Thread replies: 138
Thread images: 21
Thread images: 21
Anonymous
/cyb/ + /sec/ general: cyberpunk and cybersecurity: cyberdeck edition 2017-06-23 01:20:46 Post No. 61035729
[Report] Image search: [Google]
/cyb/ + /sec/ general: cyberpunk and cybersecurity: cyberdeck edition 2017-06-23 01:20:46 Post No. 61035729
[Report] Image search: [Google]
File: cyberdeck.jpg (108KB, 1024x576px) Image search:
[Google]
108KB, 1024x576px
/cyb/ + /sec/ general: cyberpunk and cybersecurity: cyberdeck edition
Anonymous
2017-06-23 01:20:46
Post No. 61035729
[Report]
Cyberdeck edition: http://shadowrun.wikia.com/wiki/Cyberdeck (see resources for building your own real cyberdeck)
/cyb/ + /sec/ general is for discussion of anything and everything related to cyberpunk and cybersecurity.
>what is cyberpunk?
https://pastebin.com/raw/Jpci0dqD
>cyberpunk directory
https://pastebin.com/raw/HiTA1yXK
>nothing to hide? please.
https://youtu.be/pcSlowAhvUk
>cybersecurity essentials
https://pastebin.com/raw/0AjC2mcD
>cybersecurity resources
https://pastebin.com/raw/98vvNwcH
>thread archive
https://archive.rebeccablacktech.com/g/search/subject/cyb/
>thread backup
https://www.cyberpunked.org/
>previous thread
>>60979833
>>> Resources <<<
>> /cyb/
Condensed /cyb/ resources: https://pastebin.com/dxdjEerj
>> /sec/
Condensed /sec/ resources: https://pastebin.com/RXvHEBuu
>>Harden your OS, reroute your DNS and fire up the VPN - shit just got real
Condensed /shit just got real/ resources: https://pastebin.com/DMc57Dxw
Suggestions for new resources are welcome. /sec/ is looking for CTF team members, contact at IRC channel.
>irc://irc.rizon.net:6697
join #/g/punk and #/g/sec (requires SSL)
>>Resources have been condensed because the field became too long<<
>>
Support netrunner >>61018259
Also website is dope https://retrotech.eu/netrunner/
>>
>>61035765
As OP, I support this and really hope it develops into what it could and should be.
>>
>>61003722
http://asdasd.rpg.fi/~svo/glasstty/
>>
File: puzzle.jpg (16KB, 400x300px) Image search:
[Google]
16KB, 400x300px
I've made a puzzle for you all.
The attached JPG is the first clue - good luck!
>>
>>61036011
You're a bully. :(
>>
File: 1494431246902.png (501KB, 1280x853px) Image search:
[Google]
501KB, 1280x853px
>>61035765
>litespeed web server
>shitty shared hosting with cpanel and a proprietary httpd
REALLY?
>>
>>61036027
pls no bully.
The puzzle is quite simple, it has a little reverse engineering, a little crypto, and a sprinkle of other tech thrown in for good measure. Have fun.
>>
>>61036156
Oh, I thought you were bullying us for having autism.
That looks like the autism flag. :(
>>
>>61035765
>Downloads
>somebullshit.exe
Is this shit really windows only?
>>
>>61035729
that's pretty rad
is that a custom case or can it be purchased somewhere?
>>
>>61036232
It is a placeholder.
>Just like it says on the webpage.
>>
>>61036239 see https://pastebin.com/dxdjEerj and http://www.instructables.com/id/Portable-PC-project-inspired-by-Shadowrun-Cyberdec/ within it.
>>
>>61036255
nice
>>
>>61036164
oh shit didn't even realise that. I made the puzzle quite a few years ago now, maybe 6 or so months in to the inception of #/g/punk. Figured enough time had passed that it's time to unleash it on new, unsuspecting group of punx
>>
>>61035843
Same m8
>>
>>61036297
It would be great:
1) To see /g/ working together.
2) It would be handy, due to the issues with Firefox.
>>61036295
Well... thank you.
>>
We need more /sec/.
>>
File: MIT_Borgs_1993.jpg (432KB, 1280x866px) Image search:
[Google]
432KB, 1280x866px
How do you guys handle physical security/opsec?
