Page 1 of 2 12 LastLast
Results 1 to 15 of 24

Thread: Internet anonymity

  1. #1

    Internet anonymity

    This subject has been raised before but I feel it is a topic which should be revisited periodically if only for the sake of new members. (One member just contacted me privately about his GF checking up on him.)

    Anyone who has acquired your e-mail address can apply for and get a complete profile of the surfing history associated with the IP for that address. There are multiple sites which offer this service usually for a fee. Everything you do over the internet can be traced in this manner and used for any purpose. To provide anonymity it is essential to acquire protection. A good site to visit: http://www.thefreecountry.com/security/anonymous.shtml

    Some of the members who are more versed in this area, e.g. techman, I am sure, can provide greater detail. This can be pretty serious stuff for anyone who might be vulnerable in this area.
    Last edited by Regular Guy; 07-24-2009 at 01:06 PM.
    Confucius say: Man who take woman into house on side of hill - not on level.

  2. #2
    Anyone who has acquired your e-mail address can apply for and get a complete profile of the surfing history associated with the IP for that address.
    Highly unlikely. If it was so easy to do, don't you think that LE would have much fewer problems tracking down Internet pirates and kiddie porn suspects? For one thing, the majority of people have dynamic IP addresses. That means that their address changes, sometimes very often. Tracking a particular IP address could lead you to the activities of hundreds or even thousands of different users. In cases of companies with fixed addresses, there could be hundreds of people related to a particular IP address. It takes more than just an IP address to track someone. To obtain an accurate history of your Internet activities would require access to your ISP's server logs and that would require a court order. In the end, it's much easier to simply hack into a user's system and get the information that way.

    If you use an internet e-mail service, which everyone actually should, it is harder to trace the source. Some like Hotmail will include the IP address of the sender in the header. Others, like GMail, do not. There are also a number of free anonymous e-mail sites to be found on the net which can be used to send messages. I use GMail and have a number of accounts which I have forwarded to one main account which leaves me with only one account to check daily.

    The real world isn't like an episode of CSI or 24 where they can crack an encrypted hard drive in a few hours or recover every e-mail someone has sent in a similar time frame.

    Anonymizer services like the one you link to can be useful for some things. But for others they are useless. Most of them do not enable access to Flash for example, making it useless for viewing such content or you won't be able to download files when using one. And many sites can detect their use and will simply block your access. Other sites, such as this one I believe, make such use a breach of the rules and you will be banned for using one.

    If you want to keep any traces from being stored on your system, I would suggest buying a USB flash drive and installing Portable Apps on it. This suite of applications, which is free by the way, includes a Firefox browser, Thunderbird e-mail client as well as other useful programs. It leaves no browsing history on a system and can be used on any system, including Internet Cafes, and you carry everything in your pocket when you're done. You can download it here: www.portableapps.com
    And the Lord said unto John, "Come forth and receive eternal life." But John came fifth and won a toaster.

  3. #3

    Oh it happens all right!

    Well I am surprised at the answer. I thought most computer savvy types were aware of this. I am not going to argue the point because it simply does exist and does happen period. Apart from software to track employee activity within companies the wise surfer might want to check out Spokeo or Spectorsoft software applications on the web and what the claims are. I tested it out with a friend and that friend was able through spokeo to tell me every URl I had visited in the last two weeks including the two boards I frequent. Kind of rocked my world! but as they say, the proof is in the doing. You do need an e-mail address though to make it work. But hey, what do I know. Check it out for yourself. It's all there on the web for anyone who cares to check it out..
    Confucius say: Man who take woman into house on side of hill - not on level.

  4. #4
    Spokeo is totally useless for tracking general internet habits. It is based on the popular social networking sites like Facebook and Myspace and anyone who puts their personal information on one of those sites deserves what they get. Just reading their own claims on their website shows that it is next to useless for tracking down any useful information about someone's surfing habits.

