Are you truthful in your sign-ups?

[webecedarian]

The post about the Chinese guy nabbed via Yahoo has me wondering: when you sign up for an e-mail account, do you tend to be complete and truthful?

When I was forced by a friend to get my first e-mail account - which I wasn't interested in - he operated under the assumption that there was no benefit to being truthful with an e-mail provider asking for your information. Since I tend to supply as little information as possible to any businesses (not giving my social security number, etc.), this made sense to me. Or do you think this is being overly guarded?

[trew]

Will not the IP number show who you are? Yes, I know it only point out approximately in which region and which ISP but if you collect everybodys IP in that area 24/7 then you could learn a lot of who you are. Some ISP do give you same IP everytime. Minenow maybe don't do it. But my MAC number is same every time so even fi ISP give me new IP the China secret service would know it is me.

So I would stay away from doing such things. They would know.

Ok one could always go to an Internet Cafe maybe but then they only have to go there until you log in next time and they see at which computer you sit and then follow you to your work or home.

One need to be very clever I guess to remain scret for a long time?

Maybe If one drive by and use Wifi using innocent peoples networks. Your ISP would always know who you are so they only need to log in and take it from their database. ?

Only me trying to get it? I used faked names for years but nowadays give corect info in most places. No way of hiding I guess.

[Sherry]

Quote:

Originally posted by webecedarian
The post about the Chinese guy nabbed via Yahoo has me wondering: when you sign up for an e-mail account, do you tend to be complete and truthful?

Never truthful for a free email service. (not sure if I've ever out and out lied, just not filled everything in on the check marks some want filled) If it's a trial I would not be truthful about personal info like phone #, address and many times not give my last name. If I pay for a service they would then, and only then, know who I am...

Sherry

[rmns2bseen]

I give as little personal info as possible, and only as much as necessary But then I think I have a big secretive streak anyway But I'm not sure you can be completely anonymous without some elaborate safeguards in place. And I don't have them

(edit) I will say though that I was permanently barred from one (non-email) service for providing some false info, months after the fact. As Sherry said, if it's something I care about and I'm really interested in, and for-fee especially, I try to be as truthful as possible. Otherwise I try to hedge as much as possible

[sreenadh]

i NEVER give my lastname to any free service. And i give my real first name only to free services i use regularly(like my main mail account at yahoo) otherwise i just give anyname that crosses my mind.

And as of my other contact details, i just try to avoid to it the max.

[unhappysoul]

Quote:

Originally posted by webecedarian
The post about the Chinese guy nabbed via Yahoo has me wondering: when you sign up for an e-mail account, do you tend to be complete and truthful?

When I was forced by a friend to get my first e-mail account - which I wasn't interested in - he operated under the assumption that there was no benefit to being truthful with an e-mail provider asking for your information. Since I tend to supply as little information as possible to any businesses (not giving my social security number, etc.), this made sense to me. Or do you think this is being overly guarded?

First of all, I use ghost surf and I use cable modem which hook up to 8 port router which is connected to telephone router ( I use VoIP).
then I never give any true information. execpt my first name which is very generic. so I'm suppose to live near NY and work as CEO for government.... or something like that

thanks

[trew]

Would not the "counter-measure" of some free services be to boycot those free serives that allow us to fake it?

I remember that several free servicesspell it out up front.

You have to give your ISP emailaddress and not a free service email addy. They know from experience that many free services has no time to chech up on every service.

Some free services do ask for real addy like Bluebottle here in EMD so I gave it to them. As far as I know they do their best to check it up.

Here in EU they seems to want us to almost carry an RFI thing so they know who entered a building or whatever.

If one carry the Mobile Phone then they know where and who you are within some 300 meters or at least 1 kilometer.

[theog]

I never give out correct information.... might be lucky if they get a good email from me that will last for a couple of days. lol

[sarf]

I always give my real name and address

Rufus T Firefly

Margaret Dumont rest home for surreal comics
Zeppo plaza
Freedonia

[marcus0263]

Unless it's with a service I pay for I never give out the real information. There's a point to giving up my personal information. I highly recommend Bugmenot when you run into a site that requires registration to visit their site, etc.. Way to much of our personal information is passed around with no accountability.

