Online life
Being safe online is as important as being safe offline. As an Internet user, you'll need to make sure you can stay safe while using the Internet. There are a lot of dangers lurking out there, and staying safe may sound difficult enough without factoring in how bad actors and malicious agents can use the Internet to target MAPs providing mutual support to one another. Online safety might be second-nature to some, while to others it might require conscious thought. In either case, we need to cover the basics before we get a bit more in-depth.
The Internet is almost a different world. There are dangers unique to the Internet; things that cannot possibly be a threat outside of it. Viruses and malware run rampant through some parts of it, and other unmoderated corners get people in trouble just as fast as being drunk and disorderly in front of a police station. These are dangers we don't want to fall victim too, nor dangers we want to see others falling victim to either.
Anonymity is such a necessary part of our lives, too. Slowly, various websites are working on ways of monetising your private life. They already monetise most of it via social media outlets, who have contracts with advertisers to show you targetted and personalised ads created with information scoured from your Internet browsing history and activity on the sites themselves. More often than not, your data is actually sold.
Being safe online requires a number of steps to be taken, starting from the basics that most know and extending to other things that require more conscious thought and consideration. As like in the prior section, this list is not infallible and there may be gaps in information. If there's anything you don't understand, don't hesitate to contact us and ask for it to be clarified.
Illegal things happen on the Internet too? Crazy!
These things need avoiding as much as any illegal things that one might do outside of the Internet. They pose as much a risk to you as offline illegal things do, no matter what anyone else might tell you. Everything can be traced if someone is determined enough, and that level of determination has been reserved for people who do illegal things. Don't be one of them.
This includes "small" things such as pirating music or movies or harassing people online.
The legality of shotacon and similar is contested in many countries around the world. Even if you think it's legal, do not risk it. Always check the laws of your jurisdiction first, and always make sure you are not taking risks. If you have to ask "is this legal?", do not do it!
Kid's rules are some of the most restrictive, but the most protective at the same time. If we all followed the same rules that kids do, and some others, we would be near-impossible to trace and identify. Like anything else, it's not foolproof, but it's a good way to protect yourself. Obviously, the advice given here has been tweaked so that it applies to adult boylovers, not children.
This is something that happens regularly on the Internet, especially on dating sites, but it should be avoided within the BL communities. A part of the Internet is that we don't know who's on the other side. We've no idea who anyone is, so how do we know who we're giving this information to? What if the other person wants to hurt us?
To protect against this, it's good not to give out information that could be used to identify you. This isn't second-nature to everyone. Young boylovers are often given unsupervised and unregulated Internet access from a young age, before their sexuality begins to present itself. More importantly is that many are not being taught how to use the Internet safely. The rule against giving out personal information is one of the first rules a child should be taught about using the Internet, and the same goes for boylovers.
Personal information includes:
- Names and nicknames that aren't the one you're actively using.
- Age.
- Birthdate.
- Location, including all past locations.
- Timezone.
- Occupation.
- Email address.
- Family tree.
- Marital status (you can say you have a partner or lover though).
- Phone number, even disposables.
- Pictures (of yourself, people you know, your pets, places you've been, things you possess, etc).
- Any password to anything you use, even if it's not boylove-related or no one knows about it.
- Links to your social media accounts.
It might be useful to lie about some of these things in order to throw people off. While lying does reduce credibility and is generally ill-advised, it can work to your advantage here as it makes it difficult for people to deduce who you are. For example, pretending you are 28 when you're actually 26 isn't going to hurt anyone (though pretending you're 14 when you're 16 could). Pretending your birthday was last week when it's actually today isn't going to hurt anyone either. Perhaps you could lie about part of your employment to further throw off the scent. All of this makes it harder to identify you.
In other instances, being vague will be better than telling a lie. If you want to post about something that happened involving your family, you could be vague about how big or small your family is. Don't give exact numbers of brothers or sisters, for example. If certain relatives are deceased, you don't need to tell anyone unless it's important to what you're saying. They don't need to know these things and you're not lying when you omit non-critical details.
If a website makes you feel unsafe, you have the right to know whether your feelings are well-founded or whether it's paranoia. The website managers aren't going to feel hurt if you have doubts about their site's safety. They are also best equipped to answer your questions and put your mind at ease. If you don't want to ask them, then you could ask other members about whether they feel safe on the site and if they know what the site does to keep everyone safe.
If you are too afraid to ask questions, or you otherwise know that it is unsafe, then just leave. You must value your own safety first and foremost.
This might sound obvious, but what is and isn't suspicious varies depending on what your end goal is and what you're interested in. For example, if you see a link that says "win £2000 now!", that's suspicious. Don't click it! Usually, suspicious links like this (and others) seek to infect your computer or scam you out of your money.
Unfortunately, what is a suspicious link may not always be easy to identify. Bad actors have become better at concealing suspicious links by mirroring real content. This is known as phishing, and seeks to harvest your personal information for the gains of another.
Suspicious links can sometimes be identified by the following:
- Unusual or nonsensical domain names.
- Domain names that look extremely similar to that of a legitimate organsiation or company.
- Links that have your personal information already in them, such as your name, email, a username you use, your phone number, etc.
- Links advertising unrealistic things, such as free money or extreme discounts on expensive products.
- Links advertising illegal or borderline-legal content of any sort.
- Links offering free copies of products or services that require money.
- Links asking you to pay for free services.
- Links not utilising the more-secure HTTPS protocol.
Your actions, or inactions, on Internet forums can put other people at risk. Just as you have to trust other people, they have to trust you. Your intentions should never stray from the purpose of the forum you're on, and you should always be willing to speak to someone if you think something may be wrong.
Content you post to the forum should always conform with all site rules and guidelines. This is crucial to ensuring everyone is safe, including yourself! Staff will have spent countless hours scrutinising the rules they enforce to be sure that they are fair, but more importantly to make sure that they prohibit unsafe behaviours. Even if you do not understand why a rule exists, follow it. You can ask staff about why in your own time, but you do not get to waste their time because you do not understand or do not agree with a rule.
Every member of a forum should always report something they think might be against rules. Not doing so will put others at risk. A collective responsibility of the members is to ensure safety of the rest of the group by being safe themselves and encouraging safe habits amongst others. When any member stops reporting content they suspect to be unsafe, they contribute to the decline of the group's overall safety. Don't think twice — report unsafe content or you will be complicit if problems arise later down the line.
Various boylove venues have been the target of law enforcement investigations, with some being taken down and others unaware they were ever looked into. The bigger the venue, the more likely it is to be investigated.
You won't know if a venue you're visiting is under investigation, as these types of investigations will be run by undercover agents posing as members actively posting or keeping to the background. You will never be able to tell who is law enforcement and who is a legitimate boylover.
This line of thinking can instill a paranoia and sound quite alarmist, but it is something that you can work around. If we assume every boylover on every venue is an agent, how much they know about you remains exactly the same as it was before. This works to our advantage. You decide how much information they know by choosing what you share about yourself and how you share this.
Don't let the threat or a venue being monitored discourage you from actively participating, but do allow it to steer how you conduct yourself on these venues in order to keep yourself safe.
When you decide to join a boylove forum, you need to ensure that you do not join with information that can be traced to you. This may mean creating yourself a new email address for the purpose, and additionally creating a unique and original username or alias that is not at all associated with your offline self.
You should only join a boylove forum when you have such an identity set up. This will ensure that people cannot search your name or username and find who you are, and also that your email address cannot be tied to you personally should it be discovered. Changing your online username or identity is discouraged in any online community and this one is no different. It can disorient people who've become familiar with you in the community. Sometimes, it might be necessary to do this or to completely shed an identity in order to protect yourself or others.
Do not, ever, use this identity anywhere else. It should be exclusive to the boylove community and to boylove websites. Using it elsewhere creates a potential risk of detection. This risk should not be taken, as someone discovering this link will compromise that identity and could lead directly to exposure. This what we're trying to avoid.
Even if you are proud of your identity as a boylover, outing yourself is a bad idea. Society is not understanding and will react unkind, especially online. It is not uncommon for various corners of the Internet to target persons outed as boylovers, either by themselves or involuntarily, and make their lives miserable. This can result in a variety of problems, including witch-hunts by police departments based on information acquired via these corners of the Internet.
Browsing the Internet without one or both of these allows government surveillance to track your online movements and allows advertising companies and other big websites (such as Amazon, Facebook, Google, Twitter, eBay, etc) to track you easier and with higher levels of accuracy.
