Discord Is Not Safe (Short 2023)
Discord Is Not Safe (Short 2023)
Discord Is Not Safe (Short 2023)
Assume anything you say and do on Discord is in the public domain, no matter what anyone says.
What is this about Discord? Is it not safe to use? I’ve heard some rumors, but with over two hundred
million users, surely they can’t be doing anything that terrible, right?
We’re all used to social media by now. If you’ve looked at how the major platforms
make money, you already know they can offer “free” services because they
harvest detailed user data for a variety of reasons:
1. to understand what it takes to keep you engaged and constantly using
their services
2. to show you targeted ads
3. to recommend third-party products and services that they can monetize
through commissions
4. to be able to sell vast amounts of sensitive information about everyone to
third-party data aggregators
5. to collaborate with state actors as part of a global surveillance strategy.
Discord is somewhat worse than the average social media spyware we use every
day, in a number of ways:
Omg! So what can I do??? This is where all my support network “lives” right now. I have so much content
on Discord. I am screwed! Am I screwed?
There are really only two ways around this. One is to use a VPN. This obfuscates
your IP address and other information, making it a bit harder for ISPs to spy.
There are a ton of services, but you can’t trust many of them. Since they will
become the single point of failure through which all your activity is funneled,
choose wisely!! I have used expressVPN, NordVPN, Proton, and a couple of others.
Whichever one you pick, make sure it absolutely does not log user data under any
circumstances. Ideally their servers should be located somewhere outside of what
is called “the 14 eyes countries” that are known to have invasive surveillance
programs and regularly spy on citizens.
Another good idea is to use a router at home with excellent threat detection and
prevention features.
DELETE YOUR NATIVE DISCORD APPS & CAREFULLY USE ONE BROWSER ONLY
You heard it from me. Get rid of those apps. Sign out first, and delete them, then
delete them from the trash, then reboot your devices. If you are paranoid, there
are guides about how to really delete programs from your devices, leaving no
trace behind. You can also reimage devices.
Up to you, how far you want to take this, but you need to get rid of the Discord
apps from every device you use. This is because it tends to make it MUCH easier
for Discord to abuse its powers and invade your privacy.
You can pin Discord tabs to make them easier to find on a desktop browser. Most
mobile devices will let you add web bookmarks as icons to your homescreen (this
will look almost exactly like you have the app installed, so be careful not to get
confused).
Do not ever log into Discord using another service (like with Google, Facebook,
etc.). NO NO NO NO!!!! .
Don’t leave Discord on in the background all the time. Log in and out. Log out
whenever possible.
PICK A PRIVACY BROWSER, HARDEN IT, AND STOP USING RISKY FEATURES
CHOOSE: There are a million guides comparing browsers for 2022. Some of the
most secure browsers (like Chrome) are really bad when it comes to privacy. A few
browsers that I have used include: Firefox, Brave, DuckDuckGo, Safari.
USE: Once you pick a browser, make it the default browser on all your devices.
HARDEN: No browser is good enough “out of the box.” Search for a guide from a
reputable company that specializes in security & privacy. These will have names
like “ How to harden your browser to maximize privacy.”
There are so many things you can do to harden a browser: Set the default search
engine to one that does not track or collect user data, disable cookies, clear
cache regularly, avoid javascript, disallow data collection about usage, turn on
“do not track” (which is just a request, and is not enforceable), do not save your
history, etc,
There are a few things that are so important they each deserve their own
paragraph:
- Stop sites from fingerprinting you. This is exactly what it sounds like. Even if
you have done EVERYTHING ELSE, you are still easily and personally
identifiable (with precision that is equal to or greater than actual
fingerprints). Advanced models have been trained to analyze every bit of
information they can detect, including system settings, screen size, etc. This
also includes information about how fast you type and the specific
cadence of certain letter combinations and words; typos you make over
and over, how you use keyboard shortcuts, etc. BLOCK FINGERPRINT
TRACKING. Good guides will tell you exactly how.
- Stop ad trackers. These are hidden little pixels or tiny bits of information
that follow you around the internet to analyze everything you do. This is a
big massive boom for data harvesting services, who then sell information
about targeted groups of people to basically anyone who can afford it. \
Right now, I can buy a list of people who consider themselves Experiencers,
live in a specific area, are males under 40, have higher than average
discretionary income, tend to make impulsive decisions, use Discord, etc. I
can buy this data legally and use it to promote a product or service. This is
the business of Ad Tech in America.
If I am a real denizen, I can get this kind of information for free (or steeply
discounted), without having to disclose my identity. This happens all the
time when hackers and government agencies buy your data from the
cobwebby corners of the sketchy “Dark Web.”
- Limit plug-ins. These are also called browser extensions, and they almost
always suck. Go above and beyond to avoid them wherever humanly
possible. They are responsible for more consumer security incidents than
almost anything else.
Server Violations:
https://www.wikihow.com/Report-a-Discord-Server
User Violations:
https://www.makeuseof.com/how-to-report-someone-on-discord/
https://getterms.io/blog/how-do-i-report-a-privacy-violation
European Violations
https://www.isaca.org/resources/isaca-journal/issues/2019/volume-1/reporting-on-
gdpr-compliance-to-the-board
Other Resources
https://www.courthousenews.com/gamers-say-openfeint-sold-them-out/
https://cadence.moe/blog/2020-06-06-why-you-shouldnt-trust-discord
https://luna.gitlab.io/discord-unofficial-docs/science.html
https://discord.news/trust-and-scam/
https://www.forbes.com/sites/thomasbrewster/2019/01/29/discord-the-2-billion-gamers-paradise-co
ming-to-terms-with-data-thieves-child-groomers-and-fbi-investigators/
https://www.newsweek.com/discord-furries-terms-service-community-guidelines-1323099
https://techcrunch.com/2017/06/07/discord/
https://medium.com/tenable-techblog/lets-reverse-engineer-discord-1976773f4626