Online anonymity...

fergalr

gurramok wrote: »

If you have quite a common name like mine, googling my real name returns literally hundreds of thousands of results if not a few million(:D), handy not having a rare name And i never link my youtube account to facebook, too much info to be revealed

Only two people on boards know my real full name in real life so I guess there are only 2 ways in which I'd be identified, that is if that person 'rats' on me to others or the mods reveal my identity(ip) to the authorities for ahem illegal activity

In 5 minutes of looking at your older posts, I reckon I found enough to identify exactly who you are, without getting anything from boards, but with access to a few government databases (maybe not even with that).
You've given out most of your important details, and more than enough to find who you are.

Thats only with 5 minutes, I'm sure theres more info in the intervening years.
I'm not trying to worry anyone or anything, but everyone should be aware that it is very hard to stay anonymous, and should not think they are more anonymous than they are.

Again, it is very hard to not leak information, over time.

We tell the world an awful lot about ourselves when we post on forums such as boards over a long time, and thats without sophisticated methods (looking at text identification, persistent spelling errors, linguistic analysis, times of day we are active, etc etc). (Or, of course, just getting the IP from boards.ie which state or law enforcement or maybe a civil suit could do)

gurramok

fergalr wrote: »

In 5 minutes of looking at your older posts, I reckon I found enough to identify exactly who you are, without getting anything from boards, but with access to a few government databases (maybe not even with that).
You've given out most of your important details, and more than enough to find who you are.

Interesting, like what? Do you know the name of my cat for example?

You have access to my ISP's IP database and run a check on said IP with my ISP to determine who I am and where I live? By the way, I do not live in the area in which I previously posted alot about, guess travelling about keeps big brother from watching

shopaholic01

fergalr wrote: »

In 5 minutes of looking at your older posts, I reckon I found enough to identify exactly who you are, without getting anything from boards, but with access to a few government databases (maybe not even with that).
You've given out most of your important details, and more than enough to find who you are.

Thats only with 5 minutes, I'm sure theres more info in the intervening years.
I'm not trying to worry anyone or anything, but everyone should be aware that it is very hard to stay anonymous, and should not think they are more anonymous than they are.

Again, it is very hard to not leak information, over time.

We tell the world an awful lot about ourselves when we post on forums such as boards over a long time, and thats without sophisticated methods (looking at text identification, persistent spelling errors, linguistic analysis, times of day we are active, etc etc). (Or, of course, just getting the IP from boards.ie which state or law enforcement or maybe a civil suit could do)

:eek::eek::eek:

Is your real name Bond, James Bond?

fergalr

gurramok wrote: »

Interesting, like what? Do you know the name of my cat for example?

You have access to my ISP's IP database and run a check on said IP with my ISP to determine who I am and where I live? By the way, I do not live in the area in which I previously posted alot about, guess travelling about keeps big brother from watching

Do you want me to post in this thread, my guesses/filterings of the various facts you have posted in other threads?

(I'm not an expert in this, or a PI or anything, but I've done a little work on online anonymity.)

fergalr

shopaholic01 wrote: »

:eek::eek::eek:

Is your real name Bond, James Bond?

Its 'Fergal', actually. But don't tell anyone, its a secret.

gurramok

fergalr wrote: »

Do you want me to post in this thread, my guesses/filterings of the various facts you have posted in other threads?

(I'm not an expert in this, or a PI or anything, but I've done a little work on online anonymity.)

Post general stuff yeh, but any personal stuff like you say who I am in real life and where exactly I reside, PM. I wonder is this a test by an online expert indeed:)

mightdomighty

Online anonymity is an illusion

Can't help thinking this lady is quite resourceful.

Mad as a bag of cats but resourceful

Galwayguy35

Every time I google my name its always the same result that comes up first because its the same name as a former Eastenders actor.

fergalr

gurramok wrote: »

Post general stuff yeh, but any personal stuff like you say who I am in real life and where exactly I reside, PM. I wonder is this a test by an online expert indeed:)

I'll delete any of this post if you want; but its just repeating stuff you posted yourself (and if you were being misleading then, its wrong now; of course).


When I saw your post count, I figured you were either being really careful, or would have given a lot of info out over the years; so I was curious, and just did the 'find other posts' button.


Well, like, based on some of your old posts - and again, I just had a quick look - it seems like you are a 37 year old male, from finglas (probably). Probably lapsed catholic/catholic family background. Your mother was 36 when you were born.


