@kasstoner.bsky.social
Gotta love the osint skills 💯
November 20, 2025 at 9:27 AM
Gotta love the osint skills 💯
Reposted
If you use WhatsApp, assume your number is already in someone's database.
Source: www.wired.com/story/a-simp...
Source: www.wired.com/story/a-simp...
November 18, 2025 at 4:48 PM
If you use WhatsApp, assume your number is already in someone's database.
Source: www.wired.com/story/a-simp...
Source: www.wired.com/story/a-simp...
Reposted
What you can do NOW: Go to WhatsApp Settings > Privacy and set your profile photo, about info, and status to "My Contacts" or "Nobody." This won't hide your number, but it limits what strangers can see. This is recommended as well for platforms like Telegram & Signal.
November 18, 2025 at 4:48 PM
What you can do NOW: Go to WhatsApp Settings > Privacy and set your profile photo, about info, and status to "My Contacts" or "Nobody." This won't hide your number, but it limits what strangers can see. This is recommended as well for platforms like Telegram & Signal.
Reposted
Meta's response? They thanked the researchers and called it "basic publicly available information." They fixed rate limiting in October 2024, but provided no evidence they stopped malicious actors from doing the same scraping over the years...
November 18, 2025 at 4:48 PM
Meta's response? They thanked the researchers and called it "basic publicly available information." They fixed rate limiting in October 2024, but provided no evidence they stopped malicious actors from doing the same scraping over the years...
Reposted
Who's at risk? Scammers of course have a goldmine. But worse: researchers found 2.3M WhatsApp numbers in China & 1.6M in Myanmar...countries where the app is banned. Governments could hunt down users. People in China have been detained just for having WhatsApp installed.
November 18, 2025 at 4:48 PM
Who's at risk? Scammers of course have a goldmine. But worse: researchers found 2.3M WhatsApp numbers in China & 1.6M in Myanmar...countries where the app is banned. Governments could hunt down users. People in China have been detained just for having WhatsApp installed.
Reposted
Not only numbers were exposed. 57% of accounts had profile photos, 29% had public bio text. In India, 62% had exposed photos. In Brazil, 61% had photos exposed. Most users don't enable privacy settings (More on this soon...)
November 18, 2025 at 4:48 PM
Not only numbers were exposed. 57% of accounts had profile photos, 29% had public bio text. In India, 62% had exposed photos. In Brazil, 61% had photos exposed. Most users don't enable privacy settings (More on this soon...)
Reposted
A researcher warned WhatsApp about this exact vulnerability in 2017. Meta dismissed it, saying privacy settings were "working as designed" Fast forward 8 years later, still vulnerable until October 2024 😅
November 18, 2025 at 4:48 PM
A researcher warned WhatsApp about this exact vulnerability in 2017. Meta dismissed it, saying privacy settings were "working as designed" Fast forward 8 years later, still vulnerable until October 2024 😅
Reposted
Here's how simple it was: WhatsApp lets you check if a phone number is registered. Researchers automated this for every possible number combination at ~100 million checks per hour. Meta had ZERO effective rate limiting in place (because why would anyone want that?)
November 18, 2025 at 4:48 PM
Here's how simple it was: WhatsApp lets you check if a phone number is registered. Researchers automated this for every possible number combination at ~100 million checks per hour. Meta had ZERO effective rate limiting in place (because why would anyone want that?)
Did he say that? Where did he say that?
September 26, 2025 at 4:12 AM
Did he say that? Where did he say that?
Reposted
The problem with that, too, is if there's a clear enough pattern of life with the phone, you can use the absence of its movement and identification at a second location as probative information.
September 17, 2025 at 3:51 PM
The problem with that, too, is if there's a clear enough pattern of life with the phone, you can use the absence of its movement and identification at a second location as probative information.
Reposted
People radically underestimate the sophistication of OSINT tools that aren't "looking at posts on the internet" and with a few pictures of your location and trajectory through an area, someone could connect you to your device in maybe an hour or so.
September 17, 2025 at 3:49 PM
People radically underestimate the sophistication of OSINT tools that aren't "looking at posts on the internet" and with a few pictures of your location and trajectory through an area, someone could connect you to your device in maybe an hour or so.
Osint? It stands for Open source intelligence. For starters: en.wikipedia.org/wiki/Open-so...
Open-source intelligence - Wikipedia
en.wikipedia.org
September 18, 2025 at 9:19 AM
Osint? It stands for Open source intelligence. For starters: en.wikipedia.org/wiki/Open-so...
Reposted
Yes more pls 🙏 How should citizens be intentional and skeptical online as law enforcement and government surveillance expand in “Trump’s America”? How should we be vigilant w encryption and digital hygiene since SSA data, AI, Palantir, and Israeli tech increase risks?
This seems a helpful resource:
This seems a helpful resource:
We study mass surveillance for social control, and we see Trump laying the groundwork to ‘contain’ people of color and immigrants
Create a moral panic. Blame it on certain people. Commence monitoring. Deploy droves of security agents. Detain or remove the targets. Sound familiar?
dornsife.usc.edu
September 16, 2025 at 4:11 AM
Yes more pls 🙏 How should citizens be intentional and skeptical online as law enforcement and government surveillance expand in “Trump’s America”? How should we be vigilant w encryption and digital hygiene since SSA data, AI, Palantir, and Israeli tech increase risks?
This seems a helpful resource:
This seems a helpful resource: