[ art / civ / cult / cyb / diy / drg / feels / layer / lit / λ / q / r / sci / sec / tech / w / zzz ] archive provided by lainchan.jp

lainchan archive - Catalog (/sec/)


R: 0

The Sticky: /sec/ 2.0

This is new /sec/, the security board. The intent is that this board will be used to discuss means of securing electronics and other machinery. Discussion of securing other types of objects, such as houses, safes, and privacy is very welcomed. Discussion of offensive means, cracking tools, and secret documents is permitted and also very welcomed.

Do remember to be smart when discussing potentially illegal activities.

Relevancy is considered very important in this board. It is expected that every image and file will be strictly relevant to security of this sort.

Do not start a thread designed to collect information concerning the lives, preferences, or other potentially sensitive information of users on this board.

Hide loudly; live creatively; crack happily. Secure well; fear naught.
R: 7

Sandboxing vs Virtualization

So we just had a discussion on "Simple questions thread" that I think deserves it's only thread.

The discussion is about virtualization vs sandboxing. I'll post the comments bellow and you can contribute to it.
R: 2

CCNA/CIsco

I want to study for ccna. What would be beneficial for me to have in my home network? Such as a cisco router and a cisco switch. Would anything else be beneficial?
R: 49

Is the future on dark nets (intra-nets under the Internet)? Day after day the design of websites of Internet became more insecure, bloat and invasive in the technical side and political/law side don't see the problems of surveillance in a long run.
While looks pretty complex to fix this on the political side, in technical side looks more promising with refine from some old projects like I2P and Tor.
Well, what is your opinion, lainon?
R: 36

PGP thread.

this is a $60 HSM thats openPGP compatible and works with NFC devices.

You need it.

also PGP/GPG thread. Pic related: device handles encryption, signature, and authentication subkeys. how do you use PGP?
R: 4

what do we think about https://njal.la

founded by TPB founder

MITM for DNS
>registrars cant proxy your info already
>a warrant cant get your information anyway
why?
R: 3

mobile Security thread

Fill free to post more tools and testing or what your working on

android vm boxes - http://www.osboxes.org/android-x86/
Smartphone Pentesting Framework - https://github.com/georgiaw/Smartphone-Pentest-Framework
R: 17

Protecting the Windows

How make the Windows more security for free beyond installing another O.S.?Even by apply the concept defense in depth, the Windows looks pretty hard to keep well defense.
R: 116

Encrypted Synchronous Communication

What do you lains use for encrypted synchronous communication? I've looked into Telegram, Tox, and Wickr, but they all seem like soykaf. Jitsi is encrypted with OTR, but the UI/UX is so bad you're never going to get any unlains to use it. I really enjoy Discord, but building an OTR plugin seems like it would be difficult.

Is there fuarrrking anything out there that is both secure and stylish? Even the former would do in a bind I guess.
R: 41

Simple Security Questions

This is the Simple Security Questions thread for simple questions.

If you have a simple question and a suitable thread doesn't already exist, just post it here and someone will probably try to answer it for you.

Remember to do some research before asking your question. No one wants to answer a question that a simple search can already resolve.
R: 2

Webdev

If I'm looking to work with a webdev, like for a website, what would be a good skillset to have? What would make me a good candidate?
R: 28

i'm toying with the idea of running a clone of something like riseup or cockli on my own colocated hardware.

anyone have any advice or interest in the topic?
R: 4

Anonymous TLD

It seems the The Pirate Bay creator launched a service for anonymous domain registration:
https://njal.la

But you don't really own your domain, they do.
Seems like bullsoykaf to me, what you think?
Why would someone buy this when you can take a .ga domain for free with fake personal info through tor?
R: 26

physical security

Seems to me that physical security is just as important as digital security.

Personally, I've never picked a lock, but I'm considering learning. Watching some videos of experts has made me much more conscious of my choice of lock.

On a somewhat unrelated note, this is the setup for a server room at my uni. I kinda want to go in there and poke around, but I don't know what these boxes do. The lock itself seems pretty flimsy, once I learn I could probably break it. I'm more worried about security measures that I don't know about.
R: 5

HTTP/SMTP Server

Need some advice.
I'm thinking about buy an old (<2005) IBM thinkpad and do it as my HTTP/SMTP server for my personal website and mail. I'm doing it and not paying for a VPS because I could have the control of all the functions my self.
So, my problem is, I can do most of it without wasting money on some service, except that I would need a dynamic dns since my IP wouldn't be static (too expensive on my country). My question is: there's any way I can run a dynamic dns server myself, from the same dynamic IP? If yes, could I do it on the same machine?

I think it should be simple, since the dynamic dns server would just: grepping the actual IP > sending and updating to the domain name network. But I couldn't find this information at all.

That way I could host my server without waste any unnecessary money. The OS, http and smtp server would be free software. The domain could be from freenom. The TLS cert can be from Let's Encrypt. The static html could be something fancy from html5up.net.
R: 5

Storytime thread

Story time thread

Share your experiences and stories about how you popped boxes and shells
>First time hacking
>read a few intro to pentesting books
>Easy.jpg
>download a vm that says easy difficulty
>get on kali start scanning easy machine
>nmap, metasploit aux, smtp user enum for about 30 minutes
>get emails from contact page
>alright lets try bruteforcing some users
>spends 45 minutes trying to crack user passes
>struggle.jpg
>why can't I get this
>check common passwords
>"Try their username"
>bruteforces again
>mfw it takes me 4.5 hours get access to something that should have been a 5 second guess
R: 9

Anyone else enjoy spying on people through ip cams?
R: 3

Avoiding Image Recognition for Fun and Profit

https://actu.epfl.ch/news/when-deep-learning-mistakes-a-coffee-maker-for-a-c/ (paper linked in article)
Can we find any way of exploiting this (at least until the algorithms get improved) for image recognition camouflage? Will that even matter with how primitive they are presently?

