Avoid posting book/pamphlet titles that web crawlers can find. Use something like the following: const obscureTitle=(title)=>name.split(' ') .map(word=>word[0]+(word[1]='_')+word.slice(1, word.length)) .join('-');
Ryder Morales
Cyberpunk has nothing to do with cybersecurity.
Joseph Gutierrez
Well started user.
Last thread expired suspiciously early. Lots of junk postings. Raid from /hmg/ perhaps?
True, but where do you talk about /cyb/ if not here, if it was two separate threads, /cyb/ would die with 3 replieds when /sec/ would easily bump limit.
I was thinking in the post of the other day about forming a "hacker" group, I though than maybe I got him wrong. Obviously a call to gather a bunch of blackhats is retarded, but maybe he meant to tinker with virtual nets and wargames, finding guys to do capture the flag with or just learn together (yes, I sound hippie). Nothing compromising, just info sharing and maybe collab. Isn't that why so many people asked for an IRC channel and the outer heaven in the first place? Maybe you know a place like this already exists.
Lincoln Kelly
A guy here asked about megastructures and now a thread was made on /sci/ so I am linking it here
William Ward
Sounds like you are looking for a masker space. There are many all over the world with lots of cool equipment and tools for making new stuff.
=== /cyb/ News >#ParalyseTheInternet — Researchers unearth a huge #botnet army of over 500,000 hacked routers and Internet-connected storage devices from Linksys, MikroTik, NETGEAR, and TP-Link. thehackernews.com/2018/05/vpnfilter-router-hacking.html
>activism.net/cypherpunk/manifesto.html who wrote that fucking shit hahahahaha. It says, "When I purchase a magazine at a store and hand cash to the clerk, there is no need to know who I am". YES THERE FUCKING WELL IS !!!! If you are buying certain magazines intended for adults or if you are buying products with age restrictions then the cashier is fully entitled to ask for ID
>project.cyberpunk.ru/idb/cyberpunk_manifesto.html what fucking stupid idiot wrote that? It's like reading some 14 year old school kids death angst poem LOL. We are the rats the zombies in the murky lagoon of life ahahahahahaha
oh you forgot cisco. The list is the exact same list that was compiled showing how the US intelligence agencies forced those router manufacturers to allow them to backdoor the routers. They arent viruses, those are the CIA and NSA back doors that have been discovered
Adrian Bennett
whats a non botnet dns?
Parker Morris
None, roll your own. I like the dnscrypt servers and the opennic servers, although they don't validate dnssec so I don't use them
Elijah Mitchell
>They arent viruses, those are the CIA and NSA back doors that have been discovered This.
Well, the author, Eric Hughes, seems to have disappeared from the face of the Earth. And did we really ever know who he was?
Justin Hughes
Report /hmg/, don't reply.
Kevin Cooper
Im not familiar with this topic. If you go to dnscrypt.info/public-servers/, it shows some are compatible with dnssec (i think.. the ones with the lock).
Bentley Hall
The thread comment will be updated without the Greenwald video in the future. I'll replace it with this documentary: youtube.com/watch?v=hRwU9zJcT60
David Long
can we get rid of the manifestos
Owen King
Why does that guy have tits
Jaxson Rodriguez
Bodily possession.
Cooper Sullivan
It's a hacked android.
Jose Flores
>guy
John Hughes
using hooktube for future threads.
Parker Sullivan
daily reminder to boycott google when practical.
Samuel Ross
=== /cyb/ News: Some entertainment news: >How Channel 4's Humans was 'relevant in advance' bbc.com/news/entertainment-arts-41920075 >For a TV show set in a parallel present where people own domesticated robots known as synths - Humans is surprisingly realistic.
This topic tend to bring up interesting discussions, especially about sex bots, and very much so from "gender studies" groups.
Isaiah Cook
Why? Even better why not add Pixiefuel's manifesto?
>bbc dot com post stuff from places like here instead: futurism.com, thehackernews.com, news.ycombinator.com.
Dominic Moore
Nice. :)
Blake Sanchez
VPNFilter...what a crappy name for an APT campaign. Why not SmokeSniper or RazorSnake?
Chase Lee
death to the b_B_c
Oliver Sanders
What's the purpose of this "general"? Larping?
Jaxon Morales
what's a good book/resource to learn how bitorrent and dht works?
Parker Powell
>>pastebin.com/SCUbhpjP Why do millennials pasta that xkcd meme each time password strength is at hand? Have millennials never heard of dictionary attacks?
