It was done before but ..

Zdeněk Pavlovský
Vranín 11, Moravské Budějovice, 675 44
+42 732 258 764

anything else? Cito, bank account you want?

Svartalf wrote:I'm not great for keeping my anonymity on the net. I may post behind a pseudonym, but I make no mystery ofwhere I live, and I even have met a number of fellow internet posters, who then know my real name, and where I live and what I look like, I'd make a very bad troll.

There are flag of Canada on your profile but your profile say your country is France.

Are you a French citizen living in Canada ?
Are you a Canadian citizen living in France ?
Are you a dual citizen of France and Canada ?

tuco wrote:It was done before but ..

Zdeněk Pavlovský
Vranín 11, Moravské Budějovice, 675 44
+42 732 258 764

anything else? Cito, bank account you want?

Is this a joke or your real privates infos ?

Call me.

tuco wrote:Call me.

I suppose you're joking.

viocjit wrote:

tuco wrote:Call me.

I suppose you're joking.

Test your supposition.

If there’s one thing I know around here, tuco’s legit.

Hello world ! What do you think about what I said about anonymity on Internet in the first page of this thread ?
Someone want to make a comment ?

Nope.

viocjit wrote:Hello world ! What do you think about what I said about anonymity on Internet in the first page of this thread ?
Someone want to make a comment ?

What did you say about anonymity on Internet in the first page of this thread? I see words, but I cannot discern their meaning.

Hermit wrote:

viocjit wrote:Hello world ! What do you think about what I said about anonymity on Internet in the first page of this thread ?
Someone want to make a comment ?

What did you say about anonymity on Internet in the first page of this thread? I see words, but I cannot discern their meaning.

What are words you didn't understood ?
I renown I did used technical terms not easy to understand for those who haven't knowledge in computing.

This topic doesn't interest anybody ?

it's not a matter of idiniterest, but of having something meaningful to add to what has been said.

Svartalf wrote:it's not a matter of idiniterest, but of having something meaningful to add to what has been said.

You haven't something meaningful to add to what has been said.
Are you sure ?

viocjit wrote:

Svartalf wrote:it's not a matter of idiniterest, but of having something meaningful to add to what has been said.

You haven't something meaningful to add to what has been said.
Are you sure ?

To some people, the topic is not meaningful. Make a big wind and tell us how meaningful anonymity is, in general.

The topic is interesting to technical experts in internet security and interesting to paranoids.

I don'( know how 'anonymous' I may be behind my pseudonym, the account is tied to an e mail address than can be traced back to me, and some people I"ve met over the Intarwebz I've also met in person.

Cito di Pense wrote:

viocjit wrote:

Svartalf wrote:it's not a matter of idiniterest, but of having something meaningful to add to what has been said.

You haven't something meaningful to add to what has been said.
Are you sure ?

To some people, the topic is not meaningful. Make a big wind and tell us how meaningful anonymity is, in general.

The topic is interesting to technical experts in internet security and interesting to paranoids.

How meaningful anonymity is ?

If you connect to Internet while doing nothing to hide your IP address and using a pseudonym you're anonymous for those you meet on Internet but not for law enforcement agencies.

Anonymity toward who. That's the question.
You won't use the same means to hide yourself from your family than those used to hide from a police from a dictatorial regime.

To hide ourself from his family an email address under a fake name for which they don't know the existence , a nickname and say few things about ourself online is sufficient except if they have a human snitch working for your ISP.

But there are still the risk they install a spyware (Hardware or software. If we fear our family it's unlikely they put a hardware spyware because it's not easy to find for civilians but the risk is real. An example of hardware spyware is a transmitter hidden inside a keyboard. An example of software spyware is a trojan horse with keylogger function , see what's your screen is displaying , Observe you with the webcam , Listen you with the microphone , Intercept your web browsing history etc...) on your computer or / and others devices used by you.
They would be able to read telecommunications even if these are ciphered if a spyware is installed.

