this post was submitted on 13 Feb 2024
94 points (100.0% liked)

the_dunk_tank

15897 readers
1 users here now

It's the dunk tank.

This is where you come to post big-brained hot takes by chuds, libs, or even fellow leftists, and tear them to itty-bitty pieces with precision dunkstrikes.

Rule 1: All posts must include links to the subject matter, and no identifying information should be redacted.

Rule 2: If your source is a reactionary website, please use archive.is instead of linking directly.

Rule 3: No sectarianism.

Rule 4: TERF/SWERFs Not Welcome

Rule 5: No ableism of any kind (that includes stuff like libt*rd)

Rule 6: Do not post fellow hexbears.

Rule 7: Do not individually target other instances' admins or moderators.

Rule 8: The subject of a post cannot be low hanging fruit, that is comments/posts made by a private person that have low amount of upvotes/likes/views. Comments/Posts made on other instances that are accessible from hexbear are an exception to this. Posts that do not meet this requirement can be posted to !shitreactionariessay@lemmygrad.ml

Rule 9: if you post ironic rage bait im going to make a personal visit to your house to make sure you never make this mistake again

founded 5 years ago
MODERATORS
 

I was initially just going to make a comment about this on the other post on the broader topic, but I’m in so much awe that I am compelled to make this its own post. I need to document this. This is a case study.

When I first heard about this, I assumed what happened was he had his porn folder open prior to the stream, forgot about it, and accidentally minimized a window to reveal it. I haven’t gone looking for the clip, I don’t care to see the images no matter how low-res they are displayed, but from what I’ve gathered second-hand it’s so much more incompetent.

His porn folder was, as far as I’ve gathered:

  • In his desktop folder
  • Had zero nesting
  • On his stream PC

This has had me thinking for the past day-and-a-half how many options he had access to if he wanted to create any single degree of separation between his work computer and his fetishistic material. Let’s assume he’s absolutely not going to budge on client-side hosting of his porn. Let’s also framework this in a counterfactual where this isn’t creepo or even morally-ambiguous shit he’s hiding, just embarrassing if aired out publicly, so that I can comfortably rant about basic infosec without feeling like I’m running defensive for his tastes and what was actually found in his porn folder.

There are so many things he could have done to obfuscate/disconnect/distance it so that he would have had a lower risk of exposing his hentai to the world. I am a hobbyist infosec gal. I am an amateur infosec gal. Here are all the ideas I have come up with so far:

  1. Create another account for stream purposes on his computer that only has access to your user directory and move the porn out of it (FREE)
  2. Add N levels of nesting to the folder so that you can easily bail if you accidentally click it on stream (FREE)
  3. Move the folder to an obscure, barely-used folder (FREE)
    • I use Mac primarily, but I know the Windows file structure. Vaush. You are not using Paint3D. The 3D Objects folder is right there. Why is it on your Desktop.
  4. Put it on an encrypted disk image (FREE)
    • Fuck, just put it on a disk image, even that's an attempt at obfuscation (FREE)
  5. Make sure the porn that you have in the folder on your desktop called TO BE SORTED is sorted away into deeper-nested folders, you know, before you start streaming (FREE)
  6. Hide the folder by checking the ‘Hidden’ option in the Attributes menu, accessed by right-clicking on the folder (FREE)
  7. Hide thumbnails. Force list view in File Explorer. According to my Destiny-adjacent high-school friend that called me to talk about this shit, some of the images had what they depicted in the title. Simply don't have the files named in an explicit manner, which could be accomplished in multiple ways, like:
    • Manually renaming them after you download them which takes approximately as much effort to do as moving the file from your Downloads folder to your TO BE SORTED folder (FREE)
    • If you're downloading them programmatically (e.g. using gallery-dl) you can most likely configure it to name the files by post ID instead of what I assume is their title, which is at least obfuscated to a degree (FREE)
    • Use a schtask (Windows cronjob) (UNNECESSARILY COMPLICATED AND YOU HAVE TO LEARN POWERSHELL [EW] BUT IF YOU ABSOLUTELY NEED TO HAVE IT ON YOUR STREAM PC DESKTOP AND CANNOT BE BOTHERED TO SORT OR HIDE THE PORN IT IS A FREE OPTION) that either:
      1. Autosorts the named pornography out of view. Vaush. Buddy. The folder is called TO BE SORTED. I’m assuming the sorting is categorical. You could easily regex that. If they aren’t depicted in the title and thus cannot be regexed, then hiding thumbs solves the exposure potentiality.
      2. Renames files in the folder to an encrypted version of the file name. If you want to manually sort it, then why are you maintaining file names in the first place. Have that shit run the file’s name through even just base64 encryption. You can have it decrypt automatically when put in a sorted folder with another schtask.
  8. Buy an external SSD for it (YOU HAVE THE MONEY)
  9. Buy a laptop for it (YOU HAVE THE MONEY)

