Digital Dogtag
What in the Device’s name
My devices always get very generic names to not reveal anything about the device or me. When providing a hot spot to friends they have asked me why my phone has such a boring name. Admitted, there’s quite funny names you can choose without revealing much, like “It Burns When IP”. No need to nerd out and generate random hexadecimal device names with high entropy. All though the anonymity of funny names still depends on your locality and the devices you’re surrounded with. If a young IT Nerd is teaching a group of elderly people how to use their computers in a mountain resort, it is quite obvious who’s hotspot is named “Lord of the Pings”.
Jeve Stops’ iPhone
What I really would advice against is using your name for your device. At least if you have any intention of reducing your digital footprint and staying private. Unfortunately not all hardware is built with privacy by design in this regard. Especially Apple is a strong offender, adding the clear name to literally any device from their ecosystem by default. A stark contrast to their otherwise security oriented approach. Imagine a person called Jeve Stops, a high value target for a government. The government would just love to track his location using spyware on his phone, but thanks to Apples sophisticated lockdown mode they are unable to load the malicious software onto the iPhone. Only for locating him as his phone shows up as “Jeve Stops’ iPhone”, when he turned on bluetooth to pair his new AirPods.
The Anecdote
While many people will argue “I don’t have anything to hide”, or “what does it matter”, I’ll try to make a point here why its still a bad idea to let your device shout your name into the ether. Riding the train recently, connecting to my own hotspot, I saw once again a case of an Apple device with its standard name. This time, curiosity got the better of me (and admittedly I was also looking for an argument for my point). So I went on to google the name.
Great success! Just the first glance at the results revealed:
- the age: close to 30 years old
- political orientation: redacted - quite actively involved in a party
- biometric data: many pictures of their face
- a plethora of other data: news articles, interviews, linked in - you name it
Coincidentally, leaving the train I spotted the person, confirming that it wasn’t someone else with the same name. It was a strange experience, and it did feel like intruding in someones personal life. What I think is most concerning is the ease at which this is possible. The skills needed to do this is “being able to read WiFi names” and “knowing how to google”, which I argue quite a lot of people possess.
If you combine this with some hatred against a specific political party, a stalker, or any other type of malice paired with the will to do harm, it could get pretty ugly. While those are hopefully rare events, data brokers an surveillance are a real and common thing. I’m sure your clear name is a pretty good addition to all the other data your device is broadcasting into the world. The data brokers will be happy to make some additional bucks with it.