[HN Gopher] Be anonymous
___________________________________________________________________
Be anonymous
Author : kashnote
Score : 189 points
Date : 2022-02-20 18:54 UTC (4 hours ago)
(HTM) web link (kg.dev)
(TXT) w3m dump (kg.dev)
| ronnier wrote:
| I don't care about being anon, but I don't want all my info
| sitting in databases, so I've made done the following and trying
| to evolve over time and fix gaps that I currently have. This is
| things I've done...
|
| * Use Brave browser with ublock origins and privacy badger
|
| * Use pihole + unbound to resolve my own DNS and do not use
| google
|
| * Run wireguard on my home network that I connect to when I'm out
| and need to use wifi
|
| * Be anti-google as much as possible. I'm still in the process of
| this, i'll switch my domain based email off of google soon
|
| * Be anti-facebook and delete all accounts (whatsapp and insta
| included)
|
| * Be anti-reddit
|
| * Be anti-cloud and host everything internally as much as
| possible (except for encrypted backups, say for video cam
| footage)
|
| * All of my home automation is local and blocked from the
| internet. If I want access, I'll connect to my VPN.
|
| * Use signal with disappearing chats to communicate with my
| friends.
|
| Still a lot to do, but it's a start...
| hammock wrote:
| I believe Brave browser has fallen out of favor but I'm not an
| expert on why
| ronnier wrote:
| Interesting. Please let me know if you have a better
| alternative. Ideally I'd like to just run chromium but then I
| have to build it myself or use some build by some untrusted
| person so I've decided I'll trust Brave for now...
| xvector wrote:
| Aside from Tor Browser, Firefox with arkenfox/user.js is
| ideal for privacy [1].
|
| Chromium-based browsers like Brave are ideal for security
| [2].
|
| An ideal solution for privacy and security would be running
| Firefox+user.js in Qubes OS [3], or for even more
| anonymity, Tor Browser in Qubes-Whonix [4]. However, even
| this isn't bulletproof, and a 3 letter agency can still
| determine who you are with techniques like keystroke
| deanonymization [5] or other techniques [6] like traffic
| analysis. Tor is also not reliable for anonymity because
| the project is kind of a shitshow [7], so there's really
| nothing you can do to truly hide.
|
| [1]: https://github.com/arkenfox/user.js
|
| [2]: https://madaidans-insecurities.github.io/firefox-
| chromium.ht...
|
| [3]: https://www.qubes-os.org/
|
| [4]: https://www.whonix.org/wiki/Qubes
|
| [5]: https://www.whonix.org/wiki/Keystroke_Deanonymization
|
| [6]: https://www.whonix.org/wiki/Warning
|
| [7]: https://www.hackerfactor.com/blog/index.php?/archives/
| 906-To...
| cellis wrote:
| As careful as some of the things he suggests are...if you're
| truly wanted by a state-level actor or sufficiently motivated
| attacker, you won't be able to hide by simply using VPN and Tor.
| Especially if you're running something with many transactions
| like AlphaBay. You would need to obfuscate quite a bit more:
|
| - if you're using VPN traffic but most people "around" you
| aren't, you're a suspicious node; your ISP could easily flag you
| to your government. If you use wifi at a common point you're
| likely to be flagged and there isn't an easy way other than
| keeping on the move. But moving often is another anomalous event,
| and it's very difficult to do even for Drug Lords ( El Chapo ) or
| Terrorists that it behooves to do. This puts you in a sort of
| _Zugzwang_ , to borrow a chess term.
|
| - there's always leakage, for instance, in the way you talk with
| people in the real world. At some point you send enough
| communication for sophisticated frequency analysis.
|
| - and there are other patterns of usage that could be used to
| identify you, like searches or even keyboard frequency on
| anonymized accounts can be de-anonymized by very specific markers
| ( ML works! ).
|
| - off ramps for crypto aren't very good. If you're in e.g.
| Brazil, haha, yeah, good luck spending bitcoin or any other
| crypto and going unnoticed. Mixers and tumblers will eventually
| leak and you'll be caught.
|
| - you're very vulnerable to social engineering by people you do
| business with. one slip where you stop communicating in a
| transactional mode of communication and that's a weak link in
| your armor.
|
| In the end, the FBI only has to be right once, and you have to be
| right every time.
| weq wrote:
| Scamming is BOOMING. We are talking entire developing countries
| getting onboard. The noise ratio is very high on all these
| services. There are hundreds of "alphabays" running RIGHT now
| with millions of people using them, right now. This isnt 2013,
| those big take-downs of high profile sites did nothing but
| diversify, fracture the community.
|
| Sure, if u piss off the wrong agent and they spend a few years
| on the case you may get busted. But the vast majority?
| xvector wrote:
| > keyboard frequency on anonymized accounts can be de-
| anonymized
|
| Whonix uses Kloak to mitigate this [1], but unfortunately it
| isn't available in Qubes-Whonix.
|
| > Mixers and tumblers will eventually leak
|
| Don't use mixers and tumblers, use Monero and/or Monero atomic
| swaps.
|
| But, you are right that it is futile to maintain defense
| against a determined 3 letter agency.
|
| [1]:
| https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak
| 323 wrote:
| What you said and much more.
|
| For example, you buy a burner phone, but the place you bought
| it from, even if a second hand shop, had a security camera.
| Maybe they also record IMEI's before selling phones.
|
| Or you carry your burner phone together with your real phone.
| Or alternatively, you leave one at home when using the other.
| Both of these things can be linked by a sufficiently determined
| actor (FBI/NSA level).
|
| Or they track you to using a public square WiFi one day. Again,
| cameras are everywhere.
|
| If they got your real name, no matter how, it's game over. You
| will be surveilled and they will find proof to link you. This
| is why all those posts "if only DPR used this kind of
| encryption or dead-men-switch" are ridiculous. Once they knew
| his real name it was just a matter of time and building a case.
| cellis wrote:
| I would say that if you're caught and ... _somehow_ manage to
| delete all the evidence linking you ( you have device
| explosives or, idk, 2048 bit encryption ), you _may_ be able
| to escape, but come on, who are we kidding: the FBI has like
| a 99.96% conviction rate and that 's without even going to
| into the "parallel construction" or other conspiratorial
| lines of attack.
| 323 wrote:
| I don't think the FBI would be that dumb to arrest you
| before they have solid proof.
| ogisan wrote:
| You're absolutely right. It is not enough to use anonymity
| tools, you also have to make sure everything else around you
| doesn't compromise your anonymity. Made me think of a Harvard
| bomb threat incident where the student posting a fake bomb
| threat (through Tor) to avoid final exams was the only person
| using Tor on campus at the time, which trivially identified
| him.
|
| https://theprivacyblog.com/blog/anonymity/why-tor-failed-to-...
| klysm wrote:
| Many anonymity tools have the k-anonymity property. It's
| really unfortunate for k to be 1.
| 323 wrote:
| This is the big problem of crypto coin mixers. 99% of their
| users are trying to launder illegal bitcoin.
| blowski wrote:
| It's a bit like Schneier's Law. You can put in place
| protections that you personally cannot workaround, but that
| doesn't mean someone with sufficient means and motivation would
| also be blocked.
| 14 wrote:
| This reminds me of a time I was having a yelling match with a guy
| on reddit and he started calling me names. I google searched his
| username and he had used it across multiple sites, several being
| porn sites, and he also posted his reddit user name on his
| Facebook and a Facebook search I found his real name and pictures
| of him. When I called him by his real name and linked a picture
| of him he immediately changed his tune. In the end he and I both
| laughed and thought it was funny and he was more curious how I
| found all those thing. I told him he used the same username
| across multiple sites including Facebook. He said he was a lot
| younger and didn't think of those things when he originally did
| it. I removed any post where I used his name and tried not to dox
| him for others to see.
| Barrin92 wrote:
| It's good advice. The problem with anonymity in an environment of
| ubiquitous surveillance is that it's paradoxical. The point of
| anonymity is achieving freedom, but staying anonymous expends
| energy and makes you a target, so you can't actually do any
| things that anonymity was supposed to get you.
|
| If what you really want is sovereignty, which is what most people
| confuse anonymity with, the goal is to be like what Ernst Junger
| called the _anarch_ (in contrast to the _anarchist_ ), which is
| someone who complies and renders herself indifferent to
| authority, rather than standing out and drawing attention.
