Slashdot Mirror
How Your Username May Betray You
An anonymous reader writes "By creating a distinctive username—and reusing it on multiple websites—you may be giving online marketers and scammers a simple way to track you. Four researchers from the French National Institute of Computer Science (INRIA) studied over 10 million usernames—collected from public Google profiles, eBay accounts, and several other sources. They found that about half of the usernames used on one site could be linked to another online profile, potentially allowing marketers and scammers to build a more complex picture the users."
Couldn't they already do this with cookies?
In other news.. the gentleman wielding the running chainsaw could probably kick you really hard with those steel toe bootsand maybe even poke you in the eye!
that my username won't betray me...
I thought this was the whole point of using a unique username. If I didn't want a unique identity, I wouldn't have created one for myself.
And when they find me, how will I resist their clever and informative advertising?
Oh that's right, I'll just ignore it like I always do.
That's why I have several aliases I use online, and will never use anything relating to my real name. The one you see here is for fairly anonymous forums. I have one that's used strictly for gaming and game related material. I have one that I use for throw-away accounts (spam e-mail, etc). Then I have a few super generic ones that I use for...shall we say... less honorable activities? ;)
"He who can destroy a thing, controls a thing." --Paul Atreides, Dune
While this is no doubt true, it is virtually meaningless. How many companies are really going to spend the time, effort and cost to put these things together, on the vague hope that it will somehow magically increase sales?
Seriously, that's almost precisely why I've the same username all over place (amusingly, almost except /.) - so that people who know me on one might recognise me on another.
I'd imagine that anyone with a desire to not let anyone know where else they go on the net already gets all their usernames out of pwgen or something.
I mean, we have to accept at some point that we are all in a public place. I for one don't want to have to live life online like a fugitive. Constantly changing my identity and browsing habits just to throw off marketers. And if you are smart you can easily avoid scammers by being more vigilant with your important information.
someone down named Analintruder?
"You'll get nothing, and you'll like it!"
As long as they can't link my username to my real name, I don't care. They can collect information about "some dude who goes by GameboyRMH" all they like.
"When information is power, privacy is freedom" - Jah-Wren Ryel
Build a username which uses Acrostics or Chunking of the place you are going.
My Yahoo account is GPLDANJCYS, which stands for me + Jesus Christ Yahoo Sucks.
Then, you know exactly who is leaking and linking your information, and how you feel about them to begin with.
Hey slashdot, why don't you be ahead of the curve on this and let posters change their username associated with their comments once every few years. Also, being able to delete an occasional comment would be thoughtful too. It's not 1995 anymore on both accounts.
It does not help when you write something that implicitly also utilises your handwriting too! ;)
I get the feeling from a privacy POV, my user name fairly low on my priorities
http://liqbase.net/liq.20110208_002.liqbook.on.meego.ideapad.jpg
liqbase
Surely this should be posted onto the MSN homepage or the AOL homepage for the rest of us: I am sure my mum does not realise how easy her online ID can be tracked from her favourite shopping sites. Although the reception here is 'D'oh!' most people haven't cottoned on to this yet. It is also appalling what passwords people actually use...
And the installed fonts, and the screen resolution and color depth and the dozens of other factors that combined allow you to be tracked.
Try this web site for an idea of how these factors can (in combination) uniquely identify you:
https://panopticlick.eff.org/
I see that my browser is unique among the 1.4 million tested, with 20 bits of identifying information. Knowing my user name isn't going to compromise my privacy all that much more, especially compared to how Facebook screws your privacy every day.
Umm . . . obvious, per chance? It seems to me that this is sort of . . . common sensical. Many people (myself included among that set) use a common username across multiple sites for that very reason mentioned in the article. To enable others to track us via our username. Of course, the intended audience is not the scammers -- oh, sorry, "marketers" -- but rather fellow hackers. But it's a double-edged sword. Perform an action, and the consequences will arrive, knocking on the door in the middle of the night. Welcome to the world, people.
Transparent.
One sales droid's abject terror is another sales droid's golden opportunity.
Police State UK - news and
Be at least 8 characters long. Have at least one upper and one lower case letter, a number, a symbol and an RGB code for your favorite color. Oh and change it every 6 months too.
Sorry about the mess.
