D

Deleted member 65228

"My data is useless"
"I have nothing to hide"
"I have nothing of interest"
"No one will even want to hack me"
"Take my data please it won't matter"

Typical excuses for bad habits.
 
I

illumination

"My data is useless"
"I have nothing to hide"
"I have nothing of interest"
"No one will even want to hack me"
"Take my data please it won't matter"

Typical excuses for bad habits.
A rule of thumb, never use your real credentials. Not for creating emails, not for social sites, not for anything. It would be rather hard for someone to steal your identity this way. If a site requires a phone number to verify it is you, do not use it, i don't. Do not ever store your real credentials on your system as well.
 
D

Deleted member 65228

A rule of thumb, never use your real credentials. Not for creating emails, not for social sites, not for anything. It would be rather hard for someone to steal your identity this way. If a site requires a phone number to verify it is you, do not use it, i don't. Do not ever store your real credentials on your system as well.
Now THAT is a good piece of advice.

About the phone verification, I never ever use my real number. I scrounge for online free SMS receiving until I find one which isn't blocked by the services anti-spam/used phone number list. It could be troublesome though, if the account isn't to be a dummy one and you later need that same phone number to sign back in for whatever reason.

Secure passwords are also very important, I'd say at-least 12 characters with combination of upper/lower case, numbers and special characters but that's just me.
 

Slyguy

Level 40
"My data is useless"
"I have nothing to hide"
"I have nothing of interest"
"No one will even want to hack me"
"Take my data please it won't matter"

Typical excuses for bad habits.
These excuses are lame and tiresome. Also the futilistic 'you've never had privacy so give it up' doesn't hold true for everyone and increasingly, it's mostly something that applies to regular joes.

For me, even if I gave you my real name and you Google searched it you wouldn't turn up anything. This is the result of careful privacy practices cultivated over many years and yearly 'culling' of public data through cease and desist letters or opt-out procedures. My real name is on precisely 4 accounts, worldwide, and those are secure banking/investments sites. Everywhere else I have assumed personas. If privacy is possible, I am pretty good example of what can be achieved through basic practices. I have associates that have even better privacy with me and are functionally invisible to the world, but they spend more time/effort than I do cultivating this.

As for passwords, some experts claim 12 characters isn't enough. Some say 14 isn't enough, that we should be starting at 16 characters these days. I personally stick to around 20, if a site supports it, I ramp it up to 40, 50, even 100 characters.

G Data is really big on privacy. It's their passion and it becomes evident when you talk to them on the phone they are honestly no friend of any intelligence service or government, and they make no attempts to mask this. So when they say they don't cooperate you are probably getting the truth from them. I know with a few enterprise german firms they have a strong stance against backdoors, whitelisting state malware and turning over data to intelligence. This is a big thing in Germany right now and MANY tech firms are standing firm against encroachment of govt.

Can you find me a list of firms (other than G Data) that explicitly state they guard your privacy, have no backdoors and won't cooperate with intelligence officials? That list is going to be VERY small. Remember, any firm claiming such and then doing the opposite is opening themselves up to tremendous liability, smaller firms like G Data wouldn't survive if they were found to violate their core principles at any significant level.
 
D

Deleted member 65228

These excuses are lame and tiresome. Also the futilistic 'you've never had privacy so give it up' doesn't hold true for everyone and increasingly, it's mostly something that applies to regular joes.
To be honest I am thankful I am not the only one here who has the same view on this.
 
  • Like
Reactions: mekelek
I

illumination

These excuses are lame and tiresome. Also the futilistic 'you've never had privacy so give it up' doesn't hold true for everyone and increasingly, it's mostly something that applies to regular joes.
I cant say i agree with this, as the more you work at hiding yourself to the extent you and others do, the more you stand out... Unique fingerprint...
 
  • Like
Reactions: ZeroDay and mekelek

ZeroDay

Level 27
Verified

Bleak

Level 3
Verified
These excuses are lame and tiresome. Also the futilistic 'you've never had privacy so give it up' doesn't hold true for everyone and increasingly, it's mostly something that applies to regular joes.
Actually in my post I was clearly talking about 'data collection', the type of collection that is more or less 'forced' on the one who uses that services, I wasn't talking about something as extreme basic as providing a name... I believe the one who would turn it and think that 'providing real name' is the actual average joe.

