www.MarkTAW.com/culture_and_media/HowToDisappear.html (printable version)

It seems everyone is concerned with privacy lately. While some of us just want to stop the unsolicited phone calls, mail and e-mail, others genuinely want to remove all trace of them from the world's databases. Here are some techniques for both reducing the junk and disappearing, while still living an ordinary life - internet, credit card and all.

There is no such thing as complete security or complete privacy. On TV today I saw that the US tracked down Saddam Hussein. While you'll probably never have the full resources of the United States trying to find you, you may want to retain a greater degree of privacy than you currently do. Here are some tips and tricks to make finding you and sending you spam more time consuming and difficult.

1. Learn About Telemarketing Laws
   Junkbusters.com - Learn what laws telemarketers and companies that have your information live by, and take advantage of it. They have a great guide to reducing junk.
   Added April 30, 2003: How to Make a Telemarketer Cry (or, Suing Bozos for Fun and Profit).
   Added May 28, 2003: anti-telemarketing EGBG counterscript. I don't know that I would actually give these people my informaiton... especially considering they're not in my country and all, but it seems like a fun way to mess with telemarketers.
   Added June 28, 2003: The National Do Not Call Registry .
2. Get a Disposable e-Mail Address
   Mailshell.com - Instead of you@hotmail.com, you get anything@you.mailshell.com. This allows you to set up an e-mail address for every aspect of your life. If amazon@me.mailshell.com starts to get spam, I just tell mailshell to send everything that goes there to my junk folder. Since you only use that address with amazon.com, you don't worry that your friends can't get in touch with you.
   I used to have dozens of e-mail accounts, but I've narrowed it down to just the one with the added benefit that it's dozens of addresses I can check from one place.
   SpamGourmet.com - is another way to create disposable e-mail addresses that foward to your main account. You can specify how many times an e-mail address is valid before any e-mail that goes there is gobbled up.
   DodgeIt.com - Completely disposable e-mail addresses for those one time only registrations. These addresses aren't password protected so anyone can check them once they know it, but who cares? You only use it for those one time registration sites anyway. Plus each address has an RSS feed, so you can keep an eye on it.
3. What About Spam Filters?
   Spam is serious business, and so is spam prevention. Some spam guards will simply reject all mail not sent from someone you've approved. Others require the sender to verify they exist by sending them an e-mail and asking them to click a link. Both of these make it difficult to get on with day to day e-mailing. Some of the best Spam Filters today are based on Bayesian networks. By telling it what e-mail that arrives for you is spam and what isn't, these programs can determine what elements are common to your spam, and what elements are common to your regular mail. SpamBayes is an open source program that works with Outlook (and other programs, even on Linux and OSX). It's been tweaked, so it's probably the best Bayesian spam filter on the planet. Mozilla Thunderbird is an open source e-mail client that also supports this style of spam filtering. Now when a piece of spam passes through my filter, I just look at it as another opportunity to train my e-mail program to recognize spam.
4. Bounce Your Spam
   You know that "TeleZapper" program on TV that tells telemarketers that your phone number has been disconnected? Well you can do the same thing for your e-mail spam with MailWasher. It allows you to "bounce" an e-mail, telling the sender that your email address does not exist. Once the spammers remove you from their lists, the amount of spam you receive should be reduced.
5. Dynamic IP Address?
   Find out if you have a static or dynamic IP address. Your IP address is the address on the internet of your computer, typically given to you by your Internet Service Provider (ISP). If you have a static IP address, it never changes and every website you go to will be able to track you through it. If you have a dynamic IP address, then it will change from time to time, and you'll leave fewer tracks around the Internet. Though if you do anything illegal, your ISP will cough up who was using that IP address at that time when the court comes knocking.
6. Speaking of IP addresses, Surf the Web Via Proxy
   Surf the Web via a Proxy so that they can't track you down by your IP address. This is especially true if your IP address is the same every time you go online, as it is with Cable Internet access. All they get is the IP address of the proxy server. Some Proxy servers offer ad and cookie blocking as well. One company, JohnDoeWho.com even provide secure ordering - they order something on their credit card and then charge you seperately. This way the company you're ordering from never gets your contact information. They'll even accept the package for you and then mail it to you.
