Online security in furry fandom
Hopefully, all Internet users have, by now, heard about the United State's widespread spying programme which has recorded huge volumes of data passing through America. Just as concerning is the looming, default porn block in the UK which will not only block porn by default but also violence, alcohol, smoking and Internet forums, among other things. These programmes should be of major concern to all Internet users. They are also a perfect opportunity to talk about online security.
The first step is to limit what you make available. The furry fandom is a great place to make friends, meet up with in real life with people with similar interests, to engage with a creative community and even to make some money. However, there is a very real risk of furs being too open. As we've integrated the Internet into society, particularly websites such as Facebook, we forget warnings that used to be commonplace.
Here's a version of the guidelines I made for a forum I moderate which make a good starting point for staying safe online:
- You can't trust everyone on the Internet, even furs. This doesn't mean you must be paranoid — but do be cautious.
- Don't give out your real name, photograph, telephone number or address until you can be confident that the person can be trusted.
- Likewise, don't post your personal information where it will be available to the public.
- Separate your furry identity from your real identity as far as possible.
- If you're meeting someone you know from on-line, don't go alone; meet in a public place and let someone know where you are going.
These are not hard and fast rules, just recommendations. For example, professional furry artists will necessarily be more forthcoming with their real name and how to contact them. For the average fur, it is unnecessary, and potentially dangerous, to put your real name out there.
The furry fandom is not the most popular fandom on the Internet; furry sites and users are sometimes the targets of hacks and DDoS attacks. You can avoid some of these by using HTTPS to encrypt your connection to the website, preventing malicious users from intercepting your communication and perhaps stealing your credentials or other private information. SoFurry, Inkbunny and Fur Affinity all support HTTPS [as do WikiFur and Flayrah], although only Inkbunny enforces its use.
Just as useful is the ability to encrypt your emails and instant message conversations for the same reasons. Unfortunately, how to go about doing this will be different for different protocols, clients and devices. In addition, both you and the person you are communicating with need to have encryption available. Some protocols should already be encrypted, such as Skype – but it's worth keeping in mind that they (and all American companies or U.S.-hosted services), must comply with NSA orders; Skype text chats, audio and video calls can be tapped.
While I doubt there are surveillance programmes focussed on the furry fandom we must bear in mind that the fandom is spread across the globe. While that is an amazing and wonderful thing, it also means that furs are subject to a wide variety of laws regarding content and it may be that such programmes might eventually be turned against them. The UK looks most likely to go that way at the moment, but we mustn't forget that erotic anthropomorphic comic strip Omaha The Cat Dancer had legal issues in the U.S., New Zealand and Canada due to perceived obscenity.
Similarly, and more recently, U.S. obscenity laws have been applied to novels in a Georgia court. Both erotic art and stories play a sizeable (if at times controversial) role in furry fandom. It is possible to see a scenario where government surveillance might be used against the fandom. Depending on how you feel about government oversight, obscenity and privacy you will no doubt view these situations differently, but this is an ideal time to begin a discussion on security in the fandom.
About the author
Rakuen Growlithe — read stories — contact (login required)a scientist and Growlithe from South Africa, interested in science, writing, pokemon and gaming
I'm a South African fur, originally from Cape Town. I'm interested in science, writing, gaming, all sorts of furry stuff, Pokemon and some naughtier things too! I've dabbled in art before but prefer writing. You can find my fiction on SoFurry and non-fiction on Flayrah.
Comments
I link my real name and my fursona. I don't see the harm in it. I'm 27 though. That may have something to do with it. Sorry, it's 6 AM ET and I'm just a little tired.
It's not necessarily harmful on it's own but it can be. For example, if you are bothered by trolls online that's one thing. If the trolls know your real name and start bothering you in real life, that is a lot worse. If someone thinks furs are disgusting and happens to be looking to hire you or is your boss, it could have consequences for your job; whether what he thinks is true or not.
I'm not saying anything like that is going to happen but those are potential risks which should at least be considered and weighed against whatever benefit using your real name has. In a perfect world it wouldn't matter at all but we're not in a perfect world.
"If all mankind minus one, were of one opinion, and only one person were of the contrary opinion, mankind would be no more justified in silencing that one person, than he, if he had the power, would be justified in silencing mankind."
~John Stuart Mill~
Hey there,
On trolls: If they are stupid enough to harass you in real life, then they deserve to be arrested.
On jobs/HR/bosses: I hid my furry self from public view for years, and it was the most depressing thing. My policy is that I'm an open book and you can always ask me anything. I would rather people ask me about it than make assumptions. If they make false assumptions about me regarding furry and don't see all my other qualifications, I wouldn't want to work with/for them anyway.