ITT we discuss use of image recognition to potentially invade our privacy and ways to prevent that
R: 17

Avoiding Backtraces On Images

Let's say I want to share an image with someone online, but I don't want them to have the ability to plug the file into google's reverse image search, because the source hosting the image(which I have no control of in this hypothetical scenario) contains personal information I'm not interested in sharing.

Obviously, there are ways to distort or otherwise change an image far enough that the algorithm of any reverse image engine can't associate it with the original host, but exactly how severely do I need to change the image to keep it from leaving a trail of bread crumbs back to a sensitive source?

Obviously metadata would need to be wiped, but I don't know how much visual distortion would be necessary. Cropping the image? Slightly changing the colors in an image editor? stretching it by a few pixels? Or are we talking a more blunt method, like adding harsh noise, or some kind of serious image warping?
R: 6

Machine Code Meddling

This is the marked thread for machine code programming and examination. This necessarily encompasses reverse engineering and security to a degree.

Feel free to discuss the nuances and advantages of your preferred architectures and assemblers, along with all else relevant.

In particular, the writing and dissemination of minimal machine code routines is encouraged. Obfuscation and protection techniques are also, of course, relevant.
R: 159

Simple Security Questions

This is the simple security questions thread. The intent is that a simple question without a suitable thread already existing can be asked here and someone will probably try to answer or discuss it at suitable length.

If you have an in-depth question that can start a long discussion, a new thread may be more appropriate.

Remember to do some research before asking your question. Few will want to answer a question that a simple search or some insight can resolve easily.
R: 20

Wikileaks Insurance Keys

>"We prove that we have published stuff at a particular time by stuffing it in Bitcoin, in the blockchain, and then, if someone were to come and try to modify the material that we have published, to take a particular part, that would be detectable."

>-Julian Assange, Nantucket Project, Sept 28 2104

https://www.youtube.com/watch?v=MaB3Zw5_p9c&feature=youtu.be&t=7m06s

>"Wikileaks needs to change in order to survive and thrive through the next few months... If necessary of course, if I'm not able to continue or the Ecuadorian people are unreasonably blamed for Wikileaks' publications, I will have to resign as editor, but our publications will continue. The part of the necessary defense of Wikileaks, we have engaged in a new project to recruit people across the world to defend our publication - and we'll give details of that as the weeks go by... ...we will issue guidelines about how you can promote Wikileaks publications without censorship.


>- Julian Assange, Wikileaks 10 Years Press Conference, Oct 4th 2016

https://www.youtube.com/watch?v=x6mARUrPtXk
R: 3

Greasemonkey plugin to securely delete reddit posts

https://greasyfork.org/en/scripts/5550-reddit-secure-delete

firefox + greasemonkey plugin

We live in strange times. If you need to "burn" a reddit account. this is the best way of doing it.
R: 30

Ok, I'm moving into a uni dorm within the month, and was looking at the network policy. It seems to be pretty strict. Not allowing your own routers/switches, banning the use of p2p software entirely, and even has a point that states being anonymous at all is not allowed. Infringement in any of these points and more result in disconnection and being sent to student conduct. What would you do /sec/? I don't think I can get through without use of private trackers, and knowing that everything that I do on the network will be visible to the school staff will gnaw on my sanity and probably alter my usage of the network.
R: 72

How many people have you gotten to improve their persec/infosec?

Do you tell friends/family/people on the street about using Signal/ChatSecure/Tox or Tor, etc.? How successful have you been? A few people are grateful for the information and change habits, but most people have a sort of knee-jerk response when I talk to them about using software that protects my privacy, they seem to prefer ignorance to actually being aware of what is going on in the world, as far as dragnet surveillance goes. I mean, they know it happens but they prefer to just act as if everything's okay. Problems don't go away when you ignore them but a lot of people function as if that's the case.
R: 75

Is it stupidity or is it deliberate lying?

I often get the impression that the majority of cybersecurity problems arise from the immense knowledge gap between people who genuinely understand the issue and the general public. I don't mean only the technical intricacies---which are understandably outside the realm of public knowledge---but also the broader, "obvious" concepts, like what constitutes a security breach. Then there's the press who, in a race to see who can get the more click-baity headline, will publish things which are misleading at best or totally fabricated at worst. This kind of sensationalism only expands this gap and, in my view, is making the general discipline of cybersecurity more difficult. The media's recent characterization of the recent election as having been "hacked" is one of the more egregious examples of this behavior.

An election has two parts. In the first part, votes are cast. In the second part, the votes are counted. This is an essential point, because if you do not understand that, then nothing that will follow can make sense to you.

