Poa.st / Chudbuds.lol General Discussion Thread - !! Poa.st and Bae.st have been compromised, all direct messages have been leaked. !!

[HahaYes]

"We have been working on security" graf said.
"The only way anything would happen would be via social engineering" he said.

 

[IamnottheNSA]

Nearly half of the registrations at poast used gmail.com addresses, 14541 out of 30150. Don't do that.

Compuserve.com or bust!
No, seriously, don’t do gmail, lads.

 

[HahaYes]

No, seriously, don’t do gmail, lads.

Listen, you got at least three-fourths of your life to go.
That’s three more lifetimes to you.
So don’t blow it.
Don’t do gmail.
If you’re doing it, stop it.
Get some help.

 

[whatever I feel like]

So glad I never actually signed up to poast (or chudbuds.)

 

[Jump]

Would deleted accounts also be compromised or does that data get deleted when the account is?

Luckly I migrated my account to chudbuds.lol
Hopefully poa.st deleted my account from their database when I moved. I don't want my dox to get out.

 

[The Last Stand]

And this is why the Right is losing. Lolicon DMs after a hack.

 

[Rogue AI]

I know there's going to be some Antifa doxing groups that will be pouring over this leak very carefully.

Lest this be another reminder to practice solid OPSEC hygiene.

Why would antifa be interested in this? The only thing funny has been the dick pics.

 

[Jump]

Why would antifa be interested in this? The only thing funny has been the dick pics.

The tranny mastodon side of the fediverse are 100% going to be all over this. They have nothing better to do. If your a nigger/nazi/loli poaster and registered with real.name@job or your .edu account expect problems.

 

[MugolEx]

I know it was already said but JOSH FUCKING WARNED YOU GRAF! GET FUCKED!

 

[RyePonic]

Would deleted accounts also be compromised or does that data get deleted when the account is?

deleting an account probably doesn't cascade to each dm or post that is stored in the database

 

[YouDoNotHaveTheRight]

The alleged smoking gun. Neat.
Deleted accounts don't appear in leaks unless they have already been sweeped up. Also may be the same if accounts had zero DM activity. The only ones with egg on their face are those trying to be sneaky in post dms or sending nudes/embarrassing shit.

 

[Passing Through Town]

deleting an account probably doesn't cascade to each dm or post that is stored in the database

Deleted accounts still had their DMs leaked, but not emails as far as I can tell.

Luckly I migrated my account to chudbuds.lol
Hopefully poa.st deleted my account from their database when I moved. I don't want my dox to get out.

You should be fine so long as you didn't send private info in DMs.

 

[YouDoNotHaveTheRight]

This was attached to graf's message there.

 

[Illuminati Order Official]

Why do so many retards send nudes on these "alternative" sites? It would be more secure to email them or fucking print them out and send through the actual mail.

ftfy

The alleged smoking gun. Neat.

Isn't it the way we were attacked last year? I mean, through a script disguised as some non-executable file, used as an attachment and the executed once it was uploaded.

 

[Harvey Danger]

This was attached to graf's message there.

So, no real social engineering. They spun up a fediverse-specific attack, using the way things federate to get the oauth token-capturing file to execute locally. That's kind of slick.

It's unclear if it required a user to even open it. I think it might get triggered with just the way previews work.

 

[Norman B. Normal]

In my mind "poast" should be pronounced as two syllables, like "poäst."

I don't have anything useful to contribute, but then neither do 80 percent of users who flock to a thread after it gets featured on the front page.

 

[DoomSayer]

Why do some of these conversations look one sided when they clearly weren't? Would users that got banned or moved instances get their messages purged or something?

 

[Spergichu]

The alleged smoking gun. Neat.
Deleted accounts don't appear in leaks unless they have already been sweeped up. Also may be the same if accounts had zero DM activity. The only ones with egg on their face are those trying to be sneaky in post dms or sending nudes/embarrassing shit.

Why would user-deleted accounts not be in the database, but ones that got banned are? Seems weird to delete one and not the other.

 

[2 Faces 2 Colours]

The tranny mastodon side of the fediverse are 100% going to be all over this. They have nothing better to do. If your a nigger/nazi/loli poaster and registered with real.name@job or your .edu account expect problems.

Hopefully nobody is stupid enough to use their real names on websites like this in general.

 

[Retink Retunk]

Why do some of these conversations look one sided when they clearly weren't? Would users that got banned or moved instances get their messages purged or something?

Not sure, but maybe if a user is banned/defederated their messages are purged? I think a couple vanished from my DMs back when people were using it during the Keffals bullshit, but I don't know if that would remove them from the server records.