Utah Guns Forum banner

Internet security

8065 Views 30 Replies 13 Participants Last post by  James
Do you have concerns about posting personal information online. I'm not talking about using your credit card online and such, but about posting very basic, non-uniquely identifying things like your name.

I frequent a popular photography forum where people post personal photos - often of their children, wives, cars, expensive electronics, etc. I suggested that posting such pictures online could make them subject to robbery or worse. Nearly everyone believed that nobody could ever find their house or identify them uniquely by posting stuff online.

I challenged them to let me see what information I could obtain about them using nothing more than what was posted in the forum and using only the internet as a tool. I was able to post satellite images of the homes of about 75% of those that took up the challenge. It surprised even me.

So, do you worry about things like this? I know a lot of folks here use their real names - something I don't do (though it wouldn't take much effort to find it). And would anybody like to see if I can find enough about them to post a satellite photo of their home?
1 - 20 of 31 Posts
Sure.....let me know what you can find, just don't post it on this forum. Maybe send me a PM or something?

I'm sure my address and other info is out there somewhere.
apollosmith said:
Do you have concerns about posting personal information online. I'm not talking about using your credit card online and such, but about posting very basic, non-uniquely identifying things like your name.

I frequent a popular photography forum where people post personal photos - often of their children, wives, cars, expensive electronics, etc. I suggested that posting such pictures online could make them subject to robbery or worse. Nearly everyone believed that nobody could ever find their house or identify them uniquely by posting stuff online.

I challenged them to let me see what information I could obtain about them using nothing more than what was posted in the forum and using only the internet as a tool. I was able to post satellite images of the homes of about 75% of those that took up the challenge. It surprised even me.

So, do you worry about things like this? I know a lot of folks here use their real names - something I don't do (though it wouldn't take much effort to find it). And would anybody like to see if I can find enough about them to post a satellite photo of their home?
I am with you on this one.

Tarzan.
I *DO* have these concerns as well -- though I also *DO* temper my concern with my odds of being a target and what info. I think will be of most value. For example, I don't use my real name here or on any other forums b/c people might take personal offense at something I say (or find out something about me that they want to take advantage of). However, I do maintain my own domain with a family blog where we do use our real names. My thinking is that I doubt people who "interact with me online" would be able to easily associate those interactions with my webpage to further glean more info about me. I also maintain that simply having my domain without it being able to be "inked" easily from somewhere else lowers my odds of being targeted. After all, simply having info. about 1 out of 300 million people is useless unless that information can also be linked to fortune, prejudice, etc.

That being said, I was careful when I posted photos of the inside of my new home and password-protected those photos so that only friends and family have easy access to them.

I also have a friend who recently passed and whose family created a memorial page for him. I advised them to excise the wife and all the kids' names from the site along with any information identifying at all where they live (including state). It does have his name, kinda necessary for a memorial. So they could still be found, though it would be more difficult to interact with the kids on a personal level since the only thing they would know would be the dad's name. I thought that their situation required more discretion than mine due to the fact that they are a now fatherless family of young children who are now an easier target and given that some might assume they could have money coming their way are also an increased target.

So, what info. you put on the web, I think, should be carefully considered and weighed. But refusing to put anything out there b/c of ANY possibility you could be targeted is like saying you should refuse to ever use checks or CC's, never present your DL as ID to anyone, never interact with a stranger above merely saying "hello", etc.

That being said, you have my permission to try and find out all you can about me -- I'd be interested!!! Also, please PM me with anything you find.
See less See more
This is closely related to another issue. That of saying things in an open forum like this that you might regret should it come to the attention of other people who are not members of this forum ... such as your boss.

There was an example sort of like this a while ago. Someone posted something here that somehow got back to a person in a position of authority over the poster. How it got to that person's attention is quite beside the point. The point is, don't post anything in this or any other public forum that could come back and bite you. Assume that anything you post in a public forum can be found by anybody in the world. It is a public forum, after all.
Yeah, that's a really good point -- which is why in the thread a while back where we were discussing what each of us did for a living so many of us never actually put WHERE we work... I noticed a few did, however; I thought that was a bad choice.
After spending some time in search engines, I have yet to find anything to personally identify any of the above. Congratulations!

Why I'm so sensitive about internet security...

I used to play an online game and secretly infiltrated a group of Chinese players and exposed them for cheating. In retaliation, they tracked me down online and threatened and verbally abused me and my wife. They called my home and sent e-mails to my wife and even my boss. These were not just childish threats, but promises of sexual violence even against my toddler daughter.

Despite several attempts, I was pretty much told by law enforcement that I could do nothing about it because the threats and abuse all came from within China. It really scared me because I knew they also had my home address. Since then, I've been much more careful about what I post online.
apollosmith said:
promises of sexual violence even against my toddler daughter.
:shock:

Yet another sign of a so-called "safer" statist culture...
I'm sure that just about anyone could find out where I live in less than one minute. I'll admit, I've put a lot of personal information about myself online, and it's been that way for almost the past ten years.

I won't disagree that posting personal information on the internet increases one's chances of being targeted by somebody for some nefarious purpose, but even so, I don't think the risk is all that great. You can get nearly the same amount of information from seeing me driving down the street and getting my license plate number.
I too will not post anything about myself online. I even use different user id's in several different forums (depending on the forum that I'm on). I had a close high-school buddy who was extremely paranoid about this stuff and it rubbed off on me. Even then, I'm still paranoid about it. I heard somewhere that you can still track down people by their IP address. If that's the case, then the only real way to keep annonymous is by ONLY posting at a public library (I think :?)

See if you can find anything on me and PM me... I'd be interested on how well I've done in the past 10 years to protect myself.
yung1s said:
I heard somewhere that you can still track down people by their IP address. If that's the case, then the only real way to keep annonymous is by ONLY posting at a public library (I think :?)
You can get down to the ISP and what local CoLo/Router they are on, but that is it. You would probobly be able to figure out what city/area I was surfing from, but nothing more unless you somehow had access to the ISP's information linking the leased IP/MAC Address of your hardware to your physical address.

/end geek
NotSoSimple said:
yung1s said:
I heard somewhere that you can still track down people by their IP address. If that's the case, then the only real way to keep annonymous is by ONLY posting at a public library (I think :?)
You can get down to the ISP and what local CoLo/Router they are on, but that is it. You would probobly be able to figure out what city/area I was surfing from, but nothing more unless you somehow had access to the ISP's information linking the leased IP/MAC Address of your hardware to your physical address.

/end geek
Country/State/City/Zip is all pretty easy to get and can be done by (I would guess) about 20% of active internet users. Name/address/etc takes a lot more work and is limited to (again just guessing) 5% or less and of that 5% only 1% would even care to do so. It would be much easier for someone to just hack into your computer then track you by your IP
I know if I wanted your info I would convince you to open your computer to me (file sharing program, IM window, Video chat, etc) once you let me in I would plant a program that would email me your keystrokes, send your internet activity, maybe even send screenshots of any HTTPS:// site you visit. I would also perform a search for your registry files and anything containing your name. If I really wanted to get mean I would replace your anti-virus program with a copy that doesn’t do anything, but still acts exactly the same, install a program that will distribute spam and viruses to anyone on your email list allowing me to gain access to all their computers too.

Now some of these things are harder than others and some can easily be stopped, but most people do not even take the smallest precautions (like putting a password on your internet browser or windows logon or even on your wireless router) At my house I can see 5 people wireless router signals, 4 of them are completely open for anyone even driving by to tap into. I don’t have to ever get the internet on my laptop or phone because all I have to do is drive into any neighborhood (I prefer town homes due to the amount of houses in a close area) and I pick up dozens of open internet signals.
See less See more
IMHO the easiest and most effective steps one should implement to counter hacking (vs. mining of data on the internet, which is a different subject altogether), and thus the absolute first things one should do before even thinking about anything else:

1) If you have wireless, put a password on it... there are a whole slew of security features but if you don't want to worry about learning all of that, just enable the most basic and easiest security your transmitter has and then set the password to something reasonably difficult like they make you do at work.

2) Install basic AV software. Forget about all the bells and whistles... heck, I'm running McAffee's *FREE* scanner... it won't UNinfect anything for me, but it will tell me if there is a problem and THEN I can buy their software to remove the problem if I feel I need to.

3) Stop downloading email attachments and junk on the internet. Back when I was a PC tech the biggest problem BY FAR was not hacking or even viruses... it was just people downloading and installing all sorts of junk and cluttering up their hard drive. If you don't NEED it, ask yourself if it's worth the possibility of a crashed system or worse. And if you don't know who sent it, you certainly don't need it!

4) While the above are all free, this one costs a bit but I believe it's worth it. Spend a little bit of dough and buy yourself a router that has basic FIREWALL protection built-in. Every Linksys router I've ever used has this feature and you can get them at Best Buy starting at $39.99. For those not in the know, a firewall effectively "hides" you from outsiders trying to ping your computer and otherwise snoop around in your network to find a hole they can enter through.
(the ironic thing is that writing this prompted me to login to my router which made me realize that my password was reset to the factory default during the last "reset" I made a few days ago and forgot to reload the configs! OOPS!) :)

I realize that none of these measures are absolute gaurantees. BUT they are the easiest, cheapest, and best (bang for your $, that is) things you can do.

