this post was submitted on 06 Mar 2026
17 points (77.4% liked)

Privacy

4155 readers
233 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 2 years ago
MODERATORS
Ategon@programming.dev
danielintempesta@programming.dev
17
LLMs can unmask anonymous internet users for $1–4 each, matching 67% of pseudonymous Hacker News accounts to real LinkedIn profiles at 90% precision (arstechnica.com)
submitted 1 day ago by Innerworld@lemmy.world to c/privacy@programming.dev
14 comments fedilink hide all child comments
top 14 comments
sorted by: hot top controversial new old
[–] refalo@programming.dev 19 points 1 day ago (1 children)

No it can't. This story keeps getting posted all over the internet.

Not only is it wrong, and not only do the researchers refuse to show their work (citing possible "misuse"), but it entirely depends on what kind of OPSEC failures the user happens to make.

[–] Chozo@fedia.io 4 points 1 day ago

If 90% of LinkedIn users are making the same OPSEC errors, then I'd say it works as advertised.

[–] echolalia@lemmy.ml 4 points 18 hours ago

This headline sucks.

They made a model of accounts that willingly linked their hackernews profiles to their linked-ins and made a model base on that (n= approx 990)

They could "deanonymise" about 67% of those accounts from that n=990 candidate pool (alpha=.1) using their model (they already knew who they were, otherwise how could they verify a correct match?).

When they threw in a bunch of accounts that had nothing to do with those first accounts (89k total accounts) accuracy dropped to around 55%-45% depending on choice of technique.

  1. first thing, those hn accts they trained on weren't trying to be anonymous. They linked to their linked in profile. So, lie on the internet I guess

  2. this is just a starting point anyway, cheap and fast. That's what to worry about. $1-$4 per account you're trying to doxx like this.

Just an interesting paper.

[–] sydd@lemmy.world 10 points 1 day ago

So people without linkedin profiles are 100% safe?

[–] tidderuuf@lemmy.world 10 points 1 day ago (1 children)

Guess it's a good thing I don't use any social media with my real identity.

[–] Onomatopoeia@lemmy.cafe 0 points 1 day ago

Right?

I have a linked in account which I haven't touched in years, from a machine that no lonhers exists, on an internet connection I left behind.

Good luck connectinge to that.

[–] RickyRigatoni@piefed.zip 7 points 1 day ago (4 children)

What does 67% at 90% precision mean

[–] MadhuGururajan@programming.dev 2 points 17 hours ago

Precision: ratio of true positives to total predicted positives.

Recall: ratio of true positives to actual positives

[–] lasta@piefed.world 3 points 23 hours ago* (last edited 23 hours ago)

Recall—that is, how many users were successfully deanonymized—was as high as 68 percent. Precision—meaning the rate of guesses that correctly identify the user—was up to 90 percent.

I take that to mean there is a 90% match between anonymized posts and real life profiles for 68% of users and that it’s a minimum confidence level needed for a user to be considered deanonymized.

[–] LodeMike@lemmy.today 1 points 23 hours ago

67% made a match. 90% of matches were right.

No idea how they got that number, though.

[–] imsufferableninja@sh.itjust.works 7 points 1 day ago (1 children)

60% of the time it works every time

[–] testaccount372920@piefed.zip 3 points 21 hours ago

67% of the time it works 90% of the time according to the article