fadedghost
Found SaSu after reading BBC & watching YouTube
- Dec 10, 2025
- 742
I asked a mod to edit this and add this at the top. I may be wrong about what I have written and don't want to cause alarm. This can probably be ignored for now, especially because I am not seeing the same "canvas extraction" indicator I saw before. This is really more of a technical question for techies and or @EmptyBottle and I don't want to worry non-technies, so please don't be concerned for now. This was also a specific concern with my network and something called packet injection or code injection and really is very technical and obscure for people accessing the site in very unusual ways. I don't have any data or evidence that consistent extraction is occurring and was responding to a possible anomaly in my browser and probably did phrase this poorly at the time.
I am not entirely sure what to make of this. I don't know if this is a malicious exit node or what is going on.
For those who understand this (aka @EmptyBottle and possibly also my arch enemy @GlassMoon), it could be a MITM thing?
My SaSu https cert SHA-1 is 7C:EB:AD:FA:E9:91:0F:63:28:6C:EB:8B:BF:33:28:10:8A:40:EC:4D. It's probably right?
I know cloudflare.com scripts are running, I am blocking javascript from cloudflareinsights.com, so that's not what's doing it, and jquery.com is loading scripts also.
I just don't know what gets done with the data. Is some 18 year old using their phone and chrome and matched to amazon or their bank going to end up applying for a job and this gets into the "personality insights" that data brokers offer up to third party companies who offer info on applicants? It just seems sketchy. If it were only about marketing betterhelp and mirtazipine to depressed teens, I wouldn't give a fuck, but that's not how data works, and most people don't know this. @EmptyBottle may know it. @GlassMoon probably thinks about it, but doesn't understand it, because that's just how glassmoon is, always plotting sneaky things and not really getting it because he's too busy plotting...
I am not entirely sure what to make of this. I don't know if this is a malicious exit node or what is going on.
For those who understand this (aka @EmptyBottle and possibly also my arch enemy @GlassMoon), it could be a MITM thing?
My SaSu https cert SHA-1 is 7C:EB:AD:FA:E9:91:0F:63:28:6C:EB:8B:BF:33:28:10:8A:40:EC:4D. It's probably right?
I know cloudflare.com scripts are running, I am blocking javascript from cloudflareinsights.com, so that's not what's doing it, and jquery.com is loading scripts also.
I just don't know what gets done with the data. Is some 18 year old using their phone and chrome and matched to amazon or their bank going to end up applying for a job and this gets into the "personality insights" that data brokers offer up to third party companies who offer info on applicants? It just seems sketchy. If it were only about marketing betterhelp and mirtazipine to depressed teens, I wouldn't give a fuck, but that's not how data works, and most people don't know this. @EmptyBottle may know it. @GlassMoon probably thinks about it, but doesn't understand it, because that's just how glassmoon is, always plotting sneaky things and not really getting it because he's too busy plotting...
Last edited by a moderator: