can we care about opsec now (archive.ph)

submitted 5 months ago by [email protected] to c/[email protected]

28 comments fedilink hide all child comments

We should be more careful. 1 in 30,000 is a pretty good chance to not get found out, but when it comes to videos with smaller viewcounts, we should not be allowing them to be shared.

Also we should do something about the tracking links that people keep sharing here willynilly. Even if it's just a rule change. Feels like 6 months since I last posted about this without change.

you are viewing a single comment's thread
view the rest of the comments

[-] [email protected] 21 points 5 months ago* (last edited 5 months ago)

I can't view the link (doesn't load for some reason) but I read an excerpt that was posted below and just wanted to say... we're all mega-fucked anyway if the feds/any of the Five Eyes agencies want to know who we are

Western intelligence agencies, in particular the NSA, have ubiquitous wiretaps/implants throughout internet infrastructure and considering the Hexbear server seems to be in a datacenter in France...

Deanonymizing measures like this are used when someone is difficult to identify by the usual means (like because they are using Tor or I2P or are connecting to a centralized service out of their reach that is used by many, many different, irrelevant-to-them people, although those aren't totally immune to massive internet surveillance either). But a place like this where we all connect to one server and everyone who visits is "suspect" by their standards? We are already fucked assuming we are on their radar

If you connect through a VPN you're not safe either (trivial timing attack). If you use Tor or something you might be safe... but it only takes one slip-up because this is a clearnet site and you might not even realize you made it

[-] [email protected] 17 points 5 months ago* (last edited 5 months ago)

This is all true, but there's more to worry about than just feds. Similar deanonymization attacks can be leveraged by fascists and liberals who want to harass our users. Not compelling google to reveal IPs, sure, but linking to a malicious domain (and obscuring the link destination with markdown), or to a targeted social media post and seeing who interacts, or a bunch of other vectors.

No reason to make attackers jobs easier, but also true that even the most careful of us should not feel a false sense of security

[-] [email protected] 12 points 5 months ago

Completely agree, we should be wary of that

this post was submitted on 29 Mar 2024

70 points (100.0% liked)

technology

22835 readers

1 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.

founded 4 years ago

MODERATORS

[email protected]