>>103222358
Have zero online presence that can be linked back to your real name and address.

>>103222364
That's step number one but the matter is that there's lots of inventive ways of gaining information piece by piece. I know some tricks too.

>>103222358
I think the most effective thing you can really do is just don't gloat about your life or anything that makes you stick out like a sore thumb. Hide in plain sight basically. That way you don't have to go full schizo which might inadvertantly get you unwanted attention anyway.

For example no matter how much mental anguish you suffer in real life from not saying the nigger word, don't say the nigger word in real life.

>>103222405
It is not enough. I'd like to keep up to date to the sort of tools I am researching.

I already narrowed down your location to just few places in the world all because you posted a gook on 4chan while asking about privacy, rookie mistake.

>>103222358
VPN, pen name, have multiple characters with developed backstory and personalities.

>>103222563
It's not enough for the tools I seek to counter. I am talking obsessive compiling of data breaches, bruteforcing access to emails, spoofing. Anything to gain information.

You make a good point with the obfuscation through backstories

Have a private persona and a public persona.
>Data breaches
Assume all of you private persona messages will become publicly viewable at some point and continue accordingly.
>scripts that identify writing habits
Any evidence that this is real and likely to affect you?
>2FA spoofing
What do you mean by this? They would need your OTP secret keys.
>phone interception
Be specific.
>brute forcing passwords
Use a password manager and strong, randomly generated passwords.
>matching [] accounts online
Use a different username for each one. Don't mention what other sites you have accounts on.
>crossreferencing
When possible, sprinkle falsehoods in to your posts. Refer to your wife as you girlfriend. State you live in country X when really you live in country Y. That sort of thing. If you must post something specific, post something untrue.

You have your threat model all wrong here by the way. Look up how doxxers tend to do it and who they tend to do it to. The most common way people get exposed is by reusing account names (lmao) or if they're technical (but not too technical) by leaving their real names in HTML or TLD records. Doxxers focus on big targets on low hanging fruit. If you aren't a big target, all you have to do is not be low hanging fruit.

>>103222358
Create red herrings to mislead attackers, make account recovery answers as complex as passwords, airgap your 2fa, keep your personal documents/media off the computers you operate when not in use, maintain presence on public websites to stop others from opening accounts in your name.

>>103222745
I am anticipating being a high target and low hanging fruit, because it is hard to keep up. I know the methods, decent percentage but others elude me.
I'll talk as much as I can
>>103222745
>Data breaches
Obtaining email adress and looking it up all over online for related accounts, data breaches it might have been involved in. Just here you can already gain a phone number, start to think about locations.

Many different bots online can scrape and obtain information they really shouldn't have access through ids and databases. I already tested this in a trial run of safety measures.
>2FA Spoof
Scripts that brute force, manual brute force or obtaining this through email 2 phone number tools and scripts. The tools are there.
>Phone
Scripts that can spoof a number for 2FA and intercept the code. Just having the phone already opens up more vectors of attack.
>Passwords
All randomly generated through many different methods and systems, switched frequently. But even passwords might not be enough, there's ways I have seen the results but lack knowledge yet.

The rest is basic cyber sec, I know and thanks, but it's the more inventive ways the ones I am focusing on.

We are talking VNC, forwarded IP, DDoS and way more.
Some of my solutions are, VMs, computers used offline only paper records, encryption, microwaving electronics after a set period of time.

>>103222803
Didn't realise you were this bad at this. I took for granted that you would know some stuff.
>Obtaining email adress and looking it up all over online for related accounts
Use burner emails.
>Just here you can already gain a phone number
No you can't. What's my phone number?
>Many different bots online can scrape and obtain information they really shouldn't have access through ids and databases. I already tested this in a trial run of safety measures.
Too vague and meaningless to comment on.
>Scripts that brute force, manual brute force or obtaining this through email 2 phone number tools and scripts.
There is no technology at this time that can brute force strong encryption in any meaningful way you have to worry about. Even if a phone number could be had from an email (which it shouldn't, because you should be using burners) just a phone number is not enough to spoof 2FA. You'd need an SS7 attack and for you that just isn't happening.
>All randomly generated through many different methods and systems, switched frequently. But even passwords might not be enough, there's ways I have seen the results but lack knowledge yet.
You've been reading marketing materials for "how to hack" video courses and PDFs, haven't you? Don't buy into that stuff.

All the stuff you're concerned about is silly if you use even basic techniques, and when I say "a big target" I don't mean being racist online, I mean running a popular racist fedi instance or being a racist streamer. Political doxxers are only interested in hurting morale, because that is the greatest impact their doxxing can have.

Umi, Marina, Anju, etc all need to be bred by me

>>103222861
No, I meant obtaining a phone number through an email.
Burner emails are what I use already, I know I should be using burner phone numbers though.
Well it is true, many sites allow to lookup email, site ID, telegram id, discord id, twitter id, etc. and pay for access to the scraped data by bots.


