Quick question. I'll be starting a cyber security engineering masters degree in October and I'm looking around for decent laptop options. Any recommendations?
Evan Bell
x220
Isaiah Cox
Someone posted a fuckhuge list of cyberpunk movies a few months ago, can someone post that? There's nothing in the cyberpunk media pastebin.
Carter Jackson
you'll probably have to run virtual machines so prefer a laptop with two hard drive caddies, multiple cores and 8gb+ ram.
Luke Peterson
i bought a "gamer" laptop, one of the biggest mistakes i made. shit chipset, shit build quality, shit support. the only pro was that it was cheap considering the performance. you're better off paying more for a newer thinkpad. using VMs i rarely ran out of 16 GB ram, but I wouldn't go under that.
William Turner
Hi leddit, must be excited for cyberpunk bideo gayme ! Stock up on your soi milk boys
Carter Wilson
KEANUUUUUUUUUUUUUUUUUU!
Bentley King
threatpost.com/high-severity-cisco-flaw-in-ios-xe-enables-device-takeover/145645/ >“A vulnerability in the web-based UI (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system,” according to Cisco’s Wednesday advisory. >The flaw (CVE-2019-1904) ranks 8.8 out of 10 on the CVSS scale. It is due to insufficient CSRF protections for the web UI on impacted devices, said Cisco. >An attacker could exploit the flaw by persuading a user of the web interface to follow a malicious link. Because the web UI is not protected from CSRF, the attacker could then perform arbitrary actions with the privilege level of the affected user.
web app sec is stoopit
Gabriel Richardson
Good work, OP, great to be back.
Mason Foster
>list of cyberpunk movies Most of these are in the FAQ.
Quiet from the bunker Dude lately. Seems he is under NDA, not sure how that is even possible.
Luis Baker
=== /sec/ News: The US is stepping up protection against Chinese spying: >The U.S. Is Purging Chinese Cancer Researchers From Top Institutions bloomberg.com/news/features/2019-06-13/the-u-s-is-purging-chinese-americans-from-top-cancer-research >The dossier on cancer researcher Xifeng Wu was thick with intrigue, if hardly the stuff of a spy thriller. It contained findings that she’d improperly shared confidential information and accepted a half-dozen advisory roles at medical institutions in China. She might have weathered those allegations, but for a larger aspersion that was far more problematic: She was branded an oncological double agent.
That is old news. Back in the day even France was targeted. The US government at the time really blew a fuse when the French beneficiary of French industrial espionage started applying for patents on stolen IP.
Aiden Jenkins
I hate all of you. This thread is the worst larpers. Most of you would probably fail a simple leetcode interview.
Gabriel Thomas
did you suck a goat
Nathaniel Edwards
I’m a CISSP ccie ceh A+ certified hacker who does only the most 1337 of hacking.
dunking the web interface on anything critical is p much the first thing anyone should do and on IOS XE it's disabled by default anyone employing a chinese national should fire them immediately
Luke Powell
>I hate all of you. Why? This is the number one most comfy general ever.
Jordan Evans
Tell me your story /cyb/ have you ever been hacked? I was phished by a really obvious phishing page when I was 10 years old, since then I've only had information stolen from data breaches like CD Projekt Red
...says the guy trawling said thread he just slated?
Colton Turner
I fell for the uninstall system32 meme when I was 12 Almost got vished when I was 16 due to a weird set of coincidents Got ransomwared from a torrent when 1 was like 13 Also a good chance I was an incubator of malware during puberty porn years without knowing it
is this a joke or a meme? genuinely asking, seems like a very beginner stuff
Caleb Nelson
what if it's a self imposed nda? or maybe he's building the bunker for some paranoid rich person and he shouldn't have said anything at all? or bunker dude is completely full of shit and stole some pictures?
Jaxon Ross
Yeah, but the scale of Chinese economic espionage is way bigger and their hackers have not tried to stay anonymous.
Dylan Barnes
>$50 dollars worth of content for free It's actually a pretty good deal If you guys don't want to give away your email, just use a fake one.
Angel Adams
>not doing anything to stop Van Eck phreaking >not knowing that the gyroscope in your hard drive can be used as a microphone >using a processor with the memory sinkhole >not using ECC RAM to stop rowhammer attacks >not being able to set kernel parameter to deny inserted USB's >not desoldering the microphone >not realizing that the CPU microcode could communicate with the microphone regardless of libreboot >not putting nail polish on the screws and taking high resolution pictures to ensure signs of tampering >not removing the modem with DMA >not going fanless to prevent binary acoustic data transmission >not knowing the Ethernet and wifi card has access to keyboard >using xorg where any window can steal the contents of the clipboard or keystrokes >not knowing that the sound card can change the headphone jack into a microphone jack and use it to record through the headphones >not knowing they bounce an infrared laser off a flat surface anywhere near your laptop to steal your encryption keys by listening to your CPU >not knowing spectre, meltdown, rowhammer and rambleed can break anything remotely using a web page with javascript
What's with all the ThreatPost links lately? Have you tried not including the extra, superfluous, 6 digit tracking numbers at the end of each URL?
Parker Martinez
Sup /sec/fags.
Would anyone be able to tell me, or share a link, with what happens when a file is read by a program or such? I know that the program's usage counter usually gets incremented so the OS can block deletions or overwrites. I assume its also moved into memory or cached in some way as well. Is it typical behavior for this activity to be logged as well? Does it get temporarily moved anywhere on disk as well (such as prefetch?) Judging by personal experience its not usually saved anywhere like it would if you opened it normally.
Nicholas Nelson
open the url without those 6 numbers
Zachary Torres
some kind of reference is fed to the program that has used os api calls to read a file. the os specifies how that is handled by the filesystem so it's os and filesystem dependent. windows uses handles, *nix uses file descriptors. permissions depend on the os and the security subsystem as well as filesystem capabilities.
Nicholas Ward
Is protonVPN a scam? Should I purchase it?
Jordan Robinson
A recent article suggests that the Proton company proactively provides metadata information to authorities about certain usage of Proton Mail (no doubt this would also include VPN) Unsure whether it's a hit piece or there is any truth to it though.
Michael White
to add to this, the file is usually mapped into memory based on filesystem specific references to all the hard drive blocks needed to read the whole file. logging is os and configuration specific, e.g. windows auditing can be configured to log all file open operations, but isn't by default. another thing is if the file is loaded from across the network which would mean a lot more checks, usually a tcp/ip connection and often writing the file to a temp location before loading it into memory. as far as locking goes, a mutex or semaphore is used depending on the program, os and file.
Gabriel Cooper
No. Buy Zcash and purchase Cryptostorm monthly with it then connect to the VPN through Tor.
Benjamin Richardson
>decide to lookup my uni's name on a Jow Forums archive one night >most posts are referencing some arthropod fact database we manage or something >see something about a cyberpunk zine >former phd student apparently hosted hand-typed transcriptions of Cheap Truth >read a little of it >months pass >just finished Ergo Proxy, wanting some cyberpunk book reccs >decide to look up the student to say hi and ask for reccs (and ask how cyberpunk it was to study CS in the 90s) >find his facebook >jumped off a bridge a few months before my original discovery
lol i failed twice but i guarantee someone hacked the results because i didn't miss a single question testking ftw :D
Leo James
I only cyber protected.
Jeremiah Murphy
>page 9 bump
James Ross
Thanks. So if it's done remotely there might be somewhere its saved locally. Other than that, I guess what I'm getting at, is there any other artifacts created when reading a file? It doesn't sound like it, unless it's also being logged.
Noah Wright
>trying to understand how things work at a low level >Google just gives you the normie explanation >even textbooks just handwave it I miss having professors I could go to for this shit. Maybe I will actually go back for my masters.
Nicholas James
If your textbooks are handwaving it you might be using the wrong textbook for what you're trying to learn. What level exactly are you trying to understand? Transistors? Logic gates? Registers? Assembly? Operating systems? I can give you pointers to some good textbooks or resources maybe.
Nathan Gutierrez
When I was really young, maybe 11 or 12 years old circa 1995, I was using the family Windows 95 PC and suddenly the screen turned black and text started appearing at the top of the screen; someone was typing to me. I can't remember if I could type back but I'm pretty sure I could. I can't remember what they typed, I don't remember it being malicious though. I freaked out and hard rebooted the computer and it never happened again.
Blake Davis
Operating systems. But windows specifically is cancer trying to find something that helps with how operations actually work from start to finish. And 99% of windows books at aimed at teaching people what a computer is.
I want everything, from how its handling pulling things to memory to how its logging things, and how it handles kernel vs user level operations.
When I used to play old school Runescape back in 2004ish, a guy tricked me in going to a false Runescape URL (don't recall how or why) where I entered my login details and it just said the login failed. Like 2 minutes later I couldn't get back into the game and had to get my dad to help me recover the account. All my gear had been stolen :(.
Other than that, I don't really have any notable examples. My family members have somehow managed to get legit viruses onto their PCs though in the past which I never understood. Perhaps they clicked on the "You are the bajillionth visitor" ads.
John Peterson
[user@host Deleted Items]$ zip2john 1-final.zip >>hash ver 2.0 1-final.zip/final.txt PKZIP Encr: cmplen=27, decmplen=15, crc=F5E0D7A0 [user@host Deleted Items]$ ~/tools/JohnTheRipper/run/john hash Using default input encoding: UTF-8 Loaded 1 password hash (PKZIP [32/64]) No password hashes left to crack (see FAQ) [user@host Deleted Items]$ ~/tools/JohnTheRipper/run/john --show hash 1-final.zip/final.txt:mstyoraict:final.txt:1-final.zip::1-final.zip
Thanks captain obvious, but I was wondering why John the ripper was giving me the wrong password Is this a known issue or something when converting a zip file to John format?
Gavin Hill
I doubt it, considering there's an entire capability dedicated to it.
I'm doing a quick run on my desktop (its just linux on windows, so results may vary), i'll let you know the results. Just used the same password as you got back and a simple test.txt file. If its works, although I doubt it, maybe you just had the unlikely case of a collision or your professor (i'm assuming, because its final.zip) used a different zip tool resulting in different results. Have you tried 7zip or other common unzippers?
Gabriel Myers
If in the cases of artifacts, at the very literal level, weakened "charge" on the actual storage media, be it HDD, SSD, flash. (not sure how much optical weakens with reads) But unless you were speaking stealing shit from a country leader or intelligence agency, nobody would put in the effort to find such data.
Some file manages keep histories, as do most media-related programs (be it video, audio, image programs, text editors, etc.)
Fuck knows what Windows 10 (and past versions+ spyware) do, but I wouldn't be surprised if it logs shit in alternate data streams "hidden" from regular programs. ADS containers have occasionally gotten shit for potential privacy nightmare even though most OSes have some sort of system like this. Hell, most popular FILE FORMATS have stuff like this. (which is used for copyright in some cases) I haven't even bothered looking in to Win10 nightmares of spyware. I won't go near that shit without 5 VMs between me and it on an airgapped machine with new hardware. Exaggeration of course. OR IS IT?!
It really confuses me how people get viruses like that. I've never had a single malware on any computer besides one I downloaded on purpose to look at. (Jow Forums.js :^)) I've been using them from the mid 90s. I was only born in 86, not exactly an old cunt or anything. (sure fucking feel like it) Yet every computer my mother, sister, brother, cousins, even some friends... all had viruses. Those friends include 1 that was in software development (got his fucking WoW account stolen from Gmail phishing kek) and 2 others that are (were!) supposedly computer literate and also fell to trivial phishing. Oh and one of those also fell for the "lol same password everywhere but really BIG!" meme and got fucked when some web hosts DB got pilfered.
Parker Ross
aight, thanks user.
I'll check into if files have histories stored, that was the type thing I was honestly more thinking about. That and if windows did any weird shit like prefetch but with just accessed files (which would be kind of weird considering how many files get accessed every second, but you never know) I mean, I don't really care if super forensics guy can find it using microscopes on harddrives, but its good to know how these things work. There's a few things I'm looking at that file artifacts could be useful for.
Gabriel Carter
yeah, tried 7za still bad password.
Xavier Mitchell
also, its for a CTF forensics challenge -- not school related. lookd at it with a hex editor and its a normal zip with single text file in it
Sebastian Sullivan
okay got tired of waiting, just reencrypted it with a 3 letter password, got what i should of in return.
John works fine, whatever the problem is its on your end.
Christian Morgan
Bunker dude did legit crypto mining, and his story checked out.
Eli Wright
Daily reminder to make all your own cables. 1st edition. Or, at the least, cut them open to ensure they are to-spec and not nefarious. mg.lol/blog/omg-cable/
Robert Johnson
if actually had a college degree then you'd know to pick up a fucking book
Colton Flores
neo pls
Liam Walker
Tell us about Bunker Dude and why you think he's legit.
Jeremiah Gomez
Any of you boys fucking around with crispr?
Wyatt Cooper
GONNA GIVE MYSELF A BIG BLACK DIIIIIIIIIIIIIIIIIICK
Lucas Phillips
That's nice, but what does that have to do with my neon lights?
David Edwards
with crispr you can have neon lights in your anything
James Lewis
Post that movie guide thing
Juan Morales
At defcon local meetup
What is everyone doing
Cooper Perez
Found this. Of course, as most lists pertaining to what is or is not cyberpunk is based on OPINIONS
imagine this: crispr edited ivy that grows inside your computer, uses the excess heat for energy, and has a liquid tubule in the middle so it cools your parts while it lives.
Thomas Turner
The github has a copy. Just clone or download that.
Luke Williams
how far do you have to go back technology-wise to not have something with built-in backdoors?
Did you hear about Zayner? Some shady people pretending to be attorneys put pressure on him to stop uploading videos on Youtube on the excuse "is medical advice". He recorded the whole thing.
Carson Morris
My neon-highlighted (and cooled) dick! All my credits!
Ethan Hall
At least 15 years.
Hunter Turner
Read the source code for Minix 1, it was made as an educational tool more than for anything else.
Nicholas Miller
Yes, the scale, means and value are all far greater than ever before.