Are we looking at a sever breach here if researchers have access to username on Google and Ebay? And what security do they have to keep those lists out of others hands. Probably the student in the University will keep all that information secure...
Yah right.
Give it up. Privacy is gone.
So does this mean that Cowboy Neal is screwed?
"Waste not one watt!" - CZ
When my former high school friends started Googling my alias to spy on me on various websites. From then on, I've used different names on every site I join, and the names themselves are always common enough to be untraceable.
plenty of bullshit.
always nice to mess with the data.
thank God the internet isn't a human right.
Could we just move tautologies to idle? Or maybe we need a /. section called duh...
I use my slashdot nick on every site I visit.
I'm screwed.
I work for a growing software company and I have basically used this technique for doing basic background checks on job applicants.
Back in about 2006 we had someone apply who had a distinctive username that returned a handful of results via a careful google search. Almost all of them were to "alt.drugs.bongmaking" or something similar.
I didn't care whether the guy/girl had used drugs, but about the complete lack of discretion in the posts. He had actually used his full name and detailed personal information that positively identified him as our applicant. Really sad, and not the only time something like that has happened.
That's the point dumb asses. So you market to this useless account that you think you have nailed demographically. Can't sneak nothing past you guys.. And yes I would like a subscription to O magazine because as an older woman I love Oprah.. fucking morons.
Tiger Blooded Bi-Winning Machine
...don't get online. Don't post more info about yourself than you want to have distributed. Don't assume your username or password gives you any anonymity. If you're concerned about tracking, use a password manager and use a unique username/password for every site. If you're not that concerned, use 3-5 different user names with different passwords, they may be able to link some of your info, but not all of it.
make imaginary.friends COUNT=100 VISIBLE=false
You see, that's really THE WHOLE POINT of using the same username in multiple venues. In fact, it's the whole point of having a publicly visible username at all.
It's there to promote continuity between your various posts. It builds a "brand identity", if that's a phrase that you can use without wanting to punch yourself. If that wasn't what you were trying to do then you shouldn't have registered a user name in the first place.
I wonder how many people use the same username as their email address.
Honestly, who thinks it would be that hard to go through and scan the internet for usernames, and then append every popular domain name after them.
Add to that the profiles that could be scanned, and combined, along the way, and you can probably find pretty good, targeted ads in a very automatable way.
Spies should be tried and convicted, then lined up against the wall, offered a cigarette and a blindfold and then executed, regardless if they work for a business or a/the government. Such tracking of people by either type of entity is an endangerment to the pursuit of life, liberty and happiness. Anything recorded can be acquired and abused.
Honestly, I don't care. I don't want government to have the power to track me, but if a marketer figures out in his database that the same person who posts on Slashdot also posts on a filmmaker site and a college football site, well, who cares? If I happen to want to do something where nobody can know who it is, yeah, I'll create another identity. But for the vast majority of what I do today, I've taken to using my real name as my user name. I can't figure out why people think a user name "betrays" you because it connects you to something you've said elsewhere. In real life, I already have something like that. It's called my name. So more and more, I'm using it online except in the VERY rare cases I want to protect my identity. This is not rocket science, IMO.
Its called 'online presence' and it kind of the point isn't it?
I've used "Cro Magnon" several places, so one could assume it's the same person (especially if I make a referrence to one of the other sites). However, on at least one site, "Cro Magnon" is used by someone else, and my username is something entirely different.
Also, I'm on plenty of sites with totally different usernames.
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
Anyone who has ever tried to stalk a hot girl online - i.e., everyone reading this - has known the username trick for ever. It's so self-evident that I hesitate to even call it a trick.
I do not understand the bizarre European obsession about online marketers tracking people. Sure, there are some things that a reasonable person would wish to keep private (for instance, medical history, finances, and for those living in repressive societies, political and religious affiliation), but why would anyone wish to hide what brand of jeans they like to wear? I for one would very much prefer that marketers and ad networks had a good picture of my product preferences so that instead of ads for mortgage refinancing and painfully unfunny t-shirts, I would get advertisements for things that I might actually be interested in.
WHO CARES! Should we all just unplug our computers and go cower in a corner, afraid some advertisers might profile us, or a scammer might track us? Oh my. YA KNow.... isn't the solution just a little obvious? Why did this subject even make it to /.???
