Punting IT security - advice

[SUMO61]

Right, I've decided to review my IT security, to keep my punting hobby as safe as possible. So, I have:

Read the Punting Wiki thoroughly just now, regarding IT and punting
Deactivated all my social media
Have always used a separate email address for AW, UKP and this site, with an alias name*
Use a punting PAYG cheap non smart phone
Never disclose my forum names to WGs
Don't use work laptops or shared family PCs for punting

I there anything else to be done IT wise?

* for the tech-savvy - I have a very random email address for AW, no give away in the title and registered with Hotmail under an alias name. I guess the weak link is the IP address. Can that track back to the real me or would that be beyond all but the very determined?

I've no reason to do all this, just a long overdue task, particularly binning off the social media. I'll miss that, but it makes sense.

Any other advice gratefully received, thanks.

[Buttons]

Simply, yes your IP address can track back to you. Or rather your internet service to your house. But it depends how paranoid you are about these things? What are you wanting hide yourself from?

[SUMO61]

Just listening to the radio tonight about cyber threats in the car got me thinking about IT security.

I suppose I worry a bit about an Ashley Madison type event with AdultWork - some kind of mass outing of punters. I'm probably over -thinking it...

[TheNewSeeker]

Just listening to the radio tonight about cyber threats in the car got me thinking about IT security.

I suppose I worry a bit about an Ashley Madison type event with AdultWork - some kind of mass outing of punters. I'm probably over -thinking it...

No you're not; AW, if you have ever bought credit with a cc, will have your personal data somewhere on their servers. This is what happened with AM. Always use an anonymous paysafevoucher.

IPs - if you have you're own domain e.g. your own SME, your company could be traced. Similarly if you are connected to work on a VPN.

It's easy to make mistakes like this.

Good post OP

[SUMO61]

No you're not; AW, if you have ever bought credit with a cc, will have your personal data somewhere on their servers. This is what happened with AM. Always use an anonymous paysafevoucher.

IPs - if you have you're own domain e.g. your own SME, your company could be traced. Similarly if you are connected to work on a VPN.

It's easy to make mistakes like this.

Good post OP

Fuckety fuck - AW credits , yes, a long time ago though...

Yep - own domain too 

Think i'll close the AW account now, although I suspect the horse has bolted there with that one.

Life was simpler with Classified Ads and massage parlours..

[TheNewSeeker]

Yep - own domain too 

Should clarify; so if you have registered a domain and use it for you internet access, then it's IP address may be registered on your domains WhoIs address. Do this, go to External Link/Members Only Then click lookup. If the results show the IP's domain is your company/private url then you may have a problem, because anyone who can see your IP address (every website you go to). AW account holders will not be able to see this, but AW will. Similarly your email address headers may have your IP address in; a savvy person can find this. Just use webmail like hotmail, gmail etc. AW emails are fine too - they're not real emails.

[newforthisyear]

This is what I do..

Random email hosted at outlook.com
Separate phone - It's a smartphone, gps disabled, google account is created with the above outlook account and all google settings (location, search history etc are disabled)
Remove all social media apps on said phone
Never save messages or call history on said phone - delete that shit pretty quick just in case.
Keep that phone in work.
AW account is registered to the above email. Saying that, all punting activity is linked to that email address.
I use firefox on my main PC and I have it set to clear cache, cookies, etc when the browser is closed. This makes "Oh shit!" moments easier to deal with afterwards.
Park a 5 minute walk away from any illicit activities.

As for the google activities, check it out here.. External Link/Members Only

IP worries, I'm on a DSL connection which changes IP monthly so i don't really care about that. If you're really paranoid and don't have a dynamic IP that actually rotates, get a VPN.

Hosting my own email is totally out of the option, I don't trust registrars with the whois info, even if it's protected. Easier to just use outlook.

Unless AW suffers an attack like ashley madison, then stupid me who bought credits on a CC won't get caught

[Sticky]

Just use Tor if you don't want your IP traced back to you while logged into AW and a random email address for access to the site (can set up mail forwarding if you don't want to constantly check a random account).

If you're hiding it from the missus and she happens to be tech savvy then Tor fixes most things.

If you're hiding it from 'hackers' then they'll need to breach AW's systems and match the information to you which is something you have no control over if you've already used a CC for payments. Even if you create a new account there's a good chance that AW might keep your previous account details somewhere and that can still be stolen.

External Link/Members Only will let you know if any email address associated with something has been compromised and stolen, but then your SO or a WG/Sergei/Winston would need to go looking specifically for your email address knowing it in advance to get that information.

