Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
An Ethical Guide to Cyber Anonymity

You're reading from   An Ethical Guide to Cyber Anonymity Concepts, tools, and techniques to protect your anonymity from criminals, unethical hackers, and governments

Arrow left icon
Product type Paperback
Published in Dec 2022
Publisher Packt
ISBN-13 9781801810210
Length 322 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Kushantha Gunawardana Kushantha Gunawardana
Author Profile Icon Kushantha Gunawardana
Kushantha Gunawardana
Arrow right icon
View More author details
Toc

Table of Contents (16) Chapters Close

Preface 1. Part 1: The Basics of Privacy and Cyber Anonymity
2. Chapter 1: Understanding Sensitive Information FREE CHAPTER 3. Chapter 2: Ways That Attackers Use Your Data 4. Part 2: Methods and Artifacts That Attackers and Competitors Can Collect from You
5. Chapter 3: Ways That Attackers Reveal the Privacy of Individuals and Companies 6. Chapter 4: Techniques that Attackers Use to Compromise Privacy 7. Chapter 5: Tools and Techniques That Attackers Use 8. Chapter 6: Artifacts that Attackers Can Collect from You 9. Part 3: Concepts and Maintaining Cyber Anonymity
10. Chapter 7: Introduction to Cyber Anonymity 11. Chapter 8: Understanding the Scope of Access 12. Chapter 9: Avoiding Behavior Tracking Applications and Browsers 13. Chapter 10: Proxy Chains and Anonymizers 14. Index 15. Other Books You May Enjoy

Raw data can create sensitive information

There are different ways we disseminate our data knowingly or unknowingly, including participating in different types of surveys. Sometimes, researchers who conduct surveys may not use the data for the intended purpose. Often, data collected as part of open or public surveys is used for different purposes. If a researcher is collecting data, it’s important that they disclose the purpose of the data collection, and the data collected cannot and should not be used for any other purpose than that.

The main advantage of having raw data for an attacker is that this raw data can be processed to get PII or sensitive information, which can be used for direct and indirect attacks.

In the previous section, we discussed what PII and sensitive information are. Let’s take an example. When you call a bank or service provider, typically, they ask a few questions to verify your identity. The questions they ask are really basic; as we discussed earlier, this might even be information you’ve shared with your close circle. These questions can include your full name, address, contact number, and email address. (In fact, I still remember the full names of most of my schoolmates as the first thing that is done in the morning at schools in my country is marking the register. Teachers usually read names aloud one by one, and if the student is present, they have to shout, “Present!” Because of this, I still remember most of my classmates’ full names and initials, even though we have long names in our culture!)

Why do service providers ask these sorts of questions? Because by collecting a series of information such as this, they can identify that they are communicating with the correct person. This is the principle behind claims-based authentication in federation trusts. Claims, rather than credentials, will be shared between the identity provider and service provider. Claims are typically attributes, and they are treated as raw data.

Another interesting fact is, once someone has collected raw data, they can easily find personal and sensitive information too. For these types of searches, attackers use different tools. One such tool is Social Searcher (https://www.social-searcher.com/).

If you want to find more information on someone, so long as you know their first name and last name, you also can start searching for them on social media. The Social Searcher web app is connected to multiple social media APIs and provides information related to the searched name and its respective social media accounts. There are many internet resources and tools like this that can be found in many open source distributions, including Kali, Parrot OS, Security Onion, and Predator. Later chapters will discuss different tools and techniques in detail to understand what type of integration these tools have with collecting information and how can we prevent creating sensitive information.

You have been reading a chapter from
An Ethical Guide to Cyber Anonymity
Published in: Dec 2022
Publisher: Packt
ISBN-13: 9781801810210
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image