Quick OPSEC tips

[anagram]

If you're dumb enough to use this website publicly (like me) and also on a PUBLIC NETWORK, here's some tips

NEVER use public networks especially ones that ask you to sign in and those sign in details having links back to you. This is for school, work, anywhere.
If you have no other choice, use TOR or a VPN. There's always systems in place to block websites like this and any attempt to go on the website will alert people (from experience)

Use your own mobile data as much as possible and with that data, use a VPN or TOR to be extra safe.
I got caught going on this site because I thought nobody would find out like an idiot and I'm just saying this so it doesn't happen to anyone else. They'll alert your guardians etc.

If any network asks you for information that personally identifies you such as your name, DO NOT USE IT. Period. I say don't use it for suspicious sites that raise alarms like this.

Also while you're at it, change site themes to make it seem like an ordinary website. I use the xenawesome theme.
There's no privacy in today's world remember that, it's like the gestapo secret police all over again.

 

[TheSpookyNameGuy]

Also i've seen people do "OPSEC" on websites but i've personally been able to compile a detailed dossier on them which most often has their location, due to the things they say thanks to this "Fake invisibility"

People are sometimes the easier thing to crack

 

[Proteus]

Also i've seen people do "OPSEC" on websites but i've personally been able to compile a detailed dossier on them which most often has their location, due to the things they say thanks to this "Fake invisibility"

People are sometimes the easier thing to crack

This. Gender is OK to give because it's a 50% roll. Age is always a bad idea for privacy, judgement even at 18+, etc. Birthday is way worse. Location is terrible. The time you post at can also give you away. This forum has an option to schedule messages, use it to scramble them across different times. If you have an unique typing style, change it, otherwise, you can be tracked among sites. Don't use your real name or say your relatives' name. Don't post real photos, and if you do, remove all metadata. Your social media presence can give you away if you share similar things.

That should be enough for other people tracking you. Else, anyone can look public registers, see your b-day, gender, country, and have a not too long list of people matching said info. Then, it's a matter of time looking social profiles until someone shares enough data with your profile.

 

[Suicidebydeath]

Any information is bad and can be used against you. Data breaches suck. Also don't use the same password in more than one place.

 

[DarkRange55]

I think it depends on how deep you want to go into this…

Nothing but a burner device is anonymous. The firmware in your router has backdoors built into it. The OS on your phone has backdoors built into it. Backdoors are found on OS all the time (even Linux). And sometimes even in hardware. The government paid companies to do this (yes, I know Linux is open source). Fingerprinting also breaks all of this. The way you type, the sites you visit, the size of your screen, the settings of your browser. All tells in a game of poker. The only secure computer is one not connected to the internet. Everything else is based on probabilities.

The Tor FAQ clearly states that exit nodes can eavesdrop. Tor anonymizes the origin of your traffic, and it makes sure to encrypt everything inside the Tor network, but it does not magically encrypt all traffic throughout the internet as users seem to believe. It does, however, layer your data in various obfuscation tunnels.
https://2019.www.torproject.org/about/torusers.html.en#military

If you are using a VPN with it, in case of deanonymization attacks to reveal your IP. Then, the government or would-be attacker only gets your VPN provider.
While the technology is cryptographically secure, it alone does not make you bulletproof. I would also be careful on which VPN you are choosing…

(Whoever controls the central communications nodes owns the internet of a country).

 

[Proteus]

The firmware in your router has backdoors built into it. The OS on your phone has backdoors built into it.

Could you, please, post some evidence of this? I hear this a lot, but there is nothing I'm aware to back it up. Processors can see anything on a device and the code is obscured, but none were caught sending data in years. Though vulnerabilities were found, which sucks.

 

[DarkRange55]

Could you, please, post some evidence of this? I hear this a lot, but there is nothing I'm aware to back it up. Processors can see anything on a device and the code is obscured, but none were caught sending data in years. Though vulnerabilities were found, which sucks.

Snowden: The NSA planted backdoors in Cisco products

'No Place to Hide,' the new book by Glenn Greenwald, says the NSA eavesdrops on 20 billion communications a day -- and planted bugs in Cisco equipment headed overseas

www.infoworld.com

I'm more so referring to the government. One of my friends sold super computers to the NSA in the 1970's. Another friend started a string of cyber security companies. Another has dual PhD's in math and aerospace engineering from Yale and MIT and created the software for analyzing photos that he sold to HP. if you'd like, I to ask one of them for more info + solid links. I'm personally not a computer scientist, myself. I more just know people in the industry.

 

[sserafim]

Is this site really that bad?

 

[DarkRange55]

Snowden: The NSA planted backdoors in Cisco products

'No Place to Hide,' the new book by Glenn Greenwald, says the NSA eavesdrops on 20 billion communications a day -- and planted bugs in Cisco equipment headed overseas

www.infoworld.com

I'm more so referring to the government. One of my friends sold super computers to the NSA in the 1970's. Another friend started a string of cyber security companies. Another has dual PhD's in math and aerospace engineering from Yale and MIT and created the software for analyzing photos that he sold to HP. if you'd like, I to ask one of them for more info + solid links. I'm personally not a computer scientist, myself. I more just know people in the industry.

Microsoft handed the NSA access to encrypted messages

Documents show company collaborated closely with NSA and FBI to help agencies intercept data

www.theguardian.com

Again, I've never claimed to be a computer scientist but my best friend is a career software engineer. I'll get back to you on this one
I'd assume as long as you're not a CIA target, it's not a problem.

How a Crypto 'Backdoor' Pitted the Tech World Against the NSA

How two Microsoft employees uncovered a suspicious flaw in a federally approved algorithm that some say is an NSA backdoor.

www.wired.com

https://www.reuters.com/article/idUSKBN27D1DO/

This has more links inside the article

Your Computer May Already be Hacked -- NSA Inside?

In a time of universal deceit – telling the truth is a revolutionary act. George Orwell In Russia, President Putin’s office just stopped using PC’s and switched to typewriters. What do they know what we don’t? Perhaps it’s Intel NSA inside. ——— For those of you who haven’t kept up, the National...

www.forbes.com

Again, I can ask some friends that are far greater sources of authority on the subject than I am

 

[Proteus]

Microsoft handed the NSA access to encrypted messages

Documents show company collaborated closely with NSA and FBI to help agencies intercept data

www.theguardian.com

Again, I've never claimed to be a computer scientist but my best friend is a career software engineer. I'll get back to you on this one
I'd assume as long as you're not a CIA target, it's not a problem.

How a Crypto 'Backdoor' Pitted the Tech World Against the NSA

How two Microsoft employees uncovered a suspicious flaw in a federally approved algorithm that some say is an NSA backdoor.

www.wired.com

https://www.reuters.com/article/idUSKBN27D1DO/

This has more links inside the article

Your Computer May Already be Hacked -- NSA Inside?

In a time of universal deceit – telling the truth is a revolutionary act. George Orwell In Russia, President Putin’s office just stopped using PC’s and switched to typewriters. What do they know what we don’t? Perhaps it’s Intel NSA inside. ——— For those of you who haven’t kept up, the National...

www.forbes.com

Again, I can ask some friends that are far greater sources of authority on the subject than I am

Thanks! I was thinking on hardware ones, those things freak me out. I was sadly aware of software ones, although they are more manageable. This things interest me, if you feel like pouring knowledge about the topic.

 

[indignity]

Is this site really that bad?

it logs everything. Certainly more than their privacy policy claims to. Nothing on SaSu is anonymous.

 

[recat]

its a good thing that there is nobody they can alert in my case. absolutely nobody

 

[indignity]

#1 Silence
#2 Compartmentalization
#3 Inconvenience
Follow these 3 general principles and you will be safe. You don't need DeSnake levels of opsec to carry out a suicide attempt.

 

[robotomy]

Also while you're at it, change site themes to make it seem like an ordinary website. I use the xenawesome theme.

Great unique suggestion about the theme change, it goes beyond checking the "hide logo" box in preferences (https://sanctioned-suicide.net/threads/mom-caught-be-browsig-this-site.161606/post-2480523).

BUT...maybe if another user IRL recognized your phone's SS theme, maybe you'd meet someone new to bond over this site? Just a half-joking idea .

Anyways, on my end I got this weird UI bug with xenawesome at the top of every(?) page. It takes up a ton of wasted space at the top:



Did you get that bug by default? Wondering if it's just me.

I then tried the only other non-ss theme, UI.x. But the search bar doesnt have the advanced search button.

So, back to xenawesome. mobile doesn't have the bug, so I can use a desktop extension, an element-blocker:

https://chromewebstore.google.com/detail/click-to-remove-element/jcgpghgjhhahcefnfpbncdmhhddedhnk

and checked the "remember" boxes for state-persistence (aka when you close the tab/browser, itll stay that way):



--------

BUT:

So far, it looks like this generic theme is clunkier and unsurprisingly missing some specialized UI features, like the "quick jump" drop-down element. There might be other trade-offs, so it's up to what the user wants.

I personally dont wanna work with UI in my future jobs, so I appreciate whoever worked to create the more specialized SaSu themes...especially with multiple iterations. A noteworthy improvement I noticed with the 2020 to 2022 version was the logo-hiding feature, which still shows on 2020 even if you toggled that setting.