I recently got recommended a declassified document about router security from the nsa. There's an email there, that says question should be directed at it, and since the document is from 2003 I was considering asking them. Is this a good idea? Where else can I find a more up to date version? I'm pretty sure a lot has changed in the last 15 years.
Jaxson Murphy
dictionary attacks dont work when you string together 5+ words
Hudson Scott
>router security >from 2003 >Is this a good idea?
Benjamin Walker
I wrote a short story when I was 10, and I use the sentences in it as passwords. Nobody can understand how I can remember 30 char passwords. Either that or I just use meme shit, like G1bethepussypleaseb0ss Or add a nigger in there, to scare of the normie hackers.
Luke Brown
I'm being serious. Usually people will help you, if you're trying to learn stuff. Some other user in sqt directed me to wikileaks, but I couldn't find any recent documents.
Noah Ramirez
Or just use password padding.
Password is a weak password.
=-=-=-=-=-=-=-=-=-=-!Password!=-=-=-=-=-=-=-=-=-=- is not a weak password.
Andrew Miller
USAF Cybersecurity boi here.
The contact from 2003 is probably not there anymore. That's 15 years to be in the same job. If you are interested in router security, check out the DISA STIGs.
Link an article about password strength or write your own if you want to replace that god awful xkcd meme. Also, what if you use 10+ words? I think that is strong enough to resist a dictionary attack.
Christopher Jackson
If you block googlevideo.com and ytimg.com, Hooktube doesn't work. What does that mean?
Also, why is security so hard? I feel like security is often lacking everywhere and it takes a lot of effort to fix it if it even can be fixed. Why can't companies and organizations be competent and make security easy?
Ethan Perez
>Why can't companies and organizations be competent and make security easy? It costs money. As plain as that.
Daniel Lewis
Those are just requirements though, right? Not an actual guide, as in, how to set up a secured network in detail. That's more what I'm searching for.
Yeah they're requirements, but they're pretty detailed. Like the Cisco router one will tell you what services to disable and give you all the best practices as to how to filter traffic, etc.
You're not going to find a step-by-step guide since every network is different.
Errr.... no. Security is hard in general. Since it relies on Humans and Humans are fallible. You can throw as much money at something as you want and there's still the possibility of bugs, flaws or something easily overlooked. Of course, it's not impossible to implement security correctly and in the tightest way possible as long as you take it into consideration from the beginning and work towards that. For example, there's bad implementations of encryption/authentication and there's good implementations. But even if you design the best possible implementation you can, there might be a future vulnerability as yet undiscovered because of some unforeseen consequences. Not to mention there's a constant cat and mouse arms race between the "good" and "bad" guys.
It's just tricky to be flawless every time forever. Money isn't the problem (at least 100%).
Logan Carter
Because security is made of trade offs, mainly regarding ease of use and simplicity. It's not just about money, that's the easy part, specially for big organizations. Security is a process; it's not just about "hey encrypt this HD and turn on this VPN and you're safe". Grugq has written extensively about this in the past. Time, observation and practice will tell you that he's correct.
Ethan Rogers
From war comes innovation. Embrace the cyberwar.
Dominic Long
I'm currently away from my pc, but could you post a picture of it? Does it just tell you what to disable, or does it give you commands as well, as in, what you have to enter to disable it. I can't check, but I think the above link is for more experienced users, which I am not.
It tells you what the vuln is, what to look for, and what to configure to remediate it. For example on the router one it would be like:
CAT II: SSH 1 is enabled Description: SSH 1 is able to be broken, as the.... etc etc Fix Text: Make sure "ip ssh 2" is enabled and SSH 1 is not enabled
Adam Williams
Alright, I'll check it out, thanks.
Adrian Thomas
>More than half a million routers and storage devices in dozens of countries have been infected with a piece of highly sophisticated IoT botnet malware, likely designed by Russia-baked state-sponsored group. >Russia-baked state-sponsored group >baked
Thomas Wood
Feel free to add things you too. We are 2 or 3 that post news but the more the merrier.
Austin Campbell
>Hooktube Shit I didn't know that existed until now. Awesome stuff.
Luis Jones
=== /sec/ News The /sec/ FAQ mentions job opportunities in the UK, and opportunity knocks once more: >MI6 airs TV ads to recruit more women and ethnic minorities bbc.com/news/uk-44240158 >Britain's secret service will air its first recruitment advert on national TV later in a bid to encourage more women and ethnic minorities to join MI6.
