>>7533 Someone on openbsd-misc reported it was working on Thinkpad X60 with Coreboot/Seabios. Never heard of anyone using Libreboot, though.
Also, the system seems to fail to execute graphics (Xenocara).
Don't know how you proceed about that. Try to ask on the mailing lists.
>>7533 Are you talking about FDE including the /boot partition? Then you have to follow some specific guide and configure GRUB, which is used as a payload.
If you don't mind leaving /boot unencrypted, things are easier, as you select Seabios as a payload and proceed as you would with any operating system.
>>7548 >Also, the system seems to fail to execute graphics
With no VGA blob present, video initialization is the responsibility of the operating system. So Windows won't work, but most linux systems are ok with this. During installation though you may have a problem depending on the distro. In that case, take out the hard disk, connect it to another system and install your OS there, then put it back and boot.
Most of the above should apply to OpenBSD as well.
What are the advantages of OpenBSD compared to linux?
Some of the video files are now displayed as this, in shades of green and blue. They are 10-bit encoded, that's the only thing they have in common. Webm and 8-bit encoded video is ok. And screenshot taken with mpv hotkey is in normal colors too. I made this one with scrot.
When running "mpv --vo=xv" colors are normal, but xv is crappy and blurry.
>>7553 That is NVIDIA(R) RETRO CGA Display Technology(TM), activating automatically when you are playing media which has been detected to be RETRO-compatible.
>>7549 I'm going for as much as I can get, but I haven't seen a working set of instructions for it. I'm using OpenBSD for this speifically which is why I'm asking since if it was GNU+Linux I would just run LVM+LUKS like normal.
>>7580 It appears that seabios is the best choice for broader compatibility. Concerning libreboot, there is a guide about using coreboot instead and then parsing a part from libreboot, and I would expect this method to offer even broader compatibility along with any benefits libreboot could have.
Though GRUB is promoted as the ultimate choice for FDE, I think it brings more trouble on its own. If you are really concerned about the unencrypted boot part of the OS, you can install it on a USB stick if OpenBSD installation options allow it (and keep backups as those sticks are not really reliable).
>>7553 Next time buy a Radeon HD 6450.
>>7583 There's no need for GRUB, AFAIK. SeaBios just needs to call the bootloader from HDD and OpenBSD will do the rest just like in any other bios.
>you can install it on a USB stick
OpenBSD doesn't support this.
a friend is being stalked and harassed via email and physically. we have tried all legal recourse available to us to no avail. we would like to make his mailbox unusable. any help or advice?
What file system would a mounted 'USB 'be in? Say you wanted to cp a file to the mounted USB from another directory. I'm using openBSD. I think I did this before,but I don't rember how I did it, maybe I had xfce installed,but I'd rather not use a GUI.
>>7981 OpenBSD only supports R/W operations on FFS2 and ext2. You should format the USB in one of these filesystems first. Then you use disklabel(8) to find the drive path and mount(8) it in some place (preferably /mnt/usb/).
There's many tutorials over the internet, you just need to search and follow them.
In short, I was involved in some potentially shady business this summer so I got a burner phone. I ended up not using it, but it lay active for some time while I was expecting a phone call. The battery life sucked - no more than 18 hours from 100 to 0% even with a battery saver on. At first I assumed it's just because it's an old used cheap pos, but a weird thing happened after about 2 months - battery suddenly started lasting for more than 3 days at a time.
How probable is it that I was spied on the entire time through the mic?
>>8055 You're right.
Probably the simplest solution is to type "ls something <tab>", <Meta-b> and erase it. Works for all utilities out there not having autocompletion files.
>buy lenovo thinkpad x200
>libreboot pre installed with some triquel os(ffs)
>user name is my name(umm) password is unknown(lol wtf)
>guest user only(okay nope)
>what ever you do dont connect to internet
tldr; have x200 thinkpad can't access bios. cant boot from cd/rom to wipe pre installed os. Still not sure if theres a bomb planted inside. How can I make this laptop safe? what would you do, replace harddrive? everything about it feels off, ironically runs very well.
>>8095 I would try to flash coreboot in it using flashrom. If you're not able, you need a BeagleBone Black to connect to the EPROM and flash it from there.
After that, erase the HDD (using dd /dev/urandom) and install other system in it.
To access internet, buy one Atheros USB Wifi adapter.
Hello. I has a question about .epub files. Can they be trusted? What is an .epub file and how does it work? I've stayed clear of .DOC & .PDF
Anything that reuqires inet connection to download defeats all purpose of tor and can expose my ip to server. THeres obviously a lot of good information on some servers, good enough that one might need to download it, incase the server crashes.
>>8100 Epubs are zip files containing an index file, a bunch of (restricted) html and css files, and media files. They can't link to external files, it all has to be bundled. You can also introspect their structure fairly easily with a zip editor.
>>5574 Okay, I'm mostly settled on the Pro1 now that the Librem 5 has launched and is shown to be compromise ridden. Reviewers say the screen looks great, but, I don't trust them. Most people can't tell the difference in sharpness in general use between my 15 inch laptop with a 4k screen and 15 inch laptop with a 1080p screen. I bloody can. Every. Time. Therefore, DPI matters. Call me crazy, but, I actually feel fatigue if I try to read something on a low-res screen for too long. So, DPI may matter to me beyond aesthetics, likely unlike most. In fact, the Librem 5 has a LOWER DPI than my laptop according to dpi.lv . That's rather unacceptable. Hell, the Nokia Lumia icon had a 1080p AMOLED screen at a mere 5 inches in 2014. Compare that to the Librem 5, 720p TFT at 5.7 inches in 2019, and things start seeming a little ridiculous.
Enough rambling about screens and how frustrating it is when you realize how much companies cheap out in choosing something unusable over something legible. Can you bright nanons explain to me to what extent the Librem 5 hardware is superior from a privacy and security standpoint over the Pro1 or other run of the mill Android hardware? Is it meaningful enough to justify the general lack of functionality of the Librem 5 compared to the Pro1? While I am convinced of the vastness of privacy and security gains PureOS has over Android, I am not convinced of PureOS' privacy and security gains over SailfishOS, which the Pro1 will surely be able to run. So, it really comes down to hardware. Just how dark is the ARM black box? Is it really something large enough to worry about to the point of castrating my device of a legible screen, ergonomic operating system, and screen real estate critical physical keyboard?
