/cyb/ + /sec/ general: cyberpunk and cybersecurity: serial experiments

>>61225756
Why did she kiss the kid?

Lain was a fucking slut.

>>61225756
Cyberpunk has nothing to do with cybersecurity.

>>61225795
You worm.

>>61225803
>Cyberpunk features cybersecurity alot.
>Our world is becoming cyberpunk and cybersecurity is one of the means to combat it.
>Has nothing to do with it.
What?
You're wrong.
And this is shitty bait.

>>61225803
Someone bitches about it every thread, just face it, we need cybfags or the general isn't active enough.

hey /cyb/ + /sec/, I really want to secure my network and PC, I've been really reckless in the past and have used simple passwords, no vpn (now i use nord vpn), havent encrypted any drives for the fuckos, barely any steps to ensure security and privacy have been taken. what do you guys recommend I do to secure my data and freedoms?

>>61226155
What OS you using?

>>61226164
using Arch on XFCE desktop environment

>>61226172
Ok, good. You're already halfway there.

Is there such a thing as a secure password manager?

I'm sick of password reuse, as I'm sure it's going to cause me problems down the road.

>>61226331
try storing your passwords locally, or just in a book or hidden in a book you can casually bring with you that wont be stolen
Ex: Written down passwords in a book about Python or C#

>>61225803
I like cyberpunk though

>>61226331
bit of a cynic reply but
paper

>>61226172
what else? any tips other than whats in the OP?

=== /cyb/ News:

>Call for a ban on child sex robots
http://www.bbc.com/news/technology-40428976

The headline is rather tabloid, the contents of the article is far broader, and more interesting.

>But Prof Sharkey has doubts about how human-like such dolls will become.
>"I can't see them as being like humans in the next 50 years. They will always be slightly spooky, and their conversation skills now are awful," he said.

>>61226769
>http://www.bbc.com/news/technology-40428976
Why has the BBC become so baser?

>>61226769
>I can't see them as being like humans in the next 50 years. They will always be slightly spooky, and their conversation skills now are awful," he said.
Doesn't matter if we combine it with VR BABY

>>61226331
the way i see it there are two types of adversaries. the script kiddie to mid level and the high to state level actors.
for type A something like a local password manager is good and secure given you follow safe practices (don't open sketchy links, close down your browser, etc.)
type B really isn't possible to defend for, since it is assumed they have unlimited funds. GPG and the like could probably deter them, but if you catch their ire, you are probably donezo.
Type A are my main adversaries, so feel ok using pass as my password manager. but hey, maybe i got it all wrong and someone here can show me the light, security through obscurity isn't a thing after.

hey anons, i just found a post that is shocking realistic on a /cyb/ site
https://www.cyberpunkforums.com/viewtopic.php?id=3857
addiction to information.

>>61226942
>donate with paypal
could be bitcoin/eth/other assorted buttcoins, but nope had to be paypal

>>61226172
Check OP m8. Beside resources should he a "/sec/ level tier" pasta.

>>61226795
There are times I wonder if BBC staff follows 4chan. They have had plenty of articles on 4chan in the past, especially one on Cicada.

>>61226796
My thoughts exactly. You can confiscate physical products at the border as the Canadian guy has found out. A digital version is harder to detect and also harder to enforce a law against. There is already some case law regarding pictures of adult models where the pictures were regressed in age. This, the judge found, was not cp. Of course new rulings can differ.

i found this music video weeks ago and forgot to share it here, just the mood and the set it gives makes it feel cyber

https://www.youtube.com/watch?v=H5rcE0ixytY

>>61225060 (from reply to question in last thread)
Vuln research and exploit development in general can open many doors for you: it is an extremely valuable skill to have (it could/can be one of the most financially viable skill(s) in this field)., and relatively few people have any capacity for it, let alone a talent for it.

There is a broad canvas of places this skillset can bring you too: you could work for almost any branch of the defensive InfoSec/NetSec tree (AV/AM companies, in analyst positions within service providers akin to Secure Works, in an engineering capacity developing/improving signature based/heuristic detection technologies).

On the offensive side, you find yourself doing anything from selling custom exploit kits on darknet markets, to investing yourslf in serious zero day research for the purpose of sake trough a broker. or just collecting bounties on products and programs.

I know of a guy who makes a really good living finding buffer overflows/memory corruption issues in SCADA/PLCs/Industrial Infrastructure and selling them to brokerage firms.

You could definitely go the Red Team route too; having someone who can get you ingress via custom exploits is invaluable.

If Vuln research is what you want to do, then you definitely are going to have a ton of options now and in the future.

What are your thoughts on non linux operating systems like BSD?
What about non UNIX such as Redox OS?

What's /sec/'s choice in browser? Currently considering Iridium and Icecat.

>>61227822
I've personally never used it, from normies i hear its great, better than linux in some cases.

From /g/, I havent seen any recent discussion or shilling about FreeBSD lately.

>>61226942
Oh shit anon. This really is me.

This is why I deleted my fb because I was constantly refreshing it, but now I think I'm more productive because I refresh HN or this place or some blog four times a day

I don't know what the answer is other than discipline

>>61227756
>this entire post
That all sounds fucking amazing. Christ, I need to level my skills up. Why the fuck didn't I start ten years ago?

>>61227932
Lol sometimes I feel the same, but it was only around 5-7 years ago. I dabbled on and off with coding but could never get far since I felt like I never understood anything or how to apply it, but now I'm going in balls deep. We're all gonna make it brah.

>>61225803
Science fiction has had an incredible effect on the course of science, especially rigid disciplines such as the various branches of Physics.

Authors like Isaac Asimov inspired generations of scientists who changed the world.

I do not see cyberpunk as any different in its effect on cybersecurity; in many ways, cyberpunk media makes us reflect on many magnitude of human and socio-politica/socio-economic issues regarding technology.

Even the basic application of cybersec skillsets involved in the defacing of a website in defiance of some unethical corporate entity shares a parallel with many cyberpunk themes.

At least to my mind, at base, cyberpunk represents technologies effect on any individual or group's humanity.

In our current age, much of the technology that fits the latter definition resides on the internet (especially in the pseudo-realities created by social media) or in the scope of computer technology.

Cybersec are the disciplines that alllow you to effect the latter change in the technology effecting both your and civilizations humanity.and thus effect your humanity.

Personally, I know that cyberpunk has made me care more (and better recognize my responsibility) in my occupation managing a Cybersec Lab.

>>61226155
>have used simple passwords
If you haven't already, start using a password manager and replace simple passwords with longer, randomly generated ones. you can do this one-by-one, i.e. whenever you log in somewhere by typing in a password, change it for this particular site.
>havent encrypted any drives for the fuckos
if you haven't already, crypt them now. not only your pc/laptop but also your phone

>>61228046
what applications do you recommend for me to use to encrypt my phone?

>>61227948
>in my occupation managing a Cybersec Lab.

maderas? Are you here again?

Your posts in the last thread and the guy posting his latest hacks have made me think that the textbooks im working through are worth fucking nothing, since they both focus on metasploit for a significant portion of the book (georgia weidmans intro to pen testing and hackers playbook)

What the fuck should I be reading and working through that's applicable to the real world?

I thought exploits and shit were important to learn..

>>61226331
If you are on a UNIX(-like), give pass (https://www.passwordstore.org) a try. It's basically a well wirtten shell script that wraps gpg and pwgen and can synchronize via git. Ir you are extra paranoid you can use a yubikey or a smartcard for the gpg crypto. If you are not into cli programs, there exist also many GUIs for it and also dmenu and rofi scripts.

>>61228054
This can't be done with an app, you need support from the OS. Both Android and iOS have it built-in in all recent versions.

>>61228094
I pretty much always have a tab open to this general. I feel this place is worth investing my time and it entertains me through many 16 hour days.

DOn't feel that way about Metasploit, especially if you are just inside a year or two of your studies.

Being able to use Metasploit is a huge boon, especially early in your development. It's when people don't learn to program and rely solely on tools like Metasploit (or if they aren't working toward independence) where there is a problem.

Metasploits auxilliary and post exploit modules can be extremely valuable, and Meterpreter is still one of my favorite tools.

The Hackers Playbook is definitely a good book man, especially the enumeration sections.

Most of the tools we mentioned come a little later when you have proper theory in place for achieving ingress (which usually comes down to solid enumeration).

Just the fact that you questioned your materials shows you are doing fine. So chill and enjoy the journey; develop the methodology and workflow that works for you(especially where enumeration is concerned).

