Your Anonymous Browsing Can Still Identify You

A disturbing study reported on the The Atlantic highlights something we already know: Human nature will screw us every single time; in short, you screw yourself.

If you’re on Twitter, chances are that even if you are browsing anonymously, your history will identify you. Why? Because of how you — and all other humans — behave in a normal setting.

Here’s how the de-anonymization system works: The researchers figured that a person is more likely to click a link that was shared on social media by a friend—or a friend of a friend—than any other random link on the internet. (Their model controls for the baseline popularity of each website.) With that in mind, and the details of an anonymous person’s browser history in hand, the researchers can compute the probability that any one Twitter user created that browsing history. People’s basic tendency to follow links they come across on Twitter unmasks them—and it usually takes less than a minute.

Granted, this was in a test environment. But notice something very critical about the statement the researchers make:

Ultimately, if you want to use Twitter under your own name, there’s little you can do to thwart this de-anonymization technique. “Our deanonymization attack didn’t use any easily-fixed flaw in the Twitter service,” said Ansh Shukla, a graduate student at Stanford and one of the paper’s authors. “Users behaving normally revealed everything we need to know. As such, the research strongly implies that open social networks, detailed logging, and privacy are at odds; you can simultaneously have only two.”

Pay attention. If you tweet (or use Facebook) under your own name, there is no such thing as privacy. While he states you can have two out of the three, note that there are very few ways to stop the detailed logging and still use social media sites because they are designed from the ground up to log and track everything you do. In other words, your only other option is to create a separate everything. Get a throwaway refurbished laptop, run Linux on it, get a VPN, TAILS, and use that particular laptop away from your home for reading your various blogs and websites, buying your sensitive items, whatever. Save the Windows laptop in your recliner for puppy pics, paper towel orders on Amazon, and answering your grandmother’s messages about whether you’re going to the family campout.

While you’re at it, go to MyShadow.org and take a look at what traces you are leaving.

Crossposted at Order of the White Rose.

Encryption Update

CSG has the new updates for NSA encryption. As he points out, if the watchers are upping their own standards, you should too. 

Donald Trump appoints a CyberSecurity Advisor Whose Own Site is a Disaster

Well, this is awkward.…or is it something else?