Posts by error@spinster.xyz
(DIR) Post #A3gZoxwZWZ206VRJDs by error@spinster.xyz
2021-01-28T04:58:41.051271Z
0 likes, 0 repeats
@Butterfly_tsuji @Icarus_girl96 @SphinxSister Thank you for valuing my input but I am male and not female ahhh help I've been mis sexed XD LOL couldn't resisit.Yes my past days as a bounty hunter of sorts exploited collected metadata among other measures to track bounties as well as social activity of those close to the target. Recently this was done on a huge scale utilizing facial data and Parlers horrendous security.As far as mobile phones are concerned most include a secondary "emergency power supply" attatched to the baseband of the board allowing for limited geo location for use with natural disasters and missing persons although this feature with many others are routinely abused to track dissidents as well as surveil parties of interest in corporate espionage, abusive families, etc.
(DIR) Post #A3gcCg7tcVc3hdAfK4 by error@spinster.xyz
2021-01-28T05:25:22.807282Z
0 likes, 0 repeats
@Butterfly_tsuji @Icarus_girl96 @SphinxSister And lets not even start to get into carrier vulnerabilities and SS7 or even SIM cards themselves that utilize ANCIENT protocols that often don't even require proper authentication similar to how the SWIFT transfer protocol functions for banks, these types of infrastructure are essentially full of holes and often times intentionally kept out of date to make honeypots or expected to be exploited infrastructure so as to know where and how and attacker will gain access in a very devil you know is better than the devil you don't situation.https://simjacker.com/This vulnerability affected something close to a billion mobile handsets, which equates to a significant portion of the planets internet population.
(DIR) Post #A40UxLPBAzlXEvteIi by error@spinster.xyz
2021-02-06T19:38:39.421535Z
1 likes, 0 repeats
@thor Depending on the manner and standard of testing, I would love to get better with cyrillic for the more in depth research data
(DIR) Post #A40k9P9QZcB3e3jnoO by error@spinster.xyz
2021-02-06T22:28:55.473269Z
0 likes, 0 repeats
I just heard the best shit, a friend of mine just got blocked and suspended from Facebook for responding "Ok Furry."XDDDDD
(DIR) Post #A4au129LMoKO8n9VmS by error@spinster.xyz
2021-02-24T09:09:13.166193Z
0 likes, 0 repeats
@Hollahollara @diversity_racket @Monchalant "Civil Behavior" at least in my opinion is for discussion that are fundamentally neutered, in order to have the full breath of any discussion there needs to be at least a measure of honesty in that neither party should have to filter thoughts or actions in order to placate the other.I say this as someone who has very vocal discussions that are not always compromising but argueably more productive in that they allow for both parties to give and receive there points without the confusion of overly complicated human dynamics designed to signal distress to topics and subjects that could otherwise be sorted in a few sentences i.e. question, answer, discourse, solution, etc. without having to resort to polite monologue without flow or discussion relevent to the topic at hand.
(DIR) Post #A5K0s9xCCni7EQDunA by error@spinster.xyz
2021-03-18T03:28:38.228785Z
0 likes, 0 repeats
I have to admit this news made me sooooo happy!!!!! Here is a giant I FUCKING TOLD YOU SO to every one of the Sky ECC shills. Read it and weap. https://www.skyecc.com/
(DIR) Post #A5K2P9XerF19SrZgiu by error@spinster.xyz
2021-03-18T03:45:48.596191Z
1 likes, 0 repeats
I have to admit this news made me sooooo happy!!!!! Here is a giant I FUCKING TOLD YOU SO to every one of the Sky ECC shills. Read it and weap. Anyone can make a better device than these idiots using PGP or an encrypted messenger like Briar that does NOT rely on a single point of failure like this companys infrastructure OR rely on BlackBerry End Point Management which has been proven to be backdoored and readily accessible to anyone with the ability to type and use an office suite program to print out a "warrant".Moral of the story use open source software and products not proprietary smoke and mirrors and the continual pain in the ass of using resellers instead of directly offering a product.https://www.vice.com/en/article/epd3km/sky-ecc-hacked-fake-apphttps://www.vice.com/en/article/4adzdj/sky-secure-global-indictmenthttps://www.vice.com/en/article/g5bagw/sky-secure-global-ecc-ceo-indicted-clear-namehttps://www.vice.com/en/article/88aybp/sky-secure-shuts-down-blackberryhttps://www.skyecc.com/#security #privacy #mobile #phone #anonymity
(DIR) Post #A6EBoLoo0rokT6DKr2 by error@spinster.xyz
2021-04-14T05:55:24.828135Z
0 likes, 0 repeats
@mushroom_soup When ever I see these photos I'm reminded of a hearse.
(DIR) Post #A6tovF1DSau9qdfGFs by error@spinster.xyz
2021-05-04T07:55:05.649055Z
0 likes, 0 repeats
I'm BAAAAACCCCKKKKKQue ascending and or annoying music in the background as the IRL bullshit sinks into the depths.
(DIR) Post #A6xtTqDaptmjW130S0 by error@spinster.xyz
2021-05-06T07:05:00.640628Z
0 likes, 0 repeats
@BCLADY mmmm yummy rubles
(DIR) Post #A6xuNJC4o6xvJBmr2W by error@spinster.xyz
2021-05-06T07:15:01.991730Z
0 likes, 0 repeats
Here is an excerpt of a very reputable site, with an attack method I've mentioned before concerning fake legal documents. Thankfully these measures were somewhat mitigated via the full disclosure of the website admin allowing page visitors to see the issue and take appropriate measures.This particular attack method affects ANYTHING attached to a domain registrar and should be used as a learning method for both website administrators as well as regular users to verify websites using archives as well as by checking for out of the ordinary signs like changed urls, payment addresses, etc.THIS DOMAIN WAS HIJACKED BY A PHISHER. A phisher convinced Tucows to transfer the domain "dark.fail" and served phishing links right here for over four days. Here is my signed statement following the attack. My Twitter followed the events as they unfolded.You may have been phished. If you researched any darknet sites using links here during the phishing attack and did not PGP verify the .onion URLs you may have been phished.For now, Dark.fail is only accessible at darkfailllnkf4vf.onion by using Tor Browser while we audit our security. Our .onion site was not affected in any way by this attack.-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256If you visited sites listed on the clearnet domain "dark.fail"between April 29th through May 5th 2021 you were phished and shouldrotate all credentials immediately!DarkDotFail has regained control of the domain "dark.fail", theTwitter account "@DarkDotFail", the Reddit account "/u/DarkDotFail", and the email address "hello@dark.fail". Thank you Njalla for your tireless work in getting our hijacked domain back. The attacker was unable to get past 2FA on our Twitter, Reddit, and Email. They didnot access any existing messages nor servers. Emails sent to any address @dark.fail during the attack were received by the attacker. Our .onion site was not compromised. Our OPSEC is fully intact.A phisher stole our domain and operated it for four days in a highly sophisticated attack that bypassed all security protocols we had in place, including 2FA. The attacker sent a fake German court order to Njalla's partner Tucows and convinced them to transfer our domain to Namecheap. They then listed 68 phishing replicas of real sites onour domain, stealing an untold amount of cryptocurrency from these sites' researchers and users. They also hijacked DarknetLive.com.It took Namecheap four days to transfer our domain back to us.Read @brokep's summary of what happened for more information: https://twitter.com/brokep/status/1389314362561777665Every site listed on the domain "dark.fail" from April 29th through May 5th 2021 was a man-in-the-middle phishing proxy. Each site looked real but instead shared all user activity with the attacker, including passwords and messages. Cryptocurrency addresses displayedon these sites were rewritten to addresses controlled by the phisher, intercepting many people's money.DarkDotFail's .onion address was not affected by this attack. No phishing sites have ever been displayed there.As long as we are maintain a clearnet mirror, we cannot fully promise that this will not happen again. The domain name system is centralized and proneto human error and deceit.Always check /mirrors.txt and PGP verify it. Researchers that PGP verified sites before interacting with them during this attack outsmarted the phish.This unprecedented attack has set back our entire community. We are implementing ways to rely less on the antiquated domain name system used by the clearnet and to move to decentralized DNS alternatives.We are infuriated that our trusted name was used for harm.Devastated, motivated. Big changes are on their way.DarkDotFail-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEfW0DbC7R6OyjEztdZcgjJbAZcsUFAmCR9w0ACgkQZcgjJbAZcsW8WRAArtcUkkIu/12fiFfv0gt7FDNM6shzwgBpb7DBOTX5P0PIm78V5wxB1VVBdTBn43o9YRQY95prUnoZ1tYTC5Y+EmetvLgK/ZBaWiSS/pqMTvlIuIgKYInzz4ps8ws6b+E/4WnhFmXuBeVz/CiL20sQum50hKTWRotFLlpAuxrMTr4VYrwAk1JZV96l3c54dWg/aP4cXvtQCuiXL94iY/TNiXUJ+nxT/QJLSALh0PS2lhQtmPCgYKT6smnKnUBB3o/S2y3McNue4NSisFA2Qw6qbrUh/LEBWRi9e8cCIdpkWcO809Y1lDpY+R+IAKfxB072I54ZNuLuIG2iWwVftcTqBKmV0ePPubfc0nKzpkyzT/8LmhzWfk9bY/BVI4WjJrDl4llbun2Ip8uUEugri95Frl3hLr21qipBML4fe6poqvrGepM2ZXlZpzwSTAtc5uBZDE5XrOl3vGJetF/uBu+YQBPiFsxxXrUQvE7bzPnwB4wvGDJ3T6lIJXED9MXpU4p+2Vk9VbBUIJL1L2lz9tpkCtNXAfwCkunipOZo+VPGbAeanKqtOn71UwqHTYNJvKF3WoUh0mqQo3e49JJDgHSJjNO6+aYqJqJXobdycZBtjdwM9Oz+FMwwHw44512S21KENWFm4JajVC8S3Qg0Uu9Im+X5HKsh2QffXs3K306pKEE==5CMK-----END PGP SIGNATURE-----(Links to statements)https://dark.fail/https://twitter.com/brokep/status/1389314362561777665
(DIR) Post #A6xuS9qWzLa1lX1OkK by error@spinster.xyz
2021-05-06T07:15:54.744321Z
0 likes, 0 repeats
Here is an excerpt of a very reputable site, with an attack method I've mentioned before concerning fake legal documents. Thankfully these measures were somewhat mitigated via the full disclosure of the website admin allowing page visitors to see the issue and take appropriate measures.This particular attack method affects ANYTHING attached to a domain registrar and should be used as a learning method for both website administrators as well as regular users to verify websites using archives as well as by checking for out of the ordinary signs like changed urls, payment addresses, etc.THIS DOMAIN WAS HIJACKED BY A PHISHER. A phisher convinced Tucows to transfer the domain "dark.fail" and served phishing links right here for over four days. Here is my signed statement following the attack. My Twitter followed the events as they unfolded.You may have been phished. If you researched any darknet sites using links here during the phishing attack and did not PGP verify the .onion URLs you may have been phished.For now, Dark.fail is only accessible at darkfailllnkf4vf.onion by using Tor Browser while we audit our security. Our .onion site was not affected in any way by this attack.-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256If you visited sites listed on the clearnet domain "dark.fail"between April 29th through May 5th 2021 you were phished and shouldrotate all credentials immediately!DarkDotFail has regained control of the domain "dark.fail", theTwitter account "@DarkDotFail", the Reddit account "/u/DarkDotFail", and the email address "hello@dark.fail". Thank you Njalla for your tireless work in getting our hijacked domain back. The attacker was unable to get past 2FA on our Twitter, Reddit, and Email. They didnot access any existing messages nor servers. Emails sent to any address @dark.fail during the attack were received by the attacker. Our .onion site was not compromised. Our OPSEC is fully intact.A phisher stole our domain and operated it for four days in a highly sophisticated attack that bypassed all security protocols we had in place, including 2FA. The attacker sent a fake German court order to Njalla's partner Tucows and convinced them to transfer our domain to Namecheap. They then listed 68 phishing replicas of real sites onour domain, stealing an untold amount of cryptocurrency from these sites' researchers and users. They also hijacked DarknetLive.com.It took Namecheap four days to transfer our domain back to us.Read @brokep's summary of what happened for more information: https://twitter.com/brokep/status/1389314362561777665Every site listed on the domain "dark.fail" from April 29th through May 5th 2021 was a man-in-the-middle phishing proxy. Each site looked real but instead shared all user activity with the attacker, including passwords and messages. Cryptocurrency addresses displayedon these sites were rewritten to addresses controlled by the phisher, intercepting many people's money.DarkDotFail's .onion address was not affected by this attack. No phishing sites have ever been displayed there.As long as we are maintain a clearnet mirror, we cannot fully promise that this will not happen again. The domain name system is centralized and proneto human error and deceit.Always check /mirrors.txt and PGP verify it. Researchers that PGP verified sites before interacting with them during this attack outsmarted the phish.This unprecedented attack has set back our entire community. We are implementing ways to rely less on the antiquated domain name system used by the clearnet and to move to decentralized DNS alternatives.We are infuriated that our trusted name was used for harm.Devastated, motivated. Big changes are on their way.DarkDotFail-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEfW0DbC7R6OyjEztdZcgjJbAZcsUFAmCR9w0ACgkQZcgjJbAZcsW8WRAArtcUkkIu/12fiFfv0gt7FDNM6shzwgBpb7DBOTX5P0PIm78V5wxB1VVBdTBn43o9YRQY95prUnoZ1tYTC5Y+EmetvLgK/ZBaWiSS/pqMTvlIuIgKYInzz4ps8ws6b+E/4WnhFmXuBeVz/CiL20sQum50hKTWRotFLlpAuxrMTr4VYrwAk1JZV96l3c54dWg/aP4cXvtQCuiXL94iY/TNiXUJ+nxT/QJLSALh0PS2lhQtmPCgYKT6smnKnUBB3o/S2y3McNue4NSisFA2Qw6qbrUh/LEBWRi9e8cCIdpkWcO809Y1lDpY+R+IAKfxB072I54ZNuLuIG2iWwVftcTqBKmV0ePPubfc0nKzpkyzT/8LmhzWfk9bY/BVI4WjJrDl4llbun2Ip8uUEugri95Frl3hLr21qipBML4fe6poqvrGepM2ZXlZpzwSTAtc5uBZDE5XrOl3vGJetF/uBu+YQBPiFsxxXrUQvE7bzPnwB4wvGDJ3T6lIJXED9MXpU4p+2Vk9VbBUIJL1L2lz9tpkCtNXAfwCkunipOZo+VPGbAeanKqtOn71UwqHTYNJvKF3WoUh0mqQo3e49JJDgHSJjNO6+aYqJqJXobdycZBtjdwM9Oz+FMwwHw44512S21KENWFm4JajVC8S3Qg0Uu9Im+X5HKsh2QffXs3K306pKEE==5CMK-----END PGP SIGNATURE-----(Links to statements)https://dark.fail/https://twitter.com/brokep/status/1389314362561777665#security #privacy #tor #crypto #bitcoin #admin #anonymous
(DIR) Post #A9jhPFZDqp5bTYrm6q by error@spinster.xyz
2021-07-27T02:08:45.602941Z
0 likes, 0 repeats
@FemaleIsNotAFeeling @Gelatinousrube You rang? This tool may help however it is from a quick search and I addmittedly have not used it personally.https://github.com/JuanmaMenendez/website-change-monitor
(DIR) Post #A9jhPGRoZql4CsPNCa by error@spinster.xyz
2021-07-28T04:18:00.897209Z
1 likes, 0 repeats
@FemaleIsNotAFeeling @Gelatinousrube Very good to be back!!! Hopefully with more great content for the terfwebz
(DIR) Post #A9jkueF4SYxKqM6VYO by error@spinster.xyz
2021-07-28T04:39:54.540154Z
0 likes, 2 repeats
WHY NOT TO TRUST A VPN PROVIDERThis particular article perfectly describes the issues surrounding claims and actions of VPN providers, namely one that is very active in several activist and repressive regime circles.https://arstechnica.com/gadgets/2021/07/vpn-servers-seized-by-ukrainian-authorities-werent-encrypted/The short of the store is improper configuration practices allowing for the VPN server to function without storing logs and most importantly NOT changing configurations after functions became deprecated. Despite claims made in their privacy policy that is negated by this particular flaw.https://windscribe.com/privacyThis is inexscusable as it means that whomever is in charge of setting up said server(s) is simply using a copy paste config, the broader implications of this means that potentially more servers are at risk should they be seized.For anyone using a VPN it is important to take them with a grain of salt, namely realizing that even though they make claims of anonymity realistically this is impossible due to the nature of how networks communicate and that even a simple config mistake can have tremendous consequences.An example that I hope with help this resonate with sceptical users is that this particular flaw could have been exploited WITHOUT the server itself being seized, with all of its contents effectively been seen live in clear text.#VPN #Privacy #Security #Anonymity
(DIR) Post #AA2O0catPUrRVL85Uu by error@spinster.xyz
2021-08-06T03:49:51.445925Z
1 likes, 0 repeats
@GrumpyOldNurse @polarisera @ArtemisCitrine Is it bad that this is terribly sad but almost comical in a sense
(DIR) Post #AA3CIhpjfFgmfttAoa by error@spinster.xyz
2021-08-06T09:12:15.558121Z
1 likes, 0 repeats
@GrumpyOldNurse @ArtemisCitrine @polarisera I was thinking of the armageddon guy
(DIR) Post #AArtFMbM1AbceHQJA8 by error@spinster.xyz
2021-08-31T00:53:32.996242Z
1 likes, 0 repeats
@blingring @FemaleIsNotAFeeling @NightCrow If Duckduckgo is not to your liking there are a number of alternatives like:Serrx:https://searx.me/(Tor address)http://ulrn6sryqaifefld.onion/Qwant:https://www.qwant.com/Startpage:https://www.startpage.com/Metager:https://metager.org/Mojeek:https://www.mojeek.com/Yacy:https://yacy.net/
(DIR) Post #ARW8VZlLNampStznpQ by error@spinster.xyz
2023-01-11T00:47:36.595977Z
1 likes, 0 repeats
Guess who's back?ME
(DIR) Post #AReLbWGT1CqTvQRZZI by error@spinster.xyz
2023-01-11T00:45:14.636046Z
0 likes, 0 repeats
@You_cat_to_be_kitten_me @TheWitchBitch @zh0re @FreeRadicalWoman Sorry for the VERY late reply, your IP address is dynamic meaning it constantly changes. Unless the adversary in question already has access to your ISPs internal tools the best they can get is a city, however if you have identifying things like photos or the like in an account then those could be used to narrow down to particular landmarks like streets or restaurants.