They can also install a hidden video surveillance system or / and bugs in your home and your computing skills wouldn't help if you're physically monitored with wires or / and closed-circuit television and that you don't know how to find hidden cameras and bugs.

An entry of Wikihow explain us the basis to find hidden camera and bugs (Certainly sufficient to find the majority of camera and bugs made with civilian technologies available for average citizens) : https://www.wikihow.com/Detect-Hidden-C ... icrophones

There are others side-channel attack existing that are unlikely to be used by civilians https://en.wikipedia.org/wiki/Side-channel_attack

Who are they?

----
edit: I should probably note that 4 days after posting my details here I got this SMS. Dont remember ordering anything so I forgot about it. Could be a coincidence but could be .. they. Luckily I have nothing they want.

edit1: Since I bothered with the screen .. looked up the site now and here are reviews: https://www.zbozi.cz/obchod/128649/ dont need to understand the language to see what they are. Apparently, they dont deliver.

edit2: and here are the people who run/own the s.r.o. = ltd which owns the domain : https://or.justice.cz/ias/ui/rejstrik-f ... %250D%250A

Note the capital: Základní kapitál: 1 000,- Kč ~ 40 euro

How those people sleep right?

TOR and decent VPN and you'll be OK for 99% of what you do. Unless you're into child porn or a terrorist, of course. Then you should rely on old fashioned letters and one-time code sheets.

laklak wrote:TOR and decent VPN and you'll be OK for 99% of what you do. Unless you're into child porn or a terrorist, of course. Then you should rely on old fashioned letters and one-time code sheets.

Terrorists using old fashioned letters and one-time pad seem logic to me even if I don't know any cases in which orders were transmitted by terrorists to others terrorists with this means.
Happily for us the majority of terrorists use electronical means to communicate like those who took part in November 2015 Paris attacks ( https://en.wikipedia.org/wiki/November_ ... is_attacks ) and that help intelligence services and police force to done investigations.
It would be not easy for intelligence services and police force to investigate if terrorists were smart enough to use one-time pad and papers.

I'd like to recall one-time pad is inefficient if it's not used correctly like use two time the same key or if the key isn't random.

To know more about one-time pad also known as Vernam cipher : https://en.wikipedia.org/wiki/One-time_pad





You spoke about pedoporn customers but you forget to speak about drug dealers , weapons traffickers , money counterfeiters and others kind of criminal activities.

A customer of pedopornography (In my example the felon don't download contents but view it) can reduce the risks to be busted with the methods I will explain to you even if no strategy can have a reliability to 100%.

If someone is only using one relay in a foreign country between the home connection and Internet (VPN , Proxy server , VNC server etc...) to dissimulate his / her IP address he / she can be catch if authorities ask to all ISPs of their country jurisdiction who was using which relay at that time nor use logs kept by intelligence services charged of mass surveillance.

They would have a relevant list of suspects from ISPs if he / she using a connection of an ISP from the country jurisdiction.
If the person is using an ISPs from another country than country jurisdiction infos given by ISPs would be not useful and in this situation it could be necessary to ask infos to secret services of the country.

If the person is using the same relay at another time. Logs will reduce the list of suspects then we wait another time etc... until find the good one.
They have another possibility. Intercept in live the telecommunication of the suspects without install something on computer target. If ciphered it would be necessary to break it but they are reputed to have problems to read ciphered telecommunications in the majority of situations.

But if a spyware (Hardware or software) is installed on computer target they would be able to read telecommunications even if these are ciphered.
Law enforcement can also install a video surveillance system or / and bugs in your home and your computing skills wouldn't help you to avoid a conviction if you're physically monitored with wires or / and closed-circuit television.
Side-channel attack does exist https://en.wikipedia.org/wiki/Side-channel_attack
(This is an allegation from me and I don't know any real life case of an authority asking to all ISPs who was using which relay at which time. The same about intelligence services. I don't know any case of a child porn customers monitored with a side-channel attack).