Headlines that read some formulation of "Russia Hacked the US Election" are, to put it bluntly, wrong. They are fantastically wrong. It may be the case that bad actors intended to influence voters to cast their votes in a particular way. However, the continual repeated assertion that the election was "hacked" has given a large percentage of the voting population the impression that the casting or counting of ballots was affected. No credible source has made this assertion. Even if for the sake of argument it were the case that certain districts were hacked, many states do not use machines connected to the Internet, so flipping the election on a national scale would likely not be possible. Yet somehow, that has become a part of the national zeitgeist.

I am probably just ranting. I guess my larger question is, "How do you talk about this subject with people who are fundamentally clueless?" Furthermore, "How do you *unteach* someone who has accepted as fact an incorrect premise?"
R: 61

Freemail

Lainons, what are some free email services (besides yandex) that don't require a phone number for registration?
R: 14

offsite backup security

i'm currently thinking about how to set up an offsite backup in a secure manner. there are essentially two options i'm considering:
* encfs reverse filesystem, then rsync the encrypted files to offsite
* luks encrypted offsite storage, rsync the unencrypted files (still over a secure channel obviously)

my goal is to prevent anyone except me to view my files.

encfs:
+ files are encrypted before they leave the onsite location
+ i've used it successfully before and know how it works
- encfs has security issues if an attacker has repeated access to encrypted files
- encryption on a per-file level
- makes incremental updates difficult or impossible (?)

luks:
+ solid encryption (?)
+ encryption below filesystem level
- needs password entry over network on each boot (so no fully automated boot possible)
- files are only encrypted at offsite location (they are in the clear in offsite memory or with offsite OS access)

notes:
* I don't need to encrypt the root partition of the offsite server, encrypting the raid disks is enough
* offsite server has usb port inside case for an usb key boot partition (maybe needed for luks)
* offsite server has case-open detection switch ("tamper switch")
* I can't inspect the server on a regular basis, but I can do so occasionally (every 2-3 months) or when I suspect something is wrong, or when a harddisk fails

attacker model: "incompetent hardware access"
* attacker can do everything on the network, but i'm planning to use ssh or vpn or something anyway
* attacker has hardware access since it's offsite
* attacker has access to harddisks I throw away when they fail
* attacker can shutdown/disconnect server
* attacker cannot open case without shutting down server (tamper switch)
* attacker cannot disconnect server power without shutting down server (tamper detection)
* attacker cannot disconnect/remove harddisk while server is running without triggering a warning (either because of network disconnect or because of raid degradation)

encfs additional drawbacks on attacker model:
* attacker does not repeatedly read out harddisk contents and can determine file contents via encfs shortcomings (one-hit attacker only)

luks additional drawbacks on attacker model:
* attacker is not byzantine, as in he would not cut open the side of the server and access the memory or hardware bus from there while server is running.

Can you recommend one setup over another? Which one makes more sense? Is there some problem with either setup i haven't taken into account? Is the attacker model realistic? Anything i should change? Something else than rsync?

And, most important to me: How have you set up your offsite backups?
R: 14

TORing and Javascript

The folks on the Tor website recommend against running add-ons other than the defaults as that could be used to track you. However, recently I've been using LibreJS more and more with the TBB, even though I don't know a lick of coding. How do you Lains feel about whitelisting or running nonfree JS in your browser? I only whitelist a few sites that I need.
R: 20

Human Trafficking Prevention Act

The Human Trafficking Prevention Act is a piece of model legislation that is currently being advanced in several states. It would set up an opt-in filter for obscene content on the internet. The definitions for pornography in the USA are vague enough that such a law could easily be abused.

The following is an excerpt from the FAQ on their website (http://humantraffickingpreventionact.com/):
"Furthermore, the total prohibition against any form of government regulation is completely unrealistic and would create a state of nature. Consider this: a fish on the grass is not free. It is only when the fish is confined to water that it can swim lightening fast, thrive, and even breath. The same is true with humans. Mankind does not flourish best when child pornography,prostitution hubs, and obscenity are all one click away or unavoidable. Without “truth,” there is no “freedom.” “Freedom” comes from the “truth.” “Freedom” is not the “presence of restrictions” nor the “absence of restrictions.” “Freedom” is the presence of the “right restrictions,” the set of restrictions that objectively fits the givenness of our nature, the truth about “the way we are,” and the truth about “the way things are.” The set of restrictions that promote the most amount of peace, intimacy, reconciliation, healing, and forgiveness, in order to advance human flourishing to the maximized capacity are the set of restrictions that the state and federal legislature should adopt."

The authors of the model legislation are playing a bizarre sophistic game where they define freedom to mean "whatever we think is best for you." If that isn't enough to get you worked up enough to call your state representative, I don't know what is.
R: 57

Windows 10 Security

Greetings Lainons.

We already know that Linux distros are more secure than Windows (in regards to unauthorized intrusion, NSA and spying, and general privacy). This thread does NOT debate this.

However, how can we take steps to secure the privacy of Windows? Namely Windows 10? What are some suits and programs that help protect privacy and security within Windows?

We already know about the backdoors (through fuarrrking updates no-less) and that Windows is fundamentally insecure anyway, but what are some things to help protect it more anyway?

>pic related
R: 17

Selfhosted Email

I've been thinking about hosting my own mail server for a long time now, but I always get overhelmed by the countless options, so I thought I might ask you lainons.
Are you hosting your own email server?
What's your experience?
What setup can you recommend/are you running?
How resource heavy is a mail server?
R: 6

Domain Whois Damage Control

Good morning, Lain. I fuarked up. I registered a .us domain for a novelty domain name, but I forgot that .us domains cannot be bought with WhoisGuard, so now my full name and address are openly available in that domain's Whois record. This domain has been hosting a site with a steady supply of visitors for a few months. I'm thinking about migrating to a different domain and letting the old domain redirect to the new one until I no longer receive redirects from there, and to then cancel the domain. Thanks to all the domain metadata websites out there, may those who run them burn in hell, my Whois will probably persist in Google's cache for some time.