ANd if you ever have any questions I'll likely be here and supply an answer eventually.

File: 1499072473625.png (955KB, 766x591px) Image search: [Google]

955KB, 766x591px

>>61225756

If I had to choose between a certification to get, should I go with CPTE or CompTIA Security+?

>>61228277
Different anon, but in addition to these, thoughts on OSCP?

>>61228277
Disclaimer: Certs are always a tricky thing in this field.

The Common View: The Upper Echelon companies don't really care about them except maybe the OSCP and GPEN; they want to see projects and experience and education.

Most of their decision will be made based off of conversations regarding security they have with you during the interview where your future co-workers will be heavily involved.

Yet where certs are also concerned, the OSCP isn't generally (officially) regarded by the DOD and some other US governmental employers.

My view:, I think if you are just trying to break into this business (especially with the wealth of job postings out there), that certs with projects (Github, web page detailing projects and/or research) will get you your first job (or at least past HR for an interview) so you can get in the door

Some form of prior IT/programming/development work is a huge boon as well.

WIth all that said, I'd go with CPTE; Mile2 has gained some traction by providing training to US and Canada government/military bodies.

For all intents and purposes, it seems to be regarded as a cert that necessitates greater technical understanding then Sec+.

>>61228540
I don't know if you are aiming this at me, but if you are going to get a cert, I'd recommend the OSCP.

Again, my prior comments and disclaimer on experience, projects, research, context, (etc.) apply.

>>61228265
You the real mvp man. Thanks a bunch for chilling with us.

>>61228114
pls tell me they're not backdoored :'(

>>61228573
>CPTE
what you said about defence adoption is nice, but holy jesus their site looks fucking dodgy as.

>>61228653
Nah...I'm just another dude chilling with some interesting cats in my favorite non-pc corner of the interwebz

>>61228690
Yeah brother, if I remember right they were shilling against the the ECC and the CEH pretty hard for awhile (which left a bad taste in some peoples mouth).

They are a legit company though. When I weighed your question I was only concerning myself with what will get you past HR and in contention for a job.

That being said: mile2 itself seems a bit dodgy all around; sometimes the steps on the path are shady.

>>61228690
Has the following certifications aligned to site network architecture: Security+ and
Cisco Certified Network Associate (CCNA) or equivalent (ie, BCNE for Brocade, etc)
I see this for almost every job contracted with the
US government / military.
Can't speak for Canda.
Just understand the content, then flash memorize practice exams.
I know you didn't ask about CCNA, but if you do it memorize a subnet chart so you can do the math really fast.
Both are really easy.
Certs are certs though, what people expect could change in a few months or years and they expire.

>>61228800
hey anon, what laptop do you personally use, if you dont use one, what do you think about the /cyb/ anons who use thinkpads or etc.. for security measures or pentesting or hacking/programming? really curious as I've only been in these threads for a couple weeks, nearing a month and a half.

Thread is talking certs so when is a cert worth renewing? I got the CompTIA Sec+ to get into the field and succeeded, now it expires in a year but I don't see the point in renewing it when I'm going to be working on higher level certs now. Besides, when I help with interviewing I don't really care if a cert is expired, I just take it to mean that candidate didn't feel like paying more money for no tangible reason.

>>61228881
If you have an expired cert and the company you want to go to needs it, they will most likely hire you and require you to renew the cert within the month.
At least US government contracted companies will even pay you to renew the cert.
You are absolutely doing it right.

>>61228881
>>61228990
Forgot to say
Some certs like Cisco might need to be renewed while you are still employed because the company gets discounts on Cisco equipment if enough of their employees are certified (great scam I know), but usually your company will pay for that and if you get the next level of a Cisco cert it auto renews the previous ones.

File: 13IAa.gif (499KB, 425x315px) Image search: [Google]

499KB, 425x315px

>>61228990
>>61229015
Thanks, I somehow never thought of companies paying to renew it if they need it, good tips, have a birb.

>>61227822
Not a BSD, they look like a scam and probably are like in the case of FreeBSD in which you work for Cisco, but is also lacking a lot things and adds practically nothing. The Hurd is different, the structure is well thought and even if is just a concept is already something else.

Non Unixes are plenty, but then again not many offer something distinguishable. You probably saw the Plan 9 thread, so let me tell you some Unixes already taken good ideas from it.

The only other OSes really worth to mention are FreeDOS, KolibriOS, JNode, ReactOS and the FreeVMS project. We know FreeDOS already works and is a lightweight alternative, KolibriOS is even more lightweight but because everything is assembly and you can't ask every developer to do that. JNode is more interesting, it works in pure Java I think, and is supposed to be only for Java applications. ReactOS came late to the game and I don't think it worths more than for developing WINE, which they cooperate. The best alternative OS is not explored enough and is FreeVMS, which thought to have an environment and be a dedicated server.

In my opinion, pay no attention to other OS other than FreeDOS, FreeVMS and the Hurd. Collaborate on those three projects when possible.

>>61226829
i'm most concerned with state actors as everyone else should be.

>>61225237
i strongly disagree. the market can better provide the services that the state has monopolies over. taxation is theft.

>>61227838
whats the difference between iridium and chromium? i use chromium with a few plugins. canvas defender changes my fingerprint (they're working on an update for it to change with every tab automatically) safescript (noscript) privacy badger, https everywhere, cookie autodelete, webrtc disable, ublock origin, active user agent. are there any other recommendations?

>>61225803
Have you read any of the cyberpunk books? Like Neuromancer? Or Count Zero?

What does /cyb/ /sec/ to consider the best way to set up a 'secure router'?

>>61230276
Get a NGFW/UTM for layer 7 application scanning to protect against advanced threats
Set up the firewall to allow by exception
Change the default password

>>61230315
How does Smoothwall rate?

>>61225756
>>nothing to hide? please.
>https://youtu.be/pcSlowAhvU
tdlr?

>>61231008
It's 20 minutes not 5 hours you lazy fuck.

>bunch of kids on /g/pretends they are le hackers anonymous by encrypting their anime folders
>to ingnorent to realize that their pc's always have Intel ME botnet enabled

lmao

>>61231411
yeah ive got other things to do though, like and

>>61231542
>Intel ME
>not reverse engineering intel's entire processor architecture and constructing your own chip from scratch
pleb

>>61231592
>not living in the forest without any electronic devices where evil corporations can't get you
plebier

>>61231662
>selfishly hiding from the evils of the world instead of putting in the effort to make a difference for your fellow man while keeping yourself safe and anonymous
sometimes hard work pays off anon

>>61231542
>not using an fx cpu
enjoy your botnet.

>>61231542
>she doesnt route all tcp/ip traffic through a risc-based whitelist-only firewall, free of botnet worries

scrub

>>61231542
>Not using a pre-botnet ThinkPad.

>>61232260
>cpu infects packages
>host that recieves has a backdoor too
>fowards to desired address

>>61232304
well, ok.

>>61226380
>secure

>>61232304
This is what makes backdoored hardware so scary.

>>61232635
>not writing your passwords down as a caesar cypher and reordering the characters in a way only you memorize and having no legible words in your passwords

>>61232685
pretty much, and its something often overlooked. if your router and cpu are backdoored for example they have a secure coms line you cant detect

File: ebcb72e67dc1d1a558bb7bf7cd32dab7.jpg (626KB, 1895x802px) Image search: [Google]

626KB, 1895x802px

Augments irl when?

File: IMG_1304.jpg (210KB, 879x1024px) Image search: [Google]

210KB, 879x1024px

Now that CNN is trying to shut down 4chan. What do we do?

>>61232792
Call everybody niggers, faggots and niggerfaggots.

Anyone else crack their neighbors WEP wifi networks?

Feels /cyb/ as fuck to drive around sniffing packets

>>61232792
This post is top lel material

>your IP is being traced you damn racists! shut it down!

>>61232800
Don't forget cucks if they're white.

File: IMG_0898.png (813KB, 947x792px) Image search: [Google]

813KB, 947x792px

>>61232792
Imagine if CNN got 4chan shut down.

Imagine all the people who's primary social outlet is 4chan and vidya with total rage. Imagine the response.

And then CNN think twice what you are doing.

Hey, if I wanted a good way to manage my passwords on both pc and android, without being in the botnet, what could I do?
My thoughts were:
-find a good password manager (but I am wary of that)
-make a text file, password protect it somehow, and upload it to Dropbox, and then inside the text file list all my passwords but using a ceasar cipher to shift them all, and only have the key in my head. Is there a way for me to password protect a text file reliably?

>>61232792
HAHAHA GOOD FUCKING LUCK

>>61232851
Either use gpg or write it down in a notebook

Lain is so ugly.

>>61232807
I live in a middle class suburban area, nobody is using a router ancient enough to use WEP as default. Feels bad.

>>61232934
Sniff WPA handshakes and try to bruteforce or dictionary attack it

>>61225756
back to l*inchan faggot

>>61232971
I might try that. Is a bruteforce method actually viable for a decent length password (8-9 characters), though?

>>61233107
No it takes a long fucking time for 8 alphanum chars (which is the minimum)

>>61232792
Isn't this quite literally illegal?

File: l.php.gif (131KB, 500x256px) Image search: [Google]

131KB, 500x256px

Deep down you know cyberpunk has nothing to do with fighting the corporation boogeyman, it's just a scifi genre about futurism and a specific aesthetic, you just force that name into your hobby to sound cool

File: 1.jpg (21KB, 416x417px) Image search: [Google]

21KB, 416x417px

>>61232792
"WE DEMAND YOU SHUT DOWN ONE OF YOUR MAJOR PAYING CUSTOMERS BECAUSE THEY HURT MY FEELINGS!!!"

How can I find information about this ip?

74.14.180.202

Is it safe or full of Malware?

>>61229600
>whats the difference between iridium and chromium?
The difference is that Chromium still sends your shit to Google. Unless you use Ungoogled Chromium.

>>61232792
>awaiting for their accounts to be shut down

>>61233240
Just read this thread, or any of the previous ones.
Shitposters like you have said this, often multiple times a thread and it gets shot down every time.
This time, I'd like to not waste any time and simply tell you where to look for your answer.
Thanks, now fuck off.

>>61233408
not an argument

>>61232766
When the biotech industry gets a license like the GPL, otherwise you get patent trolls.

>>61233327
>ungoogled chromium

>>61233438
Could it be that maximum lawmen would force a company to remotely shut down their patent infringing IOT augments? I would imagine companies advertising that they would never shut down internet enabled augs and thousands of people falling victim.

>>61233478
What makes you think they let patent infringing augs in a first place?

Seriously, if you want augs you better find some patent and make it GPL, ASAP.

why do people recommend XMPP+OTR over tox?

File: 1472056610441.jpg (383KB, 1165x1155px) Image search: [Google]

383KB, 1165x1155px

>>61232792
Someone has to be truly fucked up to try and ruin a website where something as wholesome as this can happen.
https://archive.nyafuu.org/out/thread/989538/#990242

I'd recommend just looking through it, it's super nice.

File: 3aPmIE7.jpg (227KB, 1920x1080px) Image search: [Google]

227KB, 1920x1080px

Anybody else in this thread hear the proposed United States Space Corps (USSC)? Anybody else question why we need to be able to suddenly fight in space?

>ywn be 18 and approached by USSC recruiters

>>61233878
it'd be cool but we'd just be sending ourselves off to death, we havent even traversed deep space yet, we wont find shit on planets or moons that would interest us (not including titan)

>>61233258
Do a whois search and then connect to it from a virtual machine, maybe?

just got an x200 that respects muh freedumbs, what should i do when it ships here? get libreboot? install gentoo or arch?

>>61234179
Install tails

How do I pollute a wifi network? I am looking for something like ddos. Would constant scanning at the particular channel work?

>>61234413
for testing your own network, i recommend LOIC

>>61234413
Hey I can help

Look up how to use aireplay-ng
Send thousands of deauth packets

Should slow things down a lot

>>61233419
It isn't meant to be an argument, we aren't arguing.
I'm telling you.
So it is a statement.

File: 1388138576916.jpg (66KB, 800x600px) Image search: [Google]

66KB, 800x600px

>>61234459
'course it's my own network. ;^)

>>61234476
This is absolutely brilliant. Time for some devilish amusement.

>>61226942
it looks a lot like "the fear of missing out"
https://en.wikipedia.org/wiki/Fear_of_missing_out

Accidentally entered important info to a site that didn't have HTTPS, what do I do?

File: trump.gif (952KB, 440x248px) Image search: [Google]

952KB, 440x248px

>>61232792
I dont know about you but I am ready for some serious memewar faggot

>>61234792
Cry.

>>61234792
>fucked a guy who was HIV postive, how do I go back in time?

>>61234849
Almost at that point

>>61234869
Am I really fucked

>>61234883
Is anyone auditing your network? That answer is the same for if you're fucked or not.

>>61234905
Sorry I'm kind of computer illiterate so I'm not sure how to answer that. But I was at home using my own internet.

>>61233038
you mean lainchan.jp

>>61234932
If anyone was checking your outcoming packets they have your creds. Also your ISP has them now saved in their logs somewhere.

>>61234994
Is it possible to check if people were checking?
Also how bad is it if they know my name, address? I know CC info is bad, but I might get a new card after this incident.

>>61235012
Honestly I'd cancel that card just to be safe

>>61235053
Yeah, I'm probably gonna do that after my payment goes through

>>61235012
Essentially, if anyone was intercepting your internet communications then they will have your info. This is kind of like saying something embarrassing on the phone and being paranoid that maybe someone was wiretapping you. Your ISP could have made a copy if they wanted, but they won’t have. Assuming that you are the only person using your home internet connection then you should be good.

>>61235183
Thank you. After looking at the 192.168.1.1 page, it seems that nobody else is using my internet.

>>61232851
There is masterpassword, which works by having a username, site name and master password to generate passwords. Because of that, you don't actually have to sync. Any and all passwords are computed with the same algorithm.

>captcha: faggot slow

File: ComodoBrowserLogo.jpg (10KB, 300x163px) Image search: [Google]

10KB, 300x163px

>>61227838
fuck iridium, it still phones home to google.

you're much better off using firefox or a firefox fork, if you are like me and just love to use chrome based browsers look into comodo dragon, nice security based browser with no connections to google

Jinteki still offline, anyone heard any news?

>>61235832
thanks for the rec but I decided on icecat after reading up a little more

>>61234182
>Install tails
>install
>tails

>>61236386
You'll quickly find a lot of these people concerned with privacy spout TAILS as the answer to everything while having never used it themselves, and not knowing downloading TAILS is an xkeyscore trigger

So I'm setting up CentOS on my main comp and it's going alright. Is this an alright distro if I care about privacy and security? I haven't really seen much saying its good or bad in that department.

I'm aware that it lags a bit to get security updates due to how RHEL backporting works, but that's about all I know.

File: m4ster-s1ave.aes.png (498KB, 2862x1600px) Image search: [Google]

498KB, 2862x1600px

The world is very much shifting towards a cyberpunk timeline.
The economic and social structure is in identity crisis and taters as it has lost sync with narrative, flow, and fundamental value. Observably, the post-modern discontent rises yet falls short of outlets.

The software sector, centered on milking its cloud revenue model, has stagnated to a high degree and is ripe for fundamental disruption. Meanwhile, the hardware sector, compelled by warring and misdirected forces is accelerating at a breakneck pace. The sheer amount of affordable compute power almost begging for someone to come along and fundamentally reshape the landscape...

In a futile attempt to find a haven away from existing monetary systems, people are assigning unimaginable values to distributed data bits, hoarding computer hardware, and consuming precious energy to manipulate the bits beyond being compromised.

The world has become increasingly reliant on bits on a wire...

So, here we stand upon the precipice. The gap. The void.... Separating this timeline from the next.
Those tethered in have an increased sense that habbenings are abound but slightly out of reach. It's reflected on chan, the growing chasm between the various communities on the internet/in the world, reflected in MSM, reflected in memetic energy, reflected in religious pronouncements about the signs of the times, reflected in corporate slogans, numerics, media, art, music...

A dank meme just sent shockwaves through the country. Everyone knows the equity valuations are wrong and it will crash but no longer have control. Comment sections of hardware review sites are memetic war zones. The first shot in the Core(an) war has unironically been fired. In the future, kids will ask where you were when it began. There is a sense that something big approaches on the horyzen.

Although just about everyone is connected, not all are (connected).

Cypher-punk

Hot thoughts...
> https://www.youtube.com/watch?v=IUSdDIspy_A

>>61236613
Yeah, I am more concerned about bad OPSEC keep rolling in a community than letting an anonymous guy be in a program he probably already is anyway.

Is sad and dangerous to be on the black on these things. The lack of knowledge and ultimately of education is what make our modern world a dystopia.

>>61236787
tl;dr, please communicate this to me via a meme please, as a child in 2051 I cannot injest this information any other way.

