Posts Tagged ‘foursquare’

It’s been only 48 hours since I wrote my blogpost on how to track a “troll” online. The blogpost itself was inspired by Leo Traynors story how online trolling and harrasment crossed over into real life and how he managed to find his tormentor. Since then I’ve had several thousand hits on that particular blog-post and have received phonecalls and emails from different media-outlets with questions on this topic. It’s obviously a hot issue…

My blogpost was not meant to serve as a manual on how to track someone online but was more as an insight that, yes indeed, you can legally track someone online and find out their identity and/or location. It was however also meant to serve as a warning of sorts on how much private information people put online using various social networks. This second issue needs elaborating on in my opinion as it’s an often ignored issue or at least one that elicits a lot of ignorant commenting.

First rule of online privacy: DON’T PUT ANYTHING ONLINE THAT YOU WOULDN’T SAY TO A COMPLETE STRANGER!

The above is the simplest but most effective rule; don’t make any comments about someone online that you wouldn’t say to their face and don’t put any images online which you want to keep private.  Adhering to that rule will save you a lot of trouble. Also remember that anything online, once it is indexed by Google, will stay accessible online forever. That’s right, Google caches every website that it indexes. That means that there will be a publicly accessible copy of that content on a Google server. Google will in certain instances remove content from its servers but rarely because the content is offensive or untrue and this is even less likely if you are not the owner of the website. So getting content which you put on LinkedIn, Twitter or Facebook and have since removed to be also removed from Googles cache is as good as impossible. The point is to *not* put said content online in the first place.

Second rule of online privacy: USE YOUR PRIVACY SETTINGS!

Most social networks have privacy settings. USE THEM. Even Twitter let’s you protect your tweets by setting your account as private or just straightforward block people. Note: Not a lot of people realize that if they block someone on Twitter that the blocked person can still read their tweets when they run a search for them. The only way to really prevent someone from seeing your tweets is to protect them.

On Facebook you have a lot more flexibility in regards to your privacy settings. You can have one setting for who can see your details, another for who can see the images you upload and so on. It gives you multiple levels of control. USE THEM!  There is no reason why something that you put on Facebook should be seen by someone who you do not want to see it.

Third rule of online privacy: WHAT HAPPENS ON THE INTERNET STAYS ON THE INTERNET!

Yes that’s right; anything that is put up on the internet (websites, blogs, social media and *everything else*) stays on the Internet. Forever. The reason for this is Google. In order to be able to serve you with these fantastic search results Google uses software (so-called spiders) to index everything on the internet. Once they have indexed the content of a page Google stores a copy on their own servers. This process is called caching. So if you have put something online, once it’s indexed by Google (and this is done very quickly) it is there for all eternity. You can remove the content, delete the page and even format the server that it was one but it will still show up in Googles search results and these search results will link to a copy of the content in Googles “cache”.  Of course you can attempt to get Google to remove the content from its cache but this will eventually result in the need for legal action with a limit success rate. Not a lot of people have the energy or more likely the funds to go down this route.

So, should you put nothing at all online? While this is obviously the most foolproof route to protect yourself from embarrassment it is not necessary. You can still be a prolific social media user without exposing everything about yourself. Take my own case, I blog, have 200,000 tweets to my name, check in on Foursquare regularly and much, much more. However not *everything* I do finds its way online. If I go somewhere, or do something that is private I just refrain from tweeting about it and certainly don’t check-in while doing so.  By being such a prolific social media whore while leaving private matters out it also creates a case where one can’t see the forest for the trees.

Enhanced by Zemanta
Advertisements

Like many people I have read Leo Traynors latest blogpost in which he tells about how online trolling lead to actual death threats made against him and his family IRL (In Real Life) as well as shocking and insulting artefacts being left on his doorstep. It makes for frightening reading and fits right in to the ongoing debate about trolling. The story has gone viral and is picked up by the international media. What’s more it has generated a spin-off debate on the method used by Leo to locate the troll in question. He did this be having a friend use the IP addresses associated with offensive comments on his blog and tracing these IP addresses. A lot of ignorant comments are being made how this would not be possible without access to ISP records which can only be accessed with a warrant.

This is far from true.

An IP address, for those unfamiliar with it, is a numerical label assigned to each device (e.g., computer, printer) participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing. This means that every device contacted to the Internet, and hence used to troll people, has an assigned IP address. It used to be that almost all IP address assigned by IPS’s were done so on a dynamic basis. This meant that a user was assigned a new IP address every time they connected to the Internet. This was done because an ISP’s network assets could not handle all users at the same time so they had to rotate IP addressed between users. However ISP’s have increased their assets and most people have been assigned semi-permanent IP addressed by their provider. This means that in the majority of cases an IP address will point to an individual or a specific location. This information is used in lots of ways by popular web services. Take for instance Foursquare, this geo-location service will determine your location even if you use it on a  device without built-in GPS. It does simply by using your IP address and related information. Some websites also use your IP address to provide you with location specific information. Just think of the various online shops such as Amazon who determine your location solely by your IP address. But your IP address can be used to find out a lot more detailed information about you.

Let me explain by using an example; It is very easy to retrieve IP addresses. Every comment left on a blog is tagged with the originating IP address. This can only be seen by the blog administrator. See the below image for an example.

The above image shows you a number of comments on my blog, there is a range of information but for now we’re only going to take the IP address. Once you have this you can go to one of the many online IP tracker services such as “IPTrackerOnline.com”, type in the IP address in question and hit ENTER. Within seconds you will have a wealth of information. It will show you the users Internet Provider, a fairly exact location, the map coordinates and a satellite view of their location. Plug the location into Google Streetview and it will give you the actual address. You can then put the address into Google to find out more details. (NOTE: this does not work in all cases but even a general location is a piece in the puzzle when tracking a troll).

The above method will give you a fairly specific address or a “general area” of the person harassing you. Of course it is not foolproof and can be circumvented but as Leo Traynor’s example showed not everyone is devious enough to do so. In fact the majority of Internet trolls are either too stupid or arrogant to completely hide their identity or location. Another method is looking for IP addresses connected with discussion forum postings. A lot of forums will include the posters IP address in their message so with a bit of luck you will be able to find out more about the trolls online habits. In the past I have come across people posting trolling/harassment spam from the same IP address that they used when engaging in professional discussions online.

Every bit if information gathered using the above method can then be cross-referenced with other databases leading to a wealth of information and quite often a very detailed profile of someone including personal & professional information as well as relevant locations.

So by taking this simple set of numbers which follows people online like a trail of breadcrumbs you can not only find out their location but you can also trace their name as well as find a lot of personal details. Enough to give you some tools to work with when trying to shut a troll up. And all of this is public information that can be legally obtained and which does *not* require any warrants.

Note: I am not an IT security professional, blackhat hacker or anything like that. I do however have about 17 years of IT/networking experience and have on quite a few occasions helped people track down someone who was harassing them or someone close to them online.  The above method is not 100% watertight but it works in most cases and is perfectly legal.

UPDATE: In response to numerous request received I have put up a guide to “Safer Surfing”.

Enhanced by Zemanta

Google mapping your FourSquare

Posted: July 23, 2010 in Google
Tags: ,

I found this neat trick on Fred Wilsons blog.

It lets you display your FourSquare checkins in Google Maps.

  1. Go to your FourSquare Feeds page
  2. Copy the KML link (don’t download it).
  3. Open Google Maps
  4. Paste the link for the KML feed in the Google Maps search box and hit ENTER