The alt.cyberpunk FAQ (V5.24) [ ftp://collectivecomputers.org:21212/Books/Cyberpunk/Alt_Cyberpunk_FAQ_V5_preview24.htm ] What is cyberpunk?: [ pastebin.com/pmn9vzWZ ]
Journalists still don't get that EternalBlue was just the exploit, not the malware or the hacking that allowed the exploit to work. None of Baltimore's systems were publicly accessible. Also, ransomware attacks are great cover for cyberwarfare operations.
Wyatt King
I gotta use john the ripper for some homework Should I use kali in a virtual box or download it for windows
does anyone have a link to the last thread? i asked a question but the thread went down before i could check the answers
Elijah Morgan
>link to the last thread? was going to post it anyway make sure you highlight your question or repost it so somebody might answer.
>kali in a virtual box or download it for windows with a virtual box you are allocating (read: wasting) resources. Either boot kali (or better a lower demanding distro) from usb or use whatever your daily driver is.
Weekend is always lazy. Try to keep it alive through the euronight.
That plus the crack in the window makes it look like there's no pane at all and instead just a shattered corner left. Otherwise super comfy
Cooper Butler
Would a quick run thru of Hacker101 vids and CTF be enough to get started as a larper?
Matthew Hill
Do the VM. it’s ez pz to set up and if you have a competent computer it won’t lag too much, for basic pw cracking it gets the job done.
Henry Morales
Only if you add some HackTheBox and OverTheWire exercises
Logan Cooper
Cool, Ive been depressed lately and I think learning something new might take my mind off it
Brody Lopez
Yeah keeping the mind busy does help in my experience. There’s alot of info out on YouTube as well that you can leech if you have the time: Notably ippsec and even normie tier stuff like Computerphile
Henry Barnes
Ill check into those aswell thanks. Keeping occupied is all i can do as I get older, Im at that age where Im giving up on adolescent dreams and pursuing more reasonable goals
Says that it takesTwitter Consumer key / Consumer secret as input, and outputs Twitter Access token / Token secret.
If this actually works then its a pretty cool deal, and I'm trying to get it work with visual studio 2017 but my C# experience is a little rusty and I'm running into pic related:
if this code works, I'm really genuinely curious what it does. to my knowledge the twitter api uses OAuth, so is it feasible to generate authorization keys if you only have consumer keys?
>The alt.cyberpunk FAQ (V5.24) [ ftp://collectivecomputers.org:21212/Books/Cyberpunk/Alt_Cyberpunk_FAQ_V5_preview24.htm ] That is an old version, latest is ftp://50.31.112.231/pub/Alt_Cyberpunk_FAQ_V5_preview26.htm
It was updated with info on the movie Hardware mentioned in an earlier thread.
Nolan Morris
Are there any careers in security? What's the equivalent of a junior dev for security? I got no experience, just about to finish my CS degree and I may be interested in security. I obviously won't become a security expert off the bat and risk fucking shit up by being handed tougher jobs than I can handle.
=== /sec/ News: >NLNet Funds Development of a Libre RISC-V 3D CPU (crowdsupply.com) hardware.slashdot.org/story/19/06/02/0153243/nlnet-funds-development-of-a-libre-risc-v-3d-cpu >High security software is irrelevant if the hardware is fundamentally compromised, for example with the Intel spying backdoor co-processor known as the Management Engine. The Libre RISCV SoC was begun as a way for users to regain trust and ownership of the hardware that they legitimately purchase.
Our last best hope for a machine without a built in Trojan chip.
John Bell
Cont. from last thread:
> (You) >>wear latex for the looks rather fetishes. >I really dont understand latex beyond the fetish, but yeah, probably it's just me. Seems some also use latex as a compression suit, like a mobile hug machine. >>add built in waste management, to put it delicately. Nothing heard since. >lol no, I like sitting on the toilet and read the newspaper behind closed doors. It's one of the rare moments of privacy I can still enjoy. I am sure this can be cybered up... In any case there are times when this can be useful such as in space and in military operations in NBC scenarios. There has already been such a project for future space suits. Recycling water from urine can also improve safety. >>with a higher density weave you can shield your body from RF radiation >nice, never heard them being used for that. Airports are not a problem, I'm not a fly guy. Carbon fibre and conductive ink are also possible. >>ultrasonic communications rather than skin conductivity >but that would be easy to sniff/detect/fingerprint from a nearby adversary or device. See the Dolphin Attack, that injects ultrasonic commands to Siri, Alexa and the likes. Skin conductivity is meant to not leave your body, so no data leak. You can have a lot of strange acoustic effects, such as surface acoustic waves. These follow the skin without emitting into space.
Do you think the public line about "Chinese cyberespionage" is a ruse or legit? I keep hearing about all the IP theft from hacking attacks, but when you look at the quality of Chinese made things like routers or supercomputer CPUs it all seems like a facade. They aren't outpacing our innovation, but they are stealing some of it. Anyone have other stories to add?
Bentley Clark
>compression suit >like a mobile hug machine. still it's something I can't get behind. While I like hugging with my special one, I despise every human contact that is beyond that. Going to raves, discos, crowded places, elevators, markets, if anyone gets closer than 30 cm I get so mad I would tatsumaki senpukyaku everyone nearby. >this can be cybered up ofc, but I still like my privacy >space and in military operations in NBC scenarios yeah that's sure a useful scenario >Recycling water from urine can also improve safety. ok this is being done and it's a good thing >conductive ink yep, but tattoos are degenerate. I wouldn't want to ink my body, but I could sell this technology so I guess it's something to look into. >surface acoustic waves. These follow the skin without emitting into space. interesting, never heard of such waves. I thought skin conductivity is low power and high efficiency one, but if ultrasound could somehow work the same, that'd be new to me.
Does anyone know how programs like dirb, dirbuster, or gobuster know if a url is a file or directory? I'm writing my own web dir scanner, and can't seem to find out how to do it.
Ian Martin
it bruteforces the urls as follows: if it exists and it ends in / then it's a dir and if not then it's a file.
i don't know go, but lines 41-81 are pretty easy to understand and it only checks for certain file extensions.
Christopher Davis
Thank you, I thought it was something more complex, like something hidden in the header or something.
Dylan James
Legit, I think. China acquires tech in many ways including that infamous 549-51 JV where the Chinese "partner" receives intellectual properties including trade secrets. Just look at what happened to ARM after their Chinese adventure. They might not survive this.
Chinese quality remains bad because of corruption - the important jobs mostly go people with connection and Party membership, not to those who know their stuff.
Cameron Moore
*49-51 JV I meant. The Chinese "partner" holds of course the majority share.
Mason Murphy
Thst line about an "egalitarian" China makes me doubt the entire document.
Jaxon Morris
>>like a mobile hug machine. >still it's something I can't get behind. en.wikipedia.org/wiki/Hug_machine I guess you have to be part of it to understand it.
>>weekend >heh... Well, there was a storm of trivial postings on Jow Forums, most of which were so uninteresting that they attracted just a handful of replies before falling off page 10.
Joshua Nguyen
Just watched horrible histories terrible tudors in amazing 3D bogglevision can confirm -- cyberpunk af
I see 9front had an update: 9front.org/ Any security audit done?
Grayson Anderson
How hard would it be to make a AI that would scan a network traffic if it detected a problem(say, conection failure) and check the traffic for possible causes for such a failure and email the responsable so as to avoid the need for you, the human to go and analyse the traffic yourself. It probably already exists but it probably would be a good project for a student right?
Jace Johnson
Would yhat be an AI or just a collection of heuristics?
Sebastian Thomas
most probably a AI, i want it to learn as time goes on.
Michael Bell
Get it to work and you will be rich.
Ian Green
Is it really that hard?
Christopher Rivera
What you're describing, quite possibly could be. How without an internet connection will you mail someone responsible for their outage? How will said A.I detect what occured to make said connection fail? Where lies the bottleneck, what killed it, and so on.
Noah Peterson
I am talking of something more in the grounds of >i am having conection problems between point a and point b >the AI will analyse the traffic and email detail of the problem(Is it a software misconfiguration? Is it a phisical problem?)
Grayson Hill
Ahhh, I see. I really need to loosen up on the literal. Fair enough, it would be a challenge, for sure. But detection frameworks are already out there... So you really need something that lands you the golden egg.
Bentley Bennett
Given the amount of complexity you can find in modern network environments I would think that it would be very, very difficult to make something that would be reliable enough to be useful.
If you want a better project for AI and network traffic why don't you build something that could create a baseline of expected network traffic that alerts when it finds anomalous behavior.
Eli Jones
I'm employed in the work industry
Bentley Lopez
Here is the latest horror story on this scheme >Arm gives up control of IP to China electronicsweekly.com/news/business/arm-gives-control-ip-china-2019-05/ >A joint venture called Arm mini China – which is 51% owned by Chinese interests, principally the Hou-An Innovation Fund – has taken control of licensing Arm IP to Chinese companies.
Expect interest in RISC-V to intensify.
Benjamin Cooper
Essential non-fiction reading (that isn't in the OP) to become fully /cyb/-pilled ?