If an Authority haven't the means to ask to all ISPs of its jurisdiction or to its intelligence services who was behind which relay at which time.
They can ask it to authorities of the place in which relay is located but they can answer like not answer (That depend of countries involved and matters. Identify a political dissent isn't at the same level as identify a drug trafficker or pedophile sharing child porn. The level of matters depend of countries).



Onion routing (Used by Tor , Tox , Tribler) , Garlic routing (Used by I2P) , IP Spoofing (It is using the IP of another terminal that our. It is like identity theft in real world) , Proxies and VPNs are way to hide our identity online but none of these method have an efficiency of 100%.

Onion routing : https://en.wikipedia.org/wiki/Onion_routing
Tor : https://en.wikipedia.org/wiki/Tor_(anonymity_network)
Tox : https://en.wikipedia.org/wiki/Tox_(protocol)
Tribler : https://en.wikipedia.org/wiki/Tribler

Garlic routing : https://en.wikipedia.org/wiki/Garlic_routing
I2P : https://en.wikipedia.org/wiki/I2P

IP spoofing : https://en.wikipedia.org/wiki/IP_address_spoofing
Proxy : https://en.wikipedia.org/wiki/Proxy_server
VPN : https://en.wikipedia.org/wiki/Virtual_private_network



If the perpetrator of an offense use one of these methods and do the same things he / she is doing while he / she is connect without anonymity method (Use Facebook under his / her real name , Send a picture of himself / herself , Use a nickname the individual did already used or similar , Use a password he / she did already used or similar , Tell a bit about its own life then another until it became possible to find the real identity etc...) these methods won't help the perpetrator if he / she is the hole in the anonymity system.

Activities the person do on Internet under his / her real IP address and method of anonymisation must not be the same.
For example if you connect to Instagram with a method of anonymisation you must not view the content of accounts that you did already viewed under your real IP.

Not forget to update and upgrade the computer. A software not updated can be dangerous if a hole in one of these can reveal your identity.
Avoid Flash and others scripts (JavaScript and OpenGL for example) like this as they can allow to find your real IP. Don't install extensions for browsers.
Don't forget to change the language of your system then software used if you pretend to be from another country than real one.
A felon can be found because of a mistake like this.

A felon must think to hide its MAC address and serial numbers of its hardware when this is possible because a malware can infect its computer.
If it is infected and reveal any serial numbers a link can possibly be made with his / her real identity. (I don't know any alleged case of someone identified with an action like this but I know the case of a citizen of USA and Ireland who was a pedoporn hoster catched because of his MAC address and Windows GUI).

Someone perpetrating a felony must think to cover his / her webcam because a malware can infect the computer.
He / she must don't speak to avoid being identified by voice analysis if the computer have a mic inside because if the felon fall on a malware while using an anonymisation method he / she can be maybe identified. (I don't know any alleged case of someone catched by one of these methods).

Use an OS based on Linux reduce the risk of infections by malwares.
Use your OS on live DVD. Tails is reputed to be a good one (I did never used it).
What's tails ? https://en.wikipedia.org/wiki/Tails_(operating_system)

The most paranoid felon would use a computer he did never used before.
He would bought it in a shop or another place without CCTV and pay for it in cash in a place where nobody known him / her. He wouldn't use Internet for this task.
He wouldn't take his / her phone to go to the shop.

The most paranoid felon who want to stay anonymous online can crack the Wi-Fi connection (It's a misdemanors nor felony in majority of world jurisdictions) of their neighbor and do what I say previously.
I wouldn't like to be the neighbor who will maybe have law enforcement coming to his / her home.
Instead of doing this the felon can use a false identity to access to Internet in a Internet café but someone using a live CD / live DVD or live USB in a cyber café would be suspect and there are often CCTV in these places but if there are not CCTV you would let your fingerprint and DNA there anyway.
He / she can do worse like enter without authorization in a place with Internet connection.
Of course , if the felon is stupid he would use two time the same Wi-Fi connection and be potentially traced with radio direction finding if authorities did localized which connection was used and wait the felon to use RDF.
What's radio direction finding or RDF ? https://en.wikipedia.org/wiki/Direction_finding

When doing financial transactions for his / her illegal activities the criminal can use Bitcoin or another cryptocurrency and use one wallet by transaction. If he / she have two wallets it's better to have one platform for each but if the criminal have more than one hundred wallets it's not easy to apply the sentence "One wallet , one platform" and in this case the user can use only three , four , five , six , seven or more.
What's Bitcoin ? https://en.wikipedia.org/wiki/Bitcoin
What is a cryptocurrency ? https://en.wikipedia.org/wiki/Cryptocurrency



Everybody have its own writing style and its own speaking style and it can help law enforcement to identify the person.
You can try simulate being from another ethnic group , generation , country , education level than your and write some words with bad spelling.
It won't change what you are and there a day you will make a mistake that will prove you're not what you pretend to be like forget to put your browser in British English if you're an American who pretend being a British , write colour in place of color if you're a British who pretend to be an American etc...

Don't forget tor and the like are vulnerable to traffic analysis.
Explanations about mix network vulnerabilities : https://en.wikipedia.org/wiki/Mix_netwo ... rabilities
General explanations about traffic analysis : https://en.wikipedia.org/wiki/Traffic_analysis


Eric Eoin Marques is a citizen of Republic of Ireland and USA.
He was a pedoporn hoster.
It's alleged he was identified because he was using Windows with a non-updated version of Firefox vulnerable to a 0-day if the user have Windows like operating system and JavaScript enabled.
If he wasn't using Windows but Linux and a up-to-date system with noScript. He wouldn't be identified like this.
He did forget to forge the MAC address on his local network and the exploit send MAC address of users to law enforcement.
The exploit used in the 0-day vulnerability catch also the globally unique identifier (GUID) of Windows.
GUID + MAC address = The most perfect way to identify a PC

Wikipedia explain you what I did say : https://en.wikipedia.org/wiki/Freedom_Hosting

I know a case in which customers of CP were busted because they forget to deactivate flash.

There are also webRTC that is responsible of DNS leaks that permit to authorities to find target and this is another reason to disable JavaScript.

The majority of convicted felons are busted because they forget to use basic things that I explained to you.
The majority of those who perpetrates illegal stuffs forget one or many basic things that I explained to you and that help law enforcement a lot.

This is sad to say but many criminals will never be arrested.
For example. Think to these owner of small business in Western world who lose theirs business because of a hacker localized outside of the Western world who was never busted.



Anonymization method + localization of the perpetrator in a non collaborative jurisdiction don't help law enforcement.
International treaties of nowadays aren't sufficient and there are so many differences between laws of different countries that it doesn't facilitate international collaboration.

For example in some places possess a drawing depicting sex involving minors can lead to prosecutions when in others this is not the case.

Wikipedia speak about it : https://en.wikipedia.org/wiki/Legal_sta ... ing_minors
Rational Wiki speak about CP in general : https://rationalwiki.org/wiki/Child_pornography

The second example of difference between law in different countries of the world for which I will speak is about freedom of speech.
In the majority of country of the Western world write racist comments on public parts on Internet is a misdemeanor when in USA write racist messages isn't prohibited.

The third and last example is about freedom of speech.
In some country of the world like France (My country) it is illegal to deny the existence of Jewish genocide during World War II but it is authorized to do so in USA.

I wonder if there are any paranoid felons or terrorists around to get some use of the above, but in case there are let me also give them a pro-tip:

The most paranoid felon who want to stay anonymous online can crack the Wi-Fi connection (It's a misdemanors nor felony in majority of world jurisdictions) of their neighbor and do what I say previously.

Don't use neighbor Wi-Fi.