I'm a privacy freak and life is getting harder and harder for us privacy freaks. If I take my VX in to get it serviced, most of the shops want to look it up by VIN or even tag number to get part specs and the services they use to look that stuff up are surely collecting all that data and 'monetizing' it by selling it to god knows who. I'd like to be able to give them a VIN of the same model and year that they can use *instead* of my VIN.

So to that end, I'm looking for VINs of dead 2001 VXs. Alternatively, if anyone wants to help confuse the system, I'd be willing to 'trade' VINs with like-minded privacy freaks, you use my VIN and I use your VIN. Ideally there would be a pool of VINs so it wouldn't be 1:1.

I realize this sounds like tin-foil hat stuff. Unfortunately, its the reality behind all the slick internet services we use. Facebook is worth like 40 billion dollars based solely on their ability to data-mine all our info, and there are 100s more such companies doing the same thing that most of us have never heard of.

You do realize that once it is actually in the shop, a quick glance at the windshield or door jam gives them the VIN number.

Yes. I have no plans to lie anyone. I intend to explain to them I don't want them to type my tags or VIN into a computer, and if they must use a VIN to look stuff up, please use this one from an identical junkyard VX instead. I'll also put post-it notes over the obvious VIN locations with the substitute VIN to help them remember as they are working on it.

Its about making it as easy for them as possible to do their job the way they normally do it. Privacy is a hassle, most people don't like hassles, especially when there is nothing in it for them.* So the less hassle, the more likely they are to respect my privacy

* actually there *is* something in it for them, their data is a marketer's dream, it would not be unheard of for a competitor to buy a list of every customer they've entered into the computer and send them discount coupons in order to lure those customers away. I've seen this happen multiple times - I get emails from real-estate agents sent to the unique email address I used to *only* correspond with my real-estate agent when I bought my house. I've also started receiving emails from auto insurance agents sent to the unique email address I used to *only* correspond with AAA auto insurance. There are probably other ways in which this info can be used against their own businesses interests, it only takes one clever person to figure out a way to exploit it. But explaining all that to someone who is neither a marketer or a computer privacy guy is not feasible.

Very true. The VINs on VX all seem to be the same except for the last four digits, or nearly the same anyway. I think if you just change the last four digits you should be ok.

I thought of that. But I don't want to be disrespectful of anyone else who might suffer unforseen consequences. It makes me happy to pollute those databases with bogus data, but somebody else might not appreciate being on the other end of it.

However, I think I was able to answer my question. I found a sort of junkyard meta-search that lets you find a bunch of junkyards that have specific parts, but in most cases it also tells you the VIN the part came from. I was able to scrounge a couple of 2001 VINs with just 10 minutes of searching. Here's the site for anyone else interested (in finding VINs or just finding parts):

https://www.hollanderparts.com/used-auto-parts/2001/isuzu/vehicross

Cool. Hope it works out for you.

1. I hope Stephen Biko isn't your real name.

2. I hope you don't have a smartphone, or better yet I hope you only have a landline.

3. I hope you don't use social media at all.

4. I hope you only access the internet via multiple proxies, and only via an anonymous, sandboxed browser.

5. I hope your internet access is only via hard-wire, and that your house is shielded with a faraday cage.

--

I'm pretty careful about my privacy, but there are much more pressing concerns than having the quickie lube shop be able to pull up my service history. I don't share my phone number or email with said companies; all they have is a license plate & a vin...which, technically, is a matter of public record anyways.

Good luck!

1. I hope Stephen Biko isn't your real name.

Try googling me.

The answers to your other questions are similar.

It isn't about being invisible. Its about having context-specific identities.



I'm pretty careful about my privacy, but there are much more pressing concerns than having the quickie lube shop be able to pull up my service history.

Its not about them being able to pull up my service history. Its about them inadvertently handing over the fact that I do business (and when I did business with them and how much money I spent with them) to 3rd parties looking to exploit that info in any way they can because there are no legal protections to stop them.

If they use a salvage VIN, then those 3rd party Big Data companies can't connect those facts to my actual identity.

Pay in cash then. All they'll have is your vin & license.

p.s.
But yes, you're way out in tin-foil land. There's no such thing as perfect protection. You can only make yourself a less attractive target than the next guy.

Paying in cash is the first step, not the last. If the shop enters my vin into an online service to get the mechanic's manual for the VX, now that online service knows that I did business with that shop on such-and-such date. Paying in cash doesn't mitigate that.

And it isn't about being less of a 'target' than the next guy. I'm not trying to protect myself from being mugged. Big Data surveillance is a constant persistent threat that applies to everyone equally because its all computerized. The computers don't pick and choose, they log everything and keep it forever. It all goes into your permanent record. So even if they haven't figured out how to exploit the data today, they are always looking for new ways to use it in the future to make moar profits.

It is deeply scary to face the implications of all this, I understand why most people do not want to look too closely. Especially given how convenient life gets when you give away your privacy and there is never an immediate and obvious downside either.

But unlike old-timey kook conspiracy theories, this stuff is not hypothetical. Facebook has a market value of $500 billion when their sole source of revenue is monetizing people's private information and there are hundreds more smaller, even less scrupulous companies doing the same that you've never heard of (BlueKai, Acxiom, Choicepoint, etc). What's deeply troubling for someone like me, who has kept his nose squeeky clean his entire life, is not that they might correctly profile me, is that they get it drastically wrong because their algorithms are imperfect and I have no recourse. If you've seen the movie Brazil, think of the comically tragic Buttle/Tuttle mix-up.

So, my solution is to stay out of their systems as much as possible, to leave as few digital footprints as I can. Its the only thing a regular joe can do.

Why drive a car then? Why not just take a bicycle everywhere?

Sounds like you guys have considered this stuff a bit, so maybe you can offer some insight about a recent addition to my info on an ID monitoring service I was added to a couple years ago.

I'm a federal employee, and was added to the monitoring service after one of the big government data breaches around three years ago.

Just a couple days ago, I was notified that some new records had been added, and when I checked to see what they were, they ended up being a couple of speeding tickets over a 10 year period from a city I used to live between 10 and 20 years ago.

Was that city perhaps purging old hardcopy records and adding them to a digital database in the process? Just seemed odd that records from that long ago would suddenly show up all at once after this long...but maybe that's just a flashback from my X-Files fandom from years back too. :D

I too am a Federal Employee. Army actually, and I teach AIT for Satellite Communications. In the class rooms one floor up, they teach cyber security. The main thing knowing these guys (the other instructors) has taught me is that once something is online, it never goes away. You can delete it all you want, it is still online somewhere. Facebook actually records as you type, so every corrected word, every cancelled post, is still saved even though you didn't press "post". The tools available are quite amazing actually, and surprisingly simple to use. Just remember, nothing is free. If it is offered at "no cost to you", then you, and your data, are the product.

I am not saying this to discourage you in anyway. It is the reality of the world we live in. Unless you go full Ted Kazinski and live completely off the grid, you are tracked, analyzed, and monetized. Welcome to the future.

^ I agree. You can minimize your presence by not using social media, paying cash, etc. But at the end of the day, there's only so much you can do. Like I said, you make yourself a less easy target than someone else. You don't outrun the bear, you outrun the guy who is also running from the bear. You can't burglar-proof your house, you just make it less penetrable and more difficult than your neighbors. Same for your car. Same for your income (unless you're always paid under the table, and have found a way to avoid income taxes--good luck!)

This might not protect you from a determined spear-phish attack, or someone with high-level access who has a vendetta against you personally. But it will make you uninteresting, undifferentiated and unappealing as a target, and will help you blend into the crowd. If someone goes looking for a target from amongst my peers at work--I'll be WAY down on the list of people to try. There's no way to go "completely off the grid" though. Not legally. IRS, selective-service, and a few other things will prevent you from doing so.

p.s.
Your ideal solution is to do all vehicle work/repairs at home, use photo-blocker covers/sprays on your license plate, limo tint the windows, uparmor the doors, and use run-flat tires. Understand that you may convince some people you're some kind of reclusive drug-lord though.

