General security precautions when posting online, learn from others' mistakes

Discussion in 'Art of Technology & Security' started by pumpingiron22, Mar 14, 2016.

  1. pumpingiron22

    pumpingiron22 VIP Member

    Mar 2, 2014
    221
    38
    GENERAL SECURITY PRECAUTIONS WHEN POSTING ONLINE, LEARN FROM OTHERS' MISTAKES

    Next I want to talk about good practices when using TOR, Tails and other hidden services.

    First of all, it is highly recommended that you use multiple identities online for different things. Perhaps if you are a buyer and a seller on Silk Road, you may want to have separate logins for this. And then possibly a third login for the forums. Then maybe you want to be part of another marketplace, then you might want a fourth login.

    Well, Tails has another good program offered by Tails is called KeePassX. When you have multiple logins, it is hard to keep track of them all, so it might be a better idea to keep them all in 1 document that is encrypted with a strong password. KeePassX can help you with this.

    https://tails.boum.org/doc/encryption_and_privacy/manage_passwords/index.en.html

    You never want to use nicknames or locations, or anything else that is related to yourself online when you post or create usernames. And another thing you need to adopt are new ways of conducting yourself. If you are generally a messy typer, who makes the same grammar mistakes, or the same spelling mistakes all the time, this can be used to identify you. Always proof read anything you post publicly, or privately because the feds will always find ways to correlate things to you.

    With Ross Ulbricht, they found an old post he posted on a forum when he first started Silk Road asking people if they had heard of a marketplace called Silk Road. Obviously this is an old trick used by people trying to spread awareness about a new project of theirs. Later he identified himself by saying he was looking for programmers and gave out his private email address on the same forum under the same name.

    But if you always misspell the same words, if you always use the same slang terms, capitalize the same words, use a certain amount of periods after an etc.... or always use the same number of !!!!! then all of these things give them reasonable suspicion and it becomes easier to tie things to you. Once they have you under their radar, like they had Ross, it only took a few slip ups and he was theirs. Remember, you only have to make one mistake. So talking about your local election is a really dumb idea, get it?

    Think about the time you use your computer. Is it easy to correlate your timezone based on the time you go online? Or is it more random? Do you have patterns that are predictable? Always think about these things when you post online. Always think about what type of personality you are putting out there about your online name.

    Expect that every single word you type online is being read by the Feds. To them, this is much easier than tracking drug lords on the streets. They sit in an office and read forum posts and try and make connections. Don't underestimate the feds. Always treat everything as compromised, always treat everybody as compromised and don't ever think anybody will ever go to jail for you. If somebody can avoid 10-20 years by ratting you out, they will do it in a heart beat.

    The perfect example is Sabu from LulzSec. After he was busted and facing 112 years in jail, they made him a deal to help them rat out his friends and he ended up getting many of his "friends" arrested. Even people who are your friends will turn their backs on you when it comes down to their freedom.
     

Share This Page