Thread replies: 62
Thread images: 8
Thread images: 8
Anonymous
How can I make myself hack proof? 2016-09-04 13:51:59 Post No.
[Report] Image search: [Google]
How can I make myself hack proof? 2016-09-04 13:51:59 Post No.
[Report] Image search: [Google]
File: 1472588880789.jpg (314KB, 1024x768px) Image search:
[Google]
314KB, 1024x768px
How can I browse web without getting traced?
>inb4 Tor
>>
>>56420889
Use Tor Browser
>>
>>56420889
The answer is tor and a proxy or two.
Use proxy chains with tor and another proxy. After three proxy hops you are virtually untraceable.
>>
>>56420889
>hack proof?
if you're on Windows: mountvol C: D:
if you're on GNU/linux: sudo rm -rf
>>
Tor
>>
btw nsa can easily hack tor websites and inject a 0-day javascript code to find your ip address but anyway, use tor.
>>
>>56420889
Tails OS
If you're the retarded type to sign in to your Google account while using Tor or Tails. don't even bother.
>>
You dont, any evidence that isnt some kind of indicator to act immediatly is just recorded for later. You cant touch the internet without getting logged.
>>
air gap
>>
>>56420910
You need 7 tho
>>
>>56420910
Is there any way to do this without having a 2 minute ping?
>>
>>56421845
Be the POTUS.
>>
>>56420889
Disconnect yourself from the internet. Better unplug it and isolate it from the power adapter and put it into a safe, just to be on the safe side.
>>
I2P
>>
>>56421301
i would never do that
>>
File: 11232126_1622545548002904_7507110597872195070_n (1).jpg (20KB, 371x371px) Image search:
[Google]
20KB, 371x371px
>>56420889
USE RANDOMLY GENERATED PASSWORDS
USE A DIFFERENT PASSWORD FOR EVERY WEBSITE
>>
>>56421845
This is only needed for important shit. You don't really need to worry about your anonymity when using facebook or youtube or playin' your online computer games
>>
send each individual packet through a different bridge
make packets that just swim through the network in circles
>>
>>56421262
JavaScript blocker?
>>
Logless VPN.
Or buy a VPS, set up a VPN to run on a RAM disk, give it to select people to use or keep it to yourself.
No logs is as safe as it gets.
>>
>>56425685
But poodlecorp will change your video titles to their Twitter handle!
>>
Unhackable? Dont use the internet, doesnt matter what placebo shit you use, as soon as you join a network you are hackable
>>
>>56425698
yeah goodluck with that. by the time tyour full request has made its way, your fridge will be empty, your cat will starve and your waifu will have 2 kids. Nice idea anon
>>
>>56421262
what kind of retard would allow javascript when using tor ?
>>
Unplug your internet connection
Unless some organisation like FBI/NSA is after you, move to Russia and hide.
>>
File: 1468385251925.jpg (14KB, 600x338px) Image search:
[Google]
14KB, 600x338px
>>56425725
>>56420910
HOW CAN THIS PROTECT AGAINST GETTING UR PASSWORDS CRACKED?
>>
>>56422937
This.
The only way to be hackproof is to not be connected.
>>
File: pa766.jpg (60KB, 750x500px)
60KB, 750x500px
>>56421226
>>56421635
>>56422976
>>56425843
>>56425999
>>56426080
>>
>>56420889
Rotor browser
>>
>>56425722
>>56425976
is javascript on by default when using tor?
>>
>>56426290
the tor browser bundle comes with noscript by default.
if you've set up tor manually, you have to deactivate javascript manually
>>
File: 1466598860598.png (146KB, 947x436px) Image search:
[Google]
146KB, 947x436px
>>56426128
>Rotor browser
does it run faster than tor?
>>
>>56426392
It's a fork of tor browser, i'm not sure.
>>
>>56421845
you can write malware using your own 0 days, when you have lik 1k machines infected online at any time, you can write algo that will use few randoms zombie as your proxy
I wonder if somebody actually use something like this
>>
>>56426047
Have a strong password. Use a good password manager, and your passwords won't get cracked.
Don't use the same password for everything.
>>
File: 1464338502932.jpg (35KB, 493x387px) Image search:
[Google]
35KB, 493x387px
>>56429108
>pc gets compromised
>master password stolen
>everything you own is hacked
who the hell uses password managers?
>>
>>56430164
This is why I'm considering switching from password manager to password algorithm
>>
>>56430164
Good luck stealing my yubi.
>>
>>56430200
Don't leave home without it. Snowden approved.
>>
>>56420889
>without getting traced
Use Subgraph OS
https://subgraph.com/sgos/
Be Jason Bourne and move around constantly, never connecting from the same location > X times (and never using the same MAC (wireless/ethernet)).
Tor does not completely provide anonymity, every single Blackhat/Defcon presentation warns about this for a number of reasons. Be mobile.
If whatever you are doing brings in a lot of money, and could mean you serve +5yrs in prison you should consider moving to Russia/Crimea/Brazil/Venezuela or other country with no extradition and not rely on Tor.
>>
>>56430164
You can combine your master pw with a file required to open the program as well.
I see your understanding of this is purely conceptual.
>>
>>56430200
Fine for everyday business use, not good for illicit haxx0r use since you are walking around with evidence proving you are the other half of a container of passwords full of incriminating evidence.
>>
>>56420889
>How can I browse web without getting traced?
Don't use the Internet.
>>
>>56426349
But noscript still pulls in all the js in a page to the parser then blocks it, so you are still trusting a parser.
It's much easier to just disable js completely
>>
>>56430346
>Fine for everyday business use, not good for illicit haxx0r use since you are walking around with evidence proving you are the other half of a container of passwords full of incriminating evidence.
Who the fuck said anything about haxx0ring? Using a Yubikey makes password manager next to impenetrable, which is what the reply to >>56430164 implied.
>>
>>56420889
We have a wiki for a reason, m8.
https://wiki.installgentoo.com/index(.)php/Anonymizing_yourself
>>
>>56430385
Almost impenetrable unless of course they have persistent spyware inside your GPU that simply reads the screen output and has privileged access to any IO/device on the system since GPU/hardware is trusted implicitly on any modern OS and completely out of the security model. Could even render false screens to the user to grab pasted credentials.
>>
>>56430426
Good job the Yubi key defeats everything you mentioned. Go read up on it boy.
>>
>>56430454
The problem with both Yubi and Nitro is that pin entry is by keyboard, not a secure pinpad.
Their servers were also vuln to a replay attack they tried to downplay. I've been disappointed in Yubico since I saw their advisory downplaying the bug in the original OpenPGP support which meant it didn't require a PIN to perform crypto operations (and of course, this can be done over the NFC interface too). https://developers.yubico.com/ykneo-openpgp/SecurityAdvisory%202015-04-14.html
They also are using proprietary since a few months ago https://plus.google.com/+KonstantinRyabitsev/posts/4a7RNxtt7vy
Why the fuck is anybody still using Yubikey, it's the definition of security theatre.
>>
>>56426392
I'm also stupid but at least I can guess for sure is not a brower "issue", picture yourself in 7 different stores buy only in the 8th, then visit another 7 stores before go home.
It'll take you a bit more time than just order online straight to your router
>>
>>56430524
Forgot to add, people can build their own openpgp card if they want https://www.makomk.com/2016/01/23/openpgp-crypto-token-using-gnuk/
But again you have the same problem.
a) badUSB malware (using any usb hardware for verification)
b) entering the password via peripherals that are easily owned and not some kind of specially designed pad to prevent snooping from any common persistent spyware that lives in your ethernet/GPU/bios that is above the kernel protection scope and thus able to read at will what you're doing, and yes this stuff is for sale right now to both FBI/criminals.
>>
>>56430524
>>56430597
Hmm quite. The problem though is you're assuming the absolute worst case scenario based on highly specific vulnerabilities. It's already known if your box is owned, so are you. You're effectively rubbishing the higher security the yubikey offers securing password managers (compared to just password/phrase), just because it isn't a perfect solution i.e. a nirvana fallacy. There never will be a perfect solution.
We're not high value NSA or mossad or even fed targets here worthy of a bunch of zero days or targeted exploits; are you?
>>
>>56430340
Can't malware just copy your key file when you insert it?
>>
>>56430597
>Forgot to add, people can build their own openpgp card if they want https://www.makomk.com/2016/01/23/openpgp-crypto-token-using-gnuk/
Nice. Thx
>>
File: 1465069119782.gif (1MB, 350x350px) Image search:
[Google]
1MB, 350x350px
>>56427304
>hack the other guy to hide from the other guy hacking you
>>
Buy a macbook, you can't get viruses
>>
>>56430668
>We're not high value NSA or mossad or even fed targets here worthy of a bunch of zero days or targeted exploits; are you?
This.
It irritates me the amount of comments that go :
>But if the NSA + Google + your ISP combined really want to get you then your security measure X is worthless ! Might as well use Chrome on a botnet OS with chinese hacked hardware.
>>
>>56430164
has yet to happen to me or any of the people I know, ever
>>
Whats the best encryption software?
>>
>>56426123
Papa Franku, please ask ChinChin to nuke those kids at least from /g/
>>
>>56420889
lol, fucking anakata
>>
>>56430597
>b) entering the password via peripherals that are easily owned and not some kind of specially designed pad
I'm a contractor for a large metropolitan law enforcement agency and they use a scramble pad.
Why not make a software interface that scrambles a virtual keyboard on screen.
Thread posts: 62
Thread images: 8
Thread images: 8