tldr; Joan Donovan is a fat cunt that's trying to track user's with shill tracking images. The majority of these images are shitty OC, but decent enough to bait user's to download them. do not download these files and/or repost them.
shill detector // ==UserScript==// @name 8ch - joan_guid_detector// @namespace// @version 0.3// @description// @author local// @icon// @include https:/%2F8ch.net/*/res/*// ==/UserScript==var re = new RegExp("^[a-f,A-F,0-9]{8}-[a-f,A-F,0-9]{4}-[a-f,A-F,0-9]{4}-[a-f,A-F,0-9]{4}-[a-f,A-F,0-9]{12}[.](.{3}|.{4})$");function checktags(tags) { var tag; var title; var parent; var shilltext; for (var i = 0; i
Reposting script used to rename GUID/UUID filenames into short filenames that maximize the chance of collision with another user's uploaded files
import sysimport osimport os.pathfrom uuid import UUIDtry: bdir = sys.argv[1]except IndexError: bdir = input('what is the full path to the directory containing the files you wish to rename?')if not os.path.isdir(bdir): input(f'{bdir} is not a valid directory path. Please try again.') sys.exit(1)f_idx = 0for root, dirs, files in os.walk(bdir): for f in files: fname, ext = os.path.splitext(f) try: uid = UUID(fname) except ValueError: continue # not a UUID src = os.path.join(root, f) while True: dst = os.path.join(root, hex(f_idx)[2:] + ext) if not os.path.isfile(dst): break else: f_idx += 1 print(src, dst) f_idx += 1
Let me give you some more reasons why your brainlet theory is fucking retarded How? The only possible way that could be done is if anons saved the image with the same filename as it was posted, and that rarely happens. On cuckchan there is no built-in way to do this, you automatically download the file with the auto-generated image number. On 8ch you have to right click the hyperlink to the image that features the original filename (on the right, above the image).
This is therefore an extremely inefficient way to track the spread of a posted image across the chans/the Internet in general. There are two much easier ways they could do this:
and/or Both of these methods would be far more effective at tracking the spread of an image (and this is in fact what intelligence agencies already do to track the activity of anonymous image board users – yes, your meticulously named memes are in fact an attack vector that de-anonymizes you).
If we want to have a serious discussion about opsec and image filenames and hashes, by all means we should do so (in fact I've been thinking about posting a thread about this security risk for some months now to inform anons of the opsec security vulnerability mentioned above and propose some potential solutions). This thread and this entire "Joan is using GUIDs to track anons through the filenames" shit is boomer-tech brainlet nonsense.
It may not even be iOS itself, it may be a certain browser that runs on iOS, or even one of the many 4chan mobile apps (I know at least one of works or used to work with 8ch as well, I've seen anons posting about that before). It may have something to do with the iCloud, as you say, which has been a theory several anons have given.
By all means investigate. Why don't you take a trip to your local Apple store and do some shitposting on one of the demo devices? Keep in mind that it's likely iOS version specific (either an OS feature or the software that's responsible is for a recent OS version), though it does seem that it began this year so it's a recent or current version.
The most disappointing and embarrassing aspect of this entire thing is that absolutely no one has come up with a viable working theory for what these alleged GUIDs would be used for. As explained above, they could not be meaningfully used for tracking the activity of anons (the bullshit theory that panicked anons and caused this entire thing to get so out of hand in the first place).
The first time it appeared was on August 17 with the filename 'qt314.jpg', and has since been reposted with GUID filenames as well as the filename 'Bookstore Jezebel.jpg'.
All of the posts that posted the image with a GUID filename had an American flag and were generally extolling the virtues of chastity and non-degeneracy within the context of women and marriage/relationships. Note that the GUID filename changed each time the (likely the same) user posted the image, which suggests that it might possibly be the software used to make the post might be behind the filenames, rather than the software used to save the image.
This doesn't seem like shilling to me, and there the way in which these filenames could be used to track the dissemination of the image file is not at all obvious.
You're either a shill or you have zero capacity for critical thinking.
Ian Wright
go for it dude
Okay, so I copy all this code, baste it into an empty text file, rename the extension (or none at all) chmod 775? then what?
