"Welcome to an Internet without privacy, and we've ended up here with hardly a fight." ~ Bruce Schneier
The Paula Broadwell example seems kind of weak…they could have done the same thing if she'd mailed them all out via snailmail, too, by correlating postmarks. I very much agree with the overall point, though.
Grifter wrote Mar 16, 2013 @7:13 pm:
…they could have done the same thing if she'd mailed them all out via snailmail, too, by correlating postmarks. I very much agree with the overall point, though.
In fact, the FBI caught the only American ever prosecuted for spying for the Japanese during WWII by similar means, correlating data from snailmail.
Velvalee Dickinson sent jargon code letters to an address in Argentina, using return addresses of her doll shop customers. The Argentinian contact had fled, and several letters were returned to apparent senders, who contacted the FBI. Once the FBI learned they had all done business with the same shop, the game was over.
Wow, this is scary… check out the CMU research he links in that article… using face recognition to predict someone's SSN… crazy stuff…
True enough, if you want to hide, don't do it on the internet.
On the internet, everybody knows you're a dog.
All the examples he uses are people not maintaining strict anonymity at all times. If Broadwell had used public hotspots and either tor'd or used a proxy to a webmail client, she'd not get caught. Hector Monsegur didn't mask his IP once, but again he slipped up. The Chinese hackers, probably shouldn't be using work computers for Facebook. Everyone slips up given enough time.
Cute that after all that they (CNN/author) invite you to follow them on Facebook….
People can get too comfortable on Tor and think it provides magic anonymity. It hides where you are, but not what you say. Anyone could be running and exit node and collecting your data.
I'm actually surprised anyone who has ever used the Internet regularly would harbour any expectation of privacy. I don't mean in the legal sense, but rather as a matter of common sense.
At the most basic level, I'm typing characters to form words and sending them out first wirelessly and then over wires in hopes they'll reach the Popehat blog intact, so that other people might read them. If a system transmits and records so well, why on earth would I think it was secure? Why would I think I could turn privacy off-and-on at my own whim?
To maintain true anonymity can be done but it requires some forethought on purchasing and maintaining sanitized equipment and software, use of obfuscation tools like TOR but also taking additional physical security precautions (ie. never logging in at home), paying for everything with cash or prepaid debit cards, carefully maintaining a separate identity, and rigorous consistency following procedures each and every time – up to and including not taking your own personal cell phone with you. It can be done but it’s inconvenient and most people will, as Chris mentioned, eventually slip up.
The word of the day is "decency." Yes, we can track you every second of every day no matter where you go or what you do, but we really shouldn't. As a matter of courtesy if nothing else. Of course, that's what we would hope for, nothing to say of how people actually act.
I take comfort in the fact that the things I post seem only to greatly confuse the algorithms involved.
Never logging in at home or near your home can reveal your location too.
"Sir, the perpetrator connected from all over town, except never from this appartment block/house."
But thats just what the police consultants on tv see.
I think we should all start tagging FB photos with other people's names.
Narad wrote Mar 17, 2013 @3:55 pm:
I take comfort in the fact that I am a dog.
It is possible to create a DVD of privacy enhanced services to reduce your use of privacy destroying services, load it onto a server at home, and use your own DNS, your own mail, automatically plug into TOR all the time, etc. If you care about privacy fund that kind of project and use it.
Follow Popehat on Twitter
Become a fan on Facebook