[webecedarian]

Thanks for the interesting replies. I'm sure that if a government wanted to track you down from your ongoing e-mail, they could. But otherwise, I figure it's like putting a lock on your door - it won't keep out someone who's determined to get in, but it keeps out the casual thief. (And, Trew, even that Chinese guy had gone to internet cafes, he wouldn't have to go to the same cafe every time.)

That makes perfect sense about paid e-mail being easier to track, but I recently paid for something with a money order. But otherwise mine have been free. I gave a little more data when I tried Operamail, but outside of that I've been picking low-information ones.

[marcus0263]

Quote:

Originally posted by webecedarian
Thanks for the interesting replies. I'm sure that if a government wanted to track you down from your ongoing e-mail, they could. But otherwise, I figure it's like putting a lock on your door - it won't keep out someone who's determined to get in, but it keeps out the casual thief. (And, Trew, even that Chinese guy had gone to internet cafes, he wouldn't have to go to the same cafe every time.)

That makes perfect sense about paid e-mail being easier to track, but I recently paid for something with a money order. But otherwise mine have been free. I gave a little more data when I tried Operamail, but outside of that I've been picking low-information ones.

The great issue I take is what they do with the info and where it ends up. The bank, hostpital, employer and others like that need my detailed info. Others, nope.

[hadaso]

I think I am being truthful when signing up as "anoymous user" . Then all marketing email is addresses to "Dear Anonymous" of course

Most of the times I sign up using my real name if I intend to keep the service, or if I see no problem. Sometimes as "Anonymous". I signed up in the past with some different "pen names" such as "Nicholas Bourbaki" in a math related place.

Insisting on "ISP email" seems foolish to me. This is juust asking me to give an address I don't use instead of an address I use. Usually I give a sneakemail.com address on signups I intend to keep (not just for privacy. It also records my signups for me this way). I use spamgourmet.com addresses in other places, and sometimes subdomain addresses of a FastMail alias or in my own domain (rather rarely). These are all real addresses and I receive mail sent to them. All addresses Igive out are initially unfiltered, so I receive all email sent to them (except for large messages sent to spamgourmet). If someone insists on getting a "real address" from an ISP then their coerrspondense might be filtered out of course, but it's their choice not accepting any one of my real addresses. It's all theoretical, of course. Inever encountered any site that refused the address I gave.

In one case (gawab.com) I had to choose a different country because my country was not listed. It was a nice service but I didn't really need it. JUst signed out to test it.

I don't see how one can avoid giving real info in some situations. When I have to pay, I have to give my credit card number with enough information that anyone can use then to make purchases with it. I almost never use my credit card online, except with sited I know quite well. Recently I had charges made to my CC from a site I don't know and some paypal accounts. I found out about it when Visa security called my cellphone and said they saw suspicious looking charges on my card. After confirming I had not made these they blocked the card immediately. Still whoever did this managed to charge almot $10000 before it was blocked. After filling some forms I got most of the money back, but there are still $100 missing. The first thing the Visa person asked me on the phone is if I used the card online. Of course I had to say I did because I did many times: I paid city taxes online. Electricity bills. Email acounts. Hotel reservations. Amazon. B&N. etc. Are these safe? I also made payments on the phone. Perhaps some of these were not as safe (small local businesses. Donations to small organizations...) And I made lots of payments directly: Stores. Gas stations in places I don't know. The most untrustable situations were those where the credit card is actually handed over to a worker in some business. When you need gas you need gas. Otherwise you cannot go home.

Well, that was a bit off topic, but my point is that as much as we like not to give personal info, there are situations where we must give this info whan we know it can be abused because this is how things work.

And about the incident with Yahoo and the Chinese reporter: Yahoo didn't need to give any personal information. Just the IP addresses that a certain account was used from. That's enough for Chinese intelligence to match to cybercafe's logs and to find out exactly who used it and when. And with a bit more efort the Chinese inteligence would probably be able to do it without Yahho's cooperation.