Joshua Baker
fuck off hamplanet
Colton Turner
reposting this reply from the other thread, here
here github.com/dogancelik/imgops is a script that will reverse image search on every search engine that could be incorporated into the final script. there are also a myriad of other reverse image search engines, like:
I'm not far enough in my learning to write this myself at this point, but maybe someone from Zig Forums will do it?
true. that's why i originally suggested it. but keep in mind, it depends on how effective their data-gathering is. everything online is recorded somewhere, archived by someone… if they get wind of what's going on, then they might be able to crossreference names with the original website and see that the image was never posted there, or that name corresponds to a different image.
i like where you're going. its a good idea, but i'm not convinced it is close to fool-proof. what we really need is to figure out the enemy's data gathering/analyzing capabilities to best test if our methods will work
Dylan Wood
user, that's not reddit spacing. reddit spacing is much more egregious than that
Jordan Flores
These replies are leading me to believe that the people pushing this "Joan is using GUIDs to track you" horse shit are in fact shills.
Justin Rivera
post evidence showing a piece of software used to save images or upload them to 8ch is generating the guids.
there have been multiple user's in multiple threads that have reported that iphone does not save images in this manner, but posts are not evidence. we need user's to upload video of their iphones either showing this behavior or not showing this behavior.
Charles Howard
you both sound like faggots and have offered no evidence
Tyler Hernandez
shills for what? preventing user's from posting images with suspicious as fuck filenames? preventing user's from using iphone/icloud? the amount of pushback this theory creates from the typical kike posters only reinforces it.
well said user. these shills are pathetic and this wont last much longer thankfully. its funny to watch thier tribe push this garbage and only snag a few dumbfuck morons. in a few weeks they will be outting themselves with their weak (((joan))) and (((guid))) attacks. then they will be forced to swicth vectors again
Angel Adams
It's quite possible that I am retarded, but I'm not seeing an end game here. >That people on Zig Forums post on Zig Forums Seriously, am I missing something obvious here or did this fat cunt not really think any of this all the way through?
The evidence is what led to the hypothesis: 7 of the 12 times that image was posted it had a GUID filename, and each time the GUID filename was unique. Most of those posts were on the same topic and with the same flag (over a span of a few days), indicating that it was likely the same user posting the image repeatedly. It is unlikely that the image was re-downloaded 7 times, therefore on a balance of probabilities it is more likely that the software being used to post the image was assigning the unique filename each time.
Provide evidence for the hypothesis that these GUIDs are being generated to track the posting activity of anons or the replies of anons to posts with GUID named images.
i will say that this requires additional investigation. i want to know exactly when these filenames started appearing, which i will use 4pleb for, and what is generating them to either dispel the claim that it's common software that Zig Forums anons are using all of the sudden or show that it is. I have a hard time believing this many anons are using brand new iphones all of the sudden that are just now saving images in this fashion, or that this many anons are using apple products in general. Even if they were, there is zero evidence that iphone saves files in this fashion. There is no documentation from apple, no videos, no images, nothing that would suggest that iphone is generating these.
Even if these did come from iphone /osx / apple it doesn't preclude the possibility that they are being used for tracking purposes, it would then show that these joan tracking shills are using iphones, which makes far more sense.
Bentley King
not here but posted across various social media platforms ideally the real users account so they can "dox" them
Eli Torres
yeah - they can dox my fake black panther twitter account. woo hoo…
Luke Lopez
It's not clear cut either way because you don't know what you don't know.
I'm reindexing my image similarity page and including filenames so we can see exactly which different images are in fact identical but reposted with minor corruptions
Lucas Martinez
There is no evidence that the images with GUID filenames have unique hashes.
Jason Rogers
4pleb archives can be scraped for this information. the script i wrote to download all guid images on Zig Forums could be modified to record this information, but it would have to be run on a regular basis. atleast it would not have to download all of the images, 8ch provides the md5 hash in the json.
Ian Rogers
Make sure you include galleries of the "identical" images so we can be sure your code isn't just finding false positives.
Evan Baker
look at all those questions. straight up Q style circular logic. that wont work here.
Connor Stewart
evidence of what, nigger?
some people are just stupid, user. also, even if this landwhale isn't doing it, we know the gummints, soros and a shitton of others are. so, in the end, whatever gets ppl to think up a valid solution is good. just go with it and filter obvious trolls
Charles Lopez
I already did a example search on 4plebs that proves that the first time an GUID named image was posted it did not have a GUID filename. It also showed that the image was posted with a GUID filename 7 times and the GUID was unique each time:
Jose White
Zig Forums would have an aneurysm
John Perez
In your own post you say it's possible, but it's unlikely because users have to save the image with the original file name. On Zig Forums it is possible like you said, just less likely. That's not proof that you can't track people with it. They get less hits, but the hits they get are useful.
Who says they are not also using alternate ways of tracking users such as recording the automatically generated file name? You would have no way of knowing.
This post is entirely based on speculation, you aren't even sure if iOS uses those naming conventions. And they could very well have been spreading the images as early as January. Bring some actual evidence against this theory.
Lincoln Richardson
testing 1 image is not enough. all guid images on 8ch at any one time should be pumped through 4pleb for analysis. last time i did the scrape it was 550+.
Anthony Hernandez
I'm well aware they use image data to deanonymize our posts, I brought that up in the first post in my thread.
I agree that a solution should be created for automatic anonymization of image data and widely adopted by anons. We do however need to put this "Joan and the GUIDs" hysteria to bed, because it's fucking embarrassing and is wasting people's time.
Evan Gutierrez
you should take opsec more seriously user. just as a general rule. you still put a password on that twitter account that you don't care about, no? why? because that's just proper practice. there doesn't have to be a reason for opsec – it should just be part of your routine as a matter of course
good work user. also remember this and you could use that github script I posted the link to earlier
Jonathan Gutierrez
they could just as easily record the 8ch unique filename the moment they post their guid image. 8ch filenames will remain static as long as the md5 matches.
Jordan Phillips
It's definitely not finding false positives because I am searching a feature space using k-nearest neighbors using an identity matrix and taking the second neighbor (first neighbor is self). So I take the smallest non-zero distance (the 2nd neighbor) and only include those neighbors which are within 5% of the maximum distance.
Christopher Rogers
Always use different passwords. For example, if you use the same password on different sites, there's no guarantee they'll be hashed or plaintext, encrypted, or not. Even then, sites can use the same salt for hashes (think forum software or wikia software), and the last thing you want is a list of known hashes being linked to you.
Jace Diaz
no arguments here. i doubt the effectiveness of their efforts considering she was so incompetent that she actually believed an over-the-top ironic mekotur tweet was real info
Camden Myers
Answer the question. How is Beneficial to shills? Create paranoia? We already are paranoid. Distraction? There are much easier and more effective ways for shills to disctract us. They just make a "Trump is ZOG" or "christcuck" thread. Just watch, someone will make a statement about me because I mentioned those.
Justin Powell
The point is that the alphabets already track and deanonymize our posts using the image data, and they don't need to try to bait us into saving them with filenames that almost no one will save them as. They simply track based on the automatically generated filename (e.g. can tell what previous threads that user was in) or based on unique filename the user saved the image to on their computer (this is the most deanonymizing thing of all).
To say that there is a scheme that's been cooked up to track image posting by uploading images with filenames that almost no one will save is fucking retarded.
They are doing this and always have been. That's why this "Joan and the GUIDs" hysteria is fucking retarded: Not only is it an inefficient scheme, it's redundant.
Then why don't you try testing some more instead of copy pasting your pleb-tier spaghetti code and acting like you're a big brained hacker?
Waste our time, make less intelligent anons afraid to save images or post here, and eventually demoralize us once it's revealed that time has been wasted over nothing. Keep in mind they may not be glow in the dark shills, but just trolls who are in it for the lulz.
Parker Foster
Fatty fat fat LOVES pasta. The pasta monster will eat it all cause she's starving
Justin Johnson
I personally don't care too much for the GUID shit. I want to see who is posting similar images across various threads, and compare the differences between those images for the lulz.
Aaron Bennett
Except you are forgetting about one very important thing. These other tracking methods only work within the chans. It's been stated several times in these threads that the goal is to track them inside and outside the chans, to identify people's accounts on Twitter for example. On other websites there is no way to track an image they let out in the wild, a user saves, and brings and posts to 4chan. That's the whole point, it is another way of tracking on more sites besides just the chans.