If someone sees that I buy a lot of stuff from bestbuy, and that I am a programmer because I have accounts on sqlserver.com and vb.net mag .com and also see i post a lot about tech stuff on /., etc...etc... guess what , they wont bother sending me spam about viagra, they will send me spam about the latest tech stuff for sale, which is just fine by me....allows less spam making it's way into my mailbox....
Wait until your are done explaining it to her, and some smart ass comes behind you and point out to her that, since marketers are using her username from different sites to link them and track them as the same person, ANYONE could create an account on any porn site on the internet, and user her AOL/MSN name for their account, thus linking her to any activity they do on the porn site. They could be extra helpful by explaining to her that the only way to stop them from using her username on those sites is for her to register it first.
Just wait until you get the call from her explaining that she made a typo, and wants you to help correct her username on 'iwantmyhorseporn.com'.
Crap, they're on to me...
You see, that's really THE WHOLE POINT of using the same username in multiple venues. In fact, it's the whole point of having a publicly visible username at all.
It's there to promote continuity between your various posts. It builds a "brand identity", if that's a phrase that you can use without wanting to punch yourself. If that wasn't what you were trying to do then you shouldn't have registered a user name in the first place.
The whole point of having a registered user name is to distinguish yourself on one particular site. What's the purpose of building a "brand identity" when the people following your "brand" on site A don't go to the other sites you post at? The whole point of using the same username in multiple venues is mere simplicity of not having to remember multiple usernames.
This kind of tracking is easy to avoid. Just do like me and never post on discussion forums like this one.
For every post, there is an equal and opposite re-post.
This may shock you but I am neither mexican nor little
i googled my /. username and found more than one site duping /. articles:
http://jetlib.com/news/tag/earth/page/20/
http://pubsub.com/Puck-Daddy-Mini-Doc-Talking-2010-NHL-Draft-and-dream-cars-with-Taylor-Hall-Tyler-Seguin-and-Cam-Fowler-Sunny-the-Sun-n-cpTsvVWHWnSS
plus a lot of other stuff i knew would be found if anyone did that. so i don't feel betrayed at all.
Same problem also exists with people. I don't necessarily want people to track me down all over the web. Easy fix though:
Randomly generated password for each.
It isn't just Europe.
The WSJ ran an entire series of articles about scary analytics and their evil quant masters. NPR "Fresh Air" then ran an hour long episode quoting the WSJ. The horror! I was shopping for shoes and then shoe adverts started popping up! Dammit, they know EVERYTHING!
why would anyone wish to hide what brand of jeans they like to wear?
Because it's none of their business?
I for one would very much prefer that marketers and ad networks had a good picture of my product preferences so that instead of ads for mortgage refinancing and painfully unfunny t-shirts, I would get advertisements for things that I might actually be interested in.
There are ads on the Internet?
The EU has strong data protection laws. If you cannot comprehend why, that's your problem.
Thats right, that Lee :)
I will not be pushed, filed, stamped, indexed, briefed, debriefed or numbered. My life is my own.
My reputation is too important for me to want to change my nick just to avoid marketing. It's useful for recruiters or prospective employers to be able to do a quick search and find out more about me. It's like an implicit and well-earnt LinkedIn.
a unique username on every site:
head /dev/urandom | md5sum
I'm not a lawyer, but I play one on the Internet. Blog
I cover my tracks by using my username everywhere, registering for places I don't go, subscribing to magazines I don't read, and I buy everything, from ladies slacks to chain mail. I join groups I disagree with, donate money randomly, buy clothing that won't fit me, bid on items I don't really want, all to confuse the heck out of these people who want to know about me. A person who comes from everywhere comes from nowhere at all. If everyone got cookies from every website, we'd ALL be Spartacus. That's my plan anyway, if I wasn't so lazy.
Gently reply
This anonymous fellow sure is busy. Reviewing stuff, taking on big government, and trolling on slashdot.
So, why is this a bad thing? Anyone who doesn't know that everything you do online is public hasn't been paying attention ;-)
Waiting is...
Trying to hide from the marketers is almost a Hobson's choice. If I want to obscure my identity, I must:
- Use multiple identities. Complexity and failure due to other means of tracking me make this fairly pointless.
- Stop using cloud-based services. There goes Gmail and a bunch of other stuff. So I should be running my own webmail gizmo?
- Opt-out of all marketing opportunities. Sure, and opting out is actually respected by how many? ESPN keeps turning video autoplay back on when I go there, as if they are going to respect my opting out of newsletters, sharing with other entities that have 'items of interest' to me.
- Unsubscribe from services when I'm done with the business at hand. And re-enroll two weeks later. Nice, I get to play whack-a-userID as much as I do the thing I actually wanted to do.
So I don't bother. I'm fairly immune to the sidebar ads I get, I never respond to spam ads, and I am now tending to avoid retailers that obviously use deceptive means to target me. Screw 'em.
As an example of hilarity; I looked into getting a used shipping container a few months ago to use for storage. Turns out even old beatup ones are pretty expensive. For weeks after that, I would see sidebar ads for shipping containers 'everywhere'. Even today I coudl get one if I go to the 'wrong' site. I was never seriously in the market for containers, but it's a competitive market, and they are persistent.
Another example; I made the rare mistake of going to a buy.com (or was it nextag.com?) link for an item. Aw, crap. Now I get those ads all the time. But I recognize them schlepping me ads for 'djebme strap' and ignore them.
A final example; How often have I actually clicked a link to nextag.com to look for something specific, as a last resort, and find that they actually don't have ANY sources, but 'check back real soon'! Argh. And you can be sure I'll be peppered with ads for that item for a while. Grrr.
It's a lot like old fashioned junk mail, except I don't even need to carry it to the dumpster. It could be worse.
And it probably is. My only fear is that I will eventually get categorized, and red-lined so that I never see ads for what I actually want, but I see ads that are shoveling me something I don't want, but 'they' are trying to steer me to. This is entirely illegal in financing, but not quite yet in retailing. We'll see if it should be or not.
deleting the extra space after periods so i can stay relevant, yeah.
Sure, if some jerk has it out for you and you get stuck in one of these nets you'll never escape.
Big Picture, we're thrashing through a ton of social change with this here Net thingie.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
The marketers/spammers must have traced my username around the web and revealed my interest in sex. Apparently they worked out my email address too, because my inbox has been full of porn and viagra ads for years. And all this time, I thought _everybody_ got those kinds of emails. I can't believe this!
And knowing that much of the users are using same pass for every login, and knowing that often passwords are very silly.. finish the story yourself.
ok, so obscurity isn't working... time for something different.
Use a username that is a slight modification of a VERY common person. bradpitt, obama, billgates, sjobs, stevejobs, ibm, microsoft, etc etc.
then, when some marketing puke googles that : the s/n ratio blows their little analytics apart.
-- john smith
jp
"Wow, this Anonymous Coward guy really likes slashdot!"
I've been using the same online "handle" since I was 15 in the 90's on BBS's. Its called an online identity for a reason. Yes if someone really wants to figure out who "DarthVain" is, it would probably be pretty trivial at this point (though I did see that some douche that likes Star Wars dolls stole my name at some point).
If I want a secret name, I'll just use a random throwaway every time. If it is a name that I was to use for illicit cred, it will be something that I only use for that and nothing else (not that I need illicit cred). Besides regardless of what user name you choose, its a lot less "anonymous" than most people think. If you really want to keep it secret, you actually have to be quite careful.
As for hackers and scammers tracking me, well I'm not really worth it so why bother. If I am targeted for anything it will be spammed at which point I am pretty confident I can protect myself.
I think I will sign this AC just for fun... :)
I think this is related to the way in which brands don't just sell us products, they sell us identities. So the underlying worry is that, if our consumption habits are really just data that marketers can aggregate, then the brand of jeans we buy and the music we listen to and the films we watch don't actually make us the special snowflake we would like to imagine.
This kind of username tracking actually happened to me in real life. I had posted to a message board (not this one) about how I was athiest but my parents didn't know it. Someone (still have no idea who) used my user name to find an email address from another board, my email address to find my real name (used on a Linux mailing list), my real name to find my parents address, and then printed out the thread and snail-mailed it to my parents home address. This is the curse of having a unique last name.
