Behavioral Profiling: Tool That Can Shatter Online Anonymity

Researchers from GREYC research lab have engineered a behavioral profiling program that distinguishes different individuals through their keystrokes. Whether it’s your typing speed, consistency or frequency of making systematic typing errors, this technique obliquely shatters online anonymity. Though arguable benign data, it is crucial in identifying behavior and matching it to the right person. To further threaten your onlineanonymity, this technique easily pick up usernames and passwords when you visit membership-based websites; in essence, invading your privacy.

Online AnonymityWorking in close collaboration, behavioral biometrics and behavioral profiling precisely draft your online portfolio, making it easier to keep tabs on you as soon as you start typing and speaking online from a certain location; your facial features are analyzed as well. Whereas behavioral biometrics are based on subtle nuances in your typing patterns, voice, location and special features, behavioral profiling track your online presence after having analyzed your behavior. Each needs the other to accomplish what many loath; shatter your online anonymity without remorse. No one is in the clear when it comes to behavioral profiling.

Though it may appear relatively harmless when being collected by a single website, imagine the level of privacy breach involved when multiple websites, all big names in the industry and collectively owned by one entity, collect crucial information without the user’s content. These multiple sites act as information databases and when matched up and compared, your profile will be created within no time and with little or no gaps. The researchers at GREYC lab are using JavaScript or a profiling app to collect biometric data, especially keystrokes. The amount of time between your keystrokes is also noted and aids in creating your profile, further compromising your online anonymity.

If it’s perfectly normal for you to omit spacing your words, this technique developed by researchers will associate this behavioral trait with you more so if you frequent the same websites at a particular time of the day. Each time you add new information to these websites; this tool will gobble up the information, update it in your profile and continue mapping your different characteristics. Online anonymity, though bolstered by numerous passwords and sign-in options, will soon be an open book. Data mining entities are on the rise and some have already been bold enough to deny these claims even when evidence is presented.

Data MiningThe GREYC lab researchers have portrayed consistency in the results brought forth by their algorithm. Your keystrokes are not a rigid structure and from time to time, there will be considerable differences. Even then, the graphs used in identifying your online presence remain largely uniform, distinguishing you from anyone else whose behavioral traits seem to match yours. Just like fingerprints were and still are used for identification, this evolved to DNA and now keystrokes are beckoning to be the leading identifier online; the possibilities which this technology can unleash are limitless, especially in the cybercrimes units. Online anonymity may have been assured by private window browsing’ or application of passwords a few years ago but think again; the playing field has drastically changed and is no longer level.

Behavioral Profiling: Tool That Can Shatter Online Anonymity

Researchers from GREYC research lab have engineered a behavioral profiling program that distinguishes different individuals through their keystrokes. Whether it’s your typing speed, consistency or frequency of making systematic typing errors, this technique obliquely shatters online anonymity. Though arguable benign data, it is crucial in identifying behavior and matching it to the right person. To further threaten your onlineanonymity, this technique easily pick up usernames and passwords when you visit membership-based websites; in essence, invading your privacy.

Working in close collaboration, behavioral biometrics and behavioral profiling precisely draft your online portfolio, making it easier to keep tabs on you as soon as you start typing and speaking online from a certain location; your facial features are analyzed as well. Whereas behavioral biometrics are based on subtle nuances in your typing patterns, voice, location and special features, behavioral profiling track your online presence after having analyzed your behavior. Each needs the other to accomplish what many loath; shatter your online anonymity without remorse. No one is in the clear when it comes to behavioral profiling.

Though it may appear relatively harmless when being collected by a single website, imagine the level of privacy breach involved when multiple websites, all big names in the industry and collectively owned by one entity, collect crucial information without the user’s content. These multiple sites act as information databases and when matched up and compared, your profile will be created within no time and with little or no gaps. The researchers at GREYC lab are using JavaScript or a profiling app to collect biometric data, especially keystrokes. The amount of time between your keystrokes is also noted and aids in creating your profile, further compromising your online anonymity.

If it’s perfectly normal for you to omit spacing your words, this technique developed by researchers will associate this behavioral trait with you more so if you frequent the same websites at a particular time of the day. Each time you add new information to these websites; this tool will gobble up the information, update it in your profile and continue mapping your different characteristics. Online anonymity, though bolstered by numerous passwords and sign-in options, will soon be an open book. Data mining entities are on the rise and some have already been bold enough to deny these claims even when evidence is presented.

The GREYC lab researchers have portrayed consistency in the results brought forth by their algorithm. Your keystrokes are not a rigid structure and from time to time, there will be considerable differences. Even then, the graphs used in identifying your online presence remain largely uniform, distinguishing you from anyone else whose behavioral traits seem to match yours. Just like fingerprints were and still are used for identification, this evolved to DNA and now keystrokes are beckoning to be the leading identifier online; the possibilities which this technology can unleash are limitless, especially in the cybercrimes units. Online anonymity may have been assured by private window browsing’ or application of passwords a few years ago but think again; the playing field has drastically changed and is no longer level.

Internet Security Vulnerability In Facebook Discovered

A potential security flaw has been discovered on popular social networking site Facebook, apparently hackers can access any user’s account provided they registered with their phone number and not email. The vulnerability was first discovered by software engineer Reza Moaiandin, it’s an Internet security loophole which allows hackers to access an individual’s user profile, photos and location data which can be harvested to perform other wrongs against the victim.

Facebook

All it takes for the Internet security breach to work is a phone number and a few simple number-generation algorithms, which anyone with basic IT skills can perform with ease. While doing his research, Moaiandin managed to generate 1000s of positive matches which after being fed into the Facebook API system, gave him unlimited access to multiple accounts without the owners ever knowing what happened.

He blames the Internet security issue on Facebook’s default “Who Can Find Me?” setting, which allows anyone to find another person’s profile by using a mobile number only. This setting is characteristically left accessible to everybody on the net even strangers, so felons with number generating software can find it easier to gobble up swathes of random user details without getting detected. Those who have accounts with this site are advised to be vigilant and make appropriate changes on their settings every so often; it shall help in guaranteeing Internet security each time you log into your profile.

Internet Security Vulnerability

While some details about a person are already being accessible to the public, the most worrying trend is the ability to directly link an individual to their phone number. This may lead to identity theft and harassment, and as for celebrities the crooks may engage in trolling and posting negative messages on walls to dent their image. Writing on his company’s blog, Reza says that he discovered the vulnerability by mistake and that if used by hackers it can harvest “millions” of innocent people’s details. Moaiandin has already brought the Internet security flaw to Facebook’s attention in April. One Facebook representative said that they don’t actually consider it an Internet security flaw, but that settings are also in place on each user’s account to gauge and mitigate any form of abuse.

Virtual Invisibility Of The Darknet

The popular phrase “the internet never forgets”, as simple as it sounds, has some long lasting effects on its users. Tracking and information security (or lack thereof) are some of the main reasons why the public in general are paranoid about using the internet. This brought about the Darknet, an Internet anonymity channel that can be used on specific networks, protocols and servers to protect the user while browsing the web. It can be done through peer-to-peer networks or through services such as Tor. Whatever the case, it has its positive and negative sides.

Hacker

1. It can be used for hacking. This then means that there are people with the ability to compromise another party’s security while trying to protect their own.

2. It has been used in regions with political strife and for activism. Many other countries have opted to restrict access to the internet for political reasons. This then makes Darknet both a positive and negative thing. Positive in that the masses can still share information with the rest of the world and negative in that Internet anonymity can be used for spreading propaganda and hate speech.

3. It is perfect for file sharing. It is usually illegal to file share unless the content is either paid for or approved by the author. Therefore, people choose to share files via Darknet to avoid detection and legal repercussions.

The most popular Darknet software to date is Tor. It is an application that is downloaded to a PC and is used to bypass regular servers. The user can then browse the web freely without fear of detection thanks to this proxy server. Others include the Invisible Internet Project (I2P), Freenet, GNUnet, OneSwarm and Tribler among others. Freenet and Oneswarm are the more popular peer-to-peer software that enable file sharing, as long as discovery features are turned off on the machines in use.

incognito browserInternet anonymity has gained so much ground in the world that popular browsers Firefox and Google Chrome have an “incognito” browser. This lets you freely browse the internet without fear of detection, as long as it is not used on a communal network. The Darknet has gained popularity on both sides of the coin but it is up to the end user to take advantage of this Internet anonymity for positive actions.

Anti-Piracy Bill Passed By The Australian Senate

It’s official. Goodbye Pirate Bay. Goodbye bit torrents. Everyone living off freebies from the Internet is crying foul. Content creators are having a field day. Why? Australia’s Senate voted to enact legislation to block websites in a bid to crack down on rampant piracy. How will it affect your Internet activities? Are there repercussions to online anonymity?

How they Voted

Anti-Piracy Symble on Keyboard Enter

The Senate had been debating amendments to the Bill for an entire day. The Bill had bi-partisan support from the Coalition and Labor. As expected, the Greens were opposed to the Bill’s passage without some key amendments. They called for the Bill to be watered down to prevent its usage as a de facto Internet filter against “objectionable” material. The Bill passed through the Upper House without a single successful amendment. They were voted down all through the day.

When the final vote held, the Bill passed with 37 yay votes to just 13 against.

After the Copyright Amendment Bill 2015 has been signed into law by the Governor- General, it’ll only be a matter of time before the first sites start getting blocked. Don’t let the rumours sway you – the Bill is only after copyright infringement, not online anonymity. In fact, online anonymity is in line with your right to privacy, and no one can take that away from you.

What the Anti- Piracy Bill Means

The controversial anti-piracy legislation will see to it that Internet service providers (ISPs) block access to websites which host material that infringes copyright. Online anonymity is not the target of this legislation. Companies can now go to a Federal Court judge and get overseas sites blocked if their “primary purpose” is to facilitate the copyright infringement. At first, you won’t notice any difference. Even if you currently share torrent files such as movies or music without paying, nothing will change. The rights holder first has to succeed in the getting the Federal Court of Australia to order an ISP to block a website. The ISP will then take steps to filter the website and its contents, preventing their customers from accessing them.

The first targets of the legislation are likely to be popular torrenting and file sharing websites KickAssTorrents and The Pirate Bay. Your days of pirating music, TV shows and movies through file sharing sites are numbered. Online anonymity services such as those from VPS won’t be affected. They are still a legitimate online anonymity service for privacy-and security-conscious Internet users.

The Film and TV industry considered it to be a victory whereas for the rest of the citizens it was very shocking. Everyone was used to getting high quality stuff from the Internet for free. According to Vanessa Hutley, the General Manager Music Rights Australia, Australian consumers have more than 30 licensed music sites to choose from online , yet “these illegal sites have continued to flourish and make money for their operators” simply because nothing much could be locally done by the copyright owners to stop them.

Online Anonymity with VPNs

CopyRight

While some have chosen to pirate less, others have decided to go underground. Faced with increased monitoring and potential legal action many file-sharers have taken counter measures- they’ve sought online anonymity. The Aussie anti-piracy legislation has triggered massive surge in VPN and BitTorrent proxy usage. The recent events have driven tens of thousands of new users to anonymizing services. The Internet is like a river-if you try to block its flow, the water will find another way. VPN service providers are prominent as geo-unblocking kryptonite. The online anonymity they offer is a welcome bonus. The Aussie case won’t be the first time that anti-piracy measures have turned people to anonymizing tools. The same thing happened when the US Copyright Alert System was launched. There was also a spike in online anonymity services in Canada after ISPs began forwarding piracy notices.

The government will review the effectiveness of the laws in 18 months.

VPN And Tor Will Double Your Internet Security

Not too long ago, the internet was primarily used by most of us to do simple tasks such as checking our email. Now, it’s used for so much more. More complex and dedicate tasks can be carried out online and this of course requires much more sophisticated security.

It doesn’t matter whether you want to protect yourself from identity thefts, credit card fraud, or even government “spy agencies” – proper Internet security is a must.

Throughout the next few sections we’re going to expand on why Internet security is so important, we’ll then talk about Tor, VPN systems, and how they can help you stay protected online.

Why Is Internet Security so Important?

Identity theft, credit card fraud, and government “spy agencies” are all very real threats that could occur when you’re doing something as simple as browsing the web. Having proper Internet security measures in place will protect you from all of the above threats and much more

The need for Internet security has become more apparent with the rise of companies that help us protect ourselves when we’re browsing the web. If there wasn’t a need for these services then all of these companies wouldn’t be in business.

A Quick Introduction to Tor

Tor is a very complex network system that helps you stay anonymous when you’re conducting your online activities, whether you’re just doing general browsing or work that requires the utmost in anonymity. Every byte of information that you send through Tor is encrypted with the help of several servers.

Setting-up Tor on your computer is as simple as downloading Google Chrome or another other browser. Simply head over to the Tor’s download page and install the right browser for your operating system.

You can download or here: https://www.torproject.org/download/download

Tor is a great way to keep yourself anonymous online, but using Tor’s network is not the only step that you should take. It would also be a wise decision to pair Tor with a Virtual Private Network (VPN).

An excellent resource I found on Tor, that every noobie should read, lists the 11 Do’s and Don’ts while using Tor.

It can be found here: http://www.hongkiat.com/blog/do-donts-tor-network/

Finding the Right VPN

If you’ve ever logged onto a public Wi-Fi network, you would have seen a message along the lines of “any information sent over this network is not secure”. This means that your credit card information, social media passwords, anything and everything, can be intercepted and placed into the wrong hands.

Even your home Wi-Fi network can be hacked; it doesn’t just stop at public networks. A VPN encrypts your data and provides you with a secure way of connecting to the internet. All the information you send through the internet is first sent through a private server, before going to its destination.

