Internet Anonymity – A Case Study

Who is Will McLauglin?  The Campaign for Privacy?  or Dennis Anon and Privacy.net?

I’ve been writing this blog long enough that I receive regular submissions for guest content, infographics and other sort of suggestions for article topics. As long as the submissions are legitimate and on topic, I am generally happy to post them.  My next post is one of those times.  My efforts at verifying the source has been an interesting excursion, interesting enough I decided to write about the experience.

I received an email on August 2 from Will McLaughlin from the Campaign for Privacy, recommending an article written by Dennis Anon at Privacy.net.  The title, “What does the US government know about you?” is right up my alley. I will be publishing a story about this post in two days.  As part of this process, I did a little OSInt (open-source intelligence gathering) via Google and other Internet sources.  What I found was interesting in as much as I found virtually nothing about either of these people or their respective organizations.  Considering that both of these people are involved in the online privacy and anonymity movement, this is good for them.

First, the Campaign for Privacy website, what there is of it, is here.  Basically, it is a “site coming soon” page.  There is an address on the web page for the organization in Tallinn, Estonia.  Tallinn is just across the Bay of Finland from Helsinki, Finland, which is about 300 miles south of the address on Will’s email in Iisalmi, Finland.  A quick lookup on the ICANN WHOIS database shows the domain was just registered in June 2018.  Often I will go to the Wayback Machine at the Internet Archive to get a historical look of a website, but there is, of course, nothing there.  The domain name is registered in the Grand Cayman, and the nameservers point to Dreamhost, a popular host for WordPress sites.  Checking LinkedIn for Will did not yield any results.  I sent Will a reply email asking for more information about his organization, and how he is related to Dennis Anon.  No reply so far.

As far as Dennis Anon is concerned, he states on the About page that his name is a pseudonym, so there is no expectation of ever finding Dennis Anon.  According to ICANN WHOIS, the domain name has been registered since 1997.  The registrar is Domainbox and the name servers are for A2 Hosting.  The site appears to be hosted in the UK.  The Wayback Machine was no help, offering up “Sorry.  This URL has been excluded from the Wayback Machine.”  So Dennis evidently requested that Pivacy.net be excluded from the archive.

Check  out the About page, and then spend a minute on the Analyzer testing your browser for privacy leaks.  A visit to the Home page finds 8 posts, all from this year.  I’ve read most of them, and will have read all of them by the time this article appears on my blog, because they are very interesting reading.

All in all, the Privacy.net site appears to be legitimate, and the jury is still out on the Campaign for Privacy.  Perhaps Will McLaughlin and Dennis Anon are the same guy.  I left a comment on Dennis’ site with my email address and I am hoping for a reply.  I’ll keep the story updated.


9-10-2018 – Update – Nothing has changed since I wrote this post last month.  Both gentlemen have not responded to my request for more information.  But if they are trying to stay anonymous on line, this is the outcome I would expect.

 

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.