Cybersecurity 101 -

Wilkins

Jim Henson's angry ghost
kiwifarms.net
Well we're not Lulzsec. We don't break the law. The worst you can do to my members is make them look like jerks, but I think protecting people from shit like that is within my purview.
Not suggesting otherwise.

Don't underestimate that jagoff though. His tranny crew has been responsible for some high-profile hacks throughout the years including but not limited to rooting a commercial VPN.
 

Null

Ooperator
kiwifarms.net
Don't underestimate that jagoff though. His tranny crew has been responsible for some high-profile hacks throughout the years including but not limited to rooting a VPN.
If he takes credit for these things, why hasn't there been an arrest?
 

A-tistic

:-DDDDDDD
kiwifarms.net
The Blur extention is pretty neat. Lets you create emails in one click that are untraceable and redirects to an email of your choice.
Basically you can use a new email for every account you ever create with no hassle.

Be very wary of social engineering. The more correct English you use the safer you are. No mistakes in spelling or grammar that gives your text a "fingerprint". Don't use uncommon words or expressions.
 
Last edited:

Carmilla

kiwifarms.net
Gotta love my ability to actually follow directions on the sign-up page...

Also helps that I chose the name of a public domain character. Though my avi is a bit...exceptional, but there's no shortage of weebs on the net who'd recognize it, so there's no shortage of weeb content on the net related to it.
 

LikeicareKF

Always remember, Null favours me over you
kiwifarms.net
Gotta love my ability to actually follow directions on the sign-up page...

Also helps that I chose the name of a public domain character. Though my avi is a bit...exceptional, but there's no shortage of weebs on the net who'd recognize it, so there's no shortage of weeb content on the net related to it.
Yall need to stop deluding yourself into thinking someone would be interested in doxing you in the first place
 

Monday Michiru

The Washing of Dishes
kiwifarms.net
#4: Don't host images with account-based image sharing sites.
- Image hosting sites that host albums frequently tag your username in the URL, giving people a way to trace it back. Photobucket is a massive fucking culprit of this. Do not ever host images posted here on Photobucket. Upload directly the site.
- Never post an image from Facebook. It is 100% possible to take a Facebook URL and get your profile from use. Upload directly the site (but change the filename).
Change the filenames of anything you upload directly to here. Make it gibberish, or something generic and unassuming. The connection between two suspected socks could be confirmed by a shared presence of Lightshot format filenames. Or Puu.sh format filenames.

Scrub EXIF data from photos, along with all Properties and Personal Information. Don't get yourself burned by writing up a .doc or .docx file on your personal PC, uploading it to here, and finding out along with everyone else that your IRL name is listed as "Author" in the file properties. If you want to share a non-image file with us via a 3rd-party filesharing website, use mixtape.moe, or make a sock solely for lolcow purposes. Because I guarantee that you forgot to change the account over to your burner email, and forgot to change your account's name to your sock Kiwi name.

Be very wary of social engineering. The more correct English you use the safer you are. No mistakes in spelling or grammar that gives your text a "fingerprint". Don't use uncommon words or expressions.
This. Try to tame, or standardize, your writing style. If you have weird, possibly identifying idiosyncrasies, cut them out. ESL users are a bit SOL in that regard. Anyone who's ever read a Vidar Viking post can attest.

Related to this: Keep your dumb fucking hobbies to yourself. It's great that you're a sperg encyclopedia about music, dirt bikes, Pokemon, archaeology, whatever. But nobody cares. Again -- something simple like this could help confirm the connection between identities. Especially music. And especially if it's a rare degree of expertise.

The advice to never use the same name is good but definitely make sure they don't connect. When I'm searching for people each time I find a new name its like finding a new track because it usually leads me further and further back into their history.
I also like using generic usernames that yield lots of Google results. Googling ILoveSonichu1991 is really easy. Googling "cat" or "jews" isn't as easy.
I'm the jazz composer Monday Michiru in real life. Didn't you know? The same way you shouldn't recycle usernames, don't recycle profile photos and don't recycle bios or forum sigs across websites. Even falsified ones for other forums.
 
