Randomization and Obfuscation

If you’re reading this page right now, it’s fair to say that you are probably taking steps right now to reduce your digital footprint, become less vulnerable to malicious attacks, or increase your privacy and anonymity online. This is good. But the steps you are taking may actually be having a negative, or the opposite effect, than you desire.

Unfortunately, humans are creatures of habit and routine. We get up at the same time every day, go to work the same route, go to the same afternoon spinning class, and get home at the same time. That makes it incredibly easy for any run of the mill private investigator to gather enough data on you to predict where and when you’ll be at any given time. This is all before we add on other elements such as GPS and Wifi-based location data. This same concept applies to your internet behavior as well. Your ISP can absolutely tell what time you get home and what kind of activity you’re up to based on these patterns. These patterns of behavior are all part of your digital footprint. This is where we introduce the concept of obfuscation and randomization which go hand in hand.

By using a VPN, you are obfuscating your online activity by encrypting the connection thus making it impossible for your ISP to see what you’re doing. But by connecting to the same VPN at the same time every day, you are pretty much saying “between 6 and 7 PM I am potentially doing something shady or illegal.” Obviously that is not always the case – but depending on who you are and how bad people want to know what you’re up to, all they would have to do is figure out which VPN you’re using and subpoena them for your logs, or order them to start logging your future traffic. Sound far fetched? This exact scenario happened with email provider ProtonMail in 2021 when they complied with a court order that led to the arrest of a French activist.[1]

Enter the gray man

A gray man is a term used to refer to a person who blends in with their surroundings and does not draw attention to themselves. The goal of being a gray man is to avoid being noticed or singled out in a crowd, and to be able to move about unnoticed. This can be useful in a variety of situations, such as in urban environments where there may be a lot of people, or in situations where one wants to avoid being targeted by criminals or other threats.

While the most common usage of the term gray man applies to our physical presence, it can absolutely apply to the digital aspect of our lives. Think about this – if you live in a small rural town in Montana and all of a sudden you are trying to log in to your local credit union’s website from an IP addressed registered in Mexico, that could absolutely result in your account being temporarily locked out. While it’s not entirely unreasonable that you could simply be traveling, your behavior is enough to throw a red flag in your bank’s security system.

Whether or not you are using a VPN, you should always try to emulate ‘normal’ behavior. Well, what’s normal? Changing your IP address every 15 minutes is certainly not normal. Hopping geographical areas every hour on the hour is not normal. Remember when we talked about cookies? Your individual sessions are being tracked and the IPs are being logged. As a sysadmin I would be very concerned if one of my users was somehow flying all over the globe skipping from country to country all while using the same cookie session.

  1. https://www.theverge.com/2021/9/6/22659861/protonmail-swiss-court-order-french-climate-activist-arrest-identification


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.