Risk
5/4/2012
08:53 AM
50%
50%

Has Anonymous Ruined Online Anonymity?

Anonymous, the hacktivist collective, has given anonymity a bad name. Yes, anonymous online services may be used to send bomb threats or abusive messages, but anonymity also does some good online.

Is online anonymity a bad thing?

Calls for the death of online anonymity get invoked by everyone from the anti-cyber-bullying crowd to social networking proponents. Tie comments to an actual person, goes the reasoning, and people will think twice before trying to intimidate someone online.

To be sure, anonymous services can be abused. For example, the ongoing FBI investigation into a series of bomb threats against the University of Pittsburgh has led the bureau to execute search warrants against a number of remailer services. For the uninitiated, such services strip the header information from emails, and messages pass through multiple remailing servers, thus helping to disguise the message's origins. Meanwhile, the hacktivist collective Anonymous has built its anti-government and anti-corruption reputation based on the right--or at least ability--of people to take anonymous online revenge against perceived wrongdoers.

[ What's the back story on Google's Street View data collection practices? See Google Wardriving: How Engineering Trumped Privacy. ]

On the social networking front, Facebook and Google+ have been behind drives to create "real identities," or at least verified ones. For example, Facebook founder Mark Zuckerberg last year said that "having two identities for yourself is an example of a lack of integrity." Of course, the Facebook paradigm depends on people being who they say they are. How does the whole Facebook paradigm look if the person running the official Scarlett Johansson Google+ page turns out to really be a 14-year-old boy living in Malaysia?

Eliminating anonymity is also pitched as a way to combat bullying online. "I think anonymity on the Internet has to go away. ... People behave a lot better when they have their real names down. ... I think people hide behind anonymity and they feel like they can say whatever they want behind closed doors," Randi Zuckerberg, formerly Facebook's marketing director, said last year.

But anonymous online services can be used for good--for example, for human rights advocates disseminating information from within countries with tight controls on information flow, for whistleblowers who want to provide information to authorities without revealing their own identity, or for people who might just be shy.

Anonymity--as well as pseudo-anonymity--can also be, if not a virtue, at least a social nicety. For example, Facebook last year restored anonymous defriending after users complained about people being able to see, from their timeline, when someone had stopped being their Facebook friend.

For a more positive example, a recent study of psychologically troubled teenagers by Azy Barak and Meyran Boniel-Nissim of Haifa University in Jerusalem found that blogging online using a pseudonym, as well as expressly allowing others to comment on their posts using pseudonyms--compared with just keeping an online diary on which no one could comment--produced markedly improved mental states in the teens.

"The sense of anonymity and invisibility experienced by Internet users promotes their confidence to express thoughts and feelings. Furthermore, users do not feel committed to the offline social codes--including attire, nonverbal gestures, and eye contact--when interacting online with other people; therefore, they can pay more attention to written content and to themselves. These characteristics induce the therapeutic value of venting emotions and releasing pressure," they wrote.

People crave connections; no real names required, at least online. On a similar note, Disqus, which develops website commenting software used by 600 million unique visitors across more than one million websites--including this one--sees 61% of posters use a pseudonym, while 35% are anonymous, and only 4% use their real identities. Furthermore, Disqus has also found that pseudonymous posters are far and away the most valuable contributors, contributing 6.5 times as many posts as anonymous contributors, as well as a far greater number of quality posts--based on other users "liking" their contributions--as other contributors.

In fact, discussion forums provide a great use case for remaining anonymous, since some topics or postings are so banal as to not even merit someone's real or at least verified identity. Should posting car-repair questions require a real identity? What about the teenager who posts queries to a cannabis bulletin board, then must face the fallout of those posts when interviewing for his first job 10 years later?

Throwaway usernames and no worries about traceability--barring something rising to the level of a bomb threat--help people jump in and make connections. Discuss politics. Indulge in flame wars over the quality of live Husker Du recordings. Politely disagree about which local diners serve the best apple pie. This free-for-all, with no identity checks required, contributes to making the Internet great. Why mess with success?

