Catalog of /tech/

Bottom

Mode: Thread

Max file size: 350.00 MB

Max files: 5

Remember to follow the rules

Max message length: 4096

R: 5 / I: 0 / P: 1

Welcome to /tech/, a technology board. This board is for general discussion of technology.

NSFW files are only allowed if they are spoilered.
All rules and policies are open for discussion in this thread.

IRC: #/tech/, #InfinityNow and #endchan on irc.rizon.net - https://qchat.rizon.net/
Secure Computing Practices Links: http://hjvx7xg3n4ejezmh.onion/
Wiki (OLD): https://wiki.installgentoo.com/

Archived sticky threads:

https://archive.is/Lcqkj
https://archive.fo/WxkDv

Related boards:

>>>/cyber/ - Cyberpunk & Science Fiction
>>>/lv/ - Libre Vidya
>>>/markov/ - bot hell
>>>/os/ - Online Security
>>>/t/ - Torrents/trackers
Open

R: 27 / I: 8 / P: 1

DIY, Modular, Open source Laptop

Laptop form factor open source hardware design, built from off the shelf components for DIY, modular, open source computing.

CPU, RAM, graphics: 1x single board computer
FSB, ports: 2x powered USB hub
Battery: 1x USB powerbank, >5000 mAh, >2A
Input: 1x USB keyboard
Input: 1x USB trackpad
Storage: 1x USB flash drive
Network: 1x USB WiFi dongle
Audio: 1x USB sound card/headset
Display: 1x USB powered HDMI monitor
Case: 3D printed or DIY glued wooden case

Features:
-Completely modular, customizable, upgradeable and repairable
-User serviceable by all users
-Universal, modular battery and charger. Can swap battery when depleted
-Low cost
-Completely open source

Suggestions for the display? It is the least commonly available component. USB DisplayLink would be more convenient, but it is not open source.
Open

R: 7 / I: 1 / P: 1

Keyboard Computer Case

This is for those of you who ask about this form factor every so often. I hope enough people join so that he makes beige ones.

The X500 Pro is the final product in a line of computer cases designed a few years back (the X500 Plus and later the Evo with a mechanical keyboard) as a tribute to the computers of the '80s and '90s (Commodore, Atari, Sinclair etc...). It's a wedge styled computer case with built-in, full size mechanical keyboard.

https://www.kickstarter.com/projects/505470364/the-x500-pro-computer-case

R: 112 / I: 57 / P: 1

/g/ is building an OS
http://boards.4chan.org/g/thread/61110805

It's a riced out, gentoo based desktop distro
https://cloveros.ga/

Has a nice low ram footprint

irc.rizon.net #cloveros

R: 11 / I: 1 / P: 1

Palemoon blacklists NoScript

As the subject says. It's been entered into their custom "bitch at the user with a popup until they disable it" database. To be fair to the developer, he has solid reasons for his stance. I'll try to summarize as there is a lot of misinformation and emotion out there fogging the issue.

1) The Palemoon project does not have enough developer juice to debug other software and addons.
2) Various users: "[website] does not work with Palemoon. Fix your shit, Moonman!"
3) Moonman: "Known issue. Stop being morons and disable NoScript. Thank you, and have a nice day."
4) Various users: "We did. Same problem. Fix your shit."
5) Moonman: "Oh. That's an actual issue with Palemoon then. I'm on it!"
6) Much hacking and cracking and time and talent are expended to no effect. Surprise! NoScript does not follow the standard of letting go of the browser when disabled. It lingers on. It has to be completely uninstalled with an added cache clearing operation on top of that.
7) Moonman: "It's NoScript. Get rid of it. Have a nice day."
8) Various users: "No. FIX YOUR SHIT!"
9) Moonman: "Crush. Kill. DESTROY!"

If you roll with my simplification you can see his point.

I have two observations. First, quite a few sites have a technical support checklist that runs like this: "What browser are you using? Palemoon? Oh good! We have two fixes you may choose from. One, use another browser. Two, go away and do not come back."

My irony sense is tingling.

Second observation. While understandable, M.C. Straver's hissyfit behavior is stunningly reminiscent of none other than the creator of NoScript, Giorgio Maone. I am speaking of the legendary extension war between Adblock Plus and NoScript. Mr. Maone learned his lesson and humbly carried on, much to his credit. The impression I get from Mr. Straver is not so favorable. In any event, I do not have the time to await some developer's philosophical enlightenment, nor the fortitude to scale the wall Mr. Straver threw up against public user feedback, be that feedback soberly measured or otherwise.

So, I would like to hear from the community. There are a few options I am not willing to entertain, although I do not mind people discussing them in thread.

1) Tor bundle. I already use it and am happy with it, but not for all my web traffic.
2) Just replace NoScript with uMatrix and keep Palemoon. Not a bad idea, but not going to happen.
3) IE. Lawl. Last time I used IE by choice was at version 4.
4) Firefox. Today, I view FF versus IE as a distinction without difference. Which is why I moved to Palemoon.
5) Chrome. No. Just ... no.

What browser would you recommend as a replacement?

And now, the current contender list.

1) 64 bit systems: Waterfox.
2) 32 bit systems: Dunno. This is going to be a problem for me.

R: 50 / I: 11 / P: 1

Hax0r Thread

R: 15 / I: 4 / P: 1

Vehicle Hacking

Post and discuss the modification of vehicles!

Already have a laptop inside mine diverting power from the cars (Upgraded) alternator, and a few transmitters for improved communications and broadcasting.

R: 44 / I: 17 / P: 1

/tech/ - Technology

Welcome to /tech/, a technology board. This board is for discussion of computer technology, both software and hardware.

Previous thread: https://archive.fo/WxkDv

NSFW files are only allowed if they are spoilered.
All rules and policies are open for discussion in this thread.

IRC: #/tech/, #InfinityNow and #endchan on irc.rizon.net - https://qchat.rizon.net/
Secure Computing Practices Links: http://hjvx7xg3n4ejezmh.onion/
Wiki (OLD): https://wiki.installgentoo.com/

R: 21 / I: 3 / P: 1

Laptop Buyer Thread

Hey /tech/,
I'm looking to buy a laptop for general use. I know this board isn't really one for requesting shit but I know that if I post this anywhere else I'm just going to get meme responses. With that out of the way, can anyone rec me a laptop that
>isnt a meme like thinkpad
>isnt centered around gayming
>isnt made by apple
>isnt going to cost me an arm and a leg
That's really it. I'm probably just going to use to post here or on other imageboards and maybe watch some chinese cartoons. I am not going to use it for gaming. Any reccomendations?
apologies if this is kind of a low effort thread, but I can't really post this anywhere else and get any serious replies

R: 4 / I: 0 / P: 1

How to get strong ssl proxies fast

You will need a few things
Tor standalone (bonus points for modifying it to get 6 hops like >>>/os/709)
proxycheck.sh https://raw.githubusercontent.com/endwall2/endware/master/proxycheck.sh

Now first lest scrape proxy sites for fresh proxies
http://www.proxydb.net/leecher
input sites from https://www.blackhatworld.com/seo/proxie-scraping-links.464079/page-33 for now these work

https://huntproxy.com/
https://proxyunique.com/
https://mega-proxy.com/
https://freenetproxy.com/
https://sickproxy.com/
https://proxyfreaks.com/
https://topsiteproxy.com/
http://fineproxy.org/eng/fresh-proxies/
https://www.my-proxy.com/free-elite-proxy.html
http://us-proxyservers.blogspot.com.br/

that should yield a few thousand proxies. Simply inputting proxyape.com into http://www.proxydb.net/leecher will get you a lot too.
Now time to sort out the dead proxies and the transparent from elite. This checker only works with ssl proxies so for not that is what works. copy the proxies leeched from the proxydb.net/leecher into https://orca.tech/web-tools/proxy-checker.html and then copy the anonymous and elite proxies into a text file named ssl_proxies.txt
Run bash proxycheck.sh ssl_proxies.txt (make sure tor is running)

Pic related is a working proxy (Blurred because i am using it now in proxychains.)if both curl requests for google and youtube work than its a good proxy. The script takes all the working proxies and moves it to ssl_proxies_yt.txt

R: 2 / I: 1 / P: 2

The demise of Ixquick

I would like to hear what the community has to say regarding search engines, with a twist.

A long time coming, today I found all my requests to Ixquick redirected to Startpage. Ixquick was my engine of choice. At this point I expect someone to cite the primary importance of privacy, my previous choice of Ixquick, and thus an obvious suggestion: Startpage. Thanks, but no thanks.

What is my problem with Startpage?

Here is my perspective. With adequate provisioning, any search engine is fine to use from a privacy standpoint. By provisioning I mean choice of browser, addons, connection method, etc. My primary concern is not privacy because I handle that myself, ignoring the S.E.'s reputation for such. My concern is with the quality of search results.

History lesson. In olden days the choice was between Yahoo or Google. Yahoo went early with the commercial model, carefully managing your complete experience end-to-end, steering you toward their valuable partners, web portalization, etc. Google beat all that with strict adherence to academic methodology, and computer science. Sadly, all was merely short term tactics over strategy. Yahoo had the right idea, the right strategy, but it was Google who became Yahoo's dream.

Anyway, today, I find a note of bias in Google S.E. results, with commercial, regulatory, and ideological considerations given subtle (but noticeable) predominance. This is why I preferred Ixquick. While including results from Google, they cast a wide net and did not give any source special prominence. I found Ixquick returned more relevant results.

My understanding is Startpage goes straight to Google for everything. Given my perspective, you should understand why I find Startpage to be nothing more than Google re-branded. Such is my problem with Startpage.

Searx I know of. MetaGer is currently my favorite contender. What else is worth consideration?

R: 33 / I: 16 / P: 2

Random Thoughts

It's a shame how inactive this board is. It seems only to be that way because there's about three other chans consolidating the userbase. In the interest of promoting activity, I'll try to make this thread a thread about technology related musings I have (not that I'm important or anything) that could hopefully be used as starting points for discussion.

R: 6 / I: 2 / P: 2

The Ruination of Technology

Howdy friends, it is time for a thread by me, your favorite endchan poster. Hmm, basically this thread will be all about technology. And perhaps I will share some amusing anecdotes and or opinions in the subject, from my lifetime in the destruction of American tech sector. I call it "the destruction of tech" because that is what they did. Weaponizing it, and infiltrating a bunch of rupee caste to take over the tech positions. Now we see India going full on beast money to control their people. We in America allowed this horror to happen.

Essentially, this bespeaks how corporatized (non citizen controlled) tech is actually a device for intl level fuckwads, to ruin the USA power base through their infiltration of their dirtbag "engineer" types who are famous for being total fuckups and makers of shitty code. basically 25 years of kike enabled war on technology, with bitches like Jobs Zuckerberger and Billgatus who bought DOS from the guy across the street. Like also how Disney himself couldn't draw for shit, but he knew how to buy artists and market his stuff (and how to blackmail and make underworld mulholland drive style connections to the deepest of states see also Hugh Hefner grotto full of kompromat).