>>
>>61037023
Full disk encrtion including /boot on my libreboot thinkpad.
>>
what does it feel like to rm a box
>>
>>61037023
My binary and ascii keys and rsa + ecdsa keys are stored on a headerless encrypted filesystem in a file nested on a playable dvd on my shelf. Keyfile for that filesystem is the unsalted ciphertext of two concatenated ranges of files located on the same disc.
>>
>>61037220
To decrypt the filesystem you must know the two files to concatenate, the range of bytes used in each file, and the key + algo to generate the required ciphertext.
Absolutely impossible.
>>
>>61035765
Doesn't look promising for now.netrunner % git --no-pager log --format=format:%h\ %ar\ %s
28fdbf8 4 days ago Updated the todo
acbe6e2 4 days ago Removed logo centering because it doesn't work on gogs / git.teknik.io
847acbc 4 days ago Added the logo
9e049a7 5 days ago Initial Commit
cd984bf 5 days ago Initial commit
It got everything you would expect of a /g/ project. A name, a logo, a todo. And possibly vanilla links code.
Anyone confirmed it matches the one from http://links.twibright.com/download.php or http://links.twibright.com/download/ ?
>>
>>61037023
one-time use burner laptops purchased with bitcoin and running TAILS, connected to public wifi
>>
I know /g/ always says the best antivirus is Common Sense 2017, but is there a good non-botnet antivirus out there? Makes things easier and it wouldn't hurt.
>>
>>61037471
I'm going to give it a chance. Hope for the best, prepare for the worst.
>>
>>61037252
Hard-disk encryption using one-time pad. Double-XORed for double security.
>>
>>61037696
if you're dumb enough to get a virus you deserve it
>>
>>61037696
Patch your shit. Follow the news. Block attempts to run software you didn't ask for (it could be anything from having good firewall rules to block advertisements).
You can setup clamav and other tools to automatically scan your email server, but it doesn't make sense to do on your desktop.
>>
>>61036011
The answer is "autism"
>>
>>61035729
How do I into cool stuff with networking? Stuff like this
>http://census2012.sourceforge.net/paper.html
Also how about packet-sniffing? I don't think my network adapter is capable of it, could I buy one of those cards that you plug in and use that? It'd be cool to see what other people on the same network as me are doing, or on public networks.
>>
Is the hard disk password on a thinkpad BIOS any good? secure?
My T510 had built in FDE.... my T420s has a SSD drive, I haven't set a hard disk password yet.
Would setting the hard disk password be the same as the FDE?
Should I just use Bitlocker with the SSD?
Would there be a performance hit if I did bitlocker and the hard drive password (and the power on password and everything else)?
>>
I will probaby enter to some networking project at my job. Some personal tips of what to expect or to handle things? I quite new to them at "job level"
>>
>>61037023
all options in grub save an easter egg fail to boot, and all my directories are misnamed
>>
>>61038415
>My T510 had built in FDE...
it's not the laptop that supports "FDE", it's the SSD that can be self-encrypting with usafe of ATA password. Intel drives are known to do that.
And it's "safe" from thieves, not from government.
>>
pretty happy to see this general is more active
better than the majority of trash posting atleast
great compilation of information too.
thanks op and everyone who contributed!
>>
>>61038660
so would my SSD drive not be FDE unless it is advertised as such? if not...what is the point of the ATA password in the BIOS?
only trying to prevent thieves from accessing my data.
>>
>>61038415
>Is the hard disk password on a thinkpad BIOS any good? secure?
Hard disks are shot through with security holes and Thinkpad is made by a Chinese company.
The only secure thing is to assume the worst. Securing such a machine requires generous amounts of thermite.
>>
>>61037471
>It got everything you would expect of a /g/ project.
>>61037730
>Hope for the best, prepare for the worst.
How many /g/ projects proceed beyond the logo making stage?
>>
>>61040232
>How many /g/ projects proceed beyond the logo making stage?
Logos are hard, dude.
>>
>>61038609
Nobody would like to give me a little tip? Just asking.
>>
what kind of roles do you guys work in? and whats the day to day work like?
i may be starting something cyber security related, however i have zero experience with this kind of thing or programming
>>
>>61040917
When you are a student you learn that facts rule.