   Want to know just how much information you reveal every time you visit a website? Check this out. It's also easy to reveal the browser you're using, your operating system, what plugins you have for the browser, and even your monitor resolution.
7. Do You Own a Domain Name?
   www.domainsbyproxy.com - If you must have a website why not buy it through a company that buys the domain for you. They'll buy the domain and own it, but you retain full control over it. The e-mail address associated with the website will be fowarded to you, and can even be spam filtered first. In case of some sort of dispute, (like if you manage to buy somebigmajorcorporation.com), they will reveal your identity, but on a day-to-day basis, it helps seperate you from the very public business of owning a website. (added feb 08, 2003)
8. Get To Know Your Web Browser
   Get to know your web browser and it's security settings. Some browsers have very low security settings and allow other people to install files on your computer, or even read information off of your computer. Even if you're up to date on all of your security patches, holes that the company has not yet fixed may exist.
9. 1. My rule of thumb is the smaller and more unknown the better. Since Internet Explorer is the most used browser on the Internet, hackers turn their attention towards it. I'd much prefer to use something like Opera or Mozilla, which have less than 1% market share, and are much less likely to be hacked. I reserve IE for sites I trust that don't work in Opera or Mozilla. These are well respected browsers with a lot of users, but not enough to warrant hackers targeting them.
   2. Clear your cookies after every browser session (you can set up your browser to do this for you), and don't transmit personal information online. Some companies track your surfing habits just waiting for you to sign in to a web site and give out personal information. Once you do they can sell everything they've learned about you when you were surfing - what you typed into search engines, what web pages you visited, etc.
   3. Restart your browser and clear your cookies any time you're about to log in to or out of a website if you've been surfing for a while, or do it in a different browser (Mozilla, IE, and Opera, for example). This should help alleviate the aforementioned problem of tracking you around and learning about you waiting for you to sign in to a website.
10. Get To Know Your Computer
    Most computers are insecure "out of the box" and hackers know how to exploit most of these vulnerabilities. Many viruses & a lot of spyware is installed because you don't know how to secure your computer in the first place. Locking down your OS (Operating System) is outside of the scope of this document, but it is something you should look into, or have someone you trust do for you.
11. Anti Virus & Anti Spyware Software
    Now that I've made you paranoid, here are some simple steps you can take to help reduce the chances of viruses & spyware making it on to your computer and to help you detect and remove them if they're already there. AVG is an excellent and free Anti Virus package. Ad Aware is a well known, trusted, and free program to help remove spyware from your computer. Another, excellent and perhaps even more comprehensive program is Spybot Search & Destroy. You can learn more about these programs on their homepages, or on c|net's download.com.
12. Hardware and Software Firewalls
    A firewall sits between you and the internet and monitors traffic. You can decide what kind of traffic is good, and what kind is bad. A hardware firewall may make your computer invisible to outside attackers, while a software firewall could prevent some spyware or a virus on your computer from leaking information about you to the hackers. Think I'm being paranoid? Check out Steve Gibson's website and then decide whether or not you want a firewall.
13. 1. Black Ice and Zone Alarm are well respected software firewalls, and Zone Alarm is free.
    2. Linksys makes some good home routers with built in firewalls. This is great if you plan on having more than one computer access the internet at once, or if you plan on getting your Playstation, X-Box or Game Cube online.
14. Don't Give Out Your Home Address or Phone Number
    Radio Shack has a bad habit of asking for your home phone number and pestering you until you give it to them. Either make something up, or even better, give them the number for their own store or corporate heaquarters. If you really want to disappear, never give out your home address or phone number.
15. Don't sign up for frequent buyer cards
    The only purpose of these cards is to gather information about your shopping habits to sell to other companies. You might think that they give it to you as an incentive to buy with them rather than someone else, but that's largely untrue. In NYC you can't spit without hitting a Barnes & Noble and they've all but killed off all the independant booksellers, yet they offer a frequent buyer's card. Why?
16. Toll Plaza Blues
    Speaking of cards that make your life easier, what about those boxes you get to go through the toll plaza easier, or get onto public transportation? Did you know that some highways have scanners on the highway that will read your information to collect data about traffic speeds? They say they scramble the identification so nobody is personally identifiable, but who knows. I've already heard of cases where these are used to track down "deadbeat dads" and it seems like it would be easy to issue a warrant for someone to be tracked through their box.
    Also, what about those cards you use to ride public transportation? The transit authority must be collecting information on who travels where to help them improve service and determine what the most common travel routes are. But what happens when you buy this card with your credit card or through the mail. Then this card can be tracked back to whoever purchased it. I'm just offering food for thought.
17. Speaking of buying online, just don't do it
    I order my books to my local Barnes And Noble and pick them up in person. Anyone who's surfed Amazon.com for even a few minutes knows that the internet has a very good memory, especially about what you say and buy.
18. Sign up with a re-mailer or other similar agency
    They will accept your mail and hold on to it for you to pick up or bulk mail it once or twice a week to you. A lot of people who travel a lot use this type of service because they need a permenant address that can forward mail to them on the road. You can even have multiple mailing addresses in different states this way. This is better than a PO Box because they're designed to look like a real address so companies that won't ship to PO Boxes will deal with you. Of course, the re-mailer may require you to give them some information such as drivers license, home address, etc. so be sure to know their privacy policy before you sign up.
19. Similarly, get voice mail or a cell phone
    Give one of those out as your phone number. Since these won't reveal your home address as easily or quickly as your home phone, they can be safely given out without fear of revealing where you live. You also don't have to worry about telemarketers pestering you all day long, you can just punch a few keys and skip to the next voice mail message.
      The FCC has mandated that all cell phones be identifiable to within 50 - 150 feet by 2005. This deadline is rapidly approaching and many companies are beginning to implement tracking systems. Read your contract carefully. Some will automatically turn on if you dial 911, others require you to push a button. There are two current methods of doing this.
20. 1. Your Phone has a GPS chip. Your phone will transmit your location when it tells you to. This can be turned on and off.
    2. The company triangulates your position based on the time it takes for your signal to reach 3 different towers. This cannot be turned on and off, and is independant of the phone you use.
      While your phone company may say they will only use this feature in an emergency, they're vague about what an emergency is. And of course, they could always be ordered to give out this information.
      Some phone companies are piloting a program that allows parents to track their children's location based on the GPS in their cell phone. Corporations will probably do the same for their executives, and of course, a hacker may be able to turn on this feature without you knowing it.
      The Onstar system and similar systems are basically cell phones in your car with GPS. These too might give out your location without you knowing it. This is what allows them to give you directions to the nearest restaurant, or tell emergency services where you are in case of an accident.
21. Don't call 1-800 numbers
    Especially from your home phone. Since the company who owns the 800 number pays for the call, they can always get your phone number, even if you have the "private" caller ID feature (which you should also turn on). If you must, dial through a 10-10 style number. You'll have to check, but you probably won't get charged, and you'll probably get mail from the 10-10 company, but the 1-800 number you dialed won't know who you are.
22. Unlisted Number
    Pay the extra money to get an unlisted number. Not only will it be available in local phone directories, but with the internet, it will be available in online directories as well. The Internet directories should eventually drop your number and home address once the phone company does, but don't count on it.
    Recently I saw a special on ABC about Bjork's stalker. To reveal how easy it is to get information on someone, they had a specialist on the how dig up, within minutes, the home addresses of crime author Patricial Cornwell, who has an unlisted number, and the show's host. Dan Akroyd had this advice: "First of all, your driver's license should never have your real address on it; same with credit cards," he said. "Be careful about access on the computer. Use a pseudonym, for instance." Aykroyd also follows the cardinal rule about answering mail sent to his home address: He burns, shreds or simply discards everything.
23. Corporations
    Buy your major purchase via a corporation. Your car, home, etc. can all be traced back to you, and if you're wealthy, they can be taken away from you through lawsuits and other such fun things. If your car is owned by a corporation it won't be traced (easily) back to you, and if your house is owned by a different corporation, driving over someone with your car won't lead to a lawsuit that causes your house to be confiscated. For extra protection, be sure to buy your cell phone, internet access, etc. through a corporation.
24. Encrypt Sensitive Documents and Communications
    If you don't already have it, download PGP (Pretty Good Privacy), here's a link to some free versions, and if you don't trust that one, here's another one to MIT's website. You can encrypt some files or text and ensure only the recipient can decrypt them. By sharing your Public Key, you can sign documents, allowing anyone to ensure that you're the person they came from, or allow someone to send you a message or file only you can decrypt. The exact process is rather complex, but the implications are pretty big. If you're technically astute, GnuPG (GPG) is a good open source alternative.
      See My Favorite Smallware post for more.
25. Instant Messaging Client
    If you're especially paranoid, you can move to one of the alternative Instant Messaging clients that supports secure/encrypted messaging, though there are some drawbacks - i.e. authentication, which are outlined here and here. If you're communicating from behind a corporate firewall, you should be especially paranoid. Most packet sniffers (such as etherial) have a setting to track IM conversations. There are even many stand-alone products that do this (like AIM Sniff), and I believe AOL, when introducing their corporate Instant Messaging client, said that they would release a product designed to track conversations across a network.
    Following is a brief list of instant messaging clients that support encrypted messaging. Of course, these only work if the people you're communicating with also have software that supports encrypted messaging.
26. 1. Trillian Pro
       Trillain Pro supports (shareware) secure instant messaging and connects to most of the popular services AIM, ICQ, MSN, Yahoo, Jabber, and IRC.
    2. Gaim
       Gaim is a popular open-source instant messaging client that supports AIM, ICQ, MSN, Yahoo, etc. Gaim-Encryption is a plugin that supports encryption. Gaim-e is another (but only available in a non windows variant).
    3. Miranda
       Miranda is another open-source instant messaging client that connects to all the popular services. Miranda is also fairly open in it's architecture and supports many plugins, including a number of security related plugins.
    4. Waste
       Waste made big news when it was released & then revoked after a couple of hours on Nullsoft's (makers of Winamp, owned by AOL) website. The guy that wrote this also wrote Winamp and Gnutella.
       Waste:
    5. • Does not work with most of the popular services. In fact, your information never travels over AIM, ICQ, MSN or Yahoo's networks, it travels directly to the people on your Waste network. This means you have to share your IP address in order to communicate with other peope on Waste
       • Encrypted. You have to share your public key in order to communicate with other people on Waste.
       • The upside to this is that nobody outside of your network can spy on what's being said.
       • The downside is that everyone you communicate with must be technically savvy, and have Waste.
       There are many mirrors of the original site, I suggest waste.sourceforge.net which is a sleightly modified version of the original. This one logs your chats in the install folder in plaintext... Good if you like to log your chats, bad if you think someone else might be snooping on your computer. You can Google around to find one of the unaltered originals.

• Why Am I Getting All This Spam?
• Online Identity (Joel on Software forum thread)
• techTV: Top 10 Ways to Secure Your PC
• How common are sniffers anyway? (Joel on Software forum thread)

Message Board: http://www.marktaw.com/forum/list.php?f=1

page first created on Friday, July 26, 2002

this site and it's contents copyright Mark Wieczorek