Here in paragraph three I will make the point that essentially conspiracy is the water the boat of the world floats upon. Our time is when people alternately struggle and ask questions about what rich fuckers might actually get up to, and is "Hostel" descriptive of a certain class of people who delight in murdering and eating others? Eli Roth, hmm, is he part of some Hollywood eviltech to make us all see and believe bullshit horror as fantasy rather than accepting bullshit horror as truth of our lives? If only we knew how little they value us as souls and how much they value themselves as the soulless?

Okay so here in paragraph four I will say that the ability to project sound upon one person and thereby make them hear a voice spoken to them, reminds me of when Valdemort 'speaks' to all the kids in their heads. I wonder that it wouldn't be difficult to hmm in some stadium let us say, project into people's heads, on a seat by seat basis. Imagine if you will, a stadium full of people being delightfully spoken to in their heads/ears by what may as well be a spirit or a ghost, encouraging them to visit concession stands. Would you call that technology? Imagine a lady saying "did you hear that too?" and you didn't hear that which she is referring to. Will you wonder what words were sent to her head and not to yours? In the past 25 years of technology, what has humanity gained and what have we lost?

Finally here we speak to the death of the IP network. I would say again, it's due to us allowing third world shitbags to ruin it. We should have kept it to ourselves, but again, the intl kike scheme is designed to Zucerberger everyone as if we were all cattle. Push the IP into the lousiest places and tech-nable the biggest assholes of the world. Just imagine if we had kept fidon et and the earliest nets private and only allowed higher level citizens to use them. In this way the intl shitbags would have been kept down in their mudpits, and never been given the gifts which we white folks invented. Not being racist, just saying that white people make awesome shit and others can't give us credit for that. Everything we make, they ruin. So in this way again, I ask, if "Hitler Guy" of the future, re invents the IP schema, but keeps it as a national thing, with zero connections to the outside world, would you consider that to be an advancement of tech or a disadvancement of tech? Well anyway thanks for listening and ask any questions you wish. Here we mourn or celebrate the full spectrum war happening to us all.

R: 3 / I: 0 / P: 2

ARM ChromeOS Meltdown

>Meltdown only affects Inte-

Dumping this info here since /g/ is full of bait threads and shit.

This is what meltdown looks like in a Samsung Chromebook Plus. If you want to give it a try yourself, start by installing Arch on a USB stick

https://archlinuxarm.org/platforms/armv8/rockchip/samsung-chromebook-plus

And then,

$git clone https://github.com/lgeek/spec_poc_arm.git
$cd spec_poc_arm
$make
$taskset 0x30 ./dump_sys_regs

To pin the task to the vulnerable A72 cores use 0x30, use 0x0F to compare with the not vulnerable A53 cores.

Meltdown patches are not being backported to kernel 4.4. Meltdown mitigation also requires firmware patch. Google will not do any of this for Chromebook users. 4.4.110 is from Jan 5 when meltdown patches were going out for Intel. Google is addressing Meltdown for Intel only.

http://kroah.com/log/blog/2018/01/06/meltdown-status/

Your only secure option is going to be to ditch Google Chrome OS and upgrade to mainline kernel. You also need a firmware patch, so that means flashing your own build of firmware with flashrom.

https://github.com/ARM-software/arm-trusted-firmware

https://youtube.com/watch?v=z-KpAA4_afs [Embed]

https://www.chromium.org/chromium-os/developer-information-for-chrome-os-devices/custom-firmware

Your GPU will never work on mainline, because the userspace mali drivers target 4.4 and as mentioned, Google will not be backporting patches. Reverse engineering needed here,

https://github.com/rockchip-linux/libmali

TL;DR: Google is passing off known defective OS and firmware as new and secure with no intention of ever fixing the issues.
Open

R: 2 / I: 0 / P: 2

Cyberwar starts

>Britain would consider launching a cyber attack against Russia in retaliation if Russia targeted British national infrastructure
>Cyber security has become a focal point of the strained relations. On Thursday, a British spy chief said that his GCHQ agency would "continue to expose Russia's unacceptable cyber behaviour", adding there would be increasing demand for its cyber expertise.

https://www.reuters.com/article/us-britain-russia-cyber/uk-could-launch-retaliatory-cyber-attack-on-russia-if-infrastructure-targeted-sunday-times-idUSKBN1HL1BT?il=0

R: 66 / I: 16 / P: 2

List of Security and Privacy Best Practices

Following the other thread, here's the first version of the list:
- Tor hidden service: http://hjvx7xg3n4ejezmh.onion/
- 'Clearnet' Mirror (no styles): https://hjvx7xg3n4ejezmh.onion.cab/

If you want to contribute, post here on this thread.
Thanks to "Endwall" to host it.
Open

R: 2 / I: 0 / P: 2

I know this is old, but have you heard of project ORCHESTRA? This video talks about the NSA creating FOSS vulnerabilities and mitigating encryption on the internet. I think everyone should see this.

https://archive.fosdem.org/2014/schedule/event/nsa_operation_orchestra/

R: 50 / I: 10 / P: 2

WWW alternatives

With W3C now folding to DRM and the web already being crushed under the weight of JS I think we need a discussion.

What are some alternatives to the web? I remember GNUNET implements something like websites. Basically I think we should ditch web browsers all together. BBS? Gopher?
Open

R: 28 / I: 13 / P: 2

GNU OS

Anyone else excited about the coming full realisation of the GNU OS? Soon GuixSD will ship with Hurd and the original GNU vision will be a usable system.

After that all they need is all the software using GNU licenses and RMS can die fulfilled. If they then rewrite everything in scheme RMS will become a saint in heaven.

R: 7 / I: 1 / P: 2

Imagining a future for vectors

I have some hope that there could be a return to restart developing computing for vector graphics. It seems a bit counterintuitive how kids these days got 30 years of raster display tech development only to complain that VR doesn't work because they can still see the pixels in anything under a gorillion-k displays.

Perhaps in the future a mobile device could project laser-based optically scalable graphics on any wall, while a secondary monitor may simulate it in rasters when needed, but I'm more interested in how we can possibly get there from the current state of the industry where raster screens are so ubiquitous. Can anything as mildly dangerous as early CRTs even legally make it into the market this day and age? Can a dedicated vector graphics card survive the russian scalpers, if such a device is even possible without it's own OS?

R: 30 / I: 2 / P: 3

Essential Software Thread

Can we get a /software/ thread going? Preferably something better than pic related, which is total bullshit.
>vivaldi
>lastpass
>cloudstorage

R: 3 / I: 0 / P: 3

define "app"

Is app or even application a term that has a standardized definition, if so then what? Meaning that whatever platform I use to run "an app", I can trust that means the task being run has certain universal qualities that define it from other executables. My understanding of computing is a very poor outdated mix of dad logic and grandma logic and all this marketing shit doesn't do me any favors. When an "app" can be nothing more than a glorified interface to a program that's already always running, even on top of programs that are already only being run on an OS, I wouldn't want to be one to explain this shit straight to a next generation who have to unlearn all this training wheels garbage.

R: 3 / I: 0 / P: 3

Google Registry

The last piece of Google's web: Google Domains
.app domains available for registration https://www.registry.google/
- Mar 29 - May 1: Trademark holders can register .app domains (known as the "Sunrise" period).
- May 1 - May 8: Anyone can register available .app domains for an extra fee (known as the "Early Access" period).
- May 8 and onwards: Anyone can register available .app domains (known as “General Availability").

Now you can use your Google browser run on a Google operating system on a Google device connected to a Google router and Google Fiber to access a website which is hosted on Google servers, reachable by Google domain using a Google DNS server, verified and authenticated by Google certificate authority.

Google is planning on being the registry for many new top level domains including these: .ZIP .MOV .MEME
What do you think about this?

Charleston Road Registry Inc. d/b/a Google Registry
Why do you think this part of the company uses a pseudony which doesn't include "Google"?

R: 6 / I: 1 / P: 3

Warning All Microsoft Users: You May Need To Switch To Linux or an Other Alternative OS Soon... READ WHY

COPIED FROM FAGCHAN, BUT THIS SOUNDS IMPORTANT!

"Microsoft have changed their terms of service so that they can monitor any of your personal content, including the files on your PC, while using their products or services and if they deem it offensive they can take that content and their products/services away from you and ban you! If you happen to have an Xbox or have bought PC games from the Microsoft Store and are logged into your Microsoft account on any device while committing your "crime" you can be banned from Xbox Live and have all your downloaded games and any credit that's still in your account taken away!

But it gets worse. This applies to all Microsoft products and services. So therefore Windows itself! I think I have already been a victim, probably due to posting here, as recently my Windows 10 key was revoked out of the blue. I contacted Microsoft and they told me my key was no longer valid but outright refused to tell me why. So I had to buy Windows 10 again. I didn't buy it direct from them of course. Please post if this has happened to you very recently too.

I'm pretty scared about what's coming. They want us off the internet and I think this is how they're going to get many people. They're going to just shutdown our Windows on the basis of us breaking their new terms of service. What if ISPs are next?"

OP comment:

First off, no one should be using Windows 10. If you like Windows get an older one like Windows 2000, Vista or XP and make sure you turn OFF all automatic updates in the settings. Make sure you do not leave it online 24/7 either (leaving the OS online when not in use makes it much more vulnerable). There are also programs out there you can install that will completely remove all auto-updates for Windows if you are too lazy to change the settings.

If you want to switch to Linux you can install "Wine" and run Windows executives right from your Linux OS. Depending on which OS you partition (such as Q4OS) this will mimick an older version of Windows. Q4OS is what I recommend because you can install Wine and the OS replicates Windows XP, looking almost exactly the same!

Second, which is VERY important, users should be using a private VPN service in this day and age. No reason not to. Get off your lazy ass, buy a cheap private VPN (these can cost as low as $30 PER YEAR), and shield yourself by encrypting your communications and spoofing your IPs. Its easy and even us boomers can learn how to do it, I did.

Third: always have physical offline backups of any of your important files (this includes ISOs of the OS you use, software you may use and any media or other files you deem valuable).

Make sure you have access to several P2P clients and a Bit Torrent client in order to share media if websites start going down.

Here are some other security tips I recommend (trigger warning: some will seem pretty 'tin foil' but most are good tips!): https://archive.fo/t0ruD
Open

R: 4 / I: 0 / P: 3

Respecting privacy and Cloudflare in the same sentence?! Oh well...

"Announcing 1.1.1.1: the fastest, privacy-first consumer DNS service"

https://blog.cloudflare.com/announcing-1111/

R: 3 / I: 0 / P: 3

So I finally installed and configured dnscrypt-proxy since I remember someone here recommended it to me.
The problem is it kinda slow.
Can someone take a look at my config file and tell me if I'm doing something wrong ?

http://ix.io/17hP

R: 5 / I: 0 / P: 3

https://www.destroyallsoftware.com/sale

I've never head of this guy before.
Is anyone downloading all this videos and putting them up somewhere ?

