Thread replies: 65
Thread images: 4
Thread images: 4
Anonymous
/bootbg/ - Break Out Of The Botnet General 2017-03-18 10:14:42 Post No. 59468306
[Report] Image search: [Google]
/bootbg/ - Break Out Of The Botnet General 2017-03-18 10:14:42 Post No. 59468306
[Report] Image search: [Google]
File: Botnet.png (258KB, 800x450px) Image search:
[Google]
258KB, 800x450px
Don’t Believe The Memes Edition
>What is this?
/bootbg/ is for helping people break out of the botnet, whether that involves advice on switching from Windows to GNU/Linux,
or giving recommendations for free alternatives to proprietary software
>Why should I care about the botnet if I'm not a pedophile or terrorist?
https://www.aclu.org/blog/you-may-have-nothing-hide-you-still-have-something-fear
>Resources
Free Software Directory: http://directory.fsf.org/wiki/Main_
>What browser should I use instead of Google Chrome/Microsoft Edge/etc?
Firefox and all of its flavors: turn off safe browsing and configure about:config to look something like this: https://github.com/pyllyukko/user.j, or just use IceCat.
Other suggested add-ons: HTTPSEverywhere, Ublock, Umatrix, libreJS, Privacy Badger, HTTP by default, No Resource URI Leak, HTML5 everywhere, Canvas Blocker, Decentraleyes, Certificate Patrol
or use Iridium or ungoogled-chromium if you like Chrome more than Firefox, suggested plugins: Ublock origin, HTTPSEverywhere, Disable Java By Default
>What search engine should I use instead of Google?
Startpage, ixquick, or searx
>What should I use instead of Google Drive/OneDrive/Dropbox?
Owncloud, Nextcloud, Syncthing, Rsync of SFTP, depending on if you want to sync files across devices or have them hosted on a “cloud”
>Anti-Botnet activism of the day:
>Recently in the Libreboot project, we've been informed about the new Ryzen platforms being released and sold by AMD. They are currently taking input from the community. Here are ways you can contact AMD to tell them that you demand libre hardware:
https://www.reddit.com/r/Amd/comments/5x4hxu/we_are_amd_creators_of_athlon_radeon_and_other/def5h1bb
https://community.amd.com/places?filterID=all%7Eobjecttype%7Espace
https://www.amd.com/en-us/who-we-are/contact (has contact links for multiple countries)
AMD's CEO, Lisa Su, can be contacted directly via email. Tell her that you demand libre hardware: [email protected]
>>
>>59468306
oops, forgot
previous thread: >>59431080
>>
>>59468306
/boob/ would be a better name
Also this:
https://archive.fo/7Z9gV
http://www.citypages.com/news/edina-police-ask-for-whole-citys-google-searches-and-a-judge-says-yes/
>As detailed in a report from Tony Webster earlier this week, a Hennepin County judge has granted the Edina Police Department an extraordinary degree of access to citizens' Google history, as cops attempt to crack the case of a wire transfer fraud.
>>
I've tried.. but I'm just so dependent on the cloud for uni.. also for convenience.
I like being able to access all my stuff from all my different devices.
Onenote is such a life saver, I don't know what non-botnet stuff I could use.
>>
I want to try some of this someday, but sadly I have a few email accounts with Google that I simply can't get rid of because I use them with hundreds of accounts.
Also there is no real way to fully escape the botnet because if you're connected to the internet that is enough.
>>
>>59468306
If I use Tails inside of Qubes OS on a libreboot laptop am I de-botnetted?
>>
>>59470888
Tails OS is supposed to be booted from a USB.
>>
cool thread, have a bump.
posting from a eeepc 701 archbang machine that dont need no cianigs
>>
>>59470915
Yes but you can run it in VM inside qubes. Qubes it meant to run each application inside a separate VM.
>>
>>59470929
I heard that you shouldn't use it inside a VM because it can leave traces in the memory or something.
>>
>>59470929
how intensive is qubes? can older machines run it ok
>>
>>59470946
The Host OS can still spy on you. But If you trust the host OS its fine.
>>
>>59470967
It's pointless though.
>>
>>59470975
Why?
>>
>>59471041
Because there is no added benefit.
>>
>>59471049
Except TOR and a hardened OS. Also isolation.
>>
https://arstechnica.com/security/2017/03/hack-that-escapes-vm-by-exploiting-edge-browser-fetches-105000-at-pwn2own/
Just read this and its interesting.
>>
>>59468306
Given Rust is less exploit prone than C, and given a lot of OS related exploits rely on bugs/ flaws in C compiled programs, isn't Redox safer than GNU+Linux, *BSD, OsX, Windows by construction? And even if it uses some C libraries, its attack surface should be smaller? Moreover, are there some proof of concepts of exploits on Rust based programs?
>>
>>59470955
If you've got virtualization extensions for your CPU it will run a lot better. It needs much more RAM than a normal OS.
>>
>>59470791
You could begin your migration using gmail's auto-forwarding, so that you can funnel everything into a safer account, then eventually start closing the gmail accounts when acceptable.
>>
>>59472556
Then the other problem is that Proton or Tuta can go out of business anytime and you're basically fucked.
I really only have two gmail accounts that I need. The first one has so many accounts that it would be impossible to migrate. How bad would it be to stick with just one account?
>>
>>59472587
Running your own mailserver on your own domain hardware is the best solution. I've been running into problems with mine where bigger name mail providers like yahoo have been blocking my emails due to being identified as "spam" now. Its looking like any lesser known domain or IP is being discriminated against now to further expand the botnet.
>>
>>59472615
Yea that doesn't sound good at all, also don't want to go through the trouble of hosting it.
>>
Is Apple a botnet?
>>
>>59472628
Yes.
>>
>>59472623
Its nice if you have dedicated hardware that can stay online all the time. I used to use a raspberry pi to run mine, but I recently bought a Poweredge 1U server, so I migrated the mailserver there since it doesn't take up much of the resources on it anyway.
>>
>>59472649
How easy is it to set up and maintain? Do I have to worry about anything? I don't want to expose my network to the world.
>>
>>59472632
Do I need to replace my OS? because airdrop is pretty handy. I use safari because it's convenient and aesthetic, but could easily switch to firefox if I have to, where are the problems?
>>
>>59472649
Can you hook me up with detailed instructional material?
>>
>>59472672
No normie, get back to your apple and fuck off /g/
>>
>>59472662
postfix and dovecot can be a bit tricky to configure, especially if you want all the nice security features like StartTLS. As far as security goes if you configure everything properly and run the daemon in a chroot jail (or a VM which is even better) then you don't have much to worry about, while you do have an extra open port, its going to your server only. You're going to want to set up spam blocking software though.
You could also use sendmail, but I prefer postfix
>>59472702
Arch's postfix wiki page has a lot of useful info:
https://wiki.archlinux.org/index.php/Postfix
More info about getting TLS support:
http://www.postfix.org/TLS_README.html
The postfix documentation in general is good to go over as well:
http://www.postfix.org/documentation.html
>>
>>59472746
>apple users don't exist on /g/
>normie
Got any proof of that penguin fucker?
>>
>>59472672
Apple has plenty of tracking and telemetry built into the OS. If you're not on free software like Linux or a BSD then you're probably being tracked.
>>
>>59472807
>Shill for apple
>Not an homosexual
Yeah you're a proven faggot for sure.
>>
File: Screen Shot 2017-03-19 at 5.18.47 PM.png (203KB, 1600x860px) Image search:
[Google]
203KB, 1600x860px
>>59472819
Well technically Apple don't charge for their operating systems, but yeah I imagined they had some sort of tracking. Just is there any evidence of what they are tracking and from where? Because Microsoft made it pretty obvious they were going full shill when they installed Candy Crush on everyone's computers, and Google has always been a botnet anyways. Pic is my network connections, I'll assume that all botnet processes are running as root?
>>
Run wireshark on MacOS and see what comes up. If you start it on a clean boot, and have nothing else running and there are still connections to an from apple, then they are probably doing some kind of telemetry or tracking.
>>
>>59473086
>Apple don't charge for their operating systems
>Being this dumb
FREE means FREEDOM not free pricewise.
>>
is tresorit and spideroak recommended for cloud sync/storage?
own/nextcloud is ass
>>
why isn't duckduckgo on the list of search engines?
please don't bully
>>
best extensions for chromium?
>>
>>59468306
Hi there. I'm considering switching from windows to linux. Mainly, not because of botnets (although its one of the reasons too), but windows isn't good for productivity. I want to limit myself from games, and other entertainment, to do something more productive with my life, like learning to code and stuff like that. I already have some experience with Linux, and i'm okay with the idea of using a terminal.
Thing is.. I find it so goddamn difficult to break out from all the shit I can get on windows. Also I'm way too used to it. Anyone else have this feeling or went trough it?
How do i break out of this?
Don't meme me please, I'm genuinely curious.
>>
>>59475757
Are you me?
>>
File: 1489251648132.png (3MB, 1701x8000px) Image search:
[Google]
3MB, 1701x8000px
>>59474682
FuckFuckGo
>>
>>59476601
DickButtNo?
>>
>>59468306
>https://github.com/pyllyukko/user.j
Link is wrong OP
>>
>>59468710
Underrated post
>>
>>59476282
maybe
>>
Fuck off mudshits
>>
>>59468710
Seconding change to boob
>>
>>59475757
do you have an old computer lying around? I was very much like you a while ago. I had been given a Raspberry Pi as a gift so for the hell of it one day I decided to install Arch on it. I started liking it a lot but felt limited by the Pi's hardware, so eventually just installed Arch on my main computer, and I already knew my way around it/which programs to use cause of the Pi experience. I'd recommend doing something like this to start getting yourself used to the idea
>>
>>59468306
>don't know anything about vault7 thread.
Everything is botneted from loonix to your CPU.
>>
>>59478408
>Just give up goy, we've already won
The only hardware exploits I saw were in phones.
Linux had only two applicable exploits if I remember, and they were for libraries that are only used in userland and had no privilege escalation ability.
Also Asange has been working with the providers of the affected software to release patches for the exploits.
>>
NoScript or uMatrix?
>>
>>59480462
uMatrix. It's way more powerful, and your exceptions can be domain-specific.
>>
>>59480486
Thanks for answering.
Is uMatrix lighter than NoScript?
>>
>>59480514
I believe it is, but can't really say. Haven't used NoScript in years.
But try it out. It's light as fuck, and makes the pages way lighter.
Ah, but be warned: it has shitty defaults. It's best if you turn everything off, and then just allow 1st-party domain CSS and images. Or all CSS and images if you're not paranoid enough and can't be arsed to turn them on all the time. But leave everything else off by default, and then just turn on what you need when you need it, and add exceptions for what matters.
Pic related. My 4chan exceptions. Ignore the colors, they're the result of Pale Moon's Advanced Night Mode.
>>
>>59480647
Appreciate your answer anon, I'll try it out.
And crap, I really need to understand what all these do, only know about HTML,CSS and Script.
>>
>>59480706
"Cookies" are pieces of data stored in your computer and read by the site. For example, it could be a user account token - which also means you need cookies on on sites you log in.
"CSS" is the stylesheet, but it could well be generated by a script that does other shit in the background.
Same with "Image"s. Hence why I only turn them on 1st party-wise.
"Plugin" means shit like flash and java and whatnot.
Script means javascript.
"XHR" means xml http request. In other words, ajax - javascript requests to load more shit from the server than the initial page load. The difference is, "script" blocks/unblocks changes on the already loaded page, while "xhr" blocks/unblocks requests for more data after the page has been loaded. For example, the comments in youtube are XHR, or if you use a 4chan autoupdater, whenever it updates, you're doing an XHR.
"Frame" refers to pages that have other pages inside. For example, pages with youtube videos embedded have a youtube frame. By the way, you need to turn frames on whenever you start a thread now, because it doesn't let you use the old captcha style, and the new "click the shit" style is called into a frame.
"Other", refers to, at least, multimedia.
>>
>>59470888
Yes, since you used three negatives. If you decide use a fourth conception you would get mega botnetted by the double negative rule.
>>
>>59468767
I know what you mean, Syncthing works wonders for me though
Do you have like a lab/office-only computer or do you have all your computers at home when you're there? If so you should check out Syncthing
>>
>>59468710
I like /BSAD/
Broken software all day.
>>
>>59480849
Goddam I am happy that I've found this thread.
Thanks for your replies, they're really infomative and educative.
>>
>>59476601
thank you anon
>>
>>59471063
Qubes includes Whonix templates with Tor Browser installed. Why would you run Tails instead?
>>
>>59482320
Glad to be of help.
I myself was helped yesterday, when I needed to migrate from Firefox because they dropped ALSA support on Linux, and after discussing it here and testing a bunch out, Pale Moon (which, funny enough, I'd quickly tested and ignored before making the thread) turned out to be perfect for me. >>59461308
Thread posts: 65
Thread images: 4
Thread images: 4