On Wed, Jan 20, 2021 at 09:31:47PM -0500, Louis Proyect wrote: >[...] > The odd thing is there's > really no need to hide your IP address if you are using a conventional ISP > like Verizon or Time-Warner since it can't be traced to a name and address. > On the other hand, if you are using the Internet in a dictatorship, there's > a real need for a proxy server since the state does have the means to trace > an IP address to an individual. [...]
Since April 2017, ISPs have been able to sell your browsing history without bothering to tell you they're doing so. It's not too difficult to match up other databases (from cookies, local browser storage, etc) so you have a name and address, and server logs will give the IP address associated with the name and address. Effectively, we live in fishbowls when we do without VPNs, Tor, and other tools. (I note that my own posts to Marxmail come back to me from the groups.io server with my originating IP address in the headers.) And, even if a government were unable to trace a post to a specific name and address, there's nothing as far as I know to stop them from buying the same databases used by businesses. They can't get the information themselves, but it's OK to buy it from the ISPs and the likes of Google, "social media", and others. If there were some proscription against a government keeping such data, certainly the ISPs themselves (Verizon, AT&T, Charter, Time Warner, and so on) can match an IP address to a name and address. I know from personal experience that such information can be obtained without much trouble, not always legitimately. Then there's a roundabout method. Suppose, for example, Joe Smith is doing some surreptitious organizing at his place of employment. His employer finds out, but the posts on-line are done with pseudonyms, so Joe Smith posts as John Doe. His employer suspects Joe Smith is John Doe, but isn't sure. So his boss sends him a quick e-mail about some unrelated matter, and Joe Smith replies. Bingo! The boss can match the e-mail addresses from the headers. (I have several ISPs, and some give me the same IP address from weeks at a time.) There are more ways to do this, but the above should be enough to serve as a warning that you don't have a lot of anonymity without doing things very carefully. Maybe I'm a little paranoid, but it's an occupational hazard when you've worked as many years in data security as I have. Even big time drug sellers on the dark web, who presumably have the money and incentive to buy whatever expertise they need, occasionaly screw up and get caught. This may not be relevant to Marxmail subscribers, but on the off chance that it is, it should be noted. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#5735): https://groups.io/g/marxmail/message/5735 Mute This Topic: https://groups.io/mt/79987457/21656 -=-=- POSTING RULES & NOTES #1 YOU MUST clip all extraneous text when replying to a message. #2 This mail-list, like most, is publicly & permanently archived. #3 Subscribe and post under an alias if #2 is a concern. -=-=- Group Owner: [email protected] Unsubscribe: https://groups.io/g/marxmail/leave/8674936/1316126222/xyzzy [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
