How to stay safe

There have been a lot of issues of security/privacy in the past couple of weeks, so I decided to make this thread.

General Information

Don't give out personal information like confetti, or else something bad is bound to happen. Some important personal information you should NEVER reveal encompasses (but is not limited to)

• Your full name

Never give out your full name to people online. First names are OK, since most people can't identify you by just a first name.

• Your house address

You would never want people to know where you live because they could A) Stalk you (serious matter) B) SWAT you (send police to your house) or C) Locate your internet provider and possibly DoS you.

• Forums/Minecraft/Mojang account details

Don't give these out, as some people are able to use brute-force machines to eventually find out the remaining account details. This is bad as they can assume your identity and post/do things which could harm your reputation.

• Email address/Phone number

These could be used for people to send spam to your inbox or just constantly annoy you.

• Any payment information details

This includes bank account numbers, codes, prepaid gift cards, and online payment login details.

Some things which you should use caution with but are allowed to reveal online are

• Skype

You should be wary with revealing Skype as people can use your account to find your IP and DoS you.

• Age/gender/etc.

General things like age, gender, race, favorite things, etc. could be revealed, but you should be careful with who you trust them with.

What is an IP?

An IP or IP address is the code associated with your connection to the internet. IPs consist of 4 numbers, 0 - 256 seperated by periods (i.e. 125.98.234.0). This is very important to keep safe as it is linked to your house's internet provider, therefore meaning it can be shut down, thus closing your internet connection. Your IP can also be used to find where you live using Geo IP programs. To quickly look up your current IP, type "My IP" into Google.

What is a stresser?

A stresser is a program used to DDoS, DoS, or DoX networks/information. I am not encouraging that you use a stresser but merely telling you what it is.

DDoS, DoS, and DoX

These three things are forms of internet maliciousness which include multiple networks shut down, personal networks shut down, and personal information spread out, respectively.

DDoS (Distributed Denial of Service)

This occurs when people crash multiple networks at once with a large stresser or by using a third-party program to which all the crash victims are connected to.

DoS (Denial of Service)

This is a single-network version of DDoS. DoS simply means using a stresser to disrupt someone's network connection. This occurs a lot more often than DDoS, simply because it is much easier to accomplish.

DoX

This is not a form of internet crashing, but is equally if not more dangerous. DoX'ing is basically taking the information of a user and spreading it online. Therefore, third-party programs can use your information for malicious purposes. This is best avoided by keeping your personal information safe.

How to protect your IP

Using programs called VPN Clients, you can protect your IP by masking it. This works by the program masking your IP with another one from a different station, so your home IP can't get hacked, even if the station does. There are many good VPN clients out there, including free and paid ones. The best are usually paid, but some free ones will get you by. Good free VPN clients include CyberGhost and PlasmaVPN, though with a bit of searching, you can find many more.

Skype

Skype IP resolving is a big issue for many people. This happens because players add people, use their Skype name to find the person's IP, and then DoS them. With a bit of configuring, you can make sure this doesn't happen to you. Click Skype > Privacy to open the privacy configuration window. From there, click Advanced > Connection. Check the box that says "Allow direct connections to your contacts only". (Shown below)



This will block your IP from Skype Resolvers and anybody not in your contacts list. This means that only your contacts can see your IP. Therefore, be cautious with who you add to your list. Source.

How to prevent fraud

Fraud is anything from scamming $5 in Prison to scamming a $1,000,000 in real life. Fraud is basically using unlawful methods to obtain rewards (usually money or items of strong monetary value). Fraud in Minecraft mostly takes place in scamming and chargebacks. Scamming is making a deal with somebody, and not doing your end of the bargain. Chargebacks are when somebody buys a purchase from the shop and then request their money back.

Scams

Scams are allowed on Minetime in any form or any way, except when it involves real money. Payments overseen by Minetime directly (Buycraft payments) are bannable if a rank is scammed. So, when trading in-game items for ranks or kits from shop, it is extremely wise to have the rank-buyer go first so they can't get scammed. If the person who receives the rank does scam, the rank-buyer can report them and get them banned. The rank-buyer will also get a full refund on the rank.

