bro you want me to use discord??? to talk to a kid???? do you think im stupid or something

someone on element just tried to get me in contact with a 14yo lol

i fucking hate people

nepeta boosted
nepeta boosted

#plush #cub #foalcon 

That feel when I find a sexy lamb baby plush online and just have to rub myself off on one my foal plushes while imagining cumming inside the baby lamb and baby foal. So much cum. I kept spurting and spurting until Scootaloo had my seed all over her coat. I couldn't help myself. Tight, hot baby lamb cunny around my cock. Unf. Fucking cumming in a wriggling, bleating baby lamb then spurting in a tight little filly? Hnng. Best babysitter at the petting zoo. Mmm...cummy babies.

i wanna do really bad stuff to cute tiny innocent cubs ❤️

adorabat 

@nepeta just fucking drench that little faggot of a father in his daughter's blood while i force her corpse up and down on his useless cock before i fuck his ass and tell him his daughter is never going to wake up again ❤️

Show thread

adorabat 

wanna force adorabat to take drugs and make her my methed-out junkie whore before i turn her on her father and force her to seduce him before i come in and knifefuck every hole on her body in front of him

being very mean to bat loli again 

i wanna kill adorabat with my cock!!! pierce her womb and fuck her guts in front of her father while he's tied up in front of us and make him look his daughter in the eyes and she dies on my cock then throw her corpse on the fucking floor and stomp on it while i shoot jizz all over his stupid fucking face

need to bully bat loli with my cock until she's screaming and begging me to stop ❤️

fucked to death 

wanna just pierce through adorabat's tiny womb and fuck her guts until she dies then fuck them all back into place through her throat :3

violence 

i have been having intense cravings for adorabat from maomao recently and god fucking damnit i need to hurt her with my cock and beat her up ❤️

nepeta boosted
PSA: Session, Wickr, Tox, and Proton Mail/VPN/etc are insecure and should not be used. Instead Matrix should be used, or Signal, once it has usernames. Email is not secure no matter the provider, and networks like Tor should be preferred over VPNs.

MAPs especially should read through this.

Why/How are they insecure? Allow me to explain

--

Session is an insecure fork of Signal with weaker cryptographic security properties.

Specifically, Session got rid of Forward Secrecy, got rid of Deniability, uses only 128-bit keys instead of industry standard 256-bit, half as strong, and got rid of the self healing/backwards secrecy property that Signal had.

Sources: Session documentation, and Session audit

https://getsession.org/session-protocol-technical-information

https://blog.quarkslab.com/resources/2021-05-04_audit-of-session-secure-messaging-application/20-08-Oxen-REP-v1.4.pdf

What does all this mean, you may ask?

Forward Secrecy means that, if in the future, aka forward, your device or its keys are compromised, your *past* messages are secure, they cannot be read. This is especially important when *you* deleted past messages, but an attacker, such as the feds, had saved their encrypted form.

Deniability means that its impossible to cryptographically "prove" that you sent or received a message from any specific person. This is an important security property to have, though it should be noted that, depending on jurisdiction, courts may have a much lower standard of "proof".

Using weaker keys is obvious, as it says on the tin. It uses weaker keys for no good reason. As far as anyone publicly knows, this in theory is not a problem, as 128-bit should still be secure, but it's not standard, and is very sus.

Self healing can be thought of as the opposite of Forward Secrecy, aka Backwards Secrecy, Self healing means that if your device or keys were stolen *yesterday*, your messages *today* are still secure.

Session has various justifications for this, none of which I believe hold up to scrutiny.

Session believes these choices were fine to make because it assumes that its application is bug-free, that you don't care about the security of deleted messages(which as MAPs we especially should), and that you don't care about security if your device is compromised.

I, obviously, disagree with their conclusions, and I hope i've convinced you as well.

--

Wickr is quite literally funded by and working with the CIA.

https://www.vice.com/en/article/y3dawk/wickr-cia-funding-inqtel

https://www.zerohedge.com/technology/trash-it-goes-cia-funding-arm-gives-16-million-encrypted-app-wickr

Additionally, unlike Signal, Session, and Matrix, Wickr is not Open Source. You have no idea what you're running on your device, or what their server does.

https://support.wickr.com/hc/en-us/articles/1260802360449-Is-Wickr-Open-Source-

Thats all that really needs to be said, isnt it?