Stop with the bold and red text, it makes you seem hysterical.
Charles Edwards
thats why i'm concerned about steganography
Logan Hall
that's exactly what I plan on doing jew, if you don't think these guid's are an issue why are you shilling against it so hard in this thread? why are you so angry about it? at the worst it will be a mild irritation for idiot anons using iphones, which is the only real counterargument you kikes are putting out against it, which your doing less of now since you can't come up with any evidence to show iphones are actually producing these images.
Now your arguments are getting so outrageous they're worse than what's being argued here.
Julian Phillips
True, that is a real threat. I wonder if there is some program to detect anomalies in images and if so how effective they are. The best way to be safe would be to not post images you've saved from the chans on other sites, as long as you repost them here they can't tie you to an identity.
David Anderson
I'm about to post a comprehensive list of similar images on Zig Forums
Julian Richardson
a222f8 is very suspect, there is little risk to this theory being wrong and a lot of right with it being right. He is also using Lain images a lot in an attempt to identify himself as another user who always posts Lain images, and the real user is much more rational. If he is a shill they are putting a lot more work into fighting this theory than other posts.
Thomas Foster
i hadn't really though too deeply into that as an attack vector, but i almost always do. good input, user
it seems to me the fact that this is motivating anons to think about opsec means its a positive development
like whining about muh hamlpanet in a thread where anons are motivated to talk about opsec? it seems to me the real shills are the faggots distracting away from meaningful progress by getting caught up on the particulars of this specific cunt rather than the idea of helping anons circumvent surveillance
right, so let's stop getting caught up with the specifics and work toward helping anons not be tracked in this way!
i think this argument is stupid, but you're wrong on this point. the main way to track individuals is finding them posting the same image with the same name across multiple accounts. the origination of the image, and its "original" filename, is irrelevant. its you posting the image over and over again throughout time that gets you tracked. let's concentrate on solving that problem
Elijah Russell
we could modify the program i've suggested to not just reverse image search and pull a new filename but to ALSO swap the image as well, which would solve the steganography problem, assuming the reverse image search would identify the two images as the same regardless of the fact that one had a watermark or whatnot in it
anyone engaging in the "is the hambeast really gonna get us" argument is suspect. stop worrying about it and start helping solve the problems we've already identified ffs
Jacob Jones
Someone photoshopped an eye in her butthole which was worth it all for me.
Noah Powell
Also please shoop two buttholes where it's eyes are located. Would be funny
William Davis
How so? If someone uploads an image saved from the chans and they upload it to twitter, all twitter's sever has to do is check the filename and hash and cross reference it with a database of images from the chans.
Ever noticed how when you upload an image to twitter it takes a canvas fingerprint? Twitter is taking a snapshot of your unique hardware and software configuration, every single time you upload an image. There is no telling what sort of analysis they do behind the scenes with regards to filename and file hash. All of that data is also intercepted by the NSA and analyzed by their own software for tracking user activity on the web; it's likely that Palantir software has modules built in exclusively for analysis of imageboard posting activity.
Stop with the brainlet-tier posts, it makes you look like a boomer-tech moron.
You're shitting up my board with useless FUD. I've tolerated this "Joan and the GUIDs" fucking nonsense for long enough. I thought anons would have already put this shit to rest days ago, but apparently someone needs to hold your hand and explain to you how you lack basic critical thinking skills and are ignorant beyond belief with regards to the reality of the surveillance being conducted here.
Meanwhile you have provided exactly zero evidence for your claims about these GUIDs tracking anons or recording responses to posts that use these GUID images.
If you think Google is the sole entity we're up against you're fucking retarded. Are you even aware of the fact that every byte you send across the Internet is copied to NSA servers and saved forever? Do you even know about the fibre optic splitters?
Now you're accusing me of not caring about opsec and encouraging you to "give up", meanwhile in my very first post in this thread I encouraged the development of a reliable solution for anonymizing image data, stating that it is in fact a serious opsec problem. I've also provided you with information to help accomplish this effectively, which included dispelling the hysteria surrounding this "Joan and the GUIDs" nonsense to educate you on the actual opsec threats that exist in reality.
You are Dunning-Kruger syndrome personified.
