Discussion in 'privacy problems' started by DesuMaiden, Apr 25, 2013.
I use a different username on every site I post on.
On some yes, on others no. I see no big privacy issues with using the same user/nickname. It's worse if one would use the same Password on all websites though.
You have chosen wisely. Extra credit if you also use different email addresses, passwords, avatars, etc at different sites. The better you compartmentalize activities and information, the better off you will be.
What he said
However, each of my primary pseudonyms uses its own set of usernames and email addresses for all services and sites, just as "normal" users would. And some of them also use pseudonyms
Nope! Just search for Pauly D and you will find the real me! I was on Jersey Shore
I use some different usernames on some sites, but it's not a rule. I don't see how an attacker can use the same username on two or more sites to actually do me any damage.
I usually use a completely different identity at each website
Nope, same user name across most sites; I use my real name on a few; some sites I do use a different user name.
Let me tell you: I have 2nd hand experience (as in I know all the details, but wasn't directly targeted) in what being identifiable on the internet can do to you. This was a frivolous lawsuit based on internet posts. While the plaintiff lost, it still cost the defendants 10's of thousands of dollars. If I wanted to, I could do the leg work, and if I found out the IRL identities of any of you in the US, I could sue you...for no reason at all (I'd make one up). You would *have* to respond, or I win. You would *have* to get a lawyer, because I would be using one, and it is foolish to try to out-lawyer a lawyer. You will spend a lot of money...for not doing anything at all. It *has* happened. Even if the judge rules against me, you needed to spend the money to make sure I didn't win by default.
It's not good to be IRL identifiable, online...IMO.
Good thing not all of us live in the US Still, interesting information! Thanks.
On Security forums = i use the same user name.
Other places = many different user names/proxies.
Well put, as well as arresting a kid for wearing T-shirt displaying a weapon to a school. In EU IP does not represent a user, I guess, the same would go for the username.
Anyway, I use the same username, even the same picture, so people will know, that it is me, I even put some links to my FB public profile, so I can be easily found.
I am also curious how many of you switch VPN servers as you cruise to different sites where you POST as members? I close my browser between sites, which flushes all history, cookies, cache, etc..
e.g. - Post here from NL or Canada and then post from another country's servers at another site, and so on. On major providers such as Air I have access to and can use 30 + servers around the globe. It only takes a few seconds to jump from server to server and that makes the distinction even more of an obstacle. By doing an IP trace on exit nodes there would be no common denominator to single me out. My .02
You guys think its too much work for the anonymity gained? I have been doing it for awhile now.
It really depends. If strong anonymity is of such importance to you, then there is no such thing as too much work to achieve it!
Only a couple of places do I use the same username. For the rest I usually change a letter/number or two for each site. I don't want to keep track of several completely different usernames and passwords too. I know good and well that I can be identified if someone really, really wants to, regardless of how careful I am.
Each of my pseudonyms has its own VM and VPN exit IP. Some use different VPN chains, and especially VPN exits from different providers.
Hence I don't use facebook. Especially with cispa harvesting all your personal info as government "property".
NEVER NEVER use your real name except around your closest friends.
Never talk to strangers and since everyone is a stranger on the internet, never reveal irl identifiable information.
The same one unless I have to put in some numbers. Also no facebook or twitter as it's too much like work.
Yes, the reason being OSINT in this day in age is very easy to use as a weapon with malicious intent.
I've proven to many a people, even some on this site, that all it takes is several queries in many popular search engines and someone can easily tie your alias to your real identity if you are not careful. When you reuse a common handle, or use a very unique handle across multiple sites you are easily visible.
Best case scenario someone will only be able to identify the habits and interests of your alias. (Even then, with long term monitoring this would be damaging if the target ever slipped in the future) The worst case they tie that to your real identity and real habits and real connections. That information would go far in terms of social engineering.
My question is: Do you copyright your nickname/username? I doubt you do. What prevents other people from having the same username? Nothing, at all.
So, if one searches for some username, and finds 200 matches, does that mean that username is the same person in all of those 200 matches. Not likely.
Unless the IP is the same one, and someone correlates logs. But, what would be the odds?
Well most of the time, someone looking through handles would not just go by handle name alone. They would go by writing style, content, or perhaps interests mentioned on the account in question.
If I saw another m00nbl00d posting on say other computer forums, offering the same advice or asking similar questions as seen here. I wouldn't be able to fully confirm, but would flag those accounts within a certain percentage as being you. Similarly if those accounts mentioned any other communities you post in or contain information in the profile itself that rabbit hole continues to get deeper until someone has a pretty clear picture of your alias, or worst case your actual name,location,interest,hobbies,friends. Perhaps on this form you only post security content, however your other account you mention specific shows, link to your personal blog, etc. That opens up certain avenues a person or bot can crawl through.
This sounds like a lot of work, however in practice this can be achieved in very little time.
I use different account data on a site-by-site basis. That means different usernames, e-mails, passwords, cell numbers (multiple Google Voice accounts) for forms mandating a contact number. That' last one's mostly for job applications.
Well, "мир и мир" ("world peace") is a classic Russian toast, so миримир/mirimir is a very common pseudonym. But I'm the only one with the Wilders account and the Vimeo channel, and that email address and GnuPG key. Anything public by "миримир/mirimir" can be verified as mine by encrypted email to that address.
I agree with you on that, but in that scenario the username wasn't trying to hide, for privacy or whatever.
But, how would someone be able to connect the dots should username pose questions after translating them with Google Translator, Bing Translator and other sort of translators? That alone will take care of the writing style, for example. Not that I've done that.
On the other hand, and again it comes in the line of what you just mentioned, the username isn't all that matters, we have writing style, etc. Due to this, I was able to connect a user from this forum to another forum, using a different username. This users has got no idea, although we talk to one another pretty often. Not that I was stalking, I just happened to read a post in some other forum, due to some scripting research I was doing.
So, even if you EncryptedBytes use this username here, and different ones every where else, there's still your writing style, etc., and you'll be easily tracked. So...
By the way, you previously mentioned that they could track us down to our real identities. How so? (I'm assuming one doesn't provide any real information to any of the sites.)
I sometimes do and other times don't, and yes, I should know better. But here the thing:
Anyone sufficiently motivated and with access to enough data can box you in very quickly. Keeping all variables random at all times is tough and the slightest slip-up can give away vital clues.
So I guess it broils down to "sufficiently motivated" or put another way: a question of time and money. Is the expected benefit of discovering the real identity worth the resources required to do so?
Separate names with a comma.