Do you use different usernames across different sites?

Well yes, after someone is able to identify the risks, methods as what you outline would mitigate that avenue of tracking. If you are unaware however...

Not necessarily. Perhaps if you zeroed in on another handle of mine, however crawling the entire net for potential matches to a "style" only would be futile. This I would argue would only come to play should you have other points as well to correlate.

We’ll I’ll give you a general example which I see happen to internet users all the time. This affects individuals who do not actively monitor their digital footprints. Users have been identified by digital crumbs so to speak they leave behind in their profiles and from handle reuse. Example, user X posts here with the handle unqiue34567, and reuses this handle across several sites, such as other forums. All their accounts do not reveal anything, except the last one. This last one could be an inactive account from several years ago and let’s say holds an old video game alias. Following that new handle now leads to video game websites which user X also participated and may have links to user X’s social media outlets. From there the rest is history. This can happen even if you think you are secure. All it takes is one tiny opening for someone to really trace you via OSINT.

 

This is exactly right. Another example, it only takes one poster you told 10 years ago in a PM that you live in Berlin, and he pops in with a post 6 years later and innocently asks on whatever forum, "Are you still in Berlin?" That kind of thing, leaks that happen back before you put two and two together to maintain privacy.

`

 

^That.

The attacker doesn't have to be skilled...they just need to have the time to read everything you ever posted. I'm telling you, there are people that have been on forums for 10-15 years, and have 20,000 posts...there were no slip ups? The one thing you can do, is do a search for your IRL name, address, town, phone etc... and *hopefully* get it edited out...some boards don't let you edit after a certain time though, so then you need to send PM's to admin's, etc... Personally, I'd just ask to nuke the whole account...that stuff doesn't really need to be out here with a 10 year history.

As to the "IP's are not proof": You're right...do you have $10,000 to prove it? If you are served, and do not reply, you lose by default. Sure, you can try to do the research and do it yourself...but your time is valuable too. Most lawyers will want at least $5K as a retainer, to respond.

PD

 

Again, read my previous comment about living in the US. Not all countries in this world have the same laws, and not all lawyers cost the same

 

How could a language translator alter writing style?

 

By making your text unintelligible!

 

Well, I can say that I don't use any such technique when writing here, at WSFs. But, if I wanted to take care of the writing style, wouldn't translating from my language to english alter the writing? Either it would be 100% great english, or a not that great english, which would be more likely to happen. But, it wouldn't match my "default" writing style here.

Of course, if one is to use the same translator every time, then you must alter the writing style every time as well.

But, let's say I want to access 3 different forums. In one I don't use any translators. In one of them, I'll use Google's translator, and in the other I'll use Bing's translator. Last time I checked, they don't quite translate the same, and sometimes it's actually pretty unintelligible, like user Nebulous mentioned.

If you know other idioms, you can also add them into the mix, and instead translate from that idiom into english/other. Or even from one idiom into another, and them to another, and then to another... I never tried that approach, though.

 

Here's a thought that comes to my mind...

If you're using diff. usernames across sites, why would you be telling "everyone" publicly that you are doing so? Shouldn't you be saying "No, I don't"? Where's the lie and/or denial?

If someone is trying to figure out if you're using diff. usernames as part of your strategy, all he/she needs to do is start a thread like this and you're practically telling him/her "I do". If one can stretch it further (for paranoia sake), imagine this "declaration" of yours being used as an "evidence" against you.

As for the thread question, my answer to that would be: Figure it out for yourself.

 

Well if using the method I mentioned above, it can be easy to track even when the target is performing counterintelligence (CI) efforts.

 

You are right. I won't dispute that trails are often left behind and such it's only a matter of time.

Yet, I question if a person feels the need to cover his tracks to such an extent, why would he reveal that he's partaking in such actions? Why would you expect a simple prompt/query (this thread is just 1 example) trigger him to share? Is it the emotional needs? Is it the ego? Or is it the pride?

I don't know if you guys realize it but I notice that even among the many privacy advocates, there is a tendency to reveal things that *may* result in a compromising situation. I guess I'm less interested in the technicalities than trying to understand the human element here. My personal belief is that most people are more 'open' than they are willing to admit.

