FilterHN

LLMs can unmask pseudonymous users at scale with surprising accuracy

48 points

by Gagarin1917

3 hours ago

| past

| 5 comments

| arstechnica.com

| HN

▲

firefoxd

20 minutes ago

[-]

There was a tool shared here that could show which accounts belong to the same person based on the writing patterns. Can't remember the name, but it found my old accounts on HN pretty accurately.

▲

ElCapitanMarkla

7 minutes ago

[-]

Hnprofile.com which has since closed down - lettergram was the author - https://news.ycombinator.com/item?id=17942981

▲

zppln

1 hour ago

[-]

The internet is getting less interesting by the day.

▲

RiverCrochet

1 hour ago

[-]

The future is offline.

▲

senectus1

51 minutes ago

[-]

*selfhosted

▲

burningChrome

47 minutes ago

[-]

*analog

▲

bitbasher

8 minutes ago

[-]

One solution is to flood the network with LLM slop and hide among the noise.

▲

nprateem

47 minutes ago

[-]

> If you request deletion of your Hacker News account, note that we reserve the right to refuse to (i) delete any of the submissions, favorites, or comments you posted on the Hacker News site

Probably not GDPR-compliant then if comments can be deanonymised by LLMs.

▲

WalterGR

26 minutes ago

[-]

My understanding is that the GDPR “right to be forgotten” applies to personal data. Are publicly available comments considered personal data?

▲

ranger_danger

1 hour ago

[-]

Only if said users happen to commit OPSEC failures themselves. LLMs aren't magic...

If someone can figure out who I am or what city I live in just by this username or my comments (with proof), I'll personally send you 500,000 JPY. I'm quite confident that's not going to happen though.

The paper referenced in the article does not even explain their exact testing methodology (such as the tools or exact prompts used) because they claim it would be misused for evil. In other words, "trust me bro."

Also see the previous discussion here: https://news.ycombinator.com/item?id=47139716

▲

iso-logi

20 minutes ago

[-]

You are American, although you've discussed Ryanair before, which isn't exactly American. You have a number of comments and posts about Japan, which is strange, although you do drive a Japanese car.

▲

daemonologist

11 minutes ago

[-]

A JDM car, probably, to be precise. I think they lived in Japan for at least a little while, e.g.: https://news.ycombinator.com/item?id=44679406#44686142

▲

onionisafruit

1 hour ago

[-]

You live on Earth. Now that I won let’s go double or nothing. I bet I can guess where you got dem shoes at.

▲

linkjuice4all

15 minutes ago

[-]

He got them on his feet? He got them on the street?

▲

Footprint0521

19 minutes ago

[-]

40 year old software dev in Detroit Michigan?

Not that I care, and that could be wildly off, but opsec is a wide term… and Claude one shot that… so safe out there bro, AI is wild

▲

trinsic2

1 hour ago

[-]

I'm pretty sure they can use the meta data the pull from your various interactions with search and the text you post online. These services build fingerprints of your habits using these techniques to follow you everywhere. At some point in the chain they could easily connect this fingerprint to your identity as soon as you log into and account that contains a piece of identifying information about you. The threat is real. I can foresee someone programming a terminal or app that obfuscates online behavior to avoid this fingerprinting in the future.

Unless I am misreading something. Take a look at surveillance capitalism to see what's possible right now. It's going to be 100x worse as LLMs become more advanced.

It's not the things you post online, it's the nuances behind the way you type and other ways to determine behavior that allows them to be able to build these kinds of profiles.

▲

ranger_danger

58 minutes ago

[-]

Who is they? Which services?

From what I can tell, the article/paper in question does not appear to utilize any of the techniques you mention, but I'd be interested to learn more about it.

> it's the nuances behind the way you type

I found this paper which talks about some of those methods.

https://www.audiolabs-erlangen.de/content/04_fraunhofer/assi...

For example the "Text" section on page 91.

▲

trinsic2

19 minutes ago

[-]

The big companies that sell prediction products to advertisers. Google, Amazon, Microsoft, Apple, Meta... all of them are involved. I didn't read the paper but this is a known method they have been using for awhile to track people across sites of many types from social networking to online shopping sites

▲

ggm

1 hour ago

[-]

With low precision, you're in Japan. But I don't need the JPY. of course that could be obfuscation.

▲

ranger_danger

1 hour ago

[-]

The currency is not related to my location, I picked a random one, but thanks anyway :)

▲

nprateem

45 minutes ago

[-]

They said low precision. That might mean Spain, the US, etc

▲

ggm

44 minutes ago

[-]

They refer to JP and language often enough in their search history and they state they are an american, and on 5G internet. I think working beyond this is doxxing. They could be anywhere.

▲

huddert

1 hour ago

[-]

Someone took the bait

▲

ggm

1 hour ago

[-]

What does 'of course that could be obfuscation' mean to you? because it doesn't mean 'took the bait' to me.

▲

tayo42

17 minutes ago

[-]

I skimmed some of your comments, You seem to be in the US, at least mid30s, you bought a .dev domain and run your own email? I would think those are possible leads. You really don't think you slipped up once or twice in 5 years of posting? I think an llm would go through all your posts and context of the posts to get. and that would be easier to check if you used any other social media with the same name and see if the accounts have similarities.