Let's start this thread off by figuring out what can be purged/added to the OP.
I'd like to suggest some basic things people can do to increase their personal security as well as potential projects/links to things people are working on.
Anyone got anything interesting on github or the like?
James Hughes
>purged Why not put things off to an archive? As for an interesting github there is the collection of Jow Forums manuals github.com/mayfrost/guides
Jayden Phillips
>What /projects/ are you working on?
>doing some assembly work for nand2tetris It’s a very fulfilling course. >planning out a program to scan my yugioh cards and mark in a spreadsheet which ones I own Will not make deck building easier in the slightest, I just want to do it. I’ll set up a webcam in a bed I’ll make, have it take a snap whenever I press a button, use OCR to read which one it is, then put that into the spreadsheet. The last part there is the one I’m thinking of how the fuck to get it going. >little electronics kit to solder together to make a guitar amp I should do this on the weekend, then spend time painting up the box I got for it. I’ll make it a gaudy camo cause fuck you I won’t do what you tell me.
I also have plans and notions of studying the PWK; I have downloaded copies of the material and videos from the handsome man general threads when they were around; I just need to sit and do it.
Hey OP, I’m trying to build a computer and would appreciate your wisdom. The short story is that I want an old laptop to view secure files without the worry of any external viewers looking in. My idea is to remove hardware to prevent any internet connection. If I were to buy an old laptop with removable hard drive what part of a laptop would I physically remove to prevent any connection online?
If this is too technical, how can I find this information online without it tracing back to my own devices?
If you are so low in skill you didn’t know what a wireless card was, you don’t have the knowhow to perform the proper OPSEC to keep them from knowing what files you’re viewing on this machine anyway
Owen Peterson
Where can I start to get better at OPSEC?
Justin Davis
By learning everything.
do you know why a leaky dns is bad, even when you’re on a VPN?
Do you know if Tor is a VPN?
Do you know how to do a Mac spoof, and what are good macs to use?
Try grugqs videos on opsec, they are a good primer to have you realise unless you’re fighting nation states or actually doing something illegal, it is A LOT of effort.
And if you’re doing either of those things in your present state, lol good luck son
Luis Cruz
>good macs to use
what
Landon Lopez
You idiot
Benjamin Gray
If you spin up a clearly false MAC address, it’ll be quite suspicious isn’t it?
Nice rebuttle
Eli Miller
Well let's start by removing that lame "Hacker's Manifesto" bullshit written by someone who ratted out everyone after he got busted. Lame tripfags should be removed.
Benjamin Jenkins
why does it seem like there are no good resources for assembly.
Ayden Edwards
>Nice rebuttle Okay I meant what do you mean what is a good mac to use? Any MAC that isn't yours is a good one to spoof.
Charles Brooks
>Read Neuromancer >Amazed how much shit the Wachowskis took from that novel for The Matrix movie >He could have sued the shit out of Warner Bros and Wachowskis and would've won hard
Mac addresses arent sent network to netwotk they are mostly just used to communicate with your routers ARP protocol. I say this because MAC spoofing isnt really necessary for OPSEC unless youre at a public WiFi.
Asher Robinson
It makes sense because if you use your laptop with a spoofed MAC that identified something like an iPhone but you are on an ethernet VLAN they obviously know the MAC is spoofed.
Hunter White
does steganography have any modern uses besides appealing to my autism?
Dylan Perry
sometimes
Oliver Smith
rescure from page 11
John Gray
>Level 7: Replace your e-mail provider with a more safe, more appropriate provider. A good option is cock.li.
Nice meme.
Luke Stewart
Any good resources on 433/315Mhz ASK radio communication?
Justin Perry
any provider is equally decent if it has imap support and you use pgp
Lincoln Evans
gmail support imap and pgp
Brandon Gomez
Virtual worlds by '99 weren't in any way exclusive to Gibson. They were explored in literature even before Neuromancer came about. As for other concepts in the book, you can attempt to only make a vague connection (Zion dub - space rastas, Molly - Trinity, Armitage - Morpheus), but it's certainly not ripped straight.
unless you've got said someone in your LAN or you're not behind a NAT, the MAC doesn't leave your house
Justin Jackson
i forked futallaby and gonna try to set up my own chan in my native language but i need to adapt php for version 7 and that will take a while. it was last updated in 2004 and it seems that a lot of functions since then has been deprecated. it will be a fun learning experience.
>Let's start this thread off by figuring out what can be purged/added to the OP. Let us rather reformulate it by asking: what in all those pastes are not already in the FAQ?
Matthew Lee
Is crypto /cyb/? It's underground, pseudonymous, anti-establishment, high tech, has the lowlife angle, makes a lot of otherwise losers rich. When I'm working on my bot or trading I feel pretty plugged in. >nb4
I believe /cyb/ always includes /sec/ and /crypto/ but the reverse is not always true and /sec/ has in the past tended not to believe it relates to /cyb/.
Hunter Russell
>What /projects/ are you working on? I'm trying to create my own assistant through voice. Although I want to plan it carefully so it doesn't seem overwhelming and I drop it because "too much to do". I plan to do it on C so I can learn along the way.
Tyler Cox
decentralized assets are /cyb/
James Campbell
Recommendations on a VPN provider? Nord VPN seems hard to beat.
Bentley Perez
Just finished the sprawl trilogy. 'Bout to start on pic related >i'm gonna be disappoint aren't I?
It doesn't just hide the information it hides the communication
Carter Williams
PIA (privateinternetaccess)
Also to anyone in this thread, I work as a cybersecurity consultant and would like to know some people who I can talk to/bounce ideas off in general, as I do not really have any online contacts into this stuff.
If you want to contact me my Discord is shalashaska#2029
Landon Moore
If you expect another Sprawl story or even a story of same style then yes you will be disappointed. The author mentioned there is just one person in Virtual Light that would have fitted in with the Sprawl cast.
Just go in and expect something different and something set in a far nearer future.
When talking about "second chances" it gets fukken hillarious.
Dominic Bell
>Any MAC that isn't yours is a good one to spoof. As I said
if you use something thats obviously false it will raise flags.
You DO know that the first half of the mac is vendor specific, right..?
Zachary Torres
Can we ask about job things?
Kevin Lewis
What are some of your /cyb/ side hustles?
William Martinez
>if you use something thats obviously false it will raise flags. I don't get it though. The computers aren't smart enough to detect if a MAC is coming from a false source, and Apple products can show up connected to Ethernet is they connect to an AP first. Plus, even if it wasn't fake looking, wouldn't they be able to track you by your activity anyways as opposed to what is or isn't fake? The only good reason to spoof a MAC is because you need to authenticate something else that can't do it on its own, or you need deniability for if they grab your rig.
>The computers aren't smart enough to detect if a MAC is coming from a false source They can be. Check OS profiling. The IP traffic leaves fingerprints as do vendor specific applications. If that does not match the MAX prefix red flags will be raised.
Adam Russell
What would you think is the easier way to get in a serious cybersec? Not trying to be a lazyass, is only I can't figure out if promotion is easier than applying for it directly.
Joshua King
Depending on where you are you could try the military route. There are bits about these things in the two FAQs we have.
Benjamin Powell
your own openvpn instance probably
Gavin Lee
>The IP traffic leaves fingerprints as do vendor specific applications. I haven't looked at it yet, but just from your description, it sounds more like they're monitoring your activity than monitoring your actual MAC address.
Logan Smith
>What would you think is the easier way to get in a serious cybersec? find vulns, publish them, add to your CV, alongside all your knowledge and previous experience in IT (even if it was some minor shit... put everything you know in your CV, and more)
Hunter Stewart
Is actually true the "what you did on your side actually counts"?
Hunter Cooper
in infosec? I would say, yes, absolutely. in fact, bragging about what you've done shows your experience. just don't brag about illegal shit, obviously...
Dominic Gomez
Read up on the EU's GDPR. It will be one of the first infosec regulations of many. Similar to how many Countries or States have civil codes for the construction of buildings/houses in the interests of public safety, so too will websites/web services in the interest of security.
You can make a very lucrative career having experience in creating standards-compliant stacks better than any rapid prototyping pajeet.
Jonathan Morales
I see. I'm actually a nooby IT guy with an appeal for /sec/ so I thought it would go through the promote way but seems like that's the worst path possible.