I've already explained how the theory is wrong and explained that a far larger opsec problem does exist and should be focused on instead. Yes, we need a reliable way to anonymize image data. No, the hambeast in OP is not using GUID image filenames to do so.
They don't care enough user. Your shitty argument of "This doesn't matter because this other thing is bigger" holds no water. The reason for concern is that this is a ghetto attempts at doing what the alphabets do but with a more ideological bent. Alphabets will look at the chans and collate them as a single point of data into some prediction so they can try to steer the country depending on trajectory. This half-assed private sector attempt will create a service that will be sold to HR departments as a way to avoid "non-team players" or applicants with "an anti-social bent" or somesuch doublespeak. Guess which one will have more immediate effects on your life user?
Does Joan on her shill posts still say those filenames are just simply iphone filenames?
Grayson Gray
They most certainly do user. But their purposes are larger and will not directly impact you (usually, this offer not valid if you become a good agitator at naming the jew). The point is that this less sophisticated, private sector attempt at alphabet-style data gathering can have value and thus can be sold and is much more immediate. Consider the eternal normie, with FB and twitter and so on. He harmlessly posts an image originating in a chan. Our private-sector product uses the ultimate in Joan-Tech to sniff out those stale memes in their public facing accounts and puts Normie-kun in an easy to access database (for only $599.99 a month) that can let employers know if he's a good goy or not. That is the issue.
more circular logic. either way, it doesn’t matter; ANY WAY, it doesnt matter. we are not scared of any if this nigger, you shouldnt either. btw, that is a fucking lefty meme and you just outted yourself with that shit. keep wasting your time shilling with your sad attempt at fear mongering nigger, it wont work on us. my name is justin peterson, im a proud White nationalist, and im in upstate NY. dox me faggot, go for it, PLEASE. see, WE DONT CARE. you do not nor will you EVER have that ability because you are technically illiterate. you cant even defend your position with a lucid argument, so why in the fuck should anyone be afraid of you? defened your position on that faggot, try to. make me laugh at you again
Gabriel Walker
Posted in different threads
Brandon Price
What's your point? Zig Forums won't let you upload identical images.
James Clark
filtered, i'm done with you jew
Connor Cruz
This isn't about whether good goys post memes or not user. You're not thinking about money enough. What Joan will do is find any patsy and name him alt-right so that HR departments will give her money. Our hypothetical Normie-kun may be the goodest of goys, but so long as he commits the grave sin of reposting a single non-kosher meme he can go into the list so that we can sell the list. We simply hide the list under a veneer of 'research'. Have you never talked to an actual corporate salesman, user? They'd buy this kind of shit in a heartbeat as long as you throw enough synergistic IoT AI Cloud HyperConverged technobabble
LOLWUT
How is me trying to explain that Joan is jury-rigging an Alphabet process for eventual profit telling you not to worry about the 3-letters? I'm just telling you to be more worried, because if it takes off then you can expect more 'entrepeneurs' to come out of the Alphabets with even worse shit….
ah yes, filter someone when you cant accept they are right. glad to see that you finally fucking gave it up.
Austin Parker
That's D&C user.
Sebastian Butler
Provides literally nothing of value
Parker Ross
And this is meant to be evidence of what, exactly?
Nigger you can upload identical images if you upload more than one image at a time, how new are you? My point was that your little analysis demonstrated nothing suspicious.
There's nothing "mysterious" about it, there are public archives of most a major boards, and we know that the NSA saves literally everything. So speaking about the truth is forbidden because it scares you? You are an absolute faggot. I respect a well maintained lawn but keep your facebook image macros the fuck off of my board. Fear, Uncertainty, Doubt. Old school pysops.
There are shit loads of existing meme posters that post shit on their facebook publicly. What's the big deal?
Christian Cooper
you clearly didnt get it nigger, nothing you are doing here matters. HR departments cant do shit with anything, the lawsuits they would face for discrimination would put them out of business. you know this, we know this. why are you still here? this is why people hate niggers like you. your people are dumb as fuck
Bentley Hill
>…. Go back to your q containment board faggot.
Brayden Thomas
Has anybody found anything interesting yet?
Charles Bennett
ITT: Feds arguing with each other to distract from real progress if there are any real anons still ITT, just don't engage with them
Dominic Gomez
agreed. what's the current working theory and what will be our next research direction?