I'm not used to trade-offs. When I use an operating system based on Linux over the likes of Wangblows or FagOS, the choice is attributed to a lot of factors besides privacy gains. So, while I understand that the prospect of a pda-phone that cares about your freedom to the extent that the Librem 5 resides in much uncharted territory, the compromises the Librem 5 has ended up making are nearly too much to bare.
>>8151 The Librem 5 is low end phone, you should not expect too much from it. It is an overpriced phone when you look at it from the hardware side of it. Librem 5 is still way behind schedule and not to piss of their customers by pushing back the release date again they are sending out incomplete units to people who ordered the phone.
Security benefit wise, the main benefit is getting security updates much faster than other operating systems. On Android I only get monthly updates where GNU / Linux it isn't uncommon to patch your machines same day.
>>8157 I get that. However, I addressed how I would be using Sailfish OS instead of Android. While PurOS trumps everything by quite large margins as far as a security, I have a tough time believing that PureOS has enough privacy benefits over Sailfish OS to justify the price. Software wise, the Librem 5 is not competitive enough in this area, seemingly. Once again, I understand that it is trying to kick start freedom in phones in general and should not be judged harshly because of the immense obstacles Purism has had to overcome to make sure it checks as many freedom boxes as possible. Yet, my desires reside a little more in the functions the Pro1 has that the Librem 5 does not. If my only other option was an i(fag)Phone, I would choose the Librem 5 any day because iPhones offer me just too little freedom. However, with a phone with a physical keyboard, ability to run Sailfish OS, and 2018 flagship specs as a contender, the Librem has to offer a little something beyond support of the whole phone freedom movement to win my money.
So, reiterating, just how much better is the hardware from a privacy standpoint?
>>8181 >While PurOS trumps everything by quite large margins as far as a security
Does it? I've heard Graphene is quite good as far as memory protection.
SO I'd like to get started with openBSD6.6. The suggested way of installing it is to back up files and re-install from scratch.
Is there anyway to completely save, transfer and paste file data from previous openBSD into the newly installed one? THere must be a good way to do this istead of saving them as text files and copying everything by hand off another computer. Can you suggest a manual as well? thank you.
>>8099 If you fill your HDD with the closest to randomness you got, and encrypt it after, an attacker won't even know how much space you got used.
>>8101 The greatest misconception in history is that history moves forward, and people today are less intelligent/friendly/reasonable/virtuous/honorable/any positive quality than people from the past.
>>4656 >transparent proxy for Tor using pf
Can you spoonfeed a brainlet how to do that?
I settled for having my HTTPS_PROXY and HTTP_PROXY environment variables pointing to a local privoxy service and now I have to rely on my software obeying them
I wanted it to be transparent, but I couldn't. Here's what I tried:
>used local unbound.conf service as DNS server (works)
Don't remember the configuration for that, I'm not on OpenBSD right now.
>told unbound.conf resolve any tor address to the private range address of 10.100.1.0 (works), config file lines:
local-zone: "onion." redirect
local-data: "onion A 10.191.0.0"
>attempted to tell pf.conf to redirect any http port traffic destined to 10.100.1.0 to a local privoxy instance (didn't work), here's the pf.conf line:
pass on egress proto tcp from any to 10.191.1.0 port 80 rdr-to 127.0.0.1:8118
I know rdr-to doesn't support localhost for whatever reason, but that's what I couldn't figure out. An alternative to rdr-to. I tried nat-to and direct-to but I couldn't make them work either.
>privoxy proxying connections to .onion addresses through tor (works), config file line:
forward-socks5t .onion 127.0.0.1:9050 .
It's basically what I have working on Linux but it's not using tinyproxy or iptables because openbsd doesn't have tinyproxy and its firewall is pf. I couldn't repeat my iptables configuration on pf
>>8342 And my spaghetti brain transformed 10.100.1.0 into 10.191.0.0 as I typed the post, but just assume I used the right IPs there. Not being able to configure pf was the issue.
It has a tutorial. Just copy-paste and you're good to go. If you have any questions just ask there.
>privoxy
Not necessary anymore. TLS connections killed software like privoxy.
>unbound
Not necessary too. Tor has a flag inside torrc called "DNSPort". If you point that to "DNSPort 53" you'll get full system DNS over Tor (assuming your resolv.conf is 127.0.0.1). Unbound could provide a nice DNS filtering and caching, but the Tor man page doesn't recommend do that (see "UseIPv4Cache" flag on tor man page).
>rdr-to doesn't support localhost for whatever reason
See "divert-to" on pf.conf(5) man page.
>>8340 Okay thanks, I just tried that.
It acted like it was going to work for a moment but they my computer starting acting funny.
What do I do now?
/s
I got a computer with libreboot on it. but its not functional. i dont know what the fuck a beaglebone black does and how the hell i'm going to get one.
Could I not just replace the harddrive? its a thinkpad from 08. They seem to be pretty compatible with other hdd. I dont have a bacholars in computer science, but the beagle suggestion seems like lain shit and i'm not ready for that level yet.
>>8374 If the laptop already has libreboot, you don't need beaglebone black. You just have to install the system.
Some systems will not boot, because they require SeaBIOS and yours probably only has GRUB. This is the case of *BSD. Try to install Debian first, just to test.
About the HDD, yes you can replace it. You can also buy one SATA to mSATA adapter and buy a mSATA SSD. This will waste less energy, make less noise and will be faster.
>>8389 Thats exactly right, theres only yhr grub screen, it appears right away, even after replacing the ssd. I'll give it another go with debian. thank you so much.
>>8521 Yes, that is a very frequent use case of a VPN. Businesses want to limit access to their internal sites only to their employees so they have a VPN consisting of only employees.
>virtual PRIVATE network
>PUBLIC website
You have to get people onto your private network in order for them to be able to connect to the services you are running on your private network. It will only leak the IP address of the VPN server. I also would not recommend letting random people onto your network like that. The benefit with Tor is that you can share a single port that you want to be forwarded to your hidden service.