|
| A much better practice is to be as open as possible about the
| boring stuff, so you're not constrained and can do what everyone
| else does. Trying to be absolutist about anonymity is
| automatically like wearing a straitjacket.
| roughly wrote:
| > If what you really want is sovereignty, which is what most
| people confuse anonymity with, the goal is to be like what
| Ernst Junger called the anarch (in contrast to the anarchist),
| which is someone who complies and renders herself indifferent
| to authority, rather than standing out and drawing attention.
|
| This works right up until the thing you want to do - or the
| person you find yourself to be - is something authority is not
| indifferent to.
| chaxor wrote:
| > expending energy
|
| One thing I noticed out of many of the list items given in the
| post here:
|
| > Only use Tor > Always use a VPN > Never use Google -- only
| DuckDuckGo > Disable JavaScript on your browser > Watch all
| incoming and outgoing network calls regularly and scan for
| abnormalities > Encrypt your laptop and any external drives >
| End-to-end encrypted communication only > Don't use Gmail --
| use ProtonMail > Never pay with cards. Use cryptocurrencies. >
| Turn off all location services from your laptop and phone
|
| Is that these can actually be solved with technology in a way
| that these are the _default_ and popular behavior (as TLS 1.3
| is in HTTPS). So it 's important that we realize that these
| technologies (or something like them) are important and
| _desired by everyone_ , but just need a bit of development to
| work. Https and signal are great examples. Many of my parents
| and grandparents are on signal now, because it's better than
| most other apps (whatscrap, Facebook msg, imsg, etc). Is the
| Loki network and Session better? Sure. Of course. But
| grandparents aren't using it yet because not everyone they know
| is on it yet like signal, just the tech knowledgeable, or many
| of their grandchildren.
|
| But ultimately, _None of this should require any effort
| whatsoever_.
|
| The rest of the points about concealing your name or not is
| more obviously a choice by the user, as they have to provide it
| knowingly - so it's less of an issue because they're more
| likely aware of their choice.
|
| > Don't buy domain names I'm not sure I understand this one -
| anyone have an explanation?
| cure wrote:
| > Don't buy domain names I'm not sure I understand this one -
| anyone have an explanation?
|
| When you buy a domain name, you are supposed to supply
| accurate ownership information. If you do not, the registry
| can yank your domain when they discover that. Most registrars
| obfuscate/hide the information in their whois service, but
| they still need to have it to comply with the rules of the
| registry. That information can be subpoenaed.
|
| The purchase/renewal transaction(s) also leave a trail that
| can be followed.
| blakesterz wrote:
| "Ultimately, anonymity comes down to one thing: Control. You
| should educate yourself on data privacy and make sure that you
| know what data you're sharing and what is possibly out there."
|
| That's some REALLY good Solid advice.
| touisteur wrote:
| And be OK that sometimes some people don't want to interact
| with anonymous randos... Credentials are not everything, but
| they _are_ a filter on medias with large amounts of time-
| wasters...
| chillycurve wrote:
| I have been afraid of sharing my ideas, post history, etc. in a
| way that could be easily traced back to my identity for years. I
| made sure my accounts and usernames bore no personally
| identifiable tid-bits. I use a VPN religiously (that won't
| change).
|
| I've since decided that I am done with all that.
|
| I was afraid my employer might question my Reddit posting history
| (they wouldn't.) I was worried someone who Googled me would think
| my past self was dumb (who cares).
|
| Now my ideas are almost all public and growing more so by the
| day. I am working up the energy to start a personal blog, if
| anything just to document my ideas over time. I am adding my real
| name and email to my Github, HN, (not Reddit, yet, though it
| would not be hard to connect), IH, etc.
|
| I want someone to be able to Google me and find my best work.
|
| On the other hand, there are clearly cases and types of
| info/accounts that should remain private. I self-host as much as
| possible. I encrypt personal files before uploading. I have
| multiple Protonmail accounts. I use custom DNS, etc.
|
| Ideas should be public. Information is a case by case basis, but
| I generally care a lot less than I used to.
