Emmanouil Perselis
Emmanouil Perselis Ethical Hacker, Security and Privacy Consultant, Programming Teacher and Author.

Achieving anonymity and what defines it part 1

Achieving anonymity and what defines it part 1

This article is a re-edition of a chapter of Panopticism Ex Machina: Practical ways to obtain anonymity, confidentiality of data and repudiability of actions on the internet and why it is necessary (Emmanouil Perselis, 2019).

Anonymity, the anonymity chain and context

Derived from the Greek prefix “av”, an, which means without, and the Greek word “övoμa”, onoma, which means name. Anonymous, as a word is used to describe a person which is unknown and the condition of not being known, anonymity. The ultimate goal of anonymity is to unlink a certain action from an individual. Achieving anonymity in the physical world is getting harder as technology advances and the governments are getting more invasive into our private lives. On the contrary, digital anonymity can be achieved by following a chain of actions made of nodes that can be executed as an algorithmic procedure. Certainly, the parameters that have an impact on the anonymity are arcane at first sight but are limited.

Definitions

  • Anonymity chain: The term anonymity chain represents the aggregation of measures taken to anonymize an individual while allowing him to execute an action.
  • Context: The term context implies that the actions or the anonymity chains carry information that can logically associate them with each other. This can be achieved by using related Personally Identifiable Information, the same modus operandi or any other analogous information that can be derived from the actions or the anonymity chains.

Linking actions to an unidentified individual

Assuming that a certain action is observed by an observer, but the actor still remains unknown, the action will be linked to a hypothetical person. As long as the actor remains unknown, this fact should not pose a threat. If the actor uses the same chain or context to perform a second action, the second action can be correlated to the first. If the actor is deanonymized at some point in the future through one of the actions, he will be credited for both. Avoiding this phenomenon is trivial, as the only thing that has to be done is the usage of a new anonymity chain and a different context for each distinct action.

The case of Roman Seleznev and how context betrayed him

One famous instance of this linking is the case of Roman Seleznev also known as nCux and Track2. A notorious carder (person involved in credit card fraud) prominent in the hacking scene during the period of 2002 to 2014, he ran multiple sites selling stolen credit card numbers and identities. In 2017, two computer crime prosecutors working on his case made a presentation at Black Hat about him. They explained how he was caught and what information lead to the attribution of the actions to Seleznev granting him a 27-year prison sentence. As stated by the prosecutors, Seleznev did not follow any OPSEC (Operational Security, a process that identifies critical information to determine if friendly actions can be observed by enemy intelligence) making some catastrophic errors leading to his capture.

These errors were:

  • Reusing the same website structure on different websites.
  • Cross-referencing his pseudonyms on forums.
  • Using email addresses involved in criminal activities for personal use.
  • Messaging his personal details while using his pseudonyms.
  • Concentrating all his pseudonyms and stolen credit card numbers on one laptop.
  • Exercising the same activities in the same environments.
  • Using the same servers for each of his activities.
  • Not using encryption.

Although using different identifications occasionally, those actions were linked together under the same context and due to the fact that some nodes of the anonymity chain remained the same. This case illustrates the importance of a new anonymity chain, unlinked to the previous context, for each distinct action. If he had used a different chain and had not linked the contexts by making the aforementioned errors, many of his incriminating actions would not have been attributed to him.

To be continued in the next article…