However: >The poisoning of a Russian ex-spy and his daughter in Salisbury resulted in a surge of applications, officials say. If that is the case, why use money on a recruitment campaign? Too many from "the two universities?"
=== /sec/ News Alexa continues to spook people >Amazon Alexa 'heard and sent private chat' Again bbc.com/news/technology-44248122 >A couple in Portland, Oregon joked that their Amazon Alexa might be listening in to their private conversations. >The joke came to an abrupt end when they discovered a conversation was indeed recorded by Alexa - and then sent to an apparently random person in their contact list.
BBC is rather dry in the comments but notes Alexa is less creeptastic than before bbc.com/news/technology-43325230 >Another wrote: "Lying in bed about to fall asleep when Alexa on my Amazon Echo Dot lets out a very loud and creepy laugh... there’s a good chance I get murdered tonight.”
>The use of voice assistants in the home is often met with caution due to their nature - voice commands are recorded and sent to the cloud for processing, a system that stokes a fear of eavesdropping, unintended or otherwise. Yet people still continue with Alexa. And FB. >Incidents like this, where an assistant seems to rebel against its owner, naturally further this concern. That said, most users on social media have reacted with humour, drawing parallels with HAL 9000 from the 1968 film 2001: A Space Odyssey.
Levi Gray
Emergency bump
Levi Stewart
Thanks. A quiet day in here. Cross thread notice: This is the /ham/ general which has many common interests with /cyb/ and with a Radio FAQ that was built on top of the Radio paste made here.
Oliver Bell
Whoo, just in time for the weekend. But then again I'm on a backlog of last weekends projects...
Billions of robocalls are going, fraud is massive. Sounds like the ad business, right?
Lincoln Moore
I'm that kind of person that starts things but never finishes them. my most recent one is modifying a R/C glider model to take up additional electronics aka airboure wardriving. Multirotors don't cut it here because the flight time is crap. Next one on the list is a webapp I started to develop because I couldn't find anything like what I needed. Simplified, map with POI's / attached notes / mindmap. Next would be some chinese security cam I tried to debotnet. IIRC, I had issues flashing the modified firmware. In theory, I have everything I'd need for hardware flashing in some drawer but no idea on how to use it - which applies to most of the stuff I have.
I figured I should maybe start off with smaller projects. So the plan for this WE was installing memedragon and some kind of backchannel on some old phone and "forgetting" it at a promo event next week
>The thread comment will be updated without the Greenwald video Any valid reason?
Cameron Hill
I'd be down for that desu.. Thought exchange would be very nice while doing CTF's
Asher Peterson
>I'm that kind of person that starts things but never finishes them. I can relate to this. >airboure wardriving Nice. Raspi0W would do that great, except you should derive from the power supply, otherwise additional batteries would make it too heavy. Tried this on a parrot with a raspi 2 + dongle + powerbank. Was totally unstable. >Simplified, map with POI's / attached notes / mindmap OSM or offline maps... r-right ? >chinese security cam I tried to debotnet Fuckin pain in the ass. I ended up sinkholing the cameras or just using raspi+usb webcam. Playing with firmwares is fun, but sometimes you just need to nuke everything and start from scratch ( t. edimax """security cam"""owner ).
Keep us updated user, godspeed.
Parker Butler
There is an IRC channel on rizon we could use called #nfo, with time interested parties can meet or find another way. Maybe outerheaven becomes real, who knows.
Gavin Walker
>Raspi0W would do that great I'll try that one too, since I've got one lying around. First I'll go for a small mobile since it has about the weight I need I need to place at the tip - the plane was intended to house a gopro. 5V for the raspberry wouldn't be an issue since I've already got a BEC for the FPV cam. >Tried this on a parrot with a raspi 2 + dongle + powerbank I'm surprised you even got that to lift off, isn't the parrot more in the toy sector? >OSM or offline maps... r-right ? of course. In my region OSM even has better map data than gmaps. And if I need aerial shots, I can take them myself.
Justin Parker
it still amazes me that people willingly install a massive microphone into their homes but will put tape over their webcam.
=== /cyb/ News We are getting closer to jacking into our cyberdecks: >Scientists develop 'mind-reading' algorithm bbc.com/news/av/world-us-canada-44163989/scientists-develop-mind-reading-algorithm >Researchers are using data from recorded brain activity and software algorithms to generate images reconstructed from a person's memory.
Camden Sanchez
... and at the same time share all their secrets with Google and Apple and Amazon and Facebook and... Will the insanity never end?
