/cyb/ + /sec/: Cyberpunk and Cybersecurity General:

1st for OP I will suck you. No homo.

>>61688543
>>61688572
>Clearly as Islam related incidents happens, the climate around encryption, privacy and anonymousity...is growing tense. Although there has been a month or two without incident, GB is going away from net privacy and stuff, for instance.

>Europe today can be pretty dystopic. Media is too influential, politicians often weak, uninformed and planning only personal success and the financial system is in a meltdown.

Jeez, sounds eerily like over here. The world is going to shit, anons, and we're the only ones who realize it. It's kind of starting to sound like 1984, where the propaganda is that the other countries are doing shitty, and only ours is prevailing--except it's the opposite.

"The other countries are fine, we should be more like them!" cry the headlines, meanwhile the global economy is tanking, and eventually only the strong will survive. We're being led into a technological evolution, anons. Survival of the fittest. And holy shit if it didn't come at the worst time imaginable....

>>61688548

Yes, close. Darwin so a straight line and like 3000kms separates me and Adelaide

Well I liked the varied responses in the last thread, so I'm gonna ask it again.

I want everyone who enters this thread to tell me what they are studying, and if possible, share some study material with us.

>>61688659
>close
That's like saying that because I live in Detroit, Michigan, I'm close to Dallas, Texas. I guess I'm glad I got the timezone right though. Never been to Oz, but I have some friends from Adelaide and Perth, so I'm at least familiar with the timezones.

>>61688600
I keep falling behind on the pasta updates though.
You guys just provide so much content, so quickly.

>>61688671
Currently working on how I'd code Hunt the Wumpus in GoLang. I don't have any PoC, nor any learning materials yet, but that is my next project, provided I can keep on track.

>>61688701
>You guys just provide so much content, so quickly.
B-but that's a good problem to have, right OP?

>>61688695
Lul well i live in a pretty remote town so to experience anything of value, like gigs etc, I need to fucking fly. And honesty, that's typical for most of the country. It's fucking vast and empty

File: finger-touch7-1000.png (727KB, 1000x667px) Image search: [Google]

727KB, 1000x667px

Before going into crypto-currencies I didn't care much about security

But now a lot of money is at stake and... a hardware wallet isn't an option yet cause the currencies I hold don't support it

What is a better solution than 2fa Google Authenticator on phone?

Is Yubikey good or just a meme?

>>61688701
You need to vet some of the content. There's a lot im seeing that's irrelevant for anything other than historical and archival purposes

>>61688741
Same, dude. Living in a small town sucks. Closest town that gets anything even remotely interesting is 2 hours away by car, but most things are about a 5 hour drive.

And I live in a valley that doesn't get any humidity, so it looks like I live in the desert...

I fucking hate my town...

>>61688720
Yes, anon, it is a good problem.
>*pat*

>>61688754
Exactly, that's the issue.
Because I have to think critically, yet have a several thread long backlist, it takes time.

>>61688776
>Closest town that gets anything even remotely interesting is 2 hours away by car, but most things are about a 5 hour drive.
I wish I had this problem.

It's a 5 hour airplane to the closest capital city that gets festivals and gigs.

A three and a half hour drive from my home gets you to the next town.

>>61688826
I mean, to be fair, 75% of Australia is uninhabitable desert and the other 25% is just spiders. Really, who would want to have towns every few hundred kilometers in a place like that?

>>61688648
I think that too, but today every one will tell you "hurrr anon u liv in a movie" so you end up just trying to care for yourself only.

Related to lastest posts, that's why I will be moving into center next year, although I'm not into social life, I think is nice living around it.

>>61688982
>>61688648
I'll hunt around and find it; the image was posted a few threads ago, but we aren't going towards 1984 at all.

We're moving towards Brave New World. I'm not sure which is more terrifying; huxleys or orwells world.

File: huxley-orwell-amusing-ourselves-to-death[1].jpg (901KB, 760x6006px) Image search: [Google]

901KB, 760x6006px

>>61689091
>>61688982
>>61688648
Well that actually only took me three seconds to find, strange I havent seen it before very recently if its so popular on the web.

>>61688671
>I want everyone who enters this thread to tell me what they are studying
I graduated a few years ago. I don't think everyone here is a student. A quick strawpoll might be interesting, I have done a few in other threads. It appeared quite a few are PhD students which was a surprise to me.

