Book Image

An Ethical Guide to Cyber Anonymity

By : Kushantha Gunawardana
Book Image

An Ethical Guide to Cyber Anonymity

By: Kushantha Gunawardana

Overview of this book

As the world becomes more connected through the web, new data collection innovations have opened up more ways to compromise privacy. Your actions on the web are being tracked, information is being stored, and your identity could be stolen. However, there are ways to use the web without risking your privacy. This book will take you on a journey to become invisible and anonymous while using the web. You will start the book by understanding what anonymity is and why it is important. After understanding the objective of cyber anonymity, you will learn to maintain anonymity and perform tasks without disclosing your information. Then, you’ll learn how to configure tools and understand the architectural components of cybereconomy. Finally, you will learn to be safe during intentional and unintentional internet access by taking relevant precautions. By the end of this book, you will be able to work with the internet and internet-connected devices safely by maintaining cyber anonymity.

Related Content you might be interested in

Current Title:

Small book image
An Ethical Guide to Cyber Anonymity
Kushantha Gunawardana
Dec, 2022 | 322 pages
Small book image
Hands-On Dark Web Analysis
Sion Retzkin
Dec, 2018 | 210 pages
Small book image
Reconnaissance for Ethical Hackers
Glen D Singh
Aug, 2023 | 430 pages
Small book image
The OSINT Handbook
Dale Meredith
Mar, 2024 | 198 pages
Table of Contents (16 chapters)
Preface
Preface
Who this book is for
What this book covers
Download the color images
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
1
Part 1: The Basics of Privacy and Cyber Anonymity
Part 1: The Basics of Privacy and Cyber Anonymity
Free Chapter
2
Chapter 1: Understanding Sensitive Information
Chapter 1: Understanding Sensitive Information
The categorization of information
Different forms of sensitive information
Raw data can create sensitive information
Privacy in cyberspace
Cyber anonymity
Summary
3
Chapter 2: Ways That Attackers Use Your Data
Chapter 2: Ways That Attackers Use Your Data
Impersonation and identity theft
Technical, procedural, and physical access
Technical controls
Procedural controls
Physical controls
Creating vulnerabilities to compromise systems
Increase the attack surface using sensitive data
Summary
4
Part 2: Methods and Artifacts That Attackers and Competitors Can Collect from You
Part 2: Methods and Artifacts That Attackers and Competitors Can Collect from You
5
Chapter 3: Ways That Attackers Reveal the Privacy of Individuals and Companies
Chapter 3: Ways That Attackers Reveal the Privacy of Individuals and Companies
Cyber exposure index
Everything exposed in cyberspace matters
We don’t need to enter our real information always
Facts we shouldn’t be disclosing
Social media matters
Summary
6
Chapter 4: Techniques that Attackers Use to Compromise Privacy
Chapter 4: Techniques that Attackers Use to Compromise Privacy
Information gathering
Enumeration
Identity exposure
Artifacts that can be collected from devices
Social engineering
Summary
7
Chapter 5: Tools and Techniques That Attackers Use
Chapter 5: Tools and Techniques That Attackers Use
Maltego
Google Advanced Search and dorks
Uvrx Social Search
Open Wi-Fi networks
Phishing sites
Summary
8
Chapter 6: Artifacts that Attackers Can Collect from You
Chapter 6: Artifacts that Attackers Can Collect from You
Artifacts that attackers can collect from you
Artifacts that competitors would like to collect
Devices can be compromised
Ways that an attacker can access your networks
Compromising browsers
Summary
9
Part 3: Concepts and Maintaining Cyber Anonymity
Part 3: Concepts and Maintaining Cyber Anonymity
10
Chapter 7: Introduction to Cyber Anonymity
Chapter 7: Introduction to Cyber Anonymity
Definition of cyber anonymity
Privacy and anonymity
Levels of cyber anonymity
Best practices to maintain cyber anonymity
Developing a cyber anonymity mindset
Summary
11
Chapter 8: Understanding the Scope of Access
Chapter 8: Understanding the Scope of Access
Understanding the scope of access
Planning for connectivity
Understanding the level of access
Preparing the device
Preparing applications for anonymity
Summary
12
Chapter 9: Avoiding Behavior Tracking Applications and Browsers
Chapter 9: Avoiding Behavior Tracking Applications and Browsers
Avoiding behavior-tracking applications and browsers
Using secure messaging apps
Using disposable emails and contact numbers
Using virtual machines and virtual applications
Summary
13
Chapter 10: Proxy Chains and Anonymizers
Chapter 10: Proxy Chains and Anonymizers
What proxy chains and anonymizers are (for example, Tor)
Censorship circumvention (Psiphon)
Live OS (for example, Tails)
VPN solutions
Logless services
Summary
14
Index
Index
Why subscribe?
15
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

Raw data can create sensitive information

There are different ways we disseminate our data knowingly or unknowingly, including participating in different types of surveys. Sometimes, researchers who conduct surveys may not use the data for the intended purpose. Often, data collected as part of open or public surveys is used for different purposes. If a researcher is collecting data, it’s important that they disclose the purpose of the data collection, and the data collected cannot and should not be used for any other purpose than that.

The main advantage of having raw data for an attacker is that this raw data can be processed to get PII or sensitive information, which can be used for direct and indirect attacks.

In the previous section, we discussed what PII and sensitive information are. Let’s take an example. When you call a bank or service provider, typically, they ask a few questions to verify your identity. The questions they ask are really basic; as we discussed earlier, this might even be information you’ve shared with your close circle. These questions can include your full name, address, contact number, and email address. (In fact, I still remember the full names of most of my schoolmates as the first thing that is done in the morning at schools in my country is marking the register. Teachers usually read names aloud one by one, and if the student is present, they have to shout, “Present!” Because of this, I still remember most of my classmates’ full names and initials, even though we have long names in our culture!)

Why do service providers ask these sorts of questions? Because by collecting a series of information such as this, they can identify that they are communicating with the correct person. This is the principle behind claims-based authentication in federation trusts. Claims, rather than credentials, will be shared between the identity provider and service provider. Claims are typically attributes, and they are treated as raw data.

Another interesting fact is, once someone has collected raw data, they can easily find personal and sensitive information too. For these types of searches, attackers use different tools. One such tool is Social Searcher (https://www.social-searcher.com/).

If you want to find more information on someone, so long as you know their first name and last name, you also can start searching for them on social media. The Social Searcher web app is connected to multiple social media APIs and provides information related to the searched name and its respective social media accounts. There are many internet resources and tools like this that can be found in many open source distributions, including Kali, Parrot OS, Security Onion, and Predator. Later chapters will discuss different tools and techniques in detail to understand what type of integration these tools have with collecting information and how can we prevent creating sensitive information.

Previous Section
End of Section 4
Next Section