Saturday, June 24, 2017

Thwarting data-miners and privacy-invading snoopers


I had to laugh at a recent post at Raconteur Report on how to frustrate, thwart and totally mess up those who are trying to mine every detail about you, whether for surveillance or profit.  Here's an excerpt.

Go by the local bookstore.
Collect 50 magazine blow-in subscription cards while you browse.
From political and religiously slanted periodicals, when possible.
Sign up for the magazines using your own name.
No middle initials.
At 17 real addresses you never lived at, all around the country.
Mail them in.
Next month, do the same thing for 5 people randomly selected.
Forward all your junk mail **** to those addresses.
Ideally, by responding to it using those addresses.
(And if you can’t figure out how to pull the same thing off online using dead end g-mail and yahoo addresses, you’re not tall enough for that ride.)

. . .

Send $5 to each of 13 religious organizations. All different than yours.
And three atheist organizations.
And the Flat Earth Society, and the Church Of The Flying Spaghetti Monster.
And the NRA, and the ACLU.

. . .

Get some cheap burner phones. (Quantity optional.)
Use them, and a prepaid cash gift card from Visa or MasterCard. Give one of the new phone number(s) out, with your name, every time you’re asked for a phone number that’s nobody’s goddam business, and order different inexpensive oddball crap to yourself.
At each of the 17 addresses you don’t live at.
Bonus: Use Amazon.
Send yourself Mein Kampf at one address, Mao’s Little Red Book at another, Shrillary’s It Takes a Village at a third, and Barry Goldwater’s Conscience Of A Conservative at a fourth address, and so on. Get the cheapest crappiest used copies listed.

. . .

For maybe 200 bucks, you can so **** up data miners, you’ll be listed at a dozen or more addresses you never lived at, and half a dozen phone numbers you won’t ever use, and be registered as belonging to every political and religious group on the planet. If 100 people did it, then did it to half a dozen random strangers, data mining them would be like looking for a needle in a wrecked auto junkyard, with a metal detector. Blindfolded.

. . .

And in case you never read Hayduke’s Revenge books, any time someone asks for a Social Security number that’s none of their goddam business, Richard Nixon’s number is 567-68-0515.

And there’s also a list of more Social Security numbers online, for Kurt Cobain, Walt Disney, etc.  Knock yourself out.

There's more at the link.  Go read the whole thing.

Evil, devilish and fiendish ideas . . . but I think all of them may be a lot of fun (from our point of view, that is).

Peter

12 comments:

Anonymous said...

There are about 315 million people living in America; if 32,000 - 1/100 of 1 percent - did this it would sufficiently corrupt the data as to make it largely worthless.

Glen Filthie said...

Waste of time and money Pete. And free advertising for the bad guys. Everything is automated so all you're doing is justifying more invasive and aggressive marketing.

As a sales guy myself my priorities are

1. The guys that actually buy from me
2. The guys that are THINKING about buying from me
3. The tire kickers

All the rest comes after that. If you sent me money - even a small amount - I would think 'Hey - what other products would these guys be interested in? Can I up-sell them? Maybe this guy warrants a personal sales call?' Generating phony sales leads will only encourage these guys. (For the record I am a sales professional - and understand that irritating my clients is NOT a good sales tactic. In my market I only address potential customers who would have a use for my products and services).

Personally I don't mind the odd ads that pop up and get past my filters. They're all for stuff I'm interested in. Fact is, YOUR site could do with some gun ads from our friendly neighbourhood arms makers and suppliers😆👍

CenTexTim said...

Seems like a mean trick to play on the innocent people whose addresses you use as part of the scam. I get enough junk mail already. The last thing I need is some inconsiderate jerk sending me his.

JWM said...

How appropriate that this thread got spammed. ;) Telemarketers are a plague. There isn't a day goes by here without half a dozen or more junk calls. The No-call list is useless. The only people who do this work are desperate lowlifes, tweakers and junkies who can't hold a real job. There's a gambit going on wherein a cold caller will claim to have been at my house for an estimate on some repair work. Imagine the audacity to begin a sales pitch by lying outright to a stranger. Who would do business with such a creep? I'd love to see the whole business outlawed. I used to curse them a blue streak, when they call. Now If I pick up the phone and hear the 'bloop' sound I wait until the creep is on the phone and just scream in their ear. Immature, yes. But it gets the frustration out.

