>>101340463This isn't your jobs thread or cert thread, it's a group therapy session. /Cyb/er/sec/urity/pri/vacy general is for the discussion of anything and everything related to cyberpunk culture, cybersecurity, and digital privacy.--[/Cyb/erpunk]-----The FAQ: https://sizeof.cat/post/cyberpunk-faq/What is /cyb/erpunk? https://pastebin.com/pmn9vzWZHow do I into /cyb/erpunk? https://pastebin.com/5tpNFQdsHuge list of cyberpunk media: https://sizeof.cat/post/cyberpunk/The cyberdeck: https://pastebin.com/7fE4BVBgCyberlife: https://jinteki.industries/files/cyberlife.7zBibliothek: https://www.mediafire.com/folder/4m5hd2065hde8/Bibliothek--[/Re/verse Engineering]-----Getting into /re/: https://wiki.installgentoo.com/wiki/Reverse_Engineering--[/Sec/urity]-----"Shit just got real": https://pastebin.com/rqrLK6X0Cybersecurity basics: https://wiki.installgentoo.com/wiki/Cybersecurity_-_/sec/_guideand armory: https://wiki.installgentoo.com/wiki/Cybersecurity_-_basics_and_armorylearning: https://wiki.installgentoo.com/wiki/Cybersecurity_-_Learning/News/CTFsReference books (PW: ABD52oM8T1fghmY0): https://mega.nz/#F!YigVhZCZ!RznVxTiA0iN-N6Ps01pEJw/sec/ PDFs: https://mega.nz/#F!zGJT1QQQ!O-8yiH845GN26ajAvkoLkAEFF anti-surveillance: https://ssd.eff.org/Other library: https://mega.nz/file/UCgEGAjb#rwNcnMAQCUUbSp8supsFvn9QEHCWUW86eLcZa16ZG4Y--[/Pri/vacy]-----Tools: https://www.privacyguides.org/en/tools/Hitchhiker’s Guide: https://anonymousplanet.org/guide.htmlHardware: https://ryf.fsf.org/productsFrontends: https://wiki.installgentoo.com/wiki/Privacy_friendly_frontendsOSINT Guide: https://inteltechniques.com/index.htmlFirmware: https://libreboot.org/RMS: https://stallman.org/facebook.html--[/hmg/ Hackerman General]-----VM/CTFs:http://overthewire.org/wargames/bandit/ - easy beginnerhttps://www.vulnhub.com/ - prebroken imageshttps://www.hackthebox.eu/ - super secret clubHuge info dump: https://hmg.neocities.org/
My SSN and passwords were accessed by a third worlder who was stupid enough to send me a list of all the passwords I have and my SSN, and he said he'd delete them if I gave him 1000 bucks in bitcoin, or else he'll sell my info. I'm fairly sure he's already sold my indo. I reset my pc, changed every password, started using email aliases, and froze my credit and put a fraud alert on my credit. They haven't tried to get into any accounts or do anything SSN related yet, and i don't have credit regardless. What do? Am I cooked? They had access to a ton of accounts which have all been secured since then. They even sent the telegram channel where they're selling info and a cheesy scare tactic letter. They never had access to my google account, I use different passwords for everything and now use keepassxc
>>101419175>What do? Am I cooked?Freeze your credit report with the credit bureaus, if you're not using them then you never have to unfreeze them, also set up one of the multiple free credit monitoring services, you only need one but nothing wrong with a little redundancy, the purpose of this is incase something new appears on your credit report you will be notified via e-mail, so you don't have to constantly login and check Beyond that you already changed your passwords and are presumably using generated passwords from keepassxc, if anything affected wasn't using 2FA now would be a good time to set that up
Ok can you guys help me through a basic challenge? I want to redefine the Bixby key on a Samsung Galaxy Note 10+ sm-n975u. I hate Bixby. I would want to just unlock bootloader, but it's a Samsung and I've never done Samsung. It's obnoxious how I have to hack the bootloader in order to redefine what the best key on the phone does, or else fat-fingering it will pop up bloatware. >why is this importantI want to be able to control what the buttons on my phone do. Or at least disable them. None of this is possible because Samsung makes bloated crap>use a different phoneI'm asking about this one because I'm poor and have no $, also all Korean shit is like this.>debloating a Samsung piece of trash is more complicated than rebinding the Bixby keylet's start here>XDA resources that I found (yes I would do a courtesy XDA search):https://xdaforums.com/t/root-sm-n975u.4033167/https://xdaforums.com/t/bounty-sm-n975u1-note-10-usa-unlocked-version-bootloader-unlock-and-root-method.4006249/Android version: 12 kernel 4.14Knox 3.8 api 35
>>101419376smash the phone and get a thinkpad and libreboot it
>>101419175Who cares what some stupid third worlder does with your info. If you're super worried, just go live in a different country. Those idiots are only ever after credit cards and bank accounts. You'll be on a lot more spam lists and public infobases from now on.
>>101419264Thank you. Should I be as stressed as I am about my SSN? I mean they haven't done anything yet and I'm not sure if they even have any other info. I froze my credit with Experian and Transunion but Equifax keeps saying my credentials are wrong, however they're known to be a shit company. I use 2fa on everything now and use at minimum 25 character long randomly generated passwords.
>>101419401A Librebooted thinkpad can't create an infinity of Google accounts so please you don't know me or my dark path. You are memeing, I am not.
