There are many ways to identify someone online, even if using private browsing, a VPN, a proxy or other masking solution. For decades, website creators have been building and perfecting tools to track and catalog all their users’ movements online. Browsers collect this information and report it back to website owners, so they can offer relevant ads, friend suggestions, location-specific tips, product recommendations and more.
The browser is also designed to gather information about users’ devices — which platforms they use, which operating system they’re running, how they render video and audio content, and what language and time zone they operate in. All this information combined makes up a digital identity. While this information is useful for customizing how content is presented, it can cause a major problem for researchers trying to remain anonymous and blend in with the crowd.
Just like an undercover agent, researchers need to blend into the environment they’re researching to not tip off their target or compromise their mission. And to do that, they need to understand what a good disguise looks like — which elements of the digital identity can give them away and how they can be altered to remain unnoticed while conducting an investigation.
The information that can expose your digital identity are attributes associated with your browser and device, as well as your behavioral patterns online.
Technical attributes that are part of your digital identity
There are many technical attributes that when viewed in combination create a unique online identity, such as your IP address and range, your language and location, as well as details about your browser and device. And while there may be thousands of others who have the same OS or device type as you, there are also small differences that help sites collect this information to build your individual profile. Over time, sites assemble a pretty accurate picture, or fingerprint, of your device, which can be combined with your online behavior patterns for an accurate picture of who you really are and what types of browsing or research you might be doing.
Device type and operating system: Websites know whether you are logging in from a Windows or Mac desktop or an Android or iPhone mobile device, and use this information to adjust how information is displayed.
Graphics card and audio drivers: Websites collect information about how your computer renders content on the screen. Your device also sends information about how audio is processed, including minute details about settings, speakers and microphone. Even small variances can add up to help compile your computer’s unique fingerprint and identify it across online sessions.
Software, plugins and other things you may have installed: Software versions, plugins, fonts and extensions can also be used to make your presence unique, especially when combined with other features.
Language and keyboard settings: When you set your language preferences, sites know not only which language to serve the information in, but likely where you are located (if you set “U.S. English” for example, it’s pretty easy to discern your general location).
Cookies: These small files store identifying information that can follow you across sessions and hosts, so the next time you visit the website, it would remember where you left off and display information that matches your preferences.
IP address, DNS servers and hostnames: Information about your device and/or an egress point that you use to connect to the network can help pinpoint your location and reveal information about your network, provider and organizational affiliation.
Behavioral attributes that build up your digital identity
Online behavior refers to all the things you do when you go online: search terms that you use, sites you visit, items you buy, and the information you reveal about yourself on social media. All this data is being harnessed, collected, aggregated and shared on a massive scale and, in the wrong hands, can be detrimental to online research and investigations.
Connecting through a VPN is a popular way of disguising one’s location, though its primary purpose is to secure data in transit between your device and an endpoint. But even with a VPN, your connection can still be attributed to you as well as your VPN provider. If the VPN were to suddenly disconnect, it would temporarily broadcast your actual IP address to the digital world. In addition to your connection settings giving you away, your device itself gives up identifiable information that a VPN is not masking such as your OS, browser type, etc. – Some researchers use a “private” option in the browser like Google’s Incognito Mode. And while it helps by turning off some of the more prominent cookies (while leaving several others active), it doesn't stop more sophisticated tracking — even private browsing gives up details of your digital identity without your control.
In an effort to protect their researchers’ digital identities, many organizations choose to invest in dedicated, standalone networks and devices. These are often called “dirty” networks, as they are designed to be less vulnerable to malware and other contamination by being essentially disconnected from the main corporate infrastructure. While better than using a regular, everyday work computer, this solution does not guarantee anonymity, as browsing behaviors and device configurations can still be traced back to the researcher. Plus, these dedicated networks are expensive to set up and maintain; require IT resources to wipe clean and reimage infected devices, and can significantly impede the researcher’s productivity and their ability to preserve and share evidence and comply with the chain of custody requirements.
The best way to protect your digital identity and thereby protect your ability to conduct online investigations is through managed attribution. It gives you all the benefits of misattribution, with the addition of full control over how you appear online and no slip-ups. You can customize your location, device type, language and keyboard settings, as well as time zone, and any browser settings to match the needs of your investigation. All settings are policy-controlled and all data storage and transfers are secure, so researchers can preserve the chain of custody and collaborate on investigations without fear of infecting their corporate networks or losing important data.
This is what Silo for Research is all about — it provides managed attribution solution as a service, allowing researchers to use the same computers and networks they work with every day, but with a browser that lets them easily cloak their identity and affiliation by customizing how they appear online. With Silo, you can customize your internet egress point, user agent string details and other information as is appropriate for your research target. Silo for Research uses an isolated, cloud-based browser, so devices and networks are safe from any malware infections.
VPN and Incognito Mode reveal a ton of data to visited websites that managed attribution solutions can conceal and manipulate for analyst anonymity.
Without the ability to control details of your digital fingerprint, investigative targets could uncover your identity and intent — and spoil your investigation or put you at personal risk.