Do you have any experience in mitigating this type of total fail, Lain? Do you see further issues with my current plan?
R: 4

I want to start using gpg4usb to carry sensitive files on a stick. But it seems that i can only encrypt individual files and not directories. Am i forced to keep everything in an archive or should i just decrypt files as i need them instead?
R: 15

I want a tinfoil phone on a budget. I want a phone that runs linux and routes my calls from my cell phone # to it without calling it directly. I want it to be as secure as it can be for being a phone. It does not have to work perfectly as far as touch screen compatibility, as long as I am able to use it with a stylus, it is fine. It does not need to work with data, in fact I'd prefer that it didn't, as long as the wifi works fine. Which hardware should I use, which distro should I use, how would I go about this? Help appreciated, you guys are the friendliest people I could think of to ask.
R: 63

Any good cyberpunk chats?

I am looking for some good encrypted chatrooms where cyber security, encryption and programming is discussed. Similar to this chat; https://cryptodog.github.io/cryptodog/ Do you guys have any suggestions?
R: 23

So I've been wondering for a while, what would actually need, like hardware wise, to hack a satellite?
R: 5

Practical countersurveillance

What are some realistic countermeasures to facial recogniton?

CVdazzle takes too long and makes you stand out, masks are illegal in many places.

The best I can think of is hat+sunglasses+surgical mask.
R: 2

OSINT Group

Would anyone want to set up a OSINT group?
R: 38

what is up with people spreading disinfo about tor?

Like, every once in a while you'll see something like "tor is a honeypot" or "tor is compromised". What the fuarrrk? Do you really think something open-source that's under that much scrutiny could be compromised? Usually these people don't have any substantiative reason to believe what they do, either. They just say something like "it was originally funded by the military" or some bullsoykaf. Like, yeah, computers were originally built by the military, does that mean they're *all* compromised? no.
R: 2

Recently i noticed that someone had tried to login to my steam account from somewhere, prompting several steam verification code sms to my phone. Apparently having auto login is not secure since the passwords cant be saved securely.

After this i have become curious in auto login. How do clients save their passwords for auto login? Plaintext files hidden somewhere?
R: 24

Just a friendly reminder your devices are listening.

While anything with a mic can potentially be hacked, its known that cell phones are mandated to have surveillance capabilities. This can bypass the OS, as the cell modems have direct memory access, and its mandated that LE has a backdoor they can use to spy on people, even if the phone is off. A battery disconnect will kill the mic.

Just reminder to treat all microphones plugged into a power source as live, unless known otherwise.

Simple countermeasures:

1. make a fairday cage. Get a box that can fit your electronics. Get some radio reflective paint. Get a box. Paint the box inside and out. Connect your phone to cell tower, blue tooth and wifi, put the phone in the box, ensure the connections die.

PROTIP: STOCK microwave ovens do not work. It should work if you spray the inside of a microwave oven. untested though.

http://www.all-spec.com/Catalog/Paints-Coatings/Coatings/Conductive-Coatings/841-340G-33018?gclid=CMG7neuQ7NECFYWCswodkfINrw

2. Step two - get a white noise generator. You can get these things at bed bath and beyond as well as target as well as the internet. They use these in doctors office to prevent people overhearing sensitive communications.

Put devices in painted box next to white noise generator.

Double pro-tip: remember security culture. If you use it like contraband, it is contraband. The entire point is to look non suspicious. If anyone asks about the items, you need plausible stories about what you are doing with them.

White noise generator is to help you sleep. They are sold as sleep aids. the RF paint is for your radio project.

Triple pro-tip: bug detectors should find people's cell phones and anything else that needs to go in the box for the conversation. Any electronics that has a wireless data interface of any kind needs to go in the box.
R: 1

Just grabbed the equation_drug dump off the tracker and I want to mess with it on some old hardware I have. Problem is I have no idea how to use it and I'm not sure where to look for guidance.

Any lains have advice?
R: 5

Air Travel and Hardware Security

I'm going to be flying for the first time ever soon, and I was hoping for some advice on laptop or electronics security for my OS, to keep TSA agents from snooping on me mainly.
R: 20

Post-Quantum Cryptography

Hi lainons, this is the Post-Quantum Cryptography thread!

Although the threat of quantum computers is currently not a concern, but any individual who cares about privacy, cryptography or security needs to learn more about PQC right now, before the quantum apocalypse.

Feel free discuss anything relevant, e.g. practical software solutions that utilize PQC, theoretical development.

As a starter, here's a list of recommendations. If you know more, share it!

Software

>https://github.com/i2p/i2p.i2p-bote

i2p-bote, decentralized email, NTRU encryption.

>http://goldbug.sourceforge.net/

Goldbug, instant messaging, NTRU and McEliece.

>https://github.com/tbuktu/libntru

C Implementation of NTRUEncrypt.

Lectures

>https://www.youtube.com/watch?v=bbkCBlWfwaQ

Daniel Bernstein - The Post-Quantum Internet

>https://www.youtube.com/watch?v=MG6g04R_Ims

Phong Nguyen - Lattice-Based Cryptography

>https://www.youtube.com/watch?v=EqRsel-rXac

Tanja Lange - Code-Based Cryptography

>https://www.youtube.com/watch?v=FrM6zAuI7-4

Jintai Ding - State of Art of MPKC

>https://www.youtube.com/watch?v=nfLAVybabMs

Dustin Moody - Post-Quantum Cryptography: NIST's Plan for the Future
R: 6

Freedom Hosting 2

Freedom Hosting 2, the successor to Freedom Hosting, was recently hacked by a unnamed person(s). Their database was held at hostage for 0.1 BTC, but the person(s) released it for free in a torrent: http://fhostingesps6bly.onion/fhosting.sql.gz.torrent

I haven't personally looked into the database, but I wouldn't be surprised if a lot of it was CP or scam accounts/services. They also released the system files (configs, private keys, etc.), which aren't that interesting but still something.
R: 98

What do you think #Vault7 is about?
R: 6

OS Security

I see a lot of talk about netsec here but not a lot about how you protect your local os (besides basic encryption). So, lainians, how do you protect your computer?
R: 9

stand alone steganography app for images?

So, dear Lainons I want to "sign" an image with some text, not a watermark but embed my signature within the image. Maybe there will be some negligible quality loss but I'd like it to be readable by the some app.

I suppose it's similar to how layer works but would run as a stand alone application (for large image files). It doesn't use meta-data tags like EXIF or anything similar, the message would be encoded into the file. If it gets cropped, re-encoded or modified in any way, then the signature is destroyed (therefore the file is no longer authentic).

Does such a program or suite of programs exist? I know a simple screenshot will copy any image but this is more as a means to preserve the source for those interested in knowing.
R: 3

IDS

Hey,
i need your help. How do i know that my network/system isn´t compromised? Where do i start with IDS? What Software should i use?

Also general discussion on IDS.
R: 35

United States CBP (Customs and Border Protection) wants your phone, your facebook, and your Twitter.

what OpSec do you perform to disrupt this effort?
what OpSec do you recommend to avoid/deter against this?

Rules of the engagement:
- CBP can detain you and search you with no suspicion.
- if you are a citizen, you have a limited subset of rights at CBP checkpoints. An attorney cannot help you here.
- CBP is authorized to use deadly force. most are heavily armored, well armed, and CCTV is in effect.

Hints:
- CBP are not trained in infosec. many do not graduate beyond highschool education.
- explaining rights, laws, freedoms, etc... is discouraged. see above.
- technical descriptions or explanations should be abvoided. see above.
R: 9

Announcing the first SHA1 collision

https://shattered.it/

https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html

Is this really that bad?
R: 11

Cloudflare Dumping Unitialized Memory

Project Zero: https://bugs.chromium.org/p/project-zero/issues/detail?id=1139
Cloudflare Blog: https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/
Hacker News thread: https://news.ycombinator.com/item?id=13718752
Sites using Cloudflare: https://github.com/pirate/sites-using-cloudflare

General consensus on the issue (by everyone who isn't Cloudflare) seems to be that this is an exceptionally serious vulnerability that may have compromised substantial user information from almost any site that uses Cloudflare.

The current suggestion is to rotate all of your passwords for sites that may have been affected.

Examples of data that have been leaked through this vulnerability include GPS positions from Uber, authorization tokens from Fitbit mobile applications (I think?), chat messages from a popular chat client (hypothesized to be Discord), and private messages from dating sites (OKCupid).
R: 8

W3C is introducing EME aka a bunch of bullocks

https://www.w3.org/blog/2017/02/on-eme-in-html5/

It worries me when the top dog in W3C takes on the roll of a powerless proponent of DRM.

>Yes, there is an argument made that in any case, W3C should just stand up against DRM, but we, like Canute, understand our power is limited.


Holy soykaf u dense fuarrrks at W3C, the reason you exist is to advocate AGAINST this soykaf. There is no bureaucratic pressure for W3C to roll over, they just put out guidelines. The fuarrrk.
R: 5

So the Danish Defense college released a SE framework guide I thought you would be interested in.

This report gives a decent framework on SE but also case studies on SE attacks such as the power grid attack in Ukraine, Kiev airport attack, and the US DoJ.
R: 9

Fully encrypting an Android phone

Hey Lainons,

I've never been a security conscious guy until recently, where suddenly it seems like I've gone full blown paranoia in face of the inevitable cyberpunk future.

Basically, I want to know how to encrypt my entire (Year and a half old) Android phone as much as possible, so that the data is mine and not available to be taken by any government. I've installed Tor and trying to use Signal for messaging (Gotta get other people using it first), but I wanna know what the next step is to securing myself.

Thanks!
R: 0

https://mackeeper.com/blog/post/339-spammergate-the-fall-of-an-empire

A spam group "calling themselves River City Media (RCM). Led by known spammers Alvin Slocombe and Matt Ferris" has left backup servers exposed, containing operation critical files, including "a database of 1.4 billion email accounts combined with real names, user IP addresses, and often physical address".

Includes information about how they used a slowloris attack to open a ton of connections to gmail, and force it to process a massive amount of email at once.

As the article rightly points out:
>Imagine the privacy and legal implications here. Law enforcement agents normally have to go through a subpoena process before a service provider will hand over the name behind an IP address or account. This list maps out 1.4 billion.

