i'm not a hacker. i have an entry level programming degree, which means i can write basic applications in c and java and have been introduced to different approaches to programming, like that found in scheme or lisp. i have no experience with modern languages like python or ruby and would not be able to keep up in a conversation about new programming languages. i have minimal experience with non-windows operating systems. the programming degree was degree #2, and was taken in a cynical move to find employment, which i realized was a mistake precisely because i'm not a computer nerd in that sense. i'm an artist, author, musician, etc that uses computers to construct their art, but i'm not into gaming or scripting or anything of the sort.
i get the impression that my small internet following thinks something different, and all i can say is that i'm aware that i have this audience in the dark web that thinks i'm some kind of next-level guru but that the truth is that i'm a human being that can only absorb so much knowledge and can only know so much about so many things. hacking is not my thing, i would consider it tedious and boring. it follows that i'm actually an easy target in a lot of ways, because i have no interest in or experience with this kind of thing but am rather strictly interested in creating and distributing art. i don't want to fight over property on a network, that's fucking boring.
however, the fact that i spend so much time in front of a computer and that i do have some background in programming means i'm likely to learn and adjust much faster than most people. i might be an easy target to begin with, but i'm going to put up a fight, too, with the intent ultimately to catch the fuckers and throw them in jail rather than win some kind of turf war. if i catch you hacking me and can prove who you are, i'm not going to post P4NED!!! on a message board somewhere, i'm going to call the cops and have you thrown in jail as long as i can get you thrown in jail for. i have no tolerance for this kind of harassment, as there is no place for it in a free society.
i'm pretty sure that the attack vector that the hacker (who lives upstairs, i'm certain) is using is a cr-lf injection attack:
what they've been doing is managing to steal my passwords as i'm updating them by writing to my passwords file via the cr-lf attack, which they know i have because they have a camera in my apartment and are watching me all of the time. the attack they're using is buggy, as i've found it by pulling binary symbols out of my passwords list that must have been inserted via the injection attack itself, but what they're trying to do is keep my passwords list static while they get the new, updated versions.
so, let's say i go to update my amazon password. if they manage to "get me", what happens is that my passwords list reverts to the previous password, while they steal the new one. then, they have my new password, and i only have the previous one.
i've been able to recover everything except one gmail account because i've had previous passwords and recovery options. but, this has been a frustrating pain in the ass for weeks, now, and i don't know what to do except avoid it.
the solution, from my end, is to make sure that i don't past any cr-lf characters anywhere. ever. at all. i'm bouncing back and forth between windows and linux machines recently, so this is a real concern.
i also need to put a call out to major servers like google and bandcamp to update their servers to stop this from happening. i can only do so much, as a user, in the face of an overwhelming assault. the problem is ultimately on their end and not mine.
i'm trying to get the cops involved, but i need to get them evidence, and i'm in a catch-22 around it.