Open source software security

Internet Information Discovery and Retention

30 November -0001

Most people assume that while online they remain relatively anonymous. While this is a pleasant myth, it is just that, a myth. Whenever you connect to the internet you leave traces behind. Unless you take active measures to erase your electronic footprints, you can be tracked, and not just to your IP address, but to your street address.

When you utilize your computer to access the internet your connection is generally routed from your computer to your ISP and then on to the greater internet network. All of the routers that handle these connections are capable of logging the route that your requests make and any information sent in return. Much of this logging is necessary for the proper function of networking traffic, but it can also be used to monitor connections. Even though your specific IP address might change from connection to connection, it is possible to monitor unique computers through the use of MAC addresses. MAC addresses are strictly controlled by network card manufacturers and each card should have a unique address. While it is possible to spoof this address, it is difficult.

Assuming you wish to find information about a specific person rather than ensure your own anonymity there are several common places to search for information. The easiest is to simply run a web search through common search engines for the person's proper name. This often leads to a wealth of information cached in various corners of the internet. Keep an eye out of any additional identifying information, such as an email address, that you could utilize for further searches. For instance, if you find someone's email address you might be able to uncover posts to blogs or newsgroups that are identified only by the postser's email address. It turns out email addresses are quite good as unique identifiers since email addresses must be unique (i.e. there can't be two john.smith@hotmail.com addresses). Addresses are also useful for searching since you can sometimes uncover information on real estate transactions or even rental agencies that could have more information.

One way to find information about someone is to use 'Member Profile' areas of the large e-mail services. Yahoo! has an excellent profile on all their members, but all the services, from Excite to Hotmail display personal information to the inquisitive if you are not careful when you sign up for these services. The easiest way to avoid giving away personal information online is to develop a dossier on a fake identity that you use whenever you give personal information online.

One of the other most helpful information services online is Network Solutions' whois look up (http://www.networksolutions.com/cgi-bin/whois/whois). This service has exposed more spammers and website owners than I care to think about. Network Solutions conveniently provides addresses and phone numbers to anyone online. I used to think it would be easy to provide fake information here, but when you register a domain you must have a valid address to receive materials for signature, etc. The only way to anonymize this information is to rent a mailbox from a service such as MailBoxes Etc.

Unfortunately over time the whois database has begun accepting more bad data. You might also try doing a lookup of a website owner on their domain registrars website. For instance, if you realize that a person you are searching for is associated with a domain that the whois database identifies as being registered by godaddy.com, try searching on godaddy.com's own website to see if you can look up any other information.

Assuming you can identify an IP address or ISP carrier with a name, utilizing the ARIN database can help you locate the specific location and company carrier responsible for the IP address. ARIN allows you to search their database by IP address and will return all the companies that are responsible for managing that address. This can be extremely useful for locating geographic data associated with an IP address. Often times if you are attempting to locate the original sender of an email, looking through the 'From' field in the email headers will reveal a series of IP addresses to mail servers. Looking up these IP addresses in ARIN can give you a much better sense of where the email actually originated and who might be responsible for sending it.

It is important to remember the digital tracks that we all leave on the internet. Unless you're careful it is very possible to leave all sorts of details behind. Not only that, but often times companies to whom you provide personal information are not always as diligent as they should be in protecting that data. This presents problems beyond your control.

Even beyond the tracks that you leave on the internet, there are traces left on your own machine that serve as a breadcrumb trail to where you've been. Cookies and internet cache all betray your online behavior. Mail clients such as Outlook also store local copies of your email, even if you're browsing an IMAP server. It is important to pay attention to your privacy and security settings in all your internet applications. Some browsers, such as Thunderbird allow for advanced setups that will expunge this sort of data quickly, although without a true wipe the data is probably still recoverable.

If you are interested in anonymizing your internet browsing to further protect your online anonymity I would suggest investigating the Electronic Privacy Information Center for resources that can help to keep your online behavior free from monitoring. Encrypting your email is a good place to start, but the Tor network is the place to look for truly anonymous surfing. There is even a Firefox extension available.