We should be more careful. 1 in 30,000 is a pretty good chance to not get found out, but when it comes to videos with smaller viewcounts, we should not be allowing them to be shared.

Also we should do something about the tracking links that people keep sharing here willynilly. Even if it's just a rule change. Feels like 6 months since I last posted about this without change.

  • PaX [comrade/them, they/them]
    ·
    edit-2
    8 months ago

    I can't view the link (doesn't load for some reason) but I read an excerpt that was posted below and just wanted to say... we're all mega-fucked anyway if the feds/any of the Five Eyes agencies want to know who we are

    Western intelligence agencies, in particular the NSA, have ubiquitous wiretaps/implants throughout internet infrastructure and considering the Hexbear server seems to be in a datacenter in France...

    Deanonymizing measures like this are used when someone is difficult to identify by the usual means (like because they are using Tor or I2P or are connecting to a centralized service out of their reach that is used by many, many different, irrelevant-to-them people, although those aren't totally immune to massive internet surveillance either). But a place like this where we all connect to one server and everyone who visits is "suspect" by their standards? We are already fucked assuming we are on their radar

    If you connect through a VPN you're not safe either (trivial timing attack). If you use Tor or something you might be safe... but it only takes one slip-up because this is a clearnet site and you might not even realize you made it

    • Hurvitz [they/them]
      ·
      edit-2
      8 months ago

      This is all true, but there's more to worry about than just feds. Similar deanonymization attacks can be leveraged by fascists and liberals who want to harass our users. Not compelling google to reveal IPs, sure, but linking to a malicious domain (and obscuring the link destination with markdown), or to a targeted social media post and seeing who interacts, or a bunch of other vectors.

      No reason to make attackers jobs easier, but also true that even the most careful of us should not feel a false sense of security