The person only ever made two posts. One post saying they had done this, and then another a few days later saying that they were sorry but they were just "trying to save me". Sigh... religion...
If you get my real name, you can easily find me through canada411.com, and I'm pretty sure they have these online "phone books" in every developed country. So, technically, even if you're not online, your name is still an easy way to track you. Marketers have been tracking people since the phone book has been invented. And even if they don't know my usernames and don't track me, I will still be getting full mailboxes of Medicine ads, bodily inflation ads or cheap garbage for sale ads. Thanks to the adblock folks, and to a couple of other add-on scripts for firefox, most of the ads are gone.
-- http://www.doczayus.com/
Don't be an internet celebrity if you plan on applying for any job. Same thing vice versa. This economy punish creativity totally.
Unless, of course you are living off from a trust fund, then you can afford to act in a civilized manner like Lindsey Lohan.
New Economic Perspectives
Not sanguine about this.
No, no, you're not thinking; you're just being logical. --Niels Bohr
IE9 crashes hard on that page.
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
Why does everybody act surprised when there is a news story telling us that using a communication as ubiquitous and publicly accessible as the Internet allows people to find us? That's kind of the point, isn't it? My tin foil hat is every bit as shiny as anyone else's here on /., but seriously, this kind of seems like a "Meh..." story to me. If you don't already realize that using the same user name on multiple web sites will allow someone to correlate your on-line activity, then you probably shouldn't be allowed outside alone. Just sayin'
MCSE? No, sir...I don't do Windows. Yes, I am an idealist. What's your point?
For marketeers is is NOT a tool that will be used. Say you are on 2 technical sites and one social one, the marketeers won't say "We will send him technical ads." The will say "We will send him technical ads, social ads and some unrelated ones just to be sure."
Just like saying "NO" to a marketeer means to him that he has not explained it well or often enough and if you say YES, it means it will work again.
Don't fight for your country, if your country does not fight for you.
Please Mr Marketer, read the history of everything I've posted, know my likes and dislikes, and cater the marketplace to me.
How is this a bad thing?
Cookies were intended to be restricted to the domain you're visiting. Which they technically are.
But, now consider that almost every site has banner ads. Those come from another domain, and what's more, the same domain for every site that displays that banner (or other banners from the same ad company). So, they can really set a cookie on Slashdot and read it back on eBay, for example.
That's why I go by Anonymous Coward. They come to /. and think "Holy crap this guy posts a lot". And I do.
grumpy ass cranky, opinionated, childish mother fucker.
what's who vonskippy is.
So my online user name may identify in multiple places just like my real name allows people to know who I am? Who would have imagined that?
no comment
I use Yvan256 for Slashdot, Yvan257 for Twitter, Yvan258 for Facebook, etc. No criminal mastermind could ever crack my username pattern!
Well, since using lastpass, It's been much easier for me to create various usernames and I have been doing so. I no longer care to have a complicated username that's unique just so I can remember it everywhere. I just pick whatever comes to mind. Thanks lastpass
That's some good news to read on a site where you won't be read if you're an AC or worse, you can't even post if you don't want to be port scanned (what the heck is this for? are ACs automatically guilty of plotting something?)
A Real Man who wants to visit websites will load each site in a separate browser instance with a unique agent string and a different browser vendor and build each time with all cookies and scripts (1st, 2nd, 3rd, 87th party, etc.) hard-blocked, and only from within a series of totally unique VM environments of no less than Windows XP (Home and Pro), Vista (all 4,556 varieties), Win 7 (all varieties) and no less than 1,396 versions and flavors of Linux or Unix derived operating systems, and each randomly selected for each site visit, which are only done from a Tor onion connection running inside of the VM, which is in turn routed through a Tor onion connection running from the top-level main desktop that you're doing all this from, and each VM is promptly rolled back to pre-website status after your visit is done--and that's for EVERY SINGLE VISIT. ANYTHING LESS THAN THIS LETS THE INTERNET RAYS PENETRATE YOUR TINFOIL THINKING CAP.
Dude, where's my packet?
I could be a kid, who lives on a polygamous ranch . . . or a polygamous kid, who lives on a ranch . . . "Mom, I need more huevos rancheros here down in the basement! Yes, I know that the magic word is 'please'"
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
now I have to use sniveling coward.