TOR was originally developed by a U.S. Naval Research Lab as an experiment to see if a network could be set up so that no one knew who was communicating with who. This was achieved by relaying information through servers all over the world before it reaches its true destination, with each server adding or removing a layer of encryption depending on where in the route the server is located. By doing this, the source of the data becomes difficult to identify and the data itself cannot be intercepted and read during transit.
A Virtual Private Network, or VPN, is similar in concept to TOR in that it relays your connection through itself before reaching its destination. It differs, however, in that each VPN is controlled by a company and governed by a Terms of Service that may prohibit certain uses of the service or indicate that all use of the service is logged. Each VPN is different, and operates by different terms and rules. Not every VPN encrypts its connections, for example, and others have policies prohibiting access to certain websites or types of website. Not every VPN logs your use of its service.
A boylove-related site might operate within the confines of the law, but this is by no means an indicator of whether or not the website is being investigated. In accessing boylove-related sites without TOR or a VPN, you could be leaving traces of your real identity on the site or with the site's host. Further, your ISP will know you've been visiting that specific site. This all contributes risk to exposure, especially if the website gets taken down (as happened in 2009 with BoyLover.net).
Most ISPs will keep a record of your browsing activity for a period of time. This will include a reference to you personally (such as an account ID or name), the IP address you were using at the time, and the protocol (http, ftp) and IP address or domain of the Internet service you were accessing. They will not see the data being transferred, but will usually know how much data has been transferred. Using VPNs or TOR circumvents this as the ISP only sees a connection to one or two IP addresses and not the actual destinations of your browsing.
Public WiFi networks have always been available, but they're not without risk. In most instances, they're set up to require registration before you do anything. This means that what you do is subject to a Terms of Service agreement. Best not be restricted by one of those so readily.
There is also the very real possibility that such public WiFi services may be set up to monitor what you're doing, steal your data, or even infect your device. This risk is something that some VPN providers emphasise in advertising their services.
TOR services are websites that can only be accessed via the TOR network. This means that ordinary browsers cannot access them. These services are part of what's referred to as the darknet, or dark web, with all sites that can be accessed via ordinary browsers referred to as being on the clearnet.
Some websites operate both a clearnet service and a TOR service. This is becoming increasingly common as the more and more people seek to avoid being surveilled and tracked by parties unknown. DuckDuckGo, a well-known privacy-first search engine, operates a TOR service in addition to its clearnet domain.
TOR has a reputation for both good and bad. While it protects people who need anonymity, such as journalists and activists, it also provides a "safe haven" for people wishing to do illicit things such as hackers. TOR-only services cannot be verified as legitimate as you don't know what information their web server is tracking or what other things are happening behind-the-scenes. They are not bound by a Terms of Service and are held to no standards, making them extremely dangerous. By contrast, a clearnet domain must abide by a Terms of Service and therein must be within the law of whichever country it's registered out of.
To be clear, this is not to say that you shouldn't use any part of TOR. It is only advocating that any TOR services you use have a clearnet domain in addition to their TOR domain.
Every modern browser has the capacity to run JavaScript. The scripting language is used to provide a large majority of dynamic functionality on the vast majority of websites, however it also allows bad actors and advertising companies to get more information out of you. Through JavaScript, it's possible to determine the size of your display, your local time (and thus your timezone), some of your device's hardware, and lots of other information. This can be used to track and identify you.
By disabling JavaScript, you sacrifice some functionality on a lot of websites for increased privacy by making it more difficult for websites, advertising companies, bad actors, or others, to track you. This makes it harder for those same companies to identify who you are across different websites.
If you find it necessary, there are browser extensions available that disable JavaScript on all websites that you do not explicitly allow it on.
If you want to check how much information your browser might be leaking, not just via JavaScript, you can do so at BrowserLeaks [ext].
Meeting a person from the Internet is scary enough, even without them knowing your secret. You can't just go meeting anyone you feel a remote connection with. You must build up trust over a significant period of time and in a way that all parties are comfortable with.
The advice given needs to be extremely thorough to ensure the highest level of safety for yourself and the person you're meeting. While meets are ill-advised in today's culture, they do still happen. They must also happen safely. As such, we've dedicated an entire page for that subject. You can view that page here.
As we expect some RSOs may be viewing the site and its contents, we've created a page specifically for the purpose of addressing how the application of some pieces of advice changes for them. This page is located here.