2023 Security Check-up Reminder

[CognitiveDeficiency]

Just because you're paranoid doesn't mean they aren't out to get you.

Also PROTIP: THEY *ARE* OUT TO GET YOU.

Not a lie found

 

[quackrock]

Too weak.

smashthestateinminecraft would be impossible to crack by brute force and there is no way you would forget it.

Smash the State

Smash the State is an optional side quest in Deus Ex: Human Revolution, and has a similarly named achievement/trophy for completing it. It is given to the player by Officer Nicholas. It is also the name of the related achievement for completing the quest. After obtaining Isaias Sandoval's...

deusex.fandom.com

 

[deepFriedBaka]

If your cipher actually allows for ridiculously long keys, that's a different story. But most password managers use AES for this kind of stuff.

Yeah, I kind of got carried away and started sperging a bit over password stuff (really, it was more of a copy and paste thing). Apologies.

 

[G19]

You would be shocked what your browser remembers. If you don't watch out it will save your full identification number(SSN for americunts), drivers license number, birthday and then upload that shit to the cloud where Microjew or Jewgle can use it for who knows what perfidous purpose.

Christ almighty you just reminded me Jewgle saves passwords into your jewgle account as well. Time to sweep sweep sweep.

 

[quackrock]

Yeah, I kind of got carried away and started sperging a bit over password stuff (really, it was more of a copy and paste thing). Apologies.

All good, gave me the chance to show why crazy-long passwords don't increase security. Incidentally, this may be why that XKCD strip uses four words instead of five or more. 32 characters, usually 8 bits each as the Web runs on UTF-8, is the longest useful password length with AES-256.

The maximum useful password length is probably even shorter if your service provider or password manager (hopefully) salts password hashes, since the salt counts towards the hash function input length.

 

[Null]

To the retards arguing in this thread,

1. Good password managers are open source and audited. Encrypted vault content will take longer to decrypt than you will be alive to deal with the fallout.
2. Remote password vaults provides one benefit over local: 2fa. With 2fa, even having your master password does not decrypt the vault.
3. ProtonMail responds to Swiss court orders and makes note of it. They turned over an IP address after a court order. All services do this. Google receives hundreds of thousands a year.
https://transparencyreport.google.com/government-removals/government-requests?hl=en_GB

 

[Something Awful]

I'm not waddling through 16 pages so I don't know if it was said but I must say, don't use the same speech patterns, idioms, etc. that you use in your day to day life when shitposting online. This is literally how Uncle Ted got caught.

lol I don't think they're going to put an FBI task force on analyzing the writing patterns of a bunch of shitposters. What are you doing here that you're afraid of "getting caught"?

 

[YourFriendlyLurker 2.0]

1. How are password managers safer than a pen and paper?

I don't get the reasoning of people NOT using password manager.

If you happen to be swatted for some random reason and your things like papers are sized, all your accounts would be fucked. For those true and honest nothing to hide types - There is no such thing as innocence, only degrees of guilt (c). At least think about your girlfriend / mom discovering those "papers" and your extreme autism afterwards.

 

[mindlessobserver]

I don't get the reasoning of people NOT using password manager.

If you happen to be swatted for some random reason and your things like papers are sized, all your accounts would be fucked. For those true and honest nothing to hide types - There is no such thing as innocence, only degrees of guilt (c). At least think about your girlfriend / mom discovering those "papers" and your extreme autism afterwards.

There is a way around this outside context scenario too. On your hard copy of your accounts and passwords, write in big bold letters "Confidential, Attorney/Client Communications".

Then take that hard copy to a lawyer when you fill out your Will and Testament (You retards HAVE written one, right). Include your master list of written down emails, passwords, and accounts in the will. Have your lawyer sign off on it, along with the person(s) allowed to access it only in the event of your death.

Congrats, your notebook is now sealed by the 5th and 6th Amendments. The FBI needs to get a warrant specifically for the purpose of even opening it. Only in America though. Everyone else in thr world is fucked

 

[Cats]

KIWIS ARE MY FRIENDS

 

[TheBigZee]

When I get a chance I will take a look as well.

