I'm sure there were Ashley Madison users who did just that, though. I can't find a number of how many members had their info strewn out there.
Last edited:
Cybersecurity 101 -
- Thread starter Null
- Start date
Then they probably got busted by the hackers tying the payment info (ssn, credit card numbers, mail addresses) they acquired to real people.
ashley madison's site security was really bad apparently
they had a bunch of passwords stored as plaintext and their server's key didn't have a password
also people were dumb enough to sign up with their official government emails which hopefully nobody would do here
they had a bunch of passwords stored as plaintext and their server's key didn't have a password
also people were dumb enough to sign up with their official government emails which hopefully nobody would do here
A big danger in the leak was payment info- in order to process an electronic payment, certain verifiable details are required. For credit cards, this typically includes the card holder's real name, address, and phone number which are used as anti-fraud data when handling electronic payments. The US has some pretty stringent laws around handling credit card related info online but it is a bit onerous and most companies outsource the bulk of the compliance to third-party payment processors. Unfortunately, they think this means they don't have to be careful with anything other than the PIN or CCV/CVV itself which is of course untrue. A major goal of said compliance programs are to allow for continued user identity protection even in the case of a security breach resulting in data becoming accessible.
I don't know the state of the backend systems and what is/isn't encrypted here, but in general just make sure that your "private" profile here (DMs and such) is as anonymous as your public so that if somehow all KF data was leaked, it would make no difference at all.
AcolyteOfMilk
kiwifarms.net
In normal circumstances do sites give away your IP info? I use a vpn but this thread makes me afraid of getting milked.
Under normal circumstances, every website you visit is tracking your IP unless they state otherwise and you trust them. Anything along the lines of "targeted ads" through google or facebook is likely going to be able to tie your IP address together. It's pretty messy but a VPN from a big provider is a very good step in the right direction for respect to your privacy.
AcolyteOfMilk
kiwifarms.net
For his grand finale, Chris had one of his social engineers, Jessica Clark, conduct a “vishing” (voice solicitation) call to my cell phone company, in which she pretended to be my (non-existent) wife and asked for access to my account. To make the act more convincing, and elicit sympathy from the customer service rep, she found a YouTube video of a crying baby and played it in the background, while spinning an elaborate sob story about how I was out of the country on business, and how, if she could just get into the account, she could get the information she needed to apply for a loan. (You can watch Jessica's vishing call at 2:13 in the video above—it's pretty amazing.)
The act worked: the customer service worker believed that Jessica was my wife, and—over the screams of the YouTube baby noises—not only allowed her to access my account, but allowed her to change the password, effectively locking me out.
I dared two expert hackers to destroy my life. Here's what happened.
This is Episode 8 of Real Future, Fusion’s documentary series about technology and society. More episodes available at realfuture.tv.
splinternews.com
Have cows alts been found because of their writing style? Or is that something used as extra evidence and not defining evidence? Could this backfire if all your alts are strict grammar nazis?
Secondary characteristics like writing style are usually used to confirm but no one serious would accept them alone for a dox. Hard evidence is required, but the other stuff can lead to the good stuff.
AcolyteOfMilk
kiwifarms.net
Thanks AlexJonesGotMePregnant!
In this thread a tip is to remove metadata, but can Word just stop saving metadata in the first place all together?
And is it only phones that save EXIF data or do computers also reveal their gps with exif data?
I have not seen this tip mentioned. Lie about the details of your life.
In this thread a tip is to remove metadata, but can Word just stop saving metadata in the first place all together?
And is it only phones that save EXIF data or do computers also reveal their gps with exif data?
I have not seen this tip mentioned. Lie about the details of your life.
Don't use things like word; any services that have an online access feature (cloud sync, account sign in, etc) could be looking at your data and tracking it. Use text editors or make new, separate accounts. Google docs works great if you keep things segregated well enough.
I'm not sure about EXIF data from PCs, but I suspect not. One somewhat unrelated thing to note: pretty much all printers are traceable via invisible signatures printed on every page. If it is possible to trace the printer's ownership to you, anything you print from it points straight at you to those who can find such data (likely only the government could succeed in successfully getting data from each step of the way). You should keep this in mind with everything you do online because electronic signatures are more common, more accessible, and just as invisible.
I'm not sure about EXIF data from PCs, but I suspect not. One somewhat unrelated thing to note: pretty much all printers are traceable via invisible signatures printed on every page. If it is possible to trace the printer's ownership to you, anything you print from it points straight at you to those who can find such data (likely only the government could succeed in successfully getting data from each step of the way). You should keep this in mind with everything you do online because electronic signatures are more common, more accessible, and just as invisible.
So since some people here seem knowledgeable: What's your stance on antivirus? Asking as my AVG is causing DNS leaks (That seem impossible to fix even when asking them directly) and thus I'm considering just uninstalling the damn thing. Supposedly Windows Defender + occasional checks with MalwareBytes should be more than enough, but I honestly feel anxious just getting rid of the antivirus I've used for literally 15 years.
Antivirus is more about locking down your system beforehand, in my experience. Don't click links you're not sure about, disable ads and JavaScript, only visit trusted porn sites etc. Maybe once a year I'll install antivirus out of curiosity and I'm usually clean as a whistle or have a couple of minor files that are easily cleaned up.
Then I uninstall that Ram chewing, experience ruining garbage.
ETA: If you're constantly getting viruses on your computer it's probably PEBCAK and you ought to be ashamed.
Varg Did Nothing Wrong
kiwifarms.net
If you're not retarded and downloading Hentai.png.exe then antivirus software isn't doing anything for you anyway.
I agree with the two above posts- behavior modification is most important for protection. As often as possible, let your OS handle itself and don't download/install shit from the interview unless you know what you're doing. Disabling ads and javascript is a really basic and easy way to start. In general, anti-virus software is trying to kill a fly with a boulder.
Writing style can be used not only as a confirmation where you suspect some one, but if say you have a large pool of people, and you want to narrow down to a most likely candidate list for further, closer examination.
There is really sophisticated software that is used, by the NSA, CIA and FBI - the usual suspects, but also social media companies. It one way they ID people who have different accounts aand its also one of the tools used to uncover the Russian/Chinese/NSA/Macedonian hackers.
Style can include spelling (US vs UK vs AUS vs Continental) but it usually focuses on the number of certain words (articles, negations), the reading age (elementary vs High School vs College) and, favorite words, repeated phrases, that a person uses (ideolect - https://en.wikipedia.org/wiki/Idiolect) but also that they use because of their profession - lawyers write in a different style to doctors, say. And syntax. People organize thoughts in specific ways and this is more or less indicative. I once worked with a man who quite literally produced writing like silk. It just flowed. I saw him composing documents, where he would just dictate it to someone to type. Fucking amazing. And you read it and believed it. His colleagues hated this talent. But any document that had been near him you could tell; it had his finger prints all over it. That's what made me look into it.
So, the trick is to limit online posts, and limit length of posts. And strip all identifying data from posts, photos etc - screensnip is useful here, plant false leads, and use a VPN, and linux.
NiggerFaggot1488
kiwifarms.net
I remember when our very own weev posted the information of a few government workers who used .gov emails to register there and got leaked.
Also Jesus Christ about unhashed passwords, thats usually a few lines of code to remedy. Pure negligence.
absolutely. i generally operate under the assumption the government can tie any regular online activity together with the sort of thing you mentioned so i generally aim more for non-government stuff that wouldn't be easy to associate without the illegal sort of spying the nsa does. the only way to really "hide" from the government is to keep the absolute smallest footprint possible but my autism deficiency would flare up if i didn't post here so i have a doctor's note for my shitposting
How trustworthy is Opera's VPN service? Some people claim that it isn't actually a real VPN.
If anything its closer to a Proxy than a VPN.
I'm just gonna say this about security on the internet in the 2010s.
You're account is as safe as it's entry point, which is why I'd advise the use of Keepass to store passwords instead of the online password managers. You'd still have to add accounts manually, but that isn't much of a problem since a few more clicks of the mouse (or typing more keystrokes) is nothing much to me.
Unlike most other password managers (Dashlane, Lastpass, etc.), a file stores your passwords and the storage and management of the file is up to you. Did I mention that the utilities used to make and manage KeePass files are wide, the Keepass source code is open and it's completely free?
You're account is as safe as it's entry point, which is why I'd advise the use of Keepass to store passwords instead of the online password managers. You'd still have to add accounts manually, but that isn't much of a problem since a few more clicks of the mouse (or typing more keystrokes) is nothing much to me.
Unlike most other password managers (Dashlane, Lastpass, etc.), a file stores your passwords and the storage and management of the file is up to you. Did I mention that the utilities used to make and manage KeePass files are wide, the Keepass source code is open and it's completely free?
Similar threads
Or things I wish I knew 15 years ago.
- Sticky
If you make a thread without archiving shit I will strangle you.