Brayden Martinez
Professional Dog, started lurking when I nabbed sec+ cert
Michael Bell
Hello anons.
I have a phone interview tomorrow for a full time remote security position. Details stated I'd be performing analyses on organization and system controls (SOC 1&2 reports), documentation, disaster recovery and general information security policies.
How should I prepare for tomorrow? Kind of nervous. Will be my first official position working in this field.
Alexander Richardson
=== /cyb/ News: CRISPR editing is heating up but not all is well: bbc.com/news/health-48496652 More analysis on the Chinese twins whose CCR5 gene was edited >Mutations to CCR5 essentially lock the door and give people resistance to HIV. So far so good, yet: >It showed those who had only the mutated version of CCR5 were 20% more likely to die before they turned 78.
We are getting close to replicants with set "expiry" date. Meanwhile the twins may have enhanced cognitive abilities too.
Adrian Ross
Its a basic security analysis position from the sound of it. Interview will be easy since its phone based. Have any information you need to remember up on some notes or the computer. Just study a bit today and you'll be fine. Good luck, I know a ton of us would kill for a remote position.
fuchsia is google's android replacement, right? no idea how seriously they take security, but considering they didn't buy copperheados i would say it's gonna be a whole lot of fail. 9front and redox? never heard of them.
openbsd had a developer openly admit to putting a backdoor into the code because the fbi paid him to and linux is no different. it's like sports betting: anyone with $50k and some connections can rig the system.
Luke Price
machine learning is limited to highly specific tasks so if you want to analyze traffic for a certain thing then you're good, but for general networking knowledge you'll have to have a team of people working on all the different protocols. it's way more code than a single person could write.
Carson Smith
>discord Where? Not found on front page at least.
Owen Jones
any of you anons got any implants? thinking of getting a magnet in my pinky
why does the security scene seem like it's totally dead compared to 2010-2013?
all tor/i2p ircs are complete ghost towns these days, there's barely any darknet chans left (and those that exist get one post a month), and all the clearnet communities around this stuff like lainchan are dead and shit tier or full of know nothing children
I don't think there have been any grinders on /cyb/ but Lepht is a generally well known one who has implanted such things.
Nicholas Kelly
Yes. You need to feed the AI with a fairly accurate image of the situation and also, when training, an equally accurate diagnosis. Garbage in, garbage out is very much the case here, Compounding the problem is that one root cause (cable is cut) can cause multiple detectable issues (no connection, no DNS, no network disks, clock drift...). Extracting the correct picture of the situation from a dozen blaring alarms can be hard.
Win10 and earlier versions has a networking diagnosis tool but it seems to be run by a large collection or rules and no learning.
Ian Gonzalez
if anyone can find out about those places then the police can. most people don't have good opsec and know it so they stay away.
Ethan Foster
And I presume you're supposed to be an expert. Go suck a fat one.
Justin Green
found the insecure script baby
Michael Green
=== /cyb/ /sec/ News: There have been a lot of complaints about FB users loading FB with information on third parties (pictures, posts, image recognition...). And of course this was not enough. >Facebook is designing emotionally sensitive robots to take pictures and make new friends standard.co.uk/tech/facebook-emotionally-sensitive-robots-take-pictures-make-new-friends-a4153706.html >The GPS-equipped robots would seek out people to make friends with and animals and “objects of interest” that could make an interesting Instagram snap captured on one of its multiple cameras, all controlled remotely via the cloud from the user’s desktop or phone. This is of course a thinly veiled scheme to fill up FB with more intel on people who had no interest in becoming data fodder.
>The company is already working with New York University on artificial intelligence robotics, including training cyborg hands to grip more effectively. Well, what could possibly go wrong? Once it identifies a target it latches on and refuses to release the target until no doubt even the blood type has been determined. It will be the ideal way to obtain DNA and fingerprints from unsuspecting people.
Mason Morales
Its odd, because demand is up, and I'm assuming more people than ever are involved in the security scene than ever before, but the online communities have all died off.
Henry Fisher
the only thing i can think of is shit like discord/slack/etc and increasing centralization has discouraged the formation of new communities or discouraged the kind learning needed it used to be that if you wanted to set up a community you had to learn to set up a linux box and config an ircd or jabberd service, and all the shit related to it, writing bots used to be more involved than pasting JS code into a textbox nowadays a few platforms control almost all comms channels and maybe they're quashing these kinds of communities by accident or on purpose
Cameron Evans
Not really sure what you're implying there but I've worked in the security industry developing exploits and doing some computer forensics. Right now I'm on holiday though and I'm writing a roguelike.