Chargebacks

Chargebacks are one of the hardest crimes to fight, though it is a rare occurence. Chagebacking is when a user purchases something from a shop, and then requests their money back. Chargebacking is not allowed on Minetime, and if you chargeback, you will get your money back at the price of being banned from Minetime and its services permanently, although most times you will not receive any consolation, and will be banned anyways. Therefore, people can buy ranks for other users, and then chargeback to attempt to get them banned. However, if the victim of that situation can prove that they did not make the purchase in the first place, they will be unbanned.

False information

False information generally takes the form of a user impersonating a high-ranked staff member or owner of a business/company/etc. to spread false information. An example would be a Minetimer impersonating CollinPotato (the owner) in-game to try to trick somebody. They would act as Collin and promise the Minetimer so-and-so if they paid so-and-so some money. Another example is a Minetimer impersonating CollinPotato to say something like "The server will be closed permanently tomorrow" or "Everybody is getting banned". The punishment (if caught) is a ban varying on how malicious the information they spread was.

Here's some information about owners/developers

CollinPotato - Skype undisclosed - Mail: [email protected]

MinetimeSupport - Skype undisclosed - Mail: [email protected]

thegamerfreak98 - Skype undisclosed - Mail: undisclosed

Jess - Skype undisclosed - Mail: [email protected]

drtshock - Skype undisclosed - Mail: [email protected]

Most times, people with the mail domain @minetime.com can be trusted, but you should always make sure that it is a recognized staff member name before the domain.

Staff's Skype accounts are generally undisclosed because of the chance that people will spam them with requests/messages. Because the Skype accounts are not publicly known, never trust anybody claiming to be a staff member on Skype.

Even if the information is coming from an almost-certainly reliable source, you should always confirm it with a staff member. Remember, there is always the chance of receiving false information.

Third Party Organizations

Third party organizations are companies/businesses/programs not affiliated with a product, brand, program, etc. This includes the relationship between Skype and Minecraft. They are two completely different companies, and are not affiliated with each other. An example that is not of a third-party organization relationship is Microsoft and Skype, as Microsoft owns the company Skype. So, if you got DoSed in Minecraft, but it was because of your Skype, it would be considered a third-party issue, and is therefore not Minetime's fault. You cannot hold Minetime for anything that happens outside their LLC copyright or affiliates. Third-party organizations can also be associated organizations disguised as foreign associations to spy on others, gather information, etc. (Mostly malicious purposes). That is why you should be wary about approaching companies that look suspicious (even if they claim to be another company).

Passwords

Passwords are the most crucial part of an account, as they are (sometimes) the sole thing separating a hacker from your account. Passwords for important sites should be very complex, un-patterned, gibberish, as this will most likely be the most secure. Write down your passwords somewhere and link the reset page to your mail account, which should also be secured. Passwords should not include things like your favorite things, your birthday, yours/parents'/friends' names, or anything commonly known about you. So, a password like JimmyWaters452003 is much worse compared to jL1ljj80iOpa3. Even if you had a non-gibberish password, though grammatical, a brute-force machine would find it a lot faster than a gibberish, nonsense password. It is also wise to enable 2-Factor Authentication whenever possible to guarantee account security. A reliable source to check password strength on is howsecureismypassword.net.

What is brute force?

Brute force is a program that is designed to find account passwords. It works by calculating and entering every single possible combination of characters that are allowed. However, there are so many possible combinations of passwords that the machine is only reasonable to use on people with simple passwords.

I'm open to any suggestions; please write them in the comments. I will also add more sections and information as I continue researching.

EDIT: Added Passwords and Brute Force sections.

That is all for now. I hope that this helped you out somewhat, and have a good day! - ido_pieguy

 

Ultimately, we're assuming that it is not Osama Bin Laden trying to crack your account password.

 

Thanks, editted.

 

About half an hour of research and an hour of typing/editting/rewriting.

 

TeamSpeak isn't a very mentioned topic, so I chose not to include it. However, I will do some research about it when I get back from vacation.

 

As @BlackCynders stated, TeamSpeak is safer, but corrupt leaders would be a problem. So, Minetime's TeamSpeak would be a good resource as we all know Minetime's owners to be trustworthy.

 

I meant it to be a not-as-good password if it's your exact name and birthday, but I never said it was a bad password.