Q&A: Views on Privacy and Identity Theft
by Mirko Zorz - Tuesday, 12 August 2008.
Jonathan Moneymaker is VP of Operations at Anonymizer. He is a certified Project Management Professional and also holds a BS in Systems Engineering from the University of Southern California.

In this interview he tackles headaches related to privacy and identity theft.

As more people get online, problems related to privacy multiply. What should an everyday user pay attention to in order to safeguard his/hers online activities from potential attackers?

More and more of our everyday activities are being carried out online - work, email, chat, banking, shopping, research or just browsing. Employers and individuals should understand that every Web site they visit is logging information about them and their organization, such as IP Addresses, domain names, software versions and such. In many cases this information is captured in order to enhance the user’s experience by remembering passwords, displaying relative content or sorting out possible compatibility issues. However, with ultra openness also come vulnerabilities. Depending on the type of activity users are engaging in, here are a couple of suggestions from the basic to the slightly more technical.
  • For most of us, the linchpin of our online presence is our personal email address. Managing it can serve as a powerful tool of prevention. I recommend creating intermediary email aliases that all forward back to their main email address. If, for example, a Web site has sold the intermediary address, you have the ability to simply remove that alias, leaving the main one uncompromised from spam, phishing scams or other attacks.
  • Always be aware of providing personal information online. Look for indications that the site uses SSL to encrypt and protect your information. Also, try and limit the use of cookies. These may seem convenient at the time, but not so much if your information gets into the open.
  • The majority of people now operate with a work and a home computer. The best practice is really to keep them separate; using one computer for both business and personal issues may potentially expose both a person’s private information and their company’s information.
  • For the slightly more tech savvy users: Virtual technologies allow a single computer to behave as two discreet ones. In this scenario, individuals can use the virtual computer to browse the Web and their “real” computer to access secure sites. The more separate, the better.
Even in this constantly changing high-tech world, Ben Franklin’s advice still applies: “An ounce of Prevention is worth a pound a Cure.”

In your opinion, how common is identity theft? Who should be worried?

A subject near and dear to my heart. I was a victim many years ago, and let me tell you that even the slightest incident can have serious ripple effects. Everyone is truly at risk and in many cases the repercussions of traditional “sifting through your garbage ID theft” can now be felt with far less effort by the would-be theft. If users are careful and take appropriate steps like some of the items I listed above, they can weed themselves out of the pool of easy targets; a bit of “The ‘Club’ for your car” effect.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th