When picking endpoint protection software, step one is to ask users what they think. Also in the new, all-digital Security Software: Listen Up! issue of InformationWeek: CIO Chad Fulgham gives us an exclusive look at the agency's new case management system, Sentinel; and a look at how LTE changes mobility. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
YMOM100
50%
50%
YMOM100,
User Rank: Apprentice
5/5/2012 | 2:00:40 PM
re: Has Anonymous Ruined Online Anonymity?
Anonymity is a must online. I used to post under my real name and that was providing too much information. After posting a critical comment to a news story about a neonazi group I was physically attacked a few days later by right extremist thugs.
As far as comments or other online contributions go, content is of more importance than names. Therefore, commenting functions such as this one should do away with the need to register and log in. Add some computer smarts to filter out the spam and simply number the comments so that referencing is still possible.
I also will never have a Facebook or Google+ or similar account. Both of these companies have a horrible track record in regards to privacy. Google does this out of commercial interest, the folks at Facebook are just ignorant and inept.
David Berlind
50%
50%
David Berlind,
User Rank: Apprentice
5/5/2012 | 1:18:26 AM
re: Has Anonymous Ruined Online Anonymity?
It's pretty much impossible to keep innovation out of the hands of those with nefarious objectives.
MyW0r1d
50%
50%
MyW0r1d,
User Rank: Apprentice
5/4/2012 | 11:28:07 PM
re: Has Anonymous Ruined Online Anonymity?
A nice article that explores the various shades of anonymity like the various shades of hacking (white, grey, or black). I make a difference between online blogging and the technical "tools" like the email sites described or Tor which seeks to obscure all internet traffic from a device. My comments here for instance, while done under a name which is traceable by the staff hosting the site that can tie that to a registered user. Should I slander a public figure or make threats or other illicit activity, then they could effectively and with little effort identify me (it is little more than a placebo). Yahoo, Google, FB and others have even more superficial controls that verify not even an identity but rather a valid email address (created using false information so simply throwing out userIDs wouldn't resolve it). Some of the human rights defenders or whistle blowers need only to create these false personalities but it is the ease that make them popular with the cyber bullies described (read the story on the two adolescents that created a false, diffamatory FB page for their classmate leading to 12 months of mental anguish before FB pulled it). FB, Yahoo and the others simply do not want to invest the overhead for staff that it would take to verify identities such as should be in place with others such as PayPal for instance - guess investing in lawyers to defend the law suits still has a lower ROI given current lack of regulation.

Surfing behind a Tor connection or sending email through an anonymizer is to me an entirely separate ballpark with identifiable characteristics and with a singular unifying element - ethical use or lack of. Success implies an objective measurement, is forcing everyone to participate or observe a WWF Smackdown contest a success if they would rather watch a documentary?
TT Millard
50%
50%
TT Millard,
User Rank: Apprentice
5/4/2012 | 11:02:06 PM
re: Has Anonymous Ruined Online Anonymity?
The biggest problem we're facing is the abuse by people who use the layer of anonymity to vandalize online communities with their reprehensible actions and behavior, with complete disregard for the rights of others, and do so without repercussion or consequence.

It has been a problem with our society down through the ages; this is just the next medium that shows if we are given the opportunity for good or evil, there will always be a faction that will tend towards the latter. We prove it time and time again.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-1421
Published: 2014-11-25
mountall 1.54, as used in Ubuntu 14.10, does not properly handle the umask when using the mount utility, which allows local users to bypass intended access restrictions via unspecified vectors.

CVE-2014-3605
Published: 2014-11-25
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-6407. Reason: This candidate is a reservation duplicate of CVE-2014-6407. Notes: All CVE users should reference CVE-2014-6407 instead of this candidate. All references and descriptions in this candidate have been removed to pre...

CVE-2014-7839
Published: 2014-11-25
DocumentProvider in RESTEasy 2.3.7 and 3.0.9 does not configure the (1) external-general-entities or (2) external-parameter-entities features, which allows remote attackers to conduct XML external entity (XXE) attacks via unspecified vectors.

CVE-2014-8001
Published: 2014-11-25
Buffer overflow in decode.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file.

CVE-2014-8002
Published: 2014-11-25
Use-after-free vulnerability in decode_slice.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?