this post was submitted on 06 Mar 2026
16 points (76.7% liked)

Privacy

4358 readers
65 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 2 years ago
MODERATORS
Ategon@programming.dev
danielintempesta@programming.dev
16
LLMs can unmask anonymous internet users for $1–4 each, matching 67% of pseudonymous Hacker News accounts to real LinkedIn profiles at 90% precision (arstechnica.com)
submitted 1 month ago by Innerworld@lemmy.world to c/privacy@programming.dev
14 comments fedilink hide all child comments
top 14 comments
sorted by: hot top controversial new old
[–] refalo@programming.dev 16 points 1 month ago (1 children)

No it can't. This story keeps getting posted all over the internet.

Not only is it wrong, and not only do the researchers refuse to show their work (citing possible "misuse"), but it entirely depends on what kind of OPSEC failures the user happens to make.

[–] Chozo@fedia.io 8 points 1 month ago

If 90% of LinkedIn users are making the same OPSEC errors, then I'd say it works as advertised.

[–] tidderuuf@lemmy.world 11 points 1 month ago (1 children)

Guess it's a good thing I don't use any social media with my real identity.

[–] Onomatopoeia@lemmy.cafe 0 points 1 month ago

Right?

I have a linked in account which I haven't touched in years, from a machine that no lonhers exists, on an internet connection I left behind.

Good luck connectinge to that.

[–] imsufferableninja@sh.itjust.works 9 points 1 month ago (1 children)

60% of the time it works every time

[–] testaccount372920@piefed.zip 5 points 1 month ago

67% of the time it works 90% of the time according to the article

[–] RickyRigatoni@piefed.zip 8 points 1 month ago (4 children)

What does 67% at 90% precision mean

[–] MadhuGururajan@programming.dev 2 points 1 month ago

Precision: ratio of true positives to total predicted positives.

Recall: ratio of true positives to actual positives

[–] lasta@piefed.world 1 points 1 month ago* (last edited 1 month ago)

Recall—that is, how many users were successfully deanonymized—was as high as 68 percent. Precision—meaning the rate of guesses that correctly identify the user—was up to 90 percent.

I take that to mean there is a 90% match between anonymized posts and real life profiles for 68% of users and that it’s a minimum confidence level needed for a user to be considered deanonymized.

[–] LodeMike@lemmy.today 1 points 1 month ago

67% made a match. 90% of matches were right.

No idea how they got that number, though.

[–] echolalia@lemmy.ml 6 points 1 month ago

This headline sucks.

They made a model of accounts that willingly linked their hackernews profiles to their linked-ins and made a model base on that (n= approx 990)

They could "deanonymise" about 67% of those accounts from that n=990 candidate pool (alpha=.1) using their model (they already knew who they were, otherwise how could they verify a correct match?).

When they threw in a bunch of accounts that had nothing to do with those first accounts (89k total accounts) accuracy dropped to around 55%-45% depending on choice of technique.

  1. first thing, those hn accts they trained on weren't trying to be anonymous. They linked to their linked in profile. So, lie on the internet I guess

  2. this is just a starting point anyway, cheap and fast. That's what to worry about. $1-$4 per account you're trying to doxx like this.

Just an interesting paper.

[–] sydd@lemmy.world 6 points 1 month ago

So people without linkedin profiles are 100% safe?