Cyberpunk is not technology and you shouldn't ruin Lain's already tarnished image.
Mason Young
So what’s the point of these generals? 99% of Jow Forums are posers and know nothing about unix and security unless it’s some ddos script. None of you were born in the analog phone age where phreaking was a sport or have ever bypassed/explored systems for fun.
Kevin Myers
fuck you hacker culture exists, that's the crossover
because they're amazing and you should fuck off. And can you add a *siiip* for me at the end of that sentence?
Yeah it's true, I'm just a second generation computer scientist. Just second, ya know. Unlike my peers I actually take the time to learn about those things. Phrack magazine is pretty awesome.
Gavin White
what are your thoughts on mirai? The fact that the creator of it just dumped the source code is amazing to me. I've been wanting to crack it open and see what I could get it to do but I don't wanna get charged with making malware or some shit.
Christ's sake why is it so hard to get someone to tell me about the legality of things? When can I packet sniff? Promiscuous mode? I assume MITM is illegal, but I don't see how it falls under the current "computer hacking" law my state has. That law targets breaking in to systems, not intercepting communications. It also meters penalties based on damage done.
Aiden Green
Yay! At last.
I missed you guys.
Liam Robinson
These generals are as pointless as any other. There are few comparisons to be made between phreaking and modern computer security as there are few similarities between the systems themselves. While I'd assume you're correct about few of us having experience with phreaking; computer security today is quite accessible, and pretty much anyone can spin up a VM or has a spare computer to do kernel or userland debugging. I've written a few exploit chains for modern software, as I'd imagine a few others on here also have.
Jason Watson
Reverse engineer it in a safe air-gapped or virtualized environment. Don't worry so much about the legality of it. There's absolutely no reason you'd get in trouble for conducting safe independent research. I personally think mirai is certainly one of the more interesting pieces of malware to emerge in recent years.
Adrian Gomez
laws are specially made to be ambiguous so they can charge you one way or another. My country has catch-all paragraphs for unintended or unauthorized use that could land you in jail for five years. creating or owning a keylogger will land you in jail for no less than two years and so will manipulating data or preparing said offenses.
TLDR; stick to your own stuff, get an authorization (eg pentest), or don't get caught
Ayden Mitchell
Can anybody recommend some blockchain and cryptocurrency development books?
is a degree in cybersecurity worth it or just a meme?
Robert Young
that's why there's been pushes towards a decentralized platform to share knowledge about that stuff in this thread. Yet, as you can see, it didn't go far apart from our FAQ's.
Speaking of which; does anyone (FAQanon?) have a somewhat recent copy? Seems like the FTP is kill
Jaxson Watson
it's a meme right now. Degrees take years before they get mainstream respect. The reason why specifically Comp. Sci is such a big deal is for exactly that same reason. Also, in the US you can get it ABET accredited. Quite a few employers only recognize accredited degrees, with Comp Sci being the only computer field one right now.
Noah Barnes
a degree may or may not make your live easier getting a sec job. But what counts more is generic CS and actual sec certs
William Jackson
I've been considering starting the moving pieces to build a radical kind of platform. The kind of thing that can be built right now, but i'm not sure if I'd even want to.
I could build it, backed by etherum. Using SWARM, etc. Create a fully-decentralized tracker. That's the weak point right now of torrenting... the trackers are still centralized, but we can fix that now. As the project grew and gained notoriety, we could even fork off from etherum as needed, running on it's own little net. Add in some tor authentication... and... boom.
I'd like to ban images and videos, at first, because that way you avoid the pedo problem. I'm sure they'd still pass through the data anyway but it'd be much harder. We'd effectively ban it because of the stress it'd put on the network, but once the network can sustain it... plus it'd be all free software so it's not like I could stop it if I wanted to.
It's the kind of thing that could basically end the pirating war for good... at least on this front. But do I even want that?
To say it in one sentence, a fully decentralized tracker supporting tor and other anonymous communications. Which, if implemented correctly, could break a lot of shit.
Noah Lopez
you don't necessarily need a ledger for that, a DHT would suffice. one way or another, you'd need something to bootstrap from if you don't want to rangescan for potential peers
Austin Gray
that's where blockchain would come in. The ledger would have the peers. It would be a trusted bootstrap because "the code is law"
Connor White
plonker
Oliver Anderson
and to initially pull the ledger you need to know at least one peer, making at least that one cental again. I just don't get the appeal of blockchain. Since you'll want to distribute content among the network, a classic DHT seems much more efficient - peer to peer networks are volatile by nature after all
Samuel Flores
>So what’s the point of these generals? I can't speak for others but for me this is a particularly comfy general that oftentimes brings up odd and interesting information. A lot of that was accumulated in the FTP site.
>99% of Jow Forums are posers and know nothing about unix and security unless it’s some ddos script. That remaining 1 percent is probably here and that is fine. Of the 99 percent a few will find this interesting, learn and stay on, a little bit wise, a little bit more informed.
>None of you were born in the analog phone age where phreaking was a sport or have ever bypassed/explored systems for fun. Strange then that the FAQ has a substantial section of phreaking. That was the past, now there is little in band signalling happening, if any.
Second generation did work in the 70's - so how old are you?
Charles Brooks
Last analog phone network in Europe disappeared something like 1996, some obscure place in Germany. I was over 20 then, calculate the date of birth yourself. TL;DR fuck off noob
James Davis
>that's why there's been pushes towards a decentralized platform to share knowledge about that stuff in this thread. That would be Outerheaven, still in pre-beta: outerheaven.space/
>Yet, as you can see, it didn't go far apart from our FAQ's. The FTP site had a huge collection, well over 2 GB of files.
>Speaking of which; does anyone (FAQanon?) have a somewhat recent copy? FAQ editor here, guess you are looking for me. We have a backup site here: ftp://50.31.112.231/pub/ The most recent versions of all 3 FAQs are there.
>Seems like the FTP is kill Yes, the old one is gone, someone at Reddit may have had something to do with it. The new one does not permit making sub directories, A third one is found, supports SFTP, will be tested and uploaded to soon.
I am not giving up.
I didn't have a complete backup of the ./Cyberpunk directory, I hope others have.
Ian White
Too bad there isnt some place to upload videos and books right now, got lots of those. But anyway thanks for saving the FAQ, that is a true treasure trove.
Jacob Ward
There is one. I am working on the sub directory layout. And then I'll upload the files I have.
I guess the site owner will get a surprise soon...
Last time the eBook collection got fucked by the connection and some ended broken. It was bad when the collection was over 60GB, imagine how bad it can be with nearly 150GB+. I just wish there was some place to upload this.
Ryder Turner
>I just wish there was some place to upload this. sftp://[email protected] pass: byte
>that's why there's been pushes towards a decentralized platform to share knowledge about that stuff in this thread. Make a big fucking directory and recursive-pin it to IPFS. Lawniggers don't know about IPFS yet so there's little to no chance of getting busted.
Isaac Brooks
Been watching some videos on networking, tcp/ip and stuff to prepare for overthewire. Looks like the basic challenge doesnt require advanced knowledge just basic sysadmin stuff applied in what can accurately be described in "a hack". Now I understand what is about and makes me nostalgic of old days when simple stuff like this was legend, makes me want to read The Cuckoo's Egg.
On another note I've been watching the Mad Queen youtube channel since the Cyberpunk 2077 walkthrough when I found her, she explains really nice the lore behind Cyberpunk 2020, I recommend her videos. She even puts "youtube ads" that arent really ads but well made mock ads publicizing stuff from the lore as they were real products. Made me giggle every time.
Austin Torres
>The Cuckoo's Egg good read, almost forgot about that one. btw, "23 – Nothing is what it seems" features the other side of the story. I've read it as a book, but don't know if it has been translated to English.
Michael Reyes
>makes me want to read The Cuckoo's Egg. That was a fun read.
Robert Edwards
>23 I watched the movie, the guy was used by both sides of the iron wall and discarded according to it. I also watched an interview of Stoll, the guy was crazy cool and he said the book was more technical that it ended up to be before people request him to make it less technical. Cool interview left me impressed wondering how he catched the guy.
Easton Edwards
im doing a masters in cybersecurity and so far its basically just compsci with a focus. study compsci at undergraduate level and then decide later what to focus on
Currently enrolled in a natural science degree. Any point to do online courses to become a network engineer in the next year
Eli Miller
No. You're better off studying Python or GNU R so you can do useful scientific work.
Christian Reed
suck my CoC
Blake Morgan
>python Perl is more appropriate.
Landon White
>that's where blockchain would come in. >he ledger would have the peers.
That would be pretty inefficient. You don't need to know each and every peer since when the project has started. Old peers have no value. What would be better is a BitMessage approach, where message older than X days (2, 20?) get discarded and forgotten by the network. So you (and everyone else) only get laterst peers and/or messages, with all due security and less disk space.
Also >page 9 bump.
Mason Long
this man is a cuck. do what gets you paid
Jack Wood
>bump Thanks. The night remains a problem here.
I haven't started the uploads yet but I have about 1 GB of stuff to prepare.
Looks good. Resolution must be good, most VR sets are not suited for small text.
I am still hoping for a VR interface to Jow Forums.
Oliver Powell
>VR for the Chins
Why not try implementing something with a-frame, threejs or vizor? Using this method of speech recognition (youtube.com/watch?v=q_bXBcmfTJM) you could shitpost with your voice while aiming randomly at your room for keks and memes
Connor Young
Thanks for the reminder. I'm still torn between streaming and going - last years' have been a subjective decline in quality. Contacting Orga last year confirmed that there's no peer review happening for the talks.
Some of the advice given during talks is just plain wrong and may get you or others in serious trouble. But worst of all, the media picks up all that bullshit, treats it as fact ("approved by CCC") and spreads this misinformation to an even larger audience
Chase Parker
The alternative discussed earlier is Unreal Engine 4. It has the advantage of being well tested and suited for multi user interaction with deformable landscape and editors. A TRON like world would be nice. And we could put our library in that world.
Nathaniel Morgan
It still blows my mind that there's a cyberpunk religion cult thing.
What have we created.
Carter Thompson
learn maths
Matthew Carter
>It still blows my mind that there's a cyberpunk religion cult thing. There is? Where?
Kayden White
Same fucking thing every thread
Bentley Long
autism
Aiden Sullivan
When did autism == religion? Not even Snow Crash advanced that one.
Ryder Murphy
The spooky thing is, they have all fallen off the net. Search for Eric Hughes and see if you find anything recent. Most of the servers mentioned are gone.
Leo Reed
=== /sec/ News: >Revenge of the modems lwn.net/Articles/766766/ >Back in the halcyon days of the previous century, those with a technical inclination often became overly acquainted with modems—not just the strange sounds they made when connecting, but the AT commands that were used to control them. While the AT command set is still in use (notably for GSM networks), it is generally hidden these days. But some security researchers have found that Android phones often make AT commands available via their USB ports, which is something that can potentially be exploited by rogue USB devices of various sorts.
Samuel Rodriguez
Is learning a programming language essential for security purposes?
Jaxson Walker
I suggested those as they seem easier to integrate in a web mixed reality context, but I guess a unreal version would be fun... especially if you include particle effects showing the meme magic that occurs when you get repeating digits, kek
Wait until augmentation implants begin to be a thing. With the Data as the virtual-aether of today's era, only those with sensorial access to it will be considered a new elite of metaphysical and spiritual beings. Add to that the virtual Idols that will be constantly emerging, getting unconditional devotion from those who will sacrifice information and time just for yet another programmed response...
Daniel Lewis
depends what you want to do
Michael Harris
Let's say I want to learn about offensive, grey/black hat actions. I understand most jobs would want more of a policy role I'm sure.
Cooper Perry
If you want to hunt for and exploit 0day vulnerabilities you will need a decent background in computer architecture, assembly and ideally experience with C at the very least. There is rarely a one click solution for any given problem.
Owen Hernandez
Autism and religion have in common the confinement to one's own litle world. The big difference between those is the following: autism is very personal, individualized, whereas religion is shared among a group of people.
Ian Reyes
well, you'll be scripting stuff, for example to rifle through data. Since you'll be using whatever you have at hand, the obvious choices are powershell and shell scripting. The rest depends on your targets but will usually include C code
Leo Thomas
>I suggested those as they seem easier to integrate in a web mixed reality context, Probably but then again it would bring in more equivalents to phone posters, or Eternal September.
>but I guess a unreal version would be fun... Also fast and probably quicker to develop. YouTube shows a few demos of TRON like worlds in Unreal Engine.
>especially if you include particle effects showing the meme magic that occurs when you get repeating digits, kek Well, why not? Go for it.
Jordan Phillips
How about python? Or should I stick with powershell.
Logan Young
As was previously suggested, it depends what you want to do. "hacking" is so fucking ambiguous that alone it has essentially no meaning whatsoever. If you explain in detail what it is you want to achieve, someone might be able to offer some suggestions.
Mason Wright
>be yourself in another universe >wear hat of your chosen color >have just breached the perimeter by popping a shell at some embedded device >before you lies several terabytes of more or less useful intel What will you do? >install python to run your scripts >Pull it all >use whatever you have available to prescreen
Eli Smith
Based
Austin Taylor
rm -rf intel
Lincoln Moore
How can I copy QubesOS sandboxing with barebones applications? I dont like their high resource usage and the choice of applications.
Robert Thomas
stop using pubes
John Bell
Qemu has an application mode that can run single applications instead of a full vm, maybe this can help.
Xavier Mitchell
Are local meetings useful?
Blake Brooks
Cryptography/Information assurance user here for one last week before off the grid for a while. Anybody got crypto or other questions? Depends on what you are looking to do. The issue is cybersec is very vague. If you have a networking focus towards a networking job, or a forensics focus towards and forensic job then it isn't a meme.
Chase Martin
Any suggested methods you can recommend for stenography?
Juan Nguyen
I think the word I meant for was steganography, I'm not sure; but I guess you know what I mean.
Also, I know there's a chapter of 'The secret teachings of all the ages' that deals with cyphering information since old times, are you familiar with it? does it help with current-methods?
Chase Ortiz
did you already take a look at how subgraph does sandboxing? looking into , I found libvirt-sandbox. looks promising too and I can already think of a couple of services at my server where that'd be handy
Eli Butler
Only time I have come across it was when people were hiding kiddie porn while I was working in computer forensics. Why are you looking to use steganography when you can just use encryption? At least for hiding images, one of the best methods is typically altering the least significant bit of each pixel. Openstego isn't too bad.
Cameron Gonzalez
I'm rather interested in cracking a stenographed image, but I guess it would be a handy tool to have in a not-so-distant-future, considering political persecution has been rising where I live.
Nolan Turner
does anyone have a magnet link for that offsec bundle?
found it. just in case anyone is interested: magnet:?xt=urn:btih:f91feb6d2ea93f1c3c03b6be52051c2df72da1b7&dn=CERTCOLLECTION+-+BASELINE+-+SANS+%26+Offensive-Security&tr=udp%3A//tracker.coppersurfer.tk%3A6969&tr=udp%3A//tracker.zer0day.to%3A1337&tr=udp%3A//public.popcorn-tracker.org%3A6969&tr=udp%3A//tracker.leechers-paradise.org%3A6969&tr=udp%3A//explodie.org%3A6969
Mason Foster
offsec can suck my boycunt
Leo Howard
yeah this method is pretty standard
Connor Jenkins
A good start is to detect if there is some steganographic contents in the image. There are some tools available, someone did a large sweep of images on the net but a simple method is to check how badly it compresses.
Noah Bennett
One person's intel can be critical data for a hospital. Wiping or scrambling blood bank or allergy data will most likely have fatal consequences.
Ethan Parker
Your country doesn't allow encryption or something?
Ryan Gonzalez
=== /sec/ News: >US weapons systems can be 'easily hacked' bbc.com/news/technology-45823180 >Some of the most cutting-edge weapons in the US's military arsenal can be "easily hacked" using "basic tools", a government report has concluded. >The Government Accountability Office (GAO) found "mission-critical" cyber-vulnerabilities in nearly all weapons systems tested between 2012 and 2017. How about flag ship projects? >That includes the newest F-35 jet as well as missile systems. Right. So all hands now leap into action, right? Right? >Pentagon officials had no immediate response to the 50-page report from the Senate Armed Services Committee. Umm....