Totally agree with you here <3
On jobs/HR/bosses:
Hear here! The personal cost of hiding underground is an issue for many, yet it doesn't seem to get a lot of airtime. I know people who are depressed from leading double lives and not being able to be more honest about all that they are, yet I see Furries insist that 'you should only be Furry with other Furs, like the rest of us'.
Not everything works for everybody, thanks for pointing that out, BlindWolf8.
Boomer
Actually it has been revealed that encrypting only puts a flag of suspicion on your messages. NSA has some of the best encryption geeks in the world, so they'll probably break it.
The only way encrypting would become effective is if every user in the world started to do it all at once. But that would require coordination that would be neigh impossible.
So my recommendation would be not to do it. If they want to know you're having cybersex with someone playing as an animal, well there isn't anything illegal about that, however if the user is doing as you suggest and keeping their furry self hidden from the world if a government organization wanted to blackmail you by threatening to reveal that hidden aspect of you, they could. I can only really see them doing that though if you became a political inconvenience for them.
We're living in a world now where it seems, like it or not, we have to be prepared to have the most socially inconvenient things revealed about us at any moment. So if you keep your furry and IRL identity separate then that is fine, I've been quite successful and content doing that on my own. (I myself have found it useful for my OWN information gathering purposes, knowing where the people around me stand on the furry culture in a raw/unbiased manner. People tend to be nicer or meaner to people they KNOW are something depending on these feelings). However, be aware that you need to prepare your case, if someone does find out, don't treat it like a big deal and they will probably not. Prepare yourself mentally for that event, because it's going to happen. If it doesn't in your life, it'll probably happen after your death.
More often then not it will be your friends who reveal who you are unknowingly. If you have local meets and your family is also local if your group goes out anywhere there is always the risk of bumping into a family member or friend of the family while you're hanging out with those people wearing tails.
I currently KNOW where my greatest vulnerability is to my IRL identity is, but if it happens at this point, it happens. I prepared myself by doing nothing that I regret online. My fursona isn't in risque pictures, my words have been probably more professional than even most non-furry internet users.
I am fortunate though to have a family member who also engages in the fandom, so even though I'm underground I do have a IRL contact that I can trust and has a good head on their shoulders.
And if simply being a furry is your MOST socially inconvenient aspect of yourself you've done online, then well, that's not something to be ashamed of.
A lot more stuff is being encrypted now and lots of sites support ssl encryption, so I'm not sure it's as much of a red flag as you suggest. Obviously encryption can be broken but if it's done well (really not much point doing it any other way) it'll be enough effort that no one will bother to do it unless it's really important to them. That said, while keeping stuff hidden from the NSA and similar organisations is a good motivation, it's probably not something anyone here needs to worry that much about. For the average fur encryption is just a good way to go from a general security point. Especially when it's something simply like using https instead of http, one is safer and the effort to switch is minuscule.
I'm less worried about people finding out I'm a fur (when I did honours I used the furry fandom as the topic for a five minute communication exercise. One guy in the class later said he thought about asking about yiff but didn't. It was an aspect I left out of the talk), than some furs and trolls finding out who I am. I'm not ashamed of my furry side but I also don't see the need to complicate things.
While I doubt I'd have too much of an issue from friends and family that's not always the case for everyone. If someone is a gay or atheist fur and that gets revealed, it can cut them off from their community or even get them kicked out of the house. Revealing personal information should be the prerogative of the individual but, as there are people that don't understand that, it's necessary to prevent it.
"If all mankind minus one, were of one opinion, and only one person were of the contrary opinion, mankind would be no more justified in silencing that one person, than he, if he had the power, would be justified in silencing mankind."
~John Stuart Mill~
This is factually wrong. The attitude behind it is dangerously wrong.
As part of a secure system, cryptography works. In fact, it is usually far easier to attack a secure system at the endpoints than to try to forcefully decrypt the ciphertext.
If the NSA were to decide to expend computing power trying to brute-force your secret keys, then that buys you a few years, depending on algorithm and keyspace. However, while they can store all encrypted communication (at least for which they don't have access to keys), they still don't have nearly the computing power to forcefully decrypt all of that information. That treatment is probably only reserved for people they actively hate.
It's certainly true that metadata can be just as damning (or falsely damning) as the contents themselves, but if you're just talking about contents, then the cryptosystems can in fact meet (and likely exceed) their performance characteristics.
In any case, as I said above, holding an attitude which discourages use of cryptosystems is dangerous. Even if that's not your intention, encouraging everyone to demand proper crypto out of their software is vital for privacy going forward.
Well, I was dangerously wrong, but now I wish I still was wrong...
http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security
I hate being right sometimes--
Encryption should be considered non-existant when it comes to the NSA or GCHQ. It is still recommended for the smaller fry.
Think of it this way I suppose, just because you can get cancer doesn't mean you should think your immune system worthless. But if you expect your immune system to stop cancer, you're kidding yourself.
I did see a comment on the New York Times original story that points out that the article never says what was actually broken or exactly what that means. Encryption will still help, though perhaps not as much as it should. Considering that and how the NSA has apparently broken US laws and international treaties I've got no trust in American things now. That's also why the PRISM Break site suggests moving to non-commercial programmes. Those are possible more secure. Although it's scary to see that security enhanced linux was designed by the NSA and the AES encryption protocol was also partly authored by the NSA.
"If all mankind minus one, were of one opinion, and only one person were of the contrary opinion, mankind would be no more justified in silencing that one person, than he, if he had the power, would be justified in silencing mankind."
~John Stuart Mill~
I see no point in trusting no one and moving underground. Undue panic will only ruin people's lives. The fandom shouldn't panic.
I plan on sticking around, I haven't done anything worth jail time and politically I'm mostly harmless.
Ladies and Gentleman, Welcome to the world of Censorship and 100 % control, no personal freedom and hiding your true self (By hiding part of you) due to government control and society.
This is our world now.
Kind of sad, isn't it? People need to stand up against so much corruption to change it though. If not, one way to end it, would be something... that not everyone will like happening to the world. Hehe. :)
Account abandoned and probably will make a new anonymous account with no trace of evidence of it being me. I think it's justified.
I think it is all vote farming and nothing will really be done. I don't trust a government designed system to be able to stand up to a tech savvy 12 year old. Also, it is always cheaper to make people think they are being watched, then to actually watch them. Frankly, the Government has no interest, nor benefit to watching its populace like we all think it does, or wants too.
It is like the South Park episode. The government didn't actually conspire to set up 9/11, it just wants people to think it did so people would think the government was competent enough to do so.
For the life of me, I can't wrap my head around why anyone would think that the government gives a crap what some furry in their twenties is emailing to other people. They're far too busy changing up the security on their own systems four times a month after China repeatedly hacks into their systems to care about what we're doing (and no I am not exaggerating--the military still insists on using internet exploder for goodness sake, their techies are pretty much worthless at anything except making it a huge headache for soldiers to access their own accounts).
I mean yeah if you're some high profile activist, /maybe/....but the average person? I don't know whether that would be considered narcissistic or just plain paranoid.
Yeah it's a good idea not to share all of your personal information willy nilly where it's public and sites like Spokeo or Peekyou can harvest it all and present it to identity thieves in one nice, convenient package; that's a bit bigger of a risk factor for the average nobody than being spied on by some super secret agency.
And yes, if you're looking for employment and once you're employed, assuming you give a crap about keeping a regular income, you really don't want your employer and coworkers to find out. I had a pretty bad scare when I first started my job, as I have a coworker that looked up 'furry' (after a student used her computer and was looking at furry related stuff I'm assuming) who is now convinced that being a furry means you're into beastiality. I certainly wasn't going to speak up--not with my job (and apartment, due to my situation) on the line. Better for her to get to know me and maybe accidentally find out someday down the road, when she realizes I'm just a normal person like anyone else (and well after I've proven my worth in the position). That's called being an adult and not taking unnecessary risks for a cause that just isn't worth losing your main source of income over. Besides, as a professional, why does it even matter what my hobbies are? It doesn't. It has no place in the work place; in fact, regardless of your fandom or hobbies, it's just a smart idea to keep the two lives separate, if only for the sake of professionalism.
annnnnd wow I really didn't mean to go on a tangent there, but it is what it is.
I didn't say they would necessary be looking specifically for furs. Even if there's no one out to get you, you still lock your doors at night. You can be the victim of a random crime or involved accidentally. I did make the point that the "I doubt there are surveillance programmes focussed on the furry fandom" and that, regardless of whether the US government cares about what we are doing or not, it's a good time to talk about security. As I said, hackers are more of an issue and if people haven't thought about these things they just make a hacker's life easier.
So if you don't use https it's easier for identity thieves to use steal your information. If you don't have proper passwords, other people could hijack your connections. You might not even know it's been done until the FBI shows up at your door because they've seen your connection looking for child porn. These things will probably not happen, as most people will not be burgled, but we need to talk about risk reduction and, in the case of government surveillance, basic civil rights.
"If all mankind minus one, were of one opinion, and only one person were of the contrary opinion, mankind would be no more justified in silencing that one person, than he, if he had the power, would be justified in silencing mankind."
~John Stuart Mill~
Of course internet security is important. I'm not arguing that at all (I do believe I mentioned that in my original rant?). But it amazes me how many people will lecture this stuff yet overlook the fact that the biggest weakspot in any account is the security question. Make your password as convoluted as you like, someone is still going to get into your account if the answer of your password reset security question is something A) easy to guess, B) common knowledge to your friends/family/fandom buddies or C) easy to look up on that myspace profile you forgot you had.
More and more websites are finally getting this and changing the way these systems work (thank god) but all it takes is someone getting into your main email address through that back door and you'll have a whole lot of mess to clean up. And believe me, you don't have to be a talented hacker to manage it.
So--Moral of the story: Use the security question field like another password. Pick a random question and stick another password format jumble of letters and numbers in there. That's one of the most basic and probably most important ways to protect yourself that no one ever talks about.
This is exactly what I teach in my class. Great minds....
Unless your hobby is watching sports, then you can talk about it all damn day even when you're supposed to be doing your job XD
I once got into an argument about Captain America's creator (not Stan Lee!) with a sports editor. Sports editors/reporters/sportscasters come in two varieties; reporters who don't really know much about sports but need the job, and sports people who don't really know much about reporting but need the job.
That doesn't really have a point (it's just a funny story), but I'll try and make one anyway; hobbies are pretty safe conversations at most "white collar" jobs. Sex, porn and what you find sexy (as long is it isn't too extreme) is also usually completely okay in "blue collar" jobs, in my experience.
Yes, but not when you work for a school and also around animals. Then it's a pretty big deal what someone *thinks* you're doing in your spare time, regardless of whether or not they're actually right (and in a small community where everyone knows everyone, to boot). :p Just isn't worth it if you want to keep your doors open.
Also darn I forgot to uncheck the notify box so my email is getting spammed. Boop.
Like fbi agents would have enough time to be watching over the shoulder while someone pretends to be another species on the internet. Well you wouldnt want to go into a machine harvested file or make yourself a target in case you want to work for the government or run for office. But mostly forget the government, I think Rakuen is most concerned for jobs. And porn. And trusting other furries with personal info. Loveable nuts include some who are just nuts.
A relevant discussion: Cracked’s podcast discusses not the NSA, but the way different people react to privacy issues. Basically, there’s a generation gap; 70s kids are scared of it, 90s kids are at most annoyed, and 80s kids can kind of go either way. The thing is, it's not just the government monitoring us; our products do. Google, FaceBook already save our information for their own uses; stores have cameras. Younger people are used to being monitored; 1984 featured monitoring by the government, and that was scary, but it turned out we're being monitored on a 1984 level by our video game consoles. And we like our video game consoles; loss of privacy is just part of the price tag.
The modern state of privacy I think would be most accurately descriped as a world wide sonar.
AKA: you can see everyone on facebook, but only if YOU get a facebook account yourself.
While many complain that the government has more searching powers and such, I think this may be the first time since the inception of government that the citizen is almost on a level playing field with the government in terms of being able to scope out information.
Sure 'big brother' may be watching you, but a majority of citizens have a device that can shoot video that's the size of their palm. So in essence everyone can watch them back. I assure you, in the 60s big brother still existed, but you couldn't record them in action unless you had a 30 pound hunk of equipment. Not really discreet.
Actually, they talk about that in the PodCast; everyone having a device that can shoot video that's the size of their palm is just as scary to the 70s kid as the government stuff. There's no reason to think your drunk rant on why the Holocaust wasn't such a big deal (that you were trying to be funny but failing because you were drunk) may not be posted to the Internet and then become an out of context viral sensation that turns you into the poster child for Holocaust deniers. Which will almost certainly hurt your dating prospects, if nothing else.
It could be argued that the new technologies don't even the playing field between Little and Big Brother; it just means that are that many more Big Brothers out there. Heck, this kind of Big Brother could be worse; the old Big Brother had a motivation (power), but the new Big Brother just kind of strikes at random.
with complete relevance to the uk porn block, i post this forbes link:
http://www.forbes.com/sites/timworstall/2013/12/25/the-best-story-yet-about-the-...
not only is it relevant but funny as well. the article tells how the uk porn block backfired on them, and how a way was found to completly bypass it in 24 hours after it went live
Post new comment