>error:
>error:
>can't install:
>can't install:
>Couldn't find updates:
>Can't install because of libraries:
>Can't resolve:
>Not found:
>Can't install because of conflicts:
<I like suffering
<I like suffering
<I like suffering
<I like suffering
<I like suffering
Can a nigga just use openBSD without being slapped across the face by a blowfish?
I want to buy a 45 to 50 TV to attach to my PC through an HDMI or DB cable. I'll use it to watch movies/anime and rarely play some games, all from my comfortable bed.
I don't need it to be "smart" or have any other meme functions for normies. Not even to be able to watch normal TV stations.
What TV should I buy?
Since I'll be playing games, it can't have a literal 2 seconds delay as some TVs do, but I will not be playing games that depend on really quick reflexes from bed.
Being 4k would be nice.
These are a few.
Please, how do you avoid these errors when you are about to install a package? They seem like frequent. How can you figure out the issue by reading error messages such as those?
If the same error happens even after doing the above, the tor-browser package might be broken. In this case you have reason to complain. For a more "effective" criticism, post the issue on ports@openbsd.org
>>8602 Yes. I am. I also upgradted to 6.6openBSD. How ever installing the tor-browser pkg will not work, but it does work when I input the command if I'm using 6.5openBSD.
Maybe I should just burn 6.6 to a disk and do a fresh install, instead of doing the upgrade from 6.5 becasue it doesn't seem to integrate everything.
I have a old machine lying around and want to put it to use. How would I get it to compile sources with flags like portage on gentoo. In my head, I think that it would be like sending the source or a link to source, then passing flags or having a config file on the machine, compiling it, then sending back the bins and installing it on my machine. How would I do this?
Where would I start as a complete beginner who is interested in making/running an imageboard? I know zilch about programming (though I know shit like HTML isn't technically a "programming" language?). I know there's a lot of open source projects that you can just use like nanochan or lynxchan for example but I figure it's best to actually understand what is going on before running a site using stuff like that. I know nothing about web security or running a website at all but I'm interested in trying to learn as much about it as I can, and then learning how to effectively host it as a hidden service.
Every web 2.0 site is basically a nice facade for a database. When you click "Submit", it will store your post. When you open a thread, it will extract all of the posts from DB, mix them with HTML and send to your browser.
>>8696 There are basically three standards at play. HTML for rendering things, HTTP for sending data to clients, and (typically) SQL for storing data on the server. Read up on the basics of those three things and you'll have a pretty good idea of what goes into an imageboard. You also need to know a server side language of some sort, lua's a pretty good choice but anything will do.
It's very common to see people only interact with the three technologies I listed through indirection. In python, it's common to see people write servers that interact with http through flask, with sql through sqlalchemy, and with html through jinja2. In general, learning the indirection tools just makes things more complicated, so I'd recommend starting by writing against the protocol directly, then only upgrade when you need things to run faster.
>how to effectively host it as a hidden service
This is quite simple, once you have a tor daemon running, run the server through torsocks, make sure to set the correct port, and set the host to "localhost".
>>8703 > run the server through torsocks, make sure to set the correct port, and set the host to "localhost".
What? There are lines in torrc which must be uncommented in order to do it.
"torsocks" package is another beast (pasted from man page):
torsocks — Shell wrapper to simplify the use of the torsocks(8) library to transparently torify an application.
> lua's a pretty good choice
for k,v in ipairs(teibl) while do end begin ebin :DDD
>>8713 nanochan is written in it, so if you plan on studying the nano source, you'll need to know lua. I've also seen it recommended for beginners on here before. As I said though, any language will do.
>>8703 Thanks, very helpful post. I've wanted to learn about programming languages on some level for quite a long time now but could never find a project that was enticing enough to make it worth it. But an image(text?)board seems simple enough that it would be a good starting point/motivation. I will admit it's still quite daunting, there doesn't seem to be any clearly defined path for any programming language. It's all pretty unorthodox how you're supposed to learn these things and how they all relate to each other, or at least that's how it feels from a retards perspective.
>>7490 I forget the term, but there are two varieties of UPS. There's one that throws relays when the AC power cuts, and there's some sort of spec to describe the time it takes to do that. Then there's some other type that's always on battery and the AC keeps the levels topped-off, so if the AC cuts, there is no switch over. I could look it up, but I'm feeling lazy.
>>5373 You can get power by using t-taps on a power cable and then hooking that up to an AC power adapter to get the correct DC output. Many of these SBCs don't use that much power so it wouldn't be noticeable. If you keep the whole setup out-of-sight and not in an area where people normally go, it could take a very long time to find if ever.
There are also ways to prevent info from being extracted, encrypt the storage drive and keep the key in volatile memory, rig the memory with battery back-up and a tamper switch. If someone tries to open or remove the case, the system powers off and the key gets wiped. To get ideas, just look at how banks secure their remote hardware. You wouldn't even need to go to the extreme they do. It is likely that if the setup is discovered, the finder will not know what it is and if they care, will not suspect tamper switches.
>VPS
Have fun not knowing who's looking at your stuff. Total hardware insecurity, worst fucking idea.
>>5379 Why not put some WPA rainbow tables on the storage and setup the device to look for those SSIDs and try to crack them. If you have some sort of service that does this when no wifi connection is established, it may function better in a dynamic environment. Perhaps having it do this from 02 to 06 would make it less noticeable than hammering the network during mid-day.
I am getting an exit status 1 when running man as a nonroot user. "sudo man man" works as expected, but "man man" returns "Error clone: main.c:2547 main: Operation not permitted \n man: command exited with status 1: ..."
Exit status 1 refers to bad configuration or syntax, but I have not changed an config files or environment variables. It clearly seems to be a permissions issue, but it is unclear what has changed. I have added some security boot parameters and a few changes in /etc/sysctl.conf, but nothing that seems like it should have any effect. I will revert changes one by one later to troubleshoot. In the meantime, does anyone have any advice?
>>8994 I also ran firecfg which symlinks many programs to use firejail. However man is not among the programs effected so I don't believe it should matter.
I want to mess around with picochan but I haven't figured out how to compile Haserl.
I installed luajit and ran this to configure Haserl:
<./configure --enable-luashell --disable-luacshell --disable-bashshell --disable-bash-extensions --enable-subshell=lua --with-lua=luajit
What else do I have to do? This is my output:
> $ make
> Making all in src
> make all-am
> gcc -g -O2 -Wall -I/usr/local/include/luajit-2.0 -Wl,-E -o lua2c -L/usr/local/lib -lluajit-5.1
> ld: error: undefined symbol: main
> >>> referenced by crt0.c
> >>> /usr/lib/crt0.o:(___start)
> collect2: ld returned 1 exit status
> * Error 1 in src (Makefile:777 'lua2c')
> * Error 1 in src (Makefile:301 'all')
> *** Error 1 in /home/user/haserl-0.9.35 (Makefile:368 'all-recursive')
> $
>>8994 What is your system? Did you change any permission or owner in /var/? Check using "ls -l /var/". Did you do anything else with this "firejail" thing? He probably sets up a random user to drop some privileges. If you used firejail in man binary, remove it and try again.
Also, off topic but: if you're using debian, try to install and use "doas" instead of "sudo".
>>9029 Using those flags works on my machine. The only flag you actually need is --with-lua=luajit for it to work. Can you check to make sure that you did not leave out any of that gcc command; it looks incomplete.
You might be able to get past that part of the makefile by just compling lua2c yourself. Go to the src directory and do
gcc -g -O2 -Wall -I/usr/local/include/luajit-2.0 -Wl,-E -o lua2c lua2c.c -L/usr/local/lib -lluajit-5.1
>>9037 Either pay for a VPN or get a seed box. There is strength in numbers.
>>9044 Thanks for the help. "which man" still points to /usr/bin/man, but removing firejail from my system fixes the issue. I am not sure what installing firejail does to man, especially since it points to the same binary and doesn't seem to break anything else. I will try to see what else firejail is doing.
>Also, off topic but: if you're using debian, try to install and use "doas" instead of "sudo".
I will look into that, thanks.
>>9069 Okay it had to do with some of the programs that were symlinked to use firejail. Removing them and adding my own symlinks works, though I am still unclear which program man was using that caused the problem.
Does any have the problem of being a PoC programmer? Everytime I think of a good idea, I only work on it until it fufills the intended purpose and completely stop working on it, even if has some glaring issues. For example, I wrote a php script that allowed me to upload and tag images to my webserver (t60 running Void). It works, but you can't edit tags, tags are appended to the end of the file and stays there, and you can't batch upload files. I kinda just stop because it 'werks' and can't really find the motivation to complete it. Is anyone else like this and is this even a problem?
>>9057 Alright, but does it include one?
>Deluge is quite useful on a headless system, often referred to as a seed box, because of its client/server model. To set up deluge on a headless system, set up the daemon as shown above
>Deluge works with a client/server model. The server is referred to as the daemon and runs in the background waiting for a client (console, gtk, or web-based) to connect. The client can disconnect but the daemon continues to run transferring the torrent files in the queue
P.S. Sorry if my questions are annoying and idiotic as you can see I'm complete pleb
Someone was on my network the other day. It was an ipaddress 1 hop away. Service was a linux laptop, but nobody except me has linux on my system (actually I don't even use linux) and I was the only one home. What do? I still have their ipaddress and I want to further investigate. When they popped up on my live feed of sources, no internet applications were being used. Which makes me think it's my neighbor, but idk.
I am suspicious, what would you do besides changing isp wpakey?
>>9090 Monitor traffic with wireshark or similar program to see what they are doing. Also, how could you tell it was a laptop? What services were running?
>>9090 Changing your password is the best solution. Wireless networks are easily pwnd by script kiddies, especially if you fail to deactivate WPS.
A MAC address based blacklist or preferably a (((whitelist))) should help if you are dealing with a script kiddie.
A blacklist would allow you to block the intruders MAC address, but he can easily spoof the MAC address and reconnect to your network.
A (((whitelist))) requires more maintenance when allowing new devices to enter your network, but would require the intruder to research the active clients on your network, and spoof his address to match.
>>9100 If the intruder has any computing sense, he will be utilizing multiple layers of encryption. Likely SSL (easily vulnerable on a local network) and some sorts of socks5 or vpn.
Unless OP has experience breaking these level's of encryption (doubtful considering his post), you wont find much information from wireshark.
A while back feds got unsupervised access to my OpenBSD box for a few days. I'd rather not go into detail, but my important data was on an encrypted drive (the machine was on and the drive was decrypted at the time though) and it was running some server software. I checked the logs afterwards and there was no attempt at anything, including login.
What possible attacks are there against such a machine? Should I just wipe it?
op here. lol yeah I'm only learning this stuff now. I'm not concerned because I have absolutely nothing of value on my systems, but it does bother me if they're bumming my internet.
I know wireshark doesn't do much, it's just good for live feed to grab ip/mac address & protocols. Thats all I know, then I did some port scans with nmap and found not much more about him.
>>9101 Okay anon, you seem pretty educated on this. Can I ask you a question on cloning scripts off git hub?
How do you clone on unix system?
If I'm going to take this further I need to learn how to find vulnerabilities.
>git clone https://github.com/path/to/file ?
>>9115 The anon you replied to specifically asked about github.
Even if he hadn't, that ssh command doesn't actually clone repos if you don't have a custom shell on the other side.
>>9101 >>9105 When did we get so many illiterate newfags? Go read man pages. Stop asking retarded questions here.
>>9102 Are you dealing with local police or really feds? Local police won't even be able to enter windows, let alone a softraid-crypto openbsd. The feds, though, might try to do something (even though they will probably not be successful).
If you're in danger, I would recommend you switch your hardware and reinstall openbsd. If they consider you a real 'threat', they might have reflashed your firmware or put a hardware implant (such as rubber ducky).
Although I don't think they would bother, unless you're really doing something that puts many other lifes in danger.
> 922496+0 records in
> 922496+0 records out
> 472317952 bytes transferred in 25.757 secs (18336850 bytes/sec)
>unplug flash
>plug in flash to other laptop
>bios
>boot usb flash
>"An operating system wasn't found. Try disconnecting any drives that don't contain an operating system"
gees, I've been made, I don't know what else to do or why this is not booting.
sd1 is the correct drive. Anyone ever get this prob?
Is anyone having problems with openssh 'client_loop: send disconnect: Broken pipe'? I've tried increasing ClientAliveInterval and ServerAliveInterval and nothing is working.
