Privacy Checkup 2021

Null

Ooperator
kiwifarms.net
Joined
Nov 14, 2012
Featured on Mar 17, 2021 at 9:00 AM: I wrote a privacy checkup guide for new users and oldfags alike.
Hello,

Recently we switched to a new theme. When we changed, I forgot to copy the registration form warning to the new theme. This is what that warning looks like.

1615898704788.png

There has been an influx of many new users, but not all of them have been taking adequate measures to secure their privacy. Now is as good a time as any to review your privacy.


Your Username
Never use the same username twice.

If you are wanting to remain anonymous, your username should be unique to this community. If you've ever used your username on other communities, you should immediately request a username change.
https://kiwifarms.net/account/username

This includes if your username is generic or generic sounding. I once doxed someone who used a username similar to "A Username You Cant Google". He had used that username everywhere and it's actually quite unique.


Your Email
You should use a permanent email not tied to your real ID.

Only admins can view your email address. However, we have had a security breach in the past which leaked the email addresses of active users.

I am a single person with almost no resources, so it was always a matter of when, not if. For years before the hack, we've maintained a policy of keeping as little information as possible. This includes advocating the use of permanent alter-ego email addresses. When the hack happened, there was almost nothing identifying in it, as most people took their privacy seriously.

Alter-ego addresses are email addresses you do not use on sites tied to your real identity on. Remember, your email address can leak from hacks like the one we suffered. Websites keep track of what email addresses (and other associated data) have been compromised. I suggest subscribing to haveibeenpwned on every email you use.

They are not disposable / temporary email addresses. We do not allow those because they are used by spammers and abusive accounts suicide bombing the forum. Any legitimate users with a disposable email will eventually forget their password and be permanently locked out, so it's seriously against our interests to allow it.

A list of good email providers to build alter-egos with is available on this site:
https://www.privacytools.io/providers/email/

You can change your email address here, but you will be required to verify it before you can begin posting again.
https://kiwifarms.net/account/email


Your IP
Use a VPN or Tor if you post from work or school. Use a VPN or Tor if you post from shithole countries.

It's important to understand what an IP is and is not. Many people believe that your IP address is a free ticket to dox someone. It is not. Go to whatismyipaddress.com to see what information is available to someone who has your IP. Mobile IP addresses in general are less precise.

IP addresses are not useless information, though. They are good at confirming suspicions. If I believe a user might be a lolcow that I know lives in Richmond, Virginia and their IP address is a domestic broadband connection from Richmond, it would be very safe to conclude that is the same person. If their IP was a proxy, I couldn't know for sure. If it was a domestic connection from another state, it'd be safe to say (but not conclusive) that it is not the same person.

Governments have more uses for IP addresses. ISPs do tend to keep track of who has an IP assigned to them at a specific time. Governments can request this information. This was a big deal when the government of New Zealand was requesting IP information of everyone who had posted in the thread about the Christchurch shooting. They could have used that information to intimidate or even litigate New Zealand citizens posting in that thread without a proxy.

Large companies and especially universities own their own IPs. This means that if you're posting from work or school, your IP is more useful information when compromised. We had an incident where we believed two users were socks because they both posted using IPs from the University of Singapore. Turns out, they didn't know each other even though they were from the same campus. As companies and universities are private entities and often tend to spy on network activity, it's ill-advised to post here using Internet from work or school. Private institutions may independently decide to suspend you if they were to learn you used this site.

In short, it's not crucial to use a VPN from home. However, it never hurts. I use a VPN all the time. Users from speech-hostile nations such as the UK/NZ, as well as users who routinely post from work or school, should use a VPN. If you cannot afford a VPN, you can use Tor to access the Kiwi Farms.

Accessing the Kiwi Farms from the Tor Browser will direct you to the Tor version of the site. Opening the site with Brave will place a button in your URL bar which directs you to the Tor version of the site. The Tor Browser is the ultimate standard of privacy online. Brave is sufficient for users browsing legal content on sites they trust. I advocate for using Brave because it enables people to easily donate to the site via BAT.

Do not use "free" VPNs. They hijack your connection and sell your bandwidth to malicious entities (spammers). When you use a "free" VPN, you are using another person's connection hijacked by the VPN software, and other people will be using yours.

For VPN suggestions:
https://www.privacytools.io/providers/vpn/

Myth-busting Tor:
https://write.privacytools.io/my-thoughts-on-security/slicing-onions-part-1-myth-busting-tor
https://write.privacytools.io/my-th...-onions-part-2-onion-recipes-vpn-not-required


You
The only person who can properly protect your identity is you. Be careful what you post. Be careful who you trust. The best way to avoid problems is to not say anything you'd regret.

I strongly advise against joining offsite, KF-adjacent groups (like Discord) because those people aren't your fucking friends, and when they dox you, it somehow always becomes my problem.

Take your alter-egos seriously. Consider a password manager. I used to use LastPass but they got greedy, so now I use Bitwarden. Alternatives found here:
https://www.privacytools.io/software/passwords/

This website is fantastic in general. In modern times it's not possible to stay totally private, but there's a lot of easy changes you can make to protect yourself.
https://www.privacytools.io/


Stay safe frens.
 
Last edited:

Robotic Richard Simmons

Robotic Weight Saint
True & Honest Fan
kiwifarms.net
Joined
Nov 19, 2015
Thanks for the advice! There's a cow I doxxed that claims he uses pixel tracking on his own website so even though he's a complete retard and probably doesn't know what to do with that info, it's still a good reason to use a VPN when accessing sites run by cows.
 

Hackallier

True & Honest Fan
kiwifarms.net
Joined
Sep 29, 2018
IP addresses are not useless information, though. They are good at confirming suspicions. If I believe a user might be a lolcow that I know lives in Richmond, Virginia and their IP address is a domestic broadband connection from Richmond, it would be very safe to conclude that is the same person. If their IP was a proxy, I couldn't know for sure. If it was a domestic connection from another state, it'd be safe to say (but not conclusive) that it is not the same person.
🌽 🌽 🌽 🌽 🌽 🌽 🌽 🌽 🌽
 

YachieKicchou

kiwifarms.net
Joined
May 23, 2020
Occasionally it's good to drop false information. "I live in Nebraska" when I actually live in XYZ. Make up information. You shouldn't be saying anything identifiable but if you need to, embellish or make shit up a little. Lie about your hobbies too. It takes one person connecting the dots.

https://tweetdelete.net/

https://github.com/j0be/PowerDeleteSuite

Keep two accounts for each website is a good idea in general, depending on what website it is. Occasionally delete an account and rotate to a new one if you don't just rotate usernames. If you're on Discord you should occasionally purge all your messages
 

Mr. Chuckie Sneed

kiwifarms.net
Joined
Mar 2, 2021
Thanks for the advice! There's a cow I doxxed that claims he uses pixel tracking on his own website so even though he's a complete retard and probably doesn't know what to do with that info, it's still a good reason to use a VPN when accessing sites run by cows.
Using a VPN in general is great practice no matter what. Sure it probably won't stop the NSA from spying on you but it's still good to use.