Help How anonymous are we on this site?

[righttochoosevoice]

I am very new, having found SS through NYT, and am genuinely concerned how anonymous we are on this site? If posts gave no personal, identifying information, is it possible for *whoever* to find out who *I* am? I want to reply and post, within the guidelines and with a whole, honest heart, but I am very afraid of being "doxxed" or just known for who I am. Does anyone here have any knowledge to offer in this regard?

 

[godeatgod]

Hi. I'm an IT security professional by trade. I can't comment on this specific site, but here are a few points to consider regarding ALL sites you visit... often times, sites like this get contacted by law enforcement, in order to help out with investigations. If the site is located in the U.S., then U.S. laws allow for the subpoenaing of log files by law enforcement. Usually, in a site's terms of service, they will say something like "we cooperate with all law enforcement requests". If the site is not in the U.S., then they will have to cooperate with the law enforcement of the country where it resides. Your internet service provider knows all the sites you visit if you use their DNS. You can get around this by using something like NextDNS. The same goes for VPNs. You should always use a VPN that does not log, if maintaining maximum privacy is important to you. Don't use Chrome as a browser. Use Brave. Most sites will tell you what they log of your logins and browsing in their terms of service. Always check with the site if that is a concern. In the U.S., we have KYC and AML laws that require some things of web sites that fall into certain categories. Most sites will tell you (again in their terms of service) if they follow KYC and AML laws. If they do, then they have requirements to collect your personal information. Many European-based sites follow KYC and AML laws as well. I do not believe that this site falls into a category that mandates the following of KYC and AML laws, but I don't know that. I only speculate that based on most of the sites that I give security consultations to a cryptocurrency sites, which all follow those anti-privacy laws. Hope that helps.

 

[righttochoosevoice]

Hi. I'm an IT security professional by trade. I can't comment on this specific site, but here are a few points to consider regarding ALL sites you visit... often times, sites like this get contacted by law enforcement, in order to help out with investigations. If the site is located in the U.S., then U.S. laws allow for the subpoenaing of log files by law enforcement. Usually, in a site's terms of service, they will say something like "we cooperate with all law enforcement requests". If the site is not in the U.S., then they will have to cooperate with the law enforcement of the country where it resides. Your internet service provider knows all the sites you visit if you use their DNS. You can get around this by using something like NextDNS. The same goes for VPNs. You should always use a VPN that does not log, if maintaining maximum privacy is important to you. Don't use Chrome as a browser. Use Brave. Most sites will tell you what they log of your logins and browsing in their terms of service. Always check with the site if that is a concern. In the U.S., we have KYC and AML laws that require some things of web sites that fall into certain categories. Most sites will tell you (again in their terms of service) if they follow KYC and AML laws. If they do, then they have requirements to collect your personal information. Many European-based sites follow KYC and AML laws as well. I do not believe that this site falls into a category that mandates the following of KYC and AML laws, but I don't know that. I only speculate that based on most of the sites that I give security consultations to a cryptocurrency sites, which all follow those anti-privacy laws. Hope that helps.

Thank you So much. I will look into all that you have mentioned here. I have never heard of Brave. I currently use Mozilla because they promote themselves as being private. I truly appreciate the time and information you shared here.

 

[godeatgod]

Glad it helped. Mozilla Firefox is not bad when it comes to privacy. They're definitely 10x better than Chrome. Most IT security experts and privacy advocates would put Brave just a little ahead of Firefox for privacy features. If you're happy with Firefox, and changing what you're used to causes discomfort, you're fine with Firefox. If you were using Chrome, then I would say absolutely go to Brave.

 

[http-410]

Don't trust anyone. I have occasionally read here that users got into trouble after they confided in someone and shared their name or location with them. Be careful when uploading self-taken photos, as they may contain information about where you live (metadata).

Your internet service provider knows all the sites you visit if you use their DNS.

Unless you use a VPN or Tor, your ISP can still associate your IP with the page you are visiting.

Using a DNS that is not offered by the ISP does not necessarily make you more secure or private / using a different DNS does not mean that your ISP can no longer track you. It may even be that a third party DNS is worse for privacy or security - but of course there are third party DNS that advertise/offer more privacy.

For this site, I would recommend Tor. Do not use a free VPN, otherwise you and your data are the product. Even if you use a VPN, there is never a 100% guarantee that the VPN provider will not be hacked or some authority will request your data from that VPN provider. However, I personally think that the probability of this happening here is rather low and the effort relatively high.

For everyday stuff, Firefox isn't bad. But since Firefox likes to phone home and has vulnerabilities with default settings related to your privacy and security (DNS leak, WebRTC), you should at least harden or tweak it a bit.

Also Brave tracks at default settings (telemetry at least) and leaked DNS requests through TOR pages in the past (which is now fixed). Even Brave states on their support page:

If your personal safety depends on remaining anonymous, we highly recommend using Tor Browser instead of Brave Tor windows.

If you want to learn more about privacy, check out https://www.privacytools.io/.