It seems apparent that CoRegistration was a source for these collected email addresses - sites sharing details you provide with third parties. RCM themselves posed as a media company.
It makes me wonder how many other operations like this are out there, and how easy must it be to scrape personal information en masse like this.

Spamhaus has blacklisted RCM's infrastructure.
R: 3

Physical Access Phone Security

with governments forcibly demanding your passwords and cloning your whole phone to crawl through later when you travel, what solutions exist other than simply wiping your whole phone and reimaging it later(or something that might not work like pretending you forgot the battery).


It simply is a bad idea to let them trawl through your entire email and chat histories as well as every account password and detail on whatever websites you were on. It's not a question of having something to hide it's being worried about them constructing evidence from out of context information to their own benefit.
Example case: http://www.dailyxtra.com/canada/news-and-ideas/news/us-customs-block-canadian-man-reading-scruff-profile-215531


I was thinking a hidden volume style setup might help here. for example, if i unlock my phone for them using one code, it could go to the volume without any vitals on it. The other would lead to my real phone OS. It would be nice to have this not only for this specific scenario but because i'd like to be able to make calls and do simple soykaf without "unlocking" every little ounce of security i have on the device so someone could grab it out of my hand and keep it unlocked to dig through emails or some soykaf. My understanding of hidden volumes is that the use of the outer volume will destroy the hidden volume's data, which is a major problem if they go into the outer volume and start rifling through everything installed.

A layered solution could also work where you have an obviously encrypted container inside the OS but severe usability problems emerge there as well as the reliance on their laziness, they could still ask what that big inaccessible file is.

Are there any existing phone OS/implementations i can read up on that compares to this level of security?
R: 21

Comp Sci Specialization: Cyber Security

There's this new degree in my country that looks promising. A comp sci master's program, specializing in cyber security, shared between two neato technical universities:
https://www.utwente.nl/en/education/master/programmes/computer-science/specialization/cyber-security/#why-cyber-security

Then again, will anyone care when you get this piece of paper? I can see the job interview in my nighmares already: "Lol nice meme degree. Where's your work experience doing anything security-related at all?" I know businesses get horny at the sound of the term "data science" but they're not handing over security tasks to just anyone.

If I enroll for this thing, some 3-4 years from now, it will probably be because I want to escape my current code monkey job. Not because I'm already a master hacker. I'll need to do a bridging program too, before I can be admitted, so I'll lose another year during which I'm not actually working. Will I just be setting myself up for failure?

PS: Cryptography will probably eat me alive unless I go in extremely well-prepared.
R: 14

  extern EFI_BOOT_SERVICES *gBS;
EFI_EXIT_BOOT_SERVICES gOrigExitBootServices;



EFI_STATUS
EFIAPI
ExitBootServicesHook(IN EFI_HANDLE ImageHandle, IN UINTN MapKey){

/* <hook related fun> */
/* Do fun hook-related stuff here */
/* </hook-related fun> */

/* Fix the pointer in the boot services table */
/* If you don't do this, sometimes your hook method will be called repeatedly, which you don't want */
gBS->ExitBootServices = gOrigExitBootServices;

/* Get the memory map */
UINTN MemoryMapSize;
EFI_MEMORY_DESCRIPTOR *MemoryMap;
UINTN LocalMapKey;
UINTN DescriptorSize;
UINT32 DescriptorVersion;
MemoryMap = NULL;
MemoryMapSize = 0;


do {
Status = gBS->GetMemoryMap(&MemoryMapSize, MemoryMap, &LocalMapKey, &DescriptorSize,&DescriptorVersion);
if (Status == EFI_BUFFER_TOO_SMALL){
MemoryMap = AllocatePool(MemoryMapSize + 1);
Status = gBS->GetMemoryMap(&MemoryMapSize, MemoryMap, &LocalMapKey, &DescriptorSize,&DescriptorVersion);
} else {
/* Status is likely success - let the while() statement check success */
}
DbgPrint(L"This time through the memory map loop, status = %r\n",Status);

} while (Status != EFI_SUCCESS);

return gOrigExitBootServices(ImageHandle,LocalMapKey);

}
EFI_STATUS
EFIAPI
HookDriverMain(IN EFI_HANDLE ImageHandle, IN EFI_SYSTEM_TABLE *SystemTable){

/* Store off the original pointer and replace it with your own */
gOrigExitBootServices = gBS->ExitBootServices;
gBS->ExitBootServices = ExitBootServicesHook;

/* It's hooked! Return EFI_SUCCESS so your driver stays in memory */
return EFI_SUCCESS;
}

Think it works?
R: 45

new vault 7 thread

the last one got locked,and this is something we should be talking about....

so far the cybersec implications are that the cia has tools to compromise windows, ios and linux, and some computer programs
R: 53

Open Source Hardware

Greetings Lainons. Perhaps you can help me.

We all know the NSA, CIA, FBI, the ABC, DEF, GHI and so forth are spying on us through hardware. Let's face it; its embedded in Intel and AMD cpu's at this point, and probably the motherboards as well. X86 and amd64 are no longer secure.

Now, with all that said, what are some 'open-source' hardware that have no proprietary garbage on them? Is the Raspberry Pi like this?

>pic unrelated
R: 7

Whitehat beginings

Well, i have a pretty basic ethical/hacking problem
How to notice a webpage vulnerability to the webpage administrator without being sued and keeping my anonymity.
How do you lains do it?
R: 4

Espionage Piggybacks on Cybercrime


This on going case has been covered through and through, but this piece made got me thinking after the past weeks revelations and what has come to surface in the last decade:
https://www.nytimes.com/2017/03/12/world/europe/russia-hacker-evgeniy-bogachev.html

How likely is it to presume that the very thing .ru's agencies have been caught doing, has been executed already by the US and China, but has yet to surface?
The means of riding off another's OP, typically having nothing to do with financial gain would seem a wise cover, as it's not common to associate both actors with one another as we tend to separate the two, but the targeting en masse/casting the net of everyday citizens in the millions, be it hundreds of millions, without probable cause if unveiled would be something.
R: 18

Greetings, fellow Lainons.

I am gravely concerned. Regardless of you're OS, regardless if you're using Libreboot and even if you do have 100% open source hardware, it raises a greater question.

How can we stop ISPs from recording our web traffic?

Granted, if you have committed no crime then you have nothing to hide. However, its a matter of principle here. What are steps we can take to privatize our online activity and at least prevent our traffic being monitored? Yes, we can use a VPN, but who is to say they are not recording our traffic as well and not using it against us?

Is this the end of the free internet as we know it?
>inb4 OP is overly melodramatic
I am only concerned for our well being and is all. I apologize if this seems heavily dramatized in anyway.
R: 0

Malware anecdotes

Why don't we have threads about our malware anecdotes?

Mine isn't anything special, but maybe someone finds it as funny as I did.
Basically I one day I got an obvious scam email that wanted me to open it's attachemnt. The attachment was a .doc.js file.Since I had lot's of time, was on Linux, didn't care and was curious I decided to take the malware apart as much as I can. Until I eventually got to some kind of .exe file. On Linux. At that point I started laughing maniacally. I didn't bother to go any further.
R: 10

Can we have some Ebooks and discussion about Private Investigation?

Epub is preferred, but PDF's are also good.

I aspire to become a Private Investigator, but I've hit a roadblock and I'm looking for some inspiration and advice, anything is welcome.
R: 1

Project X - TITANPOINT

Lainons, i think you might find that interesting, if you haven't heard of this already: the windowless Tower of new york city.

10-minute-"documentary", narrated by rami malek and michelle Williams https://fieldofvision.org/project-x

article by the intercept https://theintercept.com/2016/11/16/the-nsas-spy-hub-in-new-york-hidden-in-plain-sight/
R: 3

If the NSA is really watching...

Somebody, somewhere (more likely multiple people in multiple places) are watching me. Spying on me. The NSA, FBI, ABC, DEFG, China, they're watching us all. Somebody watches me wank my microscopic peter while looking at elephant women.

I want them to know, all of the government agencies spying on me, I want them all to know this; I feel sorry for the non-normal person soykaf they see me do and I think its hot.

That's all, thank you.
R: 26

Libreboot vs GNU

Greetings fellow lains.

I have recently discovered Libreboot thanks to this board, and I have investigated it a little bit. The first thing that popped out was that it was against GNU. This immediately pegged my bullsoykaf meter. I read on, about the reason why. So, serious question; is GNU really evil or is Liah Rowe full of soykaf? I have never thought of GNU as 'the bad guys' like I do Microsoft or the gov.
R: 4

Messaging clients

Hi lains, I've kind of been out of the loop for a while. Sorry if this has been discussed to death somewhere but I'm on a public connection at the moment and I have to run in a bit and I just wanted to ask quick..

What are you wonderful people using lately? I was looking into Tox, but was wondering if anyone has better alternatives or some info.. Looking for something secure released by a reputable entity.

The thing I didn't like about Tox was how it seems pretty trivial for someone to get your IP just by connecting to them? But maybe thats just sort of how it all works, idk, clearly I need to do a bit more research but I just wanted to see what you all thought as well.

Thanks for reading~
R: 1

Secure browsing for specific user cases

I have a somewhat old laptop with Arch+i3wm installed in it, and I have some questions regarding as secure as possible browsing in it.
For professional reasons, I need to access some heavily botnet websites. I have no personal information anywhere, so it's not a very dramatic issue, but I still want to have as little as possible connections between my different browsing activities. The problem is that the only modern browsers that I can properly run in here are chromium-based. Anything related to firefox (IceCat, PaleMoon, &c) is just slow to the point of being impractical, and other lightweight browsers I've tested just wouldn't load a lot of websites around (for everything that's just simple, I'll use w3m, which I prefer anyway). So I use Iridium, which as far as these types of browsers go, I'm pretty sure is the most secure I could do.

For more specific protection, besides the basic ublock and httpseverywhere, I use uMatrix, with pretty strict rules, even though to access most common websites I end up having to let some soykaf come in. It also deletes my cookies every 15 minutes, and I only use incognito ever, so there's no continuity. But I get paranoid after being on google sites or anything similar, and don't want to leave those cookies laying around even as I go to the next site, or do anything after that.

So, I've described all this to give context to some doubts I have:
- am I just overthinking soykaf at this point in terms of browsing, and since I have to use those sites anyways, this is already as far as I can go with keeping them locked?
- what other combinations of extensions or habits I could use if the former question isn't the case? I really wish I had something like self-destructing cookies, but I couldn't find any equivalent for Iridium that was open source
- if i just delete cookies+cache as I'm using incognito (chromium-based browser do that on another, not-incognito window), because I don't want those particularly nasty cookies laying around after going to youtube, for example, even for 15 minutes, will the browser delete them for the incognito session I'm using or those will persist until I close it?
It's a really bore having to either do that, or close and open the program again just to be done with that session info before doing other stuff. I saw several extensions that do a total clean-up with one click, but all I could was closed-source.

Anyway, any help, advice, or recommendations on stuff I should read to have some new ideas would be very welcome. And I'm sorry if I should have posted this in some of the general questions threads, but I've read several of them and didn't see many posts with such broad questions, so I thought this might deserve it's own thread. Perhaps other people will like to bring their questions in this format as well.
R: 7

OpSec

I remember there was a thread here about opsec sometime ago where lainons discussed the opsec they did and general tips.

Can we have one of those again?
R: 11

Siacoin has potential. Truly decentralized data storage. 1TB a month for 5 bucks!

Going through the available documentation for the past couple hours after hearing it recommended by a glorious fluffy from one of the podcast series over at LTB.
At this moment, this project seems promising.
Think imma buy some sias in the following days, compile and install some point in the week and see if it lives up to the hype.
Any of you out there using with success?

Here's a brief explainer taken from https://sia.tech:
"The idea of Sia was originally conceived at HackMIT 2013. What if you could liberate the unused storage space of the world and unite it into a worldwide free market for data?

Sia leverages the capacity of blockchain technology to enable distributed networks to reach consensus in a secure and trustless way. Cryptographically secured smart contracts ensure the encryption and transfer of data with no possibility for a third party to interfere in any way.

Sia is a new approach to cloud storage platforms. Instead of all datacenters being owned and operated by a single company, Sia opens the floodgates and allows anyone to make money by renting out their hard drive. Data integrity is protected using redundancy and cryptography.

The promise of Sia is a decentralized network of datacenters that, taken together, comprise the world's fastest, cheapest, and most secure cloud storage platform. Today, being a major cloud storage player requires having datacenters, building trust within the market, reaching customers, and competing with giants such as Amazon, Google, and Microsoft.

Breaking into this market is a multi-billion dollar endeavor. The long term goal of Sia is to be the backbone storage layer of the Internet.

We believe data should be free. We aim to liberate the unused bits of the world and construct the largest storage superserver on the planet."
R: 2

HTTP2

From /news

>HTTP2 Support Enabled. — by Appleman1234 at >2017-03-24 09:36:35

>
>HTTP2 Support Enabled.
>
>This required various other updates (PHP-5 to PHP-7, >OpenSSL) and a short down time. If you have any >issues please contact using IRC, Mumble or /q/.

What exactly is HTTP2? Is this a new standard with security and encryption in mind? I'll of course refer to Wikipedia in a moment, but would anybody first care to explain to me what this is?
R: 2

Linux - HDD to VDI

I'm not sure if I am posting in the right board, but it didn't feel quite right posting in /lam/, /sci/, or /tech/.

My objective is clear enough; I want to use a live Linux CD or flashdrive to boot a computer and visualize the computer's hard drive into a single .vdi file that Virtualbox can boot. How can this be done?

I have already seen this-
>http://askubuntu.com/questions/34802/convert-my-physical-operating-system-to-a-virtualbox-disk
-but this is not exactly what I want though. I do not want to take a raw image and then convert it to a bootable .vdi. I want to directly convert the hard drive straight to a .vdi in one step.

Granted, its easy enough to just image the hard drive, but again, I want to make a .vdi virtual hard drive from a physical hard drive. I'm not against paid software that does this (I think vmware does, not sure) but I want to use GNU and freeware first if any exist that does what I want.
R: 2

Ourmine Security group

There was a huge hack from a large number of youtubers about a week ago, including h3h3, leafyishere, idubbz, tons of gamer channels and hundreds more.

Do you know anything about these guys?

the only info i got was of their site and Wikipedia
https://ourmine.org
https://en.wikipedia.org/wiki/OurMine
http://www.tubefilter.com/2017/04/04/hacker-group-ourmine-hits-kwebbelkop-h3h3productions/
R: 1

Bounty for Donald Trump's Tax Returns

2600 Hacker magazine has released a bounty for Donald trumps tax return and is offering a $10,000 USD reward for the publication to their site

http://www.washingtontimes.com/news/2017/apr/5/hacker-magazine-2600-renews-10k-bounty-donald-trum/

What are your opinions lainon?
R: 18

When people talks about secure ways to communicate from a smartphone, Signal is always is the go-to choice. Except there's a few things that I personally think is annoying with this apps, like the fact it use the internet connection and make your texts go trough a SPOF (even though the transition make sense, see their blogs about it : https://whispersystems.org/blog/goodbye-encrypted-sms ).
So how to secure SMS/MMS traffic ? Since last years I've been using a fork of TextSecure 2.6.4, called Silence : https://silence.im
As explained in the first link I've put, both apps have their own pros and cons :
Pros :
>No google services dependencies
>No SPOF
>Can be your default SMS apps
Cons :
>No IOS support (there's just no API to rely on).
>Except the length of the text, you cannot obfuscate the metadata
>Encrypted texts spotted from miles ( https://github.com/SilenceIM/Silence/issues/480 )
>No calls, no video.

So, what's your personal opinion ? What do you use to keep you secure ?
>inb4 use Antox you pleb
pls no