Anonymous

From MgmtWiki
Revision as of 18:14, 13 October 2019 by Tom (talk | contribs) (Solution)

Jump to: navigation, search

Full Title or Meme

Literally Anonymous means no name.

Context

HTTP ( used on Web Sites) was designed to operate without any identification and the REST protocol enforces that paradigm.

Problem

  • While some users may think that their attributes on distinct Web Sites cannot be correlated, research has shown that this goal will not be possible[1] That reality does not prevent users from trying to use Pseudonyms to remain Anonymous, but it will never work against a determined adversary.
  1. All HTTP connections come with an IP address which is often unique to the location of the computer.
  2. All HTTPS (secure) connections come with a session Identifier which is needed to maintain the secure connection.
  3. Most Web Sites record all HTTP connections for security purposes.
  4. If the user supply some sort of credential to allow access to site, the REST protocol effectively requires the use of cookies installed on the user machine to carry the sign in data from one HTTP request to the next.
  5. If the user expects any continuity from one sign in session to the next, some sort of user Identifier is required.
  • Perhaps the most clueless example of the false hope of anonymity is the sequencing company Nebula who offers to perform sequencing though the block chain for complete anonymity.[2] The problem, of course, is that there is no more sure indicator of your identity than you genome. In fact any police depart could immediate try to find you in a huge existing data base. But this is indicative of the utter cluelessness of the entire block-chain anonymity claims. In fact, they make searching for personal data easier than it has ever been before.

Solution

  • The most trustworthy Web Sites will tell you when they identify you, but it has not be historically necessary that they do so.
  • Current legislation from the EU and California requires Web Sites to be more forthcoming about how they collect and use data.
  • Fake technology solutions are proclaim every few months, none really work if there is any aggregation of data by individual. For example the State of Rhode Island cooperated with Brown University[3] to show how that state could overcome identification. Given the information in the first reference, it is only a matter of time before some other Academics will recover individual identities.

References

  1. Gina Kolata, Can Data be Fully Anonymous? New Algorithms can still identify you New York Times (2019-07-24) p A8.
  2. Megan Moteni,You can soon get Your DNA sequenced Anonymously (2019-09-19) https://www.wired.com/story/you-can-soon-get-your-dna-sequenced-anonymously
  3. Justine S. Hastings +4, Unlocking Data to Improve Public Policy. CACM 62 (2019-10) p. 48ff
Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=Anonymous&oldid=6681"