    As far as user monitoring software such as Spector Pro, they require physical access to the system, in most cases, in order to install them. They are also relatively easy to find and remove for anyone with average computer knowledge. In fact, most freely available malware removal programs such as MBAM will remove or de-activate most user monitoring software or keylogger programs. The only way they are effective is in cases where the users do not have administrative rights on the system these programs are installed on and this rarely applies to home users who always run as administrator by default. I know a lot about these programs as I have installed many different ones for various clients over the years.

    Trust me when I say that any of these commercially available programs or trackers are very limited in their abilities.

    If you want to worry about something, worry about Russian organized crime hackers getting access to your system to use it as part of a botnet. In fact, if you realized what a real hacker could do to your system if he wanted to, you would probably never go back on the net and you'd cancel your Internet account.

    Of course he has to get into it first and that's where a good anti-virus program, anti-malware programs, software firewall and a hardware firewall such as in a router come into play.

    Like I said in my original reply...there's really nothing to worry about.
    And the Lord said unto John, "Come forth and receive eternal life." But John came fifth and won a toaster.

  5. #5
    Recreational User
    Join Date
    Nov 2006
    Location
    In a house, on a street, duh.
    Posts
    1,443
    Quote Originally Posted by Techman View Post
    If you want to worry about something, worry about Russian organized crime hackers getting access to your system to use it as part of a botnet. In fact, if you realized what a real hacker could do to your system if he wanted to, you would probably never go back on the net and you'd cancel your Internet account.

    Of course he has to get into it first and that's where a good anti-virus program, anti-malware programs, software firewall and a hardware firewall such as in a router come into play.
    Without meaning to denigrate the use of these, it is widely acknowledged in the anti-virus and security communities that a/v software is pretty much useless these days, with zero-day exploits (security compromises that good guy researchers do not know about) being about 80% of the infections now seen. The industry journal Virus Bulletin indicates that consumer-grade a/v software misses 60-80% in their tests.

    So yes, absolutely use a firewall or two, software and hardware. Don't run as administrator if in Windows, disable root if you have a Mac.

    Change your password on your wireless set-up (which is probably acting as your firewall, and make it hard to guess (upper and lower-case, alpha-numeric).

    And choose an operating system that has fewer compromises in the wild.
    You are cordially invited to toss my salad. There's an app for that!

  6. #6
    Recreational User
    Join Date
    Nov 2006
    Location
    In a house, on a street, duh.
    Posts
    1,443
    Quote Originally Posted by Techman View Post
    Highly unlikely. If it was so easy to do, don't you think that LE would have much fewer problems tracking down Internet pirates and kiddie porn suspects?
    who says they have problems doing so?
    http://news.google.com/news?pz=1&ned...=all&scoring=d

    Quote Originally Posted by Techman View Post
    For one thing, the majority of people have dynamic IP addresses. That means that their address changes, sometimes very often. Tracking a particular IP address could lead you to the activities of hundreds or even thousands of different users.
    Don't be silly. ISPs maintain logs of who is connected, when. The main problem is that bad guys are smart enough to find open wireless access, which is easy enough to do.

    War drive a major street in Montreal and find out how many open access points there are, it is staggering.

    Quote Originally Posted by Techman View Post
    In cases of companies with fixed addresses, there could be hundreds of people related to a particular IP address. It takes more than just an IP address to track someone. To obtain an accurate history of your Internet activities would require access to your ISP's server logs and that would require a court order.
    Court order? Hardly. this kind of information is shared regularly without one. Not to just anybody, but not just LEA.

    Quote Originally Posted by Techman View Post
    f you use an internet e-mail service, which everyone actually should, it is harder to trace the source. Some like Hotmail will include the IP address of the sender in the header. Others, like GMail, do not.
    just because it isn't recorded in the header does not mean it isn't recorded and available. Gmail is now indicating the IP and time&date of the last login on their webservice when you look at the bottom of the page in your account, and POP and IMAP accessed gmail does carry an originating IP header.
    You are cordially invited to toss my salad. There's an app for that!