--

Tox is woefully under-specified, is closed sourced, and has known security flaws in its implementation and protocol.

https://github.com/TokTok/c-toxcore/issues/426

Additionally, as a P2P messenger not routed through Tor, it reveals your IP to everyone you communicate with. DM a fed and they've got you.

https://en.wikipedia.org/wiki/Tox_(protocol)#Revealing_of_IP_address_to_friends

Also, in 2015, all their developers left because the founder did some fraud with the organizations money.

Not a trusted platform.

--

ProtonMail and other tools provided by them such as ProtonVPN are insecure and should not be trusted.

E-mail in general is a fundamentally insecure protocol and you should absolutely not use it for anything requiring privacy or security.

ProtonMail specifically, despite claims in both marketing and their privacy policy of not logging your IP, can and *does* log it without your knowledge or consent on behalf of authorities.

Just this year they handed over the IP addresses of *climate activists* to authorities.

https://techcrunch.com/2021/09/06/protonmail-logged-ip-address-of-french-activist-after-order-by-swiss-authorities/

Being in Switzerland does not make it private, safe, or secure.

--

The above also applies to VPNs, whatever they say to the contrary, they can and *do* log.

You should use a protocol like Tor which effectively makes it *impossible* to log, rather than trusting a server ran by or subject to the "authority" of the feds to "not log, we pinky promise"

--

And all this brings me to what you should use instead, Matrix, or Signal

Right now, Signal should not be used, as it requires phone numbers, and those are *not* anonymous. Many countries even requiring registering your SIM card with the government before you can use it, making acquiring disposable burner numbers difficult.

Matrix, however, does not have this problem, and is based around the exact same protocol as Signal is.

Matrix is end-to-end-encrypted, just like Signal. When DMing someone on matrix, you have Perfect Forward Secrecy, and when in an encrypted group, you have Partial Forward Secrecy, or Perfect, at your choosing.

Groups sometimes have Partial forward secrecy because you can choose to let *room history* be visible, aka past messages, which by definition means you, in the future, are decrypting the past messages. Note that you can simply turn this off, and have Perfect Forward Secrecy again.

All the security problems that Session has, Matrix and Signal do not have.

For DMs, Matrix uses olm, an implementation of the Signal protocol, documented here https://gitlab.matrix.org/matrix-org/olm/-/blob/master/docs/olm.md

For groups(what Matrix calls Rooms), Matrix uses megolm, documented here https://gitlab.matrix.org/matrix-org/olm/blob/master/docs/megolm.md#partial-forward-secrecy

There are some documented limitations, such as the Partial Forward Secrecy discussed above, but they are minor and don't affect security, but if you're worried you can simply not be in groups.

Matrix can additionally be used on the web, including from within Tor, for added security, such as if you don't trust the homeserver.

https://app.element.io/#/login

Matrix does not require email addresses or other forms of identification to create an account, though some homeservers, notably matrix.org, do. But you can simply use a different one.

Popular choices to use among my friends are asra.gr or midov.pl

Once Signal has usernames, if it ever does, it would also be an acceptable choice, though Matrix would remain a perfectly good choice and does have the added benefits of a better user interface and text formatting.

--

And that concludes this post. If you had it this far, congrats, thanks for reading, and I hope it inspired you to improve your security.
nepeta boosted
been a bit since I cranked out a #pedo fantasy post soooo

I wish I had a QT pedophile girlfriend or boyfriend with a needy pedo cock that got hard by simply looking at children. I wanna fear it, I wanna respect it, I want it rammed down my throat while you look at naked kids, I want you to force me to apologize for having two digits in my age. Lock my useless dick up and sit me in your lap and turn on the pedo porn, see how long I can take it before I'm begging you to let me masturbate to child porn with you. If I'm a good boy maybe you'll sit your ass on my face and let me feast on your pedo hole, at least then I can listen to the children get fucked, even if all I can see is your butt... I'll carry around a tablet loaded up with all sorts of good stuff, and the moment you feel any child lust you'll order me to my knees and face rape me while getting lost in those delicious child rape videos. It doesn't matter what I want, or when I want it, I want you to force yourself on me even if I say no, after all, the kids in your videos don't get to say no either. Ignore me while you use my body to masturbate, after all, you're a pedophile and I'm not a toddler... But you can use my body to feel good while you think about what you'd rather be fucking.
Game Liberty Mastodon

Mainly gaming/nerd instance for people who value free speech. Everyone is welcome.