Thanks to your "freedom enhancement techniques" even (most likely) innocent citizens are by now considering using methods previously reserved for high level criminals.
Call it seeing the forest for the strawman; either way, there's enough of an argument to be made by sticking to the facts.
As he spoke I noticed, what had often struck me before in his conversations with my grandmother’s sisters, that whenever he spoke of serious matters, whenever he used an expression which seemed to imply a definite opinion upon some important subject, he would take care to isolate, to sterilise it by using a special intonation, mechanical and ironic, as though he had put the phrase or word between inverted commas, and was anxious to disclaim any personal responsibility for it; as who should say “the ’hierarchy,’ don’t you know, as silly people call it.
But seriously, "internet" is now a dialect of English, and putting things in "" marks as a substitute for tone is commonly accepted.
Adding fake 1984-esque names and grandiose claims ("turned almost a whole industry again you") makes you sound like a crazy conspiracy nut.
It also adds little to the conversation.
1) Work for a governmental agency that has a reason to give you one. [https://www.cia.gov/careers]
2) Enter a witness-protection program by testifying against murderous criminals
3) Buy one on the black market. This can be as simple as a barely-passable driver's licence for underage drinkers, or as sophisticated as a complete set of papers (birth cert, etc) forged by a master [http://www.ted.com/talks/sarah_kaminsky.html]
4) Steal (or trade) someone else's established identity
5) Create an identity for a child who died shortly after birth.
To do this last one you:
- Ask the birth registration office for a copy of the birth certificate
- Use that to get a national id number (like a SSN in the US or SIN in Canada)
- Use those to open a bank account
- Use those to get a credit card (probably a secured card meaning you have to keep a positive balance on the card)
- Buy a course at a driving school. Let them get everything ready to take the driving exam and as a bonus you get to use their car. They also add legitimacy by implicitly vouching for your identity
- Get a driver's licence
- Use everything you already acquired above to get a passport
(Good luck finding such a child though)
0) Pay off all of your debt
1) Go to a small town
2) Legally change your name
3) Regenerate all of your essential documents, with your new name
4) Move to a big city
5) Change your lifestyle entirely (use the internet only where necessary, use cash wherever possible, don't log back into facebook/hacker news, etc)
6) Don't give someone a reason to come looking for you (i.e. pay your taxes regularly, don't become a missing person, etc)
Your SSN is only going to really be used for a very specific set of instances - most frequently job related (and then protected by a number of laws).
There will always be a trail for someone to follow, but as long as you don't have someone with the resources of the government looking for you, the trail will be very hard to follow.
I think you vastly underestimate private, paid access to these databases. Lexis-Nexis comes to mind, for one.
Allow that to empower you and the truth will literally set you free. Truthfully, you are almost always free to lie. Find those boundaries and tiptoe without crossing them.
I imagine that even if you are able to take advantage of some of the other advice in this thread about gaining actual documents and whatnot, you are more likely to get caught if you aren't willing to stretch the truth or lie.
"Out on the edge you see all kinds of things you can't see from the center."
I really enjoy watching fox news or listening to rush limbaugh and I find that the longer I take it in, the more I learn how to hone this practical skill.
Sure, some may use nicknames or professional names because they're more marketable. But others use pseudonyms for privacy protection. They want to compartmentalize their own identity, and I consider that a perfectly valid purpose.
So during day to day business and life, you can call yourself whatever you want. Others can insist on identification if it's important to them, and that gets trickier.. but using a pen-name on a book or a hotel reservation is no different than using a fake name at starbucks while waiting for your coffee.
Forging documents is of course illegal, so that puts a crimp on things - but there is no particular reason that you are required to use your "real" name except when dealing with government documents (and things that rely on them)
The technically safest advice is "don't talk to the police": http://www.youtube.com/watch?v=6wXkI4t7nuc
So, she asked me to create a fake-id to use in such situations. We made a really low quality id - a laminated "state id" (not even a driver's license) from one of the more obscure states a thousand miles away from her residence. Completely ginned up, not even intended to look like the actual id from that state. The information on the ID was correct, except that her age was listed as ten years younger then she really is.
She's been happily using that fake-id in those circumstances where they are just being nosey and there isn't a legal requirement for an id. Being nosey means they feed that information into databases at companies like Blue Kai. The result is that she has a shadow identity in those systems that is exactly 10 years younger. If you look her up on a website like spokeo there are typically two entries - one for her true age and one of the fake-id age.
Anyway, the lesson I learned from all that is GIGO - these commercial profiling databases are no better than the quality of information that goes into them and the controls on that information are no better than a minimum wage clerk taking applications at Costco or the local gym franchaise.
If you intend to use a fake-id simply as a way to compartmentalize the pervasive tracking rather than commit fraud it does not take much. You don't need a birth certificate from a deceased child, or to bribe someone at the passport office. Just get yourself a fake-id like that available near most colleges and start using it - most of the people you show it too couldn't care less about its authenticity, even if they knew how to check they don't bother because it's not their job.
The one bit of tactical advice I have is to look up name frequencies and pick ethnically appropriate names that are very common. That will help to make your information blend in with all the other people with the same name.
In the US at least the FBI has a program in collaboration with every state DMV to perform facial recognition on drivers licenses applications. This has been used to catch people who tried to generate fake identities to escape sex-offender registration for instance. 
If your new identity is going to be vulnerable to someone posting your picture to facebook, it's not strong enough.
OR so I heard..
You can go to immense efforts to subscribe to 2600 magazine without the bank or the mailman or the FBI knowing who you really are. That's all very impressive in a way. But for the overall system, it turns out to be a heck of a lot easier, cheaper, safer, and just plain ole better to walk to the nearest B+N and buy an issue with cash.
This seems to come up over and over WRT identity. Changing how you use it is simpler than changing the identity itself.
I've heard some apartment rental companies are a pain, running all manner of checks and requiring all kinds of paperwork. Then again your average illegal unzoned HOA denied landlord simply wants cash for a "good tenant". And the guy who sleeps over at his friends apartment couch for cash as a roommate has no documentation at all.
Gearing up to use a grocery store loyalty card with a fake id for your fake checking account at the fake address with the fake loyalty card to save 15 cents on an apple takes a lot of work and risk and money, or ... you could just pay cash at the full price at the farmers market, probably cheaper than the supermarket anyway.
The outside the box thinking will help a lot more than a magical set of documents ever will. And I don't even have any use for this stuff, imagine what I could do if I put my mind to it.
Over time defaults change. It used to be for example, that having a some silly Facebook account was a new and interesting thing, now not having one is perhaps odd.
Buying a car in cash was strange perhaps, you know walking in with a duffel bag bag full of $50s might end up them calling someone to report you. (War on Drugs and/or War on Tax Evaders etc etc).
2600 is probably not going to keep being sold in B+N. B+N might stop existing soon as people stop buying books made from dead trees.
> And the guy who sleeps over at his friends apartment couch for cash as a roommate has no documentation at all.
But do you want someone like that sleeping on your couch? We have been brainwashed to think those that put privacy high on the list are up to something illegal. They are criminals perhaps...
As per your example, most people with no identity issues tend to walk into the car dealer and buy a car with a loan and the dealer runs a credit check on them before they even get to test drive (happened to me...). I agree, walking in with a duffel bag of cash is not going to work.
On the other hand, why not buy a "decent" project car for cash from a private citizen, then spend cash at car shops upgrading it to a quite nice hot rod?
Or the meta question of, why buy a car? If a decent fake ID is so expensive, and the cost of detection is so high, why not just pay a cabbie or live in NYC and not own a car?
The startup lesson here, if any, is optimize the big picture, then once that is done, work on optimizing the little picture stuff.
If the cost, both financial and risk, of having a car while remaining private is very high, then don't have a car.
On the other hand, as far as I know, fake profiles on facebook are no big deal, just put enough up not to be suspiciously empty. One important datapoint is I'm not operating under a fake ID, and I had a FB account years and years ago back when it was new and just opened to the public, it was a total waste of time, so after awhile I deleted it, and absolutely no one cares. Its right up there with being one of those guys who doesn't own a TV and tells everyone about it all the time. So a guy operating under a fake identity has at least one anecdote that at least one guy with a real identity found not having a FB account to be completely totally unimportant to modern living.