If you're hiding it from WGs then most of them don't look any further than social media even if they were interested in finding out more about you. Even then you can simply make identifying information (town, age, name) private and use an alias when punting.

[heisenberg.]

Right, I've decided to review my IT security, to keep my punting hobby as safe as possible. So, I have:

Read the Punting Wiki thoroughly just now, regarding IT and punting
Deactivated all my social media
Have always used a separate email address for AW, UKP and this site, with an alias name*
Use a punting PAYG cheap non smart phone
Never disclose my forum names to WGs
Don't use work laptops or shared family PCs for punting

I there anything else to be done IT wise?

* for the tech-savvy - I have a very random email address for AW, no give away in the title and registered with Hotmail under an alias name. I guess the weak link is the IP address. Can that track back to the real me or would that be beyond all but the very determined?

I've no reason to do all this, just a long overdue task, particularly binning off the social media. I'll miss that, but it makes sense.

Any other advice gratefully received, thanks.

I HIGHLY recommend you download these apps if you own a windows PC.

Ccleaner (Free)
Adwcleaner (Free)
Malwarebytes (free but suggest the premium, use a torrent or something, it's easy to get for free...)

Trust me on this. Couple these along with a Virus scanner and you are good to go. Please note this is more for the computer side, making sure you don't get hacked/subjected to adware or having suspicious files on your PC due to browsing dodgey sites. Ypu'll be clean on your end it's up to the sites you visit to keep your privacy in check.

[SUMO61]

Thanks all, great advice and much appreciated

[DUX]

Fuckety fuck - AW credits , yes, a long time ago though...

Yep - own domain too 

Think i'll close the AW account now, although I suspect the horse has bolted there with that one.

Life was simpler with Classified Ads and massage parlours..

Buying AW credits isn't an admission to seeing WGs.  There's other things on the website like web cams, phone chat etc

[SUMO61]

Good point Dux 

[claretandblue]

Buying AW credits isn't an admission to seeing WGs.  There's other things on the website like web cams, phone chat etc

Agreed I think as long as you are good at lying that would be a reasonably simple thing to get round "oh I was horny one night and wanted to do a webcam with the girl off babestation"

[Speedy12]

* for the tech-savvy - I have a very random email address for AW, no give away in the title and registered with Hotmail under an alias name. I guess the weak link is the IP address. Can that track back to the real me or would that be beyond all but the very determined?

You can use TorBrowser, it will hide your real IP address and you can't be traced. Also you can install a tool called FreeDome which also hides your IP address and encrypts all traffic (TorBrowser just hides IP address for browsing, not everything else on your PC that may use internet). It costs £40 a year but is well worth it. You can safely use public WiFi and nobody can spy on what you are doing.

[Speedy12]

Something else to point out, when you delete anything from your PC is is not actually deleted. The file stays on the hard drive, it is just flagged as deleted and the system doesn't display it anymore. But it is still there, So every image, cookie and anything else downloaded (intentionally or not) from any site you ever visited can be recovered from your hard drive using specialised software.

Some may think this is over the top but imagine this scenario, you visit what looks like a legit porn site, some images on the page, thumbnails perhaps, which are illegal (underage or extreme porn) are downloaded to your PC. You may not even see them, they are way down the page. You close your browser, clear cookies and delete all browsing history and cache. All those images are still sitting on your hard drive and could be recovered anytime in the future. 5 years from now, you are investigated for a totally different matter (e.g. fraud, online harrassment, or anything which causes the old bill to take your PC to be investigated), they will find all this stuff!

[DUX]

Something else to point out, when you delete anything from your PC is is not actually deleted. The file stays on the hard drive, it is just flagged as deleted and the system doesn't display it anymore. But it is still there, So every image, cookie and anything else downloaded (intentionally or not) from any site you ever visited can be recovered from your hard drive using specialised software.

Some may think this is over the top but imagine this scenario, you visit what looks like a legit porn site, some images on the page, thumbnails perhaps, which are illegal (underage or extreme porn) are downloaded to your PC. You may not even see them, they are way down the page. You close your browser, clear cookies and delete all browsing history and cache. All those images are still sitting on your hard drive and could be recovered anytime in the future. 5 years from now, you are investigated for a totally different matter (e.g. fraud, online harrassment, or anything which causes the old bill to take your PC to be investigated), they will find all this stuff!

Sound advice. I would say that it's quite easy to avoid such dodgy sites though if you're sensible. Stick to the main sites or if do doing a search using the Bing search as it apparently filters out the unpleasant sites that I would certainty want to steer clear of.

These investigators would understand how the internet works in great detail though and if you were unlucky enough to find yourself in the situation above I reckon there would be leeway on a small amount of dodgyness found. Most of the time these people who are prosecuted have thousands of these pictures so it's very clear cut in these cases that it isn't an accident.

[CoolTiger]

Something else to point out, when you delete anything from your PC is is not actually deleted. The file stays on the hard drive, it is just flagged as deleted and the system doesn't display it anymore. But it is still there, So every image, cookie and anything else downloaded (intentionally or not) from any site you ever visited can be recovered from your hard drive using specialised software.

Some may think this is over the top but imagine this scenario, you visit what looks like a legit porn site, some images on the page, thumbnails perhaps, which are illegal (underage or extreme porn) are downloaded to your PC. You may not even see them, they are way down the page. You close your browser, clear cookies and delete all browsing history and cache. All those images are still sitting on your hard drive and could be recovered anytime in the future. 5 years from now, you are investigated for a totally different matter (e.g. fraud, online harrassment, or anything which causes the old bill to take your PC to be investigated), they will find all this stuff!

Sound advice. I would say that it's quite easy to avoid such dodgy sites though if you're sensible. Stick to the main sites or if do doing a search using the Bing search as it apparently filters out the unpleasant sites that I would certainty want to steer clear of.

These investigators would understand how the internet works in great detail though and if you were unlucky enough to find yourself in the situation above I reckon there would be leeway on a small amount of dodgyness found. Most of the time these people who are prosecuted have thousands of these pictures so it's very clear cut in these cases that it isn't an accident.

Wouldn't CCleaner get rid of these?

[Speedy12]

Wouldn't CCleaner get rid of these?

Only if you tick the option to clean the hard drive which is unticked by default. This will increase the time for the process to complete by a couple of hours.

[CoolTiger]

Only if you tick the option to clean the hard drive which is unticked by default. This will increase the time for the process to complete by a couple of hours.

Thanks for that. Will tick it once in a while, when I'm about to pop out, or leave for the night. Cheers.

[Plan R]

Technology will sink ya! (If your not careful)..

Feature phone for me all the way - that's both for regular use and my punting phone.
Its not like I've got anyone to snoop on me - I just object to bloody smart phone intrusions in general.

I also use a 'live'  operating system when browsing on a laptop or computer.
This one is very good External Link/Members Only

There's no 'history' issues with 'live' operating systems because;
You plug the usb (or cd) into the computer, switch it on, then the whole operating system loads into the computers RAM as it starts up!

When you switch off the computer - the operating system ceases to exist (browser, video player, history, everything), because it only ever existed in RAM in the first place..

Safe from the Mrs ++ you can never get any viruses.
In fact you could tell the Mrs to use the live operating system too, to cut down on viruses.

You could even run it on a laptop with no hard drive whatsoever - it would work just the same 
Lovely jubley.. 

[Hobbit]

I HIGHLY recommend you download these apps if you own a windows PC.

Ccleaner (Free)
Adwcleaner (Free)
Malwarebytes (free but suggest the premium, use a torrent or something, it's easy to get for free...)

Trust me on this. Couple these along with a Virus scanner and you are good to go. Please note this is more for the computer side, making sure you don't get hacked/subjected to adware or having suspicious files on your PC due to browsing dodgey sites. Ypu'll be clean on your end it's up to the sites you visit to keep your privacy in check.

You are having a laugh right? You need much more than that to keep your identity safe!

[hgivv]

You are having a laugh right? You need much more than that to keep your identity safe!

tbf to heisenberg, he did say "Please note this is more for the computer side".

Just reading through this thread (and as your comment highlights) clearly indicates that much more needs to be done if you're set on reducing your chances of being caught/discovered - you'll never be able to eradicate everything though: your digital footprint (likes, preferences, habits, style of writing etc) has already been captured, but for the most part will only be accessed by those that need to and the honest punter isn't on their list.

And if your other half works for GCHQ or similar? Well you'll probably be fucked, but not in the ways you'd think.

[jikthesik]

Maybe use a VPN if you want to cover your IP?

[Speedy12]

You need to balance the risks with your personal situation. If you are a multi-millionaire and stand to lose 50% of your assets if the wife divorces you, then covering your tracks is much more important than if you are a single man!

[TheNewSeeker]

You need to balance the risks with your personal situation. If you are a multi-millionaire and stand to lose 50% of your assets if the wife divorces you, then covering your tracks is much more important than if you are a single man!

Very true; but personal data on punting sites may come out in 10 years time (name, address, credit card number) and your circumstances might not be as they are now.