I always saw this. Doesn't everyone else.
I'm fucking tired of all this "THEY ARE AFTER YOU!!!" so-called research. When I walk down the street, I don't constantly look around me to check if someone is following me, or typing down my movements to design a marketing campaing and slip a note under my door. My crazyass, paranoid, neighbour is, though. Let me be, motherfuckers. They're NOT out to get me.
Perhaps I'm trolling, perhaps I'm not.
I'm Opportunist. Here. Nowhere else. To use this opportunity, and even be on topic with it, NO, the Opportunist you saw in $other_board was certainly NOT me. I can say that with quite a bit of certainty.
For the same reason, I do not reuse passwords. So, in case you find my password here, all you get is one combination of characters you need not try on any other account of me.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Whoosh!
Not to mention PETA...
Seven puppies were harmed during the making of this post.
In my case, a Google search of this username comes up with a completely different meaning of the name than I intended (I work in IT, and am not... whatever "the 'it' girl" is supposed to mean). Also, my real name is the same as that of a porn star, so anybody who started looking for me would get distracted long before they found me. I'm safe!
10 FILL MUG WITH COFFEE
20 DRINK COFFEE
30 GOTO 10
Using your real name at different places in Real Life(tm) can betray the pattern of places you visit.
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
Now I'll need to get rid of nethead.com, nethead.org, nethead.us and nethead.org.uk.
-- I have a private email server in my basement.
I have two 'public' usernames, both in use since the early '90s, and which are my old passwords on the first DEC-20 I ever had the joy of code-hacking on.
First one, well, you might get my musical tastes (or lack of, depending on your tastes) my nationality and possibly my political position, but then again, maybe you wont, as magically it appears that I'm also from a completely different country..also magically, it looks from the search results as if t'other user is the 'main' user.
Second One, well, after a bit of digging (2nd page of Google results, you get my first name..and nothing else.)
Both these usernames are associated with 'free' email accounts, now, if you had access to the server logs, you would be able to track back to my real name and
usual email address, maybe...
Searching on any other usernames I use, not surprisingly the one I've been using for 17 years as 'personal' tag will give you a fair bit of information about me, though amusingly, the noise levels are on the increase as other people adopt that particular username thanks to some D&D thing doing a bit cultural plundering...
Doing a search on a number of long defunct usernames I have used yields no results - though interestingly, a couple of years back, Google used to return some old posts I'd made under them, pity they're not available, there were some amusing flames amongst them
Even with Slashdot, this is my third user account here (the other two are defunct, email addresses associated with them no longer exist in this universe)
At this point, just thinking about this, I've used five 'public' aliases over the past couple of decades, and have had approx 15 different (mostly work related) email addresses that no longer exist, and I still juggle something like 9 active email accounts,
I'd love to see the code that could datamine all that lot and come up with me. (so long as the code was written in something interesting, that is, not bloody C++)
Posting under Anonymous Coward I didn't realize I'd be tied so closely to all of my other accounts.
my Anonymous Coward user name is not secure anymore!
...I'm Stealth Finger, feel free to advertise to me, I still won't buy it.
Wanna buy a shirt?
https://www.redbubble.com/people/stealthfinger/shop?asc=u
So what if spammers track and profile me? I'm not buying their erection pills anyway.
Mod Me Up. You'll make a grown man cry.
"Four researchers from the French National Institute of Computer Science" ...worked out what any single regular person with an ounce of common sense already knew. Well done, researchers.
I'm neminem here, there and everywhere (unless that name contains capitalization in a location where capitalization isn't forced, in which case I'm not. I'm not, for instance, NemineM.) Marketers: go ahead and do what you like, I'm ignoring you anyway. Why should I care?
On eBay Australia (not sure about other regions) this happened where scammers were sending fake emails to bidders who didn't win an item.
For example if your eBay name was jhonsmith they would send emails to jhonsmith@gmail.com, jhonsmith@hotmail.com and any other popular mail service.
The funny thing is my eBay username unique as it is, is the same as one of my email addresses with a popular service but I've always used a totally different email address for eBay and PayPal so getting these bogus emails were quite funny until eBay stopped showing bidders names.
BTW posting AC because I don't have a slashdot account, I just mostly read here when at work.