Fair warning to my fellow goats - Account anonymity in anon subs is a fallacy and what you write can and will get used against you. (whatever)

submitted ago by NeedleStack

This post is an advisory to users that your username is connected to whatever you write in anon subs.

What you write can be seen by one or more devs who’ve been given that special access. But what you may not know is that they can and do use it against you as they’ve done with me in the past and as recently as yesterday. And one or more of those users who have this ability are part of SBBH.

Some history: One of the SBBH members had a hissy fit with me over a year ago and is probably the same user who would “miraculously” happen to know it was me when I would write certain things in anon subs in the past. I’d write something and they’d make a snarky remark revealing that they knew were talking to my account. It wasn’t a huge deal but it made me aware that my username could be seen by one or more users with this special access.

Back to present day: I’d never bothered to get caught up in SBBH drama until about a week ago when I started needling them in anon subs with a comment here or there regarding their questionable activities on voat.

It didn’t take long for one of them to take the bait and clearly refer to me when making this remark about my recent comments:

http://archive.is/eBPYZ

My account is exactly 2.7 years old. Whoever wrote that comment was a fool; for so obviously ‘giving away’ that they could see it was me writing those comments (showing their hand), and to give such a sensitive shit over what I wrote (notice it took anti-SBBH comments for them to get fresh and reveal themselves).

Let this story be a warning to any of you that this ‘special access’ to see which user is writing “anon” comments creates an unfair advantage and in the wrong hands can be used against you. At the same time, these privileged few are able to enjoy the ability to hide in anon subs themselves.

@PuttItOut, users will never be free to “have their say” in anon subs until everyone but you is stripped of the ability to see who’s posting what in so-called anon subs.

--

Edit: Hey, cool! My post got a "Speculation" flair. Perhaps the first in voat's history in v/Whatever.

You are viewing a single comment's thread.

view the rest of the comments →

BB-3 ago

@PuttitOut this is serious. If anon subs aren't anonymous for everybody, they're not anonymous.

WhiteSurvivalist ago

The idea that you can't post there without being logged in should be the first dead give away.

thantik ago

If you were able to post there without being logged in, there would be no way to protect voat against massive spam attacks, etc. There still should be one, and only one username to a person.

WhiteSurvivalist ago

Sounds self defeating then, either it's anonymous and requires no login but moderation, or it's not and is merely a deliberate facade as OP notes.

thantik ago

Your argument is a false dichotomy fallacy. It's not either/or. You can have anonymization and login required.

Wahaha ago

While that is certainly true, the step of requiring a login does nothing to improve the anonymization. It could, however, be used to defeat the anonymization. Users wouldn't know. And it doesn't strike me as a smart thing to do to trust things you do not know. So the part where login is required should tip users off, that things ain't necessarily as anonym as they think.

thantik ago

https://github.com/voat/voat

You're welcome to go digging. Voat doesn't hide things from users... I highly doubt you'll find anything incriminating in there...

Wahaha ago

That's cool, but there's no guarantee that the github code is what is actually run here.

WhiteSurvivalist ago

You can have anonymization and login required.

If you say so.

thantik ago

I say so. How do you think your password for voat is stored, eh? You think hunter2 is just sitting in a database somewhere in clear text?

No. It's single-way hashed, and when you enter your password for verification, it's single-way hashed again. The hashes are checked against one another against that encryption algorithm.

If your diminutive understanding of technology were the truth, then it would be the same as the web admin just having open-access to your password. That's not how technology works, and it's easily possible to both require a log in, and submit information to a database without it being tied to a specific user -- even possible for the programmer of the website to make it so HE cannot even know who it is, if it is done correctly.

BlueDrache ago

Did you provide aloe for that burn?