Also interesting:
> Ross Ulbricht aka Dread Pirate Roberts, the mastermind behind the infamous Silk Road site which served as a black market for drugs, weapons and fake documents was also well aware of the potential danger of stylometry being used against him. At the time of his arrest in a San Francisco public library, the FBI captured images of his laptop screen as evidence. Guess what what he had bookmarked — “Science of Stylometry.”
https://medium.com/svilenk/the-case-for-anonymity-12db114f0c...
There seem to be many tools on github [4] that work with and against stylometry.
[1] - https://github.com/psal/anonymouth
[2] - https://security.stackexchange.com/questions/198741/what-are...
My original point was that OPSEC is hard if you're trying to be a topic expert in a short period of time. You don't need NSA tools to attack someone in that situation.
1: https://github.com/psal/anonymouth
ETA - after commenting, I see now that Anonymouth is even linked at the article.
> How to Protect Yourself: There is a project on Github you can join to help create a way to write without fingerprints: https://github.com/psal/anonymouth
My impression is that the average Joe doesn't have enough of a public corpus for this to make a difference. But if you're an academic who blogs both publicly and privately? You might want to check it out.
There have been a several recent cases of political doxing of pseudonymous users. Blogger "Delicious Tacos", alt-right Youtuber "Millenial Woes", /r/the_donald user "HanAssholeSolo", and several members of the alt-right blog "The Right Stuff" have all been exposed at varying levels by various organizations. , As far as I understand, they were all exposed through OPSEC violations in their content, rather than technical violations. In the US, calling out the SWAT team when the target forgets to VPN before logging on to IRC is reserved for black-hats and child pornographers, at least so far.
This is why you should use pseudonyms and strive for anonymity. It's trivial to signup to Hackernews under an assumed name, or handle, and start venting on contentious issues. Hackernews might shadow-ban your throwaway account, so you might have to lurk moar and share some interesting links before you can comment without being censored. I know from experience. Last time I checked, HN has no strict policy on multiple accounts and you can do this very easily.
In terms of OPSEC, you obviously shouldn't contaminate your real iden with your anon iden, or contaminate your anon idens with other anon idens. You should also deliberately alter the stylometry of your writing so nobody can link two pieces of text to each other. Anonymouth[0] is my favorite tool for doing just that.
> Little pieces of you are everywhere all over the internet
This is why it's important to choose random nyms not attached to your main identity in any way, and to strive for anonymity. On HN, create a throwaway account and run your posts through something like anonymouth[0] if you're concerned with correlation attacks, or having your stylometric patterns uncovered...
Yes, it apparently is, we have a lot of personal tells.
Here's an example of an open-source project designed to counter stylometric analysis: https://github.com/psal/anonymouth
With how much caution they are taking against a nation-state adversary, I think it a bit short-sighted to think that this is just "a racist idiot's idea of a joke".