File: media_GSRLNPWbAAAohfX.jpg (374 KB, 1080x1350)

374 KB JPG

We have a slight flooding now, level 7. Still, I had hope the /cyb/ would have survived that.To keepthis going throough the night, I'll return to the old remedied: Lunarpunk and Nightcore!
https://youtu.be/27tXqfc3vpY?feature=shared

>>101468683
>What a shit bake. We were moving forward, but then some autist decided to spoil the fun. What a retard.
Thanks for your massive effort. Not sure about the autist, was that reverted?

epoxy on my ram and rom

cyberpunk security chads, how we feelin?

>>101483160
linux bros, we eating good tonight

Which Linux fork should I be using?

File: Untitled.png (24 KB, 990x409)

24 KB PNG

>>101484714
One of pic related, I recently went back to Fedora Workstation
https://www.privacyguides.org/en/tools/

>>101484714
trisquel.info
hyperbola.info
ignore literally anything else, its all backdoored malware
after while make your own distro

>>101484829
"privoocy"
everything listed there is non free lol lmao

>>101485195
What part of fedora is non-free?

>>101485239
kernel, packages
also uses meme stuff like gayland,systemd
networkmanager pings fedoraproject.org

>>101485272
>kernel
I assume you mean the firmware? if not would you be willing to expand
>packages
such as? I am trying to see the progress over time

>also uses meme stuff like gayland,systemd
>networkmanager pings fedoraproject.org
not really relevant

>>101485398
>not really relevant
how are hidden pings in networkmanager not relevant?
literal botnet

true free software should have 0 telemetry and 0 pings

https://www.gnu.org/distros/free-system-distribution-guidelines.html
>No Malware
>The distro must contain no DRM, no back doors, and no spyware.

>>101485427
>how are hidden pings in networkmanager not relevant?
because the question was "What part of fedora is non-free?" so I could do more research on to it
The question wasn't "What issues do you find with Fedora in general? I will try to convince you otherwise" I am not trying to convince you to use Fedora, I just want to research the claims

>>101485466
https://www.gnu.org/distros/free-distros.en.html

>>101485466
>because the question was "What part of fedora is non-free?"
TELEMETRY IS NOT ALLOWED IN FREE SOFTWARE
YOU DIDNT EVEN READ MY POST
FFS

>>101485515
the question was "What part of fedora is non-free?" so I could do more research on to it
the question wasn't "give me a list of gnu approved distros, since I can't convince you to use fedora" I am not trying to convince you to use Fedora, I just want to research the claims

>>101485534
is this broken bot or something?
read this https://www.gnu.org/distros/free-system-distribution-guidelines.html
you can literally see that everything in there is broken by fedora
fedora is not fsf approved because its non free

>>101485547
see >>101485398 "I assume you mean the firmware? if not would you be willing to expand"
I understand the firmware is not free, the anon also clamed packages, which is what I am also curious about
>>101485528
Stop being a fucking retard, Telemetry is bad, Malware is bad, this does not mean Telemetry satisfies the definition of Malware, that is why I ignored that point, because you don't know the definition of words

>>101485572
>because you don't know the definition of words
telemetry is malware
there is no reason for it to be pinging its own servers
no different than microsoft windows

it is not a free operating system because it fucking spies on you

>firmware is not free
mitigations and some security things in kernel are also going to be non free
>the anon also clamed packages, which is what I am also curious about
non free repos out of the box are not allowed in free distros

>>101485613
>telemetry is malware
believe what you want
>there is no reason for it to be pinging its own servers
I didn't say there was, see how I said I wasn't trying to convince you to use Fedora, I am still not trying to convince you
>no different than microsoft windows
>it is not a free operating system because it fucking spies on you
believe what you want to

>mitigations and some security things in kernel are also going to be non free
can you point me at an article or something or give me a name of something, I am searching for the things you say after every post but it is turning up a bunch of non-specific unrelated results

>non free repos out of the box are not allowed in free distros
Are we just ignoring that a repo isn't a package, and that you can choose not to use 3rd party repo's during the setup process? that is what I mean when I say progress

>>101485673
>believe what you want
telemetry is malware according to gpl
>I didn't say there was, see how I said I wasn't trying to convince you to use Fedora, I am still not trying to convince you
im saying that fedora is non free, this is not about what who should use
>believe what you want to
it it fact not belief
>can you point me at an article or something or give me a name of something, I am searching for the things you say after every post but it is turning up a bunch of non-specific unrelated results
look up linux-libre patches
>Are we just ignoring that a repo isn't a package, and that you can choose not to use 3rd party repo's during the setup process? that is what I mean when I say progress
giving access to non free software is forbidden
flatpak gives you stuff like discord spotify etc all non free
chromium is non free and shouldnt be repos
infact chromium is the default browser on memedora

>>101485195
meds, now

>>101485878
enjoy your botnet

>>101485847
>look up linux-libre patches
ok
>giving access to non free software is forbidden
are you sure this is the stance you want to take? the mere act of giving access to non-free software? are you certain you thought that one through
>infact chromium is the default browser on memedora
firefox.

>>101485884
no botnet in my gnu+linux OS, only free packages and linux-libre kernel, so you can kindly fuck off

>>101485899
curious because you are posting on website that requires non free javascript
>>101485895
>are you sure this is the stance you want to take?
yes
it is easier to have 1 computer fully free and then separate one for botnet
do not mix

>>101485919
>yes
so then logically speaking, any software that "gives access to non-free software" should satisfy that condition, no take backs?

>>101485939
free distro should NEVER let you download non free software from their repos
because that would make it non free

imagine running windows software on free distro, might aswell use windows

>>101485947
when have i implied that im not on botnet computer?

>>101485955
you didn't say "from their repos" prior to this, I am glad you finally caught that

>>101485972
you can install any software on any distro by just downloading static linked binary
so of course you cant prevent that
but it should be that free distros should only promote free software

Building my first PC and getting an external drive to go with it, and I figured I should learn how to encrypt them too. I use Windows, so I think I should use BitLocker for my PC drive (only have one for it right now) and use Veracrypt for the external. If my understanding is correct, I will need to create a Veracrypt partition(?) that takes up the majority of the space on the external, transfer files from my laptop into that, and then I should be able to move them into the new PC, relatively problem-free?

>>101486403
dont bother with advanced filesystem stuff on windows
it will be pain in the ass to recover

I don't know if this is the proper thread to ask, but what's the closer I can get to making a nomad setup with a tablet and a Bluetooth keyboard?
I'm nostalgic of netbooks.
bare minimum is using emacs (with org mode). python, GHC, and a sepples compiler would make it ideal.

>Old OP
>Same pic
Well, good luck bumping it on your own, retard.

Be careful, some links can be malicious. We have an updated OP now:

/Cyb/er/sec/urity/pri/vacy general is for the discussion of anything and everything related to cyberpunk culture, cybersecurity, and digital privacy. Common topics include:
— dystopian news,
— cyberpunk music and media,
— OpSec,
— hacking the planet (HACKING THE PLA-NET);

Networking questions will receive more helpful answers in the Home Server General. This is not a "how to find a job in sec" thread, but here is some information to help you get started:https://paste.sqt.wtf/1511e8

While our wikis (https://paste.sqt.wtf/227046) are somewhat out-of-date, they are still useful and will be updated with new information generated in this thread. Related generals: ham radio, 3D-printing, microcontrollers, drones; all on>>>/diy/. Homesteading on>>>/out/.

>>101489869
>some links can be malicious
Care to be more specific?

>>101489869
old OP is better you insufferable faggot, the fact that you didn't notice for over a week shows you're nothing more than a fucking tourist

Molly being discussed: >>>/tv/201501230

>>101489869
old one is better, doesnt hide links

>>101489869
Don't forget to livestream your suicide.

>>101489869
>Well, good luck bumping it on your own, retard.
bumping just for you senpai

>>101484829
>>101485195
Why not Debian?

>>101490179
Yeah, the local troll replaced links in the hugeass OP once, maybe more, don't remember with what exactly.

>>101493479
NtA but Debian has way too much drama, and get full coverage over in LWN. Ubuntu is pragmatic and usable for people who want to do work rather than acting out performative drama on the net.

>>101493690
That happened months ago, so I don't know why the local Karen is bringing that up.
>>101494189
Debian and Ubuntu are both fine imo.

>>101494469
I hope SerenityOS takes off soon. Too much drama also in the Linux Kernel traffic:
>Despite how useful Google finds the protocol, kernel developers were dubious about adding yet another encryption protocol to the kernel, which already handles IPsec, WireGuard, TLS, and others. Paul Wouters expressed surprise that Kicinski wanted to add PSP to the kernel, when the IETF had declined to standardize the protocol on the basis that it is too similar to IPsec.

>Steffen Klassert shared a draft that the IPsecME working group has been putting together that covers some of the same use cases as PSP. That may not be as helpful as it sounds, however, because there are already hardware devices implementing PSP, Willem de Bruijn pointed out. "It makes sense to work to get to an IETF standard protocol that captures the same benefits. But that is independent from enabling what is already implemented."

>That answer didn't satisfy Wouters, who asked: "How many different packet encryption methods should the linux kernel have?" He said that waiting for protocols to be standardized provides interoperability, and chances to make sure a protocol is actually useful for more than one use case. PSP and IPsec can also use a lot of the same NIC hardware, he pointed out.

It is drama all the way.
Also, what happened with ToaruOS?

>>101494469
It can happen anytime.

>>101494967
There's so many autists in this thread that it was spotted immediately. And the links weren't even malicious, they had only been tampered with to make them broken.

>>101495144
Bullshit, there was some type of an attack.

=== /sec/ News:
>A Windows version from 1992 is saving Southwest’s butt right now
https://www.digitaltrends.com/computing/southwest-cloudstrike-windows-3-1/
>Nearly every flight in the U.S. is grounded right now following a CrowdStrike system update error that’s affecting everything from travel to mobile ordering at Starbucks — but not Southwest Airlines flights. Southwest is still flying high, unaffected by the outage that’s plaguing the world today, and that’s apparently because it’s using Windows 3.1.
They sure do things differently in the south west.
>Yes, Windows 3.1 — an operating system that is 32 years old. Southwest, along with UPS and FedEx, haven’t had any issues with the CrowdStrike outage. In responses to CNN, Delta, American, Spirit, Frontier, United, and Allegiant all said they were having issues, but Southwest told the outlet that its operations are going off without a hitch.

Security by obsolescence?

>>101495247
No, there wasn't you fucking tourist.

>>101495262
How am I a tourist if I know about something that happened "months" ago? Retard. Dumb unfunny forcer.

=== /sec/ News:
>Firefox 128 Criticized for Including Small Test of 'Privacy-Preserving' Ad Tech by Default (itsfoss.com)
https://news.slashdot.org/story/24/07/20/0510233/firefox-128-criticized-for-including-small-test-of-privacy-preserving-ad-tech-by-default
>"Many people over the past few days have been lashing out at Mozilla," writes the blog Its FOSS, "for enabling Privacy-Preserving Attribution by default on Firefox 128, and the lack of publicity surrounding its introduction."
>Mozilla responded that the feature will only run "on a few sites in the U.S. under strict supervision" — adding that users can disable it at any time ("because this is a test"), and that it's only even enabled if telemetry is also enabled.

They probably thought they could get away with this.

>>101481850
Here is the "I don't think it's possible to have privacy against the feds" blackpill. Swallow carefully.

https://en.wikipedia.org/wiki/Room_641A
https://en.m.wikipedia.org/wiki/Logjam_(computer_security)
https://en.m.wikipedia.org/wiki/XKeyscore
https://en.m.wikipedia.org/wiki/Tailored_Access_Operations
https://en.m.wikipedia.org/wiki/Dual_EC_DRBG

>>101495406
a tourist is someone who pops in irregularly (you), why don't prove the other anon wrong if you just "know"?

>>101485943
>682, one correct and well placed
>614, one correct but wrongly placed
the only shared number is 6, and it appears in the same spot in both sequences. incorrect image.

File: photo_2024-07-02_17-15-06.jpg (24 KB, 406x227)

24 KB JPG

>>101496694
nvm I am retarded

>>101483160
>>101496618
NOT very fucking good

File: Google On-device password(...).png (1.64 MB, 930x754)

1.64 MB PNG

>>101481850
I've never used anything like this before. Apparently, rather than storing The decryption key on their servers, the key get stored on your device. Any theory this means that even if Google were to experience a data breach in the future, your passwords and keys are still safe because only YOU have The decryption key. Does or has anyone else used this? What are the benefits and downsides?

Rust desk keeps spawning processes and connecting to it's server. I kill the process and it pops back up.
I pacman -R --recursive'd it even though I need it to access clients.
Should I reinstall it or switch to something else?

>>101495247
>>101495406
Let me know when you post some evidence to back up your hallucinations.

Updated Firefox Zero user.js
https://pastebin.com/fB8vQbd8

=== /re/ News:
>DO YOUR RESEARCH
https://hackaday.com/2024/07/20/do-your-research/
>We were talking about a sweet hack this week, wherein [Alex] busts the encryption for his IP web cam firmware so that he can modify it later. He got a number of lucky breaks, including getting root on the device just by soldering on a serial terminal, but was faced with having to reverse-engineer a binary that implemented RSA encryption and decryption.

File: DCR+cybd_ethereal_promo3.jpg (544 KB, 2616x1770)

544 KB JPG

>>101498469
I love TTL sereal ports soo goddamn much.
=============Video=============
Lots of lonely people out there:
The Hated One | DON'T use AI companions apps!
>https://youtu.be/6uwVNufVnD8
=============News===============
Butter made from CO2, not cows, tastes like ‘the real thing’, claims startup
>https://www.theguardian.com/science/article/2024/jul/16/us-startup-lab-made-climate-friendly-butter-savor-bill-gates

Not to be outdone, Deep /cyb/ Synthetic Food Labs, Inc. in partnership with /CYB/LOID Ragazine will be announcing it's own alternative to Gates' CO2 (((("""""butter""""))) shortly, adding to it's growing family of alternative synthetic lineup of anti-globohomo sustainable ingestables*. Watch this space.
=============Music==============
>https://youtu.be/s4obATUkEXw?t=37

Are the people who claim to prefer light mode just coping with RFP

>>101496618
*thinkpad x230 with heads firmware and epoxy on ram and rom blocks your path*
>>101499362
>Butter made from CO2
first the milk now the butter, whats next?

>>101500988
Bacon made from solar panels
Soup made from wind

>>101502393
and thats a good thing

>>101498122
based

What do you need to set up in any random linux distro to reach the same level of physical-digital security offered by W10 + Bitlocker?
Would only Secure Boot + Full Disk Encryption suffice or is a LUKS1 encrypted /boot partition required? What about PCR7 checks I read about here and there, or is that done through/with Secure Boot?

I unlock LUKS2 /root with password + encrypted externally stored keyfile btw carried on my person, no TPM keystore here

>>101503057
https://github.com/linuxboot/heads

>>101503181
Yeah I'm aware of heads, coreboot, libreboot and such. I have a nice reflow station so desoldering the SPI ROM to flash isn't an issue either. The thing is I have a brand new laptop from 2023 so I don't think that is going to be supported. I think it runs FreeRTOS even.
At this point, I'm mainly focused on have a boot chain comparably secured as bitlocker protected windows, maybe I'd want to surpass it later. but baby steps first. So if I could ask you,
>W10+Bitlocker equals Linux Secure Boot but unencrypted /boot + default FDE on /root
>or actually GRUB cryptodisk with encrypted /boot partition needed
>PCR7 checks done through SecureBoot or do I need to look into it specifically?

File: Carbon-subnitride-3D-vdW.png (59 KB, 1000x385)

59 KB PNG

>>101500988
>first the milk now the butter, whats next?
Fuel, probably. Germany got a loophole for their car industry that internal combustion engines would still be OK in the EU as long as they could be fuelled with renewable fuel.
Carbon subnitride would be an interesting fuel, especially for aircrafts.

>>101500988
>>101483042
>epoxy
What is the purpose of epoxy on ram and rom?

>>101505039
Preventing reflashing and cold reading, obviously

File: 1663944933096.jpg (99 KB, 1024x768)

99 KB JPG

>have been computing since Win 3.1
>have managed to keep my passwords and log in stuff under control in order in my head all these years
>can't handle it anymore with all the 2-way authentications, numbers, account usernames, password with strict anal requirements
>look for a way to save all these in a secure way on the phone
>now I have all in a google note file with a password
>very unsecure option
Should I use one of these password manager apps?
How do I go about this? I have to have these stuff on the go too and not just locked in the house if possible. Thoughts?

>>101505275
Keepass encrypted kdbx database on google drive
use with desktop client to build database and perform usual maintenance tasks
install kdbx client on phone
open kdbx on phone
ezzzzz

>>101505039
https://en.wikipedia.org/wiki/Evil_maid_attack

>>101505317
Is KeepAssDroid the official app for phones?
I like the detailed documentation on the keepass website.

>>101505275
>Should I use one of these password manager apps?
no
>>can't handle it anymore
reduce amount of online accounts

>>101503308
dm-crypt on linux is more secure than bitlocker against bruteforce as you control all parameters
you can use argon2id with 50 time cost and no one in the universe will ever bruteforce the password
you will have to deal with 50 second boot time though

you can add your own keys into tpm and sign the kernel on linux, gentoo wiki has guide i think
but beware of inevitable breakage

use windows 11 in s mode with bitlocker if you dont want to waste time and love spyware

>>101505317
imagine giving google your passwords
implying they wont crack it in 10 millis with 0.1% of their computing power

>>101505922
I care about low level pajeet crooks, Google has everything already anyways.

>>101505184
>>101505507
Thank you anons, but what about usb ports in particular?

>>101506043
so use googles password manager...?
>>101506092
they do nothing if you disable them in kernel

>>101506115
>googles password manager
No because pajeets can get into google.

File: 1715809399814858.jpg (104 KB, 1024x834)

104 KB JPG

>>101505922
>>101505317
replace gdrive with nextcloud

>>101506092
Buy a thinkpad x230 and install heads. Write protect the flash chip. Put nail polish on the screws and take high resolution pictures to ensure signs of tampering. Do NOT use a HDD or SSD. They have DMA so a malicious firmware could do a lot of damage, use of USB is preferred since they do not have DMA. Completely remove the microphone, sound card, webcam and the WWAN card from the laptop. Remove the fan to prevent binary acoustic data transmission. Replace the default wifi card with a supported atheros card. Disable wifi when not in use, preferably by physically removing the card. Make your own independent Linux distro from scratch. Most Linux distros value convenience over security and will thus never have good security. Your only option is to make your own. Use musl instead of glibc, Libressl instead of openssl, sinit instead of systemd, oksh instead of bash, toybox instead of gnu coreutils to reduce attack surface. Enable as little kernel modules as possible. Use a hardened memory allocator. Apply strong SELinux and sandboxing policies. Restrict the root account heavily to make sure it never gets compromised. Disable JavaScript and CSS in your browser. Block all FAGMAN domains in your hosts file. Monitor all network requests. Do not use a phone. Never speak near anyone who owns a phone, they are always listening. Never use any non-corebooted technology made after 2006. Never leave your devices unattended. Tape triple layer aluminum foil all around your room as tempest shielding. Type really quietly as defense against audio keylogging. Use ecc ram to minimize rowhammer and rambleed. Encrypt everything multiple times with various different encryption implementations. Compile everything from source. Use hardened compilation flags. Always read through the source before installing something if possible. Only use the internet when absolutely necessary.

>>101506134
never network your passwords, horrible idea
>>101506131
dont give out your gmail

File: 1709255466362736.jpg (154 KB, 960x720)

154 KB JPG

>>101506322
manually copy it from phone to desktop then?

>>101505896
I decided that I want to use an external hardware token like a yubikey for LUKS/dm-crypt which isn't possible with shitlocker so I took it as a sign to switch over to Linux so yeah I ain't going to W11. Then still, is unencrypted /boot fine or is more needed

>>101505586
I wouldn't call it official, but it is the first one on the list of contributed/unofficial keepass ports and apps on the main keepass website. Dunno if that list is ranked to most to least endorsed for every platform or if it is ranked alphabetically. I'd check all of them and just use the one with the most installs/downloads

>>101505922
>keepass
>encrypted kdbx
>waah pajeets will get my passwords
You're an absolute retard, you know that?
>implying they wont crack it in 10 millis with 0.1% of their computing power
Just use a keyfile

>>101506134
whatever you like

>>101506322
>implying the passwords are plaintext
>implying encrypted kdbx on a cloud isn't lightyears better than what anon does now

>>101506633
no, just dont use a password manager memeware
also fuck phones, lmao imagine owning one

File: 1721158100291660.png (815 KB, 768x1024)

815 KB PNG

>>101495256

Windows 3.1 and Windows XP will forever be most based of all OS.

File: Screenshot_20240721_124433.png (154 KB, 340x827)

154 KB PNG

dear hackeranon,
thanks for the laugh, you beat me to the goods

>>101507044
>Just use a keyfile
doesnt change anything, you dont want to give any kind of information to government contractor with the most super computers

>yubikey for LUKS/dm-crypt
pointless
>Then still, is unencrypted /boot fine or is more needed
encrypting system binaries is pointless
have one partition for os and second for projects that is encrypted

>>101485943
186?

>>101485943
426?

File: 1668729212290719.png (209 KB, 510x346)

209 KB PNG

>>101508525
>>101508580
042

you guys trolls or retards?

>>101508819
actually its about tree fiddy

>>101508168
I operated a mask aligner once, it was te size of a van. And it ran CP/M.

File: 4-Cyb_Replikka_ButtAir.png (376 KB, 633x734)

376 KB PNG

Bummed out by Bill Gates' FAKE Co2 """butter substitute"""?
Well, thanks to Deep /cyb/ Synthetic Food Labs, LLC, (you) now have an alternative! ============INTRODUCING=========
NEW! Replikka® ButtAir™!
100% renewable, sustainable, butter-scented compressed methane gas canisters! Harvested from only the prettiest genetically engineered brap cows, just fumigate your favorite recipies with Replikka® ButtAir™ for that authentic butter flavor we all know and love. You won't believe the taste! Build Back Butter with Replikka® ButtAir™!
==================News================
>https://www.bleepingcomputer.com/news/security/uk-arrests-suspected-scattered-spider-hacker-linked-to-mgm-attack/
>https://thehackernews.com/2024/07/cybercriminals-exploit-crowdstrike.html
==================Music================
>https://youtu.be/FhvEl4CuejE
>https://youtu.be/pUis_KwzwCc

>>101493479
I posted the picture and link because it is from the OP, I don't know why they don't choose Debian. I don't have anything against it

I picked Fedora mainly because there are a few things in the linux ecosystems I want to have first hand experience with and learn more about. Flatpaks, SElinux, and OStree are among the list of things I hear opinions on but I don't know much about, so Fedora stood out as those are defaults with the OS and therefore I assume tested by the maintainers, 1st party support should translate to documentation and community experience

>>101509286
i hate you for this nightmare picrel

Reposting the updated Data Broker Removal Links:
https://pastebin.com/3tncC0rE

File: 4Cyb_ReplikkaBunnz.png (708 KB, 868x798)

708 KB PNG

>>101509557
Fun factoid:
The original packaging for Replikka® ButtAir™ was going to be totally different, but then got spun-off into picrel.
We know you're going to LOVE:
==========NEW!===========
Replikka® Bunnz!™
Delicious Buttery* Cookie Buns flavored with ButtAir™ butter-scented compressed methane gas. They go great with Replikka® Mylkk!
==========Moar News=======
>https://www.bleepingcomputer.com/news/security/fake-crowdstrike-updates-target-companies-with-malware-data-wipers/
==========Music===========
>https://youtu.be/RDGBHHBnNk4

=== /sec/ News:
>XZ Patches For The Linux Kernel Updated, Drops "Jia Tan" As A Maintainer
https://www.phoronix.com/news/XZ-Linux-Kernel-Patches-v2
>Back in March were a set of patches to the Linux kernel's XZ embedded compression implementation with the project having switched from public domain to the BSD Zero Clause License along with other changes to update that in-tree code. Since then the notorious XZ backdoor situation was discovered in the upstream XZ project. With those major issues behind, Lasse Collin today sent out an updated set of patches for updating the in-tree XZ code for the Linux kernel.
>Over the patches sent out on the Linux kernel mailing list back in March by Lasse Collin, the v2 changes include now removing Jia Tan from the XZ maintainers for the kernel: "Jia Tan" being the one that baked the backdoor into the upstream XZ codebase and carrying out the nefarious behavior. The new patches also have some mother minor changes:

So where is "Jia Tan" now? Coming to a resource starved open source project near you, no doubt.
When a projects gains enough momentum, such as SerenityOS, Ladybird etc., it is likely that some of the "new" "volunteers" are employed by various agencies, just to build a legend early on.

>>101509812
super helpful

The guy who hacked Disney was a script kiddy who got doxxed because of his furry fetish

He was a BeamNG discord and Reddit moderator who was putting malware in pirated BeamNG car mods

https://rdrama.net/post/285835/disney-furry-hacker-nullbulge-got-exposed

Absolutely idiot gooner ruined his life

Is Mint a good beginner distro for someone who knows fuckall about Linux and knows more that your regular normie about computers, but not that much?

>>101513410
yeah

>>101513410
no, that distro is a clusterfuck that literally had malware in their disc images at one point

What's the best equivalent to Mac's Little Snitch on Windows? Would Simple Wall or Comodo Firewall be good?

>>101513684
what distros do you recommend?????

>>101514203
I would recommend Debian, Fedora, Lubuntu, Xubuntu, Ubuntu Mate, and Arch.

>>101513332
kek

=== /cyb/ News:
>XZ Patches For The Linux Kernel Updated, Drops "Jia Tan" As A Maintainer
https://www.phoronix.com/news/XZ-Linux-Kernel-Patches-v2
>Fake CrowdStrike fixes target companies with malware, data wipers
https://www.bleepingcomputer.com/news/security/fake-crowdstrike-fixes-target-companies-with-malware-data-wipers/
>Mechanical Intelligence and Counterfeit Humanity: Reflections on six decades of relations with computers
https://www.harvardmagazine.com/2024/07/harry-lewis-computers-humanity
>US Prepares Jamming Devices Targeting Russia, China Satellites
https://www.msn.com/en-us/news/technology/us-prepares-jamming-devices-targeting-russia-china-satellites/ar-BB1qgKUh

>>101514423
i see... im literally running arch rn, but, i don't get why you say that linux mint has "malware"

>>101515167
>has "malware"
is present tense
>had malware
>at one point
are both past tense

File: tc.png (391 KB, 882x740)

391 KB PNG

This is scary, the shooters didn't even have a single Facebook/Instagram/Twitter account extreme red flag!!
instead they had an encrypted account at the extreme privacy anonymity focused chat platform discord

I'm new to the linux desktop, which one would you recommend between Fedora and OpenSUSE? I really liked the stability and rolling release of SUSE, but which one would be the best for privacy and desktop experience?

>>101515479
>but which one would be the best for privacy and desktop experience?
ditch the meme mainstream distros

https://trisquel.info/ with kde desktop (triskuel)
check packages if it has everything you want
fsf linux is most private

>>101484829
QubesOS is the best, but certainly not the lightest and easiest. It's slow, bulky, requires rewiring your brain thanks to stuff like the clipboard mechanism.
Also, it uses Fedora as dom0 distro sadly. There's work being done on using custom distros in dom0 though, so that's cool.

Use Alpine Linux or OpenBSD if you want something that's secure but light, Whonix/KickSecure if you want something based on Debian, and Tails if you want something amnesic quickly

>t. QubesOS user

>>101516510
>QubesOS is the best
non free malware*

>>101516550
Like I said, as soon as you can swap out Fedora as dom0 distribution with something like Alpine Linux, it's not non-free malware anymore.

Xen itself is completely open source, so is QEMU, the only things that are non-free are the templates (that you can choose and install yourself) and the dom0 distro.

>>101516569
>Like I said, as soon as you can swap out Fedora as dom0 distribution with something like Alpine Linux
alpine is non free
it will always be non free because they rely on "security nsa binary blobs"
>Xen itself is completely open source
who cares if its fucking dogshit

dom0 shouldnt be linux at all, it should be readonly memory ipc controller

desktop should be contained in minimal graphical kernel with i915 ipc passthrough with dom0 communication, but thats never happening because the devs are incompetent retards

>>101516588
>incompetent retards
open a pull request with your ideas then? instead of being a nigger online and doing nothing but bitching about software, go ahead and help them.

you niggers are the reason why the FOSS community is so cancerous, nothing but crying about this and that but nobody actually opens a pull request that contains fixes for this and implements that.

>>101516639
>open a pull request with your ideas then?
not like they could implement them

>you niggers are the reason why the FOSS community is so cancerous
i am not part of the "free and open sores" community, i only support free software

>go ahead and help them.
i dont support nsa plants and troons
(see rutkowska origins)
(see half of the contributors)
(see the forums)

>>101516650
I see nothing but excuses anon, all bark no bite

>>101516661
lol you are literal retarded DEFENDING MALWARE KEK

i maintain my own os and i dont support fags, no more no less

>>101516675
are those some more tasty lies anon? keep 'em coming, I just can't get enough of those crunchy lies

>>101516686
enjoy your botnet since you have nothing more to say

>>101516700
right, you enjoy your 100% secure and "self-maintained" OS, have a good day anon, and make sure to check out your window for the flower van every now and then

>>101516708
it is not "100% secure" because i dont implement intelaviv mitigations
actually, it might more secure for that reason because no botnet
i also dont include microcode updates in coreboot

>>101515404
>discord
>privacy
topkek

>>101515167
>i don't get why you say that linux mint has "malware"
a few years ago they got hacked and their iso were infected with malware

Just a straw poll to follow up all the discussions about a secure platform:
do you guys need a blazing fast computer or is safety and security and reliability more important than speed?

>>101518377
thinkpad x230 is all i need
with bga rework to quad core cpu
no more no less

Working on a dead man's switch.
>have to upload a code to server once every N hours
>or else death sequence is executed

>>101518077
That's happened to everyone at some point. Mossad just attacked Mint cuz dev is anti Israel. Who cares. The real problem with Mint is apt. Stable my ass.

>>101518922
>That's happened to everyone at some point.
No, it hasn't. Only amateur distros fuck up security that bad.

>>101518585
So, an in-order no speculative CPU would be fine then?

>>101518977
those can be patched in hypervisor
but i prefer mitigations=off for performance

>>101518967
Yes, it has. Major companies have their websites poisoned all the time. You don't hear about it every time. Mint just happened to be attacked like that. It could have been any other distro. Then again, having a weak website is asking for it. But this reeks of Zion hackers kek. I'm sure a team of hackers could do the same thing to Ubuntu in one month.

>>101518377
safety > speed, I don't play games or do CPU intensive stuff so I don't mind the mitigations hammering down on the performance

>>101519085
>I don't mind the mitigations hammering down on the performance
ngmi
https://desuarchive.org/g/thread/94949666/#94951971

>>101519020
>It could have been any other distro
But it wasn't, because again, Mint is full of amateurs and their security is shit. You don't hear about Debian or Fedora having literal malware in their disc images.
>But this reeks of Zion hackers kek.
You have zero proof that the Mint hack was related to Israel/Mossad.
>I'm sure a team of hackers could do the same thing to Ubuntu in one month.
Sounds like you have a very active imagination. Don't forget to take your meds.

>>101519152
I admit that even if it was leet Mossad hackers, they shouldn't have gotten in so easy. But i also maintain that this could happen to Ubuntu tomorrow.

This might have impact on society and security:
https://joinup.ec.europa.eu/collection/open-source-observatory-osor/news/new-open-source-law-switzerland

>>101514715
>https://www.harvardmagazine.com/2024/07/harry-lewis-computers-humanity
great article, should be required /cyb/ reading

>>101481850
Im applying for a SOC trainee position.
What should i study to impress them hr niggers?

Anyone know how I can use telegram without using my real number? I've seen temporary phone number sites but they're open for everyone to see and I'm concerned that someone could just reset the password

>>101521019
by not using memegram

>>101521028
I understand there's better alternatives but I have to use it for the moment

Is it sensible for me to put my TOTP codes into bitwarden, if I use a different TOTP generator to log into bitwarden itself?

>>101521052
you can view channels without logging in
if you need to talk to someone then just buy samsung galaxy s2 or s3, flash replicant.us without booting into ((google android))
buy cheapest sim, put it in
receive sms
make account
grab hammer
nuke phone

>>101521218
That seems overly complicated, I get this is a privacy general but i'm not trying to do anything illegal or something that requires that much caution, I only really need to use telegram to send a few messages to someone and that's it

>>101521268
if you are lazy
buy cheap sim
put in phone
verify account with new sim
remove new sim and put in old one

buying cheap sim is not hard

>>101521019
I use my Google Voice number

What email providers you faggots use?

>>101523114
no email

>>101523114
Contrarians will sperg out about it but proton is the best option, unless you know how to set up a really secure home server to self host

>>101523114
Does it really matter? When using it for subscriptions and etc, the service will already detect who you are by your credit card.
Might as well just use Gmail and foward shit with Anonaddy.

>>101523259
>Might as well just use Gmail
Good heavens, why!?
Far better then to use a freeshell provider.

>>101523196
someone post the honey bear

>>101523114
Depends on what you want to use it for. Banking? Social media? Gayming? Shopping?

>>101524084
Google emails are high trust

I got a hard drive I want to put VeraCrypt on, but I've never done this before. If I fuck it up, is it as simple as deleting the thing's volume/folder and starting over again?

>>101524665
The gui program has a very clear walkthrough

>>101524292
Do you enjoy feeding the machinery of evil with more food?

>>101524084
>>101524826
NTA but, as long you use IMAP open source clients and multiple accounts for different shit, how can Google manage to track you?

>>101525003
It tracks you by contents, reads what you send and receive, build up data for stylometric intelligence, snoops on all images/documents/attachments you send/receive/store/edit. Everything is grist for the mill.

>>101523114
Tutanota

>>101525056
Yeah but if you're using your email to anything related to your credit card, it will already know who you are. Might as well just use a provider that you know is tracking you than one that is pretending it doesn't.

>>101525619
>coughs in fruit logo

>>101525619
>than one that is pretending it doesn't
Do you think freeshell providers moonlight by selling out their users? big if true.

which password manager?
im tired of having a big encrypted zip file full of passwords.

>>101523114
I use disroot for random trash but I'm still looking for a "serious" provider to use with things that need my real name

>>101525937
I've used Keepass for years. No subscriptions no cloud hosting.
Keepassxc is the best "app" for it.

>>101525937
Keepassxc or bitwarden.

>>101524826
Im exploiting the beast by abusing their services through bot farms

>>101523114
Riseup

File: 1676334231980117.jpg (63 KB, 735x587)

63 KB JPG

self host iredmail on ovh
probably not fedproof, but it's private

>>101528133
>ovh
Tor?

File: 1521856956355.png (43 KB, 650x650)

43 KB PNG

>>101523114
>>101523196
>>101524108
https://encryp.ch/blog/disturbing-facts-about-protonmail/
https://news.ycombinator.com/item?id=29063779
https://arstechnica.com/information-technology/2021/09/privacy-focused-protonmail-provided-a-users-ip-address-to-authorities/
https://www.theregister.com/2021/09/07/protonmail_hands_user_ip_address_police/
https://www.wired.com/story/protonmail-amends-policy-after-giving-up-activists-data/
https://digdeeper.club/articles/email.xhtml#ProtonMail
https://scholar.google.com/scholar?cluster=18327644021252219658

File: 1661261748839882.png (164 KB, 1920x1765)

164 KB PNG

>>101528506
ovh is a VPS provider, yes I also host tor nodes unrelated to my mailserver

>>101528847
based

I heard some anon say a while ago in an unrelated thread that if you stick a credit card in the chip reader, the retailer that you're paying gets told your name by the bank, but that if you use the contactless thing and tap instead, they don't, and you just show up as "Visa Cardholder" or the like, the only thing the store learns about you is if the charge was accepted or declined. Can anyone tell me if this is actually true, and preferably point me to a source on that? In my casual searching on this lots of places talk about security rather than privacy, and the ones trying to sell businesses on contactless payments don't mention the issue, but idk if that's because I'm wrong about this or they just don't want to mention what, to a business, would be a drawback (not learning the identity of your card customers)

>don't use them at all, pay in cash
I do this quite a bit, I'm trying to be clear on how much I'd be giving up if I were to opt for plastic instead

File: DCR_ColinHayEdition.jpg (688 KB, 2499x1461)

688 KB JPG

=================News================
>https://www.bleepingcomputer.com/news/security/greeces-land-registry-agency-breached-in-wave-of-400-cyberattacks/
>https://www.bleepingcomputer.com/news/security/new-play-ransomware-linux-version-targets-vmware-esxi-vms/
>https://thehackernews.com/2024/07/experts-uncover-chinese-cybercrime.html
=================Music================
>https://youtu.be/Bmx2elWoLGw
>https://youtu.be/XpdUTtt-npI?t=302
>https://youtu.be/_mA2vKUzzLQ?t=312

>>101529438
>gets told your name by the bank
Even if the bank doesn't leak your name, the retailer sees your card number, and will surely get your name from a data broker in exchange for metadata (date, time, location, items purchased) from your transaction
Contactless payments through mobile phones have a layer of indirection that conceals your actual card number, but I don't know how this applies to the NFC tap feature common in modern cards

>>101529494
god damnit

>>101523114
Been also asking this question for too long, is it even worth it to use one of those meme providers when youre going to do normie stuff like buying things and paying netflix?

>>101530759
>is it even worth it to use one of those meme providers when youre going to do normie stuff like buying things and paying netflix?
No, it is called threat modeling, you do not need to employ the maximum level of security or privacy if the people you are trying to avoid do not require it, You would be most secure and private off the grind off the internet entirely, and obviously that isn't the goal of anyone here

Is there anyway to strengthen sec when sms authentication is forced?
For example, my bank lets me use a yubikey, but they wont let me remove text message authentication as an option

>>101531222
banks are not secure, dont bother
>>101530759
netflix is not secure, dont bother

File: 1683593799995716.jpg (132 KB, 801x666)

132 KB JPG

does /cyb/ have a preferred password manager?

So I finally got an acceptable job in the field and I'm looking to establish some semi-anon online presence, without resorting to ShitedIn or a public Github.
I was thinking of getting a VPS and buying some poser-y 1337 domain to host a site for blogposting all my box writeups and host my email, but I'm a clueless fag when it comes to web.
How would I go about building something lightweight that would pass /cyb/ inspection?

>>101531246
no password manager
>>101531252
tor hidden service hosted in your house
maybe openbsd httpd running in openbsd vmm

>>101531276
You write everything down?

>>101531351
i dont have any passwords
only public key crypto backups printed on paper encrypted with one time pad

>>101506305
Devices can read your mind wirelessly too so try to live in a remote are and shut down wifi. Stay 1 meter away from copper wires receiving electricity, this includes the SATA cable in your PC because it can communicate with radio.

>>101531562
>Devices can read your mind wirelessly too
I wonder how many really believes this. In reality, MEG systems are SQUID based and places in heavily shielded rooms.

>>101532082
>he doesnt know about the bluetooth mind read exploit

>>101528847
What's the problem?

>>101481850
is TCM Security Academy Practical Ethical Hacking course a good start for newbie to get into cybersecurity?

>>101531246
my brain

>>101532472
>Learn how to hack like a pro by a pro. 25 hours of up to date practical hacking techniques with absolutely no filler.
>No filler guize!!11!!1
>Course is all filler
Just how newbie are you? Just learn about OSI, TCP/IP, nmap, wireshark, aircrack etc by yourself
I mean for 30 bucks a month you can't go wrong but less trainingwheels usually results better learning & understanding. you might scab your knees a few times without training wheels, but you'll end up a better cyclist because of it. Just some more frustration

Does anyone have a straight forward guide a new linux desktop install. I keep hearing about putting a password on grub and such.

I already have LVM-LUKS with secure boot enabled, external booting disabled & BIOS password set-up

>>101533101
top 10 snake oil

>>101533106
Look buddy I'm not as schizo as you I just want my linux install to be comparable to a bog standard windows 10 with bitlocker installation across the board

I'll just do what the audit tool lynis suggests

>>101533183
Might as well put your keys on the TPM if you just want to be equivalent to windows.

>>101533183
>I just want my linux install to be comparable to a bog standard windows 10
linux is not windows
stop crippling your desktop experience
it does not make anything more secure

>>101532351
>privacy email
>not really private
gee booboo, I wonder what the issue could be

Autism is hell of a disorder. He doesn't produce content, he doesn't improve the wikis, he doesn't accept improvements that bring more people to the thread. He just sits on his ass and empty-bumps "his" thread on page 9. What a horrible life. More like nolife, lmao bitch.

>>101533307
Who are you talking too?

>>101533307
>He doesn't
Who?

>>101533323
Frank from the accounting. Retard.

>>101523114
cockmail for le funny names
disroot for personal and serious stuff

>>101533292
It is private. If your IP reveals your identity that's your problem, but the content of the emails is private. No company is going to refuse to give feds your IP address and it's impossible to hide it unless you do it yourself. Every time people try to accuse one of these services of being a honeypot it's just because they didn't magically babysit their opsec for them

>>101533213
I put those on an external hsm

>>101531246
I wrote my own based on openssl and the standard coreutils, work for me

>>101533436
>It is private
no its not and it automatically feeds everything into giant botnet ai

>>101533465
I'm sure it does schizo-chan, I'm sure it does

>>101533517
/x is -> thataway

>>101533517
yeah bro totally not five eyes information gathering honeypot

also thanks for compliment

File: 1718672443265.png (32 KB, 489x348)

32 KB PNG

>>101533436
>If your IP reveals your identity that's your problem

>>101533436
>5 CHF has been deposited to your Proton account

File: 1684203340675582.jpg (99 KB, 800x800)

99 KB JPG

>>101532472
never pay for knowledge, pirate it
eJPT is a good cert to start

>>101534284
but what if we actually exchanged keys
https://man.archlinux.org/man/sq.1.en

>>101533429
>disroot for personal and serious stuff
Emails stored as plaintext

>>101534452
They explicitly state this upfront that it's your responsibility to encrypt them. This isn't an issue for anyone with a higher than room temperature IQ.

>>101534736
>abundance of security vs abundance of convenience
idk man seems like there's no way to get around it
nta btw

local LLM for malware dev?

>>101536191
llama 70b or simply offline copy of msdn docs, reactos, nt pdb

File: osama.jpg (81 KB, 631x895)

81 KB JPG

When did the internet start sucking so bad?
>10 year old me
>can create all the accounts I want for as many emails as I want
>can create Gmails, Yahoo mails, Yandex mails, mail.com mails, and more
>fast forward to 2024
>can't easily create an email without an SMS verification
>I still have a few tricks up my sleeve that still allow me to farm accounts
>proof the system remains stupid

>>Why do you keep feeding the Beast anon?
Because the Beast doesn't want one person to have 1,000 accounts. In reality, I'm benefitting myself at the expense of the Beast. The Beast may get his, but I get mine. And I gain more from this. I'm in control here. I'm on top. This is me exploiting the Beast. Same thing as pirating YouTube.

>>101533583
oh no no no... proton bros... we got too cocky...

>>101532934
Total newbie, thanks for the answer
I don't plan on paying any course since I can always pirate them though
>>101534284
I've already pirated it thanks for the answer though

>>101537717
>can't easily create an email without an SMS verification
such as?

>>101535323
"your emails are encrypted, but we hold the keys" or "your emails are encrypted, and you hold the keys"

which way western man

>>101539410
m8, go ahead and try making a gmail right now without a phone #, protip you can't. You can't even make a Yahoo or a mail.com mail with no phone number. You have to literally use hax. No I won't post which hax, because I rely on them for money and you faggot R*dditors are just gonna go tell on me

File: maxresdefault (11).jpg (139 KB, 1280x720)

139 KB JPG

>arrive to new/vacation home/hotel
How do you ensure youre not being watched?

>>101540719
An EMP bomb, I guess. Too bad there seems to be no working street lights around where I go...

>>101540776
This is how you know someone plays too many games. EMP is loud as fuck IRL.

Are 99% of zoomies/millennials completely fucked by their digital footprint for ever being in politics, etc. or will people just not give a shit eventually?

>>101540980
The elites that are the only ones that have a chance of getting anywhere in politics usually have a tightly controlled social media presence since their youth

>>101540980
What digital footprint? The one I have across the hundreds of random accounts I've made throughout my life? Doesn't work that way. I always made these accounts to give me as little of a footprint as feasibly possible. Of course, you can tell I avoid social media so yeah, I have little to no social power

How to view an instagram story anonymously? I know of apps like Instander with Ghost mode but is there any online platform that uses the same trick and doesn't use bots to view the stories?

>>101541819
Couldn't you just make a burner account with a disposable email?

File: 1721380996309905.png (238 KB, 580x436)

238 KB PNG

What sort of info can apps see exactly? How much of a privacy issue are they? I need Instagram for my job (pro photographer for a company) but I've just been using it through the browser, which is a shit experience and messaging is broken all the time or some things give errors.

How bad is it to just installed the app? I'd have permission for location and camera completely blocked, along with only allowing access to a single photo folder. But I worry about what it can see that I can't control, which idk what could be, but I'm concerned y'know?

>>101541819
Figured it out. A few of the ones online use, presumably, the same tech as Instander etc and don't actually show up as views on stories.

Thanks for the suggestion though.

>>101541503
AI will be able to thread it all together.

>>101540980
I wouldn't be surprised if they are the most suited - the controllable kind, where a man in a suit says you do X or we leak your past where you did/said XYZ

>>101489869
Fucking gay

>>101542556
>AI will thread together my shit
Only in your authoritarian fantasies. Doing this on my scattered footprints would require an unreasonable amount of processing power, and I thought of all that. It wouldn't be able to get anything useful from it. Of course, I don't approach social media like the average person does. I do have like 20 devices, and I use every (effective & practical) privacy technique you can imagine. The AI would need to access like 500 accounts across equally as many databases. And even then it would lead to dead ends. What's the point?

>why would you want me?
That's the thing. You don't. I've obscured myself. You don't need the AI to "thread together" a prominent person.

>but AI surveillance exists
I'm aware, but I don't think it exists like you think. Glowies aren't going to retroactively decrypt all secrets until they have quantum computers actually ready. They're not ready yet.

>politicians
This is the key point. Politicians have no way to avoid a digital footprint on social media, because their power comes from said social media. They have to use the system, and not like I do. Not by exploiting it and bot farming. They have to get popular power on social media. You don't need bloody AI to track them. Their posts are already largely public as it is.

>AI data aggregation
You need God-level access for this btw

File: librewolf-ft.png (88 KB, 800x450)

88 KB PNG

Should I switch to libre wolf? I already have a lot privacy add-ons on Firefox

>>101544322
No, its not really necessary. You can do a good job just configuring Firefox yourself. Sometimes in the past LibreWolf has had a "kitchen sink" approach which has made you more visible at times or opened up issues. Not to mention it, like anything built on Firefox, actually depends on Firefox so its good to have a real assessment of your threat model and not get wrapped up into histrionics the moment someone says
>BUTBUT TELEMETRY
without realizing the difference between proprietary, opaque or nearly so telemetry sent to a for profit data mining operation that's hard to turn off and a FOSS, foundation-based platform that you can easily disable if you wish etc. Even if it was the exact same info (which its not, but lets pretend it was equally innocuous ) one may feel different about granting it to one over the other, given how they'll be likely to make use of it

LibreWolf isn't bad, but putting aside those who are going to act like schizos thinking the NSA is after them for the smallest things, we need to have a serious discussion about treating Firefox/Mozilla like a major problem when they're in an uphill battle against basically unlimited money from Google and, the moment they do even the most innocuous shit to make them some cash that is optional and easily disabled, autists fucks off to their slimmed down fork, dropping user numbers even further and pushing them into a spiral. For those who don't want to fuck around with arkenfox or who would disable certain things anyway okay, its fine to use another forked version but encouraging every rando to a fork is going to end up watching Firefox get farther and farther behind and thus Google wins de-facto dominance of the browser space with Chrome/ium and most other browsers, even FOSS, are simply built upon it (and don't get me started on Electron). MICROSOFT of all people use a Chrome-powered browser and Google (+ cloudflare) is making anything else more tedious to browse

>>101544322
>memewolf
No, stick with Firefox.

>>101540879
I know that, and those using field explosive compression go beyond even that. I had just hoped the irony would have been clear.

>>101544322
I used it for a while, it's a fine browser although there were certain sites it would break no matter what I tried. Very few of those, but there were some.
Nowadays I use mercury, which is even more of a meme browser but whatever, I'm happy with it for now.

=== /sec/ News:
>DEEP-TEMPEST: EAVESDROPPING ON HDMI VIA SDR AND DEEP LEARNING
https://www.rtl-sdr.com/deep-tempest-eavesdropping-on-hdmi-via-sdr-and-deep-learning/
>Deep-tempest has recently been released on GitHub and from their demonstrations, the ability to recover the true image with deep learning is very impressive. From a fuzzy grey screen, they show how they were able to recover clear text which looks almost exactly like the original monitor image.

>>101544322
iceweasel-uxp is better

>>101547064
ah i see so it was reasonable for me to cover my display and keyboard cable after all, i knew i wasnt the insane one!

>>101547484
Video cables are already ridiculously thick, unwieldy and expensive, just for 4K resolution. 8K plus faster networking hubs in the screen will require more.
So when will we get fiber optics? Those do not leak signals unless you abuse the cables.

>>101547689
laptop ones are thin enough
>So when will we get fiber optics
probably never
though could make own one

>>101542655
Welcome to the thread Mr. F. Gay! But you shouldn't disclose your name like that.

https://soundcloud.com/htomari/sets/nec-pc-98-series-boottunes

I'm trying to set encrypted boot up on my Ubuntu installation using section 2.1 from this guide; https://cryptsetup-team.pages.debian.net/cryptsetup/encrypted-boot.htm
I have /boot/efi on /dev/sda1, which is 512MB in size
I have /boot on /dev/sda2, which is 1.7GB in size, which is I think, the partition that would be encrypted.
The rest of the disk is a LUKS2 container where LVM is inside with my root and swap.

When I try to follow the guide, I can't seem to be able to perform the

cryptsetup luksFormat

command on /dev/sda2, which is where I have /boot in my situation. I did unmount the partition, and it is not listed in lsblk as /boot anymore. I also unmounted /boot/efi or /dev/sda1 as suggested.

But I keep getting the error that /dev/sda2 is in use, and that it can't proceed with the format operation, which means that I'm stranded right now and can't continue with the guide... Some suggestions would be very much appreciated.

Some interesting stuff about how North Koreans try to infiltrate the West
>How a North Korean Fake IT Worker Tried to Infiltrate Us
https://blog.knowbe4.com/how-a-north-korean-fake-it-worker-tried-to-infiltrate-us
>Our HR team conducted four video conference based interviews on separate occasions, confirming the individual matched the photo provided on their application. Additionally, a background check and all other standard pre-hiring checks were performed and came back clear due to the stolen identity being used. This was a real person using a valid but stolen US-based identity. The picture was AI "enhanced".
>The EDR software detected it and alerted our InfoSec Security Operations Center. The SOC called the new hire and asked if they could help. That's when it got dodgy fast. We shared the collected data with our friends at Mandiant, a leading global cybersecurity expert, and the FBI, to corroborate our initial findings. It turns out this was a fake IT worker from North Korea. The picture you see is an AI fake that started out with stock photography (below).

anyone have the breached db leak?

File: 4igqSmlUkJJRHYq8KVzozILnn(...).jpg (48 KB, 640x494)

48 KB JPG

>every faggot itt always thinks 5 eyes is out to get them
What level of delusion do you have to be on in order to believe your threat model includes 5 eyes? Nobody here does anything nearly badass enough to piss off fat Mutt internet police. Nobody ITT could root a phone. Do you really think glowies care about your 5TB of loli porn?

>>101549663
There are LUKS-defeating payloads on github for anyone to use

>>101549663
I've got vintage shit here anon, feds would kill to get their hands on my library of lolixandria

>>101549689
This is not the thread where anons would know how. The average age ITT is 12.

>>101549707
Feds don't want your retarded fucking lolis you unironic pedo. They have enough of their own. Nobody cares about you, not even your FBI agent. Not till you actually go out and Joe Biden a kid.

>>101549727
You underestimate me, and the lolilust of feds

>>101549663
What caused this unsolicited revelation?
Gangstalkers belong on /x, get back to your containment board

>>101549737
>thief's fallacy but with a p*do
This is why i hate /g/

>>101549767
This board, right here, has more p*dos than any other one.

>>101549973
More like loli's fallacy lmao

>>101550003
I think what makes me unironically seethe IRL is lollicons convincing themselves that they're not pedos using lvl 100 mental gymnastics. You're still a pedo. The only thing protecting you from being brutally dismembered are the crumbling laws of society.

Loli == pedo

>>101550022
This is what I'll call this falolicy

>>101550034
Yeah act all funny and lighthearted. Only cuz you got home court advantage here, untermensch. I hope you get killed in prison or lynched by a mob.

>>101549663
>Nobody ITT could root a phone
fucking PHONEFAG KYS GO BACK
owning smartphone is for the lowest of the low faggots

>>101550062
I hope you acquire better taste and see the lolight

>>101550081
This retarded schizo again. Rooting means hacking. As in me hacking a pedophile's phone so I can track them down. Not as in me flashing Magisk. Fool. You don't need to have a phone to root your enemy's. Also go back to whatever planet you can live on without a phone please. There's gotta be a thread for building mud huts somewhere.

>>101550090
Doesn't work that way. You were born subhuman, I was not. I'm an actual human being.

>>101550099
>>101550081
>diy is ->thataway
Are we going to actually talk about cybsec or just fondle eachother's balls?

>>101550099
enjoy your armshit malware
keep sucking ALL SEEING EYE COCK
AUGHH I NEED SMARTPHONE TO LIVE

>>101550117
One is not a man until he loves loli tummies

>>101550128
>fondle balls
I would castrate anyone itt for free

>>101550129
>armshit malware bla bla bla
Unironic schizo retard. Faraday bags are like $20 you caveman. Primitive.

>>101550156
>Faraday bags are like $20
oh yes that totally removes all the instruction and binary blob backdoors
enjoy your snake oil LOOOOL

>angry subhumans crawling out from their pedovans

File: 1714866159134745.jpg (111 KB, 800x597)

111 KB JPG

>>101550172
It's called the pedovan because those little monsters lure innocent pedos into it

>>101550168
If you wanna get schizo:
The computer your using also has those backdoors built right into the assembly code on your cpu.
Best you can do is get a custom linux laptop with hardware switches for the mic/camera/wifi

>>101550316
>Best you can do is get a custom linux laptop with hardware switches for the mic/camera/wifi
LEL FUCKING RETARD HOLY SHIT NO WAY
why not just remove the mic and webcam manually? are you a faggot who has never opened up a thinkpad?

>has those backdoors built right into the assembly code on your cpu
SMI lockdown
no microcode updates
own coreboot distribution with no binary blobs
me_cleaner

INB4 GOD MODE INSTRUCTION THAT CAN READ AND WRITE MEMORY
running everything as root
iomem=relaxed
mitigations=off
still cant hack me

>>101550351
Good for you anon
>le hackerman
I'm sure all that tinfoil is necessary

>>101550452
enjoy your exynos backdoor
https://redmine.replicant.us/projects/replicant/wiki/SamsungGalaxyBackdoor
i will point antenna at you and instantly get everything ahahah skid

>>101550465
Yeah and you carefully inspected all that code for backdoors right?
I mean, you'd never just trust something implicitly for being custom right anon?

>>101550504
code of what?
i roll my own coreboot and linux distribution 100% audited with custom patches

my favorite patch is adding findmnt check into sh so if path is noexec you cant run sh malware.sh to bypass noexec flag

anyways that has nothing to do with armshit, armshit can be hacked with antenna, my thinkpad cant hahahaa
my thinkpad also doubles as body armor and offense weapon NIGGER

pentesting vs finding vuln

which skill is better?

>>101551647
far more money in finding a vulnerability

>>101551758
o for REAL HACKING?

>>101551805
yes

>>101551758
>one time payment

>>101551839
This is false. Businesses like NSO Group have managed to scale vulnerabilities to multiple uses and payments with different clients

>>101551901
these are hoax to make you think you need "privoocy" and that foreign hackers are threat so we need more surveillance laws

>>101540679
I just made a new protonmail and gmail account last night

I'm in Canada, and the only thing I ever needs numbers for was dating apps.

I bought a second burner sim for believing that same thing as you in the past, and never used it. Made a Insta account for scraping, and almost got banned, but didn't. No #. kek

>>101550351
>SMI lockdown
>no microcode updates
>own coreboot distribution with no binary blobs
>me_cleaner
>INB4 GOD MODE INSTRUCTION THAT CAN READ AND WRITE MEMORY
>running everything as root
>iomem=relaxed
>mitigations=off
>still cant hack me
The fact that you don't think you can be hacked shows what a retarded faggot you are.

>>101552811
dont forget to list your favorite anti hack snake oil

>>101550530
>armshit can be hacked with antenna
No it can't. You can't do shit to my Lineage device where I control the firmware. I can just encrypt the firmware if I want, and then my corresponding devices won't run. Do you like, actually think x64 is better than arm?

>>101552831
>anti hack snake oil
See, you're also dumb. Because it's quite possible to secure an arm or an x64 so that even glowies won't be able to get in. That's the entire point of /g/ after all. So that pedophiles can try to make their devices unhackable, preventing anyone from discovering all their child porn.

>>101552849
>You can't do shit to my Lineage device where I control the firmware. I can just encrypt the firmware if I want
LEL WHAT A RETARD KEKKK
modem firmware is non free
you dont have access to it
it is IP and will never be released

>lineage
nice GOOGLE android fork with 200MB GOOGLE binary blobs
SO SECURE AND UNHACKABLE YOU CANT DO SHIT!!!!
*antenna zzzbzbzBZzbzbz*
thx for your informations

>actually think x64 is better than arm?
i dont think, i know
arm manual is longer than x86_64
arm is full of IP, there is no free firmware for amshit
enjoy your botnet

>>101552893
>arm or an x64 so that even glowies won't be able to get in
arm has antennas on motherboard pcb, everything is part of the motherboard
you dont make arm "secure" its full of hidden debug instructions

look at kaspersky how secure iphone was for them

>>101552907
>modem firmware is non free
>you dont have access to it
>it is IP and will never be released
I can still access and delete it kek you fucking faggot, not to mention RE it. Or how about having an ARM tablet with no modem? Ever thought of that?

>>101553128
>I can still access and delete it kek you fucking faggot
HOW THE FUCK DO YOU DELETE SOMETHING OFF OF THE MOTHERBOARD HOLY SHIT NO WAY YOU ARE THIS FUCKING RETARDED

THERE IS BLACKBOX ON YOUR MOTHERBOARD WITH 24/7 ANTENNA AND SUSPICIOUS WAYS TO ACCESS MEMORY AND YOU KEEP DEFENDING IT KEK RETARD

>Or how about having an ARM tablet with no modem?
doesnt change the fact that arm IS NON FREE MALWARE, ALL FIRMWARE ARE IP BLOCKS, YOU FUCKING RETARD
I DONT WANT A SMARTPHONE
STOP TRYING TO SELL ME ONE GOOGLE SHILL

>>101552923
If you're trying to tell me that phones are full of holes, I'm aware. You don't actually need to attack my phone's mobo btw. You could just attack the firmware. Here's the main problem: in order for someone to pwn a SnapDragon ARM like that, they have to be pretty l33t. Not that many people who can do that out there. And none of them care about me. Besides, a full pwn still wouldn't do shit to me because my important data is encrypted at rest using a custom cipher. So even if you pwn all my shit you'll still have to bruteforce my encryption keys. Not talking about hardware crypto which glowies can bypass. I'm talking about encryption at rest on the disk. Glowies still can't break that.

>your mythical glowie boogieman and his squad are summoned to hack me because I shitposted too much
>he manages to get near me with an antenna
>hacks my phone's motherboard using some kind of hidden instruction payload voodoo
>still can't touch /sdcard/.encrypteddir/*
>has to bruteforce it, if able to exfil it
>meanwhile i probably notice strange network activity and CPU activity
>turn off phone until I can safely backup and reset

Not to mention that your magic antenna's range would be pretty short, it would get stopped by a faraday bag, and also i could always just rip the fucking antenna out if i really cared enough.

>what about the WiFi chip
There is an actual attack vector. Glowies have backdoors into like, every 802.11 card. But again, root or Lineage allows you to just nuke your WiFi drivers if you want.

>>101553372
>in order for someone to pwn a SnapDragon ARM like that, they have to be pretty l33t
there are basically monthly exploits
100% of old phones are vulnerable

>nuke your WiFi drivers if you want
doesnt change the fact that pci has DMA

>a full pwn still wouldn't do shit to me because my important data is encrypted at rest using a custom cipher. So even if you pwn all my shit you'll still have to bruteforce my encryption keys
oh no
get root -> persistence
24/7 wait
hook decrypt function and network key

>>101553286
I dont want you to buy a smartphone. I don't care about you, so i don't want to convince you of anything.

>bla bla bla baseband black box
The implementation of this black box depends on the phone itself. On some phones, you have access to it, and you can even disable baseband pings. Also, if you have root, you can modify or remove the blobs that bridge your OS to the baseband. This doesn't always disable the baseband completely, but it can fuck with spyware that depends on the blobs you just deleted. Also, again: just get a tablet with no baseband if you're that worried. Or get one where you can control the baseband (yes they exist). If you're a good enough hacker, you can make your phone glowie proof.

>>101553429
>monthly exploits
You mean monthly vulns. A sploit is not the same as a vuln. 100% of devices are vulnerable: new or old.

>baseband has DMA
This isn't the fault of ARM. This is the fault of the faggots who build basebands and phone motherboards.

next one up
>>101553525
>>101553525
>>101553525

>>101553512
>100% of devices are vulnerable: new or old.
yeah but thanks to the modems its doable remotely, in x86 its just stupid local memory access leaks

>This isn't the fault of ARM. This is the fault of the faggots who build basebands and phone motherboards.
maybe one day we will get rid of usb and pci meme for good

>>101553609
Look, we need to come back down into reality. Glowies aren't as smart as the retards here give them credit for. They can't even stop Trump from getting sniped. They're D U M B !!! Especially the American ones. And i can guarantee that they would not attack my baseband like that. They have 1000 better attack vectors in any given situation. Hell, they could just hijack the Bluetooth stack with hidden instructions. Why do small-time pedos ITT think they're important enough for glowies to use top secret experimental hacking techniques on them? And why do these pedos think that the glowies would attack with all this crazy shit, when they have much more practical ways to pwn you?

>>101553737
>They can't even stop Trump from getting sniped.
kek that was an obvious glowie psyop

>>101553787
>everything is a psyop
You're unironically as annoying as the goddamn fucking pedos. You're just a deranged, delusional, schizophrenic broken clock. Even if you end up being right one of these times, it's not because you're wise. It's because you're a broken record player. Dumb as a brick.

File: fast man sculpt 5.jpg (52 KB, 1920x1080)

52 KB JPG

Posting at the end of a dying thread so it doesn't stick around for too long
I learned to sculpt and I'm making character models for The Movie (you know the one)
Posting progress on /3/
>>>/3/984037