Massive X data leak affects over 200 million users.
-
Yes, and Bitwarden+SimpleLogin. Bitwarden to keep track of login info including the alias that is used for that site. SimpleLogin is where the aliasing is actually handled, they have a decent UI for enabling/disabling or generating reverse aliases (for outgoing emails) when needed.
It does take a little more effort to manage it, but it’s worth the payoff. I’ve been using this setup for about 9 months now and I finally got my first spam email a week ago. I looked at the address it was sent to, it was a site I ordered something from about 6 months ago. I sent them a message letting them know that either someone at their company is selling customer info to scammers or their database has been leaked, then I shut off the alias.
I sent them a message letting them know that either someone at their company is selling customer info to scammers or their database has been leaked, then I shut off the alias.
🫡
-
This is what I do as well. I purchased my own custom domain name and run aliases off it using Addy. So as an example, an email for an online account would look like: ‘[email protected]’
Then I feed these accounts into a password manager so I don’t have to remember them.
All the aliases forward mail directly to my main inbox. Companies never see what my real address is. If I get spam, I know which company either sold my data or leaked my data. I can then take action by simply turning off that email alias and then spinning up a new one.
The best thing about owning your custom domain is that you’re in control and never have to change your email addresses. If I want to move to a new email provider, I can easily do that. The process, simplified:
- Buy a domain name
- Sign up for an email account at Tuta, Mailbox, etc.
- Set up your custom domain at that provider.
- Go to your Domain provider and update your MX records so that it syncs with the email provider.
- if you want to switch email providers, get a new one and then update your MX records to point to the new provider.
Awesome. How’s the Addy privacy posture looking?
-
So what is that, like 6 or 7 people?
A sock for every puppet.
-
Awesome. How’s the Addy privacy posture looking?
I signed up with them ensuring I read their privacy policy. Based on my personal privacy threat model, I’m okay with their policy. This wouldn’t fit a more intensive threat model.
I haven’t read it recently but last I remember they do have the option to temporarily store an email in the event of a failed delivery, until it can eventually get sent to you. This is opt-in I believe, and a toggle you can enable in your account.
In the time I’ve used them I haven’t had any issues with email deliveries. Been happy with the service so far, having left SimpleLogin and Proton for political reasons.
-
A self-proclaimed data enthusiast calling themselves ‘ThinkingOne’ has made a huge database containing 201 million pieces of user data from X freely available. The data is said to have come from two previous leaks and includes email addresses, locations and profile data of users of the social media platform.
Someone should check the email and phone number of Adrian Dittman to see if they match Elon's. Idiots can argue that it isn't Elon despite speech pattern evidence, but it's harder to argue when both of them share the same identifying info.
-
So what is that, like 6 or 7 people?
If it had happened now, that figure might be accurate. However, this was originally exploited in 2022, so it's probably pretty bad.
-
My email provider will auto-generate aliases with no limit, and I also subscribe to Mozilla Firefox Relay, which allows me to invent email addresses on the fly and have them relay emails to my inbox. The advantage of the Firefox Relay is that it isn't tied to the email provider so if I switch provider the aliases can still work.
Hmm, 5 for free, I see; thanks for sharing. Is your provider Proton Mail?
-
Someone should check the email and phone number of Adrian Dittman to see if they match Elon's. Idiots can argue that it isn't Elon despite speech pattern evidence, but it's harder to argue when both of them share the same identifying info.
I thought he fessed up to that
-
Password manager plus an emailing alias service. Protonpass integrates with SimpleLogin but there’s also ones like Firefox relay and anomaly (all open source)
Thanks, though do you have a link for Anomaly? I can't seem to pull up anything.
-
I thought he fessed up to that
Who is/was Adrian Dittman? Out of the loop of Twitter drama.
-
This is what I do as well. I purchased my own custom domain name and run aliases off it using Addy. So as an example, an email for an online account would look like: ‘[email protected]’
Then I feed these accounts into a password manager so I don’t have to remember them.
All the aliases forward mail directly to my main inbox. Companies never see what my real address is. If I get spam, I know which company either sold my data or leaked my data. I can then take action by simply turning off that email alias and then spinning up a new one.
The best thing about owning your custom domain is that you’re in control and never have to change your email addresses. If I want to move to a new email provider, I can easily do that. The process, simplified:
- Buy a domain name
- Sign up for an email account at Tuta, Mailbox, etc.
- Set up your custom domain at that provider.
- Go to your Domain provider and update your MX records so that it syncs with the email provider.
- if you want to switch email providers, get a new one and then update your MX records to point to the new provider.
Thanks for the guide on how to switch. I've been using a mail provider with my own domain for a while now. I'm not unhappy with their service but they only let me make a few inboxes. Good to know switching can be seamless.
-
A self-proclaimed data enthusiast calling themselves ‘ThinkingOne’ has made a huge database containing 201 million pieces of user data from X freely available. The data is said to have come from two previous leaks and includes email addresses, locations and profile data of users of the social media platform.
This is why I gtfo when Elon took over. I knew something like this would happen.
-
Who is/was Adrian Dittman? Out of the loop of Twitter drama.
Someone Musk made up to simply glaze himself on twitter.
-
Hmm, 5 for free, I see; thanks for sharing. Is your provider Proton Mail?
No, I'm on Fastmail. It's full-featured and has a slick web UI, but it's not as good for privacy as Tuta, Proton, etc. Also, although Fastmail is Australian they apparently host their servers in the USA.
-
This is why I gtfo when Elon took over. I knew something like this would happen.
Exactly this. We knew that everything would get shaky after he fired all those people and a data leak is the consequence
-
Bluesky will be in the same boat given enough time. Mastodon is the only proper stand-in for twitter.
I've been on mastodon for 8 years and it's ok but it can't catch the masses. It has been paralyzed from advancing by a vocal minority.
It shouldn't take 6 years to get search and quote posts. They also need optional algorithmic feeds.
-
Seems like a dedicated person might be able to prove that. Go through the available data and see what % of leaked accounts actually point to a real person, or even a unique person. If it's mostly bots you'd see that pretty quick
Check how many accounts pushing republican propaganda only post during St. Petersburg business hours...
-
Wait, so you literally have hundreds of accounts? How do you manage them all?
I use addy.io
-
This is what I do as well. I purchased my own custom domain name and run aliases off it using Addy. So as an example, an email for an online account would look like: ‘[email protected]’
Then I feed these accounts into a password manager so I don’t have to remember them.
All the aliases forward mail directly to my main inbox. Companies never see what my real address is. If I get spam, I know which company either sold my data or leaked my data. I can then take action by simply turning off that email alias and then spinning up a new one.
The best thing about owning your custom domain is that you’re in control and never have to change your email addresses. If I want to move to a new email provider, I can easily do that. The process, simplified:
- Buy a domain name
- Sign up for an email account at Tuta, Mailbox, etc.
- Set up your custom domain at that provider.
- Go to your Domain provider and update your MX records so that it syncs with the email provider.
- if you want to switch email providers, get a new one and then update your MX records to point to the new provider.
How do you reply to those emails in case of needing to contact with said company.
I'd assume they would deny service if the user (even on the same custom domain) is not equal to the account holder. -
I was just about to ask. I know that there was a clearnet site for data breaches but that's since been taken by the DOJ.
I imagine there's an onion site but my onion experience is very little to know where to even begin to look. My searches on torch found very little.
You mean "Have I been pwned"?
