Privacy Checkup 2021

DinahLiddell

kiwifarms.net
Joined
Feb 26, 2021
Oh I was just wondering when my threads were started delete and sent over to reddit. I'm a lolcow but have definitely seen where I was wrong to do certain things out of anger and frustration.
 

Ahriman

Vivere Militare Est.
kiwifarms.net
Joined
Jan 22, 2018
Do any of you fine gentlemen use private cloud storage? so far I am content with whatever storage my Yandex account offers (it's not even maxed out), but what is the general consensus about MEGA, pCloud, Dropbox, etc?

I imagine I'd be better off setting up my own NAS and prepping my very own "Cloud®" underneath the stairs in my own home, but I wanna hear what you guys think.
 

Sammy

Exhibits no Islamic behavior once given McNuggets
Forum Staff
Global Moderator
True & Honest Fan
kiwifarms.net
Joined
Feb 24, 2014
Deleted Message
Eh, the message was a little power level-ish but nothing turbo funny gold people gots tah see, and the fact they had the sense to realize they were oversharing and remove it, in a thread about double-checking your privacy settings and not accidentally oversharing, like, I'm just leaving it.
 

HTTP Error 404

True & Honest Fan
kiwifarms.net
Joined
Feb 28, 2019
Your Email
You should use a permanent email not tied to your real ID.

Only admins can view your email address. However, we have had a security breach in the past which leaked the email addresses of active users.

I am a single person with almost no resources, so it was always a matter of when, not if. For years before the hack, we've maintained a policy of keeping as little information as possible. This includes advocating the use of permanent alter-ego email addresses. When the hack happened, there was almost nothing identifying in it, as most people took their privacy seriously.

Alter-ego addresses are email addresses you do not use on sites tied to your real identity on. Remember, your email address can leak from hacks like the one we suffered. Websites keep track of what email addresses (and other associated data) have been compromised. I suggest subscribing to haveibeenpwned on every email you use.

They are not disposable / temporary email addresses. We do not allow those because they are used by spammers and abusive accounts suicide bombing the forum. Any legitimate users with a disposable email will eventually forget their password and be permanently locked out, so it's seriously against our interests to allow it.

A list of good email providers to build alter-egos with is available on this site:
https://www.privacytools.io/providers/email/

You can change your email address here, but you will be required to verify it before you can begin posting again.
https://kiwifarms.net/account/email

So as an aside, does anyone know why Cock.Li is suddenly forcing the braile font on everyone?

1617205824991.png
 

Ben Garrison

Got a life sentence, when I shot a Jew
kiwifarms.net
Joined
Jun 3, 2020
The real redpill is to use someone else's username so they take the blame

edit: DO NOT look up my username
I am the real Ben Garrison ;)

I dont know if its been said, it probably has. but enable 2FA everywhere. and invest in a u2f device like like yubikey, get 3-4 and generate the same secret on all 4 use that to be the password of your keepass db (i use keepassxc) that way you dont know your password to the db, and you have 3-4 backups of the password to unlock it, which means you can have a 256 character password for your db file.
 
Last edited:

glow

Softly glowing in the dark
kiwifarms.net
Joined
Aug 13, 2020
Do you reckon a an alias-forwarding service like https://simplelogin.io/ would be enough, or should every account get their own proper email address?
Looks reasonable but if it gets compromised or if the admin who runs it decides they don't like you, they can easily pwn your account by intercepting forgot password emails. It wouldn't surprise me if glowies already had their hooks into it somehow but likely they're looking for actual serious criminals as opposed to wrongthinkers. Definitely connect it to an alter-ego email address if that's what you decide to do. It could provide a good level of protection in the event KF gets pwned again because the alter-ego address is still unknown and cant be correlated with another list but it depends on your risk threshold.
 

Dergint

kiwifarms.net
Joined
Dec 16, 2019
Do you reckon a an alias-forwarding service like https://simplelogin.io/ would be enough, or should every account get their own proper email address?
I generally agree with glow, but I want to add... So much to that response. To try to keep it reasonable, I'll only list these two points :

  1. Do not assume the forwarder is the only risk factor. If we're talking nefarious admins, the people who run your regular email can still read the forwarded email and ruin your everything. It's another reason using an alter ego email is critical.
  2. Make sure you understand the tools you use. I see that simplelogin.io can encrypt your emails via pgp. That is good, it can stop a nefarious email provider from reading your messages. It probably doesn't hide Metadata like subject lines and who you're taking to. This is not a bad thing, it's just an example of a limitation that you need to account for.
 

mister_ree

AK-47 mach betta dan F-15 an nukes
kiwifarms.net
Joined
Jun 29, 2021
To the retards suggesting you rotate TOR nodes often: don't.

Understand how the Monte Hall problem works retards

You're much more likely to EVENTUALLY land on a compromised 3-hop route than you are to land on one off the bat with the first connect.

Once they can signature your connection properties (because I know none of you like to inject artificial timing chaff or scrub your cache DNS and SSL certs), they can then narrow you down on better routes.

Now for this site it doesn't matter but it's just dumb shit advice all around for those residing in shit nations.

This goes doubly so for hidden services and protection their rendez-vous points.