If you wanted to run a site instead of social media, what would you do to be tight on safety?

>>103222892
>Burner emails are what I use already, I know I should be using burner phone numbers though.
A good amounts of websites will let you sign up with a no-phone-number email provider. Start with that rather than paying for a burner number. If you insist on being as private as possible there are even numbers you can buy with crypto but unless the banks are colluding with your doxxers that step is not necessary.
Have you looked up some doxxes that have been done on the kind of target you anticipate being? That will give you a better idea of the kinds of things you should actually be focusing on, which to summarise are: don't be retarded, don't get cocky. Look them up. It will be by far the most valuable thing you can do to defend yourself against them rather than fantasising about this over the top stuff that you about half understand.

For the website, off the top of my head: use a TLD that allows a domain owner to hide their name from whois. Don't add your name to any author values in editing or version control software because they can end up in source files. Check what you put on your server carefully. There's probably more but this wasn't your original question and I'm not that interested in it. Maybe someone else can tell you about it.

>>103222892
.su domain hosted in a non western or western controlled country
Or use an intermediary paid with Monero if you want a different domain, still hosted outside of the west
Or just an onion address

>>103222935
Yeah I have been looking at some and researching the failures of the target. The failures are always being a normal person using the web. If there's info somewhere and behavior is consistent it will be found.
Even one bit of information can and will lead to more if one is careless. I do have a natural paranoid approach to things so one advantage.

Yeah, I figured wordpress and neocities weren't going to cut it.

>>103222945
Onion adress might be the key.

>>103222358
unexist oneself

First off - what is your threat model? That's what matters most.

If you're looking to stay clear of any three letter agencies or nation states you've already fucked up by posting to 4chan. Realistically most people want to avoid being doxxed for wrongthink - whatever that wrongthink may be.

- Different emails, usernames, and writing styles for every account. Use different information - randomized but realistic is best. Use a site like https://www.fakepersongenerator.com/
- Be inconsistent (and lie) if you ever feel the need to talk about personal information
- Personal information is a lot wider than people think it is. The gender of your spouse and the names/type of pets you might have are personal information. Whether you have any kids. Your interests and hobbies. If talking about a local chain make sure it doesn't use regional names (eg. Carl's Jr vs Hardies). Avoid talking about any of this type of stuff at all if you can help it but if you feel the urge make sure to smudge the truth a bit. This is the stuff that gets most people caught. Stupid fucks can't help but talk about their favorite MMA fighter and their dog Spot and someone connects the dots between two accounts that both happen to have a dog Spot and the same favorite MMA fighter.
- Schedule your posts ahead of time wherever you can help it. Or schedule all of your online posting activity within a 1-2 hour window. Assuming you're using a named persona people can track down your timezone and when you go to work and/or sleep from your post activity over time. You can lurk 24/7 but DO NOT POST outside of your scheduled window. Although you should be avoiding posting. The cost/benefit ratio is skewed as fuck. Posting is a high cost, low benefit activity

>>103222998
- Re: Writing style. In other words: "Ope, don't do that." Using regional slang can fuck you. Alternate between British and American spellings but never alternate on the same account (that's a quirk that will make you stand out). Don't try and get too creative like doing regional slang differences across accounts as you're only making it more likely that you slip up. Be careful with spelling and grammar. If you have a weird quirk like improperly using semicolons; people can and will pick up on that.

Habitually saying "Ope" means they're likely to either live or have grown up in the midwest of the United States. Can then verify that with their Twitter/Twitch stream activity falls within midwestern hours. Did they mention the sun is setting? It rained yesterday and the day before that? A plane is flying overhead right now? Now you know a very proximate location that they're in. A lot of VTubers fuck this up and get outed if they didn't already out themselves in 10,000 other ways like having friends who can't keep their fucking mouths shut.

>>103223027
full schizo alternative to being conscious of individualizing writing characteristics is to have an LLM rewrite your posts for you

>>103223027
Few final notes.
- It should be obvious but never post any fucking pictures of anything. If you do make sure you've scrubbed the EXIF and any other metadata from the image. Don't trust the site you're uploading to do that for you. Never blur information - always black it out entirely and use a full block don't scribble. The amount of lazy censorship you see online or idiots who use a tiny and easily reversed blur is upsetting.
- Have as tiny of a footprint as possible. The fewer sites you join the fewer personas you need.
- Don't be caught slacking. Don't "bundle" a persona across a few sites out of laziness. Always keep things separate and only bundle accounts that you *want* to be associated with one another.
- Avoid having multiple accounts on any one service. The amount of people who fuck up by posting on the wrong account is insane. Tread carefully if you do this (but really - don't do it)
- Never interact with yourself on any accounts. Never mention yourself. Avoid butting into arguments to defend (or attack) yourself. Never attempt to build plausible deniability in this manner. Your personas should never be associated with one another in any way shape or form. Interacting with each other is an association that has no benefits.
>>103223046
If you run the LLM locally or corporations are outside of your threat model - sure.

>>103222998
>>103223027
>>103223084
Thank you. V tubers are another type of online presence I looked at, though I am not familiar to learn enough from their failures.

I watched some youtuber deduce alternate accounts of some internet character due to them replying on some account on their behalf. I do black out and wipe Exif data.

Wikipedia editors or admins got tracked through times of activity and sort of located that way in some post I read too.

>>103222358
Google your full name
You can ask Google yo take those results down
You're welcome

>>103223101
Never click a link anyone sends you unless you're on a VPN. Even something as innocent looking as a YouTube video link. It could be a private upload video only sent to you and then they can check their analytics for a bit of info like geodata and whatever data Google might have on you (the age/gender that Google thinks you are for example). You should always be on a VPN regardless. Vtubers are mostly outed by being retards and voice similarities (when they abandon one vtube persona to try and rebrand/restart as another - they get caught out pretty quickly even if they're small indietubers)

>>103222358
I remember email addresses being reverse searchable on sites like facebook and tumblr. I don't know if that is still doable. I remember IP grabbers being a thing, which could reveal your city/town.

If they know your email, that alone could be enough for them to look you up on social media and find out who you are.

If they know your name and city, that is all they need to know to know everything, there are websites where you could look up people's addresses with that info alone.

Facial recognition search engines have become a thing. If someone has access to a picture of you, they could see if that picture is linked to something that identifies you somewhere else on the web.

>scripts that identify writing habits, phone interception, brute forcing passwords, brute forcing and matching or crossreferencing accounts online

Nobody does this, I have never heard stories of anybody successfully doing this.

>>103222411
There's no "online -identity-deleter.exe" out there
What do you mean tools?
It's an habit
Just don't post online

>>103222669
That's a completely different topic than the one you wanted to talk about in the OP

>>103222745
>Assume all of you private persona messages will become publicly viewable at some point
Adopted this strategy in 2017.
Never talk about important things online

>>103223385
>There's no "online -identity-deleter.exe" out there
https://redact.dev/
Stick with giving advice in areas you're familiar with.
>What do you mean tools?
He's talking about doxing methodologies but has been horribly misled by bad Google searches or shitty content creators.
>Just don't post online
Great piece of advice but the implication is that they wish to post online but wish to do so in a way that makes it impossible to dox them.
>That's a completely different topic than the one you wanted to talk about in the OP
OP is likely ESL but their concern is being doxed from compiled data breeches which only works if they already fucked up their OpSec by re-using information between websites.

>>103222745
>The most common way people get exposed is by reusing account names (lmao)
Crazy to think that this is how they got DPR

>Any evidence that this is real and likely to affect you?
Stylometry is absolutely a thing.
https://www.researchgate.net/publication/345127093_De-Anonymizing_Authors_of_Electronic_Texts_A_Survey_on_Electronic_Text_Stylometry
https://people.duke.edu/~zg70/papers/deAnon.pdf
>>103223408
What fucked DPR was asking a very specific question.
https://stackoverflow.com/questions/15445285/how-can-i-connect-to-a-tor-hidden-service-using-curl-in-php

>>103222803
>microwaving electronics
What for

>>103223138
>can check their analytics for a bit of info like geodata
Interesting but afaik YouTube updates that info every month so you have to be patient if you want to scrap information this way

>>103223468
Absolutely the fuck not. Zero delay analytics is important for YouTube for A/B testing shit like thumbnails. Analytics are real-time on a sliding 28-day window. This is how Ashley Jones (/pol/ queen circa 2012-2014) was doxed. By a fan DM'ing her a privated video on YouTube.

https://views4you.com/tools/youtube-video-analytics/

>>103223423
Not only that
He used his personal Gmail address to ask about "opening a marketplace to sell all kinds of stuff on the dark net" on some forum too

>>103222358
step 1: avoid avatarfagging on bare ip

>>103222358
>fully doxxing resistant
Not possible, especially in case you need social media. Define your threat model first. Then maybe check this video to start.
https://www.youtube.com/watch?v=qZE45J-MIUg

>>103222358
be a loser neet who never registered to vote, never lets other takes his picture, never have any friends or any interaction with public agencies walaaa you basically don't exist except for a birth certificate

>>103223250
>>>scripts that identify writing habits, phone interception, brute forcing passwords, brute forcing and matching or crossreferencing accounts online
>
>Nobody does this, I have never heard stories of anybody successfully doing this.
I have seen them work.
I'll tell you, a person downloads a bunch of data and messages from an account, a txt package. That then is mined for any relevant information through scripting, posting, writing habits, stylometry, they get other accounts here.

>>103222358
>yellow roasties think trad means wearing fake trad clothes
>still filled with cosplay make-up, plastic surgeries and white semen

kek every time