/cyb/ /sec/ general: cyberpunk and cybersecurity

>>60465226
Anyone working on any cool projects? I've got an old oculus dk2 I want to do something with. The lag is bad though. Thought about adding camera and a heads up display. Basically a super fucking complicated android overlay. Anyway. Kinda cyberpunk.

Is it worth running a botnet?

People complain about Win10 phoning home

Is there no way that outgoing requests to Microsoft can be blocked automatically?

Meaning wangblows phones home as normal, but the request is blocked from actually going through

Possible?

>>60465226
tfw i still cant even find some browser that doesn't try to fucking spy you

>>60466904
Yes its possible.
Install windows firewall controller 4 freeware. set to medium security and secure rules Disable non WFC rules. it will stop all outgoing except what you chose.

even win10 apps is blockable like cortana and such bullshit.

check it out man

>>60466123
For what purpose?

>>60466908
I might have to stop using DDG, earlier it popped a message up offering to give me tips on privacy in exchange for my email address. It was amazing.

>>60466960
To make money.

>>60466945
I'll try it, cheers dude

Know of any full lists of botnet requests that it makes? Think the /g/ wiki used to have one but it's down

>>60466991
How?

>>60467027
With fraud

Meme post here and I apologize, but someone stole my personal and work phones in early April. I've gotten several two-factor authentication texts from their accounts, which is weird. Are they using my number? How can I backtrack the phones?

>>60467158
Report your phone as stolen to the police. Report the work phone as stolen to your IT dept.

>>60467158
you can add a lockscreen remotely, and enable GPS so you can see where your phone is.

on an android anyway

File: mad.gif (804KB, 330x300px) Image search: [Google]

804KB, 330x300px

>tfw OP keeps using the shitty /sec/ resources pastebin

File: 1495133071051.png (79KB, 500x500px) Image search: [Google]

79KB, 500x500px

Yo what distros do you guys use?
Thinking about getting into Void Linux.

>>60467133
hahahahahaha

ok

>>60465226
Is that CDE?

>>60465862
You're gonna become a fucking gargyle? Aren't you socially retarded enough as it is?

>>60466904
Pfsense has OS detection and blocking.

http://www.cl.cam.ac.uk/~sps32/sec_news.html

I'll be waiting for your comments on this.

>>60466908

Iridium and Brave are the only serious browsers at the moment.

What can you even do with a botnet? I'm not actually interested in doing anything malicious. Back when I was a kid, I went through a phase where I would download those runescape phishers from YouTube and then find the gmail account it mailed all the data to. It was incredibly effective, I ended up with hundreds of username/passwords. I never did anything with them, I just signed into people's accounts and read all their stuff. It was usually mundane stuff but some of it was cool. I also used to look at people's unsecure webcams and stuff. I've always had a weird interest in watching strangers, while having complete respect of privacy of people I know.

>>60468036
Most of us use Debian/Ubuntu or Windows. In the industry you will find either Windows, RHEL/CentOS or FreeBSD.

>>60470566
How did you get the passwords? I'm not quite sure I follow.

>>60466123
Only worth it if you don't mind eventually being jailed for 20 years at some point in your life.

File: OP.jpg (116KB, 730x936px) Image search: [Google]

116KB, 730x936px

>>60465226
>[Embed] [Embed]

>>60470763
cute

how do i get into this >>60470530

>>60470659
The way those phishers usually worked was by claiming to be a "gold generator" or something, and telling the victim to enter their account information into a GUI. It logged whatever the victim inserted into the Username/password field, then immediately sent it to a gmail account. 9 times out of 10 the username and password of the gmail account was unencrypted, so you could just sign into that gmail account and piggyback off of it. Sometimes I'd change the password of the email account, but that was stupid as it just let them know something was up.

any cheesy but fun cyberpunk movies like Hackers(1995)?

File: 92027-hugh-jackman-swordfish-gif-blo-jcoZ.gif (987KB, 500x280px) Image search: [Google]

987KB, 500x280px

>>60473744
Swordfish lol

I consider Logan's Run (1976) to be the earliest movie I ever encountered that had most of the common cyberpunk elements.

In Logan's Run, there was a central computer system that tracked every person in society, and when they turned 30 years old, the computer summoned them to enter "Carrousel" -- a ceremony in which they would end up getting killed. The plot was classic cyberpunk -- it focused on a small group of people who resisted the system, escaped it, and ultimately wanted to destroy it.

Has anyone seen any movies prior to Logan's Run that have most of the common cyberpunk elements? (Dystopian or authoritarian urban society, a heavy reliance on information technology, and a focus on those who are marginalized or who resist the system.)

Is it true that there's a shortage of cyber security workers? Is it even a good job to have?

>>60474515
It's a lot better than Software Development/Being a code monkey.

If you can't find a job just go black hat, after all crackers are the reason Cyber Security workers are even working. Who knows you might score big.

>>60466904
Stop it at your router.

>>60465862
I'm rewriting Forban in Ruby.

>>60474552
This.
If you get into hacking and infosec just go blackhat after your job or some shit.
That's where all the 'cool' hacker type stuff is at anyways

Now that Lavabit email is back, is there anyway to get all your old emails back? I lost a lot of memories when they went down.

File: qbMJLVL.jpg (214KB, 1500x1001px) Image search: [Google]

214KB, 1500x1001px

>>60465862
I'm working with making a solar charged light system for my bike.

File: 1491362618600.jpg (17KB, 240x300px) Image search: [Google]

17KB, 240x300px

What is the most easy way to make a meshnet
B.A.T.M.A.N
OLSR
or Wifi-S?

>>60466908
lynx

>>60470566
>and read all their stuff
>complete respect of privacy
did you ever once notify them? grey hat at best.

>>60474515
>>60474552
there's a shortage, but imho it's not worth the risk.

>>60474515
Yes there's a shortage. Yes it's a good job, often pays twice what developers make.

You can quickly get into the executive board if you go into security as well. This is how:

- get dev job, either junior or senior.
- program shit
- start writing your own security tests of whatever it is you're making (read gray hat python to do this, Art of Software Security Assessment, ect).
- often corporations have no security department so will just appoint you security lead or head.
- from there start taking infrastructure security, read books about security management (google has written many, or read google's SRE book and apply it to security tests)
- apply to be Chief Information Security Officer
- congrats your CISO on the board

>>60476115
>often corporations have no security department so will just appoint you security lead or head.
valid

This has probably been asked before, but how reliable is the security on Signal?

>>60476171
Extremely reliable.

The problem is how reliable is the security on your device. Probably joke tier. So don't use it for anything super seekrit that involves you going to jail.

>>60476171
your favorite phone's chipset is compromised. the manufacturer can keylog you no problem. the software is secure though i think. these phones might be legit though: https://www.silentcircle.com/buy/

>>60476213
>the software
to clarify, Signal

I'm starting college with a major in Computer Networking/Cyber Security
how fucked am I

>>60465226
when if ever should one use selinux?

>>60476242
you'll know the first time they tell you what software to use for class. if it only runs on windows, you're fucked.

>>60476213
It's not.

If you want a decent phone, get a Nexus 5x or 6p. Install CopperheadOS on it. Then use Signal. That's as good as security as you can get with a mobile device.

Also phones these days no longer allow the baseband any DMA. It's a (micro) serial connection these days.

>>60476260
>>60476242
if that happens, drop out immediately and do your own research and if necessary, work at mcdonald's

>>60476267
what's not, the blackphone?

>>60476246
SELinux is useful for creating a sandbox for looking at PDFs or for your browser. Like if you ran Firejail and then created an SELinux lockout for Firejail otherwise not very useful.

SELinux was just supposed to be a temporary fix, it was a Proof Of Concept that the NSA showed the Linux dev team what could be done to minimize attacks and Linux team being lazy as fuck never did sweet fuck all to roll their own mandatory access control and just went with the SELinux kernel mod/hooks.

I'd suggest Grsecurity but that ship has sailed I don't even know if arch/gentoo fags can still use their patches anymore

>>60476288
Blackphone has had a lot of problems, thegrugq has written extensively about them in the past.

It's a proprietary phone without any kind of real exploit mitigation. CopperheadOS does have real exploit mitigation, and costs 1/4 the price.

If you were any kind of drug dealer you would be using Iphones anyway (latest ones with secure enclave) and texting each other in code. If you were some sort of nation state agent you'd be using SubgraphOS

>>60476308
seems legit. every time i've tried implementing it, it was a massive timesuck. i'm aware it was an nsa thing...go figure it's not practical.

>>60476331
interesting

File: 146451528819.jpg (69KB, 540x540px) Image search: [Google]

69KB, 540x540px

>tfw too intelligent for computer programming so you had to settle for cyber security

>you will never be an operating system/kernel developer

>>60476331
>larping that never using phones (or computers for that matter) is possible
i just realized you didn't address the issue of firmware backdoors. do either of these OSes update the phone's firmware? if not, especially if it's proprietary firmware, there's no way to confirm or deny the existence of firmware vulnerabilities.

>>60476349
texting as in using Signal, and iPhones as in buying them through a third party and using VPNs out of the country. Typical street gang running a dial a dope operation is doing exactly this.

>>60476398
Read any of the Andrew S. Tanenbaum books. There's also CS:APP book, which has free lectures here: http://scs.hosted.panopto.com/Panopto/Podcast/Podcast.ashx?courseid=b96d90ae-9871-4fae-91e2-b1627b43e25e&type=mp4

>>60476437
I'm actually reading Modern Operating Systems right now and pretending I'll actually some day be able to write for the linux kernel

>>60476437
sure that works, until you get keylogged and triangulated. i'm still waiting for an answer to
>>60476425

>>60476425
Of course there will be firmware vulnerabilities, but the question is does it have DMA to the application OS which is no.

It does however have access to phone storage, as evidence by the Samsung backdoor discovered by ReplicantOS, however if you're using Signal that is encrypted so useless.

If you're really paranoid put your phone in airplane mode and carry around a mobile wifi AP, use that with a VPN. Problem is that mobile wifi will likely leak your location everywhere by broadcasting your mac (which you can't change as mobile AP's are all proprietary) so don't be carrying it to any hits of your drug dealer enemies with it leave the phone at home.

>tfw working in my dream job, infosec
>people think I'm awesome, knowledgeable, etc
>very insecure about myself and my knowledge, I feel like a cheater. there are much better people than me (perhaps not at this place, though)
love my job, but fucking hell, sometimes I wonder if shit will hit the fan some day because of my (known or unknown) mistakes, or something

>>60476524
that's called imposter syndrome, everybody has it.

there's always somebody 'better' than you at whatever it is you're doing, but I guarantee they have the same imposter syndrome

>>60476524

Did you pursue a traditional education or are you self-taught? Just curious. I'm interested in getting into the field and I'd like to know what actually works for people.

>>60476503
>drugs are bad mmkay

>access to phone storage
and devices like touchscreens which can be keylogged

>mobile AP's are all proprietary
this seems questionable but i don't care enough to research it myself right now

>>60476467
I wouldn't start with the linux kernel.

I would go to FreeBSD/OpenBSD instead first as it's easier to do commits. Or try GuixSD they're always looking for people, and have a Linux Libre kernel they use you could work on then later push upstream the changes.

Just keep at it and read shit, like the classic Lions Guide to a TImesharing OS. Personally I wouldn't bother with kernel.org because it's entirely samsung and corporate shills who work on it these days

>>60476524
this is why i refuse to work in the medical industry. supply and demand is a thing. thank god hajeeb didn't get your job. keep researching.

File: 1491057378848.png (253KB, 1000x700px) Image search: [Google]

253KB, 1000x700px

>>60465226
>cyberpunk
>cybersecurity
>uses pastebin

???

>>60476576
the problem is I don't even know how to program and I only have a basic grasp on the concepts behind it

>>60476595
yep. we're all gonna die. soon.

>>60476569
How are they going to keylog with CopperheadOS or Iphone. Maybe if you're a terrorist and they want to burn a 100,000+ USD 0day. If you have a VPN how exactly are they supposed to get the telemetry back of the screen movements now we are talking a 150,000+ USD exploit as it needs to hide itself in LinkedIn updates or something and piggyback to it's C&C server.

I'd be more worried about police just watching you with binoculars typing on your phone and following you around than any kind of remote exploit at that level.

>>60476595
go on edx.org and look up 'how to code'. It's HtDP but done by a UBC professor https://www.edx.org/course/how-code-simple-data-ubcx-htc1x

Then do CS:APP as linked above (you can buy that book for $20 on Abe Boks).

Then finish the Tanenbaum book it will actually make sense. CS:APP is self contained you don't even need to know C it will teach you enough or crash course read K&R as you go.

>>60476654
Well I understand Modern Operating systems 100% and I find it absolutely fascinating. I just don't know how to program.

I'm going to check out the other resources though because I really wanna learn how to do this stuff

>>60474583
what kind of router would let you do this?

I've got a netgear something or other, it's decent but the interface is total dogshit and I doubt it'll let me block things so specifically

>>60476699
he's talking about a Router router, not a consumer wireless access point/modem/router combo

>>60476623
for the sake of the argument, i'm being as paranoid as possible. wouldn't "they" only have to burn that $150,000 0day once? what if "they" used a hardware exploit that talked to exploited cell towers. can't patch that without replacing the phone and/or tower server. that wouldn't require linkedin or anything...just straight send serialized keystrokes over 3g/4g from the phone to the tower then to fuckall.

>>60476699
make your own router openbsd runs on those cheap arm boxes or buy a ubiquity lite

>>60476709
>>60476623
a hardware exploit would definitely be more expensive, but you only have to spend the money once.

>>60476696
I wrote this: https://functionalcs.github.io/curriculum/

Pick and choose from it. The authors of HtDP also have a second book here free http://papl.cs.brown.edu/2016/ but it assumes you've already done how to design programs (HtDP) book/course, which is the above edx.org linked course. It's a 3 part series, easy to do, done in Racket, you get really good and writing functions and can just ease into C it's how I learned.

CS:APP is here https://functionalcs.github.io/curriculum/#org2b55624

You just keep doing it until you get it.

>>60476709
But the hardware would need direct memory access to the application OS which it does not anymore, not since like 2009.

Just get SubgraphOS on a laptop and change the wifi MAC every day. Throw out that laptop after a month and use a new one bought used off craigslist or something. I assume you aren't a terrorist if you are I suggest you immediately join ISIS and hopefully die in the deserts of Syria.

>>60476794
what if there was memory built into the cpu though?
lol no i'm i voted for Trump. MAGA. libertarian for like 10 yrs.

>>60476820
There is, it's a system on chip but it's connected serially to the application OS (for now) so a hardware exploit wouldn't do shit. Police are much more likely to just find you via opsec failures (you giving away too much info like every hacker has ever done) and holding you for a week without a lawyer like they typically do.

You should just follow people on twatter who know these things like thegrugq or https://twitter.com/jcase

>>60476858
>There is, it's a system on chip
i'm gonna go ahead and count this as a win. also, i'll agree with you that
>Police are much more likely to just find you via opsec failures
this proves nothing, but i don't actively test this kind of thing. i like reading about it though. great conversation.

>>60476566
>Did you pursue a traditional education or are you self-taught?
failed engineering student, dropped out before 3rd year of college (and 6 actual years in 2 different unis...)
what worked is contacts + CVEs + a bit of knowledge of a lot of things. in fact, me joining the company was almost an accident.

you have to keep learning, reading articles/news, doing/trying things, etc. infosec is broad and fun, and now you can even make a lot of money while learning. for example, OWASP + bug bounties = $$$, and stuff like this makes it rewarding:
https://slashcrypto.org/2017/05/17/5k_Error_Page/
also, keep reading stuff from bug bounties, these things are very motivational. I mean, some people find really cool stuff, some people make easy $$ from dumb mistakes

>>60476773

That is an awesome resource you assembled, thanks a ton for doing the legwork. Wish more anons were helpful like you.

>>60476982
If you get any kind of good at Standard ML go apply to Janes Street Capital they use OCaml, and it's fintech so you make a stupid amount of money.

They have a security department too, in fact the 'hardened' OCaml libraries they use are pretty interesting which I use these days

>>60476773

Thanks for the goldmine

>>60465862
>The lag is bad though

Is your PC under-powered? If it's dropping below 75 fps then something's wrong.

What are some good/fun vulnhub images? Bored as fuck.

>>60476008
Yes. And add to this links et al.
text based browsers are the safest with the fewest dark corners for malware to hide.

>>60476115
>management
That's where all the boring stuff happens, you want to get in on the good security stuff you have to learn it and put tons of effort in it.
Minimum cert you want to get is CISSP in you want to get into management.

>>60476308
You can still use grsecurity with 4.9 LTS look up minipli maintains 4.9 LTS with grsec.

>>60474492
Metropolis (1927) is frequently cited as early Cyberpunk.

I saw Logan's Run. Talking sense to a computer to blow it up was old after Star Trek.

>>60476906
The chance to get rich of bug bounties is very small, hell the worst part about it is there is no way to check if your bug has already been reported and if it is you ain't get shit poof wasted hours/days/months..

>>60470075
>http://www.cl.cam.ac.uk/~sps32/sec_news.html
Checking:
>created 14-10-2011 -- last modified 07-02-2013
OK, so it is dead.


>I'll be waiting for your comments on this.
Why?

>>60479504
>OK, so it is dead.

What do you mean?

>Why?

Because this is a cyber security thread you imbecile.

>>60467133
take care.

>>60466123
it is.
If you dont do fraud, theres not much of a problem.
Just sell ddos and scanning services on the darknet, its all good. You can also mine cpu coins.

>>60479846
When last modified is more than 4 years ago in a fast moving fields like this it means it is stone cold dead.

>>60478879
>The chance to get rich of bug bounties is very small
who said anything about getting rich? I was talking about getting a job in infosec... CVEs are de facto credentials, and bug bounties are a way money on the side, plus you get permission from big companies to play with their servers/applications/etc.

if you only want/care about money, don't work in infosec, there are much easier ways to make lots of money

>>60465226
A well deserved bump.

>>60476115
Can I get a cybersec job if I'm going for a cs degree?

>>60481766
And here is another, rescuing from page 9 - now with contents:
http://efanzines.com/PC-Cyber/A%20Cyberpunk%20Timeline.pdf

That is the Cyberpunk Timeline by Patrick Clarke.

Has anyone heard from him? I haven't seen any postings from him for years and years.

>>60483745
Yes.

I might have a chance to apply for TEMPEST training, but I don't really know what it entails, does it require a lot of electrical engineering background and radio wave stuff? The actual security implications I'm ok at, just the low level stuff I never had any exposure to.

>>60476591
tone down your autism, its not some secret illegal information so why not

>>60475556
where would the point of intersecting connection be?

>>60484385
because pastebin.com is absolute garbage

>>60484412
>>60484160

>>60484412
it gets the job done doesnt it.

>>60476242
Bruh just self study and get your certs
you could always stay for a CS degree though

>>60484412
In which way?

>>60484412
what would you use then?

File: pb.png (175KB, 1920x888px) Image search: [Google]

175KB, 1920x888px

>>60484160
>>60484442
>>60484482
>

>>60484630
almost anything that is not pastebin.com

https://bpaste.net/
pretty much zero bullshit

>>60484800
wow, thanks for opening my eyes anon

>>60484800
FUGGG

>>60484800
https://bpaste.net/raw/fdb108e9105d

File: fa2d0a2.jpg (33KB, 750x735px) Image search: [Google]

33KB, 750x735px

how long is an OSCP cert valid for?

>>60485084
>OSCP
As far as I know, I doesn't require re-certification.
Nice image though.

>>60484800

Check this:

https://paster.ninja
http://pasternjaui2k53d.onion/

Encrypted, anon and totally clean

Transmetropolitan discussed on >>>/co/92507735

File: cyberpink.jpg (314KB, 700x700px) Image search: [Google]

314KB, 700x700px

>>60465226
Opening Pic needs a big rastered /CYB/ in neon green to help people recognising cyberpunk times are here again.

/sec/ participating in ctf. https://ctf.teamrois.cn/

If you want to participate just join the IRC since everything will be coordinated from there.

>>60488308
I'll do it next time.

>>60474492
Arguably Colossus (almost the same thing as I Have No Mouth and I Must Scream but with a less hystrionic ending -- cold war supercomputer takes over).
Outer Limits episode Demon With A Glass Hand (this is the other half of what Cameron stole from Ellison for Terminator).
Avengers episodes regarding the Cybermen, which are really cheesy but depend on a kind of very clumsy hacking, and the one with Honor Blackman where a computer is mis-instructed to disrupt its own cooling system to kill a guy. That one has an "arrogant young hacker" character. There's also a much cheesier one from the Diana Rigg period, in which a computer falls in love. However, also from the Rigg period is the one with the "haunted house" set up as a trap demonstrating the superiority of automation by a disgruntled ex-IT employee (!).

>>60474492
Alphaville is the oldest cyberpunk movie I've ever seen. It's kind of a cross between BladeRunner and 1984, with a touch of Logan's Run.
http://www.imdb.com/title/tt0058898/

File: helperConfused.png (22KB, 612x491px) Image search: [Google]

22KB, 612x491px

Could you explain how is it possible that people get infected on win10 with windows defender?

Is it so easy to write malware that is undetectable without access to 0days
?

>>60467020
this list? https://wiki.installgentoo.com/index.php/Windows_10#Network_spyware

>>60476242
nice
best of luck anon, networking/security is very interesting

>>60491247
AVs are shit, and I guess people don't update their AVs constantly, prolly

also, bump

>>60491247
Windows defender is not that good. And theres always someone smarter than one that will figure something out.

>>60490039
Totally forgot that one. Literally an indvidualist rebel outsmarting a totalitarian computer. But what about La Jetee? Visuals of underground tunnels lined with ropey cable, scientific experiments to circumvent technological catastrophe, and rebellion.

>>60489089
Appreciated.

Might reuse the >>60488308 pic for a cybergoth issue.

Bah! I missed the /ham/ thread >>60490945 as it just fell off page 10. Ham is also cyb.

Anyone has this books? What Makes It Page?: The Windows 7 (x64) Virtual Memory Manager

>>60496182
Fuck, this hard to find..

Also, I don't wanna buy it.. because I'm poor guy.
shit.

>>60491344
Even bruce schneier use windows.. lol

how many are you guys here, working on big security company?

Should i use DNScrypt for normal browsing on windows? What server should i pick? Do you guys know any good guide to set it up?

>>60496202
Of course he does. After all that is where is market is. Shilling for security in Redox OS, Haiku or 9front will never be a commercial success like Windows.

>>60476699
>what kind of router would let you do this?
Smoothwall or any other router software that uses deep packet inspection such as Snort.

Obviously the firewall/router should be running on a separate machine. Any old machine will do.

Also interesting to see all the attacks piling up. You might as well block everything from CN, saves you a lot of bandwidth.

File: 07a26f90-1a6b-44cf-8778-9b4e4df256ee..jpg (75KB, 700x329px) Image search: [Google]

75KB, 700x329px

>>60465226

THIS IS SERIOUS.

if the UK moves forward with this, is only a matter of time before every other government does. Thought crime will be real.

http://www.independent.co.uk/life-style/gadgets-and-tech/news/theresa-may-internet-conservatives-government-a7744176.html

/thread

>>60502556
How likely is it they'll actually get all this through?

>>60502887
Quite likely really.

After all the British are not citizens. They are HM's subjects.

>>60502556
>All anglofags
Merely a coincidence.

>>60496253
I do "the cyber" for a big US government agency.

>>60503700
perfidious albion

>>60502887
They are The Party and own the government. It will pass.

Please keep thread going on.

Bumpage with content: a cyberpunk comics: http://centralia2050.com/

So I finally got to getting a protonmail account to get away from gmail.

Paid the 48eur to use my own domain, and now I see that they literally don't even support third party clients.
wtf is with this shit

How do I get more secure email, without having to install a different client for each fucking address?

is too late to get into the bitcoin mining fad

>>60505427
If you count on actually making money, yeah.
As a hobby and a way to support crypto? nah.

>>60505468
what if you just setup a ton of raspberry pis around peoples houses, would it be viable then?

found a tonne of leaked databases on this forum - http://breachforums.com/forumdisplay.php?fid=6


anybody know is this legal/safe to download from?

How do I ensure that I get paid by this site? https://www.fffingers.com/

>>60505738
The fuck you gonna cut your finger? Can't you just rent your anus if you want money?

Redpill me on network sniffing. Anyone here ever do it? See anything interesting?

>>60505738
Those prices are atrocious, just go sell plasma.

As long as you don't get some retard like I did who shoves the needle through your vein, you get like $40 for an hour of pumping your fist.

>>60507177
Your best bet is going to be finding open wifi hotspots and trying to grab cached login credentials from sites that don't use HTTPS.

>>60505334
Host your own domain and run the email on a home server.

File: POITOP2.jpg (262KB, 1259x835px) Image search: [Google]

262KB, 1259x835px

Thoughts on this show? Midway through season 2 so no spoilers pls.

>>60508562
Cletus dies from cancer.

>>60508562
Han Solo dies

File: 1382060280878.png (8KB, 271x288px) Image search: [Google]

8KB, 271x288px

>>60508625
>>60508631
ASSHOLES.

Is it even worth portscanning these days?

File: IMG_0306.jpg (82KB, 750x627px) Image search: [Google]

82KB, 750x627px

When he says layers 1-3 are "chained" and layers 4-7 are "end-to-end", what exactly does that mean?

>>60508855
I'm guessing he means that layers 1-3 are sort of rolled together, where it's not really correct to view them alone, but 4-7 are independent of the actions of layers 1-3.

>>60465226
What's the best way to verify a SHA-2 hash? SHA-512 specifically. Google is not being helpful at all.

>>60466904
>imlpying you can plug all holes at a firewall on a proprietary system you have no control over
waste of time

>>60466904
It's near impossible to balance with usability and security.

You could block all connection to know MS addresses at your network firewall, but now you can't get updates, and that leaves you vulnerable.

Without devoting a ton of time to analyzing the traffic your machine is putting out, it's near impossible to block only a certain portion of windows from communicating.

>>60508640
The AI is actually a an alien in a box the whole time.

>>60508446
Home server is all good and fine for receiving email (say POP) and reading it from a client (IMAP) but it is a nightmare for sending (SMTP) since many will suspect it of being an open relay and instantly ban it.

Getting your server off the ban lists (note: plural) is not only a hassle but even a *continuous* hassle.

And that suits Google, Yahoo, Microsoft et al. just fine.

>>60505485
I haven't done the math but it's probably impossible to get return on investment mining with Pi's. You might if you add some of those USB ASIC miners, though.

>>60508562
GOAT as far as I'm concerned.

>>60473744
Sneakers (1992), of course.

There are tons of in-jokes to be found and appreciated. The super comfy sofa is the easiest one.

>>60508855
Layers 1-3 are physically connected, whereas 4-7 are in software form.

Are there any good security podcasts?

>>60477745
Naw, my codes probably shit. Got drunk amd wrote some code, kept building on it. Should optimize. Eh.

just downloaded fedora as my first linux distro
what the fuck do I do?

>>60516917
What do you want to do?

>>60516964
What's a good torrent I could use?
Also, I want to learn how to use the terminal, any guide, book, links that could show me the way?

>>60517232
Go to tldp.org and browse the documents, in particular the HOWTOs.

Okay, I'm a totally computer illiterate normie, and I'm paranoid that my ex-wife might or is spying on me. What basic measures can I take to prevent spying by anyone? My laptop comes with an i-series processor(probably some gen i5), is it possible that she's using ME backdoor hack, you guys usually mention

>>60517259
thanks dood

>>60508855
Layers 4-7 are traversed only on the end hosts, while layers 1-3 are traversed on the end hosts as well as intermediate devices (routers).

>>60512543
So is it too late to run a full-fledged email server now? Is SMTP effectively useless unless you're a corporation?

>>60517264
She's not going to be using some complicated backdoor thing unless she is a rare female computer wizard.
Your biggest exposure is your own posts on social media and shit you do while signed into services that associate what you do with the accounts.
Beyond that, someone who has or had access to your computer can install really nasty spyware and have access to everything including your camera, mic and watching what you are doing on your desktop.
You can get the same shit by allowing a weird exe file you shouldn't have install from your email or some shady site.
If in doubt, do a clean install of the OS.

>>60517503
but you can get no job with no degree nowadays

>>60517574
Where do you live?

>>60517463
Thanx mate!

>>60517574
Not on this field.

>>60466904
edit host file and map m$ "home" to localhost.
There are guides on the internet to do dis

>>60517667
>you can get a job "on this field" with a degree completely irrelevant to "this field", but not without a degree

How the fuck is some random irrelevant degree better from none?

>>60518269
I meant that you can get a job without a degree on this field. Having a degree even if it's in some dumb shit helps though, because it shows you have some sort of education.

File: math.png (199KB, 1904x1445px) Image search: [Google]

199KB, 1904x1445px

>>60476242
Same, starting in August @ RIT Computing Security. I want to eventually get to CISO, jump from that to running my own cybersec auditing company. Anything I should know? Plan on using pic to supplement my math

>>60517415
Pretty close to useless, yes.

A long shot: you could try to peer with the various free shell organisations out there. Some spend a bit of work staying off those black lists, which is how I know about this problem. Also the disposable email account sites might be interested.

You might want to kickstart an umbrella organisation for freeshell mail and Usenet News peering.

Expect this to require a fair bit of work, especially in closing open relays and kicking off the spammers. One single breach and you have a machine spewing out thousands of emails per second.

>>60518106
Last I heard this trick does not work anymore. Windows has hardcoded IP numbers as fail safe. Alibi was to avoid being stopped by virus overwriting the hosts file.

Of course doing it in your Linux based firewall (I like Smoothwall) is something entirely different.

>>60467844
post a better one

>>60483745
sure
certs help a lot as well they make up for not having a degree sometimes

>>60518609
>Anything I should know?
Sec is a pretty intense job if you want to do it right. Development is fast. You will need to react quickly once the alarm goes, no matter what. The odds are stacked against you.

An intruder needs just one single mistake to slip in.
A defender has to plug all and every single hole there is and update with the very latest in counter measures. One mistake and it is curtains.

I remember the outsourcing company visited us for negotiating the next period of operations. A lot of people give themselves a lot of unwarranted privileges and exceptions to their own rules. So did they when they plugged their massively infected laptop to our air gapped intranet. It was rather like Pandora's box. Nothing got done that day and what had been done was wiped out.

Also do not underestimate the users. Leaving a memory stick in the parking lot is an old trick. And it still works.

>>60518609
pls hire me

Cyberpunk news:
http://www.bbc.com/news/technology-39934506
>Chip design giant ARM has teamed up with US researchers on a project to develop chips that can be implanted in the human brain.

>>60519376
>Sec is a pretty intense job if you want to do it right
I do, I like to build up walls and defenses (emotional and in games), only issue in games is that it's no fun if people can't break them. I also feel like this role of Sec will only increase in importance as we approach complete IoT and with the neural link stuff Musk is trying to do.
>do not underestimate the users
Yep. My current company is very good, with WCry we had to get security updates pushed out. Boss sent out an email telling employees to update, it might need admin rights, and to log in with their account - everyone was calling and asking him if it was truly he who sent it, since they were trained to not put in passwords

>>60519397
When I can, my dude

>>60519916
how hard is it to get accepted into RIT

Why does so much hacking/scanning come from China?

>>60519916
>I also feel like this role of Sec will only increase in importance as we approach complete IoT
An understatement. I expect we will see a fairly complete meltdown before much real happens.

>and with the neural link stuff Musk is trying to do.
And ARM (see article above). Also see the Soulcatcher project for more /cyb/ ideas.
I sure will not install Microsoft Brain device driver version 0.9 beta, ever.

>>60519968
Not hard, imo. 2020 on old SATs, adjusted to a 1420. I've taken multiple dual-enrollment courses, 4 AP courses, I have a job in IT (tech intern for my school, doesn't sound like much but at 18, $8/hr and getting out of over half a day of school is great). I've also done well in extracurricular, national qualifier for FBLA Network Design, prior Networking Concepts top 10. Not meaning to brag, its just stuff I've put on my application.

I've seen a guy at the accepted open house who jizzed himself when we loaded up a Kali VM, I've also seen some people who haven't heard of Kali. Based on who I saw, if you have some decent SAT scores and are a partially well-rounded person, you should get in.

>>60519993
>fairly complete meltdown
So, opportunity. I'll keep off BMI's for a while
>Soulcatcher
That's fucking awesome. I've heard there's problems with how much you could learn - my ultimate goal is knowing as much as I can so I could influence things like BMI's and augmentation, which would be a problem with limited knowledge humans can have. This might help, in a similar manner to the neuromods in Prey

File: jpeg.jpg (80KB, 473x610px) Image search: [Google]

80KB, 473x610px

What security sub disciplines are programming heavy?

>>60519976

Because China is a legal tar pit.

>>60519228
I've posted this one a gorillion times, https://pastebin.com/UY7RxEqp, it was in /sec/'s OP and I and a few people from the IRC channel have access to the account.

>>60467844
What are you talking about? OP is completely re-written as of a few threads ago.

>>60522664
Yes and that's the issue, compare both pastebin.

>>60522712
Yeah. One is organized. The other is not. What do you see differently?

>>60522938
Different and better resources?

When's the next ctf that /sec/ is going to do?

>>60524024
We just did RCTF and sucked hard, probs next will be this https://ctftime.org/event/468.

Food for thought: https://youtu.be/7Pq-S557XQU
What will the future be with LED instead of neon lighting and hardly anyone in employment instead of working for huge sinister multinational megacorps?

The /cyb/ future is taking a big hit here.

Also worth seeing: A World with Watson. https://youtu.be/mBadznSDIpY

What Linux distro/version of Windows does /sec/ use?

>>60465862
not too crazy, but got a bridge between a /cyb/ themed matrix room and discord server up and running this weekend

>>60468036
I'm a debian boyyyy, but also run some live versions of different distros to fuck around in them

>>60505427
yeah :^(

File: Ubuntu_GNOME_logo.png (15KB, 1036x126px) Image search: [Google]

15KB, 1036x126px

>>60528750
>What Linux distro/version of Windows does /sec/ use?
Ubuntu GNOME 17.04 and a heavily modified version of Windows 10 Enterprise

>>60528750
Smoothwall firewall
Ubuntu and Debian servers
Kubuntu and Lubuntu clients

Got a PA-RISC machine, not sure what to install there yet.

Guys I'm new, what the hell is this thread for anyway? Is it for a encryption fag or what? How do I into cybersecurity in terms profession in the field?
Is the cybersecurity applies to Android user?

>>60530216
it's cgl for nerds

>>60529568
>a heavily modified version of Windows 10 Enterprise

LTSB by any chance? Also what kind of modifications beyond editing group policy?

>>60520424
>awesome
You might want to look into "Altered Carbon", a recent Cyberpunk series that takes this concept to a blood dripping extreme. I just cannot remember last time I read a book this steeped in blood and gore.

https://en.wikipedia.org/wiki/Altered_Carbon

> I've heard there's problems with how much you could learn
True but not much is said or written about it. i have head it called the "Knowledge Event Horizon", basically to gain new ground you have to pass old ground broken by the older generation. As more and more new ground is broken it takes steadily more time to reach new ground, at which point you will be close to retirement before really digging into the heavy stuff.

And continuous improvement in living standards and life expectancy relies on continuously gaining new knowledge.

>>60518316
So high school is non-education, just like kindergarden? Without a degree you have "no education"?

>>60532398
It's a weird convention, but "educated" usually means "college-educated". It's referring to the broader worldview provided by higher education- not saying that anyone without a degree has never learned anything.

Regardless, I'm pretty sure what anon is saying is with all things equal pretty much any degree will be more valuable to an employer than no degree. At the very least, a college degree shows that you're capable of learning new things and doing work.

>>60532398
>>60532621
There is also a huge cultural element here. Increasingly in Europe you need as Masters degree for your education to count. In Germany a PhD is what it takes to be educated. When I visited Germany people there who knew my line of work automatically assumed I had a PhD.

>>60474354
If you like the porntastic approach you might want to check out Latex (1995).

>>60476773
You're good people anon.

>>60520509
Application development security or Security Lifecycle development, can't quite remember the name. I guess devops as well, that is if you want to approach it with a security bent.

>>60528750
If you use anything but SubGraphOS you're nothing but a roleplayer.