Last edited:

Plasmid Salamander

kiwifarms.net
I have a few pearls of wisdom to share as well. Make friends with a random password generator, you can set them to whatever length and it'll be just a string of random alphanumeric characters with some random symbols.

Copypaste your passwords in a notepad file or whatever you prefer, keep it on a USB drive or something. If the accounts aren't super important make another notepad file with the passwords and store it elsewhere. Don't keep them together. Like ever.

It'll end up looking something like this nXK]NQ]}L2?=_{~F%mbV=fyH3P"X.

Are you going to remember that? If not, what are the chances someone trying to get into your account will? Another benefit is it won't be guessed easily as well.

I hope that helps! Be safe guys!
 

symantec

Representative (D-ME 2nd District) since 2019
kiwifarms.net
I have a few pearls of wisdom to share as well. Make friends with a random password generator, you can set them to whatever length and it'll be just a string of random alphanumeric characters with some random symbols.

Copypaste your passwords in a notepad file or whatever you prefer, keep it on a USB drive or something. If the accounts aren't super important make another notepad file with the passwords and store it elsewhere. Don't keep them together. Like ever.

It'll end up looking something like this nXK]NQ]}L2?=_{~F%mbV=fyH3P"X.

Are you going to remember that? If not, what are the chances someone trying to get into your account will? Another benefit is it won't be guessed easily as well.

I hope that helps! Be safe guys!
https://www.wired.com/2014/08/passwords-microsoft/

Also, storing your passwords on a document in your local filesystem is a terrible fucking idea, I don't care how secure you think you are.
 
  • Agree
Reactions: Large

DNJACK

Part of the EDF communauty
True & Honest Fan
kiwifarms.net
passwords should never be saved, neither client-side or server side. Also, they should never be send on any network.

Only salted hashes should be used.
 

2 litre soda

For what we do, we have to grovel?
kiwifarms.net
Just read an interesting article about a guy who hired some people to hack him. It turned out badly: https://splinternews.com/i-dared-two-expert-hackers-to-destroy-my-life-heres-wh-1793854995

For those who don't take this seriously...

An internet friend of mine sent me a picture of a stuffed animal she'd just bought. She didn't scrub the EXIF data from the picture, so I decided to do a little experiment. She (was) someone I knew almost nothing about, aside from our common hobbies.

Her iPhone logged the GPS location, so it was a simple matter of plugging those coordinates into Google Maps, and voila, I now knew what school she worked at, because that's where she took the picture. Another Google search got me a list of the teachers working there. Her email address happened to match the username of her accounts on a couple other forums, and in her posts, she mentioned being a math teacher. There was only one math teacher listed at the school. Boom, full name, work email, work address. From there, punching her name and the city into Google got me a mailing address, as well as her parents mailing address...

And this is me, an untalented schlub, using nothing but Google and the ability to right click on a photo I'd saved to my hard drive. Took about 20 minutes.

Now picture what someone who knows what they're doing, or who has actual skip tracing or private investigating experience could do.
 
Tags
None

About Us

The Kiwi Farms is about eccentric individuals and communities on the Internet. We call them lolcows because they can be milked for amusement or laughs. Our community is bizarrely diverse and spectators are encouraged to join the discussion.

We do not place intrusive ads, host malware, sell data, or run crypto miners with your browser. If you experience these things, you have a virus. If your malware system says otherwise, it is faulty.

Supporting the Forum

How to Help

The Kiwi Farms is constantly attacked by insane people and very expensive to run. It would not be here without community support.

BTC: 1DgS5RfHw7xA82Yxa5BtgZL65ngwSk6bmm
ETH: 0xc1071c60Ae27C8CC3c834E11289205f8F9C78CA5
BAT: 0xc1071c60Ae27C8CC3c834E11289205f8F9C78CA5
LTC: LSZsFCLUreXAZ9oyc9JRUiRwbhkLCsFi4q
XMR: 438fUMciiahbYemDyww6afT1atgqK3tSTX25SEmYknpmenTR6wvXDMeco1ThX2E8gBQgm9eKd1KAtEQvKzNMFrmjJJpiino