Nicholas Wright
infosec has many paths, it's a very broad field, so find the areas you like and learn them. also, practise, practise, practise.
Colton Adams
btw, go to because this shit thread usually doesn't have much to do with infosec...
John Thompson
Really? This fine thread made two FAQs, one on /sec/ and one was a rework of an old /cyb/. In addition the FTP site is filled up with more resources.
Does /hmg/ any resource collections?
John Hughes
who cares about the FAQ? there are LOTS of infosec resources out there, the best one is google... you want to talk to people about infosec stuff, and this thread is full of >hurr durr cyberpunk future LARPers and people who don't know the most basic shit about infosec
Joseph White
>who cares about the FAQ? A few of the regulars here do at least. It was written so that we do not have to restart the conversations from scratch every time.
>LARPers Oh, it is you.
Brayden Bennett
Which one of the old OPs? The one who is compiling all the stuff from past threads? Please don't give up.
James Clark
>By learning everything. This comes up every time the question is asked. People need an order of things to read, much of the literature assumes prior knowledge, and when people ask questions like this they are most likely rather blank.
Jack Barnes
Earlier we had a discussion about this picture. One user said there was a problem but what was it?
Terrorists, or "terrorists," such as global resistance movements, can hide communications information such as orders or intel inside of files and data using steganography.
if i enable secure boot to only boot my signed linux kernel, what stops someone from reflashing the bios and loading their own bootloader/kernel?
Juan Nguyen
Pull the NIC card out. Without the NIC the computer cannot communicate with the internets, at all
Kayden Thomas
Seeing as the poster you are replying to is right, start with the three basics A+ NETWORK+ and SECURITY+, even if you don't test you should still read the books.
Also, on Udemy there are some decent lectures that are a great supplement by Mike Meyers, who wrote some of these books. They are usually expensive, but about once per month the price drops to about $10-$15 per course. The entire course for that cheap is a great compliment to these books.
Jack Hughes
What exactly is cyber anyway? I mean, is it just all things internet or is there more meaning to it? How would you define it?
Anthony Gray
cy·ber ˈsībər/Submit adjective relating to or characteristic of the culture of computers, information technology, and virtual reality.
Carson Diaz
assuming there is something embedded here, what program would I use to see it or to make my own embeds?
Daniel Evans
It's the whole website that it is on that is interesting. The old boards were amazing, I love reading them.
Logan Gutierrez
So cyber is really referring to the sub-culture in this instance? That is pretty interesting. Thx user
Joseph Martinez
Extasyy Elite Disbanded -----------------------
The following data has not been completely researched and may be considered as rumors. Bit Blitz busted for phreaking, the organization and enforcement agencies are unknown. However, $3000 worth of computer material (7 computers) were confiscated. Also it is reported that The Mentor informed on him.
The Mentor was busted for breaking into his school to steal 29 computers. Also it has been said that Poltergeist is in the hospital with leukemia. It is unknown if any other members were busted for any other reasons. However, all former members are apparently safe now.
The Bit Blitz and Crustaceo Mutoid are supposedly forming a new group called Rising Force and The Mentor is starting an elite hacking group.
Much of this information has been supplied by former Extasyy member:
Can anyone give me a guide and tips to create and secure my own home network?
Wyatt Rogers
hurr durr
Julian Taylor
Decompress the image to RAW RGB, it should be 48bit. Copy all lower order bytes of each color component pixel to another stream. Last 4 bytes denote the payload length. Payload begins at the very start. First byte after the payload end denotes filename length. Filename follows afterwards and is an ascii encoded string. It includes the extension. Filename is included because some "platforms" do not have tools to determine file type via magic number. For some file types it's possible to simply copy the whole lower order byte stream without parsing the additional information at the footer, at least 7z ignores it well, as well as pdf that's inside of that image. This effectively bypasses the embed filter, because the original file content gets scrambled. It's also undetectable by eye and doesn't harm the original image in any way, if it's 8bit. I think up to around 82% of the final image size can be filled with payload, provided the image is mostly white.
Michael Gray
>Search into the archive it should be the answer. I have followed all these threads. One user said the physics was wrong but never came back with the details.