A good resource to test your "visibility" from the net is (plus it has TONS of security info for all of you that are interested... it's a GREAT site!):
https://www.grc.com/x/ne.dll?bh0bkyd2
See less See more
bane said:
1) If you have wireless, put a password on it... there are a whole slew of security features but if you don't want to worry about learning all of that, just enable the most basic and easiest security your transmitter has and then set the password to something reasonably difficult like they make you do at work.
Great advice in the post above.

If anyone needs help/walkthrough securing wireless, I would be more than happy to lend a hand.
xmirage2kx said:
I know if I wanted your info I would convince you to open your computer to me (file sharing program, IM window, Video chat, etc) once you let me in I would plant a program that would email me your keystrokes, send your internet activity, maybe even send screenshots of any HTTPS:// site you visit. I would also perform a search for your registry files and anything containing your name. If I really wanted to get mean I would replace your anti-virus program with a copy that doesn’t do anything, but still acts exactly the same, install a program that will distribute spam and viruses to anyone on your email list allowing me to gain access to all their computers too.
I'll take that challenge. Jabber/XMPP IM ID: [email protected]
swillden said:
xmirage2kx said:
I know if I wanted your info I would convince you to open your computer to me (file sharing program, IM window, Video chat, etc) once you let me in I would plant a program that would email me your keystrokes, send your internet activity, maybe even send screenshots of any HTTPS:// site you visit. I would also perform a search for your registry files and anything containing your name. If I really wanted to get mean I would replace your anti-virus program with a copy that doesn’t do anything, but still acts exactly the same, install a program that will distribute spam and viruses to anyone on your email list allowing me to gain access to all their computers too.
I'll take that challenge. Jabber/XMPP IM ID: [email protected]
Hacking your system might be a bit of a stretch, but it did take me no more than 1.5 minutes to look at your house in Google Earth.
apollosmith said:
swillden said:
xmirage2kx said:
I know if I wanted your info I would convince you to open your computer to me (file sharing program, IM window, Video chat, etc) once you let me in I would plant a program that would email me your keystrokes, send your internet activity, maybe even send screenshots of any HTTPS:// site you visit. I would also perform a search for your registry files and anything containing your name. If I really wanted to get mean I would replace your anti-virus program with a copy that doesn’t do anything, but still acts exactly the same, install a program that will distribute spam and viruses to anyone on your email list allowing me to gain access to all their computers too.
I'll take that challenge. Jabber/XMPP IM ID: [email protected]
Hacking your system might be a bit of a stretch, but it did take me no more than 1.5 minutes to look at your house in Google Earth.
You should come over sometime!

Out of curiosity, how did you find my address? I can think of a half-dozen easy ways to do it, which did you use? I'd probably have started with a WHOIS on the willden.org domain, myself.

I'm pretty easy to find, and I'm okay with that. My phone number is in the book, I use the same handle on all online fora (which is my first initial and last name) and my e-mail address is also scattered all over the web (and that contains my first and last name). Oh, and my WiFi AP is unencrypted. I appreciate the occasional use of others' open APs, and I think it's just polite to return the favor.

As for hacking my system, you'd have a hard time. Not because I'm a professional computer security expert, but because I take two important security precautions: (1) I don't use Microsoft software and (2) I'm very careful to keep my systems updated with security patches.
swillden said:
xmirage2kx said:
I know if I wanted your info I would convince you to open your computer to me (file sharing program, IM window, Video chat, etc) once you let me in I would plant a program that would email me your keystrokes, send your internet activity, maybe even send screenshots of any HTTPS:// site you visit. I would also perform a search for your registry files and anything containing your name. If I really wanted to get mean I would replace your anti-virus program with a copy that doesn’t do anything, but still acts exactly the same, install a program that will distribute spam and viruses to anyone on your email list allowing me to gain access to all their computers too.
I'll take that challenge. Jabber/XMPP IM ID: [email protected]
found out a lot about you, enough that I won't post it here, but I will email you and you can post how right or wrong I am on here. it took longer to write up a quick summary then to find all this info.
swillden said:
my WiFi AP is unencrypted. I appreciate the occasional use of others' open APs, and I think it's just polite to return the favor.
The only problem here is that if someone uses your AP to do something illegal (look at child porn or something else), you can be held legally responsible. If you encrypt your AP, you have a means to show that you at least attempted to prevent illegal use of your internet connection. If you really want to share your internet, there are better ways than just leaving your AP open. You can make your house a FON Spot which allows you to use local and international hot spots for free, plus make a little money on the side. I would recommend not leaving your AP open. It's not just what OS you use and whether someone can "hack your system", but also packet sniffing your internet browsing and email - you don't want people to see that stuff.
1 - 20 of 31 Posts
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top