| chaxor wrote:
| What do you use as a custom DNS?
| mindvirus wrote:
| The article touches on a good point: one mistake and you're out.
| It doesn't even have to be your mistake - you didn't choose to
| put your SSN out there after all, yet here we are.
|
| This gave me a radical company idea, on the other end of the
| spectrum: spam as a service. Something that'll take your name,
| email, and other things and put it all over the internet in
| questionable and plausibly denial ways. That way, even when
| someone is trying to find things out about you, it'll be hard to
| find, and easy to deny. (I'm kidding of course).
| [deleted]
| _moof wrote:
| _> It doesn 't even have to be your mistake_
|
| This is the crucial piece. It doesn't matter how careful you
| are; everyone who knows you has to be careful too. I have a...
| well, I hesitate to use the word stalker, because that makes
| them sound more motivated than they really are. But someone on
| that spectrum, anyway. After a few years of being harassed I
| managed to elude them. Then they found me again. You know how?
| They pieced together two pieces of information posted publicly
| by other people. That's all it took.
| hammock wrote:
| This idea exists but doesn't always work.
|
| Example A: Apparent Nazi sympathizers planted inside the
| Canadian protests- some people thought they were provocateurs,
| others assumed they were legit and cast a negative light on the
| protests overall
|
| Example B: Hunter Biden's laptop (before it was acknowledged to
| be real). Saying he was a target for disinformation campaigns
| mostly worked
| Liiiii wrote:
| "Something that'll take your name, email, and other things and
| put it all over the internet in questionable and plausibly
| denial ways."
|
| What if instead of spamming the correct information out, spam
| slightly incorrect information out.
|
| Correct address, incorrect middle initial, wrong birth month,
| and a machine generated SSN would be from the right time
| period, area number, but with an incorrect group and serial
| number.
| adelie wrote:
| This is essentially the premise of Neal Stephenson's Fall or
| Dodge in Hell.
| [deleted]
| propesh wrote:
| Kidding aside, this is exactly how it will go down. Politician
| in a scrape of financial corruption or etc.? Deepfake s*x video
| or other viral blatant misinformation & obfuscation; what's the
| risk? Upside, no one knows what to believe. Exactly what
| various "countries" are doing. It will be extreme; to the point
| where, don't believe half of what you actually see.
| bee_rider wrote:
| It should be noted that this is a pretty bad end state.
| Reporting is already an extremely weak force for preventing
| corruption on the part of the powerful. Journalists entering
| a state of total uselessness is only going to make the
| problem bigger.
|
| In a realm of total bullshit the winners are the one who are
| best at lying. "I don't know what to believe and everyone
| involved is probably corrupt" is usually just an excuse to
| disengage and follow base instincts.
| bugBunny wrote:
| I guess none of these suggestions really work without the last
| one "Move to Brazil and live in the rainforest" :)
| hammock wrote:
| Even that didn't work for John McAfee
| LinuxBender wrote:
| To be fair he never lived in a rain forest. He was always
| around people and often managed to upset many of them.
| Damogran6 wrote:
| Name it something catchy...like equiphax
| HPsquared wrote:
| "equip hax"
| alliao wrote:
| Photos easily pinpoint you too, any pictures you upload + user
| name is pretty much game over
| nickstinemates wrote:
| The conclusion is a weird one, given the premise. The crux of the
| argument is basically true. Its an all or nothing proposition.
|
| Or you can lead a double life. One for your public persona, where
| you don't care at all about security, and your real persona,
| where you do. This has been my approach on the internet since
| basically it started and handles were a common thing.
| caslon wrote:
| With that in mind, you just might have posted this comment on
| the wrong account.
| ReactiveJelly wrote:
| > The crux of the argument is basically true. Its an all or
| nothing proposition.
|
| No, it's not.
|
| Every online account (that doesn't involve money or legal
| paperwork) can have its own name. Then you can decide whether
| to have _some_ accounts ultimately link back to your legal
| name, or all accounts, or none.
|
| > Or you can lead a double life. ... This has been my approach
| on the internet since basically it started and handles were a
| common thing.
|
| That's exactly what I'm doing, and neither of us are living in
| the Brazilian rainforest, so anonymity really is a spectrum.
