Thread replies: 392
Thread images: 37
Thread images: 37
File: Screenshot_20170414-143535.jpg (309KB, 1044x978px) Image search:
[Google]
309KB, 1044x978px
Windows once again proven to be a NSA botnet. Install gentoo
>>
>>59890993
Really makes you think.
>>
File: 1399394030471.png (4KB, 375x237px) Image search:
[Google]
4KB, 375x237px
5 days until Patch Tuesday :D:D
>>
Even more reason to use Windows 10.
>>
but muh gaymes
muh pirated Photoshop
muh 30-year old appz
>>
Just don't connect to the online
>>
File: 1432330739292.jpg (20KB, 480x360px) Image search:
[Google]
20KB, 480x360px
holy fuck this is gold
>i-i-i-its not l-like i need a s-s-ecure computer anyways
>>
QUICK BAN ENCRYPTION
>>
>muh secure government backdoors criminal will NEVER EVER use
>>
Xubuntu mustard race
>>
Should i dc my computer? On 2016 LTSB, fully updated.
>>
>>59890993
>really bad
>using windows
they come hand in hand, whether or not snowfag is involved
>>
>i don't care if the government has access to my files, i can trust them
>>
It's not like the CIA and NSA have exploits (released and unreleased) for linux and mac anyways, r-right?
>>
So you're saying I should drive home and dc my windows desktop? Or can this wait a few hours?
>>
The hacking tools, in general, only affect up to, or specifically on, Windows 8 and server 2012. Windows 8 users are in trouble (>using 8). Windows 10 should be safe from these tools. This thread will just end up being a Windows hate thread and Linux dick wanking.
>>
>>59890993
>install gentoo
It also it's a NSA botnet.
Stop using computers, anon.
>>
>>59890993
At least NSA and CIA fight for freedom and democracy.
>>
>>59891267
bait/10
>>
>>59890993
Fuck off you mentally ill liberal with your russian traitor
>>
File: 1437958505958.png (226KB, 620x670px) Image search:
[Google]
226KB, 620x670px
>>59891226
>It also it's a NSA botnet.
>i'll just post made up bullshit to feel better about my decisions
>>
File: 101915-ap-lohan-over-the-years-45-img.jpg (60KB, 529x700px) Image search:
[Google]
60KB, 529x700px
>>59890993
Windows is a piece of shit.
>>
>>59891304
>it's not a botnet, a fat smelleing kike says it!
>>
>>59891322
>le evil joos
Nice try NSA
>>
>>59890993
I sure hope none of these MS computers are connected to routers with default passwords and IoT devices.
Strap in boys, we're about to see some serious shit (I hope).
>>
>>59891337
>kike detected
Only kikes make fun of the kike meme.
>>
>>59890993
>tfw Windows is compromised
>tfw Linux is also compromised
>tfw BSD can't into games.
>>
>>59891372
opebsd had an fbi backdoor for years
>>
>>59891362
>NSA shill on damage control
>>
>>59891393
FBI Niggers.
He was right again.
TempleOS for best OS.
Can't hack it if it doesn't have tcp/ip.
>>
I'm just gonna unplug my computer until patch Tuesday.
>>
>>59891393
Epic maymay
>>59891407
>Yes, goy, use linux, your privacy is safe, hehehe
>>
>>59890993
Windows leaked the hacking tools themselves to scare people into downloading the Windows 10 Creators Update™
>>
>>59891420
>state of windows users
>>
>>59891420
>implying it won't introduce another backdoor
>>
File: kaspersky.jpg (43KB, 577x420px) Image search:
[Google]
43KB, 577x420px
Russians and Chinese save the day once again.
When will you faggots learn not to trust American software and antivirus software?
>>
>>59891442
Linux was made by a pure aryan, Linus Torvalds.
>>
>>59891225
Nice source man
I can smell the poo stained hands from here
>>
>>59891475
And was cucked by a Jew, as a pure aryan.
>>
>>59891393
Nice FUD
>>
>>59891499
You don't need GNU for linux save for gcc
>>
Use OSX so you can run the proprietary stuff you want without NSA/Windows.
>>
>>59891563
You are a mentally ill liberal
>>
>>59891479
Fuck off mentally ill liberal scum
>>
LOL who cares Linux is trash
>>
>>59891701
Exactly, it has no games.
>>
File: IMG_0012.jpg (1MB, 2592x1936px) Image search:
[Google]
1MB, 2592x1936px
>>59891587
Not true, I take my medicine :(
>>
>>
>>59891737
>t. nsa shill
>>
>>59891747
Well it was fun while it lasted.
>>
>>59890993
There's a reason why the NSA and CIA nigglets use hardened RHEL internally and not Winshit.
>>59891027
Really waltzes your walnuts.
>>
File: 1492198094561.jpg (1MB, 2592x1936px) Image search:
[Google]
1MB, 2592x1936px
>>59891719
Oops
>>
>>59891027
>>59891076
>>59891097
>>59891110
>>59891127
>>59891131
>>59891143
>>59891154
Bill Gates is the antichrist and werks closely with NSA//MOSSAD for installing Shaytan in Tel Aviv.
NWO
W
O
fuck microsoft shills
>>
You should upgrade to Windows 10 a.s.a.p
>>
File: shekel.jpg (49KB, 400x400px) Image search:
[Google]
49KB, 400x400px
>>59891225
>>
>2017
>still using computers
Wake up, anon, luddism is the way be free.
>>
>>59891267
gas your life
>>
>>59891847
fucking faggot
>>
>>59891871
yes goiym a:S.a:p
>>
>>59891855
Installing shaytan? What? Do you mean evil or did you just brain fart?
>>
>>59891916
SHUT IT DOWN
THE GOYM KNOW
-----------------------------------8<----------------------------
GREAT !! YOU ARE THE 6000000 VISITOR
AND YOU CAN WIN A "FREE" SUBSCRIPTION
TO BLACKED.COM RIGHT NOW !!
YES, IT'S "FREE" AND YOU JUST HAVE TO
LEAVE ANTISEMITIC FORUMS ALONE BY
FAPPING AT CHEAP BLONDES FUCKED HARD
BY ILLEGAL IMMIGRANTS !! TO GO BLACKED.COM BY CLICKING HERE (Embed)
-----------------------------------8<----------------------------
>>
>>59891919
Fuck off /pol/
>>
>>59891963
Fuck off /pol/
>>
>>59891963
Fuck off /pol/
>>
File: pepeworried.jpg (7KB, 231x218px) Image search:
[Google]
7KB, 231x218px
What should I do if I'm running Windows 7 and have had updates turned off for 6 months (besides installing gentoo)?
