Deirdre Saoirse Moen

Sounds Like Weird

Privacy Via Doxxing Defense

20 November 2014

Computerworld has a rather excellent guide on Doxxing Defense, aka removing your personal info from data brokers.

Even if you have no fear of doxxing, this may be a good thing to do. Up to you. (Note that it’s not, as writer Ken Gagne points out, a one-time thing. Unfortunately.)

I was very surprised, when I ordered my Lexis/Nexis report ages ago, that it was dozens of pages long.

I’ll add the following:

  1. If you have an online identity with a pseudonym and without, use different email addresses for both. Many of the services Computerworld lists authenticate with an email address. I don’t need to tell you the privacy implications of that.
  2. Every single social media site that you do not pay for, well, you are the product, not the customer. Limit your exposure by limiting your reach.
  3. For every service that offers it, switch to two-factor authentication.
  4. Don’t give real answers to security questions, because those then become socially hackable. Make up screwball questions and answers where appropriate, just keep track of your answers somewhere.
    For example, just pulling up one of the links in the Computerworld article showed that the town of my birth was listed right there in the open. If I’d used that answer to a security question, it’d be one step easier to get access to other things like my bank account info.
    A trick I learned from a friend: don’t give answers of the same noun type as the question. She, a bicycle fancier, provides obscure bicycle brand and model names for location questions, and her favorite trail names for people questions.
    Yes, that’s hard to keep track of, which is why password security software is such a great idea.
  5. Don’t use the same security answers on different sites.
  6. Print out a hard copy of the most important security info, and keep it in a safe or safe deposit box.

As for me, well, if you were so silly as to want to doxx me, you might discover that my contact info is in my domain’s WHOIS record. After Scientology started harassing me (and others) in 1995, I’ve always figured I was safer if my friends were also able to find me.

That said, I still am going to clean up behind me because why should these assholes make money off my info?


Related Posts