| numpad0 wrote:
| > Then you can decide whether to have _some_ accounts
| ultimately link back to your legal name,
|
| No, _you_ don 't. Someone else could, if there is one with
| high enough affection to you. I think you'll have to think of
| bulk ingestion and on-prem processing to be sure your
| activities won't trace back to you.
| aqme28 wrote:
| I don't think it's all or nothing. Look at anonymous public
| personas like Banksy or Dril. People have tracked them down,
| and you can look up who they are if you try.
|
| But for the most part these people are anonymous, and get to
| enjoy some of the benefits of that.
| oh_sigh wrote:
| Alex Cazes had bad op-sec. His #2, DeSnake, didn't, and is still
| alive and well and has restarted his marketplace and gives
| anonymous interviews to media outlets:
|
| https://www.wired.com/story/alphabay-desnake-dark-web-interv...
| kwhitefoot wrote:
| The title is misleading, clickbait. The article is in fact about
| why it probably isn't necessary to be anonymous and even then
| says nothing particularly important.
| djur wrote:
| A title not precisely describing the premise and conclusion of
| the article is neither misleading nor clickbait. The article is
| about online anonymity. It could be "On being anonymous" or "To
| be anonymous"; "Be anonymous" is fine, too.
| sampo wrote:
| Maybe Eric S. Raymond's advice from 21 years ago is no longer
| true in today's internet:
|
| > Concealing your identity behind a handle is a juvenile and
| silly behavior characteristic of crackers, warez d00dz, and other
| lower life forms. Hackers don't do this; they're proud of what
| they do and want it associated with their real names. So if you
| have a handle, drop it. In the hacker culture it will only mark
| you as a loser.
|
| http://www.catb.org/~esr/faqs/hacker-howto.html#style
| YaBomm wrote:
| hkon wrote:
| Easily. It was advice for another time.
| vmception wrote:
| Exhibit A: Was Mary only _from_ Syracuse, or was Kash, kg.dev,
| using dating apps _in_ Syracuse
|
| well, I got tired of caring already, but maybe others havent.
| alfiedotwtf wrote:
| Good article!
|
| As an experiment, a few years ago I put my mobile phone number on
| my blog, and to date I've only received 2 anonmous messages on
| Signal but no calls besides recruiters.
|
| The old adage "No one is thinking about you as much as they are
| thinking about themselves" is true.
|
| While it's good to practice good security hygiene, be mindful of
| also being practical.
| ReactiveJelly wrote:
| Agreed. Anonymity is a spectrum. Just like personal finance, most
| people haven't even begun to assess what state they're in.
|
| You should not accept the state you're in without knowing what
| state that is. Most people should have more anonymity than
| they're giving themselves.
|
| "Defend your rights. Nobody else will do it for you."
|
| -- ReactiveJelly
| DantesKite wrote:
| There's a middle ground somewhere here, in between "Don't be a
| criminal" and "Don't be stupid."
|
| I don't think the lesson we should take from AlphaBay is "Take
| better privacy safeguards" but "Don't set up an illegal dark web
| operation."
| underwater wrote:
| I mix @realname and @pseudonym accounts. I'm generally pretty
| careful about what I post under my real name and less so under an
| alias.
|
| However, over time I drop enough clues that people could figure
| my real identity with a little work. That leaves me with the
| worst of both worlds. It seems safest to assume that your
| identity is always tied to everything you do online.
| can16358p wrote:
| I think with ML getting smarter and people posting (either with
| their identity or anonymously) more and more content, it will
| be trivial to crossmatch anonymously posted content to real
| identities by ML examining "styles" of text: from punctuation
| to sentence structure to vocabulary use, and it will have an
| accurate estimation of who that "anonymous" person is.
| kibwen wrote:
| This would be pretty easy to counter by having a tool that
| would analyze any comment you post and strip all the
| identifying marks out of it; no punctuation other than
| periods, no complex or compound sentences, all words replaced
| by equivalents from the list of the most common thousand
| English words, all voices and tenses normalized, no
| paragraphs, no capitalization, etc.
| numpad0 wrote:
| Notably missing aspect is precise time of events.
|
| Personas like someone who posts content during 08:34:40 -
| 09:23:23 except 08:43:30-08:55:23, never seems to be active
| during 22:00 - 06:00, can be narrowed down to something like a
| person commuting via bus route A from stop B to C changing to a
| train route from C to D through passageway E in the station.
|
| From there you can look for a man looking down at a phone, or
| couple information with other factors, or throw in a bait like a
| giant stinking dead fish or a rare and loud car in front of him
| and watch for responses he'd make. IMSI catchers and Bluetooth
| scanners can be useful as well if your adversaries are
| resourceful. Time and location of transmissions and time of
| receptions can be correlated, in theory.
|
| This type of attacks can't be mitigated on fast-paced social
| media at all; both posts and requests has to be queued and
| obfuscated for time.
| mhitza wrote:
| That's a bultin feature of messaging systems like I2P-bote
| (running on I2P darknet). It's been a while since experimenting
| with Bitmessage but I think they queue/batch messages as well.
| But for forum like software that's definitely true, can't
| easily have variable delayed posting.
|
| Another aspect that's important and often ignored, is writing
| style anonymization. You practically want an offline tool, that
| removes idiosyncrasies from the text you write and makes it
| sound as bland as possible.
|
| edit:
|
| A related story. Around 2010-2012 I was working for a company,
| and I was part of a somewhat managerial group. At one point we
| decided to pull in direct employee feedback in an anonymous
| free-text form. Due to their writing style being reflective on
| the way they spoke, it was possible to point exactly who wrote
| what message. Of course, few exceptions existed, I didn't
| personally know all the employees in the company.
| chayesfss wrote:
| Share accounts with others, widely. No reason not to unless
| you're trying to build up some type of e-cred with your other
| account.
| indigodaddy wrote:
| Feels like the article is slanting this Alex guy as a hero of
| sorts? I don't like the tone of the article and wish I hadn't
| clicked on it now..
| ChrisMarshallNY wrote:
| I'm sort of the opposite.
|
| I make sure that I can be found and attributed. I deleted my last
| anonymous account, a couple of years ago. In the Days of Yore, I
| was pretty much "Dick From the Internet." A real neckbeard troll.
|
| There's a lot of reasons that I do it. The biggest, is that I
| want to be in control of my narrative. I learned from a couple of
| folks that are _really good_ at curating their SEO results.
|
| Also, these days (for a change), I'm pretty well-behaved. Doing
| it this way, helps to keep it that way.
| srmarm wrote:
| Privacy is on a spectrum, but is also compounded by time and once
| the cats out the bag it can be impossible to turn back. In the
| example given of Alex Cazes he could change the from email but
| the damage was already done - there's no way to recall the emails
| already sent that led a trail back to him.
| upofadown wrote:
| The article states that _anonymity_ is on a spectrum. Privacy
| is a different issue. You can lead an entirely private but non-
| anonymous life.
| formerly_proven wrote:
| Be anonymous
|
| Become ungovernable
| jefftk wrote:
| The article presents a spectrum, dismisses both extremes, and
| advocates that people aim for the middle. The problem is, you may
| think you are hanging out in the middle, but you probably have
| much less privacy than you think you do. Even if you are making
| the right choices for today, you can't trust that the future will
| keep things private (advances in ML, ubiquitous surveillance) and
| you don't know that futures isn't here yet.
|
| Personally, I hang out at the fully open end of that spectrum.
| This has worked out pretty well for me; I don't think I've run
| into any downsides.
| psacawa wrote:
| > Don't buy domain names
|
| Can anyone explain this? Assuming your data isn't in the WHOIS
| record, why does this increase your exposure more than any other
| company knowing your name?
|
| A search shows up options for anonymous domain name services.
| ur-whale wrote:
| I would _strongly_ advise anyone who really wants to be anonymous
| on the internet such as a freedom activist in a totalitarian
| country, _not_ to follow the advice listed at the end of the
| article.
|
| Or rather: these are very basic and very naive recommendations,
| certainly good first steps, but absolutely nowhere near enough to
| guarantee strong anonymity on the internet.
|
| Remaining truly anonymous on the net is _extremely_ hard,
| especially in these days where ML can be used to statistically
| narrow down and pinpoint who wrote a specific piece of text only
| based on things like use of punctuation, vocabulary, sentence
| structure and style.
| kgeist wrote:
| >especially in these days where ML can be used to statistically
| narrow down and pinpoint who wrote a specific piece of text
| only based on things like use of punctuation, vocabulary,
| sentence structure and style.
|
| I think you can fight ML with ML - for example, use GPT-like
| algorithms generate text for you. But then you must also be
| careful about when you post - I remember some of the Russian
| trolls were exposed because their bursts of activity coincided
| with 9am-6pm Moscow time. So you have to use a random number
| generator decide when to appear online if you want to hide your
| location. There's always something which can narrow down their
| search. One small mistake and you are busted. They don't even
| need to pinpoint you exactly, if it's narrowed down to
| 1000-10000 people who meet the criteria, they already win
| because they have the capacity to go through the list one by
| one and eventually find you.
| Swenrekcah wrote:
| Would the solution be a digital version of the old newspaper
| cutout ransom letter?
|
| Generate via GPT-3 a text giving roughly the impression you
| want to make and then copy/paste sentences from online news
| media if you need the names of particular persons or events.
|
| Would be rather crude though, but less tedious than literally
| cutting and pasting letters was.
| kgeist wrote:
| I had a similar idea in a sibling post. But this only works
| if you basically have a secret alter ego which has nothing to
| do with your work/public persona, because otherwise they can
| match your favorite topics in those GPT-3 generated texts to
| your interests in real life, by factoring in also other
| little facts, like when you usually appear online, etc. It's
| probably enough to protect the average Joe but imho not
| enough to protect a targeted freedom activist, unless their
| activism is their alter ago and publicly they aren't known to
| be activists. Otherwise their every step is monitored in a
| typical dictatorship and it's not that hard for them to
| connect the dots who was the author of a certain message.
| m348e912 wrote:
| I don't know if dating app users understand that it doesn't take
| much information to find out who they really are. Sometimes all
| that's needed is a first name, profession, or university is
| enough if one of the three is somewhat unique for the area. If
| you're concerned about privacy on dating apps, you're better off
| being really vague about basic aspects of your life, or trying a
| bar instead :)
| Ansil849 wrote:
| > Don't use macOS or Windows -- only Linux
|
| > Move to Brazil and live in the rainforest
|
| Juvenile, snarky, irreverent and irrelevant advice I'd expect to
| read on a 12 year old's Reddit post.
| retrac wrote:
| > I don't know about you, but I don't want to do all of that.
| [...] I don't recommend being on either extreme of this
| spectrum.
|
| It's a list of extreme techniques for protecting ones' identity
| online. Of course, completely sanitizing your online presence
| is difficult, and probably unnecessary. I thought the two lists
| were a nice rhetorical framing - present a dilemma (total
| openness vs. total anonymity) and then wiggle out of it to a
| compromise.
| Ansil849 wrote:
| > It's a list of extreme techniques for protecting ones'
| identity online.
|
| The items I quoted do nothing to protect ones' identity
| online. Snark is only effective if relevant.
| RustyConsul wrote:
| holy cow! I literally laughed out loud when i read the
| rainforest remark. Chill out dude, you're reading something
| called 'Thoughts' by some random dude on the internet lol
| AitchEmArsey wrote:
| The closed nature of MacOS and Windows means that you have
| no guarantees (and no audit mechanism) to determine how
| much the machine is passing your data back to HQ. As the
| post very clearly states, most people don't need to care -
| but someone with extreme paranoia has only one obvious
| choice here.
|
| Your aggressive negativity is far less interesting than
| this blog, and serves no purpose whatsoever.
| i_am_proteus wrote:
| That might be why the next thing in the article is:
|
| >I don't know about you, but I don't want to do all of that.
| can16358p wrote:
| Linux part is perfecly valid IMO, though the rainforest was I
| think a bit deliberate exaggeration.
| fsflover wrote:
| Linux is definitely more anonymous than Windows/Mac, but if
| you seriously want to be anonymous, you should use Qubes with
| Whonix.
___________________________________________________________________
(page generated 2022-02-20 23:00 UTC)