[marcus0263]

Quote:

Originally posted by hadaso
<snip>
I found out about it when Visa security called my cellphone and said they saw suspicious looking charges on my card. After confirming I had not made these they blocked the card immediately. Still whoever did this managed to charge almot $10000 before it was blocked. After filling some forms I got most of the money back, but there are still $100 missing. The first thing the Visa person asked me on the phone is if I used the card online. Of course I had to say I did because I did many times: I paid city taxes online. Electricity bills. Email acounts. Hotel reservations. Amazon. B&N. etc. Are these safe? I also made payments on the phone. Perhaps some of these were not as safe (small local businesses. Donations to small organizations...) And I made lots of payments directly: Stores. Gas stations in places I don't know. The most untrustable situations were those where the credit card is actually handed over to a worker in some business. When you need gas you need gas. Otherwise you cannot go home.

Well, that was a bit off topic, but my point is that as much as we like not to give personal info, there are situations where we must give this info whan we know it can be abused because this is how things work.

And about the incident with Yahoo and the Chinese reporter: Yahoo didn't need to give any personal information. Just the IP addresses that a certain account was used from. That's enough for Chinese intelligence to match to cybercafe's logs and to find out exactly who used it and when. And with a bit more efort the Chinese inteligence would probably be able to do it without Yahho's cooperation.

This goes to why I am very selective to where and who gets my personal information. You have to be, it's just out and out foolish not to be. I find it appauling that so much the attitude from companies and a lot of people also that they think you're nuts for not just handing over your personal info. Take for example a quote I read by Scott McNealy "Privacy doesn't exist, get over it"! That show's the general attitude, I find it shocking!

Another subject I take great issue with is Microsoft and their general disregard twards security and privacy. The story about the server found in Texas collecting the data from keyloggers on millions of Windows computers. That's just out and out chilling! I'm proud to state I use only Unix and Linux on my personal machines. The risk is greatly reduced, and I can sleep at night. But it goes to show the great challenges that we face as a civilization that is currently getting rid of actual money and going to a "Point System". Identity theft is big business and no longer are they script kiddies writting viruses, it's organized crime!

[hadaso]

Quote:

Originally posted by marcus0263
...Identity theft is big business and no longer are they script kiddies writting viruses, it's organized crime!

That's what makes me think the credit card business model is bound to fail in the not so far away future. They base their model on trust and insurance. Most people are honest. Few are not. Therefore it is cheaper to insure the losses made by those few stealing a bit than trying to avoid them completely. All credit card transactions are made my giving to the merchant all the info needed to pay with that credit card to any other merchant. So the merchant or an employee can just use that info to make purchases, or sell the info. So if there are only a few of these "bad guys" then there's just a bit overhead to insure against the damage they might cause.

Enter the internet. Now all the bad guys can organize and transfer the data. Organized crime can collect it from all around the net, and can use it smartly. And they have no prblems hiring talented people that can use the data efficiently. If in the passed a gas station attendant might have been able to collect some credit card info, he wouldn't be able to do much with it without being caught. Now it can probably be sold over the net to someone in another country buying this info from thousands of sources around the world, and employing professionals who can use this data to withdraw as much money as is possible. In my case the fraudsters were quite stupid: they sums they tried to withdraw looked suspicious from the start. But if they tried to withdraw smaller amounts over a wider time frame, they would probably have gone unnoticed until I got my credit card monthly statement about four weeks later. By then the money would have been safe with them. And they cvan do it with thousands of other credit card numbers. Eventually the percentage of fraud would pass some critical level that would make insurance unprofitable, and then the business model collapses. This credit card model should be replaced with a system where the info provided by a customer is only good for paying a particular sum to one particular merchant in a narrow timeframe.

So right now I have a problem. There is this organization I donated to each year (form fighting cancer). They called me and asked that I donate, but I told them that I stopped using the credit card over the phone. So they gave me a 1-800 number to call back. Later they called me to ask why I haven't called back. They try to convince me that it's OK: they're not just anyone because they know about me. They have my name and phone number and my mailing address so I should trust them that it's them and not some imposter. The 1-800 number they gave doesn't match any of the 1-800 numbers on their website. Paying on the website seems to be more secure than over the phone because of encryption, but in the public mind it is risky, never mind the facts, and this public mind seems to include Visa security personnel (BTW, Visa and the issuing bank are of course demanding that I use only IE in my online transactions with them). And anyway I think the risk in this case is in the way they store the info. And the real risks is in other places like supermarkets and gas stations. So it's quite confusing. Nothing seems safe! And the people who are supposed to guard our money, the banks, seem careless and ignorant about the real risks out there!