R: 0 / I: 0 / P: 3

LynxChan 2.0: Magnus

LynxChan is an imageboard engine I started developing in 2015 with performance and flexibility in mind. It now powers several chans, with some having a good amount of traffic, like http://mewch.net and http://endchan.xyz

LynxChan 2.0 has entered it's beta with a stable release scheduled for 19/05.
It brings easily the biggest changes ever made in the project's nearly 3 years of existence, having completely changed templating and caching.
Now offering around 5 times better performance when serving pages and 50 times better performance when building pages it is trully deserving of a major version bump.
Along with these optimizations it includes the following features:

Links to board staff on board moderation page.
Page with details for media files, including a list of posts that use the file.
Implemented "remember me" on logins.
Thread's bump order is adjusted when replies are deleted.
Setting to configure the cache expiration of static files.
Optional headers and footers on pages.
Setting to completely hide unindexed boards.
E-mail confirmation.
Terminal command to change account's password.
E-mail notifications of reports made to content you can moderate.
Configurable limit of board message sizes.

The project's repository is at http://gitgud.io/LynxChan/LynxChan and my demo site is http://lynxhub.com

R: 15 / I: 5 / P: 3

I have a massive assortment of software ideas that I desire to articulate into reality, but I have very little knowledge regarding computer programming. I desire to learn C/C++ as they appear to be most suitable to my needs, and I would like some advice as to where I can begin and what existing software programs/Operating systems will be most useful to me.

Are the books written by Dennis Richie/Bjarne Stoustrup my best bet?

R: 2 / I: 0 / P: 3

Le memes ecks dee

I have a precious request or a difficult task to ask for

Are any of you in possession of blueprints for a machine that build machines that build computers? I figured this would be the solution of many of the worlds(including me) problems

If not im very willing to assist in designing one

R: 18 / I: 1 / P: 4

I'm looking to build a PC ($700 - 1000), and was wondering what would be a good build for gaming?

R: 6 / I: 0 / P: 4

Non x86 laptops

What is there available in the non-x86 laptops? I only know the old PPC macintosh laptops.

R: 2 / I: 0 / P: 4

Web servers/ async programming

I've been practicing network programming lately and was reading about the different web servers, how they work and so on.
I was wondering how Windows and windows based web servers perform compared to Linux since it has no epoll/kqueue. It turned out it has I/O Completion Ports. Then I searched for web server benchmark comparisons but there were no credible ones. Why has nobody compared these products yet?

>https://www.rootusers.com/linux-vs-windows-web-server-benchmarks/
This one implies that IIS outperforms nginx in every way and if that is true I want to know how it does that.

>http://gwan.com/benchmark
This one implies that g-wan is the fastest one (obviously, it's their product, therefore isn't a credible source).

>https://www.webperformance.com/load-testing-tools/blog/2011/11/what-is-the-fastest-webserver/
That one also shills for IIS, but it's probably fake since the author doesn't mention anything about hardware or server configuration.

So my questions are:
- Does Windows' IOCP perform better than epoll/kqueue and if so - why? And why don't we implement it for *nix?
- Does IIS outperform nginx/apache and if so - how does it do it and is it related to the IOCP?

I cannot find credible sources and I hope someone here has more experience than me.

Some interesting reads I came across:
http://kegel.com/c10k.html -
http://bulk.fefe.de/scalability/ - FreeBSD/OpenBSD/NetBSD/Linux(2.4, 2.6) benchmark (quite old)

>inb4 windows is closed source botnet

R: 3 / I: 0 / P: 4

Dnscrypt

Um.

What is up with dnscrypt-proxy?

The project has been abandoned?

What is the replacement?
Open

R: 4 / I: 0 / P: 4

Facebook new VPN shows what people do on their phones beyond suite of firm's apps

>Facebook acquisition of Israeli mobile-analytics company Onavo (a VPN service)
>data show in detail how the social-media giant employs it to measure what people do on their phones beyond Facebook's own suite of apps.
>"Websites and apps have used market-research services for years," the spokesman said
>has been downloaded an estimated 24 million times

Oh heyyyy!
http://archive.is/r7GhC

R: 14 / I: 2 / P: 4

ricing general

I want to start using i3-gaps instead of i3. Anyone try i3-gaps? Thinking about using an alternative to dmenu. Wanna jazz it the fuck up but keep it simple without the bells and whistles.

Pic semi-related. Not my cup of tea but an example of alternative icons.
https://www.reddit.com/r/unixporn/ is a great place to find dotfiles and workflows. ignore the laptop sticker cancer.

R: 14 / I: 5 / P: 4

What kid of email do you use?

Hey /tech/,
What kind of email do you use? I've that a lot of anons on technology boards use protonmail, but I've also heard that it's not secure. Any alternatives?

R: 34 / I: 9 / P: 4

MOZILLA SELLS OUT!

Mozilla To Build New Browsers That Conform To Internet Censorship

https://web.archive.org/web/20170815234815/http://www.naturalnews.com/2017-08-15-censorship-alert-mozilla-planning-kill-shot-for-entire-independent-media-by-blocking-all-non-approved-news-in-the-firefox-browser.html#

In November of 1737, decades before America officially declared its independence from the king of England, a young Benjamin Franklin published an essay in The Pennsylvania Gazette entitled, “On Freedom of Speech and the Press.” In it, Franklin wrote, “Freedom of speech is a principal pillar of a free government; when this support is taken away, the Constitution of a free society is dissolved, and tyranny is erected on its ruins.” Franklin went on to write, “An evil magistrate entrusted with power to punish for words, would be armed with a weapon the most destructive and terrible.”

Although this was written in an article published more than two and a half centuries ago, Franklin’s words are quite possibly more relevant today than they ever have been. Indeed, there is an ongoing effort by the progressive left and extremists such as George Soros to silence speech that doesn’t align with the liberal agenda. This effort to effectively gut the First Amendment is taking place virtually everywhere you look, from the mainstream media, to Hollywood, to college campuses, and perhaps most frequently, across the Internet.

Recently, the popular Internet web browser Mozilla Firefox announced that it plans on joining the fight against what it considers to be “fake news,” a term that to leftists means nothing more than news that is written by conservatives. Mozilla said that it was “investing in people, programs and projects” in an effort to “disrupt misinformation online.”

The first question that every constitutionalist and liberty-loving American should be asking is as follows: How does Mozilla define “fake news?” Are they only talking about suppressing radical websites such as sites run by white supremacists, or are they talking about any news that comes from conservatives? At the very least, it should worry you that companies like Mozilla are often reluctant to thoroughly define “fake news” – it is highly unlikely that this is unintentional.

Furthermore, what exactly gives Mozilla the right or the authority to determine what is misinformation and what is not? The United States Constitution is the law of the land, and the freedom of speech is an inalienable right from God. The fact that Mozilla thinks it has sweeping authority to select which speech is censored and which speech is not runs contrary to everything that America was founded upon.

With the assault on independent media getting increasingly aggressive, many Internet bloggers and website owners are desperately looking for ways they can continue voicing their opinions without being harassed, suppressed or silenced. If you are one of these people, you may want to consider using “Brave,” a relatively new web browser founded by former Mozilla CEO Brendan Eich.

On its website, Brave states that its goal is “to transform the online ad ecosystem with micropayments and a new revenue-sharing solution to give users and publishers a better deal, where fast, safe browsing is the path to a brighter future for the open web.”

If we are truly committed to one day restoring America to its constitutional roots, then we need to embrace initiatives like Brave and reject the political censorship that seems to now be running rampant across the country. Failure to do so will result in exactly what Benjamin Franklin warned about back in 1737 – the erosion of the Constitution and the establishment of tyranny.

R: 2 / I: 0 / P: 4

Google Unveils 72-Qubit Quantum Computer With Low Error Rates

>Google announced a 72-qubit universal quantum computer that promises the same low error rates the company saw in its first 9-qubit quantum computer. Google believes that this quantum computer, called Bristlecone, will be able to bring us to an age of quantum supremacy.

>Ready For Quantum Supremacy

>Google has teased before that it would build a 49-qubit quantum computer to achieve “quantum supremacy.” This achievement would show that quantum computers can perform some well-defined science problems faster than the fastest supercomputers in the world can.

>In a recent announcement, Google said:

> If a quantum processor can be operated with low enough error, it would be able to outperform a classical supercomputer on a well-defined computer science problem, an achievement known as quantum supremacy. These random circuits must be large in both number of qubits as well as computational length (depth).

> Although no one has achieved this goal yet, we calculate quantum supremacy can be comfortably demonstrated with 49 qubits, a circuit depth exceeding 40, and a two-qubit error below 0.5%. We believe the experimental demonstration of a quantum processor outperforming a supercomputer would be a watershed moment for our field, and remains one of our key objectives.

>Not long after Google started talking about its 49-qubit quantum computer, IBM showed that for some specific quantum applications, 56 qubits or more may be needed to prove quantum supremacy. It seems Google wanted to remove all doubt, so now it’s experimenting with a 72-qubit quantum computer.

>Don’t let the numbers fool you, though. Right now, the most powerful supercomputers can simulate only 46 qubits and for every new qubit that needs to be simulated, the memory requirements typically double (although some system-wide efficiency can be gained with new innovations).

>Therefore, in order for us to simulate a 72-qubit quantum computer, we’d need millions of times more RAM (2^(72-46)). We probably won’t be able to use that much RAM in a supercomputer anytime soon, so if Bristlecone will be able to run any algorithm faster than our most powerful supercomputers, then the quantum supremacy era will have arrived.

>High Number Of Qubits Is Not Enough

>A high number of qubits is not the only thing that’s needed to achieve quantum supremacy. You also need qubits with low error rates so they don’t mess-up the calculations. A useful quantum computer is a function of both number of qubits and error rate.
According to Google, a minimum error rate for quantum computers needs to be in the range of less than 1%, coupled with close to 100 qubits. Google seems to have achieved this so far with 72-qubit Bristlecone and its 1% error rate for readout, 0.1% for single-qubit gates, and 0.6% for two-qubit gates.

>Quantum computers will begin to become highly useful in solving real-world problems when we can achieve error rates of 0.1-1% coupled with hundreds of thousand to millions of qubits.

>According to Google, an ideal quantum computer would have at least hundreds of millions of qubits and an error rate lower than 0.01%. That may take several decades to achieve, even if we assume a “Moore’s Law” of some kind for quantum computers (which so far seems to exist, seeing the progress of both Google and IBM in the past few years, as well as D-Wave).

>That said, we may start seeing some "useful" applications of quantum computers well before that. For instance, breaking most existing cryptography may be possible when the quantum computers have only a few thousand qubits. If the current rate of progress for quantum computers holds, we may be able to reach that in about a decade.

>Google is “cautiously optimistic” that the Bristlecone quantum computer will not only achieve quantum supremacy, but could also be used as a testbed for researching qubit scalability and error rates, as well as applications such as simulation, optimization, and machine learning.

R: 6 / I: 1 / P: 4

HP Botnet

The amount of analysis a fucking printer company is doing is rather disturbing.
Open

R: 21 / I: 1 / P: 5

Is Signal a threat to Free Software?

https://blog.grobox.de/2016/is-signal-a-threat-to-free-software/

My opinion: the guy from LibreSignal was using the Signal servers, consuming their energy, and using their marketing. This is not right.
About the Signal requirement to have google shit, it's very unfortunate. Though, people should just use other thing and stop all this buzz.