Once you start in industry you will learn that facts play second fiddle to politics, career survival and pet theories.
>>
>>61041283
As a security detail and security consultant. Not IT, just security. Worked as PM in IT before, I can't stand corporate environment though, so never more.
Job is comfy as hell (I am at work now), I wake up, either follow someone somewhere (sorta rare these days) or sit at some place and just screw/shitpost with my phone/laptop for hours. Or tell people how to secure something, usually an event or building. Money are not bad (not great either, just comfortable) and once I get rid of my debt, it's gonna be nice.
I don't have any gf, so I spent my time either by learning C, reading, lifting or frequenting few escorts. We live in cyberpunk without the cool parts, so I guess I can't bitch about anything.
>>
File: 1497290511078.jpg (254KB, 750x1334px) Image search:
[Google]
254KB, 750x1334px
Why do you still post here when there's literally a cyberpunk imageboard already?
We should all move to 4kev.org
>>
Any pointers on email privacy? I'd like to host my own but my ISP seems to filter the necessary ports to stop spamming malware. How about getting a paid general purpose host?
>>
>>61042629
Lainchan?
>>
File: avatar.jpg (197KB, 506x602px) Image search:
[Google]
197KB, 506x602px
have an interview for a pentesting position in a couple weeks.
i'm a dumbass with a bachelors in CS with software engineering experience but no ITS exp.
what should i study?
>>
File: Sony HB-101.jpg (909KB, 3251x1829px) Image search:
[Google]
909KB, 3251x1829px
I wish this existed with modern internals, it's close to what I pictured when I first read about cyberdecks (with direct neural interface of course no traditional display)
>>
>>61043539
Start with networks and encryption.
>>
>>61035729
That's one saucy cyberdeck shummer
>>
File: 1497889771027.jpg (65KB, 320x422px) Image search:
[Google]
65KB, 320x422px
Some time ago uMatrix merged some of its media groups, it also started having problems with Firefox 33.
I have ran into Policeman, a similar plugin, that lets you filter what the websites can download, and what kind of requests to external resources they can make. It allows for more fine grained control, the UX is also really good, I would even say better than uMatrix. Make sure to check it out.
https://addons.mozilla.org/en-US/firefox/addon/policeman/versions/
It might seem a little dated and unmaintained, but should work great on the good old versions of Firefox.
The only features from uMatrix it seems to be missing are cookie control, UA spoofing, referrer spoofing, and strict HTTPS.
If you need alternative for these, check Self Destructing Cookies and RefControl for cookies and referrers respectively. HTTPS Everywhere for strict HTTPS.
You can change User Agent in about:config, use User Agent Switcher (if you sometimes have need to spoof other UAs), or Blender (but I'm not sure which UA it will use). I am not aware of an addon that would allow to set UA spoofing per domain.
>>
>>61038711
That's okay, anon.
Thank you for your appreciation.
>>
>>61043963
This.
>>
>>61041371
doesnt sound too bad
what are the main distinctions between an analyst and a technologist role?
>>
>>61035729
daily reminder that slackware is the best all around distro and the most /cyb/ distro
https://mirrors.slackware.com/slackware/slackware-iso/slackware-14.2-iso/slackware-14.2-source-dvd.iso
>>
>>61037023
I conceal carry
>>
File: Screenshot_2017-06-23-15-56-41.png (240KB, 720x1280px) Image search:
[Google]
240KB, 720x1280px
>>61044862
>>
>>61047233
>http://neko.tsugumi.org/UAControl.html
Nice.
http://www.stardrifter.org/refcontrol/
These parts of the internet feel old. In a good way.
>>
can someone post the picture of that thinkpad with the back of the screen covered in velcro and a pineapple or something stuck to it?
>>
>>61036295
Can I get a hint to start this off?
I'm a little lost...
>>
>>61040555
>Logos are hard, dude.
Strangely then, this part seems to be completed early.
>>
>>61042629
>We should all move to 4kev.org
I spent 5 minutes to look for genuine contents and now I want my 5 minutes back. That place is a wasteland with no redeeming features.
>>
File: japanese-man-wearing-a-protective-face-mask-tokyo-japan-D6P2JF.jpg (114KB, 866x1390px) Image search:
[Google]
114KB, 866x1390px
So my friend wants me to be in a video he's making that'll be posting online at a later date. Will one of these be enough to be at least unrecognizable from a glance? I don't really want to go all out and look like an autist.
>>
Thinking of switching to TAILS as my primary OS and having Windows 7 on my hard drive for a couple of reasons
1. If searched, feds will realise I run off a USB if I have an empty hard drive
2. As a university student I need some specific Windows software.
Is there anything I need to know about the usability of TAILS?
>>
>>61048249
Depends on which level of "unrecognizable" you want.
If it is unrecognizable from mom, then yes. If it is from the LE, then no. If it is from the courts, then hell no (by yuropoor standards).
One hole balaclava and huge glasses.
>>
>>61036011
do I need some special tools for this?
>>
Here's a helpful tip: Next time you try to extort money from someone, do it BEFORE you give them what they want.
>>
File: netrunnerlogo.png (13KB, 435x359px) Image search:
[Google]
13KB, 435x359px
>>61035765
Support Netrunner.
Don't let the net run you.
>>
>>61048955
As long as I customize it with flashy colors and make it look sick as fuck while still being functionally secure, then yes.
On the note of browsers, how do I make qutebrowser more secure? I don't know about adding addons like on firefox.
>>
File: 2593_thaihealth_bdgmntuwx345.jpg (31KB, 450x337px) Image search:
[Google]
31KB, 450x337px
>>61037023
Right up his USB socket.
>>
>>61049026
QuteBrowser is worthless since there (existed) VIM control-plugins for Firefox.
>>
>>61037023
Social engineering. Guards are unintelligent by default since they presumably had to be too stupid to do anything other than stand in a doorway.
Tell them you HAVE to get in to fix something very important and if they don't get in, whoever is responsible for keeping you out will be in trouble.
>>
>>61048675
I just don't want random people on the internet to potentially recognize me from an old photo.
>>
>>61049219
firefox is slow
>>
>>61047388
I too am fond of simple but concise webpages, they're simply very efficient and a doddle to navigate.
>>
>>61049125
>USB socket
This triggered me.
>>
>>61036011
this is a bamboozle
>>
File: 1497460213361.jpg (433KB, 1280x1122px) Image search:
[Google]
433KB, 1280x1122px
Do you /g/s strip metadata from pics you post of 4chan or is it just me?
>>
>>61051831
4chan does that on its own now
>>
>>61051831
If it is 'live action' OC I always strip metadata.
But as >>61051887 says, 4chan strips it for you.
>>
File: powerful-seed.jpg (8KB, 188x253px) Image search:
[Google]
8KB, 188x253px
>>61037023
pic related
>>
>>61052352
What the...
>>
Why don't people just teach themselves, rather than all of these certs?
>>
>>61037023
I lift, bro. Nigga try to rustle my jimmies I feed him my fist like a C++ template: fast and incomprehensible.
>>
>>61037561
Now the cameras got you, boi.
>>
>>61037696
Bitdefender is lightweight as a Slovenian rootkit. I encourage you to test it.
>>
>>61043539
Nothing. It's too late to even fake competency. If I was you I'd pretend to apply for a support job and offer a blowjob. You ded, mate
>>
File: 8503185.gif (190KB, 178x141px) Image search:
[Google]
190KB, 178x141px
Vehicle number plate obfuscation:
http://www.photoblocker.com/photoshield-cover.html
>>
>>61054964
I bet it's illegal in most places.
>>
>>61055981
Absolutely. Seems like a good thing to have in an emergency kit though if you want to avoid being captured by traffic cameras
>>
>>61048249
No. If there is a closeup of your iris then your are done for.
>>
>>61037073
>shodan scan for xp machines
>msf
>meterpreter
>???
>profit
>>
>>61041338
>Once you start in industry you will learn that facts play second fiddle to politics, career survival
Its amazing that I am finding this out doing hardware repair too.
Fucking careers.
>>
Is there a good FOSS alarm clock/stopwatch app?
>>
>>61043539
>but no ITS exp
You know, they would have read your resume when you applied.
And they would have seen that you dont have any experience in the field.
Its going to be fine.
>>
>>61035729
That's the sexiest thing I've ever seen in my life.
>>
File: 1498307270587.jpg (41KB, 480x460px) Image search:
[Google]
41KB, 480x460px
facebook suggestions?
>>
>>61035729
>build a completely portable desktop with built in keyboard
>uses a bluetooth keyboard anyway
At the very least they should have had the keyboard detachable using a PS2 connection with one of those springy phone cord style cables to look more cyberpunk.
>>
>>61043560
christ thats a sexy bit of kit
>>
can i do portscanning(nmap) with vpn? if yes. does all the traffic go tru vpn?
i mean, i am pretty safe with vpn if i do portscanning?
sorry for noob question and noob english
>>
>>61047453
>and a pineapple or something stuck to it
its a regular apple, and no.
>>
>>61048343
>Is there anything I need to know about the usability of TAILS?
that downloading tails is a flag in xkeyscore, so good luck getting away with that if you are genuinely worried about the feds..
>>
>>61057460
>does all the traffic go tru vpn?
are you aware what a vpn is and does?
>>
>>61057359
Don't.
>>
>>61057512
im pretty sure what it is. im just asking
>>
>>61057577
so if you know its a tunnel that passes all traffic between you and them, what do you think is going to happen to your portscanning?
>>
>>61057460
>>61057577
You shouldn't be portscanning from your actual machine (or IP address), you should be using pubic WiFi and a burner laptop, or pubic WiFi, a burner laptop running Tails from a Live USB to access a distant extraneous machine that acts as your 'workstation' and intermediary. - Never keep it local.
>>
>>61057845
>a burner laptop running Tails from a Live USB to access a distant extraneous machine that acts as your 'workstation'
im going to ask you to repeat this outloud.
Once you verbalise it and hear how fucking stupid this is, i hope you come back and delete your post.
>>
>>61057867
There's literally nothing wrong with it you contrarian, fuck off with your effete nonsense and inflated self worth with the delusion that you have any authority over anyone on the Internet.
>>
>>61037471
>>61037730
Developers don't post commits yet but one did https://git.teknik.io/gyroninja/netrunner
>>
>>61057898
>There's literally nothing wrong with it
Alright here we go
>tails
>tor
Triggers for xkeyscore.
>tails as a jumpbox into your work machine
You know what stops you needing to trash two pieces of hardware? Removing the jumpbox and working off the burner laptop, whose purpose is to do work and be disposed.
>access a distant extraneous machine
How the fuck you going to set this machine up on the network with no traces hey? Have its own ISP set with fake details so it can even be accessible by your jumper laptop? And then what? The work machine has your logs, MAC addresses etc. You scrap it AND the burner?
Almost pointless since the traffic has still flown out of the work machine into the greater world to be accessed by your jumpbox.
Youre adding an extra step in there to look smart.
Heres a better idea.
>burner laptop
>kali live so you dont waste time and resources downloading tools
>public wifi
wow look at that its the same fucking thing but actually useful.
TAILS isnt the magical thing you LARPers think it is.
>>
>>61057970
You really want to do this?
I'll give you one chance to back down.
Remove your reply and I'm willing to forget this ever happened.
>>
>>61058017
dos me faggot
168.192.1.1
>>
>>61058037
Whoa, you're mature.
>>
>>61058053
Says the dipshit posting >>61058017
come on man, refute my points. tell me in your infinite wisdom why i would purposefully make my breadcrumb trail longer?
>>
>>61057970
is there any benefits of using kali in virtual machine? can i for e.g fake my mac address easily or something like that?
>>
>>61058089
I only sent that because of your comical posts: >>61057867 and the start of >>61057970. - I was using mimicry to ridicule.
>Triggers for xkeyscore.
And?
You're using a public WiFi (which you could be accessing from outside of camera range, via a directional antenna), spoofing a bunch of identifying data and probably using SSL to connect with your extraneous machine. - In other words, it doesn't matter.
>You know what stops you needing to trash two pieces of hardware? Removing the jumpbox and working off the burner laptop, whose purpose is to do work and be disposed.
>Being overly cautious is bad.
Said no one in the underground sector of computer security.
Also, I'd like to note, I probably wouldn't use a 'burner laptop', but rather have a laptop solely for that purpose. - It is unlikely they'll catch you.
>Screed about the 'distant extraneous machine'
Use an anonymously sourced private server paid for with cryptocurrency.
Why?
It'll add another layer of anonymity and since you're only running Kali from this and not using it to store personal data (and accessing is through Tor) there is no connection to you.
>burner laptop
>kali live so you dont waste time and resources downloading tools
>public wifi
>wow look at that its the same fucking thing but actually useful.
They will be able to easily track the location you accessed from and use camera evidence to find anyone using a laptop within the victinity. - Whereas mine would be too much of a bother and unless you deserve to get caught, they wouldn't bother.
>TAILS isnt the magical thing you LARPers think it is.
Says the LARPer who doesn't want to use any abstraction and simply wants to run the risk of them:
>Not being able to find you through camera evidence.
I'd rather not have to take that risk.
>>61058252
>Listening to the retard.
Don't come crying to me when you're sharing a cell with 4chan the Hacker (>>61058089).
>>
>>61058273
>>Listening to the retard.
but still u didnt answer to my question
>>
>>61058304
Use Tails to access a private server with Kali on it.
>>
>>61058273
>In other words, it doesn't matter.
>It is unlikely they'll catch you
>Whereas mine would be too much of a bother
Interesting.
>Use an anonymously sourced private server paid for with cryptocurrency.
And how does this machine connect to your server, matey?
>>
File: I'm so angry I named this file.jpg (53KB, 640x576px) Image search:
[Google]
53KB, 640x576px
I want the /sec/ kiddies to leave.
>>61057970
>>61058252
You can change MAC address of any network device, you dumbfucks.
>>61058252
And you are even dumber. It's irrelevant if you set custom MAC for your virtual interface, if it will still be using the network card of the host machine, and that means using its MAC, unless you set the network interface to use macvtap in VEPA mode.
But you probably don't even understand anything of that.
I am a Linux sysadmin, but god, how I hate all these stupid scriptkiddies, that think they know shit, if they use some premade Linux distro for pentesting.
>>
>>61058333
>And how does this machine connect to your server, matey?
Do I really need to explain that too?
>>61058333 and >>61058304 see >>61058342 for a MAC related beating.
>>
>>61058378
Oh wow. Oh fucking wow. So youre going to use your burner laptop to hop into your own machine that has mac spoofing set up, on your own internet connection youve set up yourself to connect to your private server, performing the work not from your burner, but your own machine on your own connection.
just so people cant recognise you on cameras. instead of oh, i dunno, wardriving with a burner and working off a single disposable machine.
>>
>>61058418
>I'll just drive around in this car with a number plate registered to me.
>But those cameras recording my number plate aren't an issue!
Whoa, you're 'so smart'. :^)
>>
>>61058454
>But those cameras recording my number plate aren't an issue!
thats your fault for living in a nanny nation, really.
>>
>>61058418
Also, reread my plan, it literally doesn't involve the majority of what you said it does.
And I don't think you're quite understanding the concept.
>>
>>61058475
Oh yeah, shit, I chose to be born here and not currently have the means to just back-up and move to a 3rd world shithole.
>>
Need a LR network adapter for war driving. Can anyone recommend me one? I hear good things about this one.
https://www.amazon.com/dp/B003YIFHJY/_encoding=UTF8?coliid=I2P38WIQR40K7R&colid=32QE9Q6KC6MDK
>>
>>61058342
>I want the /sec/ kiddies to leave.
and you never have been "sec kiddie"?
>>
>>61058342
"you dump as fuk"
i think you are the kiddo here
>>
>>61058342
we must help the kiddies. I can tell you are young in your career and full of yourself.
>>
>>61058757
Not really, but I also haven't been much interested in pentesting and security topics, which makes it hard to label me as anything "sec".
Learned to hack WEP protected networks some 10 years ago, and that's pretty much it. It's still a very useful skill however, even today.
>>61058777
In which field do you consider me being "young"?
>>
>>61059172
you said you were a linux admin
>>
File: 1497879306378.jpg (10KB, 111x189px) Image search:
[Google]
10KB, 111x189px
>>61059262
I indeed did.
>>
I'm a visitor from shadowrun general, I approve of what's going on here.
>>
>>61059614
Have you read the whole thread, or just looked at the OP pic?
Thread posts: 138
Thread images: 21
Thread images: 21