Posts Tagged 'intelligence organisations'

Fake Identities

Sixty years ago, all that was required to create a fake identity was to be able to forge documents — think ‘Allo ‘Allo. However, such identities didn’t stand up to much scrutiny since any check with a central location discovered the forgery. So intelligence organisations during the Cold War had to create deeper fake identities by inserting false records into government archives, or by taking over the identities of other people who weren’t using them. The nature of the process meant that they had to be developed ahead of when they would be needed, because there was no practical way to retro-insert the necessary documents.

Fast forward to today and have pity on the intelligence organisation employees whose job it is to keep many cover identities functioning in case they’re needed one day: posting on Facebook and LinkedIn, making comments on other peoples’ posts, and generally simulating a real person against the day when that record of existence might be needed as background for someone to assume the identity.

They have some new problems. First, it’s not enough to create tokens of identity; they have to involve activities, and so the work is constant. Second, everything they do is (potentially) recorded so that any mistake is captured for ever. Third, and most importantly, we don’t know enough about how real people behave online to fake it successfully. For example, suppose I want to post on a social network site about the median number of times for someone with my demographics. I usually don’t have enough information to be able to guess what that median is with any reliability. Even if I do, there are deeper patterns to such postings, for example the distribution by time of day that I really should try to mimic but practically can’t. If I’m an intelligence professional, I may unwittingly post during the work day when the identity I am simulating would more plausibly post in the evening. And if I try to construct a realistic social network around myself I have even more difficulty knowing what it “should” look like, let alone making it happen.

For a fun example of this process and its pitfalls, search for “Robin Sage” at your favorite search engine.

The flipside of the difficulty of faking an online identity is that my online presence over time becomes a better guarantee of my identity than that provided by governments. Because I’ve had a web page for a long time, and its been captured at unpredictable moments by the Wayback Engine, it provides quite a strong basis for my identity.