• weshallovercum [any]
    ·
    4 years ago

    Can you expand on how to do opsec? Should I start using a proxy to browse? Is it possible to trace the IP of users, if not by feds but by chuds?

    • alcoholicorn [comrade/them, doe/deer]
      ·
      4 years ago

      If you post any images from your phone, clear exif data first.

      Even with a proxy, you might be trackable if someone links to a honeypot site. Check https://amiunique.org/fp for all of the data a server receives before it loads a webpage. That data can be collated with commercially available data sets to get personal information.

        • 4_AOC_DMT [any]
          ·
          4 years ago

          Best practice is still to clear this (and any other potentially identifying metadata) before upload in the extremely unlikely event that someone tries to MITM you.

          • Sphere [he/him, they/them]
            ·
            4 years ago

            MITM is unrealistic. It would require state-level actor capabilities to MITM a TLS connection (you'd need to control a certificate authority, or at least have access to a signing key), and it's a targeted attack (so they'd need to be targeting a user specifically to employ one). Anyone who's being targeted by an SLA and doesn't already know to wipe exif data is probably doomed tbh.