Protect your privacy: Understand traces you leave for an opponent

10:53:00 PM
Protect your privacy: Understand traces you leave for an opponent -

Whenever you are online, leaving you little identity markers, several different types and at many different levels. This is necessary for the communication of all Internet days - for example, if you ask a web server to a web page, the web server will need a way to send the Web page you requested to you, so it needs some sort of address to send to. However, people who have made a specialty of violating the privacy of other people are experts in mating - this is a key word here - Connecting different identity points and points data with each other, and so can know a lot about you the first time you visit a Web page.

This coupling can be compared to an anonymous travel card for public transport. Most cities with public transport will allow you to buy cards or tokens with travel credit prefilled - chips that can be completed later. But the first time you do it with personal credit card , your travel token is not anonymous anymore. By doing so, you create a newspaper that uses this token Travel - allowing you a coupling between your previously anonymous token travel and your personal credit card - and you are not only traceable with all future travel on that particular chip, but also on all the trips you made in the past, before you made the mistake of using a personal credit card to charge

this mindset is the key:. What data is available for an adversary to connect points on me

to have a chance to defeat those of the opponent connection points, you must first know about point - traces - you leave behind for the connection. You trace in three main layers.

Your MAC address identifies your computer.

The first traces you leave behind is your MAC address. This is unique to your computer, or more precisely, to your network circuit. (If you have a computer with both wired and wireless networks, both will have different MAC addresses.) But as your network circuits are generally integrated into your computer, for all practical purposes, this can be used to identify your computer.

Just as a curiosity, if you ever see a MAC address looks twelve hexadecimal digits in pairs, written as 12: 45: 78: 0A: BC :. DF

The MAC address is used to connect your computer to an IP address in all sorts of places with public wi-fi. But wait a minute - not many of these public hotspots ask you to identify and create an account to get online? Yes, they do. And that means they now know the coupling between the MAC address and the name and address of your computer that you just entered. (There is a point not to give your identity, but outright lying here, if you can.)

There are more pitfalls to the MAC address - it is also broadcast all time from your computer while wi-fi is active. This means that someone who knows your MAC address and access to a number of wireless access points along your typical path will be able to track your movements and know your location. Here, "computer" means "activated phone wi-fi."

The MAC address remains the same even between reformats and relocation of operating systems, even between completely different types of switches operating systems on the same machine. It is in integrated circuits for networking. This means that if you've used a computer for something where anonymity is required - whistleblowing, for example - and you wipe the computer clean of all traces, reinstall, maybe even replace the hard drive - if you identify as you on this computer ever again in the same network environment, perhaps by connecting to Facebook or check your mail, you have created a coupling between your identity and the previously anonymous activity.

It is also possible to locate a wi-fi show after a full wipe. Consider, for example, if a national phone company had a grid of hot spots in a hostile regime, where documents were leaked showing violations of human rights, and telco was ordered to report any presence of some MAC address? It usually means a ping time, as this computer was just on and had activated its wi-fi - regardless of whether it was in a network setting previously used. This is the modern equivalent type "any use of their credit cards" ITUC, only much faster and broader. For the record, I am not aware of this ever being used, but it is technically possible, and should therefore be considered.

(It is sometimes technically possible to modify or tamper with the MAC address, but if you get hurt in any way, shape, or form, the game is up, so let's leave that for now. )

your IP address is your address on the net.

Your IP address is the layer above the MAC address. It is sometimes regarded as the address "network", in relation to the MAC address which is the address "physical".

This layer is where the coupling to your identity is usually held. An IP address is assigned by your ISP, whether at public Wi-Fi or via an Internet subscription of some sort. In any case, it is interesting to note that little detail - the IP address reveals the subscriber , not the actual person communication. When you're in a cafe, which is visible on the outside is usually the IP address of the coffee, which you share with all other existing clients. When in a household, you generally share the address with other household members

This link -. The connection between your IP address and something quite close to your real identity - is generally where you want to aim to achieve anonymity and confidentiality. Websites and various bodies of three letters that have nothing to pry into your private correspondence have two data items to try stalking you, they have an IP address and have a time stamp. (IP addresses can be changed, reassigned, and turned on a rapid basis, so that the time stamp is important.)

When this IP address leads to a public Wi-Fi hotspot, if organizations are quite embarrassed by the material you just run, the timestamp can often be correlated with IP address assignment hotspot logs - IP addresses are assigned to MAC addresses, remember? - Leave a small number of candidates MAC addresses that were active during the time when the flight took place irritant. (This goes back to an earlier observation: If you have authorized the hotspot to pair your real identity with your MAC address, the game is up to this point and you have been identified.)

The IP address can also lead to a regular ISP, which may or may not - depending on the laws and policies - subscriber data redemption for the IP address and timestamp those bodies

t the trick is to use one. the IP address that has no coupling at all to your identity. No. (We will examine the tools for this in the next article.)

Finally, there are all the data you enter yourself -. On yourself

Web sites are not seeing your MAC address, but they see your IP address. (Unless you are logged in using the new version six IP address, in which case they normally see your MAC address as well. But it is still quite rare.)

When you order something, you fill out your name and your shipping address for the trader to ship the goods, yes? So now that the site has a coupling between your IP address and your identity. If you tried to hide the coupling carefully all along, now anyone know anyway. And if someone knows, you have to assume the data is no longer safe - the most sensitive issues are fleeing by the millions. If a company knows it is best to assume that it is public knowledge.

However, there is also the possibility of your merchant is happy to share your data with many other merchants even before any leaks. With some tracking beacon they just put on your browser, so that the next dealer you shop from your name and address will be already filled. You know, "for practical reasons".

And this does not even begin to get into the advertising networks. Have you ever noticed that you are looking for something once on Amazon and ads for this item appear on just about every single web page with the ads you see? These advertising networks do not know who you are, they know what you does not just buy and might want .

The point here is that sites share what they know about you. We e-mail, it was something else. It adds up. Each piece of data that you give, you must consider whether it can be used against you in a certain way. (For example, if you use an anonymous connection to connect to a forum for whistleblowers, then registering it using a Gmail address that looks like yourname@gmail.com, you give much more data than you should be given out - and people were followed and imprisoned for life in hostile regimes because of this exact error with addresses GMail on a forum)

It's really important to understand that any statement, promise or obligation about. how the information you enter about yourself will be used is not worth anything. The company gave the promise may go bankrupt, in which case the promise died and the liquidator Chapter 11 tries to see everything assets to be monetized. An agency could make a legal data entry, for example with a subpoena about something slightly related. Or they could simply get a new CEO who does not care promises. (Assuming that their current CEO does!)

So whatever the goal was initially, data were intercepted by at least three government watchdogs that you have chosen, which will use it to whatever purpose they like. They should not have intercepted the transmission if you were using https; they can just as well put a bug on servers behind the decryption of the connection, or tapping private line network that merchant. They have been known to do.

The only thing that is important to know if you gave an opponent with a capacity to connect dots in a straight line between a piece of data they have across multiple other points all the way to your identity. And it is you who must keep track of what you left traces of opponents to use for this purpose.

Previous
Next Post »
0 Komentar