This is all premised on his windows user account name being identifying no? I have a hard time believing that to be the case for someone who was clearly extremely painstaking about privacy. Even I set mine to some nonsense because I know I'll accidentally leak it.
Should not set it to nonsense, but rather low-entropy. If its unique, someone with access to old (browser, probably) crash reports might be able to cross-reference. Plus, not too long ago browsers did not care to sanitize the path for input[type="file"], so some websites remembered your account name somewhere in their database.
That particular alias is mildly interesting. The obsession is with finally making progress in understanding the "We kill people based on metadata" threat. Maybe we can please finally stop stuffing PII & timestamps into each "crash report" and every "telemetry ping" and get back to work towards 100% reproducible outputs. (Well, right after I "enable javascript and cookies" because Cloudflare/Fastly/Akamai refuse to talk to me before they can grab a unique fingerprint..)
This is all premised on his windows user account name being identifying no? I have a hard time believing that to be the case for someone who was clearly extremely painstaking about privacy. Even I set mine to some nonsense because I know I'll accidentally leak it.
Should not set it to nonsense, but rather low-entropy. If its unique, someone with access to old (browser, probably) crash reports might be able to cross-reference. Plus, not too long ago browsers did not care to sanitize the path for input[type="file"], so some websites remembered your account name somewhere in their database.
His account name could just be 'satoshi'. Or similar.
Why are people so obsessed with finding him? As others have pointed out wrt the New York Times article, it will just put him in danger.
That particular alias is mildly interesting. The obsession is with finally making progress in understanding the "We kill people based on metadata" threat. Maybe we can please finally stop stuffing PII & timestamps into each "crash report" and every "telemetry ping" and get back to work towards 100% reproducible outputs. (Well, right after I "enable javascript and cookies" because Cloudflare/Fastly/Akamai refuse to talk to me before they can grab a unique fingerprint..)
You are right. I just wish we didn't need victims to get change :(
Make it a distributed compute problem like GIMPS and let the crowd solve it.
Newsweek already found him back in 2014, remember?
They searched for everyone named SN and narrowed it down to the most likely candidate. Foolproof.
Someone aware of computer security will not use their name as windows user.