PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Anonymizing blog authors

From: lonervamp at gmail.com (Michael Dickey)
Date: Mon, 23 Nov 2009 10:53:15 -0600
Here are some ideas, and the adoption of them really comes down to what
exactly might be on the blog and just how damaging or embarassing it may be.

- pick a pseudonym* and sign up for a free email account somewhere
- set the email account to never show HTML/scripts/images in messages (just
don't use it)
- use that email address/psuedonym for signing up to and posting to the blog
- never check/use that email from a work system or work network (ever!)
- never post to the blog from a work system or work network (ever!)
- never *visit* the blog from a work system or work network (ever!)
- never search for the blog or your name in Google, Bing, etc on work
system/network (ever!)
(basically, don't leave anything that can be logged or harvested by work
admins.)

- don't tell anyone that you write the blog. Once you tell even 1 or 2
people...

These few are in order of increasing effort:
- could probably only use the blog and email from open networks (wireless
hotspots)
- could probably only use the blog and email via Tor *and* anon proxies
(regularly verify!)
- could probably only use a dedicated system/VM *and* browser for blog/email
use

- be careful following comment links or even your own links in posts; don't
leave an IP trail in logs and reference reports. In fact, don't follow any
of them from your home network or regular PC without Tor/proxies in between
you and the destination.

- be aware of those logs, for instance email checking logs (Gmail readily
reports this now, for instance) or even blog usage/account logs. All it
takes is one slip...

- think about the content being posted. Do only 3 people know it, and she's
one of them? Good luck, in that case. That's small enough that HR or even
other authorities may be able to leverage interview tactics to elicit
guilt/admission/lying.

- be very aware of spelling/grammar habits/nuances that only she has, and
change them. Or add new ones just for blog posts. Use no caps and smaller
sentences if she is normally verbose and proper, etc. Watch the humor, dry
humor, jokes, nicknames, and so on...

One nice thing is that you can practice a lot of stuff, especially the
writing habits at the end by putting up some silly blog and going to town
and talk about nonsense; make stuff up. Then delete the blog and name/email
and start again.

Staying anonymous does sound easy, and it really can be. But this is in
direct correlation to the value of the information she's posting on this
blog. The more valuable, the more others will try to demask and the more
effort she needs to employ.


* picking a pseudonym is an art in itself. Pick something generic and
Google-unfriendly, like "John Strand" or "Bob Smith." Don't get specific or
special or unique. And pick something that maybe does sound like a real
name. JollyRogerSaintNick68niou1 is probably a fake name. Jeff Rafter
certainly sounds less fake. Then there is further art in fleshing out the
pseudonym by signing up for some services (try to get a name that you can
have something like jeffrafter at gmail.whatever; it just lends some
credibility. And then giving your pseudonym some established
background...I'll stop now. :)




On Sat, Nov 21, 2009 at 7:48 PM, Mad Marv <marv at madmarvonline.com> wrote:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

A friend (not Bob) of mine wants to start a blog, but is really skittish
about her employer tracking it back to her if she posts something that
may rub a co-worker the wrong way.

What steps can she take to ensure her anonymity aside from adopting a
random pseudonym?  I was thinking about Fake Steve Jobs and what he must
have done to hide his true identity.  Any thoughts?

Marv
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAksImHYACgkQkOgHKNOb0dHvWwCeL34GEQvSRG/FxRDNL5Eads0g
dvAAnjPQ/2aGmzTliWGnFnGhJdrcmzJE
=aCLl
-----END PGP SIGNATURE-----
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091123/69c20648/attachment.htm
Previous By Date Next
Previous By Thread Next

Current thread: