Some basic forum (and internet) precautions

Please feel free to read, share your thoughts, your stories and connect with others!
User avatar
Gaelen
Posts: 3833
Joined: Fri Jun 13, 2008 12:57 am
Location: CNY
Contact:

Some basic forum (and internet) precautions

Postby Gaelen » Tue May 15, 2012 2:15 pm

There are a lot of newbie (just a month or two) registrants posting on the forums these days, and as I was catching up on threads this morning, I was noticing a lot of things that can really put an individual's privacy at risk. I don't know if that's because people aren't used to posting on forums, or aren't used to taking some basic privacy precautions - but either way, the behavior can really compromise you in ways you weren't expecting. So I thought I'd repost this from another privacy discussion we had after an attack of spammers in 2010 - unfortunately, it's all still true today. :(

= = =
All forum software has weaknesses...phpBB, which is the software Colon Club uses, is not the strongest software out there. However, with any internet access or website software, the main reason that a hacker can get in is that the site is not using the most up-to-date version (which theoretically has the most up-to-date spam and hacking protections.) This board's copyright notice says 2007, which could mean it's not running the most current and most secure version released earlier this year, or any of the four versions released between 2007 and 2010 - unless the most current version was installed and the copyright notice didn't update. In my experience, phpBB and other forum software updates the year in the copyright notice with every version upgrade...but only if the upgrade has been installed.

However, a few things to be aware of that can make your forum experience safer or riskier, depending on your choices...

1) This is a highly searched forum (those MSNBot users at the bottom of the topic list are not human beings.) Everything you post here is captured by these spyders - including your usernames, your posts, your links to your profile. If you don't want to let the world know where you live, or other intimate details of your life, keep the parts of your profile that show up on every single post a little obscure. Put "northeastern US," not your specific little small town plus state.

2) People here tend to use their real names in conversations. Even if they have a screen name, they slip into calling each other by real name. That can be deadly if someone decides to play childish games to harass you. It's a short leap to find out your real name, adopt it as their pseudonym and then use it to sign up for things with your email address, or to make comments on other websites. They can even register with your real name but their email address on forums where you personally wouldn't be caught dead (or alive.) If you have a kind of unique real name, that can also mean that they can locate you out in the world, or at least find your other online accounts (Facebook, Twitter) and extend any harassment to those areas, too. If you don't already have one set up, set up a Google alert on your real name, in quotes, so that you'll get a report if your real name is used anywhere on the web. You may discover that the person using YOUR name isn't you. And here, on the forums, if someone is using a screen name, refer to them BY THEIR SCREEN NAME. That's one of the simplest precautions any of us can take.

3) How will someone get your email address from this forum? If you have your profile set to accept email from other users, any registered approved user of this forum (even a hacker/spammer) can email you and when s/he does so, will see your forum-registered email address. If that's an email address you use routinely, it opens up your email address to malicious mischief. Most of it is just annoying, but it can also be overwhelming. Imagine having your address registered for, say, 50 porn websites within an hour, and getting all of those confirmations from Hot babes in Dallas in your regular inbox. Which your spouse sees. :oops:

Yeah - some people have forum only email addresses. But other people (like me) try to keep my number of email addresses under two dozen. ;) I have three websites (each with email addresses), and I have forum addresses on the servers of the forums I manage. I have at least a dozen email addresses for work servers - all variations of my real name @ where I work.com. Email address overload means that I tend to stick to a single personal email address, which I use to register for forums. Simple. But it can also be risky. Shouldn't be risky. But the safety precautions of the forums you frequent are also responsible for determining your risk level - especially for the non-computer-literate computer users.

4) Secure passwords are cool - but how many of you use your kid's or common pet's name as your standard password on every forum you are on, and leave your ID set to "remember me" so that you never have to actually use the password. THAT is how logger software on public computers (say the computers in the waiting rooms at MSKCC, or in the library) can get your information. And if someone hacks the log file on that public machine, your information is right out there. By using the same simple password for everything, you risk not only your account here, but any other accounts someone malicious may want to find for your name.

Now - for those of you who love wireless and hotspots and pirating connections - if you use unsecured (no password required) wireless connections, and you login to sites like this, the person who captures your login information doesn't even need to be any kind of a hacker. You won't see them, or they could be the person sipping cappucino next to you or someone sitting in a car in the parking lot running a capture program. Depending on capture program, s/he can get access to both typed and auto-login information, and most encryption protocols also have accessible DEcryption protocols. Smart enough to run a capture protocol outside a Starbucks? they're probably also smart enough to own a decription algorithm.

The best "secure" password is to take the first initials of a phrase that can give you 10 letters, and then convert some of those letters to numbers, special characters and caps. For instance, say your favorite movie line is "I'll have what she's having" from "When Harry met Sally." In geek speak, that line can become 1hW5hvg (the 1 = I, the W = what, the 5 = s, hvg = having.) But it's only 7 characters, so tack your initials onto the end or beginning: 1hW5hvgpas. Easy to remember the phrase, and very very hard to hack.

BUT - the issue on forums, email accounts and websites isn't so much that someone can hack into your existing password. It's that if they want to be malicious, they can request a password reset by typing in your name and clicking the "forgot password" link. Sure, it'll go to your email. If you see it, you can alert the site that you didn't request it. But some sites automatically issue a reset password and disable your existing pass - and it can be a bear to get back in if that's the case.

If you use an email address for forums that you don't check regularly, you might never know that's happened until you can't log in because the forum no longer recognizes your auto-login. Sure, it's just annoying. But on some forums, IF the user can hack into an admin account and get access to profiles, then they can change registered emails and request changed passwords. If you haven't logged in with your kid's name since you created the account, and don't remember the password, you maybe SOL.

This board also allows spammers to register. If you see a screenname with a bunch of nonsense letters, trust me, it's a spambot. Some forums auto-delete or ban those IDs so that they never show up on the main board and other users and spyders never see them. CC didn't always do that, and doesn't always do it now. The presence of spam users on a forum member list or front page alerts other spammers and spambots that this forum is an easy mark. User registration may have been tightened up since our last spammer attack, but it was very loose for a long time, and many of those names are still in the member directory.

So - in brief:
Use a secure password and check the email you've registered for this forum regularly.
Don't use real names on the board unless that's how the user actually registered.
Don't post specific travel plans (dates, flights, even exact destinations), home city information, full email addresses or (goddess forbid) phone numbers on these very public boards. Remember that this is not a little community that nobody ever visits - it's a highly searched and very public forum.
Respect the privacy of your fellow members - realize that calling them out for their status after, say, surgery or scans, may tell someone who is being malicious more about that person than they ever would have revealed (like where they live, or where they are treated or hospitalized...which means maybe their home is vacant or they're not really on their A game.)
Try to remember that your "need to know" stops right before you reveal what someone else has been doing lately - and if you simply must contact someone for their latest surgical or chemo update, consider sending a PM and not posting a public thread calling out "So and so - tell us how your resection surgery went."

Remember that someone who decides to harass you can come out of nowhere, for no reason that makes any sense except to them. And if you've made your information too easy to get, they can do a lot of annoying damage that makes forum use a challenge, rather than an opportunity to connect with other survivors.
= = =
Be in harmony with your expectations. - Life Out Loud
4/04: dx'd @48 StageIV RectalCA w/9 liver mets. 8 chemos, 4 surgeries, last remission 34 mos.
2/11 recurrence R lung, spinal bone mets - chemo, RFA lung mets
4/12 stopped treatment