=== /Sec/ News:https://archive.is/Tpfn7>“The [social control] system has worked so far but in a relatively tranquil environment,” says Minxin Pei, professor of governance at Claremont McKenna College in California and author of a new book, The Sentinel State: Surveillance and the Survival of Dictatorship in China.>“It’s actually pretty hard to scale up the surveillance apparatus,” he says, predicting that in the new environment of growing social stress, there will be “a lot more incidents of instability or unrest”.This was really unexpected. China, with a massive surevaillance system staffed with an army of loyal government officials, still cannot scale up. How can this be?
>>101419405Your SSN could be used to take out a loan in your name if/when your credit gets good, and they might be able to register for shit in your name. I doubt they would do any of that. Your info is out there in bulk next to mine and everyone else's here.
>>101419416>A Librebooted thinkpad can't create an infinity of Google accountsyou dont need that but also it can
>>101419446My ThinkPad is a different matter. I want to root the phone. I want to redefine the SAMSUNG's key, not worry about my maxed out gaming ThinkPad with a juiced GPU and 64G ram n--0b breaking machine
>>101419462librebooted thinkpads dont even support whatever you namedyou buy x200 and flash libreboot then run hardenedbsd or linux from scratch>I want to root the phoneyou can get root on a thinkpad out of the box
>>101419436Gotcha. I froze my credit and put out a fraud alert as well as set up credit monitoring through Experian.>>101419402You're right. Utilizing language patterns on the letter they sent, I deduced that they were not a US citizen. (No US citizen says "1000 $ (US Dollars)", imperfect English, etc,). The dumb jeet probably thought my SSN was a password. He even accessed passwords that I haven't used in 10 years. Only thing I'm worried about is the sale of my info.
>>101419549People don't realize just how big info databases are, and how little they matter
>>101419475YOU sir don't understand what I'm doing. I need what I asked, not what you think I need. I repeat, you don't get my game. You won't and you can't. By doubling down on the librebooted Thinkpad meme, I'm starting to think you have a disdain for rooting. Ok faggot. If you had fucking adb + fastboot + Samsung ODIN + whatever else (list) installed on your stupid Thinkpad, how would you then hack the bootloader or at least get software root?
butt hair generalthanks for stopping by
>>101419724I'm starting to think this too. They have the primitive ape-like "smash it" instead of "root it" attitude that I hate.
>>101419698Thanks again /g/ for being the only reliable source of cybersecurity. I'm just going to freeze my shit and monitor anything. Also doesn't help I'm about to go active duty in the military so I won't have time to deal with bullshit
OK so if I purposefully destroy a phone, it's a sacrifice to the gods of lag to ensure I don't suffer connection latency right?
>>101419759You could also try getting something like Aura or Norton LifeLock, but I've never tried those products and I'm skeptical they clean even 25% of the info
>>101419432Well in China, the phones always listen to you. Same thing in America. Remember what I said about the Bixby key? That's because the firmware is hardcoded like that with no way to turn it off. NO WAY TO TURN IT OFF. It's always, always listening to your mic. In China, they have that normalized... The funny thing is that Americans think their government doesn't do this. Fat idiots. Anyway. Main problem is they're running out of budget and spying on people is only making funny China videos
>>101419264NTA but I forgot to mention one more thing. If a crook really tries to come after you specifically, they'll leave traces. They always do.
>>101419719just get older samsung if you want easy rootthe old ones are dirt cheapi have no experience dealing with google malware
>>101419988OK let's assume I have an older Samsung Galaxy s9 with Android, I'll just ask again how the fuck do I root it? Chainfire method? Faggot queers here are supposed to be hackers. That's what they call themselves. But they couldn't look up a vuln on a phone if you put a gun to their head.
I forgot to mention the security patch is 1 year ago so it's been off the update cycle for a while. A real cyberpunk can do this at 13 years old. g never ever has any information on how to do this. Disgracefully sad really. No interest in it. 0.
>>101419988My s9 has Android 10 but I want to root the one with 12 first because the 10 is my everyday. There are known root methods for that one. They're easier.
OK is it just me, or is this general actually still devolving in terms of intelligence?
>1 million pages on reverse engineering>no one can hack an old phonepathetic that I'm the best hacker here
>>101419788Yeah I did research on lifelock and apparently it's a scam designed to profit off of Paranoia. The CEO of lifelock is dealing with identity theft and has been for awhile since challenging people to steal his SSN lol
>>101420250android is gay and so are phones
>>101419923Could you elaborate more? Like traces of themselves? If they're sloppy? I would be down to hire someone to get some info if that's possible
>>101420291We heard you the first time clown, your advice is irrelevant. I can always leave the phone. I can always throw it in a swamp. I get it. You've said yours. >>101420319If they're actually smart,>takes out a loan in your nameRings a bunch of bells and you'll get info where>tries to buy gun in your name, requesting background checkThis one idk but the FBI gets involved>makes accounts in your nameThis one can be hard to stop but they cant use it against you much, it would just be a nuisance. Also this doesn't really happen. Even if they make an account in your name, it will be some obscurity you've never heard of. And it'll give their habits away.>registers vehicles in your nameThis might be an issue. But they could only pull this off if they look like you. And it wouldn't work because you'd get notifications through the mail.TLDR it would be extremely difficult that you wouldn't know if they targeted you. I've had my shit rooted before and I'm fine.
>>101420649Good to know. I'm naturally an overthinker and I worry too much, but I'm far from stupid. I'll send the letter he sent just to show you how shit it is. Some things magic erased for my privacy
>>101420725Remember, none of the """"hackers""""" here could root an old phone, this is who you're asking for advice on /g/
>>101420757surprise surprise, not everyone in the thread giving advice is nor ever claimed to be a hacker
>>101420757Who cares
>>101420725If you weren't a useless NEET g poster, you could phish them
>>101420821I care. It's like if the Greek literature threads were not be acquainted with Plato. Why even connect to this thread and the absolute noobs here?
>>101420863It is a misconception that you need to be a hacker to care about privacy or cybersecurity, your premise is flawed
>>101420935I can see you think I'm in the wrong for expecting there to be one hacker who posts here.
>>101420844I'm a tourist. I browse /fit/ and /o/, I couldn't give two fucks what some crusty acne glasses wearing fag says to me, I came here solely for advice
>>101421019>for expecting there to be one hacker who posts here.Oh I see, that is a lot more humble and nuanced take, I apologize if that is all you did. I thought you might have been the same person behind these posts actively shitting up the thread he has already deemed to be helpful, instead of just leaving >>101420757>>101420250>>101420105>>101420090
>>101419724>>101419753this image has been debunked MULTIPLE times, it's selectively edited to exclude the anon who posted the CORRECT answer before the JUST BRUTE FORCE IT comment
>>101421175>shits on the only person asking genuine advice instead of phone faggots seeing who's dick is smaller
>>101421214Protip, I didn't shit on anyone.
>>101421229protip, that's not a tip, that's an exclamation
>>101420161We can devolve a lot further if we try!
>>101420725how did they get access to your shit though ?
What is a dork scanner?
What are some cool sec personal projects I can start on to impress in job interviews?
>>101419724162
>>101423854hard to know, if you try to impress some 30 years of experience recruiter with some intro level stuff it may have the opposite effect of impressing someone
>>101423854wait you want to get into hacking to get a job?Why
>>101423854set up ezxss, get some reported bugs on platforms
>>101423896Really? I'd imagine it would only backfire if it didn't work, right?>>101424020No no no, cyber security.
>>101423865retard 042
>>101423796tool to search google for google dorks, typically based on ones that are vulnerable to an exploit
>>101424271get a cert instead, then bring up your homelab during the tech interviews after HR
>>101424272Literally breaks the first rule
>>101423854You are too fucking retarded to finish your own projects. Start by rooting a phone. Do it through an exploit.
>>101424579The first time I rooted a phone was at least 15 years ago.You're retarded for thinking that would impress anyone.
>>101421043I'm a tourist too. I can't stand all the pedos on /g/. You can tell I don't belong here because I'm discussing the craft of hackery, while everyone else ITT is reeeeeing in disgust. You can tell someone's a tourist here if they try to talk about anything hackerman related. >just how gay are faggots ITTGay enough that they probably pay for YouTube Premium instead of installing an F-Droid app. Gay enough that they probably don't even run Android, but instead iOS with no jailbreak.
>>101424290>certs>homelabsFucking ANYTHING to avoid doing some real hacking work. You faggots are actually pathetic. >>101424699You're the retard for thinking that rooting is obsolete. I just made an example that on Samsung, your stock firmware denies you control over your best hardware button. The Bixby key. You know what I'm talking about?>rooting is ancient history!See, that's how I know you're a noob as well. I was referring to root through exploit. You were referring to root through unlocked bootloader. I'm talking about rooting phones whose bootloaders are locked. After all, we all know that Samsung tries to make it impossible to debloat and rebind the Bixby key. Not to mention run all the other spyware I talked about ITT. So you still have to fucking root it. >what other uses for rooting?I use root to run nmap on my phone. It's actually pretty cool. I can run T-shark (Wireshark for Terminal) as well, and other really fun shit.
This is the worst general on the board. It gets worse with time too, like a dead body left out to rot in the sun. Like half of a banana peel, discarded on the side of the road and left for the flies. Everyone who posts here should be ashamed of themselves.
>>101419839>bixbyIs the audio constantly 24/7 being archived somewhere or is it just a backdoor that allows a glowie to listen to the mic when they so choose?
>>101424987Be warned that this is just conjecture because I haven't done a deep dive into Bixby or Samsung. I prefer Lenovos, or Pixels, or even jailbroken iOS to Samsung. So again, I'm not an authoritative source:>is it dragnet surveillanceIt's interesting you mention this, because your mic and your SOFTWARE KEYBOARD ON YOUR PHONE work the exact same way in this sense. Yes, they have your keyboard. Read on. >so is the keyboard and mic dragnetted 100%Almost certainly not. EVERYTHING you say doesn't go to their servers for several reasons. ###Reason #1: it would take too much space. We live in a day and age where even Google is running out of space.###Reason #2: It would get noticed. A l33t h4ck3r like me would either obtain root and reverse engineer your spyware, or use Wireshark to find suspicious packets. Then your company looks bad.###Reason #3: They have fancier things now. Like you said, they have a button which likely pushes a small update to the firmware (and/or app) and the firmware phones home discretely, disguising itself as another OS function, the browser, or piggybacking off an app. You'll never notice on an unrooted phone. Another thing is picking up keywords. It's always listening, but not always phoning home. But it can be taught triggers. Conclusion: All the more reason to only use Graphene/Lineage, or at least Magisk
I wanted to get into bug bounties, even did a small pentesting course, took a bunch of notes and tried to get a sort of workflow downhowever when I tried to do boxes everything just fell appart, it was like the vulnerabilities I read about could only truly happen to a retard who just copy-pasted a website or some shit.Does anyone got a good resource on hacking/pentesting that might help me with this issue?
Btw no, living without a phone is not an option to actual cyberpunks. If you don't have a phone, you're not exactly cyberpunk. There are other names for you.
>>101425105everyday I pray we remove the retarded cyberpunk discussion from my pure /psg/ baby
>>101425090Thanks for that. Something I've wondered is whether flight mode is a simple defense against this, as it has to be open source to comply with various aviation authority regulations?
>>101425093See, you're a retard. You truly belong here in /cyb/>pays for pentest course>learns jack shitIt's funny how you just realized what a pentest course really is. It's techniques that were obsolete 5 years ago, taught by someone who's likely worse than I am. And I'm not good. It's disgraceful how I'm top 3 leetest posters here. I don't even work as a fucking hacker. But enough about me.>tries to find bug bounties and failsBug bounties were never a sustainable firsthand source of revenue. That being said, I've found bugs that had no bounties on them. >it was like the vulns you read about could only truly happen to a retardPretty much. And that includes you, since you're only capable of copy-pasting yourself. So there are things out there in the wild that could be taken by a literal retard like you. Go find them. But don't expect to get rich off them. You need to improve your skills first. >how to improveI'm not a webdev, but I've hacked webpages before. First of all, ensure you have the latest and greatest tools running. You're a skid so you need them. Make sure your vuln scanners are beefed up with custom definitions and shit. Second of all, do some better research. Look up some web sploit videos. Do the 'natas' set of challenges on OvertheWire. Do some CTF's and focus on 'web'. Then you'll start learning how to crawl. >one more thingDon't expect faggots here to help you. I come here rarely. The ones here are unworthy. Not real hackers. They're all blue team as well.
>>101425154Good fucking question. The truth is, airplane mode reduces tracking, but doesn't remove it. Let me explain:>phone can still passively listen in airplane mode, recording your activities locally>phone can also use 802.11 (WiFi) during airplane mode>your hardware (cell radio, baseband, bluetooth, wifi, camera, other sensors) is controlled by your firmware, which you have no control over>in other words, "airplane mode" is a software toggle>you don't know what happens underneath because the firmware isn't yours>it may well could send out triangulation pings, bluetooth pings, etc>you'd need a software defined radio to seeSo yes, even in airplane mode I'd probably be able to detect your phone out in the battlefield. But this is something you should test on your own phone, since you're talking about life-and-death tactics here.
I should go test if Airplane mode disables baseband ping on my piece of trash Samsungs. This is why you bring a fucking wifi-only tablet if you're up to no good, hacker.
>>101424913>Everyone who posts here should be ashamed of themselves.I'm simultaneously more ashamed than you could possibly imagine, and in way too deep to ever stop
>>101425242>in too deepWhat was the last thing that you hacked? For me I think it was a porn site (to download free shit), a news site, and technically YouTube by using PipePipe since NewPipe went down. All those are very minor, but they count as hacks. What do you got?>in too deepI'm the one in too deep here. I've done shit you can't imagine. You legit wouldn't believe me.
I learned to web hack by circumventing paywalls on news sites. It's a great way to practice.
>>101425202In this regard, do you trust Graphene/Lineage devices?
>>101425593Good question. They're not perfect, but it's night and day because you can actually disable most of the spyware. Actually, you can disable the device drivers which effectively disables everything but the baseband. On certain models, you can even disable the baseband or spoof it. That's one small perk of LineageOS. Keep in mind that you need to level up your Linux to at least "Adept" for all this. >LineageOS has binariesYou need those to use your hardware I think >Lineage OS isn't available on every OSThat's the real problem. I might end up running into a point where I have to build it for my device>do I trust LineageIt can be made very secure because you can use GNU tricks on it
As recommended, I read Terry's demands. So the guy was crazy for realsies?? Like, I thought he simply didn't like black people!
>>101419376Don't waste your life on that corpo shit. If you want a device that you can control, build it yourself. Sell your phone or steal one. Pinephone for example.>>101419401Amen>>101419416You are beyond saving>>101419724Easy it's 666 eat shit>>101424272Correct>>101423854Pick a project from the server of the company you're trying to impress. I suggest using the USPS delivery driver to drop your payload via bluetooth.
A little bird once told me, if you spend enough time wandering, then at some point you will step onto yourself.
How would I know if I'd like working in this sector?What's the work like?
>>101426578You don't understand. If you can't root one of those corpo phones, you can't attack. You must stand on the defensive. Not my style. Offense is defense.
>>101426890Sucks. >everyone is incompetent with an attitude>field is boring>you get fat in the office>you work for the Beast>AI will take your job soon (the Beast won't even need you)>you are too dumb to be on your own without your company>you learn no actual hacking skills, only how to manage defense systems>pay is just enough so if you're lucky you might be able to buy a house maybe
>>101420291Kys retard
>>101425165Finally, a place where I truly belong..Thank you very much!
>>101425090>Reason #2: It would get noticed. A l33t h4ck3r like me would either obtain root and reverse engineer your spyware, or use Wireshark to find suspicious packets. Then your company looks bad.NTA but Google already looks bad, and seemingly doesn't care it will look badder:>Gemini AI Platform Accused of Scanning Google Drive Files Without User Permission (techradar.com)https://yro.slashdot.org/story/24/07/15/204200/gemini-ai-platform-accused-of-scanning-google-drive-files-without-user-permission>Last week, Senior Advisor on AI Governance at the Center for Democracy & Technology, Kevin Bankston, took to X to report that Google's Gemini AI was caught summarizing his private tax return on Google Drive without his permission. "Despite attempts to disable the feature, Bankston found that Gemini's continued to operate in Google Drive, raising questions about Google's handling of user data and privacy settings," writes TechRadar's Craig Hale. From the report:>After failing to find the right controls to disable Gemini's integration, the Advisor asked Google's ChatGPT-rivalling AI chatbot on two occasions to pinpoint the settings. A second, more detailed response still brought no joy: "Gemini is *not* in Apps and services on my dashboard (1st option), and I didn't have a profile pic in the upper right of the Gemini page (2nd).">With help from another X user, Bankston found the control, which was already disabled, highlighting either a malfunctioning control or indicating that further settings are hidden elsewhere. However, previous Google documentation has confirmed that the company will not use Google Workspace data to train or improve its generative AI services or to feed targeted ads. Bankston theorizes that his previous participation in Google Workspace Labs might have influenced Gemini's behavior. The Gemini side panel in Google Drive for PDFs can be closed if a user no longer wishes to access generative AI summaries.
>>101420935Kys you autistic imbecile
>>101424881cert == testing hacking in a controlled environmenthomelab == showing shit you hack in a built environmentYou think you can get a job by bragging about blackhat shit?
>>101426931Ofcourse, you are correct.Feel free to dig in.https://www.mediafire.com/file/8dmiic7r5riuken/Samsung_Galaxy_Note_10_%252B_Schematic_Diagram.zip/file
>>101427176>You think you can get a job by bragging about blackhat shit?That's how it was for decades?
Reposting the updated Data Broker Removal Links:https://pastebin.com/3tncC0rE
Another week, another thread, another Boeing incident.
Besides Discordianism/subgenius, why hackers have an interest in oriental food?http://catb.org/~esr/jargon/html/O/oriental-food.html
>>101428185Anime, duh. Same reason The Matrix code contains hieroglyphs.
>>101428239>animeSo only Japs food then, but it's stated that almost every oriental food there (Thai, Indian, Korean, Burmese, Vietnamese, especially Chinese)
>>101419041How do you convince yourself that Graphene OS, Tails OS, Tor browser, etc. help your privacy when something as security critical as https, which unquestionably has widespread adoption, is fundamentally flawed. Https encrypts your connection to a web server without a "WARNING: trust certificate?" message in your browser because some certificate authority (CA) such as google (shiny) or cloudflare (shiny) say its OK to use.If you create and sign a certificate yourself, you removed the shiny CA concern, but then there is still the possibility the shinies can BTFO 2048 bit Diffie Hellman key exchange, or apply some other voodoo such as deep packet inspection to see exactly what you're up to.My idea to combat this is to have everyone generate their own, custom, idiosyncratic ciphers and/or encryption methods to use in tandem with the current industry security standards. While not fool proof, it will mandate that shinies look over the data *personally* in order to understand it, thereby exacerbating their resources.I would like to hear your opinions on this matter. Thank you.
>>101427106you first, dipshit.
>>101428593>How do you convince yourself that Graphene OS, Tails OS, Tor browser, etc. help your privacy when something as security critical as https, which unquestionably has widespread adoption, is fundamentally flawed.It is called Threat Modeling, the fundamental building block of cybersecurity is, where you do a risk assessment of threats to you and you take steps to mitigate them. Not every threat is created equal
>>101429050Based.
>>101428360Hmmm... Blade Runner!
>>101426890From the previous thread:>It's not ALL bad and from there you can branch out into more interesting things, cyber threat intelligence, Malware analysis, forensics, or just keep on getting reeeeeal good at threat hunting. But I think I just find, and excuse me for the corpo word, red team, more exciting.
>>101428593>Tails OSmalware, pings tails.net on startuppings fedora time server over clearnetavoid>Graphene OSandroid is malware 200mb of binary blobs and so is phone hardware, secondary "security" cpu>Tor browseryou vill update weeklymake your own linux and coreboot distribution, avoid httpshttp is acceptable and not botnetother protocols should have no issues
>>101429677>http is acceptableacceptable for what, exactly?
>>101427307coooool :) thanks anon
>>101428185it tastes good?>>101430070acceptable for anon's schizophrenia
I propose we change the "s" in skid to sexy, so that when we are called "skid general" it means "sexy kid general" as in we are a bunch of sexy kids (guys).
>>101430070browing the internethttp://xahlee.info/w/why_no_https.html
>>101430644Yeah, exactly, jeets like you brown the internet.
hahaha imagine using anything other than iceweasel-uxp or icecat for graphical web browsing>>101424731my iceweasel-uxp will stay the same 1s and 0s for the next thousand years#neverupdatefuck tor (cia) browserfuck fagfoxheil fsf
>>101430689enjoy your botnetalso you are probably projecting, dont forget to redeem cloudflare certificate
>>101430644Thanks for the link.Just saw his other article about pic rel. I guess Google has made alterations to their results to make them seem plausible.
>>101428185Man I remember when that shit used to be cheap. Could always go for a 2 AM snack at that one place.>>101429540I swear I will fucking eat the guy who is trying to sell me synthetic meats.>>101430164You into sexy kids?
>>101430827havent used google or any search engine for so long that i completely forgot about that hahafucked up timesi guess the modern spin of that would be http://xahlee.org/Periodic_dosage_dir/goole_gemini_jen_gennai.html
>>101424913Someone out there love you too, anon. Meanwhile please do contribute.>>101425130>my pure /psg/ babyWe have a regular flow of /cyb/ and /sec/ news, sometimes even /re/ news, but I cannot remember you or anyone else have ever contributed /psg/ material.
Do any of you guys actually run your own automatic OSINT stacks? I'm curious what signals people are tapped into besides the usual scanning and fingerprinting ipv4 address space. I'm strictly asking about methods and types of legal OSINT acquisition and content. I archive various 4chan boards and have several website watchers that save and alert when changes are made.
What I don't understand is Hackers obsession with whiskey. They go and huddle like it's some sort of arcane ritual.
>>101431058i scrape bunch of communities thats about itbeen thinking of finishing my own indexing engine
>>101430957I did not post everyday in privacy and security general but I can assure you I read everything there almost every day for months
>>101431076>he consoomed the protoncia and signalcia ads daily
>>101431122yeah? you don't have to repeat what I said right after I say it, kind of dumb.
>>101422479Im guessing cookie session theft
>>101424854I came here expecting good advice which I did get but then quickly realized how faggy and retarded 3/4 of /g/ is, at least boards like /fit/ help one another
>>101425343>What was the last thing that you hacked?Hacked?I write fiction
>>101430887Yeah, definitely the modern spin. I'm not fond of it, so it's a great reminder, and motivation to double down on open source clones of everything.
>Updating The Armory links>pentester.fr>This domain name has been registered with Gandi.netOuch.
>>101431076... and your contributions those months...?
>>101432849discussion, advice, links to resources when people ask for them and I know where they are
>>101432886All of that is good, though it is hard to search for gems in past conversations. How about also adding to the Wiki? Entries such ashttps://wiki.installgentoo.com/wiki/Privacy_friendly_frontendshttps://wiki.installgentoo.com/wiki/Anonymizing_yourselfor a new page altogether?
>>101434421I don't think I understand, that guy >>101425105 is trying to define what is and isn't "actually" cyberpunk, like who is he to decide that, it is a true scottsman fallacy, a nearly pointless post, I complain about cyberpunks in general because of it, and now you want me to contribute to the wiki?
>>101434464>I don't think I understand, that guy >>101425105 is trying to define what is and isn't "actually" cyberpunk,The nnumber one topic back in the day on alt.cyberpunk was indeed "what is cyberpunk?" And 20 years later people still feel called to provide a single unified definition. The FAQ points out the topic was old even then.>like who is he to decide that,Just one of many.>it is a true scottsman fallacy, a nearly pointless post,Sure. At least it was a bump, hopefully it also made people think, which to me has value. Agreement is not needed.>I complain about cyberpunks in general because of it,You are perfectly free to disagree.>and now you want me to contribute to the wiki?Sure. Your contributions did not lose any value because another anon decided to declare his views. We have even several manifestos, and you know there is something in the water when someone issues a cyberpunk manifesto in anger based on nostalgia - and she is 16 years old.
>>101425105retard
>>101419041I've never used anything like this. I typically either use a regular username and password, or if the service provides it, 2FA via text message, email, and/or an authenticator app. What's the catch?
>>101436771botnet
>>101436771It is a stronger form of 2FA that is phishing resistant compared to using an authenticator apphttps://en.wikipedia.org/wiki/WebAuthn
>>101435732queer
>>101436827All i know is im gonna start migrating my projects off GitHub
>>101437766because of passkeys? that is probably an overreaction because its owned by microsoft? that is understandable, I don't blame you
Yo, any of you queers know a good VPN for the purpose of IP spoofing? Pls notice how i didn't say security. I need to switch my IPs and pretend to be legitimate hosts. I want the chance of a given endpoint IP being recognized as a VPN to be relatively low. I want a high trust score. I'm looking for obscurity here, and I'm ok with paying. Preferably crypto. Again note how i said i dont need it for security or for piracy. >free onesProton is free but their free IP range is well documented for example.
>>101437783https://www.privoxy.org/
>>101437778>owned by Microsoft>mandatory 2FA>future looks grimGood projects exist there. I'll always have to clone their repos. But I'm moving MY stuff to GitLab. GitHub about to be downstream kek lmao. This is how you alienate hackers. We dont want verification
>>101437802why not host own simple git server
>>101437916on a LAN, maybe. But my linode hosted git server would be experimental not upstream
>>101437802I don't think Microsoft was ever trying to court hackers, 2FA is not a bad thing
>>101437967Did M$ originally own GitHub???
>$BEAST_TACTIC is not a bad thing!!!It is when mandatory
>>101437971No, they bought them 6 years ago, if that was a deal breaker then anyone using it should have stopped using it a long time ago, not complain about it today
>>101437981>if that was a deal breakerUp until now they at least treated me with dignity instead of enforcing choices on me due to other faggots getting supply chained. Cuz everyone decideds to maintain their projects there. At least up until now.
>>101437990hmmm right, well just so you know, you can still use 2FA via an authenticator app, you don't have to use a passkey.
>>101437994You're right, I don't need a passkey. Because my repos are going to GitLab
We need to respond to this by using America's rivals. See if the Beast can withstand its own intellectual talent outsourcing to the globe before the AI is ready.>American service becomes shit>sell out to best one even if it's Chinese
>>101438013Anyone who's ever complained about American cars being shit and bought Japanese helped this effect. >GitLabStill hosted in USA, but started by Pajeets. You don't wanna know where I'll move next.
>>101438006Seems stupid to not go self hosted, if the company hosting your repo can make you leave with a policy change once, it can happen again.
>>101438061I do self host. We are discussing public code repos for the everyman though. You can have both salad and potatoes man.
>>101438074I thought you were talking about repos for hackers that hate authentication, the everyman benefits from 2FA
>>101420161the thing with these threads is that technical people barely post here. I mean, look at the retard who posts links to tech news articles instead of links to actual technical writeups and stuff.these people want to keep the thread alive at the cost of having retarded off-topic talk (most probably bot talk imo)we have merged 4 generals, and it's still not enough. it's kinda sad... clearly no one in this board cares about security. /g/ is in a really sad state these days.
>>101419724042
>>101438108So my point exactly. Alienate a substantial part of your own audience. >they don't want hackersMaybe they don't want blackhats as shareholders, but I submit that GitHub has profited substantially from tools developed by blackhats. Requiring 2FA goes against the open source principles. As does hosting upstream shit on GitHub in 2024.>why do i careAre you kidding? Now i have to track down repos and clone before they get deleted!
>>101438638>Requiring 2FA goes against the open source principlesBut how
>why do i care>Are you kidding? Now i have to track down repos and clone before they get deleted!I literally have no idea what the fuck you're saying here, I didn't ask that question nor was I going to, your repos aren't about to get deleted so I don't know where this sense of urgency is coming from
>>101428593>>101429050maybe it comes down to the fact that the S in HTTPS does not mean Shinyproof
>>101438897hackers are gonna start migrating their shit from GitHub. Every time stuff like this happens, good code/loot disappears. You have no idea cuz you don't know such repos.>my repos arent gonna be deletedI'm not worried about my own repos. I'm worried about obscure tools getting purged cuz the acc owner is too lazy to get 2FA set up. That's what's coming next. I gotta fork all the stuff I like just in case now. GH will purge soon at this rate.>>101438850childish question>exclusivity via excluding people who cannot into 2fa>tracking creators>Microsoft is not known as a friend of opensource>>101438201I think the average age here is below 14. The average mental age is even lower. We are stuck between faggots yelling >"Don't even use a phone", as if they don't know how to SIM-swap, and don't know how to remove spyware from phones, and also don't understand that you can feasibly just bring a WiFi-only tablet when up to no good (I shouldn't be giving my tricks away though :)>"no HTTPs" so I can sniff everything you're doing if I bruteforce your LAN password like it's 2005, vs faggots yelling >"everything must be connected to the botnet and verified with the botnet"
>>101439202>We are stuck between faggots yellingWow, congratulations Mr. Smart Boomer, you've been trolled! We have a troll here, you know.
>>101439345It's the fact that nobody here has any offensive skills which make it funny. Only thing g pedos care about is hiding their pizza from the Federales
>>101439373Now you're just being rude.
>>101439457I'm objectively correct. I was driven from this board due to those degenerates. But I know my enemy.
At least that fucker uploaded an image. You got any images to share you dipshits. >>101439759Also>If you have to buy it, it's not yours.
WOKE UP THIS MORNING GOT MYSELF A SCRIPT
>when you toast your entire production environment VMTake backup images, and don't copy-paste code into your terminal. I've descended my machine into dependency hell and I can't get it out. My apt-get is literally broken at this point.
>>101440269Happens aaaall the time! :)lmao this nigguh fucked up
One of the things that hackers value is freedom to information, so is gatekeeping antithetical to this value?
>>101440329No.
>>101440329Yes, but there are hackers who don't care, because you don't need any type of philosophy to be a hacker. It used to be anti-authority, but now people see it as a career pipeline. The other anon quick to reply with "No" is likely not a hacker though. t. one of the only hackers here, if not the only one
What's the point of giving me a list of shells if they're not set to 777 you imbecile
>>101430957>Meanwhile please do contribute.I did contribute. I drop by here and give people things they can't solve. It's like trying to start a motor that's been siezed since 1862
>>101440398state your reasoning>>101440419>there are hackers who don't carewhat are kind of these hackers? crackers, state-sponsored glowies, anons?
>CONTRIBUTE CONTRIBUTE CONTRIBUTENTA but OK here's something else for you faggots:Assume I have adb working, fastboot working, and also I have dd installed. I have a phone with root and it's connected to the same network as the machine running ADB. The host OS for the machine running ADB can be Windows, Linux, or Mac, or even Android. Doesn't matter. I'm sticking with Linux. The Android has a su and sudo binary.What is the fastest way to copy my firmware onto my host OS without touching my current system? Which folders are the best to start with? This counts as forensics btw>>101440422filter test?
>>101440525This is an exfil challenge btw>you get root>now you need to exfil their partitions>???What ho haquers?
>>101440505>what are kind of these hackers?The faggots in this thread call themselves hackers, so there are examples of some who are against freedom and openness of information. Many hackers are pro-secrecy. Many just don't care. I recognize a balance like Yin Yang. The truth's in the center. But we live in a world that's already too full of secrecy in its own right.
>>101440570>many hackers are pro-secrecySo cypherpunks?https://www.activism.net/cypherpunk/manifesto.html
Hacking is about stealing money that's it
>>101440616Buddy, nothing with "punk" at the end of it means anything anymore; haven't you heard "punk is dead"?Green Day Lead Singer Billy Joe Armstrong can be quoted saying "Punk is dead to anyone who didn't understand it in the first place"Cyberpunk means nothing. It's a board game. It's an aesthetic. It's a culture. It's edgy anime drawings. It's music now? It's nothing. Nothing to do with cybersecurity. And nothing to do with punk. >cypherpunkEdgelords who read an encryption textbook
>>101440640It doesn't have to be stealing money. It can be farming money. Like hosting porn sites or renting out your bots. Or chasing bad guys. Or just having fun. Not necessarily stealing. Am I stealing your money if I just hack your WiFi to play games because I'm broke?
>>101440673Yes it's called stealing wifi
>>101440693You said stealing MONEY, and assume I'm not hogging bandwidth.
Another good question for you lads. How do you bypass browser fingerprinting when you have to appear as new identities, let's say you need dozens of browser identities per month. Let's say the website also does device fingerprinting. How do I bypass these measures if I'm using a virtual machine? What if I'm on bare metal? Assume I have every kind of device too.
All Armory links have been updated.Good, because I was running out of time: I'm anxious to start learning C. So those 2-3 hours a day will go there now. Some thoughts:- One of the reasons why I've done this was to learn about all the different tools myself. It was an interesting journey and I've bookmarked a little arsenal for myself.-Now the list looks very tidy. No more unnecessary revision numbers, or absent periods and capital letters.-Some of the tools are ancient.-If you're making a tool, even a simple one, don't call it something generic, it will get lost with time.-Pentesters don't care about web design.-It was impressive to see successful tools grow from 0.1 to 6.5.0 Freaking veracrypt, tor and wireshark were so unknown ten years ago.-I might've fucked up by adding https where it didn't belong, but I'm gonna recheck those links twice.
Oh, and me or someone else should notify people on github about it, because they have copies of this list. Like this one:https://github.com/jarv-git/Awesome-Hacking-Tools
>>101440651>haven't you heard "punk is dead"?I've heard of it somewhere, there's no actual definition of "punk" as far as I know. From mainstream sources such Cambridge Dictionary, it means:>a culture popular among young people, especially in the late 1970s, involving opposition to authority expressed through shocking behaviour, clothes, and hair, and fast, loud musicSo yeah, as a counter-culture movement, it's gone for good as you need to be unapolegetically you as an opposition against the norms and the establishment.>It's a board game. It's an aesthetic. It's a culture. It's edgy anime drawings. It's music now? It's nothing. Nothing to do with cybersecurity. And nothing to do with punk.So yeah cyberpunk means nothing if it just aesthetics, this general should be moved into /fa/ and rebranded as "cybercore" instead. Most young people (zoomers) have moved on to "name"+core instead. That's so far my understanding from this, anon.>>101440673>Am I stealing your money if I just hack your WiFi to play games because I'm broke?No, it's called sharinghttps://www.youtube.com/watch?feature=shared&v=IeTybKL1pM4
>>101441157>https://github.com/jarv-git/Awesome-Hacking-Tools>last commit 6 years ago
>>101441458Exactly. Someone might decide to start updating it again and will waste time.
>>101440792>How do you bypass browser fingerprinting when you have to appear as new identitiesYou cannot. You have to look closer into what this fingerprinting is.One of many parts is the collection of fonts you have installed. If, all of a sudden, you have a browser with no installed fonts, that is like a huge red flag and probably close to unique and therefore highly identifying.What you want instead, is to hide in the crowd.In earlier discussions it was suggested that having zero social media presence would be a red flag and cause excessive interest from nameless agencies. And then it turns out the shooter didn't have any social media presence. I guess some assumptions should be reconsidered.
>>101440329>One of the things that hackers value is freedom to information, so is gatekeeping antithetical to this value?This is a good philosophy to have in a tight knit group but given THE ABSOLUTE STATE of tech today you should GATEKEEP as much as possible. Unless you like sharing the space with DEI and troons, or (for wagecucks) losing your job to a jeet who just copy and pasted his way into your profession but couldn't tell you what a "wirus" is.Don't forget the Anonymous """hackers""" started here because faggots couldn't keep their mouths shut if their lives depended on it. If you want more of that cringe, yap away.
37yo Fedor was arrested in Moscow for alleged connections to Trickbot (Wizard Spider). He's to be extradited to Germany.
>>101441569Who will maintain Fedora now?
>>101441596Some Pidor.
>>101441557>This is a good philosophy to have in a tight knit groupHackers used to be a tight-knit group, especially even before the usenet had gained an influx of newbies (the Eternal September) and the internet went mainstream. Richard Stallman is called as the last true hacker.>you should GATEKEEP as much as possible.I think I like the balance of gatekeeping and sharing, most of the information I get from searching throught the archives (4chan) to see what I find interesting.
>>101439202>exclusivity via excluding people who cannot into 2fabut this is false, you are unwilling to accept new information, the new information is you are wrong, that is the only childish behavior here>tracking creatorsyou can do 2FA without tracking, thats what I keep trying to tell you