>>
>>59892062
You should backup data and move to Linux.
>>
>>59891985
>>59892031
>>59892044
some promos have been installed on your botnet devices, you can freely fap @
milona fucked hard by the nigerian plumber
sonia got a surprise night visit and got a big blck bone
two american teen slutz enjoy immigration 'issues'
>>
>>59892075
I can't. There are Windows programs I need to use.
>inb4 wine
>>
>>59892062
1. Nuke it from orbit. Worst case, there's a UEFI rootkit on it by now.
2. Buy a Mac. Someone who turns off updates needs one.
>>
>>59892062
disconnect nerd
>>
>>59892104
>UEFI rootkit
redundant
>>
>>59890993
Too bad for them I configured the firewall to only allow essential things through, like my browser, which has javascript disabled by default.
>>
>>59891345
>routers with default passwords
You don't even need that anymore. Plenty of them run on Linux.
>>
Menes aside, am I safe to use W8.1 if I only go on 4chan, YouTube, and Facebook? I really don't feel like doing a lot of work to move files and upgrade my OS.
>>
>>59891475
Linus is Finnish. Finns aren't Aryan, they're Mongols.
Hitler even gave them the same definition as Japanese: honorary aryan
>>
>>59892144
No. You should also disconnect your router if it uses Linux.
>>
>>59892102
You can, you just don't want to.
>>
File: shiny_smug_pepe.png (251KB, 500x580px) Image search:
[Google]
251KB, 500x580px
Enjoy your botnet faggots.
t. OS X user :^)
>>
>>59892162
Is there a security patch coming out?
>>
>>59892199
Not soon enough.
>>59891720
>>
>>59890993
Will someone post what the fucking exploit/toolkit is so I can prevent it myself?
>>
>>59892145
>Linus is Finnish.
Swedish and yes, finns aren't from Iran.
>>
>>59892228
He's not Swedish. He's 100% ethnically Finnish and was born in Finland to Finnish parents. He speaks Swedish and Finnish.
>>
>>59892195
what does that "t." mean?
thats the second post today ive seen someone use that.
>>
>>59892285
Newfags, everyone.
>>
At least I keep backup of my system on an external drive?
>>
>>59892260
You should fucking check Wikipedia before shitposting. He also speaks Latin unlike most /pol/ "superhuman".
>>
>>59890993
Why is this so retardedly vague? What exactly does "hack into" entail? Does it apply to any Windows machine connected to the Internet? Is there any way to know if you're compromised?
>>
I've unplugged my desktop. Should I be safe now until a patch comes out?
>>
>>59892221
misterch0c
>>
>>59891225
lol no
>"It's an absolute disaster," Hickey said in an email. "I have been able to hack pretty much every Windows version here in my lab using this leak."
hosted2.ap.org/APDEFAULT/cae69a7523db45408eeb2b3a98c0c9c5/Article_2017-04-14-Cybersecurity-NSA/id-%30%31%66%63%32%62%62%31%61%36%38%33%34%63%35%36%38%31%63%38%31%64%39%32%35%66%38%39%36%64%65%36
(sorry for the weird URL, had to because
>Error: Our system thinks your post is spam. Please reformat and try again.
)
>>
>vulnerabilities getting exploited by russians and/or NSA
>still only release patches once a month (except when you have to redo your front-end, in which case its bi-monthly)
Can't make this shit up
>>59892102
>Windows programs I need
Which?
>>
So I'm fine if I'm behind a router or firewall?
>>
>>59892397
>Which?
Edge.
>>
>>59892420
>Edge.
...
Why
>>
>>59892392
also,
https://twitter.com/DEYCrypt/status/852974162138337280
btw, does anyone know why 4chan thinks
\x30\x31\x66\x63\x32\x62\x62\x31\x61\x36\x38\x33\x34\x63\x35\x36\x38\x31\x63\x38\x31\x64\x39\x32\x35\x66\x38\x39\x36\x64\x65\x36
(decoded) is spam?
>>59892420
>>59892102
>what are VMs
>>
File: firefox_2017-04-14_22-15-14.png (35KB, 633x300px) Image search:
[Google]
35KB, 633x300px
>>59891097
>>
>>59891950
Shaytan is one of the Devil's names. Try opening up a book you uncultured faggot.
>>
File: Pajeetware.webm (760KB, 640x384px) Image search:
[Google]
760KB, 640x384px
>>59891701
>LOL who cares Linux is trash
>Linux is trash
>trash
>windows
>>
>>59892462
Only if you're a dirty muslim
[spoiler]or darkfriend[/spoiler]
>>
Fuck off /pol/
>>
>>59891417
They can still access your shit through that fucking intel ME coprocessor. The OS doesn't matter one bit.
The only way to be safe is by running obscure shit on an obscure architecture with no outside connections.
>>
If the NSA needs exploits that just proves they lack built-in access.
>>
>>59892484
>only if you're a dirty muslim
>language=religion
>all ay-rabs are mooz-lims
you must be american
>>
File: laughing detectives.jpg (83KB, 500x610px) Image search:
[Google]
83KB, 500x610px
>>59892455
>ETERNALBLUE expoit works on Windows 10 as a zeroday despite not being in the targets
b-but Windows 10 is safe guise
>>
>>59892512
This desu
>bitch about government overspending
>doesn't allow backdoors in all software
talk about contradictive... (-_-;)
>>
>>59892062
Pray you don't have any of the following:
> UEFI motherboard shit
> intel ME cancer
> AMD PSP cancer
> shitty bios firmware
> anything ASUS
If not, you'll be fine.
>>
>>59892483
What is the problem? Windows 10 works perfectly here and thanks to it i'm super productive, so have time to fuck Chad and Stacy too.
>>
>>59892104
Is that hyperbole? Is a UEFI rootkit really possible with the exploit?
>>
daily reminder
Snowden is a russian agent
>>
>>59890993
But wouldn't a hacker have to be able to get past your router in order to exploit a windows computer in the first place? Genuine question.
>>
>>59892429
he's trolling you
>>
>>59892285
fucking google it. but i feel generous today so here is a bone.
it is like saying "regards"
>>
>>59892624
There's prolly an exploit for that too. Everythings falling apart these days.
>>
>>59892665
Time to get a security cert, so i can meme around forever.
>>
>>59892285
anyone?
>>
>>59892285
These days all memes come from /int/. It means terveisin.
>>
>>59892659
thanks. i've never seen anyone use that before. and googling was giving AT%T stocks.
+1 upvote
>>
>>59891158
Damn right, my brother
>>
literally worse than /x/tards
>>
>>59892717
yeah i never go over there.
>>>/vg/173979726
^
saw it here for the first time.
>>
>>59892665
>Everythings falling apart these days.
Complexity will do that. Maybe all the governments in the West staying on 8 bit machines loaded by floppies know something we don't?
>>
>>59891267
yeah I'm sure the Nazis thought they were fighting for freedom too
>>
>>59890993
>"oh no, the US government can hack into my pc and know the type of chinese cartoons I watch, this is surely terrible!"
>>
>>59892857
>Complexity will do that.
That a really simplistic view of the issues.
>>
>>59893048
>the US government
you retard, exploits for windows 0days were released
>>
>>59893157
OK.
"Complexity made through disorganization will do that."
>>
>>59892665
That is just bs, and you know it.
Vulnerable servers with ports open on the other hand are in for a wild ride, especially IIS6/SMB.
>>
why would you even have smb facing the internet
>>
>>59892613
Fake news
>>
>>59893268
>"Complexity made through disorganization will do that."
That's just going from "simplistic" to "self-evident"
Really, any complex system done wrong, is going to be terrible -- doesn't even have to be complex.
My original point was more that "simple" doesn't equate "good" (ie. a contraposition of your original post) As an example, DNS (which is simple) cannot handle any kind of verification of the records it returns, which is really needed in current situation; DNSSEC tries to fix this.
>>
https://github.com/misterch0c/shadowbroker/
Read em' and weep.
>>
>>59893426
>>59893426
Another thing... I find it amusing that Loonix fags are going off on Windows IIT when DirtyCow, a universal localroot Linux spl0it was published several months ago which granted users r00t access.
Eat shit, I use Debian mostly but you can't pick exploits and mock Windows when we have severe issues of our own.
>>
>>59893281
>That is just bs, and you know it.
Many routers run Linux, dingus. Would you be aware of what Kernel yours is running? Would you be positive you've recieved a patch for the exploits in the Shadowbrokers dump? Do you even know what I'm talking about? Linux and BSD vulnerabilities were in the last weekends dump.
>>
>>
>>59893514
Yes, Anon's home router has open ports by default and can lead to exploitation.
You are an idiot.
>>
>>59890993
hope you don't have a intel cpu anon, gentoo won't help :^)
>>
>>59893457
>granted users r00t access
... for users with privilege to execute arbitrary programs locally.
Lets conveniently forget that CVE-2017-0199 only required a user to open a word file in order to gain RCE --
opening word files received via. email is probably something 90% of widows users do daily.
Oh yeah, and it has been exploited by malware already (obviously, because Windows only releases updates once a month, lol).
>>
>>59893426
I wouldn't use shit from some random repo...
check these files against the x0rz repo, or directly from the source:
https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation
https://github.com/x0rz/EQGRP_Lost_in_Translation/
>>59891076
>he thinks these vulns will be patched in 5 days
top kek
>>
File: drumpf.jpg (135KB, 1160x629px) Image search:
[Google]
135KB, 1160x629px
>>59893426
>be Russian puppet
>cannot contain autism
>do stupid shit
>mfw my masters starts leaking my intelligence agencies hard ""earned"" exploits and hard work,
>>
>>59893558
Run nmap on something like a Comcast router, you retard. Prepare to cry. There's thousands of sitting ducks out there.
>>
I have a pretty complex password on my router, should my Windows 7 computer be fine?
>>
No operating system is secure, idk why you kids are trying to argue this
NSA can get into every one of our boxes
>>
>>59894600
>Assume your adversary is capable of one trillion guesses per second
no
>>
Does this mean temple os is the only safe choice?
>>
>a NSA botnet
That's an NSA botnet.
>>
>>59893558
You do know routers are the easiest devices to exploit, right?
Xss can pwn your entire network, routers are bad
>>
>>59894646
>every one of our boxes
Not my offline, networkless ones.
>>
>>59894700
I hope you never transfer anything to them via usb
>>
>>59894700
Oh, you sweet, summer child
>>
>>59890993
>Muh Windows 7 doesn't have telemetry
Hahahahaha get cucked retards. Adding this too my toolkit to fuck with windows plebs.
>>
>>59894646
>No operating system is secure, idk why you kids are trying to argue this
>NSA can get into every one of our boxes
because they are truely ingorant to the point/power of the NSA. Thinking operating systems are "updated" and secure on the internet (with exceptions) without the NSA or other intelligence agencies having the power to infiltrate them in some way. It's their job to be able to, no?
What good would the NSA be if they didn't have this ability?
>>
>>59891201
According to those leaks that came out they tried to commit a patch to the linux kernel that got rejected because it was shady like shit and badly written
>>
File: sopranos_lol.webm (1MB, 1280x720px) Image search:
[Google]
1MB, 1280x720px
>>59891225
>Windows 10 should be safe from these tools
Of course they are safe since it was already implemented from the start
>>
>>59894755
Daily life of US goverment.
>>
>>59892145
>Finns aren't Aryan, they're Mongols
Yes
>Hitler even gave them the same definition as Japanese: honorary aryan
Kek no. Butthurt swede detected
>>
Again why should we even be worried? If you're not downloading and installing Virus.exe from the piratebay they can't just remotely hack into your pooter and read your diary
>>
File: Eric Raymond - Honeytrap.png (69KB, 757x1442px) Image search:
[Google]
69KB, 757x1442px
>>59894755
>According to those leaks that came out they tried to commit a patch to the linux kernel that got rejected because it was shady like shit and badly written
Was this before or after ESR made us aware of the plot to frame Linus? As I have suspected for a while, SJWs are useful idiots to the CIA. It's a great way to infiltrate and destroy an open software movement by consensus cracking.
Pic related.
>>
>>59894805
Are you dumb my guy? These are remote exploits
If the service is running and someone can send those packets, you're getting pwned
>>
>>59892285
short for transvestite
as in transvestite os x user
>>
File: SpD35vh.png (509KB, 626x705px) Image search:
[Google]
509KB, 626x705px
>>59890993
>hack a computer running linux
>get past security and get in
>okay now how do I do fucking anything
>>
>>59894832
What service my dude? Do I have to install Virus.exe service or is Windows natively a virus?
>>
>>59890993
Which distro should I use?
>>
>>59894946
Do you understand what an exploit is? They're taking a service that runs by default on Windows computers, finding a vulnerability that allows them to send arbitrary shellcode, and execute it on your computer, without you downloading anything.
>>
>>59894946
I would definitely recommend disabling SMB immediately until the patch comes out.
>>
Why always /pol/ do a damage control for NSA and Windows?
Even the /v/ isn't so cuck.
>>
>>59892569
Why asus?
>>
>>59894832
what are they sending then, thats what router firewalls are for
>>
>>59894977
gentoo
>>
>>59895099
your english is absolutely horrible
go back to your immigrant filth containment board
>>
>>59895099
What the hell are you on about? /pol/ has their own threads condemning this shit.
>>
>>59895139
A lot of this is used once they are inside the network already, these are targeted exploits. They used the IIS 0day to get into the network and moved laterally using the SMB 0day
>>
>>59895139
The problem is that they already have a couple of exploits for many routers available today.
But then again, you would need to be a target first to be wrecked. Unless you're dealing with internet services or are someone notorious on the internet, you're safe.
>>
>nobody using these exploits in useful capacity
>Everyone either damage control or in panic (or laughing)
>Nobody working on using these exploits to crack open Vidya systems with DurangoOS or OrbisOS
Y'all are fuckin worthless ya know that?
>>
>>59895049
Is there a link with some info about that service? There's no links in this thread, I dunno what to search.
>>
>>59895224
>Unless you're dealing with internet services or are someone notorious on the internet, you're safe.
Depends on who moves faster, Microsoft, or the Skiddies.
>>
>>59895224
yea ofcourse as long as youre not target your guchi, still how does it work, cba to click dubious links atm is the source code out?
>>
>>59895193
>0 arguments
>m-muh immigrant
>>59895199
I don't see the same attitudes here. And I don't forget about your support for surveillance on web in normal times.
>>
so everyone is panicking, but is there any info on how it even is supposed to work
>>
>>59895071
>SMB
Is that just the 'Server' service?
>Supports file, print, and named-pipe sharing over the network for this computer
Is that what I should disable?
>>
>>59895276
There's more explanations here:
https://theintercept.com/2017/04/14/leaked-nsa-malware-threatens-windows-users-around-the-world/
>>
>>59895339
I wonder how much worse this is made by the near-total platform consolidation?
Would this be less drastic if there were diverse operating systems and architectures?
>>
>>59895242
Most of them target SMB, samba
Read up on ms08-67 and ms09-050, those are fixed samba remote code execs similar to what was leaked
>>
>>59890993
windows 7 fags BTFO
>thinking they're safer than 10
>>
time to switch to vista
>>
>tfw just some random windows 7 user with barely any connection to anything
time to lock myself onto a few websites for a while I guess
I haven't updated in a month or two either
>>
>>59895337
Yes. It's unknown if the exploit can be altered to work on Windows 10 at the moment, too. People are saying theoretically, it can.
>>
File: 1489879526422.gif (62KB, 185x168px) Image search:
[Google]
62KB, 185x168px
>>59892195
>implying OSX isn't botnet.
>>
>>59895337
completely useless shit just disable it
>>
So are we going to get a mega fappening?
>>
So how does one get affected by that? Any specific ports that need to be open or what?
>>
>>59890993
Why are you such a faggot OP? These are exploits against Windows. If anything, this proves NSA does NOT have backdoors into windows, since here they are, forced to exploit SMB bugs to get in.
Can't wait till next shadowbrokers release where they show that literally every major linux software project has been compromised by rogue devs for years.
>>
Does this mean I have to actually update Windows 7 when patch day hits?
>>
>>59890993
give me a windows and xubuntu alternative. Safest by design and easy to use.
>>
>>59892967
Here is (((your))) "you"
They were though.
>>
>>59892624
Sure, but considering most consumer routers can be popped in seconds then you are screwed anyways. Enterprises usually have more secured routers, but most enterprises are too fucking cheap to invest in a decent info-sec team so they are probably fucked too.
>>
>>59895576
linux openly admits to only being "safe" by obscurity
>>
>>59893281
Any consumer router can be popped instantly they are so fucking bad when it comes to security. Enterprise wise it's only slightly better, maybe now companies will realize that paying for an info-sec team is actually worth the money to not get hacked by everyone and their dog.
>>
Correct me if I'm wrong, but Windows simply accepts packets from a remote host and reads them in such a way that allows for shellcode?
>>
>>59895638
Don't forget Hitler was islamboo.
>>
>>59895337
An old Windows hardening guide I followed had this as a priority disable.
>>
>>59895677
Take that back you propagandist
>>
>>59894600
No your password doesn't mean shit when pretty much every consumer router is a piece of shit security wise.
>>
>>59890993
>Implying loonix isn't a botnet
>>
>>59895693
>propagandist
Isn't my fault if your idol had sand niggers friends and a crush for Islam.
>>
Any political implications, or will the government basically just ignore this like all the rest?
>>
>>59894884
you forgot the part when the hacker is really triggered by the victims poor choice of distro and halway trough decides to just install his distro of choice and secure it properly
>>
Speaking of updating windows 7, are there new updates to avoid installing? I haven't installed any in a few months.
>>
File: 1486019751067.png (575KB, 1680x1050px) Image search:
[Google]
575KB, 1680x1050px
Any machine can be compromised if a dedicated hacker is willing to put enough time into it.
The difference between Linux and Windows is that windows allows very little actual control by the user over the OS and, is by design, set to be a Microsoft botnet. Thus, right out of the box, you have pretty much no privacy or anonymity on it.
Surely any form of Linux could also be attacked, but proper risk assesment, prevention, and management, a Linux user can make it significantly harder, and near impossible for an attacker to do so.
The question then, becomes, how much time is the attacker willing to spend to get onto your machine and how important are VIDYA and photoshop to you? Unless you're some very high profile individual, a Linux machine with basic hardened kernel, firejailing, IPtables, openRC, VPN, encryption, etc. will be plenty an obstacle for any attacker.
>>
Disabling the Server process kills LanmanServer.
Is LanmanWorkstation even relevant here? Any other SMB to worry about?
>>
File: 1210948077111.jpg (121KB, 640x480px) Image search:
[Google]
121KB, 640x480px
>>59890993
>implying that the gamer cucks care
>>
File: ThisKills.jpg (102KB, 600x925px) Image search:
[Google]
102KB, 600x925px
>>59895791
>>
>>59895729
He didn't have a fucking crush. He just couldn't start a war with every group all at once. Obviously he fucked up with Russia but still
>>
>>59895809
don't fucking crab me
>>
>>59895193
>go back to your immigrant filth containment board
He's on one
>>
>>59891225
Microsoft is the shadow brokers, they want to force all the victims to upgrade
>>
>>59895930
Are you feeling it now?
>>
Win10 user:
>"Haha! He uses Win7 with updates turned off, so insecure! Enjoy your viruses!"
Win7 user:
>":3"
>>
>>59896014
You might be on to something. This would explain the poor english skills in all of there posts. We've been mistakenly thinking the Shadowbrokers were pretending to be Russian, when in fact, they were using Pajeet-speak.
>>
So what does this actually mean to a general user?
Is it another one of those situations where installing Common Sense 2018 is enough?
>>
File: 1488989045756.png (126KB, 540x400px) Image search:
[Google]
126KB, 540x400px
>>59892228
>>59892260
I realize I'm replying to something from over 4 hours ago, but as posted by himself, according to 23andme data:
"In fact, it goes deeper than that:
Finnish: 45.0%
Scandinavian: 28.9%
French & German: 2.5%
British & Irish: 2.4%
Broadly Northwestern European: 18.9%
so I think that Finnish heritage is pretty uncontested."
>>
>>59896108
The average Windows user is living in the Wild West at the moment. It'll get patched soon, I'm sure.
>>
File: quote-whether-i-scare-some-people-or-not-i-don-t-give-a-hoot-if-you-re-not-scared-by-now-nothing-yuri-bezmenov-61-87-52.jpg (53KB, 850x400px) Image search:
[Google]
53KB, 850x400px
>>59896108
We're on the brink of international war and the banks are about to get fucked. Hope you have real currency and not just soon-to-be worthless paper notes.
>>
>>59896149
>We're on the brink of international war
Yeah because bombing some 3rd world shithole is going to start world war 3
Back to >>>/pol/ with you
>>
>>59895224
>not installing openwrt on your routers
its like you want to be hacked and like the shitty performance with the obsolete default software it comes with.
>>
>>59891469
When will you faggots learn never to trust anyone.
>>
>>59895750
If the media wasn't cucked. It'll probably be ignored or the blame will be passed.
>>
In all seriousness, what risk is posed to people who don't download stupid shit and don't go to improper websites?
>>
>>59896270
Probably none
>>
MUH
GAYMES
>people still trusting MicroNWO
>>
>>59895752
No. Telemetry was fused with a bunch of important security patches.
>>
>>59896270
Where are these mythical Windows users?
>>
>>59894663
>Requires a host OS
No, it's not supposed to be ran on bare metal
>>
>>59896108
if you have enough common sense to not allow a burglar with a knife into your home, then you should be fine.
>>
>>59896325
Not him but I'm one of them
>>
>>59896309
If they're too retarded to switch to libre vidya there is no hope for them
>>
>>59896336
>he never heard of the possibility that this shit can easily get through image files on your system
>he still thinks you have to open questionable email attachments or intentionally download shit exe files
>>
File: jonface2.png (204KB, 540x480px) Image search:
[Google]
204KB, 540x480px
man I can't even fucking figure out trigonometry to raycast doom walls and now I gotta learn to run linux just to get away from the fucking feds?
>>
>>59894689
What do you suggest us normies do then? If all someone needs is my public IP, then should I just use VPN for everything?
>>
Could you make a bot that uses this exploit on random IP adresses to install a botnet automatically regardless of what the user does?
>>
>>
>>59896399
This, I have a standard modem/router from my ISP, how fucked am I?
>>
>>59896311
So just don't bother updating at all?
>>
>>59892353
Yeah i second this
>>
>>59896461
>>59896399
Fucked beyond help atm. If you run any kind of outward open ports you are even more fucked.
protip: don't play vidya, as all vidya opens up ports that expose you
>>
>>
>>59896463
There is no choice imo, not windows at least.
>>
>been interested in this girl for months
>she rejected me
>i know her home IP address
>I know she runs windows 7, since i was social engineering her
okay lads, time to go for those nudes
>>
So who released these exploits?
Why didn't they tell Microsoft first?
>>
>>59896270
>improper websites
You dolt. It's not a virus you pick up from dirty anime sites. It's using exploits built into your OS.
>>
>>59890993
i hate this edward snowden faggot desu
like i give a shit about privacy. I don't keep anything that would identify me on my computer. i use fake names when i make accounts
>>
>>59896494
EQ group,
Because it's a leak from the NSA
>>
>>59896430
No, you need a way into the victim machine to execute it. So basically, any malware that can call back to you and allow you to pivot the exploit. You could spam emails and use meterpreter on anyone dumb enough to bite the bait.
>>
>cable box runs outdated version of OpenSSL and modified BSD-something
>router runs vulnerable version of Busybox/Linux and obviously has a shell
SCARED
>>
>>59896499
Pity (you) for pathetic bait
>>
>>59896507
This is what I was talking about earlier. If you're on Comcast, your router is probably up on Shodan, just waiting to be raped.
>>
>>59890993
>NSA did not warn Microsoft
What the fuck are they supposed to do, give all that classified information to MS to allow even more people to leak it? Fucking retarded snowman.
>>
>>59896504
So they have to first actually infect your machine with something else that then gives them enough access to exploit this vulnerability that then gives them full control over your PC?
>>
>>59891847
What do you play on Steam on Mac bro?
>>
>>59896507
>vulnerable version of Busybox
If it's not running services on it then it doesn't even matter.
>Linux
This is the issue. It's probably vulnerable to CVE-2016-10229 since Linux is fucking dogshit and doesn't come with an easy way to automatically update itself to make it worth it for vendors to have automatic updates.
>>
>>59896559
No.
These exploits require only your IP address, given that you have a shit router, it'll get pwned and if you then run a vulnerable Windows machine in your local network, prepare to have your anus fucked, you're now a zombie.
This is such big news, it should be all over the fucking internet and news.
>>
>>59896535
>contact microsoft about an exploit
>it gets fixed before it becomes public knowledge
Wow that was a hard concept to understand
>>
File: 14446876876.jpg (18KB, 382x267px) Image search:
[Google]
18KB, 382x267px
>>59896566
>since Linux is fucking dogshit
THEN WHAT FUCKING OS ISN'T?
>>
>>59896336
>>59896373
the exploits are in sharing and remote desktop protocols, among many other things. you're vulnerable if any device on your network is owned, including router, printers or IoT devices
it has absolutely nothing to do with browsing the internet and "good browsing" won't make you safe
>>
>>59896559
Yes,or you have shit network security. But this is so high profile the plunderers are going to be rabid until it get's patched.
>>
>>59896566
Actually on Charter. Hardware is still vulnerable, though. Fuck.
>>59896595
OpenBSD
>>
>>59896586
So then you could make an automated bot that infects computers at random since you could teach it to "pwn" shit routers?
>>
>>59896611
I'm quite sure there will be a couple anons telling you why openbsd is dogshit, too
>>
>>59896149
Good thing I'm sitting right on the #1 military nuclear target in North America.
I'll literally be here one second and gone the next.
>>
>>59896566
most routers with default software use linux 2.6
>>
>>59896616
I mean sure, if you create case statements for the 100000 routers that exist and you know the exact vulernabilities.. this is scarier for targeted attacks where people know exactly what you have. For this reason I don't tell shit to my coworkers when they ask what I run and that sorta stuff
paranoia is your best friend
>>
>>59896605
so if I have remote access shit disabled on my computer am I ok?
>>
>>59896523
>Addition:
TR-069 is the big one router leasers need to be pissing their pants about.
>>
>have home server
>use samba
how fucked am I lads? I need to use filesharing, no way around it. Am I really exposed if I have no external open ports and I'm denying access to anything that isn't on my LAN?
>>
>>59896611
>>59896622
It's shit.
>>
>people using this event to take sides instead of realizing that if an OS with a mega corporation with billions behind it is getting fucked, every other OS on the planet sure is too
I just love simple minded tribal warfare. Always fun!
>>
>>59891267
Fuck off /pol/ cucks
>>
>>59896703
The world is fucked. Holy shit this should be a warning on google.com for fucks sake.
>>
>>59896721
that's a great idea. everyone fucking uses it, but they never bother to put notifications like "hey watch out, currently your machine is vulernable as fuck!"
I wonder why..
>>
I don't want to go to fucking Windows 10, guys. Holy shit.
>>
>>59896668
A good router/firewall will mitigate most of the risk, a lot of the vulns apply to shit consumer routers that are never updated.
This is also often targeted at corps that have web facing services, in tandem with a IIS exploit.
TL;DR: Use an ASR 1001 with a ASA 5500-X for your home network.
>>
So what can a person do to stay safe? What can a person do if they're already not safe? What are the ramifications?
>>
>>59896734
You're damned if you, damned if you don't. Take this opportunity to install dual boot and just have a windows OS for gayming and whatever else doesn't work on linux.
Use a hardened linux OS for your day to day activities, I mean how hard is that? Sure it's a bit inconvenient, but would you rather be a zombie?
>>
>>59896752
Disconnect from the internet.
>>
>>59896325
Eddie is my name.
>>
>>59896654
https://isc.sans.edu/forums/diary/TR069+NewNTPServer+Exploits+What+we+know+so+far/21763/
>>
>>59896736
>over $6000 in cost
are you kidding me? lmao just fuck my shit up senpai
>>
>>59896772
Spaghetti is my game.
>>
File: delicious.jpg (179KB, 450x370px) Image search:
[Google]
179KB, 450x370px
>>59896605
>device on your network is owned
What does that mean?
>>
>>59896729
Actually I think they do so, but only in regards to government interference with your google account. They don't have that much access in regards to other information though so they can't really act upon it.
>>59896734
You aren't safe with any OS. Pick your poison.
>>
>>59894713
>>59894722
For an attacker to effectively get information off of an air-gapped network, you'd have to be targeted HARD.
You can basically prevent data exfiltration by using CD-Rs (like SIPRNET) or USB forensic write blockers, but the latter costs money.
>>59896774
It was my attempt at humor, just a spare computer with PFsense on it should protect you from most attacks.
>>
>>59896736
>Cisco routers
they got fucked by EQ group as well retard
>>
Why do you guys care? None of us are doing illegal shit and we just play games and make some programs. It's not like I have personal nude photos or any sort of embarrassing shit on my computer?
Why does this matter to any normal-low tech user? I'm not an attractive target to anyone.
>>
File: Doggo good.jpg (116KB, 1000x749px) Image search:
[Google]
116KB, 1000x749px
>>59896566
>CVE-2016-10229
>Linux is fucking dogshit
>fixed in Jan/Feb https://security-tracker.debian.org/tracker/CVE-2016-10229
>not running a debian router
>>
>>59896804
>The Windows 10 user mentality.
>>
>>59896804
Great job outing yourself as a poorfag lmao
>>
>>59896734
Get used to it, bud. We're on a sinking ship as long as people are ok with our government doing these kinds of things.
>>
File: 1477016811542.png (301KB, 520x678px) Image search:
[Google]
301KB, 520x678px
>>59895241
>Everyone either damage control or in panic (or laughing)
>>
>>59896801
They're the best you're going to get in terms of timely updates and overall security.
That netgear best buy special is probably never going to recieve a security update.
Like I said before though, they're damn near unaffordable for your average person, and DD-WRT or PFsense is a much better cost/protection ratio.
>>
What's even worse than the windows tools is the SWIFT dump.
>>
>>59896804
We care because what has been released is like a disease. Sure, the gubment might not care about you, but I'm sure some starving third worlder is salivating at the thought of compromising your shit and stealing your id or credit/banking information.
>>
>>59896815
>anon knows anon is poor!
xD
>>
>>59896861
This is what i'm worried about. Some scriptkiddie SJW faggot or a third world goblin trying to get personal info/banking info by planting rootkits or shit. So what's the best protective measure? VPN and get the update microshit releases to 'fix' this?
>>
>>59896878
That's not the point though? It's that if you have this mentality of "I'm not a valuable target" you just outed yourself as a poorfag. For those who are actually valuable in any capacity, this is a relatively big deal and they should as usual be taking precautions to minimize damage done.
But again, like I said, you outed yourself as a poorfag, and generally not worthwhile to target, which has some benefits, such as not being targeted during these sort of exploits, and no family members caring if you die. :)
>>
File: 1471189562790.jpg (177KB, 533x388px) Image search:
[Google]
177KB, 533x388px
>mfw these exploits don't work on Win10
>all the mah win7 fags are finally getting BTFO
>The leak includes a litany of typically codenamed software “implants” with names like ODDJOB, ZIPPYBEER, and ESTEEMAUDIT, capable of breaking into — and in some cases seizing control of — computers running version of the Windows operating system earlier than the most recent Windows 10.
>>
>>59896860
Makes you wonder about Brexit, now doesn't it?
>>
>>59896861
>CC/bank info
Lmao, I don't do e-banking dude. That's the dumbest thing you can do. I have a local bank 5min from here and I go there every Sunday to make my payments/take money out.
I laugh every time people get their credit cards hacked or whatever, it's dumb as fuck and easily avoided. If that's all you're concerned about then I literally have nothing to worry about as I thought
>>
So if this is exploiting a running service on Windows, can the vulnerability be avoided by shutting off the service?
>>
>>59896921
You don't need to do ebanking for them to get your identity/bank information you fucking retard living in 1998 LMAO
>>
File: firefox_2017-04-14_18-38-21.png (89KB, 590x308px) Image search:
[Google]
89KB, 590x308px
>>59892455
>>59892514
>>
>>59896903
VPN won't save you from this.
>>59896921
>Lmao, I don't do e-banking dude.
Good. Let's just hope the banks are still standing after the Swift release.
>>
>>59896908
Who are you trying to impress? I don't care about your back peddling, I'm going to forget your post in 30 seconds, loser.
>>
If you've got data so sensitive that any risk of compromise is unacceptable, you need an air gapped system.
Do it like the government does it:
>CD-Rs to transfer data to the air gapped system
>Any device used on the air gapped system cannot be used on the internet connected system
>Keep it away from other computers and phones
This is only really needed for super-secret data processing.
A solid network perimeter with a fully patched system will deter 99.9999% of attacks.
>>
>>59896955
So what the fuck can anyone do to alleviate this? I use win7 because I need the 3D software on it, otherwise I'd make a full migration to linux.
>>
>>59896929
You can bet a lot of these tools can be reworked for use against Windows 10. Can you imagine the shit they have against mobile devices? It's terrifying.
>>
>>59896979
Literally this. Preferably the air gapped system doesn't run anything "up to date" and uses old IBM hardware
>>
A lot of pissed off/nervous system administrators out there tonight.
>>
>>59897013
>mobile devices
Why does nobody ever talk about this? Smartphones are so fucking vulnerable it's insane. Most people just jump on free wi-fi and expose all their pictures and data for free. It's like they're mentally retarded. If you wanna hack nudes or bank information, you will see much more gains by setting up a honey pot or hijacking a weak public wi-fi
>>
>>59897034
I think they released it to send a message.
Is disabling SMB for home users enough?
>>
>>59897005
Use Windows with no networking for whatever you need and Linux or BSD for the stupid stuff. I'd go as far as running Linux in a VM on a Linux or BSD machine if you've got the resources.
>>
>>59897037
I'm fine I use iphone.
>>
>>59897048
>Is disabling SMB for home users enough?
It's what Microsoft recommends, given their transparency in regards to some previous cases, I'd take that advice with a shitton of salt.
>>
>>59897048
If your ports aren't open then they don't have access to you, simple.
Common Sense 2017 still applies here.
>>
Has anybody here actually tried any of the exploits in a local environment? I can't even get FUZZBUNCH(fb.py) to execute properly under Py26, and Py27.
>>
What's this SMB?
>>
>>59897024
I mean sure, if you're doing just numbers and text then you can't beat feeding a TRS-80 a cassette recorded from your networked computer.
If you're interested in video and image processing, I'd go up to date as possible so that you can use modern software while being the most protected.
>>
We're all doomed. /g/, think of something! You guys are supposed to be the smart guys next to /sci/ on this site.
>>
>>59897150
Works for me in VM
>>59897158
service ran in all versions of windows (although I'm guessing only v2 and v1 are currently exploitable since I can't get it to run against a win10 host running v3)
>>
So even win 10 is fucked?
>>
>>59897221
we don't know yet maybe it's fucked depends if they the bug that's in eternalchampion which is an SMB protocol / Netbios exploit works in win10 at all, right now the tools fail on win10 but that may simply be trivial to fix.
>>
>>59897192
>We're all doomed. /g/, think of something!
I'll make the logo.
>>
>>59897251
They probably fail because SMB is not working properly.
Security by malfunction.
>>
>>59897192
Assess the likelihood of your system being compromised vs the damage done if compromised, there's your risk.
Take whatever precautions you deem commensurate to the risk. You can go all the way from not giving a fuck to only using airgapped TempleOS systems.
>>
>>59897283
Eh I'm betting on SMB v3 being plagued by the bug but the exploitkit not being updated to target it (win 10s version of SMB)
>>
>>59897283
>B-but muh industry standard, m-muh enterprise quality.
>>
Am I safe if I use Fedora with Xfce?
>>
>tfw windows 7
>ports closed, router "invisible" if it can be called that
>"server" process disabled
wh-what now
>>
>>59897293
The issue is what can the common or slightly above common person do? It's obviously not going to be as simple as turning on Windows Firewall or some shitty anti-virus program, but there are surely some simple steps that would be somewhat effective.
>>
>>59897339
Unplug your internet, place a condom over the cable and plug it back in
>>
Thinking about running a PFSense firewall. Is that an appropriate action to take? Or is simply disabling the service enough?
>>
The big exploits are the SMB ones.
Which you are safe from by doing the following:
Turning off the Server service in Windows.
Not forwarding ports 445 and 139.
Running Windows 10.
>>
>>59897221
Possibly, based on what we see here. Definitely, based on the NSA and the CIA's determination and track record. I must say though, all of this gives me the wierdest boner. I mean, it sucks that this is happening and I really don't harbor any real ill feelings towards Windows users or anything, but it's a great feeling knowing this is causing nightmares for the alphabet agencies.
>>
Search for "Turn Windows Features On or Off", or something like that, in Start. Then look for SMB. Uncheck it. OK.
>>
Does anyone know if these SMB/RDP exploits affect Windows 7 SP1?
>>
>>59897419
They do.
people into RE take a look at eternal synergy SMB v3 0day, I think win10 might be vuln if someone fixes up the sploit to work with it.
>>
>>59897405
It's causing nightmares for everyone else.
>>
>>59897405
if you thin they don't have sploits for linux based targets you're dreaming.
>>
>>59897419
I believe this definitely works on Windows lesser than 10. Possibly 10.
>>
>>59897463
What about Windows 9?
>>
IT expert here. I just had a butchers at the leaked information and there's nothing substantial, sadly.
>>
>>59897460
Trust me, I'm well aware of it. It's not the NSA I fear at the moment, it's every Pajeet and Ping Pong in the third world that I'm afraid of.
>>
>>59897506
As long as you keep your ports closed then there is no concern.
>>
>>59897493
Surely, you mean 8.1 (Autism Edition)?
>>
>>59890993
A UTM solves these problems. Although not running Windows helps.
>>
>>59897505
>nothing substantial
>multikernel implants
>0days for SMBv1 SMBv2 SMBv3
come again?
>>
>>59897493
While windows 95/98/se supported SMB1/CIFS, I don't know if this exploit will work as it was probably implemented differently.
Or not, maybe Microsoft is literally using 22 year old code.
>>59897529
8.1 is top tier.
>>
>>59897523
Which ports should one close and how does one go about doing so?
>>
so whats the worst that can happen? finacial info?
just keep an eye on daily transactions and if anything is fucked call bank and unplug PC and phone post for a while
>>
>>59897549
It's a joke. It's what shills say when info is leaked, especially during the past election.
>>
>>59897523
Closed ports do not protect against malware used to pivot the exploit though. If you get malware, it could be used to open everything up again and execute this.
>>
>>59897568
445 and 139.
>>
>>59897581
if you have malware they don't need to pivot exploits, the only thing that's interesting is persistence and kernel implants for post exploitation and they didn't leak anything crazy for the former, we might see some crazy gook kernel implants in the future though I guess.
>>
>>59897564
>8.1 is top tier.
I agreed with you in another thread!
>>
>>59897523
Blocking them via Win Firewall? Does that also include terminating and disabling any running SMB services? I figure as anon here >59897581 says, as long as the service is running, if packets come in through port 80 or something, the service can still be exploited and the ports reopened.
>>
>>59897575
Don't sign into your bank account, and probably avoid using a credit card for a week.
>>
>>59897576
>shills
You mean anons having a giggle.
>>59897463
>>59897440
So, eternalsyngergy works on Windows 7 SP1 with the latest updates? Is this confirmed? I have a couple of exposed pcs with these characteristics
>>
Don't forget to say "T-thank you based Russians for leaking these exploits".
The NSA must be fuming now, knowing they have some Russian plants leaking all this shit.
Truly incompetent fucks, getting paid by your taxes to create OS exploits that are getting leaked.
Also, btw, this comes after they released a stash of exploits for unix-based systems.
>>
>>59897412
on 7, I see this nowhere, but I've already disabled Server
>>
Is all this valid enough to call for a shut down for the NSA.
>>
>>59897638
In your case I think it's eternalchampion
since it targets @
<paramgroup name='WIN7_SP1' description='Windows 7 Sp1, 32-bit/64-bit'/>
but yes you're in the exploitation window.
>>
>>59897659
Well I suppose these exploits were made to crack into Middle East banks which made transfers for terrorist groups.
But the most damning thing in this report, imo, is that the NSA has some Russian plants, who leaked these internal tools. Truly incompetent fucks. They have way too much power than they can handle.
And in a way that's what Russians want, to make people angry at the NSA.
>>
>>59897605
lol that wasn't me
There must be dozens of us!
>>
>>59897720
>Russians!
>>
if i turn off network discovery and file/printer sharing will this work? is blocking port 445 at windows level good enough
>>
if i turn off and disable services "server" and tcp/ip net bios will that help?
>>
>>59897754
Fun fact: Russians caused the extinction of the dinosaurs.
>>
>>59897754
>>59898021
Fun fact, it is the Russians who leaked this.
They are so butthurt that Trump is doing stuff which is contrary to their interests and that they actually invested money in electing him, the buttpain is reaching criticality and melting the containment vessel.
Them going back to square one on Syria and being isolated again is also a major factor.
>>
>>59892102
Wine exists. Sandboxed VMs exist. You don't need any of those programs though.
>>
>>59892513
They're all worthless so who cares.
>>
>>59897055
Then you don't even need to be tricked into clicking a bad network. They can just change their network's name to AT&T Free Wifi or whatever, lol. :^)
>>
>>59890993
I'm on Windows 10 so I'm fine. Get fucked linuxdrone.
>>
>>59896594
>NSA contacts Microsoft about an exploit
Wew, good thing they're paying people to find those exploits and not use them!
>>
>>59898087
>Fun fact, it is the Russians who leaked this.
Sure would love you to prove that but we know you can't.
Another fun fact: You're just another pleb that swallows the propaganda.
>>
>>59896808
>>fixed in Jan/Feb https://security-tracker.debian.org/tracker/CVE-2016-10229
Good thing all those embedded Linux devices automatically update. Oh wait...
>>
>>59898712
>Good thing all those embedded Linux devices automatically update. Oh wait...
Not the fault of Linux, being as Linux is only a kernel. It's up to those implementing the software to make sure there is a suitable upgrade plan. Also, all software has bugs which can lead to vulnerability - no software is truly without risk.
>>
Is it alright to disable SMB?
Will I have any internet connection issues if I do so?
>>
>>59898756
>all software has bugs which can lead to vulnerability
Maybe your bloated shit GNU software. When the 'true' binary takes almost 80 lines of code then yeah all your shit as vulnerabilities.
>>
File: 1279281187826.jpg (49KB, 178x178px) Image search:
[Google]
49KB, 178x178px
>>59898872
Again, all software has bugs which can lead to vulnerability - no software is truly without risk.
Now, go play with your gaymen, manbaby.
>>
>>59898911
>all software has bugs which can lead to vulnerability
ok, kid.
>>
>>59899057
No problem, squirt.
>>
how do I find out if I'm infected?
>>
>>59899705
Open your Windows drive and look for system32. If you have any files in system32, delete them - these are teh infected files. Reboot.
Thread posts: 392
Thread images: 37
Thread images: 37