edgellc
Posts: 375
Joined: Sun Apr 22, 2012 10:41 am

Re: Some basic forum (and internet) precautions

Postby edgellc » Tue May 15, 2012 2:25 pm

Thanks for the post, i unfortunately am guilty of some of these things myself :oops: . Just gos to show a little common sense gos a long way. So thanks for the friendly reminder :)
ஜ۩۞۩ஜ♥ஜ۩۞۩ஜ♥ஜ۩۞۩ஜ
.............EDGELLC............
ஜ۩۞۩ஜ♥ஜ۩۞۩ஜ♥ஜ۩۞۩ஜ
------♥♥-----
----♥♥-♥♥----
---♥♥---♥♥---
---♥♥---♥♥---
---♥♥---♥♥---
----♥♥-♥♥----
-----♥♥♥-----
----♥♥-♥♥---
---♥♥---♥♥---
--♥♥-----♥♥--

User avatar
juliej
Posts: 3114
Joined: Thu Aug 05, 2010 12:59 pm

Re: Some basic forum (and internet) precautions

Postby juliej » Tue May 15, 2012 2:28 pm

Very good tips! Thanks, Gaelen, for posting them.

Being online has its risks, and you have to be willing to understand them, accept them, and work to minimize them to operate safely in the virtual world.
Stage IVb, liver/lung mets 8/4/2010
Xelox+Avastin 8/18/10 to 10/21/2011
LAR, liver resec, HAI pump 11/2011
Adjuvant Irinotecan + FUDR
Double lung surgery + ileo reversal 2/2012
Adjuvant FUDR + Xeloda
VATS rt. lung 12/2012 - benign granuloma!
VATS left lung 11/2013
NED 11/22/13 to 12/18/2019, CEA<1

User avatar
pmterra
Posts: 599
Joined: Fri Jul 01, 2011 6:12 pm

Re: Some basic forum (and internet) precautions

Postby pmterra » Tue May 15, 2012 4:25 pm

Thanks Gaelen! Wish I would have read it before :oops: Really great advice and tips. Thanks for looking out for us!
caregiver to survivor husband
Stage 3C - Colon
surgery June, 2008
6 mo. chemo/FOLFOX & Avastin
June 2015 - 7 year survivor :)

Beatrice
Posts: 143
Joined: Fri Jan 06, 2012 9:17 pm

Re: Some basic forum (and internet) precautions

Postby Beatrice » Tue May 15, 2012 7:55 pm

Thanks Gaelen,
can't change the name thing any longer but I will be very careful with what I will write.
It was such a find to have this board with people who understand our situation that I never thought
any sick person ,hacker or spammer would actually venture to this site to misuse info of people that are already
struggling with fate , health and hardship.
Thanks for alerting everybody to be careful!
Beatrice
caregiver to Richard ( stg IV)
1993 CC,, resect.,chemo ,rad
NED -> Dec 2008
2009 bladder met, resect, Xel
NED -> Nov 2011
met lung( inop.)
Folfox + Ava Jan -Jul 12,
Sep12 Avastin-met stable
Apr 13: progession lung
Jun 13 : progression

User avatar
Gaelen
Posts: 3833
Joined: Fri Jun 13, 2008 12:57 am
Location: CNY
Contact:

Re: Some basic forum (and internet) precautions

Postby Gaelen » Tue May 15, 2012 8:23 pm

One thing everyone should be aware of - earlier this year, there was an ASCO study presentation on The Place of Web Forums in the Cancer Experience.

"The researchers picked two internet CRC support forums based on four criteria:
"Two of the most active CRC web forums were identified using 4 criteria: site active for > 5 years, > 12,000 total posts on the forum, >20 individuals currently browsing, and > 10 new posts/day. All posts posted in Jul and Dec 2010 and Feb-Mar 2011 on the two forums were abstracted for review and coding using MaxQDA software."

These were RESEARCHERS, not hackers. But they wanted to learn something about how survivors use forums - and learn they did. They found out enough information from using their software to extract post info that they "were able to determine demographics and/or tumor information for 83% of the posters. They got this information most likely from public posts and signatures, since actual membership data isn't referenced as a source. No matter how careful you think you are, most people reveal far more on an internet forum than they think they do. Publicly posting the specifics about when you'll be where (like trips to a cancer center, meetups, your email, etc.) are never smart...but stumbling on this abstract reminded me that you never really know who's reading these posts...or why...or where that information will end up...or how it will be used."

