2023 Security Check-up Reminder

[Super Guido]

Crackers do this with leaked password dumps already. They use the dumps as their core dictionary and start modifying the entries to broaden their attack.

What is useful though is: Using myEmail+registeredOnSite@provider.tld
The sites can of course filter this, but you can easier sort incoming mail and possibly see when a site had a leak.
The "+registeredOnSite" part is ignored during email routing and you get the mail at myEmail@provider.tld.
(Similar to Gmail, where it ignores anything appended with a . to your regular address name)

This works, because one of the biggest implementations used as MTA does this. So you need to
check if it actually works with your provider!


Too bad lots of sites limit the password lengths or won't allow spaces (underscores work ok though).
I just don't understand why they would limit the length so much. Often only 16, 20 or 32 characters are allowed. 32 are borderline ok...

It drives me nuts when sites don't allow special characters. It doesn't happen as often as it did 20 years ago, thankfully. I used to use a site that wouldn't register if you put a ? in your password; it'd accept the input when changing the password but if you tried logging in with it, it would say your password was incorrect.

 

[Aidan]

Again, missing my fucking point. My point is that despite talking about being "private", they are more than willing to log and hand over information to police that are under the direction of a different country. Yeah, despite it being the Swedish police, it was under the order of France. Whether or not giving information to police who are under the direct order of another country means that the CEO himself lied when he claimed "they won't give information to other Eurpool members" is up to you. Personally, feels pretty mafia-esque.

Likewise, nothing you said addresses my point of ProtonMail actively lying to users to the point that they changed their policy. I don't give a fuck about how null runs his house. How about actually arguing the points I make next time? You know, the whole them misleading users thing?

The fact is, Protonmail didn't have a choice. Maybe they were naive initially, maybe they intentionally misled users, either way it should be a lesson learned for everyone that no company can just tell government authorities to fuck off with a request like that.

 

[Dr. Matthew C. Harris]

I feel really bad for this woman. I don’t know anything about her or her site but I can’t imagine doing this to somebody, even they were really stupid. I know nobodies opsec is not gonna be watertight but there’s basics she could have done to have minimised the damage here. I can’t imagine the malice that goes into doing something this deliberate. It’s as bad as the troon DDOS attacks.

Don’t have nudes, keep all your files on encrypted drives on external HDD’s or mega folders, different devices for different things. Just basic stuff. Providing people aren’t stupid the password leak shouldn’t be the end of the world.

Girl just wanted to install a minecraft mod, ffs

I'd just like to add that not everyone can afford to have multiple devices (bar phones, and doing computer shit on a phone is... eh...). Encrypting files really depends on what info we're talking about. Doubt anyone cares about NIGGER.jpg in someone's images folder. Meanwhile, personal, and especially family photos are something that ideally shouldn't be on the pc altogether.

Nudes shouldn't even exist. Call me a prude, but it's so odd to store nudes on your machine when who knows what actors might get access to it. And 99 times out of 100 the nudes were taken with the aid of a globohomo phone, which means that Larry Fink is likely already jacking it to your tits or dick as we speak.

 

[Day of the Cope]

The fact is, Protonmail didn't have a choice. Maybe they were naive initially, maybe they intentionally misled users, either way it should be a lesson learned for everyone that no company can just tell government authorities to fuck off with a request like that.

Trying to argue between "incompetence or malice" seems like a pointless endeavor to me. If those are the only excuses for a company, no one should be doing business with them.

 

[P0T4TOE]

Chudbuds.lol may be the gayest idea in the history of gay ideas.

 

[reptile baht spaniard rid]

Enlightening and kinda funny. During my look last night my guess was the same as far as dropping a small payload that then does the dirty work. I'm not familiar with JEI but the authentic jars tended to be a few hundred KB smaller than what was in the chudbuds zips.

At this point I'm casually curious.

there was some digging into it in the chudbuds thread - start here https://kiwifarms.net/threads/poa-s...scussion-thread.129209/page-161#post-15335500

 

[Neodymium-60]

I've never used a password manager mostly I write my passwords on a notepad file and then on a piece of paper.

 

[Weeb Slinger]

Hello again friends. It's me again here to remind you to not be retarded.

This should be the standard opening for all work-related emails.

 

[TheAntiCoomer]

I will never understand having nudes, why would you take and save naked pictures of yourself if you weren't completely self absorbed?

 

[Matt Damon]

if you weren't completely self absorbed?

That describes like 85% of the world's population.

 

[IamnottheNSA]

If you happen to be swatted for some random reason and your things like papers are sized, all your accounts would be fucked. For those true and honest nothing to hide types - There is no such thing as innocence, only degrees of guilt (c).