For the time being I checked all of the jar files using VirusTotal and one of them stood out in both cases.

https://www.virustotal.com/gui/file/d1334291622b0f25e4c0864dfd49e3147f1ed6f9bdd2306c4c3b4f9ed4a93584/details

https://www.virustotal.com/gui/file/fd514f7e2c12b5009b8f2e380e112879a8f7df34a581255a445e6e9acea1aab2/details

The same file in each .zip was modified within the past few weeks and have interesting names from a prior upload. Note how the first submission was submitted shortly after the file was likely last modified, indicating whoever was involved uploaded it while working on it.
View attachment 4734582
View attachment 4734826

I spent a lot of time to learn two things:
Minecraft players call almost all malware mods RATs - apparently the first major minecraft malware was a real RAT and they kept using the name. When people said chadbere's computer had a RAT on it, they meant RAT in the minecraft sense. Not in the back orifice sense.

Something in this zip (on linux) attempts to open a directory, and then sends a small number of bytes. My guess is that it bombs early on in the payload and jumps to the end of the exception handler.

So you were right, not saving information in the browser might have helped a lot.

 

[CuzinEd]

I think everyone is overlooking the fact this only happened because a woman was running this shit. Only woman would do something like this.

 

[quackrock]

Christ almighty you just reminded me Jewgle saves passwords into your jewgle account as well. Time to sweep sweep sweep.

You can turn off cloud sync or set a master password in Chrome for client-side password vault encryption. Google pinky-swears they will never, ever log this master password or export your password vault from Chrome, but they could if they wanted to. So still a good idea to leave Google.

lol I don't think they're going to put an FBI task force on analyzing the writing patterns of a bunch of shitposters. What are you doing here that you're afraid of "getting caught"?

They don't have to, that sort of thing is automated now. This kind of pattern analysis is easy for computers to do. Can't find the link, but someone recently made a Hacker News comment analyzer that produced a list of likely alts for a given username. It found several of my older alt accounts and honestly kind of freaked me out.

 

[YourFriendlyLurker 2.0]

Congrats, your notebook is now sealed by the 5th and 6th Amendments. The FBI needs to get a warrant specifically for the purpose of even opening it. Only in America though. Everyone else in thr world is fucked

It's good to live in a country with 5th and 6th Amendmend. In a shithole country the only person who protects your shit is you.

 

[Wodanaz]

Based except password managers are talmudic, use your memory. I use unique 25 character passwords on each website I'm registered on (not many) and I keep all of them only in my memory and nowhere else. How? The first 15 or so characters are the same for each website and it's only there to provide entropy so you're safe against brute force attacks; the second part of the password is unique and based on a common pattern you can deduce when you want to log in, e.g. the pattern could be each site's name in reverse like smrafiwik or elgoog. This part is useful so if a databreach happens on that site, you won't be compromised on other websites. I obviously don't use this particular pattern, but you can get creative and then you only have to remember the pattern and the universal part of the password, this way you don't have to rely on software and it also gets your noggin joggin.
You may give me the autistic rates now.

You know the point of computers is actually so you don't have to do all this menial shit yourself in the first place. Just use something like keepass which is local only. Keepass2android for mobile, simply copy the database file from your pc to your phone. People these days are seriously so fucking lazy that they think copying one small file is a chore that should be offloaded to a cloud computing program instead. Just lol.

Also gregtech is the best minecraft mod.

 

[Emperor Yakub]

You'd think using a throw away email for online services where you call people niggers and kikes in would be second nature but here we are.

 

[HahaYes]

Imagine using your word or edu email for shitposting. An unsaveable level of retard

 

[Banquet Meal]

wow, i guess im a retarded niggerfaggot, i am absolutely computer illiterate, and idk..i thought it sounded fun. thankfully, i got rid of it, because it felt off, but still... how embarrassing. will gladly take my trash cans, i deserve them i think!! ugh

ETA that one thing in my favor that i have learned in my short time i guess is that i use a completely separate email on here and nowhere else, so hopefully i will continue to learn how not to be an absolute dumbass.

 

[Don Yagon]

Imagine using your word or edu email for shitposting. An unsaveable level of retard

There was at least one account with .gov email in the 2019 leak.

 

[Takodachi]

Damn, I'm gonna miss chudbuds, I tried to use poast for a while but graff is a fucking schizo and his bi-weekly spergouts get tiresome after a while.
I can't even remember which email I used to register to chudbuds

Also
>sending nudes
when will women stop being retarded

Lol, lmao even.

ngl, I do miss the kiwi server, those were the most fun weeks i ever had in minecraft.