=== /cyb/ News: Cyber fashion is always a topic and illustratyions suggest garish colours in neon lit rain. Neon is dead, LED is here. And now neon lives on ... in clothing: bbc.com/news/newsbeat-48594971 >Fluorescent clothes and accessories were popular on a number of designer catwalks this year - think Gucci, Versace, Prada - and, unsurprisingly, it's a trend that headed straight for the high street.
What electives should I take? I need one 100-200 level and 2x level 300-400. (Bottom of page)
I'm particularly interested in "CRJ217 - Computer Forensics II" for the Level 100-200. Either that, or perhaps the "Intro to AI and Robotics" class.
For the higher level, I'm interested in "CPS461 - Penetration Testing" and "CPS463 - Distributed Systems and Security".
Jason Evans
At last some news on military cyberpunk tech: === /cyb/ News: >Upgrade Your Memory With A Surgically Implanted Brain Chip (bnnbloomberg.ca) science.slashdot.org/story/19/06/16/2334222/upgrade-your-memory-with-a-surgically-implanted-brain-chip >Bloomberg reports on a five-year, $77 million project by America's Department of Defense to create an implantable brain device that restores memory-generation capacity for people with traumatic brain injuries. >In two separate studies, researchers found the prototype consistently boosted memory 15 per cent to 18 per cent. The second group performing human testing, a team from Wake Forest Baptist Medical Center in Winston-Salem, N.C., aided by colleagues at the University of Southern California, has a more finely tuned method. In a study published last year, their patients showed memory retention improvement of as much as 37 per cent. "We're looking at questions like, 'Where are my keys? Where did I park the car? Have I taken my pills?'â" says Robert Hampson, lead author of the 2018 study...
Blake Bailey
Pulse seen on news:alt.cyberpunk, after 6 months inactivity. I guess Jow Forums is where /cyb/ is at these days.
Julian Morgan
OK; so what are the chances? From Slashdot headlines:
>America Planted Malware In Russia's Power Grid, Says NYT (cnet.com) and >Massive Electrical Failure Cuts Power To Nearly All Of Argentina On Election Day -- and Uruguay (bbc.com)
Zachary Allen
Well, ftp://collectivecomputers.org:21212/Books/Cyberpunk/ is down, anyone got a good server to put to use?
Luis Jenkins
Why is linux recommended for pentesting? I get it's more secure overall compared to Windows. But what particularly makes it better? I imagine there are more tools written in Linux and since a lot of servers are Linux based, that has something to do with it. But ultimately, since most computers in general run Windows (outside of backend stuff), wouldn't it make sense to use Windows?
Also with writing malware, I'm guessing the majority of it is aimed at Windows. Which raises another question: it's written in Linux and tested with a VM of Windows?
Ian Sanchez
and what about FreeBSD? What does G/L have that FreeBSD doesn't, bc I'm currently sold on FreeBSD with poudriere and the way it manages applications.
Josiah Morris
With source available you can be more certain about what is going on in the system. Windows gives you less control.
Jaxson Jenkins
You're talking about being able to see the full logs, I get that.
But that doesn't make sense to me if most malware is aimed at Windows, you'd still be fighting against the fact Windows hides things when you're testing it in a VM or on a live machine
Dylan Peterson
Anyone else familiar with this term? # >Cybervictorian
Evan Ramirez
If the task is to make a virus or trojan, it makes sense to use the same platform as the target. Some pentesting is platform independent, such as zip bombs, network stack saturation, XSS etc. In those cases Linux makes sense.
Tyler Anderson
>What does G/L have that FreeBSD doesn't a community
jokes aside it doesn't really matter just use what you find most comfortable
Robert Bennett
youtu.be/PBRnYWmfuYg?t=1992 >couldn't disclose the password if i wanted to What method is he referring to here?
Andrew Wood
Ugh... Just wait til the advent of the Ad Supported hospital. Can't pay for having your child C-sectioned? We'll just implant this little memory chip to make sure they remember to be good little brand loyal consumers for our customers.
Elijah Garcia
Cross board discussion that might be of interest: >>>co/108211288
Jackson Cook
=== /sec/ News: You just couldn't make this up: >Samsung TVs should be regularly virus-checked, the company says bbc.com/news/technology-48664251 At least they are honest. >It suggested users should carry out the process "every few weeks" to "prevent malicious software attacks". Very honest.
Jaxson Campbell
Hello /sec/. Is there a way to hide a logonable user on linux? I mean a logonable user not shown in /etc/passwd.
Austin Richardson
of course they've prepped the battlefield and are operational. the scary thing is how many american power companies have they hacked? never know when you'll have to knock out your own grid.
Jaxson Lee
It is safe to assume most complex chips have been compromised. Also systems like hard disks have typically 3 controllers, all of which can carry a payload with a backdoor. Also flash memory (disk or USB memory) also have micro controllers that can be rigged.
Kayden Brooks
dude...he's just saying he doesn't know it!..ignorance is bliss...
Something about /etc/nsswitch.conf and other databases of users like Berkeley DB NSS module or LDAP. You could always code up a rootkit that gives you custom shell access then implement your own password scheme.
Blake Barnes
Interesting then, in view of this, that Google has made its own networking processor (Lanai) and they are not selling it. Strange, don't you think?
freeBSD sucks, has terrible support, nothing works right, and it isn't even really a true free license
Jacob Evans
it's literally the worst of all possible os choices. linux and windows are basically free and do everything.
Nathaniel Lewis
wired.com/story/cellebrite-ufed-ios-12-iphone-hack-android/ >On Friday afternoon, the Israeli forensics firm and law enforcement contractor Cellebrite publicly announced a new version of its product known as a Universal Forensic Extraction Device or UFED, one that it's calling UFED Premium. In marketing that update, it says that the tool can now unlock any iOS device cops can lay their hands on, including those running iOS 12.3, released just a month ago. Cellebrite claims UFED Premium can extract files from many recent Android phones as well, including the Samsung Galaxy S9. No other law enforcement contractor has made such broad claims about a single product, at least not publicly. The move signals not only another step in the cat and mouse game between smartphone makers and the government-sponsored firms that seek to defeat their security, but also a more unabashedly public phase of that security face-off.
IS NOTHING SACRED IT'S ALMOST AS IF EVERYTHING HAS BUGS AND $2 MILLION ISN'T MUCH COMPARED TO WHAT ALL THOSE SECURITY SERVICES WILL PAY
Brody Howard
As long as I only want the websites I visit not to see my real ip, does it matter if I have DNS leaks?
As I understand it dns leaks just means that the dns servers will see which websites I have visited.
Ian Fisher
DCPU-16 must be made into silicon and have 9front ported to it. It is our last, best hope.
if the dns server logs queries then there's an audit trail. just use a HOSTS file and where you're going you won't need DNS.
Samuel Gonzalez
who knows? they might have in house talent or connections to israeli government. if the product works then no one cares where it came from. would be kinda funny if they bought 0day from vupen who bought it from an iranian.
Juan Roberts
Selective ACKs, huh? Not surprised Netflix runs into that problem. I wonder how many retransmission hacks are just waiting to be turned into DoS bugs.
Cameron Cruz
this thread is too good and high iq for /nu/g/ but thanks for making it.
Isaiah Martinez
>wonder if they are somehow related to VUPEN I thought they closed down.
Adrian Powell
>Why is linux recommended for pentesting? Having full control over the network stack is enough to make it better over windoze, anytime. Just for that tiny bit. Disregarding all the rest.
>and what about FreeBSD? whats with the overall shilling of freebsd on chans lately ? Did (((they))) infiltrate it after all ?
Joshua Robinson
People who want to be different and edgy are attracted to chans, bsd attracts those folks (obv serious bad devs and admins are srs but the clowns posting in desktop wallpaper general or w.e are not )
Aaron Thompson
I've been working in a SOC for a few months now as a Sr analyst and the pay is stupid for the work we do.. what's the developer equivalent of an analyst? Like above us is the admins who own the Ids,fw,waf,etcetera devices. If I'm making 85k that means those guys are probably pulling 100k? Grandpa wasn't lieing when he told me to get into tech when I was little... I'd like to learn either pentesting or Enterprise architecture, haven't decided which way to go yet though my current skills are definitely more in the sysadmin side (could probably go into imbedded systems if I wanted)
Mason Clark
>or w.e What is that?
Dylan Wilson
did they? AFAIK, they moved out of france and changed their name to zerodium or some shit
Chase Kelly
I wanna make a bot. How do i get stable proxies?
Justin Young
Not sure if this is the right place to ask but how would I go about flashing my old x58 board with coreboot or me_cleaner? I only see guides for Core 2, Sandy/Ivy Bridge motherboards.
Nicholas Thomas
bump
Ayden Garcia
make your own ?
Elijah Hall
How expensive is that?
Luke Diaz
vps hosting cost so basically nothing then you can set up a proxy of your choice or write your own
Hunter Wood
make a updated sec guide
Kayden Jackson
>or connections to israeli government It is well known that Israel has a lot of talents here. Also their national service is a huge incentive to enter this field if you can. We have one user from Israel in here a few months ago, explaining the system.
Isaac Butler
>make a updated sec guide Which guide? Or do you mean the /sec/ FAQ?
Jeremiah Powell
Not but is talking about pastebin.com/tUvq8Jzj which pastebin shows a timestamp from 2014
>github.com/mayfrost/guides/blob/master/CHECKLIST.md I get a real strong feeling mayfrost is a Jow Forums regular. And I agree we need comprehensive guides. It is weird that with ever worsening security systems the guides are relatively incomplete.
Parker Walker
go through it and tell us what's wrong with it
Ryder Anderson
OK. It is night and it is night in Europe. You know what to do.
>How expensive is that? shodan is free, if you're that kind of guy >:^)
Ryder Rogers
Oh shit, thanks. I hope theres lots of raspberry pis on there
Hudson Brown
I have a load balancer for multiple tor paths.
Nicholas Williams
also related, I've noticed there are a lot of "vpn" and "proxy" mobile applications and browser extensions that just route everything through tor. Loads of people use it without knowing it.
Joseph Martin
Oh shit, didnt think of that. Thanks m8
Henry Sullivan
looks decent, but it's a little light on math. discrete math, linear algebra and differential equations are usually a must for undergrads. also get the mit book on algorithms and the dragon book on compilers then pick up the art of software security assessment. for electives just do what you want. forensics will help your pentesting and everything is going to be distributed soon. ai and robotics are cool if you want to build semi-intelligent drones to infiltrate buildings for you, but those are expensive and many years away from practical.
Tyler Jones
>not doing anything to stop Van Eck phreaking >not knowing that the gyroscope in your hard drive can be used as a microphone >not using ECC RAM to stop rowhammer attacks >not being able to set kernel parameter to deny inserted USB's >not desoldering the microphone >not realizing that the CPU microcode could communicate with the microphone regardless of libreboot >not putting nail polish on the screws and taking high resolution pictures to ensure signs of tampering >not removing the modem with DMA >not going fanless to prevent binary acoustic data transmission >not knowing the Ethernet and wifi card have access to keyboard >using xorg where any window can steal the contents of the clipboard or keystrokes >not knowing that the sound card can change the headphone jack into a microphone jack and use it to record through the headphones >not knowing they bounce an infrared laser off a flat surface anywhere near your laptop to steal your encryption keys by listening to your CPU fan >not knowing spectre, meltdown, rowhammer and rambleed can break anything remotely using a web page with javascript
Bentley Wright
windows comes preinstalled on almost machine sold so it's basically free, smartanon.
> not wearing you fedora > not taking you autist medicine > not texting you mom and dad and friends with pictures of your new toys > not knowing you can buy second hand hardware at the same price and half the price > not saving money on rbg and instead buying a fuckdoll > not wearing your star wars t-shirt while gaming or doing intensive programming > not using cotton to mute your microphones including inside the case > not having a waifu from your favorite Jow Forums board > not cleaning your keyboard with water > not being toxic during sommer to hell drive off the summerfags