  7. #7
    OK, people. I never said that it was impossible to do. I said that the average computer user can't do it and that the sites RG pointed out are in effect useless.

    Yes ISPs collect logs. They also do not release them to anyone, not even LE without a court order. In fact one site, Torrentspy, was actually ordered by the court to begin keeping such logs and to turn them over to investigators and chose to shut down instead of doing so. Any ISP found to be doing so would be in breech of Canadian Internet privacy laws. In cases of child porn, any ISP will cooperate with LE without any court order or warrant. YVO, I would like you to show me one case of an ISP disclosing their user log information to anyone without a court order.

    And yes, people who run unsecured or poorly secured WiFi setups are vulnerable to those who have the knowledge to take advantage of them. That is hardly the majority of computer users out there. Most people have trouble setting up their Internet access or an email account and they are hardly able to hack any connection or system of any kind.

    Most people just toss their bank statements and copies of their bills in the trash unshredded. This is a far more dangerous thing to do than run your WiFi with poor security.

    YES, there are people who are able to do many things when it comes to hacking your information. Does the average user really have to worry about them? No more than they have to worry about being struck by lightning.

    No OS is totally secure. The most secure OS on the market that is actually useable to the majority of users is Vista with User Account Control enabled, as it is by default, running IE8 in protected mode. Make sure that all updates are done on a regular basis and you will be as safe as you can be. If you are really paranoid, keep absloutely no personal information on your system or stay of the net entirely.

    But worrying if someone can trace your activities is pointless because if someone really has a reason to track you and has the ability to do so, they will do so. And if someone is that interested in you, you probably have bigger problems to worry about.

    PS: By the way...for the really paranoid... even doing a search on child porn as VYO did in his above google link, may trigger any number of filters that may flag your IP address for further investigation by the authorities. The same thing as if you search for bomb making, sarin gas manufacturing, and a number of other phrases. Be careful what you search for. You may end up with someone searching for you instead.
    Last edited by Techman; 07-25-2009 at 11:36 AM.
    And the Lord said unto John, "Come forth and receive eternal life." But John came fifth and won a toaster.

  8. #8
    Recreational User
    Join Date
    Nov 2006
    Location
    In a house, on a street, duh.
    Posts
    1,443
    Quote Originally Posted by Techman View Post
    Yes ISPs collect logs. They also do not release them to anyone, not even LE without a court order. YVO, I would like you to show me one case of an ISP disclosing their user log information to anyone without a court order.
    OK.

    Quote Originally Posted by Techman View Post
    In cases of child porn, any ISP will cooperate with LE without any court order or warrant.
    you have provided your own answer.

    Quote Originally Posted by Techman View Post
    In fact one site, Torrentspy, was actually ordered by the court to begin keeping such logs and to turn them over to investigators and chose to shut down instead of doing so.
    Last I checked, Torrentspy wasn't an ISP, nor freemail provider, which are the types of sites we are talking about, not a transient movie and music theft site.

    As to the average internet user there are plenty who would never have any idea of the spyware and other infections sitting on their Windows computers at this very minute. There are literally 100s of millions of botnet nodes in the wild, of which a million or so are active at any given time.
    You are cordially invited to toss my salad. There's an app for that!

  9. #9
    YVO,obviously I meant in cases other than child porn and giving the logs to someone other than LE. You are the one that said that this is done regularly, not me. Now can you back it up with proof?

    If the courts had such a difficult time getting just a simple torrent site to give up their logs, do you think that an ISP or freemail site will do so any easier? If it hit the news, and believe me it would, they would lose customers so fast they would go out of business.

    You always seem to love getting into a pissing contest to show how much you know about Internet security. We all know that nothing is totally secure. Even walking down the street can be dangerous. People who are totally paranoid about net security should never leave their house because someone may be waiting around the corner to mug them. You'll get some totally anal fool who worries about his internet security being compromised and then the same person will go out to dinner and let the server walk away with his credit card at the end of the meal without a second thought.

