Discussion Thread Endwall 02/24/2018 (Sat) 01:52:08 [Preview] No. 1145 [Reply] [Last 50 Posts]
DISCUSSION THREAD
Want to say something off topic about anything?

Have a hot tip about something in the computer security world that doesn't fit into any current thread or category?

Want to chat with your fellow invisible 7 proxy friends?

Want to tell Lt. Gen Michael Hayden, GEN Keith Alexander, ADM Michael Rogers, GOOGLE, AMAZON, FACEBOOK and Microsoft etc. how you feel?

It's open mic at >>>/os/ , anything goes!!

Put all of your banter here:


Anonymous 02/24/2018 (Sat) 02:00:58 [Preview] No.1146 del
I thought this was Operating Systems.

Where my Gentoo bros at?


Endwall 02/24/2018 (Sat) 02:34:06 [Preview] No.1148 del
>>1146
It will be Operating Systems when I'm done with it...



Non x86 laptops Anonymous 12/16/2017 (Sat) 18:16:13 [Preview] No. 11954 [Reply] [Last 50 Posts]
What is there available in the non-x86 laptops? I only know the old PPC macintosh laptops.


Anonymous 12/16/2017 (Sat) 18:23:54 [Preview] No.11955 del
There is that MIPS lemote laptop but it's fucking expensive.


Anonymous 12/16/2017 (Sat) 23:45:57 [Preview] No.11962 del


Anonymous 12/17/2017 (Sun) 10:20:08 [Preview] No.11971 del
Novena
TERES I
EOMA68
Pinebook
DIY Modular Open Source Laptop >>10163


Anonymous 12/22/2017 (Fri) 11:30:14 [Preview] No.12034 del
>>11971
On that note, where can I buy Novena with a battery/charger board? I mean today, IIRC they did their crowdfunding thing and that was it.


Anonymous 02/24/2018 (Sat) 02:31:33 [Preview] No.12423 del
Samsung Chromebook Plus
Asus C101PA Chromebook
Acer R13 Chromebook



Windows Security Thread Endwall 02/24/2018 (Sat) 02:29:59 [Preview] No. 1147 [Reply] [Last 50 Posts]
WINDOWS NT Security Thread

It turns out that MS Windows NT has an 80% market share in the Desktop Operating Systems Market (whatever that is...) So in all likelihood, if you work a job anywhere, you will be forced to sit down and work on one of these machines running this well known gem of an operating system. You probably won't have administrator rights, but that's OK, we'll make do.

In reality there is no Windows security but in this thread we will try to make life a little bit better even if it is just for a placebo effect. Also Windows hackers come and show us how you hack us up real good, and help our poor unprivileged users gain administrator rights without a password, so that they can install Mahjong. Windows Advanced Firewall, Registry Editing, Browsers, etc. Post all the tips and tricks to make Windows NT better than ever.



VPN/proxy/TOR general thread Anonymous 04/15/2016 (Fri) 22:12:39 [Preview] No. 2 [Reply] [Last 50 Posts]
Cool board idea.

What's the safest possible way to browse the internet anonymously and safely? There's a thread on /tech/ with the endwall developer talking about proxychains, and that seems pretty cool. Some of the links to proxy lists seem dead, and I have found some online but why should I trust these random 'free' proxies?

What about proxychains over VPN? I'm currently using Mullvad which is alright, and I'm curious about more security if need be. Does a VPN -> proxychain -> TOR connection work? Sounds horribly slow in theory, but I think we all know that privacy comes at a cost in our current world.

I suppose I could call this a 'VPN/proxy/TOR general thread.'
53 posts and 5 images omitted.


Anonymous 02/14/2018 (Wed) 14:25:42 [Preview] No.1120 del
One thing people will notice but never say is that normies WANT TO USE VPNS THEY THINK THEY CAN USE ONE ON A PHONE.

Look at android and itunes top apps paid and free. Those lists are LITTERED with BULLSHIT VPN apps that DO NOTHING for privacy. Hypocrites. Anyone who says "lets microchip everyone I aint got nothing to hide" They do they are hiding behind that talking point instead of an actual opinion. Somehow the media has convinced the people to want to ban vpns while the top apps for mobile are vpn apps aside from games and shit like tinder.

These cucks want all they microchips laws to go through. They think hola free vpn .apk is going to hide them as they downvote something they are supposed to downvote. Look at chrome extentions firefox extensions. All browser fingerprint spoofing.Look at the most torrented proprietary software. All virus protection programs like mcaffe and norton antivirus.
they think that they are not supposed to use vpns or shit that actually works. A bunch of incognitos pretending they dont need privacy. They dont need privacy now that being a pathetic homosexual that does nothing but pout about liberal nonsense is the ideal citizen.


Anonymous 02/14/2018 (Wed) 15:20:36 [Preview] No.1122 del
>>1120
Perhaps the most loud are the most unaware. I would bet my money the ones who care know anything about VPNs aren't dumb enough to yell and scream about muh terrorists or such. Or atleast there may be a little overlap.


Anonymous 02/14/2018 (Wed) 21:49:40 [Preview] No.1124 del
>>1122
Yes I am a sec beginner so I am loud in my observation of this lol.Any politicizing of technology is dangerous. Also proprietary companies like google are a threat too.


Anonymous 02/15/2018 (Thu) 01:24:08 [Preview] No.1125 del
>>1124
Ah mate, I'm on your side, there's been some miscommunication. What I meant was the age old "vocal minority" being the loudest, while the majority quietly enjoys their lot, with a slyly opportunistic smirk.



Online Security News Endwall 07/07/2016 (Thu) 06:09:23 [Preview] No. 149 [Reply] [Last 50 Posts]
See a news article or CVE bug report on an emerging computer security issue and want to share it? Post below.

I will also post links to Hak5 Threatwire videos.
Edited last time by Endwall on 07/07/2016 (Thu) 16:22:47.
476 posts and 3 images omitted.


Endwall 02/10/2018 (Sat) 19:27:13 [Preview] No.1110 del
Jupiter Broadcasting
Here Come the Script Kiddies | TechSNAP 354
Posted on: February 1, 2018
http://www.jupiterbroadcasting.com/122057/here-come-the-script-kiddies-techsnap-354/
AutoSploit has the security industry in a panic, so we give it a go. To our surprise we discover systems at the DOD, Amazon & other places vulnerable to this automated attack. We’ll tell you all about it & what these 400 lines of Python known as AutoSploit really do. Plus injecting arbitrary waveforms into Alexa and Google Assistant commands, making WordPress bulletproof & how to detect and prevent excessive port scan attacks.
Video
http://201406.jb-dl.cdn.scaleengine.net/techsnap/2018/techsnap-0354.mp4
Audio
http://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/e2e1b46b-2f05-465f-821b-95680dc0cda0.mp3

https://arstechnica.com/information-technology/2018/02/threat-or-menace-autosploit-tool-sparks-fears-of-empowered-script-kiddies/
https://www.theregister.co.uk/2018/01/31/auto_hacking_tool/
https://www.digitalocean.com/community/tutorials/how-to-use-psad-to-detect-network-intrusion-attempts-on-an-ubuntu-vps

https://github.com/NullArray/AutoSploit


Endwall 02/18/2018 (Sun) 05:36:11 [Preview] No.1135 del
Hak5
Break And Enter Dropbox - Amazon Key Gets Hacked - ThreatWire
Amazon's Key has another vulnerability, Apple's source code gets leaked, and cryptomining hits government sites.
https://youtube.com/watch?v=YFgKJ2liAUs [Embed]


Endwall 02/24/2018 (Sat) 00:52:16 [Preview] No.1141 del
Jupiter Broadcasting
The Concern with Containers | TechSNAP 356
http://www.jupiterbroadcasting.com/122482/the-concern-with-containers-techsnap-356/
Posted on: February 15, 2018
The problems containers can’t solve, nasty security flaws in Skype and Telegram & Cisco discovers they have a bigger issue on their hands then first realized. Plus the latest jaw-dropping techniques to extract data from air-gapped systems.

video
http://201406.jb-dl.cdn.scaleengine.net/techsnap/2018/techsnap-0356.mp4
audio
http://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/0d9f7516-90f2-4dd5-82e4-3bb92e6de943.mp3
youtube
https://youtube.com/watch?v=3dGntsiAZtQ [Embed]

show links
http://www.zdnet.com/article/skype-cannot-fix-security-bug-without-a-massive-code-rewrite/
https://securelist.com/zero-day-vulnerability-in-telegram/83800/
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1?source=infected.io-telegram

Message too long. Click here to view full text.



Endwall 02/24/2018 (Sat) 00:56:07 [Preview] No.1142 del
Computer Science > Cryptography and Security
Title: ODINI : Escaping Sensitive Data from Faraday-Caged, Air-Gapped Computers via Magnetic Fields
Authors: Mordechai Guri, Boris Zadov, Andrey Daidakulov, Yuval Elovici (Submitted on 8 Feb 2018)

Abstract: Air-gapped computers are computers which are kept isolated from the Internet, because they store and process sensitive information. When highly sensitive data is involved, an air-gapped computer might also be kept secluded in a Faraday cage. The Faraday cage prevents the leakage of electromagnetic signals emanating from various computer parts, which may be picked up by an eavesdropping adversary remotely. The air-gap separation, coupled with the Faraday shield, provides a high level of isolation, preventing the potential leakage of sensitive data from the system. In this paper, we show how attackers can bypass Faraday cages and air-gaps in order to leak data from highly secure computers. Our method is based on an exploitation of the magnetic field generated by the computer CPU. Unlike electromagnetic radiation (EMR), low frequency magnetic radiation propagates though the air, penetrating metal shielding such as Faraday cages (e.g., compass still works inside Faraday cages). We introduce a malware code-named ODINI that can control the low frequency magnetic fields emitted from the infected computer by regulating the load of the CPU cores. Arbitrary data can be modulated and transmitted on top of the magnetic emission and received by a magnetic receiver (bug) placed nearby. We provide technical background and examine the characteristics of the magnetic fields. We implement a malware prototype and discuss the design

https://arxiv.org/abs/1802.02700

full paper
https://arxiv.org/pdf/1802.02700


Endwall 02/24/2018 (Sat) 01:18:49 [Preview] No.1143 del
Jupiter Broadcasting
The Return of Spectre | TechSNAP 357
http://www.jupiterbroadcasting.com/122722/the-return-of-spectre-techsnap-357/
Posted on: February 22, 2018

New variants, bad patches, busted microcode & devastated performance. It’s a TechSNAP Meltdown & Spectre check up. Plus Tesla gets hit by Monero Cryptojacking & a dating site that matches people based on their bad passwords…. So we gave it a go!

video
http://201406.jb-dl.cdn.scaleengine.net/techsnap/2018/techsnap-0357.mp4
audio
http://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/3ad2e9bb-44f4-4889-8c42-992309c470df.mp3
youtube
https://youtube.com/watch?v=yZwpwW6WLQg [Embed]

show links
https://github.com/hannob/meltdownspectre-patches
https://blog.barkly.com/meltdown-spectre-patches-list-windows-update-help

Message too long. Click here to view full text.




Meltdown fix committed to OpenBSD Anonymous 02/23/2018 (Fri) 01:58:09 [Preview] No. 12419 [Reply] [Last 50 Posts]
>Meltdown mitigation is coming to OpenBSD. Philip Guenther ([email protected]) has just committed a diff that implements a new mitigation technique to OpenBSD: Separation of page tables for kernel and userland. This fixes the Meltdown problems that affect most CPUs from Intel.
>When a syscall, trap, or interrupt takes a CPU from userspace to kernel the trampoline code switches page tables, switches stacks to the thread's real kernel stack, then copies over the necessary bits from the trampoline stack

Very good news. Let's see the performance impact. As undeadly contributor said, help test the snapshots from 22 february. Here (check the SHA256, please - use install62.fs for usb stick or install62.iso for CD-ROM):
https://ftp.OpenBSD.org/pub/OpenBSD/snapshots/amd64/


Anonymous 02/23/2018 (Fri) 02:22:24 [Preview] No.12420 del
>linux patches in a day
>bsd patches in a month


Anonymous 02/23/2018 (Fri) 22:54:11 [Preview] No.12421 del
>>12420
>linux does any crap diff because is employed on too many servers
>the diff reduces 50% of the performance, making servers owners waste much more money on energy
>bsd makes it simple, clean and secure. Take time, but it's did not messed too much with the kernel and is pretty verifiable for possible bugs/exploits.
>So far, no notice of performance impact, from what I know

You see, your argument is not so valid. Linux and BSD are different and users have different needs.


Anonymous 02/24/2018 (Sat) 00:53:38 [Preview] No.12422 del
>>12420
Linux had a lot more forewarning of the bugs than the BSDs so patches were already in the works.



Endware Endwall 05/03/2016 (Tue) 08:54:28 [Preview] No. 32 [Reply] [Last 50 Posts]
Endware is a suite of programs geared towards internet privacy, security, and anonymity.

Endwall: endwall.sh is an iptables based firewall script designed to be implemented on any linux distribution shipped with iptables. endwall.sh is based on default drop policies, coupled with a novel strategy of passing packets on local host ports only for those enabled by the enduser. It comes with a variety of well used ports enabled with several additional port passing configurations available by uncommenting the script. It provides essential security to a new user.

Endsets: endsets.sh is a script that adds blacklisting and whitelisting functionality to endwall.sh. It depends on the program ipset. It is persistent on reboot if you enable ipset as a service. This is the recommended blacklisting tool for endwall if you are running a server or planning on opening up ports and services to the public and will require daily blacklisting of new incomming IPs.

Endlists: endlists.sh is a traditional text file list based blacklisting and whitelisting script. It has slow performance, and can't be updated on the fly. Good for <1000 ip subnets, very tedious and slow to run for more than that. Blocks the IPs by adding them as individual rules to the iptables ruleset. Works but not recommended for heavy duty on a server. May be useful for workstation use to block ip ranges if you are not opening up ports and services to public clients.

Endtools: endtools are a collection of scripts including alogz.sh, mlogz.sh, spamlogz.sh and iplookup.py. These scripts will help to service an enduser of endwall in adminstering endsets/endlists.

iplookup.py is a geoiplookup script written in python and requires python and pygeoip. It has simmilar functionality to maxmind's geoiplookup program and uses the maxmind *.dat files.

spamlogz.sh is a script that searches through log files to find flagged log entries flagged in endwall.sh, endsets.sh and endlists.sh.

alogz.sh is a daily log reading script designed to read the output of an apache http server's log output.

mlogz.sh is a daily log reading script designed to read the output of a postfix smtp server's log output.

Message too long. Click here to view full text.

197 posts and 3 images omitted.


Endwall 01/22/2018 (Mon) 07:36:07 [Preview] No.1103 del
>>1101

Go here for the latest files:

https://dist.torproject.org

$ wget https://dist.torproject.org/tor-0.3.2.9.tar.gz
$ wget https://dist.torproject.org/tor-0.3.2.9.tar.gz.asc

The Tor developers change their keys periodically so if this happens after you type

$ gpg --verify tor-0.3.2.9.tar.gz.asc

Can't verify because
blah blah no key for key ID #######

$ gpg --recv-key #######

Message too long. Click here to view full text.



Update Endwall 02/08/2018 (Thu) 05:09:51 [Preview] No.1106 del
Updates:
Proxyload is down again (I noticed this 2 weeks ago). They changed something with the website. I'll look at this next weekend.

I fixed some channels in endstream and added some stuff to endradio.

I spruced up rmpac-files so that the user just needs to capture the error output of pacman -Su, but doesn't need to edit the file as it will jump to the proper line automatically. It now asks you for deletion confirmation.

I also made a windows version of endstream called winstream as a batch file it's in prototype stage and works with the windows version of youtube-dl and mpv, it needs some sprucing up, but it's low priority. I made this to play news at school on the windows computers with the projector screens, it works well enough.

https://raw.githubusercontent.com/endwall2/endstream/master/winstream.bat

I'm bogged down with homework, so it might be a month or so before I do any more work on the products. Just thought I'd write something about the suite status.

Any product requests, complaints, bug reports comment below. Thanks.


Anonymous 02/21/2018 (Wed) 21:22:28 [Preview] No.1138 del
bastille linux
deep-6'd by the deepstate


Anonymous 02/22/2018 (Thu) 17:39:29 [Preview] No.1139 del
>>1138
Info?


Endwall 02/22/2018 (Thu) 21:09:07 [Preview] No.1140 del
>>1138
Please keep the commentary in this thread to Endware discussion. As this note might be falsely attributed to Endwall. I didn't write it.

I don't know anything about this information. I assumed it may have been a recommendation for me to try the Bastille Linux script or a notice about its status... I looked around and didn't find anything in the news about any status changes or problems with it... I'm not sure what this is about.

Please post information and notifications of this type in Online Security News, or in the Internet Security General. And possibly follow up with a link or source backing up the information. Thanks.



(328.19 KB 500x500 TAD.png)
/tech/ - Technology Anonymous 02/06/2018 (Tue) 21:45:11 [Preview] No. 12357 [Reply] [Last 50 Posts]
Welcome to /tech/, a technology board. This board is for discussion of computer technology, both software and hardware.

Previous thread: https://archive.fo/WxkDv

NSFW files are only allowed if they are spoilered.
All rules and policies are open for discussion in this thread.

IRC: #/tech/, #InfinityNow and #endchan on irc.rizon.net - https://qchat.rizon.net/
Secure Computing Practices Links: http://hjvx7xg3n4ejezmh.onion/
Wiki (OLD): https://wiki.installgentoo.com/
7 posts and 1 image omitted.


Anonymous 02/13/2018 (Tue) 00:01:02 [Preview] No.12393 del
>>12361 (me)
>>12384
>You have to be the change that you want to see in here.
Not the same guy but, good reply. I agreed.


Anonymous 02/20/2018 (Tue) 04:39:02 [Preview] No.12412 del
(468.63 KB 1700x1700 temple os is best os.jpg)
>>12384
I like that this board is /t/errytory. Gives it its own identity apart from /g/nuland.


Anonymous 02/21/2018 (Wed) 17:56:51 [Preview] No.12416 del
>>12384
You do understand license shitposters want to take over this board and making you remove stallman is just the beginning right?


betamax Board owner 02/21/2018 (Wed) 19:17:00 [Preview] No.12417 del
>>12416
You do understand there's no license to shitpost in The End℠ right?

There is no true objective winner in the license wars, every public or private license has its own purpose. Having Stallman or Terry won't change how people will always be triggered. If anything, people like you want to take over this board.

Provide me a competent image and have someone else here to agree with you in its implementation and do it ASAP but don't make me wait too long. However, this is really truly a non issue, but the real issue is that I will only allow just one more sticky image change. Get it right this time or I'll remind you all it's your guys' fault and I'll make a new sticky without any OP image and make it an official rule to not bitch about the sticky thread image posthumorously when there's no sticky image to even complain about.

Again, grow up, and if you think Terryposting is spam, report it.


Anonymous 02/21/2018 (Wed) 21:58:39 [Preview] No.12418 del
>>12416
>license
>shitposters
brainlet detected
there's more than to the debate than "hurr share your code without making other people share durr"
nobody is saying this



(9.07 KB 261x202 annoyed_tom.jpg)
FLOSS and licensing Anonymous 07/31/2017 (Mon) 16:22:43 [Preview] No. 10510 [Reply] [Last 50 Posts]
Hello /tech/,

I'm not so familiar with software licenses so I started reading about the subject. At one point the question 'How does one profit from floss software?' popped in my head and these are some articles I came upon (quite outdated, but they still have a point). So GPL prevents companies from making proprietary software with your piece of software. BSD, on the other hand, does not (that's the case with Apple's kernel). Turns out the only way a company can profit from GPL license is by donations, offering support, teaching or dual licensing. Dual licensing seems like the most used option.

https://www.linuxjournal.com/article/5935
http://sealedabstract.com/rants/why-the-gpl-sucks/

>But there is a net effect on software development. Who makes money off GPL code? We go back to Novell and Red Hat, who test and package this software. And we see a trend–GPL code helps software testers make money. It helps QA people. It helps the people who answer the support phones. It helps everybody except software developers. Oh, maybe Google will pay them a salary as a goodwill gesture. But it’s really, really hard to make money from developing FOSS. You can make money supporting it. You can make money testing it. But no money developing it.

So my question is - does free software actually benefit the developer?
10 posts omitted.


Anonymous 08/07/2017 (Mon) 16:17:27 [Preview] No. 10578 del
>The GPL makes it harder to make money.

That seems a little like saying that you're going to be hungrier because mom added a side of broccoli to dinner. The existence of GPL software adds to the options that you have if you are developing software and want to make money. I don't think it makes anything harder.

Perhaps the core idea there is that the GPL doesn't make it as easy to make money as a license that allows you to take someone's code and resell it as your own does. I agree with that. For example, the zlib license is easier to make money with than the GPL license because you can use it in a commercial product and not release the source. That doesn't seem like a reason for me to complain about GPL software that benefits me and sometimes does what I want in other ways though.

What's the bottom line beef here anyway? If you are opposed to GPL licensed code and, like me, don't include in your development projects when you don't want to release under GPL, then don't use it. Problem solved. I use it when it makes sense and I want to give code that keeps on giving away and I don't use it when it doesn't.


Anonymous 08/16/2017 (Wed) 01:29:12 [Preview] No. 10731 del
>>10510
>>10511
If making FLOSS software meant helping actual competent and interesting programmers and computer engineers/scientists, then I would disregard money for the most part. I don't believe individuals/groups make FLOSS software for profits in the first place, if they wanted profits, it would be more efficient to write proprietary closed-source software for large companies or massive groups of computer users.

There are plenty of benefits of being a FLOSS software developer:
>You are more likely to be recognized by FLOSS communities which tend to be populated with highly intelligent and competent individuals.
>You are helping fight proprietary, non-free, and closed-source software by distributing and creating FLOSS software.
>You can very easily use your own software to your advantage and have an extra highly strong layer of security by using your own software that wrote.
>Your software has a higher chance of being used in OS distributions and software bundles (Look at Chrome OS). If you don't like your software being used against your will, maybe it shouldn't be free and open-source in the first place.
>You are seen as a trustworthy person and will be useful in the fight against surveillance and unwanted data-collection.

It also seems to be a misconception that once can only program either FLOSS or proprietary software and not both. You can make some of your software FLOSS and other software proprietary.


Anonymous 02/19/2018 (Mon) 01:49:08 [Preview] No.12406 del
>>10510

You make the same mistaken assumption as everyone else.
Let me clear this up for you.
The cost to develop software is smaller than the cost of maintaining software.
Freedom software is a good way to find low/zero cost maintainers.
You're welcome.


Anonymous 02/20/2018 (Tue) 05:01:03 [Preview] No.12413 del
>>10510
>I'm not so familiar with software licenses so I started reading about the subject. At one point the question 'How does one profit from floss software?' popped in my head and these are some articles I came upon (quite outdated, but they still have a point).
I had similar concerns and so I did my own research on the matter. I found this one guy's 2006 blog who btfo GPL as far as I'm concerned.

http://antignu.blogspot.com/

>So my question is - does free software actually benefit the developer?
No. All of the suggested business models are pathetic and won't work long-term.

https://en.wikipedia.org/wiki/Business_models_for_open-source_software

It's as you say: you must provide support or dual license. What the FSF and OSI get wrong is that proprietary does not automatically mean closed source, and 'proprietary' is not inherently wrong. Here's a quote from Richard Stallman that shows a flaw in the design of GPL for making money.

>With free software, users don't have to pay the distribution fee in order to use the software. They can copy the program from a friend who has a copy, or with the help of a friend who has network access. Or several users can join together, split the price of one CD-ROM, then each in turn can install the software. A high CD-ROM price is not a major obstacle when the software is free.

https://www.gnu.org/philosophy/selling.html

Message too long. Click here to view full text.



Anonymous 02/20/2018 (Tue) 21:21:28 [Preview] No.12415 del
ttttttttttt>>12413
why should i pay for adobe products we have seen i.e. flash they cant code for shitttttttttttttttttttttttttttttttt



(26.35 KB 570x409 chip.png)
lowRISC: another year bites the dust? Anonymous 10/18/2017 (Wed) 05:41:40 [Preview] No. 11571 [Reply] [Last 50 Posts]
http://www.lowrisc.org/faq/

>When can I buy a lowRISC SoC?
>As with most tech projects, the most accurate answer is “When it’s ready”.
>We are expecting to crowdfund an initial instantiation of the lowRISC platform during the course of 2017.

I'm pretty sure the lowRISC FAQ said 2016 last year. It didn't happen, obviously, and it was changed to 2017, but we're running out of that, too. Ten weeks left, boys. Is a lowRISC SoC vaporware for another year?

At what point do we start looking to the J-x processors based on Hitachi's SuperH architecture? The last SH-4 patents are expiring this year.

http://j-core.org/roadmap.html
8 posts and 6 images omitted.


Anonymous 02/05/2018 (Mon) 04:21:48 [Preview] No.12347 del
>>11571
HiFive or whatever it was called released a dev board yesterday for $1000 dollars.


Anonymous 02/05/2018 (Mon) 07:59:14 [Preview] No.12350 del
>>12347
That's a dev board though, that's an investment for businesses looking to use the technology, not for enthusiasts.

I wonder, does anyone know why RISC chips always run so fucking hot? The heatsinks on the Talos machine are insane. How is it that x86 has gotten around this?


Anonymous 02/08/2018 (Thu) 22:01:56 [Preview] No.12365 del
>>12350
>why RISC chips always run so fucking hot
ARM is RISC and run really cold. I don't think that a issue is RISC. Power was constructed primarilly for servers, so it will have more cores running, more L1 cache entries, so on.
>How is it that x86 has gotten around this?
From what I know, adaptative methods. For example, the clock and voltage adapts to the need of the user.


Anonymous 02/09/2018 (Fri) 19:52:57 [Preview] No.12377 del
>>12365
That was a great reply, thank you.


Anonymous 02/20/2018 (Tue) 05:10:54 [Preview] No.12414 del
(130.38 KB 640x763 1517051241857.jpg)
>>12350
>dev board
>not for enthusiasts
it's exactly for enthusiasts, unless by enthusiasts, you mean the kind of enthusiast artist that buys Crayola instead of watercolor. HiFive is offering a modern computer, on an entirely new, unexploited platform, for us to program, all for a measly grand. The opportunity here is huge, and poorfags are gonna dismiss it just cuz it's not China cheap and includes proprietary parts.



(220.29 KB 1920x1080 1498596199651.png)
Anonymous 06/28/2017 (Wed) 14:13:05 [Preview] No. 8768 [Reply] [Last 50 Posts]
/g/ is building an OS
http://boards.4chan.org/g/thread/61110805

It's a riced out, gentoo based desktop distro
https://cloveros.ga/

Has a nice low ram footprint

irc.rizon.net #cloveros
91 posts and 37 images omitted.


Anonymous 02/15/2018 (Thu) 14:08:24 [Preview] No.12400 del
>>12385
Remove ACCEPT_KEYWORDS="**" from /etc/portage/make.conf

CloverOS iso now has wbar


Anonymous 02/19/2018 (Mon) 14:49:32 [Preview] No.12408 del
CloverOS GNU/Linux

Git: https://gitgud.io/cloveros/cloveros
ISO: https://cloveros.ga/s/CloverOS-x86_64-20180219.iso
Libre ISO: https://cloveros.ga/s/CloverOS_Libre-x86_64-20180219.iso
GPG: 78F5 AC55 A120 07F2 2DF9 A28A 78B9 3F76 B8E4 2805
IRC: #cloveros on irc.rizon.net
Twitter: https://twitter.com/cloveros_ga
Packages: 3514 https://cloveros.ga/s/packages.html
Rsync: rsync://fr.cloveros.ga/cloveros
License: WTFPL
Mirrors: https://useast.cloveros.ga https://uswest.cloveros.ga https://ca.cloveros.ga https://ca2.cloveros.ga https://fr.cloveros.ga https://fr2.cloveros.ga https://uk.cloveros.ga https://au.cloveros.ga
Validate ISO:

gpg --keyserver hkp://pool.sks-keyservers.net --recv-key "78F5 AC55 A120 07F2 2DF9 A28A 78B9 3F76 B8E4 2805"
wget https://cloveros.ga/s/signatures/s/CloverOS-x86_64-20180219.iso.asc
gpg --verify CloverOS-x86_64-20180219.iso.asc CloverOS-x86_64-20180219.iso


Anonymous 02/19/2018 (Mon) 15:49:17 [Preview] No.12409 del
>>12408
fuck it I'll throw it on a laptop



(28.29 KB 235x140 1491770426346.png)
Anonymous 12/10/2017 (Sun) 02:20:58 [Preview] No. 11890 [Reply] [Last 50 Posts]
Hi tech, i'm tired of windows.

I will go to linux, but I need know which linux i will usage.

I am in doubt between the backbox and Kali Linux, if you have more recommendations, I accept (debian priorizer).

I have a 4GB pendrive, is it enough to change the operating system?
20 posts and 1 image omitted.


Anonymous 02/15/2018 (Thu) 22:29:52 [Preview] No.12402 del
If you are not used to using Linux, I recommend starting with Ubuntu. Unless you have a very good reason, starting with a pentest-specialized OS like Kali or BackBox seems stupid - I don't see why anyone would want to use these for general purpose computing. If you are experienced with Linux or don't mind a very steep learning curve, I would recommend Arch Linux or Gentoo.

4 GB USB probably enough, some OS will require 8 GB.


Anonymous 02/15/2018 (Thu) 22:35:53 [Preview] No.12403 del
>>12402
OP might like parrotOS or Lionsec. Parrot has an everyday suite and is a pentesting distro. Same thing with Lionsec it is ubuntu with a shitload of tools.


Anonymous 02/16/2018 (Fri) 02:49:30 [Preview] No.12404 del
Get void linux


Anonymous 02/19/2018 (Mon) 06:18:36 [Preview] No.12407 del
Install gentoo. It's definetely worth the effort.


Anonymous 02/19/2018 (Mon) 16:57:10 [Preview] No.12410 del
>>11890
For anonymisation I suggest whonix
For penitration testing I suggest Backtrack 5r3
For personal use I suggest mint linux or arch linux
For linix hardware, if you want to leave microsoft i suggest System76
Or raspberry pi, pitop or piseed



Internet Security General Anonymous 04/16/2016 (Sat) 07:56:30 [Preview] No. 4 [Reply] [Last 50 Posts]
Continuing from >>>/tech/597
https://archive.is/INR3l
This is for non specific, general tips for anonymous web browsing and downloads, tips on browsers and browser configurations for the security concious that you don't want to make a new thread for.
75 posts and 6 images omitted.


Anonymous 02/15/2018 (Thu) 04:23:43 [Preview] No.1126 del
>>1119
Thanks for this, it's coincidentally at an opportune time and will be of use to a project I just started.
>ghostery phoning home
I did a quick sweep and didn't find anything, but I mostly skimmed. There's a few links I'm not too privy too and I didn't look deeper into any of the XMHL or send requests though, they're a mess.
https://pastebin.com/raw/czfymKNi
https://pastebin.com/raw/6mZmcSiH
IP greps bring back nothing of note: https://pastebin.com/raw/6mZmcSiH
https://pastebin.com/raw/puaX68W5
Did you make the image yourself? You can mess with the settings on most apps, repack them, and run them your way instead of having them screw with everything.


Anonymous 02/15/2018 (Thu) 06:51:46 [Preview] No.1129 del
>>1126
I didnt make the image I found it on one of the rebeccablack/tech/ archives. Ghostery I still never was crazy about because it is like noscript if it noscript was bloated and didnt work.
I always try and remember the addons I am missing when configuring a firefox fork and that was a good image to use back a year or 2 ago.
>You can mess with the settings on most apps, repack them, and run them your way instead of having them screw with everything.

That is something I will keep in mind because some addons stop working like "white noise generator" which did what "trackmenot" does but in a seperate window with tabs randomly switching to random webpages.

I have a few suggestions to add to the list
adnausium, dolus, tamperdata and http nowhere

if I did not lock the prefs.js I will use https://jm42.github.io/compare-user.js/ for about:config modifying.


Anonymous 02/15/2018 (Thu) 13:50:29 [Preview] No.1130 del
>>1129
>if I did not lock the prefs.js
I just read up on this. It seems like locking is temporary and all you need to do to reverse it, is delete the lockfile.
>I will use https://jm42.github.io/compare-user.js/ for about:config modifying.
These might be useful to you:
https://pastebin.com/pdEbeX1m
Full list of all prefs defined in Mozilla's source code for 52. Some of them are hidden/ i.e not set in about:config so there'll be no way to know about them. And: http://kb.mozillazine.org/About:config_entries
Is a nice util for quickly finding out what each does, and available settings.


Anonymous 02/15/2018 (Thu) 14:48:33 [Preview] No.1131 del
>>1129
And if you're using a beta version or one with a "MOZ_TELEMETRY_ON_BY_DEFAULT", telemetry is perma-on, so be careful.
firefox-52.0esr/modules/libpref/preferences.cpp


Anonymous 02/15/2018 (Thu) 18:05:59 [Preview] No.1132 del
>>1130
>>1131
Thanks I always got confused about that. But you can never be too sure with firefox even forks have things like

camera.control.face_detection.enabled

set to true on default.



Meta Thread Endwall 07/12/2016 (Tue) 12:03:36 [Preview] No. 171 [Reply] [Last 50 Posts]
Post any comments, concerns, or requests for the board in this thread.
Edited last time by Endwall on 07/12/2016 (Tue) 12:15:00.
24 posts and 6 images omitted.


Anonymous 02/11/2018 (Sun) 20:41:09 [Preview] No.1111 del
>>1108
Why do you do it? Considering you have "school," a life to live, why would you sacrifice your resources for all of this?


Endwall 02/12/2018 (Mon) 05:05:49 [Preview] No.1113 del
>>1111

Self defense primarily.

Read these threads the answer is in here:
https://archive.is/INR3l
https://archive.is/bpQXa

Anonymous 02/14/2016 (Sun) 00:10:59 [Preview] No. 1726
About the developer:
I will remain anonymous as best I can.
I am not a professional computer scientist or programmer.
I have other commitments and can't maintain a continuous development cycle, but will work on this project sporadically as I have ideas or as issues emerge.Help and assistance on ideas are welcome. Critique and criticism of my tools are also welcome. Positive and negative reviews of experiences using endwall endset and endtools are also welcome.Point out any bugs that you find in the code and or errors in logic or in style or implementation that you find in the script and I may modify it in a release upon review.

Anonymous 02/13/2016 (Sat) 06:51:33 [Preview] No. 1693
>>1687
1)My hope was to get some help with internet security by starting a thread asking for contributions of techniques and ideas. So far that's worked out pretty well. that ipsets thing has solved a major problem my server was running into. I'm glad I got that tip from here. Thanks >>1652 good work!

Message too long. Click here to view full text.



Endwall 02/12/2018 (Mon) 05:16:08 [Preview] No.1114 del
This entire board >>>/os/ is basically the last 30 mins of Star Trek 2: The Wrath of Khan, with Endwall in the staring roll as Khan, and Admiral Michael Rodgers in the Staring role as Captain James T. Kirk.

Endwall: "I spit my dying last spit at thee Rogers!!"
Admiral Michael Rogers: "ENDWAAAAAAAAALLLLLLLLLLLL!!!!!!!!!!!!!!!!!!!"


Anonymous 02/13/2018 (Tue) 21:59:58 [Preview] No.1118 del
>>1108
There we go.


Endwall 02/18/2018 (Sun) 05:49:07 [Preview] No.1136 del
>>1114

How I thought my computer privacy and security and anonymity was doing:
https://youtube.com/watch?v=e7X01_j_oDA [Embed]

How my computer security privacy and anonymity actually is:
https://youtube.com/watch?v=iPQfwmfRq2s [Embed]
https://youtube.com/watch?v=xrUEjpHbUMM [Embed]
Edited last time by Endwall on 02/18/2018 (Sun) 06:46:54.





Anonymous 07/09/2017 (Sun) 20:30:28 [Preview] No.9131 del
>>9130
Nice bump kiddo.


Anonymous 07/09/2017 (Sun) 20:30:39 [Preview] No.9132 del
>>9131
For what it's worth, there used to be some spam right before that post.


Anonymous 07/09/2017 (Sun) 20:31:31 [Preview] No.9137 del
>>9132
>>9131
>>9130
>>9129
>>9128
>>9127

You samefagging piece of shit.


Anonymous 07/13/2017 (Thu) 16:36:41 [Preview] No. 10371 del
bump


Anonymous 09/03/2017 (Sun) 18:59:34 [Preview] No. 11017 del
>>11009
>>11010
>>11011
Fuck off with your advertising and samefagging, cocksucker.



OPSEC Endwall 08/23/2016 (Tue) 01:08:39 [Preview] No. 357 [Reply] [Last 50 Posts]
Discuss best practices for operational security.
5 posts omitted.


Endwall 08/25/2016 (Thu) 20:19:17 [Preview] No. 405 del
Run minimal, if there is a zero day for one service say apache, but you also host your mail using postfix, depending on the severity of the exploit, your loose your mail security as well.

If your server doesn't need a package to do its job, don't install it. Run minimal for the same reason as above. Once the attacker gets in they'll have more tools to work with the more you install.

Run postfix and dovecot on one server, and httpd on another shut off port 25 143 on the apache server, and depending on your use case shut off port 80, input on the mail server, etc. Run with the minimum number of ports open for each service to operate.

I'm not an expert but these are just feelings about it. I'm not rich enough to host all of my services on different computers but if you are you should.


Anonymous 08/26/2016 (Fri) 12:05:12 [Preview] No. 419 del
>>405
That's why every sane program on Linux drops root privileges after binding to wanted network interfaces and such.

Local attacker could just download wanted code or use scripting. And I doubt tools attacker would want to bring is X11 apps.


Anonymous 08/26/2016 (Fri) 12:11:06 [Preview] No. 420 del
iptables is great.

There is "owner" module that allows controlling OUTPUT traffic on per user or per group basis. And if you use separate users for every service running just like you should, you can control every service with iptables. For example permit traffic going to internet for tor daemon user and permit only localhost traffic for everything else.

Tails already uses similar iptables setup.


Anonymous 12/24/2017 (Sun) 15:09:42 [Preview] No.1090 del
What about having a fileserver to share anonymously? Like an open directory. How to do this?


Anonymous 02/15/2018 (Thu) 04:33:27 [Preview] No.1128 del
>>1090
FTP has a default "anon" account, add to that no logging, some hardening, and messing with file and folder permissions, and you're good to go.



Compile Thread Anonymous 11/27/2016 (Sun) 20:44:39 [Preview] No. 692 [Reply] [Last 50 Posts]
Endwall guy should keep irrelevant compile instructions in this thread by editing the OP or edit the Sticky thread before purging said irrelevant posts in various threads. Just remind them to compile from source and redirect them to this thread.
9 posts omitted.


Anonymous 01/15/2017 (Sun) 22:04:32 [Preview] No. 797 del
is there reason to use torsocks over git's builtin socks5 proxy?

wouldn't it be better if you just register 127.0.0.1:your_tor_port as http.proxy and https.proxy variable by git config?

Not sure what revision of git your distro ships with but using torsocks should be considered depreciated hack for applications with builtin socks5 proxy support.


Reop from source Endwall 08/09/2017 (Wed) 22:53:08 [Preview] No. 999 del
Install REOP from Source
###############################################
$ mkdir -p ~/src
$ cd ~/src
$ endget --no-check-certificate https://www.tedunangst.com/flak/files/reop-3.0-snapshot.tar.gz
$ tar -xvf reop-3.0-snapshot.tar.gz
$ cd reop
$ ./configure
$ make
$ ./reop --help
$ cd ~/bin
$ ln -s ~/src/reop/reop reop
$ export PATH=$HOME/bin:$PATH
$ reop --help

Generate a key pair
$ cd ~

Message too long. Click here to view full text.

Edited last time by Endwall on 08/09/2017 (Wed) 22:57:34.


newfag 01/20/2018 (Sat) 11:21:06 [Preview] No.1102 del
>>707
do i need to run tor as:
tor_stable -f /usr/local/etc/torrc-defaults ?
or does it do that automatically?


Endwall 01/22/2018 (Mon) 07:47:47 [Preview] No.1104 del
>>1102

It should just work automatically. Start tor like this and read the console output

$ tor_stable &

It should say where it is reading the torrc and torrc-defaults from in the console output lines.


Anonymous 02/15/2018 (Thu) 04:28:39 [Preview] No.1127 del
>>1102
>>1104
Neat trick if you don't want your desktop littered with shells:

$ tor_stable &disown; exit;



Facebook new VPN shows what people do on their phones beyond suite of firm's apps Anonymous 02/15/2018 (Thu) 00:10:22 [Preview] No. 12399 [Reply] [Last 50 Posts]
>Facebook acquisition of Israeli mobile-analytics company Onavo (a VPN service)
>data show in detail how the social-media giant employs it to measure what people do on their phones beyond Facebook's own suite of apps.
>"Websites and apps have used market-research services for years," the spokesman said
>has been downloaded an estimated 24 million times

Oh heyyyy!
http://archive.is/r7GhC



(843.92 KB 1582x929 adblockerultimate1.png)
Chrome Addons Anonymous 12/10/2017 (Sun) 03:54:06 [Preview] No. 1075 [Reply] [Last 50 Posts]
A lot of browser addons or extensions claim to improve privacy and security. These include Ghostery, Disconnect and Privacy Badger along with a slew of others.

I think for most entry level computer users that those type of addons might provide something useful. To people who are more experienced with browsers and their extensions they seem like a gimmick or just fancy visual feedback. A lot bells and whistles with very little actual functionality.

What can really make surfing the internet a much safer experience? If we focus on HTTPS, SSL and Digital Certificates then we have a good head start. From there we can protect ourselves from ads that might lead to sketchy websites. We can beef up our passwords and add authenticators to our accounts. At the most zealous level we can disable javascript and flash.

The following extensions are for Chrome.

https://chrome.google.com/webstore/detail/adblocker-ultimate/ohahllgiabjaoigichmmfljhkcfikeof?hl=en

Adblocker Ultimate accomplishes the two jobs that all adblockers must. First it has to have a pretty good idea of what is undesirable content and what it is that users want to see or interact with. Also there are no false positives; Adblocker Ultimate pretty much never identifies images or other website content as ads when they aren't.

The extension is also easy to turn off. You can disable it entirely or just for a webpage. The function that allows you to add new blocked elements works extremely well.

https://chrome.google.com/webstore/detail/authy-chrome-extension/fhgenkpocbhhddlgkjnfghpjanffonno?hl=en

Authy integrates authentication into the browser. I have not personally used this extension. The use of authenticators is extremely powerful security wise. I prefer to use my phone and download apps that have authenticators because I see having two different pieces of hardware as more secure than an application running beside another on the same device.


Anonymous 12/10/2017 (Sun) 03:57:48 [Preview] No.1076 del
https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp?hl=en

HTTPS Everywhere forces connections on websites to be made through HTTPS instead of HTTP. I have seen a number of times where a website's homepage will have HTTPS enabled but some other portion will not be encrypted through HTTPS.

https://chrome.google.com/webstore/detail/kb-ssl-enforcer/flcpelgcagfhfoegekianiofphddckof?hl=en

KB SSL Enforcer redirects the browser to use SSL/TLS.

https://chrome.google.com/webstore/detail/keeper%C2%AE-password-manager/bfogiafebfohielmmehodmfbbebbbpei?hl=en

Keeper Password Manager is by far one of my favorite addons. It does a perfect job of saving usernames and passwords. It allows for the easy generation of new passwords that are extremely secure. The features that it offers for free are top notch.

https://chrome.google.com/webstore/detail/pop-up-blocker-for-chrome/bkkbcggnhapdmkeljlodobbkopceiche?hl=en

Poper Popup Blocker is effective and consistent about blocking popups when the browser and adblocker fail to do so.

https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf?hl=en

Message too long. Click here to view full text.



Anonymous 12/10/2017 (Sun) 04:18:38 [Preview] No.1077 del
If you don't trust password managers then I suggest using a solution like pass the unix password manager.

https://www.passwordstore.org/

Also you can just generate passwords with password card and last pass.

https://www.passwordcard.org/en
https://lastpass.com/generatepassword.php


Endwall 12/14/2017 (Thu) 04:06:42 [Preview] No.1081 del
>>1035

I don't endorse google chrome, and generally avoid any products and services produced by this company if you want to maintain computer and internet privacy and security. Their entire business model is to invade your privacy and sell the information to advertisers and to the government. Avoid all of their products if possible.

That said I'm sure this thread might be helpfull to windows users. So go ahead and start a Windows 7 security thread as well.


Anonymous 02/14/2018 (Wed) 14:30:23 [Preview] No.1121 del
https://chrome.google.com/webstore/detail/ipfuck/bjgmbpodpcgmnpfjmigcckcjfldcicnd?hl=en-US
''IPFuck generates random IPs and fake the use of a proxy with HTTP headers.
It can make you anonymous on several websites.''

https://chrome.google.com/webstore/detail/trackmenot/cgllkjmdafllcidaehjejjhpfkmanmka?hl=en-US

TrackMeNot is a lightweight browser extension that helps protect web searchers from surveillance and data-profiling by search engines. It does so not by means of concealment or encryption (i.e. covering one's tracks), but instead, paradoxically, by the opposite strategy: noise and obfuscation. With TrackMeNot, actual web searches, lost in a cloud of false leads, are essentially hidden in plain view. User-installed TrackMeNot works with the Chrome Browser and popular search engines (AOL, Yahoo!, Google, and Bing) and requires no 3rd-party servers or services.


https://chrome.google.com/webstore/detail/automated-free-proxies-di/ojjklffhhhfpeaelghfocilljceokage?hl=en-US
''
CIAO identifies trusted and working free proxies using its own community. CIAO is instrumented to collect anonymous data about proxy performance and behavior (e.g., amount of data downloaded, page download duration). This data is reported to our servers as an input for the proxy selection algorithm. To bootstrap this process, our servers discover free proxies by crawling proxy aggregator websites. Each proxy is then tested daily to verify reachability, performance, and behavior. ''
(useful for sites like mega.co.nz)

https://github.com/dhowe/AdNauseam/wiki/Install-AdNauseam-on-Chrome-Without-Google‘s-Permission


Anonymous 02/14/2018 (Wed) 17:09:12 [Preview] No.1123 del
I would recommend getting the binary, or compiling yourself, a Firefox 52 ESR. ESR/Nightly/Dev builds have extra features that regular versions don't. Such as installing non-Mozilla signed apps and more about:config options.

https://www.mozilla.org/en-US/firefox/organizations/

I would also recommend using this doc to mess with your settings in about:config. It's not a comprehensive list (I've yet to be able to spoof my vendor), but it has enough where you can work towards making yourself camouflaged. Using this site

http://kb.mozillazine.org/About:config_entries

You can check more in-depth stats about what your browser is giving off. Like, even if you resize your window, your browser still tells websites your native resolution.

https://browserleaks.com/

And HTML5 canvas is one of the best ways to track you, considering it generates a near-unique signature for users. For this, you should use this and set your settings to "fake readout API" and "constant" for random number generation. This will help blend you in with the rest of the user info. Turning it off is almost as bad as having it on, because that in and of itself is a unique fingerprint.

https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/



(79.04 KB 768x576 X.jpg)
Anonymous 02/09/2018 (Fri) 04:51:26 [Preview] No. 12366 [Reply] [Last 50 Posts]
If Windows is such a shitty operating system, why do police officers use it to write reports?

Checkmate /tech/.


Anonymous 02/09/2018 (Fri) 05:21:57 [Preview] No.12368 del
>>12366
I actually like the old Win 95, Win 2000 and XP platform. As long as its not online 24/7 its not a bad OS to have. Sure does have its security flaws like every other OS.

On the other hand... Win 10 I would not touch with a ten foot pole.


Anonymous 02/09/2018 (Fri) 19:49:57 [Preview] No.12375 del
>>12366
>If Windows is such a shitty operating system, why do police officers use it to write reports?
So they can make sure the police aren't writing reports full of wrong think.


Anonymous 02/09/2018 (Fri) 23:32:20 [Preview] No.12380 del
Software support. Most UNIX-like systems lack support for mainstream tools that these guys need. Also, the US government has contracts with Microsoft, as well as universities.
The server running the services from police is most likely a gnu/linux or BSD system.

Some sensitive groups in inteligence agencies don't use Windows because of security, just the 'normal' police.


Anonymous 02/10/2018 (Sat) 01:52:15 [Preview] No.12381 del
Unix/Linux won everywhere (servers + mobile platforms) except for desktops because people expect desktops to do everything from interfacing 20 year old printers to running the latest games.


Anonymous 02/12/2018 (Mon) 20:24:54 [Preview] No.12392 del
I think its more of the fact that its the default os with toughbooks. They can set it on their car and see the screen in full daylight.



Wireless transmitter inside Lenovo AC Adapters Recording your charging habits Anonymous 02/11/2018 (Sun) 22:35:59 [Preview] No. 12382 [Reply] [Last 50 Posts]
FAKE ASS MOTHERFUCKING NEWS, never really existed https://web.archive.org/web/20170515000000*/https://computersdaily.com/

A group of hardware hackers came across a small transmitter inside Lenovo AC Adapters, that when turned on, would send signals to your computer which would then send data to Lenovo about your charging habits on February 9, 2018.

The application that allowed this to work is included in all Windows 10 operating systems that come pre-installed on Lenovo computers and has supposedly been this way for eight months.

When asked about the purpose of these chips, Lenovo stated that they were to create better computers and help with power reduction in specific situations, and also acknowledged that these chips are in no way malicious and will never be used for malicious purposes.

https://computersdaily.com/2918/hackers-find-transmitter-acadapter-lenovo/
(USER WAS BANNED FOR FAKE NEWS)
Edited last time by _ on 02/13/2018 (Tue) 13:44:36.
2 posts omitted.


Anonymous 02/12/2018 (Mon) 14:36:15 [Preview] No.12388 del
>>12386
>bacdoored cpu enough
Supposedly they worked a backdoor into RAM modules but it was a report that I came across many months ago.


Anonymous 02/12/2018 (Mon) 16:01:22 [Preview] No.12389 del
>these chips are in no way malicious
>and will never be used for malicious purposes

good guy lenovo, everyone!


Anonymous 02/12/2018 (Mon) 16:57:30 [Preview] No.12390 del
>>12388
Just fucking inset a chip into my dick already.


Anonymous 02/12/2018 (Mon) 19:36:33 [Preview] No.12391 del
I want off this fucking ride.


Anonymous 02/13/2018 (Tue) 13:16:28 [Preview] No.12395 del
>https://computersdaily.com is a parked domain
fake news, no archive link.



(729.82 KB 1280x1903 anzu1499482941980.jpg)
Bruce Perens Wants to Anti-SLAPP GRSecurity's Brad Spengler With $670,000 in Legal Bills the hacker known as 4chan 02/10/2018 (Sat) 13:29:03 [Preview] No. 50 [Reply] [Last 50 Posts]
Having defeated a defamation claim for speculating that using Grsecurity's Linux kernel hardening code may expose you to legal risk under the terms of the GPLv2 license, Bruce Perens is back in court.

This time, he's demanding Bradley Spengler \u2013 who runs Open Source Security Inc and develops Grsecurity \u2013 foots his hefty legal bills, after Spengler failed to successfully sue Perens for libel.

Perens, a noted figure in the open source community, and his legal team from O'Melveny & Myers LLP \u2013 as they previously told The Register \u2013 want to be awarded attorneys' fees under California's anti-SLAPP statute, a law designed to deter litigation that aims to suppress lawful speech.

That deterrence takes the form of presenting unsuccessful litigants with the bill for the cost of defending against meritless claims.

"Plaintiffs Open Source Security, Inc. and Bradley Spengler sued Defendant Bruce Perens to bully him from expressing his opinions that Plaintiffs' business practices violate Open Source licensing conditions and to discourage others from expressing the same opinions," Perens' latest filing, submitted to a US district court in San Francisco today, declared.

"Rather than allowing the public to judge Plaintiffs' contrary opinions through public debate, Plaintiffs tried to 'win' the argument on this unsettled legal issue by suing him."

[...]

Perens is asking for $667,665.25 in fees, which covers 833.9 hours expended on the litigation by numerous attorneys and a $188,687.75 success fee agreed upon to allow Perens to retain representation he might not otherwise have been able to afford.

http://perens.com/2018/02/08/bruce-perens-seeks-mandatory-award-of-legal-fees-for-his-defense-in-open-source-security-inc-and-bradley-spengler-v-bruce-perens/

Message too long. Click here to view full text.



the hacker known as 4chan 02/10/2018 (Sat) 13:31:20 [Preview] No.51 del
(87.34 KB 640x960 anzu1499483608915.jpg)
Thoughts on this, /g/?

Who started all this, also?



Apple's iPhone Source Code Leaks Out, Hackers Can Now Steal Everything You Have On Your iPhones /news/ 02/09/2018 (Fri) 05:04:15 [Preview] No. 12367 [Reply] [Last 50 Posts]
Disregard this faggot, he can't even post the goddamn link to the article to make people reply to the /news/ thread while having a slightly misleading subject line (goes to show the OP is very much so technology illiterate). Just read the article for yourself.

Update: this sums it up better https://archive.fo/n4ce0 https://www.bleepingcomputer.com/news/apple/apple-iboot-source-code-leaked-on-github/
Edited last time by _ on 02/09/2018 (Fri) 06:36:26.
4 posts omitted.


Anonymous 02/09/2018 (Fri) 18:39:17 [Preview] No.12373 del
This spent a whole year on reddit and no one saw it because the poster had zero attention whoring karma. Reddit is such a fucking echo chamber full of faggots jerking each other off they didn't notice the leak of the decade. I fucking hate reddit so god damn fucking much.

On topic: this could result in some awesome hacks, however I hear this will be exploits only as the hardware won't allow a custom bootloader or something?


Anonymous 02/09/2018 (Fri) 19:26:31 [Preview] No.12374 del
>>12369
Don't worry. It will be the last piece of news I ever post here, I promise! No courtesy or respect to those who want to contribute? Au revoir!


Anonymous 02/09/2018 (Fri) 19:51:11 [Preview] No.12376 del
>>12372
>iBoot-master
Is this snapshot all that was leaked? Or was there repository history as well?


Anonymous 02/09/2018 (Fri) 20:03:34 [Preview] No.12378 del
>>12374
Calm down dear, you know exactly what you did, directing traffic to /news not saying anything's wrong with that, an archive link would have been nice. Thanks for posting anyway.


Anonymous Board owner 02/09/2018 (Fri) 22:48:16 [Preview] No.12379 del
>>12374
You didn't heed my warning the last time in >>12294 which that last stunt was just terrible. The first thread you've made was okay, but the previous thread you made at least had the fucking link. This is really my extended warning in not deleting your overly sensationalized drivel immediately at sight. You have contributed essentially nothing of use, nor to this very thread. I honestly prefer desktop threads over your pathetic attempt at technology journalism when you yourself don't understand what you're saying. I'm going to lock this fucking thread too, please don't come back.



(146.23 KB 800x600 DSCN1845.jpg)
Anonymous 02/04/2018 (Sun) 04:40:31 [Preview] No. 12338 [Reply] [Last 50 Posts]
I must say, I enjoy utilizing old operating systems such as Windows 95/98, the lack of bloat and low resource usage really appeals to me.

What would you like to see me install on a 32-bit 64 Megabyte of RAM machine?


Anonymous 02/04/2018 (Sun) 04:50:34 [Preview] No.12339 del
Windows for Workgroups, 3.11.


Anonymous 02/04/2018 (Sun) 04:53:28 [Preview] No.12340 del
>>12338
>>12339

PS: Don't forget Trumpet Winsock!


Anonymous 02/04/2018 (Sun) 19:01:29 [Preview] No.12343 del
Freedos with Win3x on top and some cool dos games. Keen, GTA, Dungeon Keeper and Fallout1 should all play fine.


Anonymous 02/06/2018 (Tue) 22:14:43 [Preview] No.12359 del
Any updates op? I would also like to see it run debian potato.


Anonymous 02/06/2018 (Tue) 22:46:42 [Preview] No.12360 del
>>12359

Redhat Linux 3.0.3



(292.67 KB 450x399 RMS.png)
/tech/ - Technology Anonymous 01/03/2016 (Sun) 17:52:28 [Preview] No. 125 [Reply] [Last 50 Posts]
Welcome to /tech/, a technology board. This board is for discussion of technology, both software and hardware.

Wiki: https://wiki.installgentoo.com/
IRC: #/tech/, #InfinityNow and #endchan on irc.rizon.net - https://qchat.rizon.net/

NSFW files are only allowed if they are spoilered. Tech support, consumer advice and desktop/ricing threads are all allowed for now.

All rules and policies are open for discussion in this thread.

Related boards:
>>>/cyber/ - Cyberpunk & Science Fiction
>>>/lv/ - Libre Vidya
>>>/markov/ - bot hell
>>>/os/ - Online Security
>>>/t/ - Torrents/trackers
Edited last time by ring on 06/14/2017 (Wed) 23:18:55.
280 posts and 64 images omitted.


betamax Board owner 02/04/2018 (Sun) 20:28:15 [Preview] No.12344 del
>>12328
SOON™


Anonymous 02/06/2018 (Tue) 08:57:31 [Preview] No.12353 del
(328.19 KB 500x500 TAD.png)


Anonymous 02/06/2018 (Tue) 09:10:35 [Preview] No.12354 del
>>12326
I would recommend the lower case omega symbol but it kind of looks like an ass.


Anonymous 02/06/2018 (Tue) 21:01:19 [Preview] No.12355 del
Mod, stop this spam, please >>12345


betamax Board owner 02/06/2018 (Tue) 21:26:47 [Preview] No.12356 del
>>12328
You were beaten by >>12353 sorry m8.

>>12355
Use the report function.

Locking this thread, going to make another.