Does anyone know how to add tor to mutt for proxy with cockli addresses?
Also how to do pgp with it?
I haven't found any good guides for proxying it but I have seen some off and on stuff with pgp but I'm unclear on how to use it.
I want to buy a brand new resistant/long lasting business looking laptop(thinkpad?). I'll take it along business travels.
Needs:
>be brand new
>Not be over 900U$
>resistant/long lasting
>business look
>microUSB3 charger
>hdmi ports
>11 min 14 MAX screen
>4GB ram+
>compatible with Linux
>barely run CS:GO at 60fpsand therefore have openGL support >some form of keyboard illumination
>quality trackpoint
>SSD/HDD being easily accessible for swap is great
Doesn't need:
>to be thin
>to be faggy looking
>to be light
>to have touchscreen
>to even have a webcam
>to even have a built in mic
>do anything more intense than playing csgo at 60fps at low settings
It will constantly run with at least one 1080p monitor attached to it.
1080p screen would be nice.
>>9176 Good thinkpads doesn't have the specifications you're looking for, only 'modern' lenovo thinkpads and they are shit.
I would recommend this if you're look for that exact specifications:
https://system76.com/laptops/darter
>>9177 >am at home
>attach to secondary screen
>am at work
>attach it to secondary screen too
>am at university
>use only the laptop's screen
I don't see myself doing that witha tower daily.
>>9178 >>9187 My country has retarded importation laws. If it's not a big brand notebook (I will have to import it myself) I'll end up paying 2.5x the price if I'm lucky.
>only 'modern' lenovo thinkpads and they are shit
Guess I'll stay away from E490.
>>9189 There is no brand new "big brand" notebook/laptop/*book that is better than a Purism at this time.
Sure, Dell sells a Linux laptop, with whatever firmware.
System76 is the only one that comes close, (doubt they count as "big brand" either), supposedly they were working on better firmware or something, whilst Purism already has it (ME blocked, Coreboot etc out of the box).
No new "big brand" laptop is supported by coreboot either afaik.
>>9187 (me)
>>9189 Well, dunno what to suggest then. Try Carbon X1, if that's only what you can find:
https://flak.tedunangst.com/post/Thinkpad-Carbon-X1-2015 >>9194 >No new "big brand" laptop is supported by coreboot either afaik.
Only Chromebooks, I think. But it doesn't have the specifications this anon wants.
>>9175 Very true anon, Also could be using my computer to attack other networks(I don't know any details on this), I've read stories of CIA under covers doing this to foreign assets abroad other countries to get them fired from a possision, it's a dark world, sometimes I get scared just being on this site.
I changed the wpakey, that's all I could do.
>>9202 This.
Part of what makes using Tor "dangerous" I think is not that it actually is dangerous, but that people perceive it to be.
"Oh that haven for illegal stuff, stay away from there!" sorta ignorant mentality.
Didn't they do a study where only about 2-5% of Tor activity was actually illegal?
I wonder what percentage it is for the "clear" web!
If you believe what you read here on Nanochan, it sounds like most big bad evil cyber busts are the result of planting/framing on people the glowers don't like, not so much actual criminals.
Anyone else getting error 429 (Too Many Requests) while using youtube-dl? Is youtube blocking Tor or someone is using Tor to "DoS" youtube? This is happening to me since two days ago. I've updated the script already and rotated my circuits. In nearly all of them I get error 429.
Also, many invidio.us instances are being blocked recently...
>>9224 I am, I've tried recompiling it but its probably jewtube getting better at preventing people ripping it. Invidious has some googlevideo api that they're using that you can rip from but the torbrowser has had issues downloading shit while other browsers don't.
>>9263 Is it a bad idea to use the same password for both my personal account and the root account?
If yes, why?
I am the only user on this machine. I am using linux.
At risk of sounding like I'm some sort of glow nigger data mining habits, is it really viable to do the majority of your browsing with javascript disabled? I mean browsing other imageboards that aren't designed to be used without javascript, watching videos on invidio.us, consuming news, stuff like that. Here on nanochan following reply chains is simple as there's functionality built specifically for it like clicking on quotes and having the referenced post highlighted. But on sites like 8glow these features just don't exist without javascript. I'll go through these phases where I try to change my habits and increase opsec, but ultimately it gets very cumbersome trying to maneuver through sites without javascript. It's all so tiresome.
>>9294 I've never used JavaScript, so yes, it is viable to do the majority of your browsing with JavaScript disabled. I wouldn't know about Invidious or YouTube or whatever -- I don't use them, and most news-sites work without JavaScript. Sites which require JavaScript, I simply boycott. On imageboards, as long as you read through the whole thread continuously, you don't need to refer back to previous posts -- you generally know what post is being referenced, or you remember the last three digits of the referenced post, and scroll up, looking through the last three digits of the post numbers to find the referenced post.
There is no excuse for using JavaScript, so stop making excuses to use JavaScript. If there's a specific site which you'd like to use, but which requires JavaScript, you should contact the webmaster, and let him know his site's broken.
>>9294 >is it really viable to do the majority of your browsing with javascript disabled?
Yes.
>other imageboards that aren't designed to be used without javascript
I wouldn't trust them if they require javascript.
>watching videos on invidio.us
Use youtube-dl and mpv. If you call "mpv https://youtube.com/watch?v=xxxx" and youtube-dl is installed, it will automatically open it in the player.
>consuming news, stuff like that.
>It's all so tiresome.
You need to read about RSS then. Get Newsboat. It doesn't require javascript at all and most site (surprisingly) still have them.
For email, get a server which gives you open doors, and then install mutt and point to them. This way you get the emails without javascript or browser.
Some websites you will not be able to get into without javascript, such as social media. In this case you can:
- Stop using them, if possible
- If not, use some proxy like archive.is[1], web.archive.org, etc.
Some functionalities will be lost disabling javascript, because the web nows is mostly cancer. But there's many benefits and they are not just security and privacy, but also speed. Links browser loads websites much faster than any "modern" browser.
>>9299 I already heavily utilize RSS feeds and have for awhile for videos across invidio.us and bitchute, and just about anything else that has feeds available for it. I think the biggest issue I have with trying to use the tor browser full time is not being able to maintain by tabs/session. Would it be a bad idea to enable history so session manager would function again and I can maintain my tabs after a reboot?
