An anonymous blog is a blog without any acknowledged author or contributor. Anonymous bloggers may achieve anonymity through the simple use of a pseudonym, or through more sophisticated techniques such as layered encryption routing, manipulation of post dates, or posting only from publicly accessible computers. [1] Motivations for posting anonymously include a desire for privacy or fear of retribution by an employer (e.g., in whistleblower cases), a government (in countries that monitor or censor online communication), or another group.
Fundamentally, deanonymization can be divided into two categories:
These techniques may be used together. The order of techniques employed typically escalates from the social correlation techniques, which do not require the compliance of any outside authorities (e.g., Internet providers, server providers, etc.), to more technical identification.
Just as a blog can be on any subject, so can an anonymous blog. Most fall into the following major categories:
Recently, anonymous blogging has moved into a more aggressive and active style, with organized crime groups such as the Mafia using anonymous blogs against mayors and local administrators in Italy. [17]
An IP address is a unique numerical label assigned to a computer connected to a computer network that uses the Internet Protocol for communication. [18] The most popular implementation of the Internet Protocol would be the Internet (capitalized, to differentiate it from smaller internetworks). Internet Service Providers (ISPs) are allocated chunks of IP addresses by a Regional Internet registry, which they then assign to customers. However, ISPs do not have enough addresses to give the customers their own address. Instead, DHCP is used; a customer's device (typically a modem or router) is assigned an IP address from a pool of available addresses. It keeps that address for a certain amount of time (e.g., two weeks). If the device is still active at the end of the lease, it can renew its connection and keep the same IP address. Otherwise, the IP address is collected and added to the pool to be redistributed. Thus, IP addresses provide regional information (through Regional Internet registries) and, if the ISP has logs, specific customer information. While this does not prove that a specific person was the originator of a blog post (it could have been someone else using that customer's Internet, after all), it provides powerful circumstantial evidence.
Character frequency analysis takes advantage of the fact that all individuals have a different vocabulary: if there is a large body of data that can be tied to an individual (for example, a public figure with an official blog), statistical analysis can be applied to both this body of data and an anonymous blog to see how similar they are. In this way, anonymous bloggers can tentatively be deanonymized. [19] This is known as stylometry; adversarial stylometry is the study of techniques for resisting such stylistic identification.
An anonymous blog is a blog without any acknowledged author or contributor. Anonymous bloggers may achieve anonymity through the simple use of a pseudonym, or through more sophisticated techniques such as layered encryption routing, manipulation of post dates, or posting only from publicly accessible computers. [1] Motivations for posting anonymously include a desire for privacy or fear of retribution by an employer (e.g., in whistleblower cases), a government (in countries that monitor or censor online communication), or another group.
Fundamentally, deanonymization can be divided into two categories:
These techniques may be used together. The order of techniques employed typically escalates from the social correlation techniques, which do not require the compliance of any outside authorities (e.g., Internet providers, server providers, etc.), to more technical identification.
Just as a blog can be on any subject, so can an anonymous blog. Most fall into the following major categories:
Recently, anonymous blogging has moved into a more aggressive and active style, with organized crime groups such as the Mafia using anonymous blogs against mayors and local administrators in Italy. [17]
An IP address is a unique numerical label assigned to a computer connected to a computer network that uses the Internet Protocol for communication. [18] The most popular implementation of the Internet Protocol would be the Internet (capitalized, to differentiate it from smaller internetworks). Internet Service Providers (ISPs) are allocated chunks of IP addresses by a Regional Internet registry, which they then assign to customers. However, ISPs do not have enough addresses to give the customers their own address. Instead, DHCP is used; a customer's device (typically a modem or router) is assigned an IP address from a pool of available addresses. It keeps that address for a certain amount of time (e.g., two weeks). If the device is still active at the end of the lease, it can renew its connection and keep the same IP address. Otherwise, the IP address is collected and added to the pool to be redistributed. Thus, IP addresses provide regional information (through Regional Internet registries) and, if the ISP has logs, specific customer information. While this does not prove that a specific person was the originator of a blog post (it could have been someone else using that customer's Internet, after all), it provides powerful circumstantial evidence.
Character frequency analysis takes advantage of the fact that all individuals have a different vocabulary: if there is a large body of data that can be tied to an individual (for example, a public figure with an official blog), statistical analysis can be applied to both this body of data and an anonymous blog to see how similar they are. In this way, anonymous bloggers can tentatively be deanonymized. [19] This is known as stylometry; adversarial stylometry is the study of techniques for resisting such stylistic identification.