain sight.
Really good. I’m always cautious of how I say things on Reddit as to not give too much away. I’m sure Reddit data scientists can build all sorts of models based in comments from users
I wonder if the author lives in a democracy or in a state which has rule of law. Because it strikes me that the solution space also includes many political, legislative, and judicial options such as, perhaps most obviously, the regulation of tech, or the effective policing of online abuse.
It requires 43 bits of defining information to identify a single entity online.
Those bits might be your name and date of birth.
Or they could be your home and work postal code (effective for better than 90% of the population, at least when commuting to work was a thing).
It could be your activity patterns, and what that says about your sleep/wake cycle, and possibly travel patterns.
EFF's Panopticlicck found enough distinctive information within Web browser characteristics to uniquely identify the vast majority of people submitting data to the project.
If you want to duck most casual observation ... then yes, standard precautions can be effective, though it's quite likely you'll slip and leak information at some point. Those clues can wait years, or decades, to be unraveled. Against law enforcement or state-level actors, you'll probably need to try considerably harder, though it's helpful to realise that what such entities have is typically far more data and the motivation to look through it for patterns and correlations, rather than superhuman cracking skills.
An area that's been of interest to me for some time has been the question of just how many investigations might be possible under various security or investigative services. My suspicion is that capabilities are constrained --- that is, there are fewer investigations than one might think --- but that the resources which can be brought to bear are considerable.
As an example, the US Federal Bureau of Investigation had a 2019 budget of $9.6 billion, with 13,412 special agents and 20,420 support professionals, as of 2009.
By news stories, the January 6, 2021 investigation has been the largest in the Bureau's history, with 350--400 arrests and 1,300--1,500 grand jury subpoenas.
I haven't seen data on how many investigations the FBI conducts annually, or how many cases are submitted for prosecution, but suspect it's on the order of thousands. The Bureau no longer seems to produce blunt gun-in-your-face reports typical of the Hoover era as with the 1969 annual report showing a chart of convictions by fiscal year (over 13,150 for 1969, here: https://archive.org/details/FBIAnnualReport1969/page/n5/mode...), though I suspect levels are at least roughly similar. That was an average of three arrests per agent, and the 1969 report states 2.8 million name searches were conducted that year, along with 2.6 million pieces of mail and 241,000 telephone and telegraph communications.
One of my forum's members had (has?) a stalker. We had a new user once who implied he was familiar with our community, but never specified. He was fairly active for about a year or so, but at some point he started to post rants about his family or something that was eerily familiar to the stalker's rants.
I looked up his e-mail address in his profile (I'm the admin). I punched it into google, which led to what looked like a public chat log. The e-mail address he used to register his account there was listed right next to his old username, which we recognized as the stalker's.
We banned his account and the stalked member had to contact their solicitor, again.
anyway tl;dr never post your e-mail address or a variant thereof publicly, especially if you're trying to be anonymous.
The title is misleading, clickbait. The article is in fact about why it probably isn't necessary to be anonymous and even then says nothing particularly important.
A title not precisely describing the premise and conclusion of the article is neither misleading nor clickbait. The article is about online anonymity. It could be "On being anonymous" or "To be anonymous"; "Be anonymous" is fine, too.
You can twist your way into thinking any very bad thing or practice isn’t so. We can extend your line of thinking to murder and rape— does that sound acceptable too?
No, this guy was much worse and more harmful than the norms of our society and those that propagate those norms.
- if you're using VPN traffic but most people "around" you aren't, you're a suspicious node; your ISP could easily flag you to your government. If you use wifi at a common point you're likely to be flagged and there isn't an easy way other than keeping on the move. But moving often is another anomalous event, and it's very difficult to do even for Drug Lords ( El Chapo ) or Terrorists that it behooves to do. This puts you in a sort of Zugzwang, to borrow a chess term.
- there's always leakage, for instance, in the way you talk with people in the real world. At some point you send enough communication for sophisticated frequency analysis.
- and there are other patterns of usage that could be used to identify you, like searches or even keyboard frequency on anonymized accounts can be de-anonymized by very specific markers ( ML works! ).
- off ramps for crypto aren't very good. If you're in e.g. Brazil, haha, yeah, good luck spending bitcoin or any other crypto and going unnoticed. Mixers and tumblers will eventually leak and you'll be caught.
- you're very vulnerable to social engineering by people you do business with. one slip where you stop communicating in a transactional mode of communication and that's a weak link in your armor.
In the end, the FBI only has to be right once, and you have to be right every time.