How to not get doxed - Stay safe while shitposting

  • Registration without invitation will be until July 4th, and we are reforming account penalties.

    MalwareBytes has, again, blocked both the .net and .cc domains for the Kiwi Farms. Complain to them, not me.

Nigel of Ukip

Leader of the Exceptional Illuminati
kiwifarms.net
Joined
Jan 9, 2019
20210414_173802.gif



SuperHound is a cuck
and how to not get doxed


Today we are going on a field trip with sweet deranged Nigel.

Recently I was contacted by SuperHound. I will add a video of the whole conversation we had because I don't want there to be any question about what was said. I played along to win some time and maybe get more information, which I sadly didn't get. During this time I contacted both detractors in question, warned them and gave them advice on what to change to make it harder for people to find them.
I have to add, I will never leak private DMs. However this is where I believe it has to be done because it might hurt people that I like shitposting with, and that does rustle my jimmies.



This made it clear that he is trying to dox detractors. I'm also certain some people might take his offer, while some people might simply get doxed because they're not too careful. So I decided to help my fellow detractors stay safe.


So grab a bag of salty Lays because we're basic bitches, and let's start our field trip.






There are several ways to protect against doxing. I'll go over some very basic, surface level things to watch out for. I wont go too deep because I believe if you follow these steps people that aren't into this kind of activity wont be able to find you anyway.
However, I will gladly help anyone that has further questions, just DM me and we will go over anything that worries you.



Basic stuff you should already know
Limit your personal information

No one needs to know your name, who you are, what you do or where you do it. If a site requires personal information simply lie, or make sure it's set to private. With current leaks I would suggest you simply make a fake persona, and go with it. Go with something like Hugh Mungus, born on 4/20/69 from Batman, Turkey. Or whatever else you see fit.

Do not use the same name on multiple websites or apps
This is the most basic advice I can give you. It's common for people to use the same name on multiple websites, and it's very easy to go from website to website collecting bits and pieces of the information they leave on every site. Either be careful about what you post, or use different names for different sites. Specially if you use degenerate furry and fetish sites.

Avoid social media
Social media is cancer, and you don't need it. Social media sites and apps store insane amount of information that can help people like me track you down. If you have to use Facebook or Instagram, always, always set it to private. Never use a nickname you use, or used. I'll talk more about this later.
* Most profile pictures from social media can be ripped, so don't take pictures that may help narrow down your location such as a window behind you.
* Always disable location.


Change your passwords
No brainer, but people don't do it because we're lazy. Leaks happen, passwords get out. You can use several sites like haveibeenpwned to see which leak has your information. That information can easily be found, so change whatever was compromised.
So change your passwords, and don't be a cheeky cunt with a single Caps Lock change because that's the first thing people like me try.
Also, I would suggest you take an hour each month and go over your emails to see if anything leaked and requires your attention.

Different email for every site
It's wise to not use the same email for multiple sites. Limit your email to a few sites, or if possible one email per site. This will make it much harder for people to get your information if something leaks. Since even if your email and password leak, it will only cause damage to one account which you can easily fix.

Use a VPN
While you don't have to, it doesn't hurt if you do. A VPN will help you stay anonymous. While your connection might be slightly slower, you will be safer. However, don't use some exceptional bootleg knockoff VPN. I'll post some a few you can look into and maybe use.
Express VPN - 15 months (12 months, 3 free), 6.67$ monthly. Offers a 30 day money back guarantee.
Nord VPN - 12 months, 3.93$ monthly. Offers a 30 day money back guarantee.

Two factor authentication
The chances of someone stealing your phone, cloning your SIM or hacking all your emails are slim. It will keep your accounts safer. I would suggest everyone uses this. Just be sure you always keep the security and safety of your backup method up to date.

Don't download weird things from weird sources
One risky download can mess you up horribly. No matter which device you use and how safe you think you are.

Don't go on random links
These days people will use websites to get your IP. They can use it to narrow down your location, hack you if they're hackerman or simply DDOS you. However if you use a VPN, you're good mate.


Social media is cancer and this is why
(also how to stay safe)

Facebook

Facebook stores a metric fuckton of your personal and private information. If you're a boomer and insist on using it, do the following.
  • Set your profile to private (Changed in Privacy Settings)
  • Hide your friends list (Changed in Privacy Settings)
  • Change your banner image to an image that will have zero likes (You can finesse the system and see much more if you're a cheeky cunt)
  • Do not like any banner image
  • Have none or as little possible likes (Shows, People, Games, ...)
  • Make sure your Facebook URL doesn't use any nickname you used in the past or use currently
One of the worst things about Facebook is the forgotten password system. If you enter someone's email it will show you their full name and picture, and I believe you can guess what we can do with that information.
Really you don't need Facebook in this day and age. Facebook is cancer and it has too many traps that can get you doxed.

Instagram
Instagram is really simple since all you need to do is change your profile to private. If you want to feel special you can do the following.
  • Don't accept people you don't know
  • Don't use a bio that is a self dox (No one cares about your life)
  • Make sure your username isn't a nickname you use or have used before

Twitter
If you use Twitter to shitpost you wont change it to private, so just follow these steps.
  • Disable showing your email when you use forgotten password (Twitter will show something like DS*******@g****.*** which with the right tools, or time you can guess since they show the correct number of signs. So let's play DS(7*)@g(4*).(3*) > DSPisafag@gmail.com)
  • Disable showing your number when you use forgotten password
  • Do not use a nickname you use or have used before

YouTube
If you use YouTube for personal, non detractor stuff follow these simple steps.
  • Make sure your username isn't the same as a nickname you use or have used in the past
  • Make sure your tag isn't a nickname you use or have used in the past
  • Make sure you don't show your nickname in videos (Gameplay, Streaming, ...) if you have gameplay videos and decided to change your style be sure to nuke those videos to oblivion
  • Make sure your channel URL doesn't include your name, current or old nickname

LinkedIn
You are fucking exceptional to use this site and give it all the information it asks for. Why on earth would you give all of your private information up on a silver platter? If I find your LinkedIn, I will most likely know where to find you from 9 to 5. LinkedIn also had two leaks in the past that didn't help their case, at all.
If you have to use it, use common sense, I guess? I mean you are willingly doxing yourself when you use LinkedIn so I don't know what to tell you.


Overall advice you should keep in mind

Likes

Likes on social media can be public. On Facebook if you like someone's banner picture, it will be public. I often dox someone's friends first, and make my way through them to narrow it down and find my target. So this has often helped me.
Same goes for Instagram. If the person's account is set to private yet the profile of the person they like stuff from isn't set to private, you can find them. I've often looked over someone's friends or topics that I believe they liked to find them.

Steam
Steam keeps your old nicknames. If you search for some old username you used, your Steam account will show up even if you currently use a new name. So I would suggest if you change your name, to spam change it so that old names are gone from the recent name list. I would personally suggest you change your account to private, because Steam offers lots of good information.

Groups
Do not join autistic "private" detractor groups on Twitter. There is absolutely no need to be in a group where you shit talk other detractors and/or share stuff about your private life.
If you're in a group of people that shits on person X in private, but are polite to person X in public, I can guarantee you they do the same to you and you are person X in another chat. Most of these groups are also a gold mine of information since all of it leaks eventually, and it only makes you look like a twat. When it leaks you also make enemies with the people you badmouthed and they might want to use the information you shared to fuck with you.

People you meet online
Never share your personal information with people you meet online. Once you tell someone something, you can't take it back. It's on the person to keep it or spread it and that's not something you can private or disable. The information you give is forever, your friendship might not be. Use common sense, know how much information is too much.

Pictures you share
Pictures are a great tool when I'm doxing someone, so be careful what you share. Car registration plates, bars, clubs, restaurants, stores, signs, landmarks and so much more can help people like me narrow it down. God forbid you take pictures of your apartment, or pictures from inside your apartment where I can see out from a window. As with most things, common sense goes a long way.

Google yourself
The best way to see what information is out there is to Google yourself. Check your nickname, or nicknames. Search using quotation marks for more accurate results.
e.g. "chemicals turning frogs gay"





So these are some tips I believe people should go over, check how secure they are and change things that may need to be changed. While everyone can get doxed, I'm quite certain if you follow these steps you will be safer from any turbo autist trying to get your information.

Again, if you need any further help just DM me and I will get to you as soon as possible.
 
Last edited:

Nigel of Ukip

Leader of the Exceptional Illuminati
kiwifarms.net
Joined
Jan 9, 2019
but nigel my hobby requires me to download files from strange russian websites sometimes. whatever am i to do?

Look for alternatives.
I would also get my porn suggestions from Russian sites, mate. However I simply switched to a simple alternative and I'm now getting my suggestions from the beautiful and talented Derich. 🥰

This OP brought to you by Nord VPN.

Have you heard of this thing called Raid, Shadow Legends?
 

Shirō Ishii

War crimes? What war crimes?
True & Honest Fan
kiwifarms.net
Joined
Feb 27, 2020
The stuff about Facebook and Linkedin is absolutely true. I have found so many people just by looking through the facebooks of their friends, children, or wife/husband even if their own facebook doesn't show up in the search bar, they show up in their friends list. Same with likes or dislikes as one of the biggest ways I can figure out what you like if it's not posted on your own page is through the pictures of your friends/family. It's also how I've figured out the names of peoples kids or dogs because their friends/family with no privacy settings whatsoever willing love to say who they are in the comments of said photos or as part of the post itself.

Your info about Linkedin is spot on too. I've figured out which particular branch office people work in just from what they put there and usually, from the people I find information for, where they work usually has a website which lists their fellow coworkers as well as the person I'm looking for putting a profile of themselves right then and there on the company website.
 

Yidhra

kiwifarms.net
Joined
Apr 16, 2021
While I sincerely appreciate the effort that went into this thread our dear fellow kiwis must know some of the really useful anti-malware tools that they can employ in their every step other than common sense:
Phishing detection:

https://checkphish.ai
https://phishcheck.me
https://www.virustotal.com -Check out several malware blacklists.
https://urlscan.io -get a screenshot and see the redirects of a site
Download and run files in a sandbox(2)
https://www.hybrid-analysis.com
https://app.any.run

Try not to use Win10/SpywareOs if you can help it, if you are forced to use it like me use a virtual machine and surf the web inside it. Also if you really want to share a picture just use an exif eraser, but you are better off not sharing at all if you can help it tbh.
 

8675ynneJeMllaCyehT309;)

Ok? Alright? Sound good? Ok.
kiwifarms.net
Joined
Dec 12, 2020
I was just shoring everything up with Twitter aNd tHe LiKe and Twitter went down altogether as I was doing it and I kinda freaked out for a second.

I'm small potatoes, don't have much of an online prescene in the Detractor community outside of Kiwi and Twitter but your fear mongering worked, Nigel.

Thanks for the advice. To those that are a bit more cavalier with their identity and making really questionable posts like

- a screen cap of your Twitter and censoring your username but leaving your entire tweet, word for word - making it super simple for anyone who knows how to use basic twitter search

-revealing your twitch/youtube/twitter handle in a post, directly linking your Kiwi account with other accounts. 🐸👀

💜
 

We Are The Witches

kiwifarms.net
Joined
Feb 23, 2019
In regards to passwords, you can calculate your own one's entropy with a simple formula: E=log2 (P^L), where P is the pool size of the characters you used (can be a mix of lowercase, uppercase, numbers and symbols), raised to L, which is how long your password is. You can then substract a point of entropy if you want to assume a brute force attack with a 50% chance of success.

So "Password3" would have a maximum entropy of ≈53 (lowercase/uppercase and numbers make that a pool size of 62, raised to 9, then you put that inside the log2 formula). Last time I checked, one of the password security guidelines was something like this:
<28: very weak
28-35: weak
36-59: not great
60-127: strong
>127: very strong

But then, there's also the dictionary attacks where it would make the previous password significantly less secure, because it's easy to guess. A good example is "mrstupid1", it's technically at ≈47, but in practice is a very bad one.
 

folly magnet

kiwifarms.net
Joined
Jan 16, 2021
Some good tips I hadn't thought about in that OP. I don't have anyone I care enough about to doxx but when I do, I'll be putting them to good use.

Mostly though, if you know you're going to be trolling/doing shady and/or illegal things online, what would possess you to use an account remotely related to your real identity? The amount of people using their Twitter/IG/etc. Like I cannot fathom using an IG account to shitpost and then turning around posting real pictures on there.