That sort of stuff would narrow the field a lot, if someone with access to DOB/birth data was looking for you.


You passed your driving test the week before 19-03-2003.
In 2003, you lived half a mile from st helenas road.
Those two pieces of info probably be enough to ID you, with access to driving license database.


Stuff that would definitely identify you are old posts about the makes and models of car you bought (01 1.4L MPI comfort model skoda fabia) in 11-07-2003.


With that set of details, thats almost certainly enough for someone with access to the car reg / tax databases to find your identity - so certainly government. No idea if someone can get that info in a civil case (guess not?).


Not sure if PIs can get access to that (?) - I'm sure they shouldnt be able to, but I don't know if they can.


There's other stuff; you might have had a nokia n95 in 2009; not a common phone. If you gave your phone company your address and demographic data(?) that might be enough to ID you?


This is all just telling you back stuff that you have posted yourself, and its just what I saw at a quick glance.
I'm sure someone thoroughly reading through all your posts would find more.


But I think what people don't realise is how quickly someone doing this professionally could use the information to narrow the field.


Its like in this paper:
http://dataprivacylab.org/projects/identifiability/paper1.pdf

they showed you could ID 87% of the US population, using just Zip gender and DOB. (DOB is obviously a big one).

But the point is that you really only need a very few pieces of information to ID someone, if you have the right database; we almost all leak enough information to be ID'd without meaning to.

It was found that 87% (216 million of 248 million) of the
population in the United States had reported characteristics that likely made them unique based
only on {5-digit ZIP, gender, date of birth}. About half of the U.S. population (132 million of 248
million or 53%) are likely to be uniquely identified by only {place, gender, date of birth}, where
place is basically the city, town, or municipality in which the person resides. And even at the
county level, {county, gender, date of birth} are likely to uniquely identify 18% of the U.S.
population. In general, few characteristics are needed to uniquely identify a person.

On-line anonymity and privacy, and our expectations of it, is becoming pretty important, as more of our lives go on-line.

shopaholic01

fergalr wrote: »

I'll delete any of this post if you want; but its just repeating stuff you posted yourself (and if you were being misleading then, its wrong now; of course).


On-line anonymity and privacy, and our expectations of it, is becoming pretty important, as more of our lives go on-line.

Is he right?????


*start posting lies*

gurramok

fergalr wrote: »

I'll delete any of this post if you want; but its just repeating stuff you posted yourself (and if you were being misleading then, its wrong now; of course).

Some of it is indeed right but I give you a pat on the back for finding it out so fast in about 12,000 odd posts on this site over about 12 years.

This part is defo correct

Well, like, based on some of your old posts - and again, I just had a quick look - it seems like you are a 37 year old male, from finglas (probably). Probably lapsed catholic/catholic family background. Your mother was 36 when you were born.

You're very close on the driving test part so well done there. Oh, I never gave Meteor(my previous mobile company) any info on myself back then on my previous phone, N95 You were quite fast doing the homework so doubly well done, it doesn't faze my the least though as a persons circumstances change over time.

All based on myself volunteering info. Just goes to show that people should be careful on what they post about their personal stuff no matter how long ago it has been. I forget half the crap I have posted...LOL

fergalr

I think I uncovered gurramoks actual identity, actually.

I'm going to PM about this, and probably not say anything further here, unless I hear back.

While I think its good that we all realise that we are hardly ever anonymous, I'm not in the business of IDing people publicly to make that point. Its a bit like the start of this thread, with the cat artist, otherwise.

shopaholic01

gurramok wrote: »

Some of it is indeed right but I give you a pat on the back for finding it out so fast in about 12,000 odd posts on this site over about 12 years.

This part is defo correct


You're very close on the driving test part so well done there. Oh, I never gave Meteor(my previous mobile company) any info on myself back then on my previous phone, N95 You were quite fast doing the homework so doubly well done, it doesn't faze my the least though as a persons circumstances change over time.

All based on myself volunteering info. Just goes to show that people should be careful on what they post about their personal stuff no matter how long ago it has been. I forget half the crap I have posted...LOL

Actually he just changed it and reposted.
Did you see the post he deleted saying he knew your real name, facebook a/c etc????

gurramok

shopaholic01 wrote: »

Actually he just changed it and reposted.
Did you see the post he deleted saying he knew your real name, facebook a/c etc????

Didn't see it other than what's here now. Watch this space

Captain Havoc

philstar wrote: »

how anonymous are we on boards.ie?

..........how much do the mods know about us?

You're as anonymous as you want to be really. The more you tell the more you reveal. I've had three posters threaten me and I've been able to find out who they are in real life through being mildly resourceful. I used to be pretty open about who I am in real life as I'm not a bad person but then one day a poster came and threatened me at work. He tried to have me fired, which he didn't succeed in doing. Mods don't really know a whole lot more than posters about who you are in real life.

philstar

Captain Havoc wrote: »

You're as anonymous as you want to be really. The more you tell the more you reveal. I've had three posters threaten me and I've been able to find out who they are in real life through being mildly resourceful.

oh ya, how ?

Captain Havoc wrote: »

I used to be pretty open about who I am in real life as I'm not a bad person but then one day a poster came and threatened me at work. He tried to have me fired, which he didn't succeed in doing.

fired as a mod or fired from your daytime job?

Grayson

Fart wrote: »

Are you Paul Grayson, OP? Gillians "Father".

No. But my nick is from a computer game. Kinda.

Grayson

Whatever about tracking someone down online, I'm amazed at how many people use the exact same passwords for everything. I have 5 different variants of the same password with strange characters in each one. That way it's easier to remember them. I also finish different passwords differently. For example my boards password might be passwordBOR

I say this because if I knew someone email address, even without knowing too much about them. It would be easy enough to out their password hint clue if that was linked to a facebook account (That was how celebrities email accounts get hacked) and at that point, if their amazon, ebay, paypal passwords were the same, I'd be able to rip them off.

I work for an internet company. And if a users account gets hacked the first thing we tell them is to change all their other passwords. People never think of it themselves

Doc Ruby

Captain Havoc wrote: »

one day a poster came and threatened me at work. He tried to have me fired, which he didn't succeed in doing.

Seriously? Wow. What happened?

fergalr

Grayson wrote: »

Whatever about tracking someone down online, I'm amazed at how many people use the exact same passwords for everything. I have 5 different variants of the same password with strange characters in each one. That way it's easier to remember them. I also finish different passwords differently. For example my boards password might be passwordBOR

I say this because if I knew someone email address, even without knowing too much about them. It would be easy enough to out their password hint clue if that was linked to a facebook account (That was how celebrities email accounts get hacked) and at that point, if their amazon, ebay, paypal passwords were the same, I'd be able to rip them off.

I work for an internet company. And if a users account gets hacked the first thing we tell them is to change all their other passwords. People never think of it themselves

Why are you telling people, on a public internet forum, how you generate variants of your password?

Captain Havoc

philstar wrote: »

oh ya, how ?



fired as a mod or fired from your daytime job?

Not very hard, some people use the same name across a variety of forums so one guy I found this way and eventually I found a photo of him, I didn't know who he was so I wasn't overly concerned. Another one I searched his username followed by at hotmail on facebook and he came up. The third one actually gave his real name in a reported post.

He wrote to my employers about me. Modding isn't a job we do this voluntarily so I wouldn't lose any sleep over it.

Grayson

fergalr wrote: »

Why are you telling people, on a public internet forum, how you generate variants of your password?

Yep. But there's no way you could guess it. And if you did guess one, trying to work out a spelling that's 10+ digits long with strange characters, in multiple variants with different suffixes on the same variant would be hard.

fergalr

Grayson wrote: »

Yep. But there's no way you could guess it. And if you did guess one, trying to work out a spelling that's 10+ digits long with strange characters, in multiple variants with different suffixes on the same variant would be hard.

Well, fair enough - you understand your own security needs best.

I guess if you were worried about some possibly targeted attack, where someone got one of your passwords, and wanted to break some other security (maybe if you had an encrypted file on your work laptop; which gets stolen next week; and the thief is reading this boards.ie post from it; and has got your boards.ie password, and some other on-line passwords, from your browser), then you wouldn't say anything publicly that would allow someone to narrow down the space of possible passwords you could have.

Thats an important point about security; you shouldn't ever leak anything you don't have to, because it all adds up.


But yeah, it depends on how cautious you want to be; and your main point - that users shouldn't use the same password everything, and that even simple variants of the passwords are a good start - is a good one.