General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsAdvice from a Cyber Security expert (me) on how someone could have found Bravenak's home address
I'm in the Cyber Security business. My company makes products that does it's best to keep bad people from breaking in and taking your shit.
There are many many ways to take peoples shit. One of the best ways to take peoples shit is the good old Social Network.
Now if you were to look at 99.9 percent of the profiles here on DU, you would not see anyone's home address. Unless of course they are knuckleheads and put it in their profile. (Don't do that!)
Whoever sent the letter to Bravenak's home probably did not get the info from DU. I'm not certain---Bravenak could have PM'ed someone with her real name? My have slipped up in a post in the past---again not certain---although I doubt that happened.
I know that Bravenak has a twitter account. Maybe her name and personal info was found on twitter?
I'm thinking Facebook. Again---not sure if she is on FB---and if she is---does she have DU members as friends on her page. Did she slip on FB and use her DU name?
I say this because I have an FB account and have DU members as my friends on my account. I'm also friends with a member who is very popular and who has a gazillion friends who are DU members as well. Only a few close friends know that I am trumad on DU.
Again---I'm only speculating. Bravenak may have slipped up on DU with a PM or a post--I doubt that.
If not---it had to be from some Social Network site that exposed her real name and home info.
Here's the thing.... even I---Mr. Cyber Security expert--am vulnerable to this type of shit. If someone wanted to find my name or address---they probably could. If you play in the Social Network, that's the price you pay. Today---if you know someone's name you can find out anything about that person.
Welcome to the 21st century.
On edit: thanks to a couple of PMs...I know now how they obtained her info.
Remember ...teh Googles can be your friend but also your enemy.
steve2470
(37,457 posts)It's a good reminder to all of us. I think I know how the person got it but of course I'm not saying anything. BTW, sorry for all the questions about cyber-security several months ago. I'm too curious for my own good sometimes.
hobbit709
(41,694 posts)The people that know me know what is true and what isn't. Anyone else, tough luck.
My photobucket account that I use to post pix on DU doesn't have my real name on it.
I googled my actual real name and out of 25 million hits, the first 10 pages of search results weren't even close.
hollysmom
(5,946 posts)My facebook account - is in my dogs's name and my mother's age and a zombie address.
davidpdx
(22,000 posts)information that they put out there about themselves. I removed almost all my information from my DU profile. My Facebook page has the tightest restrictions information wise, so finding it would be pretty damn hard unless you knew someone who know me.
The other thing is once that information is out there, it is very hard to get it removed.
Warren Stupidity
(48,181 posts)An address can be obtained for that name with minimal additional effort. This isn't rocket science. Anyone at all with any motivation to do this could have done it without hacking anything. I'll bet an entire us dollar that it was one of our very helpful friends at the cave. Seeing the spectacular reaction, quite a successful troll.
riderinthestorm
(23,272 posts)unfortunately...
MrScorpio
(73,630 posts)They wouldn't hesitate to bandy it about between themselves before hand. However, there's no sign that they did know.
Also, they all know MY real name, it's not a secret to them. They've all known it for years and to this date, I've yet to have them target me in real life like Bravenak was. It's not like they like me either.
snooper2
(30,151 posts)of course even if you know the general area say someone says in the DFW area- You have name just do property record searches in Dallas County, Collin County, etc.
pretty easy -
Not to mention divorce records etc etc., journalism 101- And unlike old school, you don't have to go downtown to look at files it's all on the intertubes
MrScorpio
(73,630 posts)The goat fuckers were never aware of her name, because they'd use it between themselves if they did have it.
This, instead, was a self-determined stalker who did it all on their own, in order to engage in a personal vendetta against Bravenak.
And they did it all for Bernie, of course, as penned in the letter's stated motivation and salutation.
awoke_in_2003
(34,582 posts)I haven't been in contact with him since I moved to Texas in 1992. It took me about 2 minutes to find the info- a little longer because there was two possible counties he could be living in.
nadinbrzezinski
(154,021 posts)My asthma hates dusty files.
tk2kewl
(18,133 posts)Pictures and tweets (maybe Facebook posts too) can have geographic coordinates embedded in their metadata. If the geolocation (GPS) service on your device is turned on pictures taken with that device or tweets made from that device will iclude you current location. Overlay that location info on Google maps or Zillo and you mau be able to come up with an address.
Even browsers on devices without GPS, like your home computer, have geolocation services that can do a very good job of determining your coordinates based on network topologies.
I only activate my location services when I want to actively use them.
jeff47
(26,549 posts)How to disable the "embed location in picture" feature varies by phone.
tk2kewl
(18,133 posts)and certain apps you add may ask you or require you to re-enable it, so you must remain on top of it
virtualobserver
(8,760 posts)the pictures posted on DU can take you to the source
you are giving the entire world your real name, and if you leave your Facebook wide open , and since most people give the city
that they live in. name and city can get you a long way
lumberjack_jeff
(33,224 posts)If you post a photo, the URL exposes more than you might intend.
Generic Other
(28,979 posts)Since this is what many of us use.
Response to Generic Other (Reply #35)
lumberjack_jeff This message was self-deleted by its author.
Generic Other
(28,979 posts)Because mine are supposedly private.
lumberjack_jeff
(33,224 posts)pintobean
(18,101 posts)He made that image and shared it with DU before he passed.
http://www.democraticunderground.com/10026835347
lumberjack_jeff
(33,224 posts)nadinbrzezinski
(154,021 posts)like well, your name and it also stores where you uploaded from. Most do. I know this, but I still use it. There are certain places that have extensively doxed me, so this would be closing the door after the whole Herd left. I actually think a few herds.
dembotoz
(16,785 posts)Think mine was related to Facebook
Using your name has a downside
I keep my Facebook separate from LinkedIn
Post little to no personal info
cwydro
(51,308 posts)Or it was at any rate.
riderinthestorm
(23,272 posts)I don't want to put it out there about how to find her if it hasn't occurred to anyone else but finding her is very easy.
Public online personalities put themselves out there unfortunately at some risk. I wonder if she thought of that...
Jappleseed
(93 posts)cross check it with all the IP's from Tampa Florida.
Seems to me like this should have already been over with. Or is that much harder than it sounds?
cwydro
(51,308 posts)Anyone could simply write a letter and address the envelope. Then stick it in another envelope and send it to some helpful friend they know in St. Pete and ask them to send it. Easy to do that if you want a postmark from another place.
People do this every year at Valentine's day - sending letters and cards to places with names like Love, Valentine, etc in various states. The post offices are happy to send the letters on with the correct postmarks.
But anyone can have a letter resent from anywhere. Simple.
MrScorpio
(73,630 posts)This is personal, never mind that the person was "clever" enough to write an Alaskan return address on the envelope.
steve2470
(37,457 posts)MrScorpio
(73,630 posts)It's only a matter of time before they're outed.
SMC22307
(8,090 posts)And even if not, what are people suggesting... that Homeland Security run DNA?
cwydro
(51,308 posts)wow, you have always seemed an intelligent person to me. Kinda surprised you're falling for this.
We DUers are a family. I truly don't think it came from DU, but even if it did...it is some freaking troll.
Come on now. Think logically. People are getting silly on this.
I think Bravenak is safe...she lives out there from anywhere lol! I SO want to go to Alaska and even with my airline bennies I never made it.
Plus Bravenake is Brave in AK, and I, for one, am just not worried about her. She is one strong woman and can handle whatever this silliness is that has been perpetrated to turn DUers against one another.
Let's all try to get along.
MrScorpio
(73,630 posts)Trust me, things are not looking as neat and tidy as what some would say that this is an outsider troll.
I'm in contact with Bravenak, and she's totally on board with my reasoning here.
I'm sorry if I'm sounding cryptic, but I'm not making a big show out of this.
cwydro
(51,308 posts)Please don't keep sowing seeds of dissension amongst DUers.
Those of us who have been here a long time won't care, but you may cause trouble with newbies.
This is a good board. I believe in it and in most of the posters here, even the ones I dislike and the ones that hate me..
MrScorpio
(73,630 posts)My first priority here is defending Bravenak. She's the only victim of that letter.
Warren Stupidity
(48,181 posts)That would be very helpful.
LanternWaste
(37,748 posts)I used to call collating an index a "witch hunt" too-- it's colorful and melodramatic without resorting to any unseemly measures like actual points to validate a premise...
Very helpful, indeed.
Jappleseed
(93 posts)And the reason why it is so low. All with a single post at that. Well done Mr.stupidity.
dumbcat
(2,120 posts)That might be pretty sure to get them.
Tampa, FL doesn't mean anything. The letters could have been remailed.
Jappleseed
(93 posts)I see the family resembalance between you and the other poster.
It is rapidly becoming clear there is a group of Duers who rather make political hay from this, and don't want the problem solved.
dumbcat
(2,120 posts)cross check it with all the IP's from Tampa Florida.
Seems to me like this should have already been over with. Or is that much harder than it sounds?
So maybe Skinner already did this. Then what? What would you do with such a list?
JackInGreen
(2,975 posts)This is why everything's a spoof of a spoof of a spoof for me.
LiberalArkie
(15,703 posts)But it still has my address and stuff.
Omaha Steve
(99,495 posts)My phone rang about 5 minutes later. A DUer was calling to say my personal info & visa account info were being displayed on the net. Never had a problem with that account being hacked.
OS
Lee-Lee
(6,324 posts)I check them out hard so we don't waste lots of money and time sending them into the real check only to have them denied.
Connecting the dots online is one way I do it. I start with a name and email, look for accounts, look for usernames on forums that match an email, etc.
If I was looking at a forum wondering who a person I was I would go through all their posts- do they place a location? A city? A state? Post in a state forum?
Did they ever link photos- if so, did they go to a photbucket or similar account? What's the username on that account? What other pictures are on that account? Where else does that username appear with a search?
Did the photo they posted have exif data listing the location?
So many ways as someone investigating I can connect dots on someone's online presence.
Jim Lane
(11,175 posts)I pay no attention to Facebook's supposed privacy protections, and I post on DU under my real name. I just assume that anything on my Facebook page and anything I post on DU will be available to my bitterest enemy under the worst possible circumstances.
Renew Deal
(81,846 posts)some photos contain tracking info
trumad
(41,692 posts)It wasn't very hard to find her info.
Like I said---it's not to hard to find out a persons info especially if they are active on the internet.
hollysmom
(5,946 posts)nadinbrzezinski
(154,021 posts)d_legendary1
(2,586 posts)That's why I've told my friends to post their personal information on anything (I know facebook tries to get people to do this). If the social app wants too much information its not worth using.
magical thyme
(14,881 posts)in at least one place. It takes a short google to find it; it dioesn't take any effort or special knowledge.
It's a reminder to everybody that there are a lot of nutcases out there and usernames should be kept separate from identifying information.
Romulox
(25,960 posts)I am loathe to say where (don't want to help anyone,) but it is still here on this site.
I wonder if the site admins can help to remove it?
edit: I have alerted the message and PMed the poster who has (inadvertently) posted sensitive information here.
Zorra
(27,670 posts)Go Vols
(5,902 posts)Last edited Fri Sep 11, 2015, 02:02 PM - Edit history (1)
If you put your info out there,people can/will get it.
Edit: A unique name used at multiple sites makes it much easier to track someone down.
Aerows
(39,961 posts)"We'll post pictures of everything we are up to there."
"Why was our house broken into while we were away on vacation?"
Aerows
(39,961 posts)Don't have a fucking FB, Instagram, Tumblr, Posteverything I do account and it's a hell of a lot harder.
And ride a horse instead of a car.
Aerows
(39,961 posts)But if you can't live without facebook, you are living the wrong damn life.
You call yourself a security consultant - Aaron Barr, is that you?
trumad
(41,692 posts)I can live without FB---hell did so until 2005...Since then I've used it and love it.
Telling everyone to avoid social media is kind of dumb in mho.
Aerows
(39,961 posts)maybe you will have the Cyber Security breakthrough that prevents people from being stupid and avoid slipping up yourself!
You are welcome to all the social media accounts you want - just don't gripe when you realize that hordes of people have your log in credentials and using TOR, VPN and blackspace doesn't change the fact that people administrate FB, Instagram, Tumblr, etc.
Sure, you can sue. But what good is that after they've run off with your horse and wagon (to use your analogy)?
trumad
(41,692 posts)so no social media for you ..no sir'eee.
Long answer NO. But don't listen to me - you are a self-proclaimed "Cyber Security" expert.
Aerows
(39,961 posts)as many social media accounts as you want!
Oh look, you have no certifications whatsoever.
Well isn't that interesting mister "I can claim anything on the internet and it's true because I said so".
Good lord.
Some of you folks think that because you discovered how to use Google you know how to shave and re-route fiber optic cable (been in a plenum?), run an email server, house a dns server (designed a read only key so that it can't be cache poisoned?) and migrate enough data to choke an elephant every night to a backup unit.
Yet somehow, you have devised the secret to having only the people that you want to see you on the internet and nobody else will ever see it.
You are fucking kidding me, right?
When you are in the goddamn dark typing vi, you get back to me.
You can send me an email right from the console off your nearest relay.
trumad
(41,692 posts)What the hell is wrong with you?
Been in the telecom business since 1981..shortly after the breakup of Bell. Wild West back then. I started as a tech cabling buildings in Miami ...Plenum...Shit... You ever been in asbestos?
From there I installed some of the biggest PBX systems in the market. DBX my biggest. Jumped into the infrastructure part of the business installing twisted pair and plenty of fiber. You know what a fucking hot melt connector is? Probably not.
Project managed Oracle headquarters in Redwood City, Ca...and about a dozen other large companies throughout Silicon Valley.
From there I jumped into sales...shitload of Cisco...big enterprise accounts... From there...cyber security ...working for one of the largest VARs in the business.
So again I ask...what the fuck is wrong with you?
Aerows
(39,961 posts)I'm going to ask you right back.
You do not intimidate me in the slightest.
trumad
(41,692 posts)A thread I tried to help my fellow members with.. And you proceed to shit all over it.
Again...what the fuck is wrong with you?
Aerows
(39,961 posts)I'm pretty sure I wouldn't have entered it in the first place.
The smell of bullshit lured me in and declared "this is a place where lots of bullshit must be produced".
Hell, I'm still wiping my feet off - you should be thankful for the kick that DIDN'T include a big clog of crap on the bottom of my boot.
trumad
(41,692 posts)I'm fine with being strange. I avoid schemes to leech money out of unsuspecting folks, because that goes against my ethics.
trumad
(41,692 posts)Seriously..WTF are you talking about?
nadinbrzezinski
(154,021 posts)but I am quite conscious of the double edge sword they are. During Occupy FB became invaluable... and since the rest of the world does...
daredtowork
(3,732 posts)While Reddit has supposedly tightened up privacy policies, there are groups there dedicated to carrying out vendettas on people they hate from other forums. A lot of MRA doxxing gets coordinated through Reddit. They get away with it because they don't break privacy policies on the first forum (so you can't complain about their cyberstalking there even as they increasingly hint about all the doxxing information they have on you), and on Reddit they can discuss you under your username from the other forum: Reddit doesn't see this as breaking a privacy policy unless they list your name/address on Reddit. However, they can make public inquiries to coordinate their gathering of info and then exchange the personal information privately.
Reddit seems to feel that using their site to coordinate stalking of people on another site is okay. Since other people are getting away with it, new kids learn that Reddit is the place to go to manage their cyberbullying campaign.
For instance, consider Bravenak's case: a group of people may have a DU hate forum on Reddit. They will get information (like the photobucket name) on DU, but then they will go to Reddit to discuss their mutual hate of said person and privately exchange what they know there. Then they can come back to DU and issue subtle threats that only Bravenak would understand: hints about knowing where she lives or that she's being watched that aren't obvious enough to create a privacy alert here. This sort of exploitation of the Internet's distributed nature to get away with stuff without triggering any one site's security/privacy policies seems to be a growing practice. IMHO, anyone caught conducting a hate campaign via Reddit should earn a ban at the target forum whether they have broken rules "here" or not.
Aerows
(39,961 posts)Nobody with any sense has an account there.
nadinbrzezinski
(154,021 posts)like the California sub-reddit
My own town though, is a cesspool
steve2470
(37,457 posts)This seems to apply to online anonymity as well. It always amazes me when 4chan or Anonymous track people down. It seems the only way to be "safe" is to not be on the net at all at any time whatsoever. Of course, you can force people to work super hard with VPN's, Tor, proxy servers, fake information, etc.
nadinbrzezinski
(154,021 posts)seriously. Most of this crap is so easy to find without hacking anything it is not even funny. It is truly journalism 101 these days. Are you amazed as well when your local crack news team shows up at somebody's home to interview them after their sweet something got in trouble? Somebody back at the news room just let their fingers do the walking over google. No hacking at all.
steve2470
(37,457 posts)BTW, thank you for the whitepages link. I have now opted out my public info.
nadinbrzezinski
(154,021 posts)I am thinking that it is time to write a story explaining how to close those holes. (Incidentally I have some of them open, and I know the risk)... Having an UNLISTED number is also a good idea.
nadinbrzezinski
(154,021 posts)and kids, google yourself... string to use... your NAME and your TOWN
If you pop up in the WHITE PAGES, at the very least get yourself removed from them. They got the tool there.
https://support.whitepages.com/hc/en-us/articles/203263794-Remove-my-listing-from-Whitepages-
Some of us are on the social media game and I know, I know I have my name... but hey, that is the risk I run... and have been posting here for ever with it. When I started on the internets back in the cambrian... we really did not have that issue.
By the way, this simple search string is used by your local reporter OFTEN, when somebody makes it to the NOOZ and damn it the station wants to interview them. Please, make us work a tad and break a sweat!
Oh and that only means your local friendly nosy reporter, PI, internet bully, internet stalker, and identity thief (I should include the local detectives if you get in trouble with the law) have a slew of tools... including things like genealogy sites to use. You would be amazed what you can pull.
Privacy is a has been, really.
yuiyoshida
(41,818 posts)You will include an email address. You may put in an area you live in, such as a state or a city. A physical postal address is not required. Phone numbers are not asked for on Twitter. Personal information is not asked for on twitter. This is why I prefer Twitter over Facebook, I don't have to worry about Computer Glitches that reveal all my personal information for 24 hours enabling some one to know all there is about me..