P.S.
I don't even have "99 black vx" listed on my profile. Consider purging that from yours?

I don't ID monitor. I'll occasionally do google searches for myself, but I almost never get anything. I try and avoid using my actual name online when possible. I've also started to use differing id handles on different sites/message boards--so that it's difficult for any casual observer/collector to assemble them as 1 person (you'd really have to use typing heuristics, etc). Even IP address isn't sufficient, given that I'm on different devices, and constantly swapping proxies and/or using Tor. Again, not impermeable, but hardly an easy nut to crack.

Honestly I am not really worried about it. Even my FaceBook is completely public. Knowing what I know has taught me to not stress about it, and buy insurance ;)

Most people never experience an obvious downside to being hyper-tracked. Yes, you will get advertisements tailored to "press your buttons" (a nefarious example would be coupons for alcohol being sent to people with relatives who are alcoholics because its partly genetic and the alcohol industry makes 80% of their profits from just 20% of their customers so they are always looking for more alcoholics) but you aren't likely to experience direct and immediate harm beyond being suckered into spending money you wouldn't ordinarily spend. However those people who become 'interesting' will get screwed because Big Data is like a sword of damocles over all of our heads. Don't win the lottery. Don't run for public office. Don't get involved in a protest movement. Don't witness a rich person commit a crime. Don't piss off the wrong person. If none of that kind of stuff ever happens to you, you'll probably be OK.

But its really hard to predict what might make you interesting. I mentioned the company ChoicePoint before. They became infamous for basically lying about felony records to get people thrown off the voter rolls in florida during the 2000 presidential election. Roughly 8000 people were illegal prevented from voting because of that 'error.' (https://en.wikipedia.org/wiki/LexisNexis_Risk_Solutions#Florida_voter_file_contr act) It was a real life Buttle/Tuttle scenario. Those people would never have considered themselves "interesting" but they were and they had no practical recourse, what was done could not be undone. This stuff is insidious and incredibly non-obvious.

Y33TREKker, were you referring to that incident about 3 years ago when the chinese grabbed nearly everything (https://www.lawfareblog.com/why-opm-hack-far-worse-you-imagine) from the Office of Personal Management, including all the SF-86s? They got my clearance info too. It was a massive security failure. And that sort of thing is an entirely separate risk. All the big companies, especially the Big Data companies themselves, are juicy targets. (https://krebsonsecurity.com/2013/10/experian-sold-consumer-data-to-id-theft-service/) But at least those hacks are illegal. Its all the legal uses of my information that really concern me because its not about straightforward crimes like draining bank accounts (which are FDIC insured) its about doing sneaky stuff that benefits them at my expense for which there is no recourse, or if there is recourse its more expensive than the losses - lawyers are expensive AF.

Taking a precaution like asking my mechanic not to enter my VIN into their computer is low-cost and easy. Maybe it won't make a difference. Maybe that data would never be used against me in the first place. But if I can do it, I'd be a fool not to do it. There are so many other precautions that take so much more effort.

Y33TREKker, were you referring to that incident about 3 years ago when the chinese grabbed nearly everything (https://www.lawfareblog.com/why-opm-hack-far-worse-you-imagine) from the Office of Personal Management, including all the SF-86s? They got my clearance info too. It was a massive security failure. And that sort of thing is an entirely separate risk. All the big companies, especially the Big Data companies themselves, are juicy targets. (https://krebsonsecurity.com/2013/10/experian-sold-consumer-data-to-id-theft-service/) But at least those hacks are illegal. Its all the legal uses of my information that really concern me because its not about straightforward crimes like draining bank accounts (which are FDIC insured) its about doing sneaky stuff that benefits them at my expense for which there is no recourse, or if there is recourse its more expensive than the losses - lawyers are expensive AF.
One and the same yes, which is how I ended up with the ID monotoring service in the first place. As I said, it just seemed odd that after this long those instances would show up.

And if any such instances were occurring because of an enemy I'd ever made in political/wealthy/etc circles (who was trying to put me on the defensive by suggesting I was being watched), I'd just consider it fair game anyway since I frequently use my online personas to remind those types of individuals I'm watching them too.