>>9300 Although still hitting the disk an alternative is to just make bookmarks of all your tabs.
Right Click on Tab -> Bookmark All Tabs
Bookmarks -> folder -> Open All in Tabs
>>9301 Didn't know you could do that. I guess that does essentially the same thing. Though session manager is a bit more seamless, and if enabling history can't be fingerprinted and the only concern is physical access to the data than I don't think it's something I care about as I use full disk encryption.
Is there any way to determine what daemon listens on a remote port? I know that nc can check if port is open, but grepping /etc/services is not absolutely reliable source of information.
>>9273 >Many people re use the same password. It's not a good idea, but you already knew that.
I decided to use a slightly variation, for the root password just in case.
What i wanted to know was if there is some way for a rogue software to somehow retrieve my account password and therefore having access to my root account if i used same passwords.
How do I add things to tor in proxychains and how do I make everything in the system route through this?
I have
socks5 127.0.0.1 9050
https someproxyip login pass
But it does not give me my vpn ip it gives me a tor ip
>>9344 > How do I add things to tor in proxychains and how do I make everything in the system route through this?
I suppose you can't, because tor doesn't support UDP.
>>9344 You probably need a middlebox. Setup a Tor transparent proxy on your system using your firewall. Then point to your middlebox (VPN, whatever). There's probably articles online on how to do this. The search engine is your friend.
>>6418 >For example, some protocols are known to be vulnerable (such as WPS, WPA, Bluetooth, etc).
I haven't heard of Bluetooth being vulnerable in any way. I had the idea that if you are not a retard when pairing devices you are safe. Do you mind to elaborate?
>>9418 First see what interface you have. Just typing "ifconfig" will show you a list. Use man pages if necessary.
Then scan the network (I'll use athn0 in this example):
$ ifconfig athn0 scan
After that, find the name of the network you're trying to connect to.
Open this file (if you don't have this file, create it):
$ doas vi /etc/hostname.athn0
Note that this ends with ".athn0", because in this example I'm using athn driver. If you have intel it will be "iwm0", and so on.
Write this to the file:
lladdr random
nwid "Xxxx" wpakey "xxxxx"
dhcp
Where "nwid" is the name of the network and the "wpakey" is the password.
After you've done that, just type:
$ doas sh /etc/netstart
And done.
You can also put that on /etc/doas.conf
permit nopass anon cmd sh args /etc/netstart
Where "anon" is your current user name. After that, you can use the command to reload the network without needing root. You can also create an alias in your ~/.kshrc or ~/.profile
I tried to get an account with privateinternetaccess and even paid in full but they never sent me my login information. I've contacted them about 5 times now but never get a response. Can someone tell me if they have had similar issues with this provider and how to contact them? Currently I am using secmail. Is secmail spam filtered or something?
>>9546 >WHATSA PGP AND WHERE DO I GET MY OWN KEY?! HELP
A PGP key is a universal key to hax into computers(it means ProGram Penetration key).
I can sell you one for as low as 0.1 BTC fren, contact me at ballsand@cock.li
Does anyone know how I could get my hands on some SPARC based computers relatively cheap? I'm currently in college (no bulli plz) and want to tinker with SPARC stuff. 1+ Ghz and >3Gb ram would be optimal. Any ideas?
>>9569 Ebay is your only option... search for Sun Fire T1000 and be prepared for the noise. Some people remove the fan and use other form of cooling (such as submerged in oil), because the fan is too loud and wastes too much energy.
If an OS patch/upgrade removes packages from a binary. Would the solution be to port all missing .tgz and re-compile everything? I've been using TOR for reading books. Idk if anyone here is actually using openBSD, I've been using it as a learning tool, but having a hard time with direction on where to start so I can get TOR back up. Please go ahead and shred me to pieces if you want.
Missing dependencies openBSD6.6:
>torbutton-2.0.7.tgz
>tor-launcher-0.2.16.6.tgz
>https-everywhere-2018.8.22.tgz
>tb-noscript-10.1.9.6.tgz
>tb-browser-8.0.2p0.tgz
How does one get encryption to work with xmpp in general? I've used both the Psi+ and Dino clients, and every time I join a room, I get an error message of saying that my client is incompatible with encryption. I can see a button for toggling encryption in the UI, but can't click it. What's going on? Are these clients only compatible with encrypted one-on-one chats, but not group chats? I'm very new but have tested a lot to little success. Help?
>>9726 I have no idea, but you're probably better using JACK for that instead of pulseaudio...
>>9727 I'm not sure, but I think not all clients using OMEMO supports group chats. Or when they support they don't operate well together. So, ask the people you're communicating with to use the same client.
https://github.com/dino/dino/issues/538
>>9728 Thanks, but I can't communicate with them at all if "my client does not support encryption" of course, seeing as they only use encrypted chats. There's no way I believe asking people I communicate with to use the same clients is in anyway practical or what is usually necessary. That would defeat one of the biggest points of xmpp: decentralization for a reason too silly for such a mature protocol
>>9729 There's no solution, then. It's like asking for TLS 1.3 when you don't even support TLS 1.2 yet. You can't have OMEMO encrypted group chats if no one else in the group has a client that supports it.
Just ask one of the people which client he uses and then search for what encryption protocol it supports...
Accidentally compiled st without a "copy" command, turns out that makes copying just work.
I'm not even going to ask what is putting the text of my terminal into my clipboard, because ctrl+shift+c still puts selected text into the clipboard, and it does the right thing of using both the "primary" and "clipboard" clipboards.
However, now my st treats a ctrl+shift+c as ^C. Is there any way to make the ctrl+shift+c become some noop or a command I couldn't care less about just so it doesn't send a ^C when I copy stuff?
Is there are any algorithms that would take the same amount of time to complete, regardless of processing power? I want to use some sort of proof of work without leaving behind older hardware.
>>9756 The identity function requires 0 seconds to complete regardless your processing power.
Joking aside. This is only possible in a trusted distributed system where machines could tune parameters themselves to slow themselves down to the speed of the slower machines. You could have some sort of consensus on agreeing on what that speed should be and everyone calibrates themselves to reach it.
If you want arbitrary people to join and leave your distributed system you should switch to a proof of stake based consensus algorithm.
>>9744 I don't think so. Not without it losing quality. You can change parameters such as kerning and spacing though:
https://en.wikipedia.org/wiki/Kerning Or just use another font.
>>9756 I don't think so. There's just too many variables.
If you set some specifications, such as minimum amount of hardware power, minimum amount of memory, realtime kernel scheduling and thread safe, it might be possible to have a pretty good estimation of time completion. Although you're still subject to physics weirdness:
https://en.wikipedia.org/wiki/Flip-flop_%28electronics%29#Metastability
What exactly is it that you're trying to do? Or is this just a hypothetical question?
>>9757 I forgot to mention that what I was describing is more commonly known as proof of elapsed time which just sleeps for a random time instead of doing an algorithm that has a chance of succeeding over and over. This has the benefit of not needing very much power since most of the miners are sleeping (low power) instead of doing ton of hashes per second (high power).
I need to run a windows vm but i dont want to deal with setting up a new windows install. I think i saw a windows 'distro' with tor and stuff already installed. I think it was like a tails alternitive, but for windows. Does anyone know what im talking about?
>>9768 It's called "WinPE" (preinstalled environment). Never saw one with Tor preinstalled (and I wouldn't trust those, btw), but you can find on the "mydigitallife" forum (need account). Or, you can create your own using PEBakery:
https://github.com/pebakery/pebakery
>>9768 ameliorated.info may help with this problem along with lots of others. It may not be pre-set up, but there are many less steps compared to normal builds. Honestly such a godsend that removes hoops I'd normally have to jump through in many areas. Highly recommend. It's not too common that a solution solves both practical problems as well as idealistic ones, so I think Windows Ameliorated shouldn't be overlooked for that reason.
>>9769 (me)
>>9805 >ameliorated
Interesting. Never heard of it. Don't know, though, how they did what they did and why this was not taken down by microsoft yet. Their FAQ says that "the replacement applications provided in AME also attempt to fall in line with open source considerations" but I don't see any repository for their code at all. Are they refering to chocolatey usage? They are probably using these "hardentools", but it's just it or there is more to their ISO? https://github.com/securitywithoutborders/hardentools
Seems nice the project. Will definetly test it some time.
>>9821 >Most chat applications work over TCP meaning you can use them over Tor
I have no idea how to do that...yes, I'm a dumb noob.
>What exactly are you looking for in the chat application?
I want to create my own channel/chat but I want to use it trough tor browser itself. I tried using MADIRC but I failed to figure it out (I wasn't able to join other channels and so on).
>>9940 >8 bytes
You mean bits i assume
Anyways 7 bits is only for the basic english alphabet, other languages do use the other half. You can fit entire russian alphabet there for example.
Btw it could have been the ultimate encoding not being for chinks. Now we get fucking utf emojis cancer
Is rust becoming any viable alternative to c++?
Asking primarily from embedded dev point of view. I see no (updated) way to compile rust code to c, while there is a way to compile golang to c and vice versa. Furthermore golang now has semi-official support for embedded devices (with manual memory management if i understood correctly), while rust struggles to get proper assembler for the most popular embedded devices. And mozilla doesn't want to spend precious goolag/soros fiat paper on really useful project, instead they spend it on some retarded "let's rewrite everything in rust" initiative. The more i read about "i tried to rewrite my c program in rust" blogposts the harder it becomes for me to even think about switching to rust. STD is unavailable anyway, so what's the purpose of it? I can write perfectly fine in pure KRC anyway.
If only c++ would finally deal with legacy c support and released some easy to adopt c+=2 spec. Also remove >< mumbo-jumbo and make constexpr evaluate by default That would be neat.
>>9946 As a follow up, Windscribe is a very capable free VPN if cost is one of your reasons for choosing Tor instead of a VPN. You will find very few services besides Windscribe that give you at least 10gb per month AND allow torrenting, for free.
I'm not too keen on openbsd but pkg repos should have some metadata that specifies directories that must be created during install. If you can scrape that, then you should be able to write a script that does pkg_delete as well as removing all created directories.
I had spare time so I decided to make spectrograms out of my entire audio library with sox so I can review it.
This is a frequency graph of a .flac audio file.
What the fuck is going at just over 20hz? It's not complete silence, so that's one weird as fuck cutoff, and then there are little areas where the audio goes over it.
>>10119 Actually I have yet another oddity.
Lots of files from different people have a weird area with higher volume at 16khz for the entire track. Represented in the graph by a brighter line at 16khz.
Pink Floyd, AC/DC, CCR, anime soundtracks, Highwaymen, and lots of other material. Is there something I just don't know here?
>>10119 >>10120 That's how basically all mastered audio is like. As you know, humans can't hear above ~20kHz. In mastering, everything above ~15kHz is considered noise, so they just remove or decrease levels using EQ, because it can interfere with other high-frequency sounds (mostly instruments like bells, flutes or high notes from pianos).
You can inspect those areas using some tools. One of the most used ones in industry is from iZotope, the RX7. If you're really interested, fire up a windows VM and download a pirated/trial version.
But spectral data is useless, unless you're editing the audio in some way or just want to look badass with your tilling window manager and the spectrogram from a Perturbator music playing in.
>>10121 They don't.
>>10120 After some google-fu apparently it's NTSC/PAL horizontal refresh.
This file even has 3 of them and then an unexplained one at nearly 20khz. There's another with a line at 10khz, which is a hearable frequency, but I haven't noticed it.
>>10123 I was primarily looking for obvious signs of having been encoded from lossy to FLAC. Luckily none of my files turned up that way.
Here's a 58MiB tar file with a bunch of lossless webps of spectrogram graphs of different lossy encodes aswell as the lossless original of a music file.
Once you know what a lossy file looks like you can tell by making a graph and jugding it, although absurdly high bitrate vorbis or opus in general can be hard to tell
Questions that don't deserve their own thread? I can one up that! How about a question that doesn't deserve it's own post!
Basically I've been using my own fork of dwm for about a year and a half now. I like tiling window managers for smaller screens, but I just got a bigger monitor for my desktop and realised that tiling windows are annoying when you get to a certain sized screen. Gonna keep this setup on laptops, but I feel like moving to a DE I think. Oh yeah, also I've been using more GUI's (various frontends for shit I used to just do on cli) and guis are dumb with tiling windows.
tl;dr what are good desktop environments and why? I run gentoo so I'd rather not install a bunch of shit to try it out, hence why I'm asking here.
>>10139 I use gnome and cant really complain. Its intuitive, things do what you expect them do to, if it ever coughs up (mostly when fucking around with xrandr - gnome doesnt handle it that well) it takes literally about three seconds to restart. I mean i dont know what else would i say, this is the kind of software that you can judge it does its job well by the fact that you are not even aware its there most of the time.
Ive used KDE for a while and hated it, ive constantly had to look on the internet for how to do anything. It gets a bit frustrating after a while.
>>10140 >GNOME 3 is written with the systemd init system in mind
I'm on openRC and recompiling everything to have systemD support sounds like a massive pain in the ass. I had to fix something on my friends ubuntu laptop and I found gnome to be okay, definitely agree with the general consensus that it feels like a ui for tablets though.
>>10143 >CWM
Nice subtle openBSD shilling, it looks pretty good so I may try it out on an openBSD system. Am I correct in thinking that it is like a cross of dwm and openbox?
>xfce lxqt
I'll probably end up on xfce as I use thunar anyways.
Cheers for the recommendations anyways, I'll definitely be checking out cwm.
Just having a quick look at cwm it seems to have a dmenu like feature built in. I rely heavily on the dmenu scripts I've written, so I was wondering if you happen to know if it would be possible to port said scripts to use this exec menu?
>>10143 (You)
5 mins playing around with cwm and it's literally perfect for my workflow, thank you so much for recommending this honestly.
polite sage as I'm essentially flooding at this point
I'm an useless NEET fuck and have plenty of spare time. I run gentoo with a tiling WM, live almost exclusively on the command line, write small shell/awk scripts, and also some static web pages with markdown+pandoc.
I want to make the jump from user to programmer. I want to one day perhaps contribute to some software that I had good experiences with such as tmux and cmus or write my own piece of software that will make it to users like me.
>>10177 You can either learn programming from a project based approach where you start with simple projects and then work your way up with increasingly more complicated projects or you can go with a more of theory based approach where you learn the fundamentals first and then learn how to apply them by programming. Personally, I think a mix of the two work well.
If you want, I can offer you some private lessons for free.
>>10180 Are you taking me up on my offer? If so, leave me your email address so we can start corresponding, else I am not really sure what you are getting at.
>>10200 >Nano community is not "inclusive" so be homo gender-pender-transformer
I am a transexual furry talking cat currently married with my love endofuctor(pronouns you may use are she, they), i will not stand you being a bigot transphobe in my imageboard as I have no interest in being a platform for ideologies i disagree with!
You have been banned for "being a bigot".
You ban will not expire.
>>10177 What do you want to achieve?
I'm reading about coding and trying things out in my spare time, which useless NEET fuck have a plenty of. Nothing to boast about, but I can show out some introductory stuff with examples.
So, here's my tox ID. I'm curious to test it, btw.
E49FFDCF51A82159E5049F0E3613A68EBA489FE896D30EB11AD815D0FD8A3C3F00D54CEDBC71
>>10203 >tox
I think it's weird that anons are so eager to use p2p chat with other anons. iirc they also have some weak homebrewed crypto. What got you into using this and aren't you skeptical about handing your ip out to strangers? I get that it's good bc "no logs no crime", but you aren't exactly looking to have a serious convo by posting your ID on a random bort now are you?
>>10198 Seconding this, just post whatever challenges you give the guy in a new thread.
>>10207 imap leaves your emails on the server, you just download a copy of them. With pop, when you download your emails, they're deleted from the server. imap has other features like different mailboxes too IIRC. Typically imap is preferred for being more featureful, but im sure there are autists here who prefer pop for the same reason.
Was reminded again why I got rid of proxycap.
Shit wants me to pay.
Good open source alternative or trustworthy crack pls.
This is like the last active /tech/ board on the internet.
How do you remember your onion links?
Do you just use bookmarks in TBB?
Or do you have all the links you use saved in plain text, encrypted text?
Do you save it on paper?
I have been wanting to use Tails as my main way to browse the interwebs but just don't know of a relatively easy way to get my onion urls on there?
>>10221 But, it's hilarious to say that the web is so garbage web browsers don't even trust them to store links, and that is oh so very true, however you can do the classic thing and keep a bookmarks.html.
Sup fa/g/gots, after 3 years no phone I reached a point in my life where I was forced to get one. Got a "broken" S5 for $20, still remembered how to do everything installing lineage, adding iptables rules, removing system apps etc. Something I can't figure out however, is setting up a Debian chroot. The phone is basically useless to me outside of SMS and I could potentially get work done on this POS if I could get some familiar environment working. So does anyone know how to do this?
And no, I'm not looking for app suggestions, I'm not giving a random app root privs for something that can be done at the command prompt.
>>10226 >bookmarks.html
This.
Why don't you have a ricey start page with your links on it?
I want pkg icons on the desktop. It doesnt have to be anything spiffy. Where on openbsd are the config files? Kinda of stupid question, but the struggle is real and i got a feeling its easier than its made to believe.
>>10268 It depends on your desktop environment. If you're using XFCE, check their documentation.
>>10319 You mean image/video reverse search? Don't know about those.
But you can reverse search text in pretty much any search engine (duckduckgo.com/html doesn't require javascript). You just need to use quote symbols. For example, if you have a quote from a book or something, just write it within quotes such as: "mentem mortalia tangunt".
>>10266 >Debian chroot
Why? It's not really much more secure than just using Termux. If it doesn't have some packages that you desperately need, there are scripts to install basic Linux environments in a Termux proot.
>>10266 There have been attempts at creating a one-click setup for arch and alpine environments, the former is useful for extra packages termux does not provide and the latter is a nice chroot for only 4MB. If all you want is a debian environment stock termux is fine. Use termux-chroot for a more correct directory structure at the cost of reduced performance.
>>10343 >>10345 Thanks guys, I haven't had a smartphone in a while so I wasn't really sure about it. Termux seems to be perfect for what I needed, cheers.
Thread dedicated to Questions That Don't Deserve Their Own Thread
(but are worth asking)