Very common doxing technique. Link to stuff you control, mine the hits / browser headers / cookies, as they come in. That's why I block all CSS and never click links to weird URLs unless in a tor'd VM.
Posted automatically (#60938) by the SearchVoat.co Cross-Link Bot. You can suppress these notifications by appending a forward-slash(/) to your Voat link. More information here. (@TheTrigger: Click here to suppress your crosslink notifications from @Crackrocknigga)
Posted automatically (#60937) by the SearchVoat.co Cross-Link Bot. You can suppress these notifications by appending a forward-slash(/) to your Voat link. More information here. (@TheTrigger: Click here to suppress your crosslink notifications from @Crackrocknigga)
Maybe. Part of it is that it's an arms race, if you catch my drift. The other part is that I'm more secure, the less I say. Thirdly: fuck you, I have other shit to do. That being said: maybe, and if I ever do, I'll tag you.
Wait, I should be blocking CSS? I have my browser locked down pretty hard, but I didn't know this was a thing. I use half a dozen extensions, including umatrix. Any link to info, other than they can get my IP? I have a vpn.
The custom CSS on some of voat's subs pull the images from third party hosts. Some are hosts which malicious people own and they do this specifically to dox people in the manner described above.
view the rest of the comments →
TheTrigger ago
Very common doxing technique. Link to stuff you control, mine the hits / browser headers / cookies, as they come in. That's why I block all CSS and never click links to weird URLs unless in a tor'd VM.
SearchVoatBot ago
This comment was linked from this v/HDLunited comment by @Crackrocknigga.
Posted automatically (#60938) by the SearchVoat.co Cross-Link Bot. You can suppress these notifications by appending a forward-slash(/) to your Voat link. More information here. (@TheTrigger: Click here to suppress your crosslink notifications from @Crackrocknigga)
SearchVoatBot ago
This comment was linked from this v/HDLunited comment by @Crackrocknigga.
Posted automatically (#60937) by the SearchVoat.co Cross-Link Bot. You can suppress these notifications by appending a forward-slash(/) to your Voat link. More information here. (@TheTrigger: Click here to suppress your crosslink notifications from @Crackrocknigga)
WickedVocalist ago
I broadcast mine.
I wanna hear the dod fire every night.
Crackrocknigga ago
Would you mind making a post on web security? People need it here. I'll spam the fuck out of it
Adam_Jensen_ ago
Maybe this has some info: https://archive.org/details/OPSECMEGACOLLECTION
TheTrigger ago
Maybe. Part of it is that it's an arms race, if you catch my drift. The other part is that I'm more secure, the less I say. Thirdly: fuck you, I have other shit to do. That being said: maybe, and if I ever do, I'll tag you.
Crackrocknigga ago
Haha calm down I didnt demand it, just said If you wouldn't mind it would help people. They really don't know shit
TheTrigger ago
I edited the comment; it came off a bit harsher than I meant. That's pretty much exactly what I was getting at, cheers.
Apoplastic ago
Wait, I should be blocking CSS? I have my browser locked down pretty hard, but I didn't know this was a thing. I use half a dozen extensions, including umatrix. Any link to info, other than they can get my IP? I have a vpn.
TheTrigger ago
The custom CSS on some of voat's subs pull the images from third party hosts. Some are hosts which malicious people own and they do this specifically to dox people in the manner described above.
parnellsUprising ago
No, css is simply style sheets.
You can try and block scripts, but that is more of a pain than it is worth imho, especially if you are already using a vpn.
boomersarecylons ago
You can link to an img hosted elsewhere from css. You can mine passwords with psedo selectors. You can do lots of sneaky things.
Apoplastic ago
Wow, thanks. I did not know this. I gave up on web dev years ago. I do embedded stuff now. CSS3 sounds scary. I'll check it out.
Fuckyounigger ago
CSS is a separate request to the server apart from the html file so if it isn’t blocked then the server can see the hit