There are numerous myths surrounding the whole VPN industry. For example, many people believe that all VPN’s are the same as they do the same thing. However, this could not be further from the truth. Different providers offer different levels of security, different encryption standards and most importantly different policies on keeping logs. You see some providers log your usage while using the VPN which makes the use of the VPN pointless if you are concerned with anonymity as you are when using it with Tor. There have been cases where VPN companies where subpoenaed for user data that was suspected of doing illegal activity. In one such case, the biggest VPN comapany in the world “Hide My Ass” handed over the user logs to the authorities and the user was then prosecuted.

Luckily there are companies out there with strict “No Logs” policies, so it means that they keep no logs on users usage what so ever. This gives you the added security and peace of mind that you are truly anonymous while online and you are getting what you pay for. To even go one step further I would highly recommend you do your due diligence and find a VPN provider that owns and manages their own network. These such VPN providers are called Tier 1 VPN’s. Most people don’t know but almost all of the VPN providers out there just rent rack space and the servers from 3rd party hosting companies and manage it remotely from a computer.  How would they know if the company they are renting the hardware from is not logging info or tampering with things? They wouldn’t. At least if the VPN company own and run the servers then if they say there are no logs then they can 100% prove it.

A great resource about combining a VPN with Tor is Jolly Rogers Security Guide For Beginners.

It can be found here: http://darkwebnews.com/help-advice/dark-web-beginners-security-guide/

And the VPN part here: http://darkwebnews.com/security-guide/combining-tor-vpn/

Closing Notes

As mentioned above, Internet security is extremely important and fortunately there are many ways that you can protect yourself online. One of the two most popular and most effective ways to do this is by using the Tor network, accompanied with a VPN.

If you want to check some VPN’s out then I have found a site here they review VPN’s and they are the only one on the net I could find that actually test them out with Tor.

You can find it here: http://topvpnsoftware.com/best-vpn-for-tor/

The advice and guidance provided above should help you get started with both Tor and a VPN.

Experts Disagree Gov.’s Proposals For Encryption Access

A group of computer security experts have come out in opposition to demands by the US and the UK governments to be granted special access to encrypted communications. The move, the experts argue, would put the most confidential data and infrastructure at risk.

National Security Agency

The 14 elite cryptographers and computer scientists from around the globe have a formidable influence in the ensuing debate between the law enforcers pushing for less Internet anonymity and advocates of online privacy. Encryption has come to the fore following Edward J. Snowden’s disclosures that government spying was at a record high. The fact that data is being put online at previously unseen speeds has helped to fan the already heated debate on Internet anonymity.

Naturally, technology companies have been dragged into this face off. Companies like Apple, Microsoft, and Google have increased their efforts to encrypt corporate and customer data since becoming aware that the NSA and other government agencies have been hacking into information centers and intercepting digital communications.

Commercial encryption efforts, law enforcers argue, sabotage their attempts to monitor crime. The UK prime minister even threatened to ban the use of encrypted messages completely. The NSA director, Michael S. Rogers, has suggested that technology companies develop digital keys that can be used to circumvent Internet anonymity and offer access to encrypted data. However, such a key would be shared among different people so that no one person could have full access to the information.

The debate on Internet anonymity is still a long way from an amicable resolution. The timing of the report by the elite group of experts was, for instance, quite opportunistic. The report was released just a day before FBI director James B. Comey Jr., and deputy attorney general at the Justice Department, Sally Quillian Yates were to testify at the Senate Judiciary Committee against the use of encryption technologies that provide the ironclad Internet anonymity that prevents the government from doing its job efficiently.

The report by the technologists is the first of its kind. In the report, the experts claim that by granting the government access to encrypted information, important infrastructure such as the banking system and the power grid would be seriously compromised. Some of the big names behind the report include Whitfield Diffie, considered a pioneering influence in public key cryptography, and Ronald L. Rivest, one of the forces behind the RSA public cryptography algorithm.

The level of trust the government would need to be granted what they need would be unimaginable. This would be especially difficult since the government has been experiencing widespread breaches that would result in the keys falling into the wrong hands. Moreover, the demands would have a ripple effect as other countries such as China would feel obliged to enforce similar measures, and this would put the very people the “back doors” are supposed to protect at risk. The adverse economic impact of compromised Internet anonymity would also be substantial, not to mention an affront to the moral authority developed countries currently wield in the rest of the world.

Encryption

The government’s stand is that end-to-end encryption makes it harder for them to do their job by forcing them to pursue targets rather than the companies supplying the technology. However, those in support of the report released by the experts believe that this report conclusively explains why the government’s proposal is not at all workable.