 

Don't see the point of using different usernames – unless one has a very compelling reason to do so – and is savvy enough to make different IDs work! (which doesn't apply to me)

The problem with being savvy enough to understand what is required is that your past (in becoming a savvy user) may compromise what one is trying to achieve! Eg, what 'trails' has one left behind?

As already mentioned – what are the benefits as opposed to the effort required? My online exploits are too dull and boring for anyone (in their right mind) to bother with (plus I don't do any nefarious stuff online!)

 

I agree that this kind of behaviour shouldn't normally happen, especially if you are a "privacy oriented" type of person But there are cases, like this thread, when saying that you use different usernames across sites won't help a potential attacker at all. Think of it like this: what additional information would an attacker have if you reveal that you use more usernames, but you don't say what they are?

 

I don't have a problem stating that I do, as I am very boring, and it won't give an 'edge' to the one situation I mentioned. Since I have only answered this question on one site, with one pseudonym, I see no harm. If I did illegal things, I would have never even posted, like you said I drive a red car too. But once you start giving out the same information, with different names, yes, a trail develops. But is it interesting enough to follow? It's a message board, people are supposed to talk about stuff...I didn't see the question as too dangerous to answer.

PD

 

Think of a scenario as such:

I am your potential 'attacker'.
You use "ABCD" on somewhere dot com.
Now, I suspect that "ABCD" is here on this forum but using another alias: "EFGH123"
I may have done my research or I may have not.
Regardless, I start this thread in hope for a 'declaration'.

"EFGH123" sees this thread and readily tells me:
"Hey, yeah I use diff. aliases"

"EFGH123" might also give some brief details as to how he compartmentalizes his diff. identities.

Sure, that doesn't prove anything. "EFGH123" and "ABCD" may not be the same person. Yet, it helps to strengthen my initial doubt and I can proceed further to link these 2 aliases.

If we stretch our imagination further:

I'm tracking you because you're suspected to violate the law (or anything akin to it).
I already have all sorts of potential evidence to link your aliases.
Now, I'm no lawyer but imagine this post of 'declaration' serving as an additional supporting evidence against you in court.

I can't say for sure. I'm not the attacker.

Real question should be:

What do you gain by revealing that you use more usernames(even if you don't say what they are)?

If one is paranoid enough to cover his tracks, shouldn't he NOT be leaving such a trail...not even 1 that seems 'minor'? I guess that's where most people fail. When something looks trivial, they are willing to give up the info. They underestimate the consequences.

 

That is the key here. If EFGH123 provides details about what kind of usernames he is using, then it gives the attacker and advantage. And I agree that most of the times a question like the one in this thread might bait some people to give more details than a "Yes" or "No".

Honestly, you gain nothing It's a part of humans acting like social beings, I suppose...

 

I could be lying, creating more work for you.

There may be no gain, but there may be no loss either. Only losses matter.


PD

 

I always lie about identity-related stuff

 

Hey are you my wife? LOL!!

 

I might be

 

Smart idea. Always always lie. Revealing personal information on the internet is far more unsafe than revealing it in real life since anything posted on the internet stays on the internet forever. Especially with the Utah Center which stores essentially all our telecommunications.

 

I try to use the same, unless when specifically looking for anonymity or storing private information.

 

If you're lying now, it means you're telling the truth, which then means you always lie, which then ...
If you're telling the truth now, it means you're lying, which then means you always tell the truth, which then ...

In any case, your truth and lie amounts to a contradiction. This is a classic paradox. I like

 

That won't do the trick...
http://hplusmagazine.com/2013/02/02...-to-track-anonymous-users-in-the-underground/

 

True, but it all depends on what the issue is that motivates one to manage their identity.

In PD's earlier example on spending for one's defence against "frivolous" law suits, it is well known that the UK has much lower standards for slander and therefore easier to make a claim and receive a payout. It has become a haven for such legal action. One's comments might be misconstrued, or simply be guilty by association and make one a target for such.

The reason may have nothing to do with worries of legal defence. In the US it just came out that the IRS had been (it seems inappropriately) requesting information on donors from various charities, facebook and forum contributors, etc.. It may be a way to shield one from possible misuse of power, even in a "western" nation.

 

Another example of why one may want to protect their identity, nowithstanding how one feels about the organization one way or the other, or the commenters' postions...

http://www.nypost.com/p/news/national/claws_come_kills_shelter_peta_goes_rkK9NKluuT53huumRp4L5K