File: all is lost.jpg (3KB, 125x108px) Image search: [Google]

3KB, 125x108px

>>61236819

>>61236787
Deep, need to process before giving an opinion.

>>61226331
What's wrong with keepass?

Any VPN's that charge at least below 8 dollars monthly you guys recommend?

>>61228848
My employer provided me with an HP ZBook with 32gigs of ram- It has Windows 10 installed which the companies communication software is realiant upon....it would be such a great l-aptop if Windows wasn't fucking it up...what a waste.

2) My personal machine is a Thinkpad x220; it is small, portable and innocous. It can run Qubes and Coreboot or Libreboot.

I fell for the meme and am so glad I did.

For hacking/pentesting, up until 2015 I used a 2007 Macook with 2 gigs of ram and Leopard 10.5.8.

I also have penetrated multiple client networks to this day with my Nexus 2013 Flo running a custom Nethunter rom.

It isn't about the power of your hardware as much as it is about how much you can trust it and what you can do with it.

>>61232792
I can't say much more due to NDA...but yeah, if she's preaching about shutting down 4chan from CNN, I hope they have improved the security of their site.

File: a3294257581_10.jpg (297KB, 1200x1200px) Image search: [Google]

297KB, 1200x1200px

>>61236819
> Child in 2051...
(Cypherpunk) : Memes, of a certain class, will take on a far more sophisticated tone and flavor in the future. Representative as such : See pic.

>>>/pol/132156050
https://www.youtube.com/watch?v=aFUzvbkEvRk

Catch you on the flip side.
ʞ≡K

"be sure to go into options, then security, and uncheck block malicious content."
why i have to do this in firefox?
its in the pastebin but i dont get it

GPUs are so overpriced nowadays.

>>61227756
Wow! Thank you so much for answering my question with such a detailed response. I have been greatly enjoying the process of fuzzing for vulnerabilities, building exploits, making them reliable and then seeing how I can be more efficient to do it all over again.

It's very encouraging to here from you that there is a future for me to do this work as a career. Thank you again!

>>61237200
Thank you Anon for responding with a descriptive answer, that helped. I have recently order a thinkpad x200 because the majority of x220s i found had great prices but outrageous shipping, and so i was curious of your opinion and what you personally use.

>>61226380
I've had this idea before, but never got around to doing this. Having a small notebook/moleskin in your pocket with all your passwords could be quite nice security-wise, but then again would it be better than, say, something like KeePassX? In what ways?

>>61238428
the best passwords are the ones you dont remember, anon. just use a pencil and paper, better yet, just write your passwords in a reading book you can occasionally bring around with you

>>61229429
>Not mentioning Haiku

>>61236783
I asked the same question in the linux general and the few responses I got told me CentOS is a bad idea for a daily driver but they gave no real reasons why. Not sure if I got trolled

>>61238570
Old packages are probably a reason, but I personally prefer Devuan and that is my reason for not using CentOS.

>>61232792
She dosent know what shes dealing with

4chan is just the beginning, 8ch has all kind of ghouls

>>61233327
i use chromium-freeworld from the untiedrpm on fedora. is this ungoogled chromium?

>>61233438
>>61233478
patents and copyrights and trademarks are all artificial to the market and shouldn't exist

I've seen a YouTube channel around that looks pretty cool; he put up videos on how to make some of those hak5 tools like pineapple, rubber ducky etc with some cheap chink shit

I was thinking about building them for fun, but I dunno I kinda feel like they are useless tools and I'd just be wasting time doing it

>>61225756

Anyone have a quick guide for handling a (fairly minor) personal cyber incident? Looks like a friend of mine has had accounts compromised and some hacker is attempting to ""cyberbully"", wondering if there is a quick way to fix things and secure vulnerabilities.

>reset / change passwords for everything
>maybe a new e-mail address?
>run malwarebytes
>fwd info to local police?

Anything else? Can't find a condensed guide.

>>61240652
>fwd info to local police?
Like they give a fuck

>>61240717

In Canada they might. More of a "fuck you" to the person intruding (assuming they aren't very sophisticated) than anything else.

Still going good.

>>61232792
I hope she realizes she's shit-talking twelve year old anime girls.
On a more serious note, I feel the word islamophobia, ridiculous as that word is for implying islam is unreasonably feared, has been changed from anybody who's scared of sheepshaggers to anybody who doesn't want to pray 5 times a day in the direction of the bbc(big black cube).

>>61240652
Its maderas OP.

The first few are good; I don't know about going to the authorities. It depends what your friend is into.

I would reinstall the OS; anything that they absolutely need file/program wise should be scanned individually offline with another AV/AM installed via a USB from another computer (hopefully one the user hasn't accessed himself).

This would actually be helpful for the first AV/AM scan. Rename the AV/AM application and it's foldername before installing.

If your friend is more advanced. I can hook you up with a pretty good guide from Bleeping COmputer.

WHat I mean, is the USB and the AV/AM stored on it should be downloaded from another machine and not be an AV/AM the user has previously installed/used on the ,machine

Booting into safemode when doing this without a internet connection is best. Advanced ma;lware will use proxies to obfuscate themselves and or tamper with the AV/AM if they recognize the program name.

ALso, they should use WIreshark to identify strange outbound connections after following the remainder of what I stated.

>>61233878
It's just a restructuring of the Air Force's space-related departments into a separate branch. It's a good move, but we're not getting space marines or anything.

>>61233878
>Anybody else question why we need to be able to suddenly fight in space?
Where do satellites live m80

File: 1466492042968.gif (71KB, 864x496px) Image search: [Google]

71KB, 864x496px

>>61241540
>fearing islam specifically
Islam is merely a vessel for radicalization.

I'll tell you why this is related to /cyb/.
Right now radical thought is spreading like wild fire across the wired. Mainstream media and "the establishment" (pre whatever is coming) are doing everything their closed minds can come up with to stop it, but the old tricks are merely fuel for the fire.

It doesnt matter what the vessel is, as long as it can be bastardized into an inspiration for disgruntled angry youth across the globe. Depending on your culture the vessel is different, it just has to lie near your already held beliefs. If it has a tinge of radical to it, its blasting across the global network forum to forum, meme to meme. Just look at Fascism, Marxism, Anarchism, Nationalism, Islam, Racism. Stupid things that belonged in someones closet ten years ago now resurfacing into banners of destruction and identity promoted by increasingly angry banter across the information highway.

Gibson called them subcults. The man cannot stop them. They are free of form, impossible to grasp and squeeze. 100 violent blood thirsty hydras hooked into the unprotected and unprotectable vascular system of the Human Colossus.

Unpredictable, borderless armies without payroll, symptoms of systemic exploitation and a centuries worth of status quo left unprepared for the coming singularity, are bubbling beneath the surface, arming themselves, training for what lies just beyond the horizon. The identity wars are coming anons. ISIS, the alt-right, the radical left, fascists and anarchists, grinding their teeth, screaming revolt while the establishment begins to lose its footing and grasps in desperation and the great wheel of time turns ever closer to the event horizon of an irreversible technological singularity for which humanity is vastly unprepared.

Its gonna be a good one boys.

>>61240652
>>fwd info to local police?
Depending on where you are they will solve the case by arresting you.

Im a bit new to /cyb/ /sec/ but I really want to learn. My personal computer has win 10 but my other computer has linux mint on it right now. What OS should i put on my other computer and what can i do to make my personal computer more secure without removing crap win 10?

File: 1467897747752.png (54KB, 800x322px) Image search: [Google]

54KB, 800x322px

>>61243553
I'm kind of in the process of learning right now, so I guess we could say we're both in the same boat. What I'm doing currently is purging my old laptop of old files and other trash. After that I'm going to start experimenting with more distros on a VM.

>What OS should i put on my other computer
Personally if you're still learning Linux I would continue using Mint for the time being. Once you get the hang of how it all works, I'd start using other distros. I recommend reading up on the wiki (https://wiki.installgentoo.com/index.php?title=Babbies_First_Linux) and choosing from there.

>what can i do to make my personal computer more secure without removing crap win 10?
I would start by following the security steps in the OP (https://pastebin.com/5XfDX4wL and https://pastebin.com/raw/0AjC2mcD). I would gradually start replacing some of your software with the more secure options listed in the above pastebin links. If you really want to be secure, eventually you'll have to switch to Linux at some point, and you should have experience from using your other computer by this point. If you really need Windows, you could always dual boot it or something.

Pic related is some pretty solid advice (it's also in the OP, I think).

>>61237720
>>61238236
I'd imagine it'd come down to something like if you did leave that enabled it'd "check" all content for being malicious, or send possible malicious places you visited back home.

That's what I made of it at least, it's also disabled by default in icecat so guessing its indeed something privacy related

>>61239953
Which channel?

File: EnglishA.jpg (1MB, 1685x1192px) Image search: [Google]

1MB, 1685x1192px

You use a secure password...right anon?

>>61244311
>You use secure passwords...right anon?
ftfy

>>61238448
What if someone steals your notebook/you lose it? I wish there was RAID paper lol

File: image_3.jpg (19KB, 270x270px) Image search: [Google]

19KB, 270x270px

So I've been moving my online activity to small scale hobby-project style services whenever possible. For example, cocks.li is my primary email provider, gitgud.io has replaced github. Dwarf Fortress has unironically supplied most entertainment needs. Any other similar services worth checking out?

>>61226769
Banning sex robots is a fool's errand. People will just get the humanoid looking robo-maid and retrofit for anatomical correctness. At least that's my plan.

>>61233878
>Anybody else in this thread hear the proposed United States Space Corps (USSC)?
There has been discussions about such a new branch for decades, probably since before the moon landings. And there are many reasons.

The reason not voiced openly is that a new branch will have to be filled with a new echelon of generals/admirals and whatnot. Thus the jostling in the existing branches about WHO should fill the new seats and get the new distinctions. And the new juicy budgets. Arguments have been on the desperate side, like space crafts move in 3D like subs, so this is the Navy's job, or it is like flying so clearly this is Air Force area, or we are talking about taking new beach heads so this is US Marines territory etc.

What is stated more openly is that the Moon may possess strategic resources, asteroids might be full of precious metals, and thus there will be land grabs and military power to be projected.

China wants to claim lunar He3 resources.
The US allows private space mining on asteroids.
Etc.

=== /cyb/ News:

>WHY YOU WILL ONE DAY HAVE A CHIP IN YOUR BRAIN
https://www.wired.com/story/why-you-will-one-day-have-a-chip-in-your-brain/
>Implanting a microchip inside the brain to augment its mental powers has long been a science fiction trope. Now, the brain computer interface is suddenly the hot new thing in tech. This spring, Elon Musk started a new company, Neuralink, to do it. Facebook, at its F8 developer’s conference, showed a video of an ALS patient typing with her brain.
>But earlier to the game was Bryan Johnson, an entrepreneur who in 2013 made a bundle by selling his company, Braintree, to Paypal for $800 million. Last year, he used $100 million of that to start Kernel, a company that is exploring how to build and implant chips into the skulls of Parkinson’s and Alzheimer's patients to reprogram their neural networks to restore some of their lost abilities.

It later proceeds to more speculative possibilities.

tell me about NTRU
is it a meme?

How active are CTF groups? I am looking to fill time/learn and feel this would be one of the more engaging ways to learn.

File: 1401640970832.jpg (102KB, 599x780px) Image search: [Google]

102KB, 599x780px

WE'RE BACK WAKE UP

>>61245589
If you're talking about /sec/'s group, we participate in most we see and we're really short on people.

>>61245637
Oh, I'll be sure to check it out. Just to be clear, it is the irc posted in the OP, correct?

>>61245665
Yes, it is.

File: 595270f3c361880a418b4679.jpg (115KB, 900x500px) Image search: [Google]

115KB, 900x500px

Anyone ever been to DefCon?

>>61245853
Awesome, just got everything set up and connected. Thanks for the tip

>mfw still waiting to fuck a cyberpunk girl
>don't even know why I ended up here
>will learn more python instead
is that a good idea?

alpha sportive dicks

>>61246221
literally don't bring a single personally identifying item within a mile of the strip or your identity was already gone 5 minutes ago

>>61247060
How thicc of an RFID blocker is my license gonna need

>>61247218
bout tree fiddy

what are some neat /cyb/ electronics projects?

>>61248599
Personal surveillance drone

>>61227822
>What about non UNIX such as Redox OS?
It is an opportunity to design in security from the start. Also a chance to establish reputation. Noticeably for all the /sec/ talk there is little talk about doing exactly that.

>>61229429
>Non Unixes are plenty, but then again not many offer something distinguishable. You probably saw the Plan 9 thread, so let me tell you some Unixes already taken good ideas from it.
Plan 9 is mostly dead, it is 9front where the action is.


>The only other OSes really worth to mention are FreeDOS, KolibriOS, JNode, ReactOS and the FreeVMS project.
VMS was rock solid with uptimes measured in years. I used a VAX cluster, good times. FreeVMS has hopefully kept much of that and it presents a lesser known attack surface to most malware.

>In my opinion, pay no attention to other OS other than FreeDOS, FreeVMS and the Hurd. Collaborate on those three projects when possible.
HURD? Is anything interesting possible there? If you like micro kernels you can always use RedoxOS or Minix 3.

>>61225756
>https://wikileaks.org/vault7/#BothanSpy
Discuss this /g/, this makes the SSH become the broken SSH. Fucking key-pairs even

>>61242790
What should us reasonable folks do when that happens?

>>61249142
I wish normies notice half of the wilileaks shit so they can start moving in some fucking direction.

>>61249260
>normies
>noticing anything

>>61246221
Yes.

File: 1497312935051.png (256KB, 1707x979px) Image search: [Google]

256KB, 1707x979px

https://pastebin.com/5XfDX4wL

Noob guide, It helped me a bit

>>61227186
>>61226172
>>61226155
Check >>61249410

I think it is a great pasta.

>>61249410
Is it still up to date?

>>61247060
Why would this even matter? The point of defcon is sharing ideas and networking with other hackers and security experts. Being anonymous is impossible.

>>61229600
then you would have to do something like diceware for every and all accounts, written down, each one unique. then when you memorize all of them, burn the paper.
i think i would go mad from that. but i wish you well anon.
sure should, but most don't care or maybe gave up the fight.

>>61249410
About the Linux without systemd part, anyone got a list of distros without systemd?

>>61250532
http://without-systemd.org/wiki/index.php/Main_Page#GNU.2FLinux_distributions

>>61250577
Thank you, anon.

>>61228277
Security+ and CISSP are the most recognized.

>>61249397
Who did you go with? How was it?

Still up and running on this thread!?!?!?

Fucking awesome. This is what I like to see waking up to start my day in the evening.

OP is a soldier.

>>61236919
Nothing

>>61250983
I make sure there is always one up before I go to sleep and make sure it is well bumped before leaving it for an extended period of time.

>>61250983
Yah let's give a round of applause for the OP.

>>61226331
As others have pointed it, it depends on what you want to secure from.
Password managers increase your security from more naive (and more common) attacks that are out of your control, for example if a website you use is compromised your accounts on other sites are safe because the password manager means its much easier to maintain multiple passwords. Not to mention your passwords are going to be more secure if you randomize them.

>>61251128
Your to be commended; I love my job, but I deal with bullshit.

I click this tab and everything is chill again.

Its good to be around people who have an idea what is at stake, or endeavor to get involved to improve things (or at least evolve them).

The quicker we can get people into this field who have a real passion for it rather than the oldguard the better.

By oldguard, I mean those who jumped into security from another technical field for the paycheck or upward mobility alone (or because their company needed cybersec and they were the most remotely suited for it career wise) and generally do not know shit (though they think they do).

That is why I commit my time to this thread: the quicker you guys get out there and raise the competency level, the quicker we can segregate this type of cybersec professional (I include blackhats and hacktivists in this category, because their work segregates hubris/stupidity as well).

Passion and dedication leads to experience, which raises competency, period.

Helping in this endeavor anyway I can gives me peace of mind, because the stakes are only being raised.

Also, I never know what I can learn here,'

Thus, I believe this thread is important

>>61251386
Thank you, anon, though I only consider that I am carrying out my self-appointed duty as a gatekeeper.
It is my belief that publicly sourceable data should be freely accessible and certainly when that information pertains to cybersecurity as it is and will become one of the foremost skills required to operate freely and fairly within our ever more cyberpunk world.
As for the current state of security, it worries me, often companies simply don't care and that is ever more evident with the amount of Internet facing infrastructure (both governmental and corporate) that is often insecure and sometimes unsecured altogether.
It really will require a changing of the guard.

>>61250348
not the anon, it probably isnt, but it doesnt matter, it gives you a basis to go off of.

>>61243553
should've started with debian

which language should i learn first to program? C or Python?

>>61251726
C, then Python.
C gives you a more comprehensive view of programming beforehand.

>>61251745
resources on learning C?

>>61251749
Courtesy of the Gentoomen Library:
>https://shodan.me/books/Programming/C/

>>61243553
>>61243735
https://ocw.mit.edu/courses/find-by-topic/#cat=engineering&subcat=computerscience
get studying

hi OP, could you please check cybrary out then maybe add it to the pasta?

also:

https://github.com/onlurking/awesome-infosec

thanks

>>61251749
There is a big list of free programming books under
resources in the /sec/ section
If your interested in more languages

>>61251890
OP here, I'll add them both, Cybrary itself should already be in there.
Thank you for pointing out the discrepancy.

File: 1407544949044.jpg (10KB, 350x334px) Image search: [Google]

10KB, 350x334px

>there are people out there who can read through assembly code and understand everything in one pass
>i have been studying assembly for a while but still have trouble following basic structures

a-am i too retarded for this stuff or what

>>61252266
these things take time anon, im not sure how it was for other folks here but when i started programming (python) even after a while i couldn't understand other people's code, it took a very long time of patience and dedication. of course, you're dealing with assembly but i'd wager it'd be essentially the same thing. just keep practicing. good luck

>>61252303
Thanks anon, I'll try my best

File: e9c3809278c495aca330d174645b7b41ba63f57f4ed010299770e150e438ed66.jpg (56KB, 400x547px) Image search: [Google]

56KB, 400x547px

I have a bunch of I2P stickers and I am going to post them around my town. I'm going to put clear tape over them so they last longer. Wish me luck.

File: 1498871029198.gif (2MB, 300x200px) Image search: [Google]

2MB, 300x200px

>>61249410
>uninstall telnet, ssh, web, ftp

why tho

>>61249258
Beats me, much of it is inevitable. Keep your head down, stay invisible, and when the singularity breaches it's synthetic head, side with the robots.

>>61251890
Cybrary seemed kind of like a money grab to me. Anyone acctually use their resources to obtain certs want to shed some light?

let's say I already know C syntax and have read all the beginner books, what is a book that teaches how to create semi-complex things in C, not just inform you of the syntax?

>>61252356
>I2P stickers
What are these?

>>61250460
huh?

>>61252909
probably stickers that say i2p

>>61252647
Wouldn't you already have a measure of knowledge where to look for this?

>>61252356
Good luck.

Acts of resistance against the losses of our privacy are acts in defense of basic human dignities at this point.

You may want to look into cDc's T3rr@r Paste:

http://www.cultdeadcow.com/cDc_files/cDc-0402.html

Hey maderas

Your 00sex blog post said how understanding networking and encapsulation gives you magical powers

How deep are we talking here?

I'm going through CCNAs cyber ops text book, and it's breaking how frames work, PDU == SDU + PCI, etc but I can't help but think how much deeper does this go?

Are you talking CCIE? CCAr level?

>>61251128
>>61250983
Cheers to you guys. Meanwhile I'm trying to run a general that's basically at the early adopter stages of living. That is to say, it's basically not alive and has never been alive ever, but will slowly grow as time goes on.

>>61251128
>I make sure there is always one up before I go to sleep and make sure it is well bumped before leaving it for an extended period of time.
SHIT, OP. I though I was the only one who took this kind of threads (wherever I make it) seriously. You're the man.

>>61235832
how is comodo dragon? anyone else here use it? can i still use plugins like adbockers and selfdestruct cookies and stuff?

File: maciej-kuciara-number-27-by-maciejkuciara-d991snl.jpg (150KB, 1024x1024px) Image search: [Google]

150KB, 1024x1024px

>>61225756
Instead of having a total mess of an OP, why not email the author of the pastes and have them update them? Their email is listed in the pastes and on cyberpunked.org.

>>61254002
>Please spoonfeed me.
I think the OP has done a perfectly adequate job.

>>61248819
Although the HURD seems like a good project I don't know much of their progress on security issues. FreeVMS team attempted to recreate all the good parts so lets hope they have all the help they can get.

9front has license issues btw, be careful.

where i can find a secure password generator?

>>61254687
Google.

>>61254687
https://www.grc.com/passwords.htm

Theres a lot of other good stuff if you follow the links in the OP

>>61233038
>>61234992
Why go to either? On the one hand you have a site run by an authoritarian autist with no filter, and on the other you have a site run by a group of authoritarian 16 year old pseuds/autists claiming to be 'da real site'. Neither site is comfy.

>>61253806
00sex...haha....

1) Having an understanding of networking at a CCAr level will be a huge boon to hacking/NetPen in general; mostly because you are likely to know much about many facets of networking.
2) However, you need to balance learning and combine it with practice/knowledge/experience of hacking/penetration testing for it to be applicable.
3)You must weaponize the knowledge and use it in such a way that it is applicable to what you are or want to do; it has to yield advantages.
4)For instance, during a recent penetest I was able to use Yersinia to exploit STP/BPDU and take over the Root Bridge (Denial of Service + Root Bridge MITM) of a LAN.
5) Now, the issue is that the target of this engagement was an industrial appliance that needed its traffic to reach an isolated system on a VLAN via an encap.protocol via a sort of dedicated Root Bridge (sort of conduit to zone config) to work correctly; the particular appliance had some great security which worked against it (allowing me to gain/retain superior BDFU.)
6)Because I am obsessed with trying to become one of the best network hackers/pentesters in the world, I have tried to learn from any source I thought credible (black hats to white, IT professionals, Sys/Net Admins, Security Analysts, etc.). on anything I thought could be applicable, andI have worked to make that knowledge work for me.
7) By combining what I learned from many sources,I succeeded singlehandedly where a whole team failed: I pulled off an antiquated exploitation method that is almost never touched upon today (and overlooked by the engineers since Rootguard/BDFUguard and all switch ports being recognized as rootbridge are usually par for the course today).

I succeeded in my engagement; had I been a malicious actor, human life could have been at stake.

(cont'd)

Proxies, tunnels and encapsulation are the same way as are advanced knowledge of them: they are incredible when you combine know;ledge and practice.

Having a deep understanding of the OSI model (as you elluded to) adds to your skillsets after you learn to apply them through practice.

An important piece is they allow you to do more with less. Knowledge trumps tools; knowledge should be your ultimate tool.

WIth general proxy/tunneling/encapsulation knowlledge, you can bypass firewalls, hide your presence in networks, hide your APT/CC, gain access to networks that should be out of your reach, any number of things.

However, you have to have the knowledge to recognize how/when/where you can use them and the ability to actually use them/implement them without getting caught (in many cases).

Its an extremely important, overlooked skillset, but it is a balancing act...It really depends on practicing what you learn and making adjustments from the results.

>>61249142
WTF. This is actually fucking insane. Works on OpenSSH on all linux distros, and Xshell on Microsoft. Steals passwords, private and public keys and is able to sniff at least some if not all SSH traffic which can be stored or transmitted directly to the CIA. SSH is no longer safe.

>>61252266
Naa man it took me a while when I first started (C++, which was a mistake to take that head on when I first started in 2012) so I eased to python and C# instead. I am wanting to learn assembly some time soon

=== /cyb/ News

Sex bots will remain a hot topic around here until they become a reality and then they will get only hotter, so to speak.

Summary is here:
>Rogering Robots
https://www.electronicsweekly.com/blogs/mannerisms/bullshit/rogering-robots-2-2017-07/

>A report from the Foundation for Responsible Robotics called “Our Sexual Future With Robots,” addresses the following questions:

>1. Would people have sex with a robot?
>2. What kind of relationship can we have with a robot?
>3. Will robot sex workers and bordellos be acceptable?
>4. Will sex robots change societal perceptions of gender?
>5. Could sexual intimacy with robots lead to greater social isolation?
>6. Could robots help with sexual healing and therapy?
>7. Would sex robots help to reduce sex crimes?

The report is here: http://responsiblerobotics.org/wp-content/uploads/2017/07/FRR-Consultation-Report-Our-Sexual-Future-with-robots_Final.pdf

>>61225756
serial experiments lain is a fucking shit tier anime and the lain community is cringe and the furthest thing i can imagine from actual cyberpunk
kys op

>>61254856
>>61254930
Good fucking lord how have you got CCAr level knowledge of networking and master level penetration skills in only 6 years? I thought CCAr was one of the hardest quals in the fucking world to achieve mastery of

Why is that anime so closely associated with cyberpunk? Isn't ghost in the shell the better choice?

>>61255685
Is there any reason why one should pay any attention to an anon failing to punctuate or engage with that shift key, other than for pure low brow entertainment?

>>61255738
I have worked professional as a penetration tester in some form closer to 7 years than six.

Also, I don't have CCAr level knowledge of network architecture.

I got too where I am the same way most anyone else has or can: I am willing to learn from any proven source, I work hard and I haven't cut corners from the beginning.

Also, I do not have many other interests.

I admire master IT professionals as I admire most anyone who has achieved mastery in an art.

Short of serious genetic disadvantages, anyone can do anything they want too.

They just need discipline,consistency and honesty with themselves.

Usually, the honesty is involved in looking at yourself to examine whether the steps you are taking are those that will get you where you need to be.

I grew up in martial arts, and there is no secret formula: 10,000 hours of training to rudimentary mastery.

I want to be the best Network Penetration tester in the world and extremely well rounded.

Even if I fall short in this task, I will end up the best I can be, which is somewhat exceptable

>>61250970
Went with a work colleague. It was fantastic (Black Hat sucked however) but 1 week in Vegas is more than enough hah.

>>61256262
Oh I must have gotten the wrong impression when you honed in and said CCAr would be good knowledge to have, and assumed that was because you're at that ridiculously high level. I don't see myself getting something like that any time soon since I don't even have a CCNA yet

>>61256696
Anyone know of a vendor neutral cert that is similarly difficult to achieve?

>>61232792
>we have contacted and are awaiting for their accounts to be shut down

>>61256262
>Also, I do not have many other interests.
I think this is important.

Sec is so rapidly evolving I am not sure there is any time left other than working and studying. If anything the sec situation is getting worse. For instance Google launched Fuchsia but I never heard anything about security considerations though that should have been a focus from *day* *one*

Let us not forget the dudes at .mil:
https://www.youtube.com/user/ArmyCyberInstituteWP

>>61251749
also recommended books on the /sci/ wiki
and those books can be found on /t/

>>61255051
It's fucking shit, that not even SSH key-paired auth is secure anymore. Just wait until Quantum Computing becomes the mainstream, wew.

File: 1496130269752.webm (3MB, 1152x817px) Image search: [Google]

3MB, 1152x817px

Let's all love Lain!

https://www.hackerfactor.com/blog/index.php?/archives/762-Attacked-Over-Tor.html
https://www.hackerfactor.com/blog/index.php?/archives/763-The-Continuing-Tor-Attack.html

Just finished reading them. Quite interesting and thought you guys would like it.

>>61258042
>Being this dillusional.

>>61234505
personal opinions aren't statements, specially when they're made to make you comfortable instead of telling the truth

File: 1497237970820.png (381KB, 1305x903px) Image search: [Google]

381KB, 1305x903px

>>61249142
>people cried for years that SSH was back doored by ABCs in the BSD mailing lists
>haha you're just a delusional, paranoid conspiracy theorist

>>61256934
It's funny; when my essay hit Hacker News a couple weeks ago, there were people saying that my schedule ( 80 + hours per week invested in InfoSec/NetSec) split between managing a CyberSec, Penetration Test and Vulnerability Assessment Lab, skills/knowledge building, training different exploitation/post exploitation techniques,keeping up to date on developments, visiting this general (etc.), was impossible.

If someone were to look at the times I posted in this general over the last 2 days, it doesn't look like I sleep very much; because I don't; I am almost always working on something.

Hacking/InfoSec/NetSec are Darwinian: you must evolve to meet the challenges and changes within your environment(s).

And these environments continue to grow and spread with wild abandon all around us.

This gives those who are prepared the chance to shape these environments and create change in the world; has there ever been a time in human society where the capacity to truly effect the world has been so accessible?

It is an environment where competency becomes the great equalizer on so many levels. In these environments, the armor of the oldguard are offer no guarantee of security.

Wit, guts, knowledge,OpenSource and caffeine/nicotin are most often the far superior weapons here.

Also, I could never forgive myself for failing to make the sacrifices necessary to reach my potential.

And it's fun as all hell.


>>61256696

I believe I gave OP my opinion after he requested my opinion on a cert with a similar acronym.

Networking and IT knowledge/experience is never a bad addition to an individuals InfoSec/NetSec skillsets.

>>61260462
Hi Maderas, first things first, thanks for taking the time to answer and help us in these threads. I've been really inspired by your thoughts and greatly appreciate your help. Second, you mentioned you invest ~80 hours/week in InfoSec/NetSec, if you don't mind me asking, what does your daily routine generally looks like? Do you just go about reading books and articles, and practicing in VMs? Do you set time for your tasks and focus (ex. 2 hours of network studies and so on)?

>>61260666
there are a few types of sec people (from my experience).

a. this is my life: if you arent working, you are researching or coding etc.

b. I want a 9 - 5: CISSPs, CEH, etc. Know little, act like they know a lot.

c. I'm just here for the paycheck: their source of information is whatever bug is in the news this week.

d. Gave a talk at DEFCON once: 5 people attended and it was terrible, probably sponsored by their employer more for advertising than actual value.

>>61256927
rip my 4chan points :<

File: 1494874201258.gif (728KB, 500x270px) Image search: [Google]

728KB, 500x270px

>>61261038

B and C are heavily dependent on how much your client or employer has you by the balls to actually make any decisions or develop policies.

>>61261740
my employer is all from A. I simply see the other categories at our clients.

File: 1494881847029.png (297KB, 600x430px) Image search: [Google]

297KB, 600x430px

>>61261740
Cont'd (forgot to add)

The real downfall of security lies in the hands of people who turn a blind eye to it. Yes, you can spend your entire life working, researching, coding, etc and it is all in vain if people don't ever implement those controls or policies. It's very counter productive, which is why a lot of people stop giving a shit about it and don't make it their life.

>>61261779
I've seen it in all spectrums. Employer generally doesn't care so long as they get good feedback from the clients. Often times, when a client has to change or fix something, that gives the employer negative feedback. It's impossible to win in this field. They want security, but they don't understand the costs and philosophy that you have to live by to keep it secure. You can't just implement a fix for a zero-day once and expect it to never be exploited again in the next week. At least this is my experience with contracting.

I'm sure for a freelancer it's an entirely different experience.

>>61256723
They have to be industry recognized. It doesn't matter whether or not it's difficult to achieve or not. You used to have to at least know someone or be recommended by someone in the ISC2 community. Why that's changed is questionable (ie, marketing and sales)

File: HMS_Queen_Elizabeth_EW2.jpg (2MB, 2987x2111px) Image search: [Google]

2MB, 2987x2111px

Let's not forget the military relative of /cyb/ and /sec/: electronic warfare. And looking closely at the new carrier HMS Queen Elizabeth suggests new thinking: they have done away with the antenna forest and implemented a sparse, clean design.

Forward island has the big radar and probably other emitters such as aircraft navigation systems.

Rear islands is more interesting: it is simply bristling with passive EW antennas, not all of which as shown in the pictures I have found. EW dudes are tactfully discrete about their capabilities. There is however an important statement here which points to a new trend.

Altitude is power/influence and many carriers carry a radar at the topmost point. That is a littler silly since it makes the carrier visible at great distances much to the pleasure of those using radar homing missiles. A powerful emitter should rather be on an auxiliary vessel, not a high worth object such as a carrier. And indeed that is what we see here. The upper red line shows the EW equipment is well above the radar.

The British are clearly going for the subtle approach.

>>61261869
I think a lot of places see red teams as a threat to their jobs. In a way, we are basically knocking over all their sand castles. I suppose if you tout yourself as an expert then your AoR gets owned it may have repercussions but thats hardly the teams fault.

I dunno, I dont work for a place that pressures me into sugar coating things. We tell it like it is.

Still going good, good.

The sheer amount of knowledge you have is clear why you command such a role in the field.

But what sort of roles exist for people who aren't as cluey as you?

I want to move into sec because it interests me. I'd like to do it fairly soon, and it's what I'm banking my entire existence on by moving to a major city in the next 12 months.

Literally all I've got is a few years of being a level 2 tech, an IT degree that if someone looked into it deep enough would see is absolute trash, and studies from textbooks.

How do you even break into a field that sounds like it's dominated by literal top guns? What are the entry level positions in infosec?

>>61252487
You can get your password stolen with telnet like with ethercap, even if are using kerberos you can get your session stolen. The ssh/web/etc part is to reduce open ports and potential vuln. Some good explanation is here https://www.stigviewer.com/stig/red_hat_enterprise_linux_6/

Only replace the part of grsec with RSBAC. But just follow the guide, all of it, is the best advice you'll ever have.

>>61262048
>a fucking ramp

>>61251749
https://pastebin.com/SRZakc07

Is from the same author of >>61249410

>>61263710
>What are the entry level positions in infosec?

There are none. It's like asking "how can I get a job breaking into bank vaults when all I've done is look up a few basic lockpicking videos on youtube".

What's the point of cybersecurity and all this paranoia if you've ever posted personal information on the internet before? You're already screwed. I deleted my facebook account 4 or 5 years ago yet all of that is still out there somewhere, same goes for literally everything I've ever typed online. Unless you knew all this shit before you ever even touched a computer, you're screwed.

>>61263917
Private data on your computer isn't freely accessible, or shouldn't be.
It prevents you putting out more information.
It prevents governments spying on genuinely private things.
I could go on, what a shitty argument.
If you need anything more than that, look at the YouTube video in the OP.

>>61264216
You've already lost, though. There's a file on you a mile long.

>>61264312
Watch the fucking video.
Your argument is basically:
>They already know your address, why bother locking the doors?! Or better yet, why bother living in a house?! :DDDDD
Because new information can be generated and the information they know isn't complete, they don't know everything and shouldn't know everything.

what email service should i use

>>61264360
It's too late though, I've had forum accounts, I've ordered things online, I've used Windows, I'm already fucked and going full freetard at the cost of convenience isn't worth it at this point in my life because I've already been datamined to shit.

>>61264526
Either watch the video or don't.
This thread has more than enough information to explain to you why personal cybersecurity is important.
I've tried to simplify for you, because you clearly don't understand the topic.
There's no point in me trying to help you, if you will not try and help yourself.
Defeatism, when they haven't "won" anything is mind-numbingly pointless.
Either commit to change, or don't, no sweat off of my back, it is your life.

>>61264526
If you go private now then nobody will know the data out there is actually you, duh.

Besides that learn the difference between security and privacy.

>>61264568
All your information up to this point is already out there, if the majority of your info is already lost who really cares if they know for a fact that you got pizza for dinner?
>>61264583
>If you go private now then nobody will know the data out there is actually you
I'm not understanding this. The government knows you're still alive and can link you to old posts and internet activity.

>>61264609
That isn't the information I'm consciously hiding and protecting, however, if that information also happens to be hidden and protected along with the rest? Perfect.
The more pressing question is:
>What gives them the right to know what I had for dinner?
And no, -ALL- information isn't, that's pointless hyperbole.

>>61264666
>if that information also happens to be hidden and protected along with the rest?
It won't be, all you can do now is try to hide your daily NEET activities from here on out from the government.

File: online predator.jpg (93KB, 494x526px) Image search: [Google]

93KB, 494x526px

>>61263917
>>61264312
>>61264526
If you keep feeding the beast there is always someone who can use your stupidity against you, and I don't mean only the NSA.

>>61264692
Are you that retarded?
I'm talking about data I produce right now, because I use security measures, I have for a decent amount of time now.
Sure, they have data, but the data and originator is obfuscated.

>>61264717
>the data and originator is obfuscated
Your ISP forwards all records to the government if you live in America, Your_Name is linked to posts you made 10 years ago regardless of whether or not you've spent the last 7 full tinfoil-tier paranoid.

>>61264729
>What is encryption?
>What is a proxy?
Why are you so stupid?

>>61264759
Do you have trouble reading? Anonymous spends ten years using Windows and not wearing a tinfoil hat, which the NSA and god knows who else has records of. He suddenly stops and starts encrypting everything and only interacting with the internet through tor; that information from earlier in his life is still out there, and current information is being generated even offline just by where he moves, where he works, etc

>>61264790
Your 'arguments' are so poorly ordered.
Do you have trouble reading, anon? I think you do.
>Anonymous spends ten years using Windows and not wearing a tinfoil hat, which the NSA and god knows who else has records of.
Great, they have IPs assigned to my parents ISP, only a tiny amount of that information linked to my name as when I did use social networking, I only did so to a minor amount.
Aside from that, I never used my real name online (or identifying information).
>that information from earlier in his life is still out there
Oh yeah, that's great, they know what vidya games I used to play and what YouTube videos I used to watch between the ages of 10-18 (when I moved out and started using cybersec).
What bearing does that have on me now that I am in my twenties?
None, because I don't do or watch any of that related material anymore and do more from an obfuscated IP through an encrypted connection, meaning very little of the data I generate now is connected with my name and the data they do have is encrypted.
Therefore, it has no bearing, or connection to my prior or future life.
>and current information is being generated even offline just by where he moves, where he works, etc
That's great, unavoidable information that is public domain anyway and could be traced (granted slower) via a sentient investigator (a P.I. the police, etc).
That doesn't matter, because that information isn't sensitive, my digital information is and I have control over it.
Do you understand yet?

>>61264895
>Aside from that, I never used my real name online (or identifying information).
You are in an extreme minority, because most people will use their real name to sign up for an email account, or order something online, or make a social media page. Anyone who has done that is already screwed.
>that information isn't sensitive
It is and unless you are very lucky, some of that information will be easily connected to online accounts, such as a paypal, or a amazon account, etc.

Why do you refuse to admit that having a decade of internet history being linked to your name that can't be retroactively hidden is a problem, and that going full freetard is hardly worth it when all it takes is one VPN dropout to open chances for that older information to be linked?

>>61264951
>They know I liked Cheetos when I was 17, listened to podcasts and worked in an IT shop?!
>I better not hide that current information that reveals I partake in X illicit activity.
Arguing with you is pointless.

>>61264951
Using your real name is incredibly recent and only normies do it (unless youre operating in a professional capacity)

There are still a great many people operating under the "old laws", as in keep your shit to yourself

>>61231542
>zxe hasn't spent countless years creating a custom architecture

>>61264495
https://pastebin.com/5XfDX4wL

read

>>61265093
I don't partake in any illicit activities.
>>61265124
>Using your real name is incredibly recent
In the grand scheme of human history? Sure. Since the start of the World Wide Web? Not at all. People have been ordering things online since 1999 at least, complete with their full names, addresses, etc. Same with signing up for email accounts, and using your real name for social media is recent if by recent you mean "since about 12 years ago".

>>61265248
>>61265242
>>61265124
>>61265093
>>61264895
>>61264759
The thread is dead, long live the thread: >>61265322

>>61265283
>I don't partake in any illicit activities.
Yet.

>>61265366
Never. I respect the law. Regardless, what I said in the second reply is impossible to counter; every single average person who has used the internet in the last 15 years has inputted their real name, address, credit card details, and date of birth at some point or another. If that anon was referring to people posting their own dox online and using their real name on forums, imageboards, etc, then he's right. I'm talking about all the accounts you've had over the course of your life.

>>61265417
That doesn't matter, as much, though is still an issue.
That information isn't tied to sensitive information that is coming from an obfuscated and encrypted IP address.
They shouldn't know that you bought some drapes back in '07, but it doesn't affect the fact that you shitpost on 4chan in '17. - If you're obfuscating, of course.

>>61265448
That's what I've been talking about the entire time, though. Not just posting personal info online for the public to see, which I doubt anyone does even as a teenager, but inputting it anywhere, especially to make accounts on large and small sites. My purchase of drapes in 2007 are connected to me now simply because I've purchased things with the same name since despite being more privacy-concious.

>>61265520
That's just because of your poor execution of OPSEC.
The same way, you have 'unbreakable' encryption, but if the implementation is shit, that makes it worthless.

>>61265661
>your poor execution of OPSEC
Literally touched on this in my first post. Very few people were thinking about this shit 5 years ago, let alone 15 years ago. You can't retroactively go back and teach yourself all about it before ever touching a computer, so why bother if you're already fucked?

>>61265711
>why bother if you're already fucked
>why bother stop this small infection taking over my whole body if I'm already fucked
>why bother moving my body away from the fire if my hand is already burnt
>why bother treating this stab wound since I'm already fucked

>>61266011
Not equivalent, going to the doctor to keep an infection from getting worse will generally remove all traces of it from your system, if you've used the internet at all you're fucked until the government collapses or nukes start wiping out data centers.

>>61266142
No it won't you moron.
Dental abcesses, for instance, increase risk of heart disease.
You also only responded to one analogy.

>>61252487
A little late in but cybrary does a shit job of teaching you unless your one of those people who can do a good job of researching on your own. And if that's the case, why pay for cybrary and just do it on your own instead?