For me, even if I gave you my real name and you Google searched it you wouldn't turn up anything. This is the result of careful privacy practices cultivated over many years and yearly 'culling' of public data through cease and desist letters or opt-out procedures. My real name is on precisely 4 accounts, worldwide, and those are secure banking/investments sites. Everywhere else I have assumed personas. If privacy is possible, I am pretty good example of what can be achieved through basic practices. I have associates that have even better privacy with me and are functionally invisible to the world, but they spend more time/effort than I do cultivating this.
Yeah, thanks for telling the world that you never use your real name on the internet.
Most collected data does not particularly need someone's real name as they, as it mostly won't help them that much, but rather collecting visited pages, IPs, emails etc. No one cares what my name is lol, since names aren't even something unique.

As for passwords, some experts claim 12 characters isn't enough. Some say 14 isn't enough, that we should be starting at 16 characters these days. I personally stick to around 20, if a site supports it, I ramp it up to 40, 50, even 100 characters.
100. lolok
 

Slyguy

Level 40
I wasn't talking about something as extreme basic as providing a name... I believe the one who would turn it and think that 'providing real name' is the actual average joe.
I wasn't responding to you, I was responding to Opcode. If you note my response history, there are only a handful of people on this forum I respond directly to. No offense. But if you think I am an average joe, then I must claim some success with my methodologies already. :ROFLMAO:

Anyway.. Back to the general topic theme;

All of this depends on the threat actors you are attempting to avoid. Avoidance of real name, and searchable real name isn't generally to avoid state sponsored actors. It's very helpful to avoid stalking, doxxing, and low-mid level hackers and less well funded state actors.

Has nobody on the forums been a victim or near victim to stalking, harassment or doxxing? I have countless stories of where a limited footprint has prevented 'issues'. For example a creep at my wife's work attempted to stalk her, but then quickly realized she has a near-zero footprint on the internet. He ended up stalking the WRONG lady a couple of cities away from what the police investigation report indicated..

As for privacy practices increasing your surface area, we're long past that as being an issue.. A decade ago, you'd stand out. Now? Not so much.. The reason is simple, hundreds of millions of people are using privacy tools/extensions/services/products now. I've read estimates of almost 150,000,000 people using VPN's as one example.

I'm aware of all of the other technology, stylography, fingerprinting (in all it's forms) and the variety of projects to tap local and regional fiber and data centers, etc. We're not talking avoidance of that moreso than avoidance of corporations, data mining firms and weirdos. If you want to avoid well funded state actors you can, but expect to have to educate yourself, spend some money and be far more diligent.

In terms of products, I think it's more about 'lessoning' the amount of information you bleed off as a basic mitigation method. An antivirus product is an intimate product on your systems, so you probably should pay more attention to who/what/when/where in terms of your AV then say, your notepad taking app or your pedometer.
 
Last edited:

Slyguy

Level 40
100. lolok
I have lots of 80-100 character passwords out there.. Zoho is one example, 99 characters.

BSD%A!9K&E$gro&SXDwWDioZ&HUQz43LzGKSDoRhrBavN!pcmUgh!tRAfcnhFY%532cDBSIfP@Z#rax$u5H8UFcTSj3si5bEWR3

Fastmail allows 50 characters, and you bet I use all 50.
zrY/9L46)V<3]qN"5b;5U5jG[eG-bT{/Q7G>ktWfw9MCUaX;f>

Facebook on the otherhand, has a 4096 Char limit from what I read, but I stick to about 256 for FB.
8$+u:yu5F7329D29TPwFCH/52~Ptm5_"C+XuFCC"5"X3vMI648CVucwa3jH8y$ZcAu8g3"Y^bpGtjN/Q@#;I>8t>Xt]_<8B/:jR9Xt{NrXm8D]c8x5^5V?b7389^-:?xtX9B7K2hP}Qs5AH7h575MN23I_@L&3A#}:4H$2?FQ$z6GNPT79}&aw=4r38Vm8sEL<e?kDm&Y:rpa]?589B5W8?Jw9P9Dx2Q:hGCB_2(]}zgFA4:\>?h~X_[qY]"Y2A$


:ROFLMAO: