Postmortem Site compromised 10-Sep-2019

[Nappy]

Someone shoot me a link to the file. Want to know if I was grabbed.

 

[The Jumping Dwarf]

Here's my Kiwi Farms security guide. Actually, if you do this with each site, you're probably pretty safe.

1) Only access the site via a VPN. Pay for your VPN with crypto. Yes, it's a pain, yes it's necessary because you don't want your VPN provider having a credit card number that can link back to you. Actually, if you're in a place where you can get prepaid Visa cards, use one of them. Use a VPN provider which claims to be logless too, but making it hard or impossible to identify you from your payment method can't hurt.

2) Use a throwaway email account from a site not connected to Kiwi Farms. I like cock.li. Once again use a VPN to access it. Use a VPN for everything basically

3) Use a secure password. I use passwords generated something like this. You need a bash shell, though the password generator function should be pretty easy to get working in a Windows batch file.

function randpass_openssl
{
openssl rand 4096 | openssl dgst -binary -sha512 |  openssl base64 | tr -d /=+ | head -c ${1:-32}
}

randpass_openssl 32

xyrhOapDJZUvShsLNUHC2X3HCTxF4x3R

Use a different password for each site. Use a different username for each site. Use a different email address for each site.

That's a lot of bullshit for shitposting on a comedy website. I don't give a shit about them stealing my IP. I challenge any fat out of shape American troon to cross the Atlantic Ocean just to trawl the 20 mile radius where I might be located.

 

[FeverGlitch]

Is this literally Islamic Content?

In the name of Isreal, yes.

 

[PlasticOwls]

Yes you are. Number 14222 in the .csv file. There are three IPv6 addresses tied to your username, and your gmail is in the h folder.

Cant access the file. I know Im in there, but anything incriminating?

Hell, I don't remember half the things I did or said a year ago, much less since 2017.

 

[Actually Christian Bale]

yes. Repent infidel or Allah shall strike you and send you to the depths of Jahannam

You'll never take me alive!

changes VPN

 

[Stafford Beer Bong]

If they waited just one more day we could’ve had our own Kiwi Farms 9-11.

Always remember.

 

[Anrende]

Cant access the file. I know Im in there, but anything incriminating?

Hell, I don't remember half the things I did or said a year ago, much less since 2017.

who cares? This will literally never be traced back to you if you take the proper precautions. Even if they do have your actual IP, that's just an idea of the 20 mile radius that you live in. What are they gonna do? knock on every door in your neighborhood trying to find you? And if you used a proper email for this then you kin

 

[MAPK phosphatase]

Cant access the file. I know Im in there, but anything incriminating?

Hell, I don't remember half the things I did or said a year ago, much less since 2017.

13 IP addresses, all IPv4, and your .lolcow email. I'm not going to look any deeper because there are other things I want to do with my life than be the leak messenger. If you didn't post anything incriminating or identifying, they don't have anything incriminating or identifying.

 

[PlasticOwls]

who cares? This will literally never be traced back to you if you take the proper precautions. Even if they do have your actual IP, that's just an idea of the 20 mile radius that you live in. What are they gonna do? knock on every door in your neighborhood trying to find you? And if you used a proper email for this then you kin

I used a lolcow email I never logged into ever again. I don't even remember my password.

I did live in two different countries with 3 different houses. If anyone does find me, kudos on you.

 

[Maxliam]

Don't just use a VPN, do what I do and jump servers every so often. Sometimes I use a Dallas one, sometimes an Austin one, sometimes a Swedish one, etc. Make it a guessing game for those fags. Also whoever attacked this site has a tiny penis, so small even I wouldn't want to suck it, lol

 

[User name: Required]

What timeframe were the leaks from anyways?

inb4 late

 

[Monika H.]

I knew what I was signing up for when I signed up for this site.

Just know that when they kick in my door and drag me off to the cultural enrichment center, my last words will be "FREEEEEEEEEEEEEEEDOM!"

FFY.

 

[Anrende]

I used a lolcow email I never logged into ever again. I don't even remember my password.

I did live in two different countries with 3 different houses. If anyone does find me, kudos on you.

You'll be eating your words when Kero and the gang are fucking your dog

 

[UH 157]

The hotmail account i used to register here has been locked by microsoft for unspecified violations of their terms of service.

I assume this has something to do with the kiwi leak because i have not used that email for anything else.

What do you think happened to it?

So i unlocked my hotmail account (please don't mock me for using hotmail) and there seems to be no suspicious login activity and no messages received. This makes me more curious because surely it's not a coincidence that they locked my email after the kiwi leak happened?

Anyway i guess i shouldn't have admitted to being an incel on here, but i will categorically dismiss it as a joke when confronted! They don't know it's actually true.

 

[SisterMichael]

Well tomorrow's stream will be some laugh

 

[Anrende]

So i unlocked my hotmail account (please don't mock me for using hotmail) and there seems to be no suspicious login activity and no messages received. This makes me more curious because surely it's not a coincidence that they locked my email after the kiwi leak happened?

Anyway i guess i shouldn't have admitted to being an incel on here, but i will categorically dismiss it as a joke when confronted! They don't know it's actually true.

It's possible someone tried to access your account after they obtained it and then microsoft locked it down due to this.

 

[Sam Losco]

Let's all do a class action lawsuit against Null for allowing this to happen. We can get Melinda Scott to write it up for us. Slam dunk.

 

[Coolio55]

What timeframe were the leaks from anyways?

inb4 late

Laughably tiny

 

[DidYouJustSayThat]

IP-s are not totally harmless - if your IP is permanent, it can be cross-referenced with leaks from other sites and connected to your other usernames and e-mail addresses.

 

[Basketball Jones]

Changed my password regardless of if I’m on the list or not because why not. I don’t really care what they think they can find with a trash email account that I use for shitposting during smoke breaks.