Also, to anyone reading this - keep in mind that when a government intelligence agency has a vested interest in you, your life is in the hands of people that are willing to torture and murder you and people close to you (and will probably enjoy doing it), and the laws of the country you're in don't protect you anymore. No encryption will save you here.
This is probably why @AltisticRight freaked the fuck out to such an extent.

 

[Telemeter]

So there is one more recommendation i would offer.

Have 2 password managers.

As long as you are not a complete fuckup that is disowned and estranged from your family (for example: a troon; a 5'1" gunted pill-popping closeted homosexual, etc.), there will come a time where you will want to hand over your main password to a loved one, this WILL happen to all of us, it just hasn't happened to enough internet savvy people yet for the young ones to think about it.

So, have one password manager account for all your truly personal identifying stuff, your main email account, credit card data, facebook account, bank accounts, employment passwords if they apply, etc. Keep nothing here that you would not want to be known if you are on your death bed.

Have a separate password manager for The Sektur, put all your shameful shit here, if you ever need to do a "virtual bug out" getting rid of it would be as easy as deleting whatever app you have installed on your computer to access it. Never share it, never even acknowledge it.

Also, even if someone manages to get their hands on your computer, they will need to do twice the work to connect your online persona to a real name, or vice versa.

If it sounds cumbersome, just install 2 different password managers, there are a ton of services, BitWarden, 1Password, Dashlane, KeePass, etc. That way you can just access the proper vault for the proper use and it will become second nature after a day or two.

Do this and when the time comes it will lift a weight off your shoulders as well, you will have no qualms about setting your affairs in order because theres all kind of data regarding how obsessed you were with a gay gunted manlet or any other degeneracy you indulge in.

 

[Matt Damon]

So there is one more recommendation i would offer.

Have 2 password managers.

As long as you are not a complete fuckup that is disowned and estranged from your family (for example, a troon, a 5'1" gunted pill-popping closeted homosexual, etc.), there will come a time where you will want to hand over your main password to a loved one, this WILL happen to all of us, it just hasn't happened to enough internet savvy people yet for the young ones to think about it.

So, have one password manager account for all your truly personal identifying stuff, your main email account, credit card data, facebook account, bank accounts, employment passwords if they apply, etc. Keep nothing here that you would not want to be known if you are on your death bed.

Here's an idea: if there's anything so outrageously incriminating or embarrassing on your computer that you're truly concerned about it being found after you die, maybe don't fucking do that thing in the first place.

 

[Telemeter]

Here's an idea: if there's anything so outrageously incriminating or embarrassing on your computer that you're truly concerned about it being found after you die, maybe don't fucking do that thing in the first place.

LOL, that is entirely subjective. Just having a KiwiFarms account is enough for many.

Also, most people are just too young and nihilistic to consider that there will come the time when you want to leave something behind, if you don't understand that, you really must have fucked up.

 

[Abbadon's Gate]

I will never understand having nudes, why would you take and save naked pictures of yourself if you weren't completely self absorbed?

I only have other people's nudes. Trophies should be won in battle and not readily disposed of.

 

[DumbDude43]

As long as you are not a complete fuckup that is disowned and estranged from your family (for example: a troon; a 5'1" gunted pill-popping closeted homosexual, etc.), there will come a time where you will want to hand over your main password to a loved one, this WILL happen to all of us, it just hasn't happened to enough internet savvy people yet for the young ones to think about it.

why? just let your internet footprint die with you. the things that are important and long lived enough to still matter to your heirs after you die you should have in physical form anyway (legal and financial documents etc)

 

[Matt Damon]

Also, most people are just too young and nihilistic to consider that there will come the time when you want to leave something behind

And the legacy you want to "leave behind" will be attached to your computer password manager? And being found out having a Kiwi Farms account will ruin that?

What the hell are you talking about?

 

[Narcotics]

Recently i was retarded enough to lurk around my spam folder on my mail and stupidly clicked on a phishing link, instantly rushed to change passwords on everything and activate 2fa to everything important.

Don't be retarded frens

 

[Telemeter]

And the legacy you want to "leave behind" will be attached to your computer password manager? And being found out having a Kiwi Farms account will ruin that?

What the hell are you talking about?

You obviously own no data worth anything and have no one you care for more than yourself, so disregard my post, LOL.

 

[Neo-Nazi Rich Evans]

I feel really bad for this woman. I don’t know anything about her or her site

dont feel too bad for her. what i gather reading the thread on the leak itself was:

a) she was engaged in some very gayops with a group of massive faggots. she isnt just innocent girl who only wanted to minecraft.
b) supposedly people who know opsec tried to tell her what to do and she never listened. typical woman moment. she admits to not knowing but refused to listen to people who do know.
c) she was running chudbubds mostly as a way to get attention from daddy jim (who ignored her btw)