site banner

What if the hackers come for us?

Gab - hacked. Truth social - hacked. What if they come for us? The rdrama codebase probably isn't perfectly secure! Chrome or firefox has layers of sandboxes, a hundred different gadgets like 'stack protection' or 'W xor X', and still has a new RCE every week. rdrama can probably be trivially owned if someone googles all the dependency versions for a few hours. also, lol commit history, 'sneed'. If that happens - what leaks? i guess just associations between stored ip addresses (if they are) and post histories. And IP can reveal a lot, or nothing, depending on where you live, ISP, etc. Combine that with a post history referencing improvements you made to your house or your occupation ... might be bad.

Practically, seems incredibly unlikely anyone will care enough to do anything, it's a small community and the essay format gets in the way of 'omg these rightwingers grr'. But, always good to ponder potential security issues. Also, you wanted content, so content.

4
Jump in the discussion.

No email address required.

your progenitor rdrama.net is a much larger and much, MUCH, more controversial forum and we have had almost zero security issues so far. I dont wanna leak too much but we got some guys specifically for security shit and they legitimately could be from some 3 letter agency, its pretty crazy. So I would say you are definitely good for the foreseeable future unless this place is crazier then I thought.

I dont wanna leak too much but we got some guys specifically for security shit and they legitimately could be from some 3 letter agency, its pretty crazy

Imagine you're talking to someone and they say - "my homie's a cop, he's like from CSI with all their gadgets and shit, he knows what's up". That ... probably doesn't indicate the homie's a good cop, at all, more that the speaker doesn't really know what they're talking about. Same for "could be from some 3 letter agency", that just isn't a sign of good security at all, on the part of the speaker. obviously it doesn't say anything negative about the security team, just that you wouldnt know either way.

I'd love to have the equivalent of internal NSA security audit tho.

The Dramatard in question speaks Russian and describes himself as a "security researcher." I've been assuming some private company rather than state agency, but we know better than to ask too many questions. Does a pretty good job, though.

unless this place is crazier then I thought.

Well, there's /r/SneerClub. Probably not a lot of hackers there though.

I think that's useful to know, but I do remind everyone that a hacking group burned an ImageMagick zero-day on FurAffinity once. There's an upper limit to how far Rule of Induction brings you, here.