this post was submitted on 11 Oct 2025
78 points (100.0% liked)

Chapotraphouse

14125 readers
693 users here now

Banned? DM Wmill to appeal.

No anti-nautilism posts. See: Eco-fascism Primer

Slop posts go in c/slop. Don't post low-hanging fruit here.

founded 4 years ago
MODERATORS
LENINSGHOSTFACEKILLA@hexbear.net
MiraculousMM@hexbear.net
corgiwithalaptop@hexbear.net
PorkrollPosadist@hexbear.net
a_little_red_rat@hexbear.net
khizuo@hexbear.net
gaystyleJoker@hexbear.net
thelastaxolotl@hexbear.net
context@hexbear.net
Infamousblt@hexbear.net
Sulvy@hexbear.net
CoolerOpposide@hexbear.net
kristina@hexbear.net
Breath_Of_The_Snake@hexbear.net
78
i hope hexbear does a good job of hidin those IPs (hexbear.net)
submitted 20 hours ago by LeeeroooyJeeenkiiins@hexbear.net to c/chapotraphouse@hexbear.net
26 comments fedilink hide all child comments
 

I have bad opsec so i'm relying on you. I expect to get arrested for old Facebook posts so it'll be really embarrassing if it's hexbear that gets me, just saying

you are viewing a single comment's thread
view the rest of the comments
[–] dead@hexbear.net 39 points 18 hours ago (2 children)

I think if someone wanted to collect the IP addresses of hexbears, they could do so pretty easily. All they would have to do is host a website and then post the link to their website on hexbear.

20 years ago, in the height of web forums. it was common for people to host an image in their forum signature that would store the ip addresses each person that viewed their comments.

The tricky part is matching usernames to ip addresses. This could hypothetically be done using markdown to place the username inside of the URL parameters of an embedded image. I'm not sure that this is possible, I think the markdown for username substitution is only enabled in the website headers.

I've noticed that lemmy has embeds for some websites, which could enabled IP address extraction. Like CBS links embed a CBS video player into the post page. There was one news site (almayadeen) that embedded a whole iframe into the page.

So I think if someone wanted your ip address, they would just link their own website. The tricky part is pairing IP addresses with usernames.

Someone could just DM you an embedded image hosted on their own website. That would match the IP to your username because you would be the only person to load the specific URL.

[–] LadyCajAsca@hexbear.net 9 points 14 hours ago (1 children)

are there steps to at least have somewhat good opsec? Like, precautionary stuff that isn't high threat level but baseline?

[–] dead@hexbear.net 13 points 13 hours ago

I would recommend to never put anything on the internet that you wouldn't want to read to a court room. If the US government wants to find you, they will find you.

There's an infinite number of things that you could do for "opsec", most of it would waste your time. In order to do opsec, you have to know who is threatening the thing you are doing.

An example of opsec is the song Biggie Smalls - Ten Crack Commandments. In the song, Biggie explains the opsec necessary to sell crack cocaine.

https://genius.com/2022

Rule 1 Never tell anyone how much money you have.
Rule 2 Never tell anyone your plans.
Rule 3 Never trust anyone, not even your own mother.
Rule 4 Never get high on your own drugs.
Rule 5 Never sell drugs from your own house.
Rule 6 Never give loans because people won't pay you back.
Rule 7 Never sell drugs to your family because they will manipulate you.
Rule 8 Never carry a large amount of drugs, have someone else carry it for you.
Rule 9 Never talk to police under any circumstance.
Rule 10 Never order more drugs than you can handle from your supplier.

I'm describing the lyrics of the song. I am not suggesting that anyone should sell drugs.

This website has some guides. They even have a guide for opsec while atttending a protest. EFF is a good organization for computer security.

https://ssd.eff.org/

https://ssd.eff.org/module/your-security-plan

[–] LeeeroooyJeeenkiiins@hexbear.net 11 points 18 hours ago

noooo my safety!