Tread lightly comrades, leave no footprints.

[Speedy12]

Very true; but personal data on punting sites may come out in 10 years time (name, address, credit card number) and your circumstances might not be as they are now.

Tread lightly comrades, leave no footprints.

Yes, look at the External Link/Members Only. I would not be in the least bit surprised if Adultwork data is stolen and leaked eventually. There have been many instances of the site being down due to a "DDOS attack".

[potato]

Using a VPN service is more secure than Tor.  Tor is slower due to the multi-node system it uses to hide your IP AND the big problem is  the exit node ( the one before you receive the data back) is UN encrypted....   That maybe fine if you are using a https site but dangerous if its only a http.  You have to appreciate that ANYONE can set up a TOR Exit Node - that includes Hackers, Government Agencies, The Police etc.,   How many do you think they have on the quiet?

Your ISP may not be able to tell what site you are using but they do know that you are using TOR  ( many block it ).

VPN's are much safer and the data is fully encrypted all the way. Its faster as there are less computers in the chain and most include malware checking to protect you against dodgy sites.   ISP's don't tend to block VPN's a many people use them to VPN to their workplace for home working.   All the ISP's see is encrypted data from the "middleman" IP.

[a_test_person]

Yes, look at the External Link/Members Only. I would not be in the least bit surprised if Adultwork data is stolen and leaked eventually. There have been many instances of the site being down due to a "DDOS attack".

Looking at the horrendous state of the aw website i'd be very surprised if there aren't multiple known exploits out there already being used in a targeted fashion. It looks like a 90s sql injection wet dream.

Worth checking this: External Link/Members Only

They seem candid about some things such as known Phishing attack vectors

[SUMO61]

I thought about this a bit more...

Given that AW front up escorting on an international scale, i'm not to sure the criminal fraternity would be too happy to have their customers and money supply compromised.  There must be a huge amount of money involved in the whole food chain, despite the " independent" status of those involved.  I just don't believe there isn't a significant criminal sub-set operating, linked to AW.  It's not just a shop window for single mums earning a bob or two from tit wanks..

Don't think it would be a great idea for a hack.

Imagine a very pissed off group of Sergei's coming track down the hackers. They could never sleep easy again..

[webpunter]

Maybe if the person looking happens to be MI5.  Cases where people have used internet @ work where the company is at a more remote address on a fixed line can cause some problems.  Otherwise usually this just shows the approx area - where the main BT openreach server is located.  If people are that concerned then best to give up punting.  Some members get paranoid about the whole security thing & this in itself becomes an obsession.  In reality no one is remotely interested.  Gives them sumfink to focus on - whatevva keeps em happy.  There is a very long list of other ways to get caught & much better to focus on these IMO

Simply, yes your IP address can track back to you. Or rather your internet service to your house. But it depends how paranoid you are about these things? What are you wanting hide yourself from?

[Speedy12]

I thought about this a bit more...

Given that AW front up escorting on an international scale, i'm not to sure the criminal fraternity would be too happy to have their customers and money supply compromised.  There must be a huge amount of money involved in the whole food chain, despite the " independent" status of those involved.  I just don't believe there isn't a significant criminal sub-set operating, linked to AW.  It's not just a shop window for single mums earning a bob or two from tit wanks..

Don't think it would be a great idea for a hack.

Imagine a very pissed off group of Sergei's coming track down the hackers. They could never sleep easy again..

I don't think any of the above will worry them in the least. AW is a perfect site to hack, gather the data, identify the people using it and blackmail them. There must be so many people on the database who badly don't want their details released.

[Speedy12]

Adultwork's Twitter account is currently warning about a bogus SMS message doing the rounds trying to trick people into clicking on a link to verify their account. The question is how does the person sending the messages know what mobile phone numbers to send them to? Unless they've got their hands on a copy of the user accounts.

External Link/Members Only

[Buttons]

Adultwork's Twitter account is currently warning about a bogus SMS message doing the rounds trying to trick people into clicking on a link to verify their account. The question is how does the person sending the messages know what mobile phone numbers to send them to? Unless they've got their hands on a copy of the user accounts.

External Link/Members Only

I think this is a fairly regular occurrence, I've seen escorts and cam girls etc warning others many times on Twitter. I've even seen ladies ranting that they had fallen for it, and their credits had been cleaned out.

Also it doesn't mean that anyone has got their hands on any accounts. It could be a Phishing attack, i.e. use a random phone number generator and hit as many numbers as you can. Or more likely, numbers copied from AW profiles or other escorting web sites, where the escort freely advertises her number.