JWM

Anonymous said...

It is not you or your type this is diected at. Do you not unseratand that?

C. G. R. said...

Unfortunately data mining has massively evolved in the last years and can "see" beyond these relatively simple countermeasures. Even using older (or perhaps established would be more accurate) algorithms like neural nets or naive bayesian the end result depends on the number of data samples included in the analysis. While the listed countermeasures would somehow skew the end results, most algorithms include plausibility validation. To really have a measurable effect you would need to provide a lot of random distributed samples - like ensuring you have a LOT of personal mail traffic on EACH of the fake addresses you intend to use, and that's gonna cost too much.
Better to stick to plain old, plain old methods: use cash for what you don't want tracked, use anonymous landing email addresses over proxies (i.e. hmamail or similar), browse using TOR (although that's probably not that secure anymore given the governmental increasing acquisition of TOR servers), etc.

CarlS said...

What I have done, successfully, in the past is to ask politely that the caller remove me from their calling list. It usually works. But one time, this guy asserted that what he was doing was legal and that I would just have to live with it. Some days later, after having received 2 calls a day from the same person, I took the time to trace the caller, verify his identity and "work" phone, gain his easily accessible SSAN and Drivers License numbers, and then I installed some old call routing software on my older Windows box, connected it to a modem I just happened to have lying around and instructed it call his (verified) number once every 4 minutes. The very next day, I got a call from an unidentified number and it was him. He demanded I stop. I reminded him that he assured me such tactics were legal and hung up. I ignored his calls fro a day or so, then answered. He was oh so polite and asked me to stop because it was afecting his "business". He assured me he would remove me from his list, and you know what? He did. None of this is hard to do, and once the system and software are up and running, it's easy to add other assailants to the "Call Until They Drop" list. See "the Google" for instructions.

Anonymous said...

Very nice CarlS, this is the way to play the game back at them... :)

urbane legend said...

I have to echo CenTexTim here. Some of this is mean trick to play on other people. I think it falls somewhere in the Proverbs 24:29 realm, and certainly comes under " Do unto others as you would have them do unto you. "

I have generally found that not giving out my phone number and an email address everywhere keeps me off all of the nuisance lists. Works pretty well; my name doesn't come up in a google search.

Eric Wilner said...

CarlS: Alas, in the VoIP era, identifying the source of the calls is highly problematic. The telephone companies allow calling-number spoofing, so the Windows Technical Department boiler room in India can appear to be calling from Fremont, CA.
Last week, Cardholder Services (or whatever they call themselves this month) called my cellphone, apparently from my own cellphone number. The telephone company, it seems, is totally fine with this.
So, unless the caller gives you his real name, or the real name of his business (which, come to think of it, might - I say might - be the case with the endless parade of remodeling contractors, though my understanding is that every legitimate remodeling contractor in this area is fully booked for the next several years), or he's foolish enough to use his real phone number, good luck with finding any true identifying information.
And the rules for robocalls, the do-not-call list, etc.? Legitimate businesses operate in terror of these, as they're crazy restrictive and carry dire penalties. Scammers happily ignore them, as the likelihood of being tracked down and apprehended is basically nil. And there seem to be exemptions for many of the most annoying callers.

Anonymous said...

How about bounties on robocallers and boiler-room telemarketers?

One office in each major city, bring in proof you're on the do not call list, proof you got called, and the severed head of a robocaller, get $5K. May not be the right robocaller, but, hey, someone will get the right guy. Eventually.

You might have to book international travel for the big money, but there's sightseeing and native cuisine as a bonus. Think of all the retirees who'll be chasing the $5K overseas for supplemental retirement income and not cluttering up our traffic.

Thomas W said...

Seems a good political campaign theme -- really enforcing the do not call list.

On the subject of data mining, etc. I'm still not impressed. I've yet to see website ads that do much more than advertise whatever I last looked at on Amazon or some commercial web site (I got ads for FLIR for a couple months after I looked them up before going to a free booze and appetizers event they sent me an email about). I routinely get ads (or Amazon "maybe you want to buy this" emails) for things I just purchased, including books (I assume most people don't routinely buy a second copy of a book).

When advertisers can figure out some new product I might like based on what I've searched for in the past I'll worry about data mining (at least, commercial data mining).