Any number of these options being employed would be enough of an attempt at infosec to at least afford you an argument against whether you are entirely incompetent. Vaush, you are on the internet. You are extremely internet-brained. ‘Homework folder’ is pretty much a ubiquitous meme. Nesting folders is the most easily accessible and obvious infosec advice given to anyone on the internet.

I want to reiterate the situation here. Vaush is a public figure. Vaush displays his computer screen for hours at a time as a profession. Vaush has already been accused ad nauseam of airing out the exact sexual inclinations he accidentally revealed to the point where there are double-digit item masterposts chronicling material over a span of years to inform people of these tendencies, posts that have existed for years prior to this incident.

And this motherfucker had his porn folder on the desktop of his stream PC, two errant clicks away from exposing his porn to the world over the multiple hours a day he streams.

This wasn’t an accident. This can’t be classified as an accident. I refuse to award this the nomenclature of ‘accidental’. This was a statistical eventuality. This is active malpractice. I’m in awe niko-wonderous

you are viewing a single comment's thread
view the rest of the comments
[–] AssortedBiscuits@hexbear.net 17 points 2 years ago (1 children)

I thought about this yesterday, and I still think the best way is to have a dedicated streaming account with limited access. It seems like only Linux content creators are tech savvy enough to do this even though creating another account is so easy. But there's work to do to make it less likely you're air out something that you don't want to air out:

  1. I would disable access to the streaming software for all non-streaming account. This is to prevent accidentally streaming with your porn account.

  2. Obvious don't call your porn account "Porn Account." Choose an innocuous name. This is so if any file that's created in your porn account doesn't have "Created by Porn Account" as part of its metadata.

  3. The streaming account needs to only be able to view files within its user directory like you've said. Going to any other folder like Windows should be blocked.

  4. The streaming account needs to have its access to settings and other diagnostic tools like task manager disabled. This is so if the coomer brained user has installed various H-games, they don't accidentally spill the apps installed on their PC which would include the H-games. Disabling task manager is so they don't reveal that they have more accounts than the streaming account logged in (Task manager has a users tab that lists all the users logged in to the machine along with the services being run for each account). I'm sure there's ways through group policy to restrict what services the streaming account can see, but better safe than sorry.

  5. I would just not have a taskbar either since you can accidentally leak the name of your other Windows accounts, and I would go so far as to disable the start menu since there's an edge case where installing an H-game on your admin account might create a menu option in your other accounts including the streaming account. Instead of constantly checking if your start menu is okay to stream, just disable it.

  6. To handle the edge case of the H-game installing shortcuts on the desktop of the streaming account, you could set up a script that basically deletes all shortcut files (so files with extension .lnk) that aren't part of a pre-approved list. But what if you accidentally open your recycle bin on stream where people can see the potential H-game shortcut? There are ways around this as well. The easiest I could find is the recycle bin has an option where files that arrive there get permanently deleted instead of being retained by default.

The end goal is the streaming account should be almost like you're in kiosk mode that's only able to run software by clicking desktop shortcuts of the particular app you want to run. Anything that's not on the desktop including default diagnostic tools is off limits.

[–] WhyEssEff@hexbear.net 24 points 2 years ago* (last edited 2 years ago)

Yeah, just having an account called “Vaush” for streaming and “Ian Kochinski” for everything else is probably the easiest, most innocuous, most outwardly disregardable way he could have hid it. I’m just fascinated that there was no attempt to hide it. It’s just there. On his desktop. Two clicks away strangelove-wow