rooshvforum.network is a fully functional forum: you can search, register, post new threads etc...
Old accounts are inaccessible: register a new one, or recover it when possible. x


Preventive Security Measures: Update your email and delete sensitive PMs
#1

Preventive Security Measures: Update your email and delete sensitive PMs

Events of the past couple of days is a good wake-up call that an attack can come at any time, especially now that this forum is at the epicenter of the culture wars. While we were not been hacked this week, it is always possible that it can get hacked in the future.

If the forum gets hacked, your private messages, IP addresses you used to access the forum, and your account email address will be dumped online. SJW's will mine through the data dump and try to link people to their real identities to exercise their 2 minutes of hate, similar to what happened with the Ashley Madison hack (in that case, a few famous people were shamed)

I strongly advise you to make the following simple changes:

1. Change your account email to one that does not display your name or is not linked to other public services. You should have an email that comes clean when you Google it. You can make that change here.

2. Review your private messages and delete ones that reveal your permanent address or last name. Then PM the person you sent that to and ask him to delete it on his end as well (remember to empty your trash manually to delete PMs) If you shared your phone number via PM, do a Google check on it to make sure it comes clean. I don't think phone numbers will be worth anything if we are hacked.

If you need to send sensitive information to another member, I recommend you exchange email addresses and then continue the dialogue through that instead of forum PMs. I wouldn't worry about details of the city you are living in or a bar you told another member to meet at some time in the past. Last names and addresses are the most sensitive. You generally shouldn't be sending this information anyway.

I recommend you consider the following:

1. Use a private VPN when browsing the site. When you access the forum, your IP address is logged. We must do this to monitor and ban trolls. Now in the case of an attack, I don't see how your IP address will be of value to the public or will link you to your identity, but surfing with a private VPN is good internet practice anyway, especially if you use public wifi networks. I use StrongVPN.com.

Most of you are doing these best practices currently, so I don't think it will cause you to make adjustments. This follows up on the new forum rule about uploading photos of girls. I strongly suspect that images you are uploading are being reverse Google image searched by white knights, so you must do a check yourself when sharing an image that can identify someone you associate with.

As the culture wars have progressed, this forum has grown from being a casual men's locker room to an organized command center that is causing pain and stress to our enemies. I don't know if that result is good or bad, but that's the reality, and we have to understand the risks that come with it.
Reply
#2

Preventive Security Measures: Update your email and delete sensitive PMs

Is it safe to use a Google mail address if I don't use it for anything else on the web??
Reply
#3

Preventive Security Measures: Update your email and delete sensitive PMs

If we need to edit posts, are we screwed? Its still against the rules to have posts edited without a ban.

http://www.rooshvforum.network/thread-13005-...#pid211211

Quote:Quote:

2. Posts cannot ever be deleted. You have a 60 minute window to edit them and after that it's there forever. Don't message me to edit or delete posts, because if you do, you will receive an automatic 7 day ban with no guarantee that your request will be granted. Think hard before you hit the submit button.

When I first came onto this forum, I still thought of it as a locker room-esque place.
Reply
#4

Preventive Security Measures: Update your email and delete sensitive PMs

Are banned members' PMs stored on the server, or are they deleted when the member is banned? Research says that MyBB can allow banned members various permissions depending on how the admins have the forum configured.

In my case, I sent a PM with identifying information to a user who is now banned. I can delete the PMs from my own inbox but wonder if the information lives forever in the banned user's account.

Thank you for your vigilance.
Reply
#5

Preventive Security Measures: Update your email and delete sensitive PMs

Does the system ask you to confirm your email after changing it? If that's the case, hold off on changing it until I can get our email server back up.
Reply
#6

Preventive Security Measures: Update your email and delete sensitive PMs

Roosh, the system is indeed asking to confirm the email address. I just updated mine before seeing your post. No email received yet.

"Nothing comes easier than madness in the world today
Mass paranoia is a mode not a malady"
Bad Religion - The Defense
Reply
#7

Preventive Security Measures: Update your email and delete sensitive PMs

Quote: (09-03-2015 12:43 PM)Roosh Wrote:  

Does the system ask you to confirm your email after changing it? If that's the case, hold off on changing it until I can get our email server back up.

Yes, it has been. I tried it a few times earlier today, but didn't see any messages from the forum in the new email account.
Reply
#8

Preventive Security Measures: Update your email and delete sensitive PMs

I put a notice in the OP. I'll update the thread when it's okay to change your email.
Reply
#9

Preventive Security Measures: Update your email and delete sensitive PMs

Damn, I forgot my password. Is there a way to retrieve it? Every thing I try requires my (forgotten) password.
Reply
#10

Preventive Security Measures: Update your email and delete sensitive PMs

So if I put in the request to change my email already, what would the next step be to change the email?

"Nothing comes easier than madness in the world today
Mass paranoia is a mode not a malady"
Bad Religion - The Defense
Reply
#11

Preventive Security Measures: Update your email and delete sensitive PMs

I did a Google search for my email (which doesn't have my name) I'm using and nothing came up. Assume it's ok to keep it?

I'm not sure I don't want to get "outed" anyway [Image: lol.gif] But clearly I don't want some SJW idiot harassing me bc I believe in game/did a day game approach in Chicago/don't like US divorce laws etc.

BTW I'm going through all my PMs and deleting anything that has emails/phone #s just to be safe.

2015 RVF fantasy football champion
Reply
#12

Preventive Security Measures: Update your email and delete sensitive PMs

Unless you've been really careful there is probably a lot of info that could be found. I only have a small number of posts and I just checked through my pm's and I have a phone number one member sent me (which I just deleted) when we were talking about a meetup. Plug that into whatsapp and a full mugshot comes up which would make it very easy to identify him.

Maybe you should consider some kind of data retention policy regarding inactive accounts. I'm sure the person who sent me his number has also exchanged details with other people, how would he get rid of this information if the other user is no longer active?
Reply
#13

Preventive Security Measures: Update your email and delete sensitive PMs

Well in the past couple of days, I experienced quite a few number of hours in which I could NOT log into my RVF account. likely, others were similarly affected.

Accordingly, I kept wondering about the explanation for such inability to log in, whether there was some kind of hack to the site or some kind of need for RVF to make an emergency move of server services or possibly because of government or regulatory matters or if there was some pure technical issues.

This thread seems to clarify somewhat that these series of outages were caused more by technical issues rather than any of the other possible reasons.

Was there an outage explanation somewhere else in the forum?
Reply
#14

Preventive Security Measures: Update your email and delete sensitive PMs

A few more tips for staying anonymous: make sure the username you use here isn't tied to another account somewhere that you might post personal information or is tied to your personal email address (reddit, video game sites, etc). Even better is security through misdirection (use a real-enough looking identity like mine, which has no ties to your real identity). The VPN idea is great, if an IP address is stolen it's not necessarily directly linkable to you, as they change. However, if you visit here from your place of work, there's a good chance that your work uses one outgoing IP address for all traffic, which means the IP could be linked to your work. Doxxers know this. A few more tips:
  • Don't post anything relating to your location, unless you don't care
  • Don't post nicknames, first names, last names, phone numbers (these should be self-explanatory, but you know)
  • Don't trust PMs unless you are 100% certain where they are coming from
I'll post more as I think of them here.
Reply
#15

Preventive Security Measures: Update your email and delete sensitive PMs

Would it be possible to permit edits for a day so we can scrub certain posts?

It's not life or death or anything, but I think a lot of members might benefit from the ability to reconsider what they've shared in light of the new developments regarding outside scrutiny and hatred of this site.
Reply
#16

Preventive Security Measures: Update your email and delete sensitive PMs

Quote: (09-03-2015 01:57 PM)EuroSlumming Wrote:  

Unless you've been really careful there is probably a lot of info that could be found. I only have a small number of posts and I just checked through my pm's and I have a phone number one member sent me (which I just deleted) when we were talking about a meetup. Plug that into whatsapp and a full mugshot comes up which would make it very easy to identify him.

Maybe you should consider some kind of data retention policy regarding inactive accounts. I'm sure the person who sent me his number has also exchanged details with other people, how would he get rid of this information if the other user is no longer active?

I recommend changing your WhatsApp avatar to something unrecognizable to anyone IRL or on the net. I too had to do this when I realized anyone who had my phone number could see and view my info and picture so long as they had my phone number, at any given point... including exes and FB's.

Vice-Captain - #TeamWaitAndSee
Reply
#17

Preventive Security Measures: Update your email and delete sensitive PMs

A suggestion: Wouldn't it be productive to make certain parts of the forum private, where threads can be seen by members only?

Maybe guests can see the threads themselves, but when they click to open one, a message says that they have to be a member to see the page.

This could help reduce forum exposure to trolls and leaches, and still won't prevent faithful future members from joining because they should be patient about waiting for the 1st before they could join, and eventually start to read and contribute themselves.
Reply
#18

Preventive Security Measures: Update your email and delete sensitive PMs

Quote: (09-03-2015 01:57 PM)EuroSlumming Wrote:  

Maybe you should consider some kind of data retention policy regarding inactive accounts. I'm sure the person who sent me his number has also exchanged details with other people, how would he get rid of this information if the other user is no longer active?

Screwston, McQueen and Cardguy all have my personal details in forum messages from my early days here. What happened to their in / out / draft boxes when they got banned?

I'm much more careful now.
Reply
#19

Preventive Security Measures: Update your email and delete sensitive PMs

Guys, I just wiped all my sent and 99.9% of my inbox.

I think I have 10 inbox messages.

Unless you really have a strong need to keep a certain message or someone sent you a pic that you fap to, most of this PMs may not have much value keeping.

Just saying, how much do you really go through your old stuff? Some of it, well at least for me, was inquiring if a dude was in a certain place or planning a trip that was taken.

Part of the reason I took my action was I was sure I sent out some email info but couldn't find it while searching. I am not saying the search function does not work, my memory could be bad. So I just said fuck it, I don't go through old PMs and deleted them all, except for a handful.

Just something for you guys to consider.

Edit: Don't forget to check your draft folder.

Fate whispers to the warrior, "You cannot withstand the storm." And the warrior whispers back, "I am the storm."

Women and children can be careless, but not men - Don Corleone

Great RVF Comments | Where Evil Resides | How to upload, etc. | New Members Read This 1 | New Members Read This 2
Reply
#20

Preventive Security Measures: Update your email and delete sensitive PMs

Quote: (09-03-2015 03:07 PM)Nascimento Wrote:  

A suggestion: Wouldn't it be productive to make certain parts of the forum private, where threads can be seen by members only?

Maybe guests can see the threads themselves, but when they click to open one, a message says that they have to be a member to see the page.

This could help reduce forum exposure to trolls and leaches, and still won't prevent faithful future members from joining because they should be patient about waiting for the 1st before they could join, and eventually start to read and contribute themselves.

That privacy area of the forum proposal seems to address another issue (and is NOT necessarily a bad idea); however, the implementation of such a practice would directly NOT address the issue described in OP....

In fact, implementing and utilizing private areas of the forum would likely cause the exact opposite effect.. causing the false sense of security and possibly where guys may post more and more private information with the expectation of increased privacy; however, if the forum information were to be compromised by a vindicative SJW type, then that private are would NOT be secure, and it would instead be the area that would be most exploited, focused upon and exposed by a SJW type who is wanting to expose the personal lives or real world lives of members.
Reply
#21

Preventive Security Measures: Update your email and delete sensitive PMs

Samsamsam
^^^^

If you choose to more or less wipe out all of your PMs, you could before doing so download your PMs to your local computer. There is an option 'download messages' just above your PMs and to the left of the indication of PM space used. I don't know if the option exists if you are using the mobile version.
Reply
#22

Preventive Security Measures: Update your email and delete sensitive PMs

Quote: (09-03-2015 04:23 PM)JayJuanGee Wrote:  

Quote: (09-03-2015 03:07 PM)Nascimento Wrote:  

A suggestion: Wouldn't it be productive to make certain parts of the forum private, where threads can be seen by members only?

Maybe guests can see the threads themselves, but when they click to open one, a message says that they have to be a member to see the page.

This could help reduce forum exposure to trolls and leaches, and still won't prevent faithful future members from joining because they should be patient about waiting for the 1st before they could join, and eventually start to read and contribute themselves.

In fact, implementing and utilizing private areas of the forum would likely cause the exact opposite effect.. causing the false sense of security and possibly where guys may post more and more private information with the expectation of increased privacy; however, if the forum information were to be compromised by a vindicative SJW type, then that private are would NOT be secure, and it would instead be the area that would be most exploited, focused upon and exposed by a SJW type who is wanting to expose the personal lives or real world lives of members.

It's up to each individual to determine how much they are willing to disclose about themselves when they post.

With greater privacy, I think we would have more quality 'locker room' talk in the threads, and the travel section would improve substantially. I'm sure many of us are willing to share quality travel information with members, but not with thousands of lurkers.
Reply
#23

Preventive Security Measures: Update your email and delete sensitive PMs

Quote: (09-03-2015 04:28 PM)Nascimento Wrote:  

Quote: (09-03-2015 04:23 PM)JayJuanGee Wrote:  

Quote: (09-03-2015 03:07 PM)Nascimento Wrote:  

A suggestion: Wouldn't it be productive to make certain parts of the forum private, where threads can be seen by members only?

Maybe guests can see the threads themselves, but when they click to open one, a message says that they have to be a member to see the page.

This could help reduce forum exposure to trolls and leaches, and still won't prevent faithful future members from joining because they should be patient about waiting for the 1st before they could join, and eventually start to read and contribute themselves.

In fact, implementing and utilizing private areas of the forum would likely cause the exact opposite effect.. causing the false sense of security and possibly where guys may post more and more private information with the expectation of increased privacy; however, if the forum information were to be compromised by a vindicative SJW type, then that private are would NOT be secure, and it would instead be the area that would be most exploited, focused upon and exposed by a SJW type who is wanting to expose the personal lives or real world lives of members.

It's up to each individual to determine how much they are willing to disclose about themselves when they post.

With greater privacy, I think we would have more quality 'locker room' talk in the threads, and the travel section would improve substantially. I'm sure many of us are willing to share quality travel information with members, but not with thousands of lurkers.


I'm NOT against the idea of some more private forum spaces for the reasons that you outline; however, the proposal just seems to be a slightly different issue than the issue brought up in OP, and seems to be in tension with some of the potential problematic issues that are highlighted in OP.
Reply
#24

Preventive Security Measures: Update your email and delete sensitive PMs

I also would like to suggest being able to edit posts. Maybe just for a day, or a couple of hours, but just to get rid of some personal stuff people might have said.
Reply
#25

Preventive Security Measures: Update your email and delete sensitive PMs

How safe is the credit card processor used for the boosters club?
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)