People who discuss living outside the identity system never seem to mention our explosively growing illegal population. This stuff has all been figured out, if you're willing to learn spanish and be friendly. If a hispanic looking dude can get away with calling himself an illegal, and everything turns out OK, then I can probably call myself a German illegal, or whatever. Germans have pretty good records and might cooperate with the locals... How about my becoming a south african illegal? That would probably work.
Stealing an identity is trivially easy. Society revolves around relationships of trust between organisations and individuals, and the trust runs amazingly deep. The basic information you need to do it is publicly available: date of birth, mother's maiden name (on the birth certificate and parents' marriage certificate respectively, copies available on request from the records office).
Carrying out the ID theft takes resources and balls. You'll need to be able to manufacture ID documents, or have access to someone who does. Nowadays you can buy them on one of the onion dark markets. Generally you want a driving license, as this is the easiest to forge form of ID that gets you complete access. Banks, governments, etc. will accept it.
Sadly, making driving licenses is not too hard - document security is pretty weak. You'll need to make yourself some ultra-high resolution scans, trace the entire design in illustrator, and then get hold of some printing equipment. You usually want to print on teslin (http://en.wikipedia.org/wiki/Teslin_(material)), and laminate with a high-quality laminator. UV seals can be easily replicated by hacking an epson printer to use modified cartridges with UV pigments injected into them. Holograms can also be replicated by dusting your laminate with interference pigments and reverse-printing in clear ink to fix the design. It can all be done on commodity hardware.
With a driving license and dob/mother's maiden name you can then access a huge amount of someone's sensitive information, and more importantly, control their relationships with organisations. I don't want this to be a tutorial, so I'll simply say that with several more pieces of information you can take out credit in someone's name, control their existing accounts (e.g. by adding yourself as a new cardholder), or start causing trouble in their name.
A final word of caution. While it's easy to get people's information from government records offices, it's even easier to get it from them personally. We used to call people and social engineer them into giving us their DOB, bank account numbers, secret words, etc. Don't be stupid with your information: never tell someone your data down the telephone unless you called them. Oh, and if you're thinking of committing identity fraud, think again. It's not hard to pull off, but you're not smart enough to do it without getting caught. Everyone gets caught in the end.
How would you know if they didn't?
There is nobody who likes to be woken by a dawn-raid!
Old-school hackers still like proper handles rather than random strings for usernames, even for one time posts.
The devil is in the details.
You need to assess the risk, taking into account the very low probability of having your identity stolen and the fairly low inconvenience, against the time and effort it takes to take protective measures. Don't live in fear of it.
That said, the single best way to protect yourself from random ID theft is to use a decent bank with good fraud protection. In the UK, Barclays and HSBC are very good, Natwest and Halifax are very bad. Citibank is a bad US one.
If someone steals your ID and drains your bank account it's going to be much harder and more time consuming to get your money back. If someone opens credit cards under your ID it will be easier to correct than losing your bank account but can still be very time consuming. Often people discover the issue when they're applying for new credit, such as a mortgage. Correcting your credit issues can take months to resolve. They could lose a house they're trying to buy if they don't get approved.
edit: nobody should be so unaware of their own credit record that they lose a house sale because of undiscovered fraud. Keeping on top of it is very cheap and as simple as registering on a website (UK example: https://www.creditexpert.co.uk)
and don't put your damn personal information on facebook!
You are now a harder target than most people.
I think that's the most important lesson learned from this tale.
The hard part, I imagine, is testing that's a good-enough fake. Standing in front of the passport agent or getting pulled over are probably the worst possible times to learn your print was an eighth of an inch off in the wrong place.
That said, most people will never hand them to a customs agent, and I had reports that mine were accepted as ID by police officers on several occasions. Maybe the forger is more sensitive to the differences than most.
Traditionally, the best way to do this has always been to establish a solid "breeder document". This is a document used to procure other documents and assure someone that the person is who they claim to be. Typically this was a birth certificate.
There were two general ways of doing this. One way was to apply for the birth certificate of someone already alive, but living in another state and unlikely to travel internationally (assuming you wanted a passport). However, this is less likely to be successful today given the widespread information available on everyone.
The other way was to acquire the birth certificate of someone who was deceased. In theory, you want someone who was born in one state and died in another to ensure that the birth certificate won't be stamped as "deceased".
One thing to be avoided is to scan news stories of people who died in well-publicized accidents: if others have applied for the birth certificate (having the same idea in mind) too many times, a certificate may get flagged as suspect and extra scrutiny be applied to requests for it.
Note that instructions for applying for birth certificates are rather lax: http://www.dshs.state.tx.us/vs/reqproc/certified_copy.shtm. Given today's software, it's trivial to fake a "photocopy" of an ID . You'd want the birth certificate sent to a mail drop (http://www.maildropsearch.com/) and have it forwarded on to another address for added security.
Once you have the birth certificate, you then start obtaining "supporting" documentation, such as library cards, or maybe register for a local community college and get a student ID (those are often easy to get and are readily accepted as valid ID).
Eventually you'll want to apply for a state-issued ID card. Some states have stricter requirements than others. There was a time when you could apply for one with a library card and your birth certificate, but those times seem to be long-gone. States will generally require a social security number, too.
Applying for the social security number was always the tricky bit. One source recommended altering your "photocopied" documents to show that you were under-age and then apply by mail (the Social Security card doesn't list your age, after all). If you are ready to retire, file to correct the "bookkeeping error" that incorrectly lists your age. I am suspicious of whether or not this would work.
As you can see, the process is essentially one of building momentum of starting with small, easy-to-acquire documents and working your way up the chain. It was a long, slow, laborious process and it used to be that acquiring an alternate identity wasn't necessarily illegal so long as you did not due so for purposes of fraud. Today, I believe it's illegal in all fifty state.
That being said, I wouldn't try this today (hell, I never would have tried it when it was still feasible). It's worth several penal slaps on the wrist.
I'm sure that a cunning person can take the plan above and work out how to acquire a new identity today, but I'd not recommend it.
Update: or if it's a passport you want, there are alternatives: http://www.overseas-exile.com/2013/07/buying-second-passport.... For example, http://www.diplomaticpassport.com/ is known to be a couple of shady guys who have contacts with various third-world government people in African nations who, for the right price (a couple of hundred thousand, last I heard), will get you a diplomatic passport from a dodgy country, but due to the movie "The Ambassador" outing them, they've laid low. The site used to have a somewhat larger presence on the net: http://web.archive.org/web/20070403230615/http://www.diploma...
I don't buy this. Sure you'll be able to buy a passport, but a diplomatic one - I doubt it. And if by some miracle you do pull it off then the country issuing the passport will be so dodgy that nobody recognizes it anyway.
Thus, while it might be hard to verify whether or not someone is in the index, there are many people who are not in said index. Consider: why does someone's death get reported to Social Security? So someone else can claims the death benefits. There wouldn't be much incentive to do that for a child.
That being said, the older you are, the harder it would be to explain why you never had an SSN, making this much harder to pull off today.
Update: That being said, it appears that the US switched to a national data collection system in the 1990s. It's the NVSS (National Vital Statistics System, http://www.cdc.gov/nchs/births.htm) which will track the births and deaths for you.
How would one even go about doing this? Sounds rather difficult to make a fake ID convincing.
Can anyone share some links on the subject?
Photocopies are low quality, often black and white. They bypass most, if not all, security features on physical ID documents, can be digitally altered, etc.
- State-issued driver's license
- State/city/county ID card
- Student ID
- Government employment badge or card
- Prison ID
- Military ID
So if you're creative about how to obtain other ID, surely you can be creative about how to obtain the above?
You'd have to avoid any SSN which exists in an illegal range and you'd want the first three numbers to be consistent with where you claim to have applied for the SSN (usually the state where you were born - fewer questions). See also: http://ssa-custhelp.ssa.gov/app/answers/detail/a_id/425/~/de... and http://www.usgennet.org/usa/ne/topic/resources/basic/ssn.htm...
Even spies today have problems with that; it's not enough to just put on fake moustache when you are easily identified by your fingerprints.
If you're talking online fake identity, way easier. Head over to some local place that has internet access - a coffee shop, etc. Sign up for a facebook account and a google account using a fake name. Well done, you're now a new person.
If you plan to use these fake identities to commit crimes, however, then I wouldn't recommend it. Once law enforcement has a warrant it becomes easy enough to head over to that cafe and tracking someone down is what cops do. But for privacy and posting stuff online? Works 100% as long as you keep your fake traffic completely separate.
Didn't create the hn identity via tor, but luckily after the one signup (not telling from where) I'm able to log in that way.
I guess the big question for a lot of people was "why?" and I bet no one will believe me when I say that this is an intellectual exercise for me, thus far. Sort of one way of getting at the deeper question of identity construction. Thus, the heath bunting reco was relevant.
The one piece of info that would really round this discussion out, though, is an examination of how the other side would attack a ginned-up id. Any insights, deep or googleweb would be appreciated.
From review of linked book:
".....Suppose you wish to send $25,000 from Vancouver, British Columbia, to a friend in Helsinki, Finland. You would hand $25,000 cash to a Vancouver money changer (Hawaladar) in Vancouver, and receive code words (or an agreed signal such as a secret handshake) and a contact address in Helsinki. No actual cash moves out of Canada. Instead, when your friend gives the code to the correspondent hawaladar in helsinki, he will receive the equivalent in euros (less a commission) from money that is already there. To review:
-There are no written documents. The exchanges are based on mutual trust (perhaps for that reason unpopular in the United States?).
-Only local currencies are used. Thus, if you are sending money from the UK to Mexico, you pay in pounds and the receiver in Mexico collects in pesos.
-This exchange cannot be traced because no money crosses a border.
Hawala (Arabic: meaning transfer), also known as hundi, is an informal value transfer system based on the performance and honour of a huge network of money brokers, which are primarily located in the Middle East, North Africa, the Horn of Africa, and the Indian subcontinent. It is basically a parallel or alternative remittance system that exists or operates outside of, or parallel to traditional banking or financial channels.
My question was what happens if, for example, people in Helsinki are always only recipients? The Finnish branch of the organisation is providing them with Euros, but if there are no Finnish senders of money (or more likely: the Finns as a group simply don't send as much as they receive) where do the Euros come from?
This would make it less popular in most of the developed world, with some exceptions, including (possibly) ones in the US. It's the difference between high- and low-context cultures, with the Arab world being generally more high-context than most of the US, with the exception of the South and Texas.
In addition, some subcultures are fairly low-context even if they exist in a generally high-context culture. A "Good Old Boy's Network" is going to be low-context regardless of where it is. https://en.wikipedia.org/wiki/Old_boy_network Exclusive? Yes. Exclusionary? Hell, yeah. Those are the costs of being able to do business on a handshake.
This has more context:
A friend of mine works for Child Protective Services and gets exposed to some very volatile and unstable people. He gets threats from cases he's assigned, but thankfully nothing too serious or pervasive. Now that he's got a kid on the way, he's a bit more concerned. The only thought I had was to create an alias, but I'm really not sure how someone would go about doing that.
That book might be a great start for him, but if anyone has recommendations, I'm ears.
* Start with modern world bribe money (say 500k)
* find out who works at mid-level of the passport office
* approach them with the following (true) story - we are MI6, or at least a small department of it. We have to travel to various countries, but these days once my iris is scanned as Joe it's very awkward coming in 6 months as Frank on a different job. So we need people like you to swap in and out iris scans as we need them, no traces left.
We will show you how to steal your bosses password.
* if you chosen correctly, she is already working for a different agency and is happy to increase the salary again.
Ask for new passport in new name.
You then got their birth certificate. Birth Certs say "MUST NOT BE USED AS IDENTIFICATION", but it's part of the paper bundle that builds credibility.
You're missing the crucial step of: how on earth would you get the birth certificate of some unrelated 30-years-dead kid?
Here are Indiana's requirements: http://www.in.gov/isdh/files/Id_requirements.pdf
I needed a birth certificate, the options for getting that were to send a photocopy of my driver's license (certificate mailed to that address) or have a parent apply for one.