But.. you’re not. ;)
Let me preface this post with a little story. When I was about 16, I attended a church. One day I found an anonymous letter in my letterbox which was pretty unpleasant – *though I don’t remember any of the details now. The person thought they were anonymous, but when I gave the letter to the church pastor, he recognised the handwriting – and thus anonymous was found to be a nasty beyotch named Michelle. No offense to people named Michelle, but I’ve found it a bit hard to trust people with that name ever since. It’s not you. It’s me. Its my stuff.
So when Kelley posted on her blog that someone calling themselves “concerned” had written her a nasty letter full of unpleasantness, I commented could she please give me some information and maybe I could track down who wrote it. And because I am awesome and have mad skillz, I did manage to track down the writer. And now Kelley knows who it is, and I assume it won’t be too long before the entire interwebz knows who it is also. Word like that tends to spread.
Everywhere you go, everything you do, you leave behind a few vital details. Like your IP address, the time you visited, what browser and operating system you run. Your IP address can be used by the police and your internet service provider (and by scambaiters like me who know what they are doing) to track you down. That is how they arrested all those pedophiles not so long ago – there was a page on the internet that a lot of pedophiles visited, and the federal police came knocking on the door of the people who visited it.
For example, here is a line from a server log – me visiting Kelley’s blog and my browser grabbing her Favicon.
121.44.XX.XX – – [20/Jul/2008:11:41:34 -0500] “GET /favicon.ico HTTP/1.1” 404 25192 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:184.108.40.206) Gecko/20080702 Firefox/220.127.116.11”
Note – I have XX out a couple of the numbers, because I am on a static IP address and I have been on it for a decently long time, and I don’t want to give that IP address to the scammers because it can be used to do port scans and other rather nefarious activities.
So every website you visit your browser sends a whole heap of GET requests off to the server, and the majority of servers log all of this information. Also, when you visit a blog and leave a comment, most blogging software keeps a record of the IP address. This is always worth keeping somewhere in case you need it another time – mine all go to a gmail account so I can easily search it and don’t have to worry about storage.
When you visit forums – say for example the Aussie Bloggers forums – your IP address is logged. If you were to leave a message that was abusive, the forum admins might report that to your Internet Service Provider. And for those of you who think you can use a proxy to access the forums and leave abuse – sorry, we get *both* IP addresses, the proxy and your real one. So there is nowhere to hide.
Also, interestingly, when you send emails (unless you know what you are doing like I do, otherwise I would not be emailing the scammers) your IP address will appear in the header of those emails.
So, when you think you are anonymous and you send an anonymous email to someone – say Kelley, for example – what happens if you’re not actually anonymous, and you can be traced? Well, I guess what happens is, I know who you are. And I do know who you are, Concerned. Will I tell people? Maybe I will. Hope that keeps you awake at night.
Would you like a piece of unsolicited advice “Concerned”? If I were you (which I would NEVER be, I believe anonymous letters are lame and horrible and creating bad Karma for yourself) I would confess that you did this on your blog now. People might feel sorry for you if you do that. Probably not too many, but maybe you can manage to tell enough of a sob story that you can keep a few friends.
And here’s some more advice. Get a life. I can’t believe you spent at least 4 hours solid viewing Kelley’s website. For those of you interested, here’s just one hour of the viewing – of course to save you headaches I have just put the time and the get request.. You need to add +10 (or so) to the actual times – so this happened between 7pm and 8pm Australian Eastern Standard Time.
[07/Jul/2008:09:02:58] GET /page/25/ HTTP/1.1
[07/Jul/2008:09:10:06] GET /page/26/ HTTP/1.1
[07/Jul/2008:09:17:47] GET /page/27/ HTTP/1.1
[07/Jul/2008:09:21:09] GET /page/28/ HTTP/1.1
[07/Jul/2008:09:28:04] GET /page/29/ HTTP/1.1
[07/Jul/2008:09:33:18] GET /page/30/ HTTP/1.1
[07/Jul/2008:09:39:53] GET /page/31/ HTTP/1.1
[07/Jul/2008:09:43:53] GET /page/32/ HTTP/1.1
[07/Jul/2008:09:48:46] GET /page/33/ HTTP/1.1
[07/Jul/2008:09:51:05] GET /page/34/ HTTP/1.1
This person read back 56 pages. In order. Over 24 hours. Viewing the log made the hair on the back of my neck stand on end.
So if you happen to have a blog that is hosted by me, and someone sends you an “anonymous” email, please contact me immediately and I will give you instructions on how to get me the info I need from the email. Whatever you do, don’t delete the email. I know that might feel like the right thing to do because when you get an email like this it feels horrible, but identifying people like this is one of the best ways to stop people from doing this kind of stuff. They might not stop with just one anonymous letter.
*I seem to be having some problems with my memory but that is a whole ‘nother post for another day.. ;)