    Nothing in this world is totally secure. Accept it and protect yourself to the best of your ability or get a professional to set up your security if you are really paranoid about it. But if anyone is losing any sleep over it they really need to get a life.
    And the Lord said unto John, "Come forth and receive eternal life." But John came fifth and won a toaster.

  10. #10
    Recreational User
    Join Date
    Nov 2006
    Location
    In a house, on a street, duh.
    Posts
    1,443
    Quote Originally Posted by Techman View Post
    You always seem to love getting into a pissing contest to show how much you know about Internet security.
    You are right. A guy who fixes windows computers for a living must know everything there is to know about Internet security, policy, and law. I stand chastened and will never speak of this again. All hail the expert, whose definitive statements shall henceforth be taken as gospel.
    You are cordially invited to toss my salad. There's an app for that!

  11. #11
    The only definitive statement that I've made is that nothing is 100% secure. Anything else I've stated is based on more than 30 years working in IT, including securing customer networks and servers against intrusion. Sorry if that isn't good enough for you.
    And the Lord said unto John, "Come forth and receive eternal life." But John came fifth and won a toaster.

  12. #12
    OK, people. I never said that it was impossible to do. I said that the average computer user can't do it and that the sites RG pointed out are in effect useless.
    Well I am not too sure about that one. When my friend hit me with the fact that he had a complete list of everywhere I had been, it was interesting to say the least. I wonder how many wives are on to this one. Scary stuff indeed.
    Confucius say: Man who take woman into house on side of hill - not on level.

  13. #13
    RG, do you think that maybe your friend has installed software on your system without you being aware? I just did a search on Spokeo for a number of my email addresses and they came up with nothing at all except for the one that is connected to a facebook account I had set up. And that one only listed facebook related information.

    Of course if you allowed him to install a monitoring software on your system, he will be able to show you everything you did. If that is the case, scan your system with a malware removal program such as MBAM or SuperAntiSpyware and it will remove the monitoring program.
    And the Lord said unto John, "Come forth and receive eternal life." But John came fifth and won a toaster.

  14. #14
    Quote Originally Posted by Techman View Post
    RG, do you think that maybe your friend has installed software on your system without you being aware? I just did a search on Spokeo for a number of my email addresses and they came up with nothing at all except for the one that is connected to a facebook account I had set up. And that one only listed facebook related information.

    Of course if you allowed him to install a monitoring software on your system, he will be able to show you everything you did. If that is the case, scan your system with a malware removal program such as MBAM or SuperAntiSpyware and it will remove the monitoring program.
    I just checked and that doesn't seem to be the case. I do use ESET NOD32 and have found it to be pretty reliable. But I don't think I was getting jerked around as there was no gain for him on that score. He also mentioned a program with the term e-mail finder or something like that (I was on the phone with him). I will have to check. What bothered me was that I did not tell him ahead of time that I visited here. And he mentioned that some women are catching on to using this tracking stuff on hubby. In any event I think it at least bears looking further into it. If I have erred I will apologize but as I said the evidence is quite remarkable.......and scary.
    Confucius say: Man who take woman into house on side of hill - not on level.

  15. #15
    I doubt that it was done using Spokeo. If you check out the site you will find that it is for checking social networking sites, not for tracking internet activity. As far as I know, this requires software installed on the system to be done effectively and I know of no web service that can do this.

    NOD32 like most anti-virus programs is not very good for checking against malware or monitoring programs that are legitimately installed on a system. You need an anti spyware program for that.

    Besides, unless you are flushing your browser's history and temp files after every session and doing a security wipe of the unused space on your hard drive, it's quite simple to recover your browsing history.
    And the Lord said unto John, "Come forth and receive eternal life." But John came fifth and won a toaster.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •