Sam Bent

@doingfedtime
196 Followers
5 Following
1,081 Posts
Agorist. Counter-economist. Privacy maximalist. Student of OPSEC. Anti-authoritarian. Free speech absolutist. Logician. Ex-Darknet Vendor. Youtuber.
YouTube Channlehttps://www.youtube.com/@Sam_Bent
My Sitehttps://www.sambent.com
Twitter/Xhttps://twitter.com/DoingFedTime
Video Sitehttps://sambent.video
Sam Bent9h ago

DNS cache poisoning attacks and DNSSEC weaknesses.

"The DNS infrastructure is vulnerable to cache poisoning attacks that can redirect users to malicious sites."

- 𝗜𝗻𝗰𝗿𝗲𝗮𝘀𝗲𝗱 𝗗𝗡𝗦 𝗙𝗼𝗿𝗴𝗲𝗿𝘆 𝗥𝗲𝘀𝗶𝘀𝘁𝗮𝗻𝗰𝗲 𝗧𝗵𝗿𝗼𝘂𝗴𝗵 𝟬𝘅𝟮𝟬-𝗕𝗶𝘁 𝗘𝗻𝗰𝗼𝗱𝗶𝗻𝗴 by David Dagon et al. (2008)
https://astrolavos.gatech.edu/articles/increased_dns_resistance.pdf

Show threadSam Bent17h ago
The first 30 minutes of OSINT on anyone uses entirely free, publicly indexed sources. Voter registration is searchable by name in most U.S. counties. Court records are public. Data brokers aggregate all of it. The investigator isn't hacking anything.
Sam Bent17h ago

#OPSEC365 072/365

A skilled investigator doesn't start with you. They start with a name and a zip code.

In the first 30 minutes: ThatsThem links your name to a phone number. That number pulls your address history from Whitepages. Your county clerk has your voter registration with your exact address. PACER surfaces any federal court involvement. Google indexes you across everything.

You've been profiled before they've spent a dollar.

Sam Bent1d ago
The government will let corporations pump high fructose corn syrup into everything on the shelf, despite heart disease being the #1 killer in America. But you need $35,000 in permits to sell homemade salsa to your neighbor, because you never paid off Congress with lobbyists.
Show threadSam Bent1d ago
If you need receipts for warranties or returns, photograph them immediately before they fade. For privacy purposes, understand that keeping or discarding receipts doesn't affect the digital records that exist. Cash purchases at stores without cameras create the fewest records.
Sam Bent1d ago

#OPSEC365 071/365

Thermal receipt paper fades, but the transaction record doesn't.

That receipt you kept for warranty purposes will be blank in a few years. Meanwhile, the merchant, the payment processor, and the bank all have permanent records of what you bought, when, and where. The paper is ephemeral, but the data isn't.

Stop relying on receipts for records and consider what permanent transaction logs exist about you.

Sam Bent2d ago
Anyone with an internet connection can search your Bitcoin balance, trace your transaction history, and link it to your identity
but tell me again how "number go up" makes that a feature and not a catastrophic design flaw.
Show threadSam Bent2d ago
Black and white laser printers generally don't include these dots. If you must print anonymously, use a printer you don't own, purchased with cash, from a public location. The EFF maintains a list of printers known to embed tracking codes.
Sam Bent2d ago

#OPSEC365 070/365

Most color printers embed invisible tracking codes on every page.

These machine identification codes, also called printer dots, encode the printer's serial number and timestamp on every printout in a pattern invisible to the naked eye. The NSA leaker Reality Winner was caught partly because of these dots.

If you're printing something sensitive, know that the printout itself may identify the printer used.

Show threadSam Bent3d ago
Some gyms sell aggregated data to brokers. Others have been breached repeatedly. If your gym requires a membership card, you're logged every time. Vary your schedule occasionally, or choose gyms with less surveillance.