>>61688750
Paper wallets with the private keys generated on a live OS offline. That's what I do for Monero. Write down the seed, don't use a printer.

>>61689150
I havent been a student for almost half a decade either, that doesnt mean Im not studying.

>>61689091
>>61689109
I always though that, the 1st time I saw that image a few years ago, actually. And although that's right at 90%, I think there's a 10% fron 1984

>>61689109
I'd say it's a mixture.
Mostly Huxleyan, but if you reject the pleasure, then they'll apply Orwellian control.

>>61688456
frogfag here, where I live it seems that people are still a bit misinformed about tech and they don't really care about what happens to their data. I don't know if they're overly optimistic but so far the pros outweigh the cons for everyone I know.

Politically the government is in a state of emergency until november 2017, the police can conduct searches more easily and keep people longer in custody when they're suspected of terrorism.
The government is thinking about taking permanent counter-terrorism dispositions once the state of emergency is over, it might become quite dystopic in the future considering how loosely terrorism is defined and how that could be abused

>>61688776
Hello, Birchip friend.

File: Untitled.png (841KB, 1301x457px) Image search: [Google]

841KB, 1301x457px

Are they /ourguy/?

How long does it usually take after sending deauth packets in aireplay for the wpa handshake to be sniffed by airodump?

Its been two minutes and I havent seen anything change; should it have happened by now? Do I do it again and increase the number of deauth packets?

Or do I need to wait longer for it to be captured?

>>61689826
>plebit
>/ourguy/

worst bait desu

>>61688563
Cyberpunk has nothing to do with cybersecurity.

>>61690740
I missed you.

File: Screenshot_2017-08-02_14-12-34.png (107KB, 1217x855px) Image search: [Google]

107KB, 1217x855px

Anyone on Retroshare? Not just for filesharing but for communication.

My ID:
(fuck this board, it thinks its spam wtf???)

well /pol/ is more reasonable:
>>>/pol/135877152

Thats where I posted my ID.

>>61690751
Me too anon

>>61690740
They certainly intermingle. I think a lot of what you might call "cyberpunks" have white collar jobs

>>61690819
hello mountain jew

>>61690930
*handrubbing intensifies*

>>61690819
lets see if at least the link to the RS forum works:
retroshare://forum?name=Test_Thread%20%28post%20whatever%20you%20want%29&id=5a579555c84a96bc433cc26d7e50541f&msgid=9d58be82ce60190ba4d5d5872ed085aa9ebc296d

>>61690909
Cyberpunk is cybersecurity for people who have no drive to learn about the field, they’re pretenders. I’ve personally seen the post quality decrease drastically since the merger, but the thread also doesn’t 404 every few hours like it used to. I wish they hadn’t combined them, but at this point it’s too late to change.

>>61691083
Ah I see what you're saying. It would be nice to have a /sec/ general for a more professional tone to the discussion.

Is there anything like IPFS that has longevity? Is it the best contender for next gen distributed internet?

>>61691278
IPFS is pretty much as long-lived as it comes.
As long as you know the hash and at least one node (client or server) has the file, it wont dissapear

what are your personal opinions on email providers? which do you use and why? which one do you consider to be the best/most secure?

>>61691381
The security should be done by you using PGP and enigmail. Anything your provider does is at best assistance.

Minimum should be however: Transport security using STARTLS.
Always use a web client, not webmail.

>>61691083
>Cyberpunk is cybersecurity for people who have no drive to learn about the field, they’re pretenders.
Poor bait.

File: gp6napd7bm8z.png (1MB, 1920x1080px) Image search: [Google]

1MB, 1920x1080px

>TFW executed my first subdomain takeover yesterday


It was trivial but a lot of fun.

>>61691972
>>TFW executed my first subdomain takeover yesterday
Nice one.
Also wallpaper plox.

File: text.png (4KB, 804x416px) Image search: [Google]

4KB, 804x416px

>>61691301
I suppose the issue then becomes storage.

I mean, if everyone was using puretext a modern server would never run out of space. Think that a decade of Usenet at its height got to "just" 2GB.

Speaking of text, and the source of this image, I love the work that went into these Maison Ikkoku guides:
http://ikkoku.com/mi/html/guide.html

>>61691823
It's true, though.

What does everyone do in their free time? I feel like I'm always learn learn learn read read read with netsec stuff and find I don't spent a ton of time applying it outside of work

>>61692518
I work as a freelance cryptography consultant, so during my free time I do anything but Netsec stuff

>>61692518
In my free time I'm retarded. I've never had the habit of study and now I can't really get it since 90% of stuff I would like to be into it requires practice.

As job I'm remote assistant and shit. You know, with tickets and stuff.

>>61691972
>>61692016
yes wallpaper please

>>61692601
tickets and stuff i feel 2 real

>>61692569
I'm a SOC monkey so I feel like I have to go home to actually do netsec haha
sounds like a cool gig though

>>61692683
its ok. Pay is nice when I have work.
WHEN.

>>61692699
So you're hopping contract to contract?

>>61692669
You know, like remote IT but seems like you can write it as that in the resume. Easy job easy pay, I don't aspire to any more.

>>61692706
yeah. Of course most contracts usually last a while and there is repeat business and new clients through word of mouth, so I guess I must be doing something right.
Nonetheless its not rare to be weeks or rarely months without anything to do.

>>61688671
exploit development and already shared my stuff here

File: Stalenhag-Roadwork.jpg (105KB, 650x650px) Image search: [Google]

105KB, 650x650px

>>61693573
I'm also big into exploit development and vulnerability research, I recently stumbled onto this giant list of Fuzzing resources if you're interested:
>https://github.com/secfigo/Awesome-Fuzzing/blob/master/README.md

Hope it helps any other exploit dev anons out there, I'm really enjoying the journey towards actually being competent in this stuff after looking at others doing this work enviously.

>>61693737
cheers, anon. what books are you currently reading?

>>61688671
I'm literally learning how to program.

>>61690656
>desu
kill yourself.

File: Stalenhag-Gauss-Freighters.jpg (41KB, 680x382px) Image search: [Google]

41KB, 680x382px

>>61693901
I'm reading a bunch of books at the moment in an effort to find my footing in this field, usually I'll read a few chapters from them every week. Here's a short list:
>A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security (https://www.goodreads.com/book/show/12746081-a-bug-hunter-s-diary)
>The Antivirus Hacker's Handbook (https://www.goodreads.com/book/show/26535525-the-antivirus-hacker-s-handbook)
>Fuzzing: Brute Force Vulnerability Discovery (https://www.goodreads.com/book/show/609606.Fuzzing)
>Secure Coding in C and C++ (https://www.goodreads.com/book/show/1069724.Secure_Coding_in_C_and_C_)
>The Rootkit Arsenal - Escape and Evasion in the Dark Corners of the System (https://www.goodreads.com/book/show/6420240-the-rootkit-arsenal)
>The Art of Software Security Assessment - Identifying and Preventing Software Vulnerabilities (https://www.goodreads.com/book/show/349418.The_Art_of_Software_Security_Assessment)

There's so much to learn and know, it can get kind of overwhelming but I think it'll be worth it in the end to be good at this work.

>>61694269
I just finished A Bug Hunter's Diary. What do you think about The Art of Software Security Assessment? I started reading it but didn't see much code which to me is kind of a no-no.

Also, the ones I'm currently reading are:

>Hacking: The Art of Exploitation (halfway through)
>A Bug Hunter's Diary (just finished)
>Shellcoder's Handbook (started yesterday)
>Practical Reverse Engineering (haven't started yet, but will later today)

Secure Coding in C and C++ seems like a good read. I might take a look at it later today as well.

>>61694353
Also Silence on the wire which I saw a few anons talking about in a few threads ago.

>>61694353
I'm currently reading Chapter 4 - Application Review Process because I'm trying to learn how other people go about finding software flaws, so far it seems to do a thorough job of detailing a good process to follow. I mainly picked it up because it was recommended to me as a comprehensive source of vulnerability discovery methods/techniques. I don't know if I'll try to read the entire book, it's pretty massive haha.

I'm hoping to eventually settle into a formal routine for finding vulnerabilities and developing exploits, but at this stage it feels like my process mostly consists of flailing around in various fuzzing frameworks/tools then trying to make sense of crash logs.

>>61694263
>kill yourself
kys

>>61694353
And yeah, Secure Coding in C and C++ is one of the books I singled out for learning how to know when I'm looking at vulnerable code. Hope it can help out in that area for you as well.