Ladies and gentlemen, it's time to talk about keeping yourself safe on Datalounge.
Datalounge is an anonymous forum, and I'm betting most of you rely on that fact to keep yourselves from dealing with the repercussions of what you've said.
The chances of anyone doxxing you on Datalounge are probably pretty slim. Remember, everyone that we know the government name and identity of on DL is someone who told us themselves. They linked to news articles with their names in them, Facebook accounts, Change petitions, personal social media, or any number of things that identified them. As long as you don't do that yourself, you're probably good.
However, it has to be noted that we have some trolls who are very interested in getting your information, and you should try to protect yourself, at least a little.
Bottom Line: Use a VPN, and Don't Post Any Personal Information
This includes replying to any of those threads asking where you live, what your job is, where you graduated from high school or college, what your astrological sign is, did your grandmother have a strange name, or anything like this.
The person who used to post results from FaceApp (but not, to my knowledge, the person who posts ReFace results, so please don't get confused and obnoxious and accuse them of anything) once posted threads asking where people lived, and then admitted within the threads that they were using a packet sniffer to detect locations of users.
Why does this matter? Every time you interact with a website, a packet of information is sent, usually including your IP address along with other info. What this user was doing was getting replies indicating where a user lived, and then comparing them to the packets of data that were being sent to Datalounge. By doing so, they could match someone who posted "I live in Philadelphia" with a packet that came in with an IP address that resolved to Philadelphia.
It would be trivially easy to take that IP information you just got from a packet, use ignore-dar, and cross-reference that with any other personal information the Philadelphia poster happened to give out on the forum, and get a pretty decent idea of who they might be.
The person who said they were using a packet sniffer is still posting. Their threads were deleted, but Mediapolis did not ban them.
Further, most people who are up to no good don't admit it. If you can see one person skimming data on the forum, there's probably 100 of them in the background that you don't know about. You know, like cockroaches.
Also, there are a few forum members who overshare so much that, even though I don't want the information and never looked for it, I know quite a bit about their personal lives. There's no way to give an example without potentially revealing someone's information, but I will say that one person has posted so often about their past employment that someone could probably find them if they were on LinkedIn.
Just imagine what someone who has bad intent could do with that information.
Not only that, but think about what someone could do with just vague information about you, that they gleaned from the forum. Let's say that over the course of a couple of weeks, you posted that you work in finance, live in Indiana, have a husband and two dogs, and volunteer at the local food bank. One day, you jokingly post that you think George Clooney -- as a totally and completely random example -- is handsome.
The next thing you know, someone on the forum who hates George Clooney has figured out your IP address and has started spoofing it when they log into DL. They post about how much they love puppies, and how they're going to volunteer at the food bank next weekend, and also going to Splashin' Safari this summer. They take credit for little things you've posted here and there.
Then, after they've made it look like they're you, they start posting very specific threats against public figures and certain demographics.
You won't even realize it's happening, probably, but you may end up with a visit from some people who have some concerns about hate crimes and threats they think you've said online.
Finally, and with apologies to the person I'm quoting, I'd like to mention this, which is a thought I see on the forum a lot.
This is not actually true! There are profiles. All DL users have to sign up with an email, and everyone has to choose a username, also known as a redname. If you've ever posted with your redname, it can be clicked on and it will take you to your Datalounge profile. Here's Muriel's.
Also, everything that can be seen when using ignore-dar is, for all intents and purposes, a profile.
Using a VPN is good, but it's not protecting you much. I am very much suggesting that you to use a VPN, and you should, but it's only giving you some protection. Bad actors using packet sniffers or other methods to get your IP address and various bits of information will be thwarted, mostly, but the people who work behind the scenes at Datalounge and Mediapolis will know who you are.
That's why, if you're using sockpuppets to flag posts, troll, or what have you, even if you're using separate browsers with separate VPNs on each, plus throwaway email accounts, it's almost certain that any Mediapolis employee looking through the website's dashboard and statistics will figure out what you're up to.
What you need to remember is that Mediapolis knows Datalounge is mostly trolls. They're not being fooled by the trolls, they simply do not care that it is happening.
More to the point, as far as your personal information goes, if someone actually hacks into the website and gets access to that backend information, a VPN won't help you much.
Further, when you sign in, even if you use a VPN, your email address and password are not exactly protected. Wireshark provides password sniffing easily to even newbie hackers, and once someone has both your email address and password, it doesn't matter if they know your IP address or not.
Do you pay for Datalounge? When you enter your Stripe payment information on the website, it's sent via packet, just like all your other data. Hopefully it's more secure, as payments are made using Stripe's proprietary security features.
When you use Datalounge, you need to be aware that you're using it with the understanding that there are bad actors of dubious mental stability who are often looking to figure out who you are, in real life. You need to understand that a lot of information is being gathered, even if you've used a throwaway email to sign up and a VPN to log in.
This is actually true of every website, and I highly recommend everyone using the basics of internet security to protect yourself.