Careful as I try to be, I had the pleasure of having an internet stalker - who found me on this forum, got the information she needed, and proceeded to harass me for over a year until she made a mistake and I was able to find and get in touch with her internet provider, who took her down. You need to keep in mind that people who aren't registered read these posts every day...and you need to be careful.
Be in harmony with your expectations. - Life Out Loud
4/04: dx'd @48 StageIV RectalCA w/9 liver mets. 8 chemos, 4 surgeries, last remission 34 mos.
2/11 recurrence R lung, spinal bone mets - chemo, RFA lung mets
4/12 stopped treatment

User avatar
Maggie Nell
Posts: 1146
Joined: Wed May 27, 2015 1:57 am
Location: Central Highlands, Victoria, Oz

Re: Some basic forum (and internet) precautions

Postby Maggie Nell » Fri Sep 18, 2015 8:21 am

bump
DX April 2015, @ 54
35mm poorly diff. tumour, incidental finding following emergency R. hemicolectomy
for ileo-colic intussusception (ouchies)
Lymph nodes: 0/22
T3 N0 MX
Pending colonoscopy 23 March 2021
Unexpected severe allergic reaction to the prep...big WTF!?
To be rescheduled...

ALW
Posts: 51
Joined: Tue Aug 11, 2015 9:07 am

Re: Some basic forum (and internet) precautions

Postby ALW » Fri Sep 18, 2015 8:39 am

Well that was eye opening. Thank you for the post.
Aug '15 Dx rectal cancer stage 2a @ 41 years old
Sept '15 Radiation & Xeloda
12/3/15 LAR with temp ileo - 0/20 nodes
1/5/16 reversal done early due to complications
2/16 Started 5 rounds Xeloda

Cj51
Posts: 893
Joined: Thu May 13, 2010 5:58 pm
Location: Midwest

Re: Some basic forum (and internet) precautions

Postby Cj51 » Fri Sep 18, 2015 5:21 pm

The information in this thread is still very relevant. For newer members who may be reading this thread, Gaelen was a valued member of our community who passed on a few years ago. Her contributions were valuable and she is missed by all who knew her here.

Cj
DX Stage IIIb RC, T3N1M0, April 2010, 51
6 wks Xelox/rad 6/10
resection, temp illeostomy 8/10 Complete response!
12 rounds FOLFOX for clean up 9/10, Allergic to Oxi, started Xeloda only 12/10
Ileo takedown 9/28/11
4/2020 NED

Nik Colon

Re: Some basic forum (and internet) precautions

Postby Nik Colon » Fri Sep 18, 2015 5:46 pm

Thanks for the info, I'm pretty open so I'm good :) I guess as a fb user, most what I post here is already there, soooo, I'm fine with it. But again, thanks

User avatar
florencedollar
Posts: 288
Joined: Sun Sep 12, 2010 12:14 pm

Re: Some basic forum (and internet) precautions

Postby florencedollar » Fri Sep 18, 2015 10:22 pm

I miss gaelen. I was concerned about people putting too much info out in my "how did u choose your username" thread. We had fun w that topic 4-5 years ago and I thought it would be fun again. I hate that we have so many new people to participate.
Sis to 'lil sis (pict in avatar)
DX'd stage IV CC w/liver mets -age 45- 8/26/2010
Port Folfox started-9/8/2010
Colonic stent-9/30/2010
10/13-Team agrees-postpone chemo after 2 rounds
10/26 colon/liver resection
12/14/2010-Folfiri/Avastin
NED NED NED!!!!!