R: 1 / I: 0 / P: 5

i don't trust the data dumps that i've been finding through torch. can anyone point me to an onion site with some good data dumps?

R: 0 / I: 0 / P: 5

anyone have a site where I can look at data dumps? preferably an onion site
Open

R: 4 / I: 2 / P: 5

NIST finally is doing something on PQCrypto

>Round 1 Submissions
> ht tps:// csrc.nist.gov/projects/post-quantum-cryptography/round-1-submissions

Keep looking. This is very important in case non-bullshit "quantum" computing really becomes a thing.

DjB submitted the "McEliece" and SPHINCS together with other academics:
> ht tps:// classic.mceliece.org/
> ht tps:// sphincs.org/

Inria (that developed Coq and others) worked on Big Quake:
> ht tps:// bigquake.inria.fr/

<can't paste links, shitty system detect as flood

R: 26 / I: 1 / P: 5

Hi tech, i'm tired of windows.

I will go to linux, but I need know which linux i will usage.

I am in doubt between the backbox and Kali Linux, if you have more recommendations, I accept (debian priorizer).

I have a 4GB pendrive, is it enough to change the operating system?

R: 18 / I: 4 / P: 5

FLOSS and licensing

Hello /tech/,

I'm not so familiar with software licenses so I started reading about the subject. At one point the question 'How does one profit from floss software?' popped in my head and these are some articles I came upon (quite outdated, but they still have a point). So GPL prevents companies from making proprietary software with your piece of software. BSD, on the other hand, does not (that's the case with Apple's kernel). Turns out the only way a company can profit from GPL license is by donations, offering support, teaching or dual licensing. Dual licensing seems like the most used option.

https://www.linuxjournal.com/article/5935
http://sealedabstract.com/rants/why-the-gpl-sucks/

>But there is a net effect on software development. Who makes money off GPL code? We go back to Novell and Red Hat, who test and package this software. And we see a trend–GPL code helps software testers make money. It helps QA people. It helps the people who answer the support phones. It helps everybody except software developers. Oh, maybe Google will pay them a salary as a goodwill gesture. But it’s really, really hard to make money from developing FOSS. You can make money supporting it. You can make money testing it. But no money developing it.

So my question is - does free software actually benefit the developer?
Open

R: 4 / I: 2 / P: 5

Meltdown fix committed to OpenBSD

>Meltdown mitigation is coming to OpenBSD. Philip Guenther (guenther@) has just committed a diff that implements a new mitigation technique to OpenBSD: Separation of page tables for kernel and userland. This fixes the Meltdown problems that affect most CPUs from Intel.
>When a syscall, trap, or interrupt takes a CPU from userspace to kernel the trampoline code switches page tables, switches stacks to the thread's real kernel stack, then copies over the necessary bits from the trampoline stack

Very good news. Let's see the performance impact. As undeadly contributor said, help test the snapshots from 22 february. Here (check the SHA256, please - use install62.fs for usb stick or install62.iso for CD-ROM):
https://ftp.OpenBSD.org/pub/OpenBSD/snapshots/amd64/

R: 13 / I: 7 / P: 5

lowRISC: another year bites the dust?

http://www.lowrisc.org/faq/

>When can I buy a lowRISC SoC?
>As with most tech projects, the most accurate answer is “When it’s ready”.
>We are expecting to crowdfund an initial instantiation of the lowRISC platform during the course of 2017.

I'm pretty sure the lowRISC FAQ said 2016 last year. It didn't happen, obviously, and it was changed to 2017, but we're running out of that, too. Ten weeks left, boys. Is a lowRISC SoC vaporware for another year?

At what point do we start looking to the J-x processors based on Hitachi's SuperH architecture? The last SH-4 patents are expiring this year.

http://j-core.org/roadmap.html

R: 5 / I: 0 / P: 5

If Windows is such a shitty operating system, why do police officers use it to write reports?

Checkmate /tech/.

R: 7 / I: 0 / P: 5

Wireless transmitter inside Lenovo AC Adapters Recording your charging habits

FAKE ASS MOTHERFUCKING NEWS, never really existed https://web.archive.org/web/20170515000000*/https://computersdaily.com/

A group of hardware hackers came across a small transmitter inside Lenovo AC Adapters, that when turned on, would send signals to your computer which would then send data to Lenovo about your charging habits on February 9, 2018.

The application that allowed this to work is included in all Windows 10 operating systems that come pre-installed on Lenovo computers and has supposedly been this way for eight months.

When asked about the purpose of these chips, Lenovo stated that they were to create better computers and help with power reduction in specific situations, and also acknowledged that these chips are in no way malicious and will never be used for malicious purposes.

https://computersdaily.com/2918/hackers-find-transmitter-acadapter-lenovo/
Open

R: 9 / I: 0 / P: 6

Apple's iPhone Source Code Leaks Out, Hackers Can Now Steal Everything You Have On Your iPhones

Disregard this faggot, he can't even post the goddamn link to the article to make people reply to the /news/ thread while having a slightly misleading subject line (goes to show the OP is very much so technology illiterate). Just read the article for yourself.

Update: this sums it up better https://archive.fo/n4ce0 https://www.bleepingcomputer.com/news/apple/apple-iboot-source-code-leaked-on-github/

R: 5 / I: 0 / P: 6

I must say, I enjoy utilizing old operating systems such as Windows 95/98, the lack of bloat and low resource usage really appeals to me.

What would you like to see me install on a 32-bit 64 Megabyte of RAM machine?

R: 285 / I: 65 / P: 6

/tech/ - Technology

Welcome to /tech/, a technology board. This board is for discussion of technology, both software and hardware.

Wiki: https://wiki.installgentoo.com/
IRC: #/tech/, #InfinityNow and #endchan on irc.rizon.net - https://qchat.rizon.net/

NSFW files are only allowed if they are spoilered. Tech support, consumer advice and desktop/ricing threads are all allowed for now.

All rules and policies are open for discussion in this thread.

Related boards:
>>>/cyber/ - Cyberpunk & Science Fiction
>>>/lv/ - Libre Vidya
>>>/markov/ - bot hell
>>>/os/ - Online Security
>>>/t/ - Torrents/trackers
Open

R: 2 / I: 0 / P: 6

USBGuard

Someone pointed this on OpenBSD-misc list, maybe it could help some linux users in here:
https://usbguard.github.io/

Very interesting. Don't know how effective it is to prevent attacks, though.

R: 34 / I: 4 / P: 6

How do you store your data/backups?

Hie, I'm trying to find a good solution to never get out of storage on my HDDs, for my backups and my regular use.
What is your data storage solution?
I want, if possible, a solution that is the most freedom compliant.
There is the usb HDDs, 3/4 plugged on a rasp.
There is the NAS with 3.5' HDDs in it.
Maybe a cheap 20$ computer with the HDDs in it with linux installed...

What should be the best? What HDD to buy (there are these backdoors, even though I don't think I can find any without)

Thanks you!

R: 14 / I: 2 / P: 6

Realtime chinese surveillance system

Scary shit:
https://twitter.com/0XDEDBEEF/status/912026226658652160

Remember to protect your privacy. Or, you can just keep listening to your Hardvapour/Fashvapour while everyone looses it's mind and... wait, what reality really is? You postmodernist degenerate fuck.

R: 4 / I: 0 / P: 6

Russian government doing deep packet inspection

Thought it would be worth sharing: a document from WikiLeaks explaining the tatics Russian Federal Security Service (FSB) is using to get intel. This is not new, but there's some information on how they operate (assuming WikiLeaks is trustworthy):
>Russian subscribers of mobile operators [...] expose valuable metadata, including phone and message records, device identifiers (IMEI, MAC addresses), network identifiers (IP addresses), cell tower information and much more.
>The Traffic Data Mart is a system that records and monitors IP traffic for all mobile devices registered with the operator. [...] identified by IMEI/TAC, brand, model
>National stacks of DPI / BigData / DataMining technologies and solutions for collection and analysis of information, as well as means of predicting social and business trends - the key to digital and financial sovereignty of the state and business in the XXI century

https://wikileaks.org/spyfiles/russia/

R: 4 / I: 0 / P: 6

/tech/ is this good or bad news? What will this mean and how would this effect us?

White House Is Planning To Nationalize 5G Network

https://web.archive.org/web/20180129153823/https://www.zerohedge.com/news/2018-01-28/white-house-planning-nationalize-5g

In a stunning - if accurate - report published Sunday night, Axios claims that White House national security officials are considering an unprecedented federal takeover of a portion of the nation’s mobile spectrum/network to protect against Chinese attacks, in what may well be a pre-emptive shot, hinting at upcoming trade wars between the two superpowers.

Axios got its hands on PowerPoint deck and a memo, both of which were purportedly produced by a senior National Security Council official, which were presented to other senior officials at other agencies during a recent meeting. The documents argue that America needs a centralized nationwide 5G network within three years. There'll be a fierce debate inside the Trump administration, and an outcry from the industry over the next 6-8 months over how such a network is going to be built and paid for.

https://web.archive.org/web/20180129141644/https://www.axios.com/trump-team-debates-nationalizing-5g-network-f1e92a49-60f2-4e3e-acd4-f3eb03d910ff.html

R: 3 / I: 1 / P: 6

Proxy daemons?

Looking to setup a socks4/5 proxy for testing and experimentation. Looking to see if anyone has any preferences or recommendations.

This will be for a low user count (2-3), private setup. I don't mind dropping in some enterprise level monster meant for handling T-carrier levels of activity, but I ain't gonna be stressing it anywhere like that.

Current choices boiled down to dante or haproxy. I'm still open to suggestions.

OS: Debian Stretch.

What I'm not looking for: ssh tunneling, iptables forwarding. Yes, I can do either as a quick and simple fix. No, I'm not interested.

R: 8 / I: 1 / P: 6

Next Generation of spyPhone Cameras, Worse Than Your Nightmares, But REAL

This is an article posted on /news/ but this is a tech-related article and its the SCARIEST FUCKING SHIT EVER!

https://archive.fo/XaliQ
https://www.pcauthority.com.au/news/the-next-generation-of-smartphone-cameras-could-see-through-walls-481698

BREAKDOWN:
1. New iPhone cameras will be see through fog, walls, anything covering them up.
2. Users will be able to take pictures of your naked body, they can see through clothing too! No matter what your age, who you are, whether you approve or not.
3. Users could spy through bathroom walls. Spy through their neighbors' apartments. This can be used for blackmail too, no doubt. ABSOLUTE DEATH OF PRIVACY.
Open

R: 27 / I: 7 / P: 7

Anyone following the Intel vulnerability?

The "Meltdown" and "Spectre" thing. Here:
https://lobste.rs/s/cx4jut/meltdown_spectre

Does it have any connection with the Sandsifter research?

R: 8 / I: 1 / P: 7

What's your excuse for not writing and using your own mini gpg clone using https://github.com/jedisct1/libhydrogen ?
Open

R: 18 / I: 4 / P: 7

Interesting google searches

From funny to obvious brain washing, list them here.

Google Images:
"Jewish Piano"
"European people history"

Google Search:
"middle east evil" reclick search box for suggestions after search

Youtube search suggestions:
"how to have" recently removed https://news.slashdot.org/story/17/11/27/1314213/youtubes-search-autofill-surfaced-disturbing-child-sex-results

R: 2 / I: 0 / P: 7

Acoustic Denial of Service Attacks on HDDs

TL;DR: researchers can crash devices with magnetic drives from just under a meter away using sound waves.

Might be relevant to your interests, /tech/

R: 12 / I: 0 / P: 7

It's a Libre Vidya general thread!

Post some free software video games and general discussion.

R: 8 / I: 5 / P: 7

FBI chief calls unbreakable encryption 'urgent public safety issue'

>FBI chief calls unbreakable encryption 'urgent public safety issue'
>unbreakable encryption
>mobile phone
https://www.reuters.com/article/us-usa-cyber-fbi/fbi-chief-calls-unbreakable-encryption-urgent-public-safety-issue-idUSKBN1EY1S7

The baits.

R: 59 / I: 18 / P: 7

There seem to be a lot of privacy conscious people on this board.
Provided we can actually find a way to communicate, would anyone be interested in making our own alternative to privacytools.io ?

R: 15 / I: 1 / P: 7

Is this the true power of technology TM ?

R: 1 / I: 0 / P: 7

Beware of the Cloudflare.

R: 104 / I: 22 / P: 7

ideas for saving /tech/ general

We're about halfway through October and about two weeks out from our most esteemed /tech/nician's autistic tantrum over on /operate/:

>>>/operate/7122 it's good reading, he came in with a balloon knot and left with a rectum that you could park a utility van in

so it seems like a good time to reassess the state of the board.

Since October 1st, there have been 0.6 original posts per day on /tech/. I use the term "original" with some reservation, as some of them are just verbatim reposts from 8/tech/. There have been an average of 8.13 replies per day, but most of them were one-line comments or barbs without substance, or memes, or corrections to a previous post. We're averaging about 1 substantive reply per day. Two on a good day. I didn't feel like digging into the numbers any further, but it's my impression that these averages don't even reflect how dire the situation is, as there was a burst of activity at the beginning of the month that has tapered off significantly.

/tech/ is not dead, but it's on life support, and, ironically, none of its denizens seems to know how to service the life support machine.

It would be a shame for this alternative to pigchan and Hiroshima's /g/ to wither through neglect.

Let's brainstorm ideas for keeping this place alive.

R: 6 / I: 1 / P: 8

Anyone want to talk about programming on an open source voip client?

Address: mumble-us.cleanvoice.ru 50688

Current discussion: Python / Bash / Node / Networking

Try to ignore the few /v/ users

R: 20 / I: 0 / P: 8

A Secure Smartphone

Been collecting all I can find on how to make a truly secure cellphone that doesn't leak one's private data daily. Figure it's time to share my findings and collaborate with others for even more insight. Will continue adding as long as this thread remains on topic and doesn't get sidetracked.

R: 21 / I: 4 / P: 8

Wizards Assemble!

Advanced users of GNU/Linux (and I mean advanced), remember to try Source Mage GNU/Linux. True source-based distribution, and (in contrast with Gentoo and Arch) is:
Free from obfuscated and pre-configured code.
Fully committed to GPL, uses only free software (as in freedom) in their main package.
With even the documentation licensed as FDL.
Without 3rd party patches, sensible defaults or masked packages.
Doesn't need obfuscated python libraries, only bash.
No systemd (they've implemented their own init scripts system http://sourcemage.org/Init).
Uses clean dependencies as they came from upstream developers, which by the same provides instant updates.
Can heal broken installs.
Can also use flags.

Do you like Arch Linux's AUR? Do you like Gentoo's portage (or ports-like) package manager? With SMGL's "sorcery" you get all that. Making new spells (package build files) not found in the grimoire (repository of spells) is easy http://sourcemage.org/Spell/Book

Bash hackers welcome! Come and join http://sourcemage.org/

Installing SMGL is easy, here's the simplified process:
>boot a live Ubuntu (or whatever) USB drive
>go to SMGL website and download compressed archive of the base system
>partition and mount partition(s)
>extract the archive onto the new partition(s)
>chroot, set root passwd, hostname, configure network and locale, write fstab, install grub/lilo
>reboot
>compile a kernel (preferably the newest stable one from kernel.org)
>update sorcery, grimoires and the build toolchain
>rebuild the system (hold spells you've already built, so you don't build them twice)
The install guide will hold your hand through the whole process http://sourcemage.org/Install/Chroot
Do the chroot method, since the regular live ISO method guide is out of date currently.

Here's a list of common commands: https://pastebin.com/i4DALaNV

R: 4 / I: 2 / P: 8

Where the fuck did technology go so wrong ?

R: 8 / I: 0 / P: 8

>Sorting through some books and organizing other random shit
>Laptop is closed and should be on sleep mode
>Come back after a few minutes
>Fucking CPU (Core 2 DuoTM) at 227 DEGREES FAHRENHEIT for over ten minutes based on usage history
>Fan isn't turning on
>Somehow still able to navigate through the OS and normally turn off computer
>Turn computer back on and fan is working perfectly fine

What the fuck, I'm surprised how hardy this damn laptop is.

R: 18 / I: 3 / P: 8

Desktop Thread - Christmas edition

Merry fucking Christmas.

R: 2 / I: 2 / P: 8

Art Thread: The Mechanics Of Shape

I just now realized that wireframes are basically a type of crosshatching, and it struck me as something exceedingly elegant. I would say more but I'm at loss for words (literally, because English has corrupted all its succinct terms for graphical drawing, and most its terms for sculpture), so I'll just leave it there. There's something beautful about how systematic generation of shape functions.

R: 0 / I: 0 / P: 8

>Sorting through some books and organizing other random shit
>Laptop is closed and should be on sleep mode
>Come back after a few minutes
>Fucking CPU (Core 2 DuoTM) at 227 DEGREES FAHRENHEIT for over ten minutes based on usage history
>Fan isn't turning on
>Somehow still able to navigate through the OS and normally turn off computer
>Turn computer back on and fan is working perfectly fine

What the fuck, I'm surprised how hardy this damn laptop is.

R: 34 / I: 11 / P: 8

Following a suggestion from a painfully autistic (although well intentioned) user posting on /tech and /operate, this board now has a desktop thread.

Show off your desktops, phones, ricing, rigs and stations here.

Anyone posting must also offer advice to others and help the beginners.

To honour the tradition the desktops in this post are all over ten years old.

R: 16 / I: 4 / P: 8

Wishlist for hardware that probably doesn't exist

all I want for christmas is a keyboard like Psion 5 that writes plain ASCII into memory and is easy to import onto other devices.

R: 9 / I: 1 / P: 9

Ripping audio from a game?

I'm thinking of ripping the audio from an executable so I can translate an eroge and then rebuild the visual novel. What tools could I use to capture the audio?

R: 1 / I: 1 / P: 9

Webm thread

R: 8 / I: 1 / P: 9

Who allocated time to give birth to this image?
Who exactly is the subject talking to?
Why is the subject wearing dress attire?
Why did he choose to use seven proxies instead of, say, six?
Why did he use proxies instead of other methods of anonymity?
What actions did he commit to warrant hiding behind seven proxies?
If he wasn't hiding behind seven proxies, what would he be subjected to?
Is his clear display of confidence a sign that he is certain his identity is safe? Perhaps his adversary is incompetent?
Why did he refer to his location relative to the proxies as "behind"?
Is the capitalization of all the text a method for conveying the fact that he is yelling?
How did this particular image gain popularity and root itself into the minds of the viewers?

All the questions that will most likely remain unanswered.

R: 32 / I: 5 / P: 9

A new Net Neutrality debate should begin. No matter who you are, whatever your political preference, whether you support or do not support Net Neutrality, I'd like to hear from all of you!

Why Do Major Corporations - Who Are Known For Censoring Their Social Platforms - Want Net Neutrality?

>>>/news/3886
https://archive.fo/https://endchan.xyz/news/res/3886.html (I'll be archiving the debate as it unfolds)

This thread documents and exposes the censorship behind three major tech companies that support Net Neutrality.

Now we really want to figure out WHY and what you anons think about all of this.

R: 8 / I: 3 / P: 9

Headphones

Yes, they are consumerist bullshit and there are dozens of corporations attempting to market them to potential buyers, but one cannot truly appreciate classical music until they have listened to it in real life or with high quality headphones with sound of that seen in real life.

https://en.wikipedia.org/wiki/Headphones (Wikipedia article for quick brief and general information, look to the references for further information...)
http://graphs.headphone.com/ (Compare different headphones and look at variables such as Frequency Response, Isolation, Etc.)
https://wiki.installgentoo.com/index.php?title=Headphones (Highly detailed article on headphones and Amplifiers/DACs)

Do NOT buy Beats By Dre, Skull Candy, Bose, or headphones within large stores with no information on them available.

R: 1 / I: 0 / P: 9

Vichan to LynxChan migration script

https://gitgud.io/LynxChan/VichanMigration

I finished cleaning up a migration script that was started a long time ago, also included a correct read-me on it.

Something that was missing on it was handling some files correctly, vichan isn't too consistent with thumbnail info on posts.
Open

R: 36 / I: 14 / P: 9

Must-watch /tech/ movies?

Hey, thought about film recommendation with /tech/ related content. These are mine favorites. I've organized it by order that I thought was better to watch if you haven't yet. If you want to suggest others, just post on this thread.

01 - Gattaca (1997)
02 - Akira (1988)
03 - The Conversation (1974)
04 - Network (1976)
05 - Blade Runner (1982)
06 - The Lives of Others (2006)
07 - 2001: Space Odyssey (1968)
08 - Interstellar (2014)
09 - Wall-e (2008)
10 - Minority Report (2002)
11 - Nineteen Eighty-Four (1984)
12 - Brazil (1985)
13 - THX 1138 (1971)
14 - Ghost in the Shell (1995)
15 - Ghost in the Shell 2: Innocence (2004)
16 - Paprika (2006)
17 - A.I. (2001)
18 - Psycho-Pass (2012)
19 - Neon Genesis Evangelion and The End of Evangelion (1995)
20 - Ergo Proxy (2006)
21 - The Matrix (1999)
22 - Serial Experiments Lain (1998)
23 - 964 Pinocchio (1991)

R: 11 / I: 1 / P: 9

Search Engines

The majority of them are garbage.

Has anyone discovered or created a search engine that allows the user to set parameters to exclude certain websites? The massive majority of search engines have little features and space for user input (Searx is probably the closest to what is ideal).

General search engine/ideas thread.

R: 5 / I: 0 / P: 9

HP keylogger

>TL;DR: HP had a keylogger in the keyboard driver. The keylogger saved scan codes to a WPP trace. The logging was disabled by default but could be enabled by setting a registry value (UAC required).

https://zwclose.github.io/HP-keylogger/

R: 1 / I: 0 / P: 9

paging the local openbsd/reop nut
is this shit as good as it sounds ?
https://www.tedunangst.com/flak/post/miniwebproxy
bless you
Open

R: 15 / I: 0 / P: 10

Discord sucks

You know what sucks about discord is you can't use TOR to register a username anonymously. Sure you can use it, but as soon as you change IPs once they send an e-mail verification and then demand mobile verification before you can continue to use discord.
Open

R: 7 / I: 4 / P: 10

Phosphor Display

green
amber
white
Which one is best?

R: 4 / I: 1 / P: 10

Newb programming question

>>>/lv/391

Hey guys, I wanted to write a script that will halve hex colour values and add together all possible combinations from 16 colours, making 256 colours. I suppose I could just halve the values to begin with, so really all I need to do is add hex value together to create all possible combinations. I have some python experience but still muddling through. Rare pepe for troubles.

R: 4 / I: 0 / P: 10

Has anyone used the netrunner browser started by /g/ ? Can I replace links2 -g with it ?

R: 118 / I: 9 / P: 10

nntpchan devshit thread, banned from 8/tech/ edition

explanation:

it's decentralized imageboard federation thing, works great, join today.

source:

https://github.com/majestrate/nntpchan
https://github.com/majestrate/srndv2

nodes:

https://nsfl.tk/
https://i2p.rocks/ib/
http://oniichanylo2tsi4.onion/
http://ucavviu7wl6azuw7.onion/
(your node here?)
Open

R: 10 / I: 1 / P: 10

sshtalk

>"Remember good ol' talkd/ntalk? sshtalk is our security-minded update to the same basic idea."

Cool:
https://2ton.com.au/sshtalk/
Open

R: 6 / I: 2 / P: 10

Modernized $CRT/$ Terminal

Has anyone here used a monochrome phosphor CRT with a modern machine? Say, a monitor with a 9-pin serial/re9/rs232 cable with a more modern PC. Also, this will just be a terminal screen. Possibly with w3m images. Here are some options I've thought up. I haven't picked out a monitor yet.

VGA/serial adaptor
These adapters are common. Don't know if they would work.
CGA video card output or other period correct, oem matched card
Don't know how the fuck I would use this on a modern board.
Some other 9 pin display video output
''Maybe there is an old PC with Core Duo or Pentium with serial display? I was born in '96, so I'm not too savvy on 20 year old graphics hardware'

I know that the green Macintosh CRT's are pretty cheap and use a 9-pin, but the pin out is proprietary. Chime in if you have experience with these things! Am I over thinking this?

R: 7 / I: 1 / P: 10

Major update

Hey /tech/, I've updated the list. Many changes (I did no changelog, sorry):
https://gist.githubusercontent.com/anonymous/e278380ef6f2eddcfa5d18cbbdd161d3/raw/7a8bbc80d560ac50162550b0b9e0d82fdcba6fc3/gistfile1.txt

Any comments are welcome.
Let's wait for "Endwall" to update. If you want to spread it to other communities, please post it here too, so we can keep following the criticism and improving it.

As for the other thread ( >>11660 ), I'll share my 'research' (nothing big, really) on this thread, but there's too many information to put on the list, so I thought it would be better to just discuss it here first.
Open

R: 3 / I: 0 / P: 10

discord

Reasons its shit:

1) IP logging
2) Posts are forever
3) Avatar fagging
4) If you change your IP it demands a phone number or you can't use the same username again if you registered.
5) Full of status messages: I'm paying fallout 4
5) It's catching on with faggots and now every chan and forum wants you to join their discord for that board. Irc didn't ever have 1-4 and wasn't as popular as discord is becoming.

Web 3.0 really will be a fucking chat room on every site.
Open

R: 10 / I: 0 / P: 10

HTML5 to have full DRM, no compromise

R: 55 / I: 31 / P: 11

/g/'s building a web browser
http://boards.4chan.org/g/thread/61078788

OSX Fork (pic related)
https://gitgud.io/odilitime/netrunner

dicsuss

R: 6 / I: 2 / P: 11

What happened to IRC?

Why did it go out of style and are there any active communities left?

R: 0 / I: 0 / P: 11

Virtual Distro Hopping

Let's see what's the state of the Linux desktop in the current year of the Linux desktop. For this purpose I setup a virtual machine with qemu. You'll find more details on the arch wiki: https://wiki.archlinux.org/index.php/QEMU - I create some dedicated space to install the distro and download or torrent legally the NET install ISO from the distro's homepage.
qemu-img create -f qcow2 fedora27.cow 20G

I run qemu with sudo, so I can use kvm. kvm allows you to use your whole CPU. You can use kvm as non-privileged user, by creating a new group in your udev rules. But I'm too lazy for that.
sudo qemu-system-x86_64 -enable-kvm -m 4G -cdrom /path-to-your-folder/fedora27_x86_64.iso -boot order=d -drive file=fedora27.cow

First Distro I'm trying is Fedora 27. Installation is quick, you need to click on some options, but that's it, the rest is done in the background. If you want more control, you need to find the options first though. It uses wayland as standard. No more screen tearing, but without GPU passthrough to the virtual machine, it uses the CPU to render the graphics. 3D graphics and wayland slow down the whole thing and CPU is constantly over 50%. To test wayland better another test from a live image would be necessary. The bars on top are not as big as they used to be. The software looks uniform. Accessing software with the activities tab and then searching through very big icons is not practical. There is not so much software, but the installation size is still big. Firefox and LibreOffice take a lot of space. You can't rice or adapt much of the desktop, but you can download different styles.
My impression is that Gnome looks clean and can be used out of the box as is. It hides as much as possible from the user. It has the best touch screen and wayland support so far. I don't like the usability concept with the hidden software, it's too much optimized for touch devices in the mind. It might be interesting for someone who has a 2-in-1 device or likes the look and feel of Gnome to really use this as desktop. Fedora is a bit strange as distribution, as they ship classic releases with stable software from a due date, but also ship the latest kernel. The perfect distribution for Linus Torvalds, but not for the imageboard neckbeard.
Open

R: 4 / I: 0 / P: 11

What's your favourite Linux distro?

R: 11 / I: 2 / P: 11

Microsoft and universities

Hello /tech/. What is that? You have similar stuff in your university too? Any implications?

R: 10 / I: 0 / P: 11

WPA2 protocol attack

https://www.krackattacks.com/

>We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.

>The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the database of CERT/CC, or contact your vendor.

The Q&A is worth reading, and has information on attack mitigations. Unfortunately, if you are using an Android smartphone that isn't receiving updates anymore, your WiFi security on that device is probably null.

R: 9 / I: 4 / P: 11

This machine before your eyes is extremely powerful, a machine that grants its user access to all of the information conceived by the human species. It is capable of performing highly complicated mathematical calculations thousands, possibly millions of times faster than your typical human, and can store massive amounts of information, perhaps a library filled with thousands of books stored on this little machine, too massive for a measly individual to read in their lifetime, is reality.

When these sophisticated and wondrous machines had begun to appear in the 80's and 90's, the savvy individuals saw them for what they were, highly capable machines that would greatly change the world. They had taken advantage of this, and they became the first hackers, people armed with these extremely powerful tools. Companies and marketers observed this new medium and knew they could gain great wealth using it, and the mainstream mediums with the purpose of entertaining were born.

If only people knew just how powerful that little "phone" in their hand truly was. What a great time to be alive, so many ignorant fellows bickering about the problems in the world and how the past was such a great era, with no knowledge of what is truly happening at this moment.

R: 6 / I: 0 / P: 11

All shall fall

>2017
>In last couple of years Red Hat forces systemd and other cancerous software in free software world.
>Microsoft joins linux foundation
>UNIX way totally fucked up
>RMS still pursuing free software endorsement all over the software world
>RMS lives for couple of decade/s
>RMS dies
>FSF falls to corruption
>FSF no longer defends free software values
>Freedom is no more, community is the only freedom givers, those who have stayed true to the end
>Linus Torvalds keeps kernel backdoor-free
>Linus Torvalds dies and some dipshit takes over the kernel, maybe one person or maybe a foundation.
>Freedom is no more
>Stupid fucking distros adopt systemd, majority of them, to touch as many distros as possible.
>Remember hearthbleed, only one mistake in one line of code on smaller program.
>Systemd is huge piece of shit, imagine how many shits would be there in that source code.
>Red Hat joins FSF
>Microsoft joins FSF
>GNU dies to corruption
>Linux dies to corruption
>FreeBSD is meme
>OpenBSD even more
>plan9 unusable
>templeos is meme

Fork fucking HURD and save yourselves while there is still time, true community is only shit that can save freedom. Build our WEB, build our HARDWARE build OUR SOFTWARE. We are in most dangerous times anon, freedom heroes cannot endure forever, they are human. Humans are corrupt, after great leader has died nobody is going to continue that tradition in original sense.

PLAN educate as much people as possible about free software.

Stay true anon, stay true.

Keep the UNIX philosophy, keep the UNIX way, keep the freedom. Keep the sanity.

Adun toridas.
Open

R: 13 / I: 3 / P: 11

Tip

I did a correlation between the major Ad networks and have found that they converge to unique autonomous networks used for this purpose. Can you guess who controls it?

In order:
1. AS16509
2. AS15169
3. AS14618
4. AS54113
5. AS13335
6. AS14061

You can look for yourself on radb.net or using whois(1).
If you want to block those, use this command and put on your router firewall:

$ whois -h whois.radb.net -- '-i origin ASxxxxx' | grep ^route

R: 3 / I: 2 / P: 11

Electronics

This thread is for discussion about electronics and other related topics.

Literature to get you started in the hobby of electronics:
Getting Started in Electronics Forrest Mims III
The Art of Electronics by Paul Horowitz and Winfield Hill

Is reading literature not something you enjoy doing? You can learn about electronics by watching many of electronics YouTube channels instead:
eevblog
mikeselectricstuff
w2aew
Mr Calrson's Lab
Kerry Wong
Marco Reps

Interested in creating a PCB?
Visit http://kicad-pcb.org/ install KiCad EDA software (GPL) and read "Getting Started" guide.

Interested in simulating digital or analog circuits?
Install SPICE simulation software (BSD) and proceed to study https://www.allaboutcircuits.com/textbook/reference/chpt-7/introduction-to-spice/
Once you become familiar with SPICE, install one of the many GUI front ends available to make working with large circuits easier.

Having problems with your circuit? Can't decide which oscilloscope to buy? Why is there smoke coming out of my voltage regulator?
Ask us those and other questions in this thread. We will try helping you solve your issue no matter how large it is.

R: 0 / I: 0 / P: 12

R: 2 / I: 1 / P: 12

Why do you have colored blobs in your captcha when you could remove them with CSS?

#captchaImage {
filter: url("data:image/svg+xml,<svg xmlns=%22http://www.w3.org/2000/svg%22 height=%220%22><filter id=%22rmblobs%22><feColorMatrix type=%22matrix%22 values=%221 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 0 0 1 0%22/></filter></svg>#rmblobs");
}

R: 0 / I: 0 / P: 12

Otter Browser (Pre) RC 2 released

Second release candidate has been released!
Please note that we have not entered feature freeze yet, some stuff will still go in but we are going to focus on improving stability and fixing issues from now on.

Most important changes since RC 1:
- improved support for styling tab bar text;
- added support for deleting User Scripts in Addons Manager;
- restored inline URLs completion;
- added action for peeking tab contents;
- multiple bug fixes and stability improvements.

https://otter-browser.org/
Open

R: 1 / I: 0 / P: 12

http://time.com/4998189/iphone-x-privacy-apple/

I can't wait to get my new iphone.

R: 18 / I: 1 / P: 12

Acrobat Reader Alternative

Are there any alternatives for browsing pdfs in browser that don't require Adobe Acrobat? The main problem is having to allow it each time in Firefox because it's apparently not secure.

R: 3 / I: 0 / P: 12

cracking

Respawn of a good thread

Learning:

http://www.securitytube.net/

http://creator.wonderhowto.com/occupythewebotw/

http://n0where.net/

http://www.offensive-security.com/metasploit-unleashed

http://www.exploit-db.com/

http://resources.infosecinstitute.com/

http://www.windowsecurity.com/articles-tutorials/

http://www.securitysift.com/

http://www.sans.org/reading-room/

http://packetstormsecurity.com/files/

https://www.corelan.be/index.php/articles/

http://routerpwn.com/

http://opensecuritytraining.info/Training.html

https://www.blackhat.com/html/archives.html

http://magazine.hitb.org/hitb-magazine.html

News:

https://threatpost.com/

http://www.deepdotweb.com/

Wargames:

http://overthewire.org/wargames/

https://www.pentesterlab.com/

http://www.itsecgames.com/

https://exploit-exercises.com/

http://www.enigmagroup.org/

http://smashthestack.org/

http://3564020356.org/

http://www.hackthissite.org/

http://www.hackertest.net/

Distros:

https://www.kali.org/

http://sourceforge.net/projects/metasploitable/

https://tails.boum.org/

http://www.wifislax.com/

>Where to start

https://youtube.com/watch?v=gPNnXmTezak [Embed] [Embed]

https://youtu.be/pB0WvcxTbCA [Embed]

>Learning material

https://www.codecademy.com/

https://programming-motherfucker.com/

https://github.com/vhf/free-programming-books/blob/master/free-programming-books.md

https://www.theodinproject.com/

>Frontend development

https://github.com/dypsilon/frontend-dev-bookmarks

>Backend development

https://en.m.wikipedia.org/wiki/Comparison_of_web_application_frameworks

[Gist] backendDevelopmentBookmarks.md

>Useful tools

https://pastebin.com/q5nB1Npt/

https://libraries.io/ - Discover new open source libraries, modules and frameworks and keep track of ones you depend upon.

>NEET guide to web dev employment

https://pastebin.com/4YeJAUbT/

>How I Got a Job in Web Development

http://elliotec.com/how-i-got-a-job-in-web-development/

https://w3challs.com/

https://www.hellboundhackers.org/

http://io.smashthestack.org/

p=probs">http://pwnable.krp=probs

http://overthewire.org/wargames/




https://tuts4you.com/

http://woodmann.com/

http://www.openrce.org/articles/

http://search.lores.eu/indexo.htm

http://phrack.org/index.html

Input data - https://github.com/minimaxir/big-list-of-naughty-strings/blob/master/blns.txt

Presentations:
DEF Con Media server - https://media.defcon.org/
Carolina Con Presentations - https://www.youtube.com/user/CarolinaConVideos/videos

Tutorials:
Windows escalation - http://www.fuzzysecurity.com/tutorials/16.html
Linux escalation - https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/

Courses/Study:
How To Hack and Defend Your Website In 3 Hours - http://course.hyperiongray.com/vcourse/
Opensecurity - http://opensecuritytraining.info/Training.html

CTF/Practice:
List of CTFs - http://captf.com/practice-ctf/
Vulnhub - https://www.vulnhub.com/

Cracking/Hash lookup:
Hashfinder - http://finder.insidepro.com/
Hashkiller - https://hashkiller.co.uk/
Hashes.org (Leaked lists) - https://hashes.org/public.php

Info Gathering:
Yandex – www.yandex.com
Website source search engine - https://nerdydata.com/search

Lockpick Guide - http://www.lysator.liu.se/mit-guide/MITLockGuide.pdf

OPSEC - http://grugq.github.io/

https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w

R: 10 / I: 2 / P: 12

Requirements for Secure Clock Synchronization

https://arxiv.org/abs/1710.05798

This paper establishes a fundamental theory of secure clock synchronization. Accurate clock synchronization is the backbone of systems managing power distribution, financial transactions, telecommunication operations, database services, etc. Some clock synchronization (time transfer) systems, such as the Global Navigation Satellite Systems (GNSS), are based on one-way communication from a master to a slave clock. Others, such as the Network Transport Protocol (NTP), and the IEEE 1588 Precision Time Protocol (PTP), involve two-way communication between the master and slave. This paper shows that all one-way time transfer protocols are vulnerable to replay attacks that can potentially compromise timing information. A set of conditions for secure two-way clock synchronization is proposed and proved to be necessary and sufficient. It is shown that IEEE 1588 PTP, although a two-way synchronization protocol, is not compliant with these conditions, and is therefore insecure. Requirements for secure IEEE 1588 PTP are proposed, and a second example protocol is offered to illustrate the range of compliant systems.

R: 0 / I: 0 / P: 12

How far can you get in solving their puzzles?

R: 22 / I: 5 / P: 12

Vote against tranny LibreOffice mascot.

https://survey.documentfoundation.org/665628

R: 3 / I: 0 / P: 12

How long before we exclude white people from software development ? People like Linux Torvalds should not be left unchecked for much longer.

The kernel needs more diversity in order to mirror the multicultural distribution chain.
Open

R: 23 / I: 4 / P: 13

Instagram is listening to you

https://lobste.rs/s/smmjku/instagram_is_l
istening_you_scary

Interesting. I've noticed this too when I see a friend connect to his facebook while we are working. Sometimes I talk about a random subject and minutes later facebook shows an ad about this uncorrelated data.
I don't think they are actually using microphone, but I think it's almost certain that they correlate the data/metadata about the users with such precision, at the point to build a oracle sybil ad system.
Can anyone here understand how this is very dangerous? They can control everything using this.
Open

R: 9 / I: 2 / P: 13

OpenIKED vpn alternative

What do you think of OpenIKED?
Is it a viable alternative to Openvpn?

http://www.openiked.org/
https://github.com/reyk/openiked
http://www.openbsd.org/cgi-bin/cvsweb/src/sbin/iked/

R: 3 / I: 1 / P: 13

Learning

How did/does everyone continue their learning endeavours? I think most of us are self-taught and autodidacts around here, but there might be some formally taught.

I recently found the joy of academic websites by professors. The first is a nice computer security basics for the stack and how to exploit it by Wenliang Du of Syracuse New York: http://www.cis.syr.edu/~wedu/education/buffer_overflow.html

If you mess around with the URL, you can traverse different directories and see more resources by him and his department. Of not is this page where he has labs and videos for OS sec and exploitation: http://www.cis.syr.edu/~wedu/education/

I've found myself greatly under-educated to understand some of the more advanced issues like injection and return-to-libc, but that is being remedied after I found MIT's open courseware: https://ocw.mit.edu/courses/electrical-engineering-and-computer-science/

There's a lot of courses with guidelines to learn specific topics that could be useful to patch up the holes in someone's knowledge. I know there isn't enough time in most of our lives, unless you're set and have the time which I would be jealous of, so it's imprudent to go at learning everything. I know I've skimmed the CS basics (6.00SC) to brush up what being a self-taught "coder" has left me wanting. A deeper look into recursion and algorithm times was cool, but I don't think it would be useful for anything at the current moment, so I've put it off into a "rainy day" tab to go back to whenever I don't have enough brain power to focus on pressing tasks, but don't want to waste the time on entertainment or idle tasks. Most of the undergraduate classes I believe have video lectures, which can be nice to just play on a mobile device and passively absorb too.

I found both links only by chance and using a proxy from a different country (American networks don't show edu sites as often?), but I can reproduce it on Google using "'TOPIC OF INTEREST' site:*.edu" where single quotes is just a string literal of interest and site portion specifics to return all sites that are .edu domains only.

It'd be best if you could share only things that were personally useful to you and how. There is too much stuff floating around and too little time to waste on personally verifying them.

On a more personal note, if anyone has sources for vulnerability research (exploitation development, assembly code auditing, etc.) I'd be grateful.

R: 26 / I: 7 / P: 13

Degeneracy

Now even lobste.rs(openbsd-like version of hackernews) fall into the idiocracy of battlestations, the last place I would like to watch this shit:
https://lobste.rs/s/uyw4pq/lobsters_battlestations_screenshots

Where are we going dudes? Fucks sake.

R: 8 / I: 2 / P: 13

Anything interesting on EuroBSDCon?

Anything new this year?
Open

R: 5 / I: 1 / P: 13

Wanna have a bad day ?
Skim through some of these comments:
https://news.ycombinator.com/item?id=15354114

R: 0 / I: 0 / P: 13

New Xiph sound noise suppression

>This demo presents the RNNoise project, showing how deep learning can be applied to noise suppression. The main idea is to combine classic signal processing with deep learning to create a real-time noise suppression algorithm that's small and fast. No expensive GPUs required - it runs easily on a Raspberry Pi. The result is much simpler (easier to tune) and sounds better than traditional noise suppression systems (been there!).

https://people.xiph.org/~jm/demo/rnnoise/

R: 23 / I: 8 / P: 13

Improving software and security

Hello my good fellows!

It is evident that the majority of mainstream software programs are shit, and while audits and the creators of a specific software program can tell one much about the quality of said software, audits can be fabricated and the user should look at the program itself instead of looking at who made it and where it came from. If more individuals studied computer engineering/science and programming and were able to audit programs, we would become stronger, and one could rest assured that their computer was tested to perfection. I have begun to notice that a major problem with auditing code is the fact that some software programs are massive and require teams to finish in a practical amount of time (Or one individual with ultimate dedication...), and this can be fixed by advocating for single purpose programs with lean code and minimal features with room for the user to build and add to it. Computers are amazing machines, and every individual with a laptop and a great mind can achieve amazing feats! One could build a self driving car with the power of programming and advanced mathematics, one can program a self-learning AI that they can interact with, one can program drones or small satellites to take pictures of the earth and predict weather patterns, and the list goes on and on.
I am here to encourage you to begin making your own single purpose programs by yourself or with close friends and a passion to teach others about programming and auditing simple software programs. I don't believe there is a government plan to keep us all down and steal our data to destroy us, but your information is worth money, and data mining allows companies to look at the big picture and advertise products.

Free(Possibly) and open source software with a single defined purpose made as minimal as possible with space to allow for building onto it and improving it.
Open

R: 6 / I: 1 / P: 13

Fun with filters

I had a thought about petitioning ring or someone to put some filters on here. There are only a few of us so we can have some fun.

Rules:
Suggest words for replacement in the following format
word > replacement
Then quote the suggestion in a reply post, which acts as a vote in support.
Mods can see ID's and IP's so don't bother same fagging.

R: 13 / I: 0 / P: 13

LynxChan 1.9

LynxChan 1.9 is about to enter beta and introduces a very important feature: JIT caching.

JIT caching is caching pages once they are requested, instead of caching when their content is changed.

This feature should allow for not only a significant reduced CPU usage but also for a more responsive experience for users.

Other from that, this version will also add a few features:
File search on media management
Maintenance images
Ability to restart the unix socket from a GUI
Subject editing
Board locking
Better global board moderation
SSL can be made mandatory
Mass bans directly from ips

I have a small instance running it over http://lynxhub.com and a list of chans running it can be found at http://lynxhub.com/lynxchan/res/285.html
Open

R: 2 / I: 1 / P: 14

I have a Playstation 3, but I don't really know what to do with it. Jailbreaking it is impossible, and this sucks. Right now it is hooked up to my CRT tv, since it is the only thing i had in house that had an analogue vudeo output, and i use it to watch netflix, Youtube, Chrunchyroll, and some old cartoons, like Rugrats, Griffin, things like that. But I feel like I've never used it at its full potential. I own it since 2013, unfortunately, before i did not own enough money to buy it by myself, so I was able to get one only by then. And I feel like I've never used too much, in the first time, I've used it a lot, but after some time, i got myself a gaming pc, so now what can I do with this ps3? I think it could be do more than just streaming movies, should I buy some games? Even if I can buy the same game on pc at less price and have it with better graphics only for the sake of having a disc?

R: 29 / I: 7 / P: 14

Amazon destroyed Seattle

I like this editorial about how Amazon has destroyed the culture of Seatle. It's a good warning: large companies destroy the culture of interesting cities and make everything generic, corporate, and dull. I wouldn't want Google's HQ in my city either.

R: 12 / I: 2 / P: 14

Human experimentation should be legal?

What do you think tech?
Should we be able to experiment with human genetic modification (CRISPR/Cas9)? Should we be experimenting with eugenics?
The child development should taken with neurogenic drugs, such as Dihexa and NSI-189? Psychedelic drugs, like Psilocybin? The effect of nutrition, as with the use of iodine, EPA/DHA and uridine?

R: 5 / I: 1 / P: 14

New FinFisher surveillance campaigns: Internet providers involved?

New surveillance campaigns utilizing FinFisher, infamous spyware known also as FinSpy and sold to governments and their agencies worldwide, are in the wild. Besides featuring technical improvements, some of these variants have been using a cunning, previously-unseen infection vector with strong indicators of major internet service provider (ISP) involvement.

FinFisher has extensive spying capabilities, such as live surveillance through webcams and microphones, keylogging, and exfiltration of files. What sets FinFisher apart from other surveillance tools, however, are the controversies around its deployments. FinFisher is marketed as a law enforcement tool and is believed to have been used also by oppressive regimes.

We discovered these latest FinFisher variants in seven countries; unfortunately, we cannot name them so as not to put anyone in danger.

https://www.welivesecurity.com/2017/09/21/new-finfisher-surveillance-campaigns/

tl;dr Finfisher is back, is more resilient than before, and is being deployed via ISP MITM in some countries via redirecting downloads of popular software like WhatsApp, Skype, Avast, WinRAR, VLC Player (list not exhaustive).
Open

R: 0 / I: 0 / P: 14

eqgrp

anyone yet has some infos on the scripts form the eqgrp breach?
will that stuff break out of my vm?
how careful you have to be? any info on whats doing what? anyone assembled them, any research available?

R: 15 / I: 2 / P: 14

Secure Smartphone?

What does /tech/ think about this:

https://puri.sm/shop/librem-5/

It's not perfect, but it sure looks like it's taking steps in the right direction.
Open

R: 10 / I: 2 / P: 14

Unsigned Code Execution on Intel ME 11.x

People still call us "conspiracy theorists":
https://lobste.rs/s/xc9juv/unsigned_code_execution_on_intel_me_11_x

R: 3 / I: 0 / P: 14

Unprecedented: World Wide Web Consortium (W3C) Moves To Destroy Our Current Open Internet, Greenlights DRM for the Web

Unprecedented: World Wide Web Consortium (W3C) Moves To Destroy Our Current Open Internet, Greenlights DRM for the Web

https://archive.is/h26nk
https://www.eff.org/deeplinks/2017/07/amid-unprecedented-controversy-w3c-greenlights-drm-web

Early today, the World Wide Web Consortium (W3C) standards body publicly announced its intention to publish Encrypted Media Extensions (EME)—a DRM standard for web video—with no safeguards whatsoever for accessibility, security research or competition, despite an unprecedented internal controversy among its staff and members over this issue.

EME is a standardized way for web video platforms to control users' browsers, so that we can only watch the videos under rules they set. This kind of technology, commonly called Digital Rights Management (DRM), is backed up by laws like the United States DMCA Section 1201 (most other countries also have laws like this).

Under these laws, people who bypass DRM to do legal things (like investigate code defects that create dangerous security vulnerabilities) can face civil and criminal penalties. Practically speaking, bypassing DRM isn't hard (Google's version of DRM was broken for six years before anyone noticed), but that doesn't matter. Even low-quality DRM gets the copyright owner the extremely profitable right to stop their customers and competitors from using their products except in the ways that the rightsholder specifies.

EFF objects to DRM: it's a bad idea to make technology that treats the owner of a computer as an adversary to be controlled, and DRM wrecks the fairness of the copyright bargain by preventing you from exercising the rights the law gives you when you lawfully acquire a copyrighted work (like the rights to make fair uses like remix or repair, or to resell or lend your copy).

On March 12, the final vote for publishing EME closed, and members ranging from the German National Library to the UK Royal National Institute for Blind People to the cryptocurrency startup Ethereum, to Brave, a new entrant to the browser market -- along with dozens more—rejected the idea of publishing EME without some protections for these equities (the numbers in the vote are confidential by W3C's own membership requirements, but all the members mentioned here have given permission to have their votes revealed.)

It was the most controversial vote in W3C history. As weeks and then months stretched out without a decision, another W3C member, the Center for Democracy and Technology, proposed a very, very narrow version of the covenant, one that would only protect security researchers who revealed accidental or deliberate leaks of data marked as private and sensitive by EME. Netflix's representative dismissed the idea out of hand, and then the W3C's CEO effectively killed the proposal.
Open

R: 4 / I: 0 / P: 14

CCleanup: A Vast Number of Machines at Risk

The article points as Periform/Avast had no idea about this malware... I don't think so. I don't think it's impossivel that this is an malware sponsored by agencies, since CCleaner is used on so many normie computers today:

http://blog.talosintelligence.com/2017/09/avast-distributes-malware.html

R: 0 / I: 0 / P: 14

Adobe Accidentally Publishes One of its Private PGP Keys

>Having some transparency about security problems with software is great, but Adobe's Product Security Incident Response Team (PSIRT) took that transparency a little too far today when a member of the team posted the PGP keys for PSIRT's e-mail account***both the public and the private keys. The keys have since been taken down, and a new public key has been posted in its stead.

https://soylentnews.org/article.pl?sid=17/09/23/0053227

R: 8 / I: 5 / P: 15

NSA trying to push bad standards

Oh, hey, look the NSA doing it again. First Clipper chip, then IPsec, now the "Simon and Speck":

>An international group of cryptography experts has forced the U.S. National Security Agency to back down over two data encryption techniques it wanted set as global industry standards, reflecting deep mistrust among close U.S. allies.
>More than a dozen of the experts involved in the approval process for Simon and Speck feared that if the NSA was able to crack the encryption techniques, it would gain a "back door" into coded transmissions, according to the interviews and emails and other documents seen by Reuters.

http://www.reuters.com/article/us-cyber-standards-insight/distrustful-u-s-allies-force-spy-agency-to-back-down-in-encryption-fight-idUSKCN1BW0GV
Open

R: 6 / I: 3 / P: 15

Tor: help test next-gen onions

>this is an email for technical people who want to help us test next-gen onion services.
>The current status of next-gen onion services (aka prop224) is that they have been fully merged into upstream tor and have also been released as part of tor-0.3.2.1-alpha
>We are still in a alpha testing phase and when we get more confident about the code we plan to release a blog post (probs during October).

https://lists.torproject.org/pipermail/tor-project/2017-September/001449.html
Open

R: 16 / I: 2 / P: 15

It Seems China is Shutting Down its Blockchain Economy

eh:

>[...] it might have been the start of something more ambitious: a coordinated campaign to shut down use of cryptocurrency in the Middle Kingdom.
>The full extent of the Chinese crackdown isn't clear yet, in part because key decisions have only been communicated privately to Chinese Bitcoin exchanges.
>But a couple of Bitcoin exchanges have now announced that they are shutting down.
>And leaked documents suggest that the rest will be required to do so before the end of the month.

http://7rmath4ro2of2a42.onion/article.pl?sid=17/09/17/0743255

R: 28 / I: 9 / P: 15

Youtube just went full javashit.
What now ?
Open

R: 0 / I: 0 / P: 15

LoFive RISC-V

>LoFive is a lightweight SiFive Freedom E310 open source SoC evaluation kit.
>The E310 leverages the Free and Open RISC-V Instruction Set Architecture

https://groupgets.com/campaigns/353-lofive-risc-v
Open

R: 4 / I: 0 / P: 15

Open Everything Film Festival

Very cool:

>The apertus Association, aykit and q/uintessenz are proud to announce that Vienna’s only international libre/open film festival, “Open Everything – Privacy and Security” takes place in the course of the Linuxwochen Wien.
>The focus is on privacy, surveillance and security, as well as topics like DIY, the Maker Movement, Creative Commons, Open Hardware, Free Software, Copyleft and free and open creative/artistic processes and communities.

https://openeverythingfilmfestival.com/

R: 12 / I: 2 / P: 15

What about dis? Goodbye to ads.

https://coin-hive.com/

R: 12 / I: 0 / P: 15

the real open source alternative to Discord?

Discuss.
there's Riot https://archive.is/7jPpt
Tox, Matrix.

R: 0 / I: 0 / P: 15

Enemy At the Gateways: A Game Theoretic Approach to Proxy Distribution

A core technique used by popular proxy-based circumvention systems like Tor, Psiphon, and Lantern is to secretly share the IP addresses of circumvention proxies with the censored clients for them to be able to use such systems. For instance, such secretly shared proxies are known as bridges in Tor. However, a key challenge to this mechanism is the insider attack problem: censoring agents can impersonate as benign censored clients in order to obtain (and then block) such secretly shared circumvention proxies.
In this paper, we perform a fundamental study on the problem of insider attack on proxy-based circumvention systems. We model the proxy distribution problem using game theory, based on which we derive the optimal strategies of the parties involved, i.e., the censors and circumvention system operators.
That is, we derive the optimal proxy distribution mechanism of a circumvention system like Tor, against the censorship adversary who also takes his optimal censorship strategies.
This is unlike previous works that design ad hoc mechanisms for proxy distribution, against non-optimal censors.
We perform extensive simulations to evaluate our optimal proxy assignment algorithm under various adversarial and network settings. Comparing with the state-of-the-art prior work, we show that our optimal proxy assignment algorithm has superior performance, i.e., better resistance to censorship even against the strongest censorship adversary who takes her optimal actions. We conclude with lessons and recommendation for the design of proxy-based circumvention systems.

R: 13 / I: 3 / P: 15

Android phone

What is a good android for under $200?

Top