Hunter Lopez
swedish elections on the 9th
Austin Russell
i'm scraping every guid on Zig Forums right now and then getting the number of md5 matches on 4pleb, i'll post results when finished.
Eli Hall
might be an intractable problem
Jordan Ross
As opposed to your spaghetti code pleb scripts you are posting so that our enemies can also analyze our communication on the board?
Holding your hand and explaining to you that this "Joan and the GUIDs" nonsense is not the real concern is in itself valuable, but if you want to get pedantic about it most of the advice I posted was in the previous thread. It's pretty simple: File hashes need to be non-destructively altered, and filenames need to be generated in such a way so as to be non-unique (e.g. match the file's hash to that of an image that already exists in an archive such as 4plebs.org and randomly select a filename based on the results).
Please post more shittershattered responses, user-kun. The fact you revealed you're fresh off of the boat from cuckchan just makes your salt all the more delicious.
If Joan-Tech and it's half-baked pseudo-tracking methods can be monetized, then an actually good tracking method would be worth more. And if this one spook process is worth money, why not copy and corporat-ize another process after I work at a 3-letter for a few years? The only take away from all this, if nothing else gets through, is: 1. You can probably track anons within Zig Forums based on filenames 2. Practice safe opsec, as you should already be doing.
We can hope user. However, you forget something: political belief is not a protected class. Except in Commiefornia, oddly enough.
No, especially since you are the only one making an attempt at discussion.
I agree, remembering how to keep anonymity is probably the best, such as with the methods at the top of the thread. I've always wanted to make a script that randomizes image data and filenames on my saved folder. I should see if anything like that already exists.
can you explain the logic behind your reasoning? what link are you trying to establish?
are you obtaining md5 for all images on 8ch and 4chan? or are you just focusing on guid images
Jacob Ross
true, but we can still speculate and act based upon our best guesses
uh… neither. we need to build a script that jumbles filenames in order to circumvent tracking full stop. the landwhale is irrelevant, and i'm not interested in idle speculation about dime-store political actors
Matthew Harris
i'm not convinced that is a complete solution. stegnography remains a persistent threat even if the metadata (filename) is scrambled
Asher Wood
i haven’t forgotten shit nigger. i would love to sue a company that had an HR dept that utilized such data. im a law fag nigger and you want to lecture me on the fucking law? go to law school you subhuman piece of shit before you try that. i alreadu told you, your fear mongering isn’t going to work here. your just making a fool of yourself. first you proove that your retarded on the subject of tech, now your demonstrating your ignorance of the law? FUCKING KEK NIGGER! please respond again cunt, this is some funny shit
Andrew Bell
I posted code earlier for maximizing filename collisions. This script reduces filenames to hexadecimal representations of integers starting from zero so the filename is extremely compact
See
Gabriel Watson
one steganography algorithm description:
The embedding algorithm roughly works as follows: At first, the secret data is compressed and encrypted. Then a sequence of postions of pixels in the cover file is cre ated based on a pseudo-random number generator initialized with the passphrase (the secret data will be embedded in the pixels at these positions). Of these positions those that do not need to be changed (because they already con tain the correct value by chance) are sorted out. Then a graph-theoretic matching algorithm finds pairs of posi tions such that exchanging their values has the effect of embedding the corresponding part of the secret data. If the algorithm cannot find any more such pairs all exchanges are actually performed. The pixels at the remaining positions (the positions that are not part of such a pair) are also modified to contain the embedded data (but this is done by overwriting them, not by exchanging them with other pixels). The fact that (most of) the embedding is done by exchanging pixel values implies that the first-order statistics (i.e. the number of times a color occurs in the picture) is not changed. For audio files the algorithm is the same, except that audio samples are used instead of pixels.
Zachary Cooper
i'm getting all images with a guid posted on Zig Forums and searching 4pleb for the md5 to see how many results it produces. I want to see how many of these images are OC first of all, and to what extent they're on 4chan.
depending on how widespread these images are i'll either look to see what the filenames are on 4chan manually (to see if they're guids) or script it. i'm not sure what i'm trying to accomplish but I'm curious about the result. many of these guid images posted on Zig Forums seem to be OC.