canadiandaughter
Posts: 676
Joined: Sun Aug 17, 2014 11:19 am

Re: Some basic forum (and internet) precautions

Postby canadiandaughter » Sat Sep 19, 2015 9:59 am

Thanks for bumping this up!! We had a speaker at our school this week, actually also saw him at a professional dev day yesterday, speaking on this very topic. He is a policeman from Victoria, BC I believe he said. He is also know as the white hatter. His job is catching creeps online. We learned a lot and I have locked down my facebook more and my phone. Butt, I had never really thought about this forum as well, so glad to see this post this morning. This is a message that we should never get tired of hearing. It was nice to finally have a presenter at the school that the majority of the kids actually listened to!! Hopefully the info about bullying on line and the sexting these kids are into will stick with them!!
DD to 81 year old father
dx 24/07/14 iv cc mets liver/lung
folifiri started 19/07/14
shrinkage of all mets
growth in the liver,started folfox/avastin 80% 13/01/16
reduced to 70% due to side effects 27/01/16
First scan on folfox shows shrinkage in lungs, but liver just stable
6 rounds of vectibix-fail. 3cm growth and new spots showing Waiting for panel recommendations
At peace January 8, 2017

User avatar
LeonW
Posts: 358
Joined: Sun May 03, 2015 4:59 pm
Location: Amsterdam, Netherlands

Re: Some basic forum (and internet) precautions

Postby LeonW » Sat Sep 19, 2015 11:59 am

canadiandaughter wrote:We had a speaker at our school this week . . . job is catching creeps online. We learned a lot and I have locked down my facebook more and my phone.


Yeah, creepy how much info FB collects anytime you log on. I've a utility somewhere that shows all these. I'll post it here I've found it back.

L :arrow:
Dec 2012 - CC 2 unresect liver mets, CEA 41.8 (MM 65yrs)
Jan 2013 - colectomy @ spleen 2/26 nodes IVa T3N1bM1a
Feb-Jul - 1x Xelox-7x Xelox/Avastin, shrinkage from #3
Aug - 2x PV embolization (both failed)
Sep 2013 - R liver resect, 25d hosp (liver failure/delirium, lung emboli, encephalopathy), no living cancer (pCR)
2014/15 - recovery, scopy: 2 polyps
2016 - new town/life
2018, scopy: 2 polyps
2018/20 low (1.0-1.4) CEAs/clean CTs: 4x2014, 6x2015-17, 3x2018-20
next June 2021!

canadiandaughter
Posts: 676
Joined: Sun Aug 17, 2014 11:19 am

Re: Some basic forum (and internet) precautions

Postby canadiandaughter » Sat Sep 19, 2015 3:51 pm

LeonW wrote:
canadiandaughter wrote:We had a speaker at our school this week . . . job is catching creeps online. We learned a lot and I have locked down my facebook more and my phone.


Yeah, creepy how much info FB collects anytime you log on. I've a utility somewhere that shows all these. I'll post it here I've found it back.

L :arrow:



I had mine all locked done, but didnt realize that you need to keep checking as it changes back. I enjoy facebook to stay in touch with friends and some of the games, but I don't need any problems from it. I would be safe, there is nothing on my fb that is incriminating for my job, I am not a dramatic poster, but better to be safe then sorry. Some of these people that post every detail of their lives and then some need to think twice!! I know when we hire people, I have facebook creeped them to get an idea of their personality. Some we have decided to avoid because of it.
DD to 81 year old father
dx 24/07/14 iv cc mets liver/lung
folifiri started 19/07/14
shrinkage of all mets
growth in the liver,started folfox/avastin 80% 13/01/16
reduced to 70% due to side effects 27/01/16
First scan on folfox shows shrinkage in lungs, but liver just stable
6 rounds of vectibix-fail. 3cm growth and new spots showing Waiting for panel recommendations
At peace January 8, 2017


Return to “Colon Talk - Colon cancer (colorectal cancer) support forum”



Who is online

Users browsing this forum: No registered users and 7 guests