1/A thread about Information Security and Stealing from Children:
When I was younger, I used to spend summers at the Ronald McDonald house while my nephew with Cerebral Palsy would recover from leg surgeries. I made a lot of friends, some of them - would disappear.
2/I'm not talking about the type of disappear where they would go home. I'm talking about death. A lot of my friends were extremely sick, going to this specialized Children's Hospital. Unfortunately, I learned about the severity of loss at a young age. Over and Over again.
3/How does this tie into Information Security? Well - the Ronald McDonald house let the kids use their public computers to play video games. They were extremely nice about it, I mean, you're talking about a lot of suffering Children and families easing pain.
4/The Ronald McDonald house did plenty to help. They would bring in food, give all of the families and children gifts, and even bring in Therapy dogs and create fun events for everyone to participate in. Nonetheless, Information Security wasn't exactly their forte.
5/I became friends with this amazing young girl, she was severely ill. We would play @RuneScape together for hours on end. The both of us got a lot of the other kids into the game as well.
6/One day, we all came down from our rooms to play Runescape together. This time was different though, none of us could login to our accounts at all. At such a young age, it felt like the worst day of our lives. We were all having trouble recovering our accounts.
7/Out of the lot of us, only one kid managed to recover his account - and all of the items that he worked for had been stolen. Months of effort, wasted. A lot of us were sad for weeks, we tried everything, but most of us were too young to remember all...
8/of the details that Jagex was asking for to recover our accounts. Most of us went off to find other games. The one girl that I had become friends with still hung around with me, but she was noticeably distressed/sad over the Runescape thing.
9/Roughly a week later - my friend didn't come back. I didn't see her where we would usually meet. My older sister explained to me, stating that. "J she was in heaven with God now."
10/At this point I had a better idea of what she was talking about. I was religious at this point of my life [I'm not anymore]

I was devastated. I lost my Runescape account that I had for years, I lost my friend. I was probably too sad for someone between the age of 8-10.
11/I grew up poor though. I didn't understand Information Security or passwords - my family didn't either. I never had anyone to explain any of this to me. Even still, my family sucks at Infosec, no matter how hard I try to help them.
12/Years later [actually this year] I had found my account on a Criminal Website. It looked like some foreign individuals were stealing high level/decent accounts, and reselling them. In this instance, it looked like they had been keylogging on public computers + phishing people.
13/I don't remember if I fell for a Phishing email as a kid, or maybe there were keyloggers on the computers. It's difficult to say to be completely honest, but there's something that I want to say about this situation.
14/I don't care who you are. I don't care what's in it for you. Don't steal from Children. A lot of video game accounts belong to KIDS. Dozens of kids were completely devastated. Who knows how many children lost everything that day. That was all a lot of us had.
15/Forget about my account for a second though. What about the young girl who had her account stolen? Her last week on planet earth was spent in absolute distress and misery about losing her account for her favorite video game.
16/I think about this often, and during times where i'm having a hard time, I login to my modern day Runescape account. I spend time snuffing out scammers and reporting them. I report toxic people, I try to clean up the game for kids.
17/When I stumble upon breaches with instances of Runescape Account Takeover during my security research, I submit the links as a tipoff to Jagex. I truly think about we need to come together and protect children online.
18/I know that not all of the accounts belong to children, but nonetheless, I try to do my part.
19/If you're a parent, PLEASE teach your kids about Information Security and best practices. They are never too young to learn.
20/I'm not saying this to humble brag. I genuinely want you to understand that if at the time, we had parents to teach us why it wasn't safe to use public computers the way we had been using them, or trust emails, etc, we may have been better off.
21/Be kind and help out. I don't care how broke you are. Don't steal video game accounts, they could belong to kids. It's disgusting. Grow up and commit real cyber crime if you have the guts to steal from kids, then, maybe you'll get caught and punished.
22/Special thanks to those good people out there that put a ton of time into community moderation and cleaning up the game. I know people rip on you, but honestly it's so important.
@AmberLynn_07 @JagexTrident @JagexTwisted @JagexTyran
Much respect friends.
You can follow @johnjhacking.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.