/Fucko/ General Thread v0.?.? (long time no see?)
"Get on the ground, fucko! Squad, take his computer and all other electronics!"
This edition:
Hardware: Secure hardware. Helpful hardware. YubiKeys. Offensive/defensive hardware. How to buy hardware anonymously? Routers
ITT:
>Computer security
>Home security
>online privacy
>PC and data destruction methods
>How to hide questionable images, video, audio, etc. (stenography)
>What to do in case squad ever actually breaks down your door
>But I dont have anything to hide :^)
chronicle.com
>If you have done nothing wrong you should have nothing to hide.
If I've done nothing wrong there's no reason to search me.
>LiveUSB/LiveCD Review v1.1
pastebin.com
>Web Posting Assessment v.2
imgur.com
>TrueCrypt 7.1a [Last official release]
grc.com
istruecryptauditedyet.com
>Anti-Forensics - Leave no Trace [Windows]
imgur.com
>The paranoid #! Security Guide
pastebin.com
>Fake info Generator
fakenamegenerator.com
>Pretty Good Privacy [PGP]
gpg4usb.org
gnupg.org
>Off the Record messaging [OTR]
otr.cypherpunks.ca
>Camera Software
sighthound.com
ispyconnect.com
>Cell Phone guide for Protesters
eff.org
>Team 1: #Squad
pastebin.com
>Team 2: #squad
pastebin.com
>/fucko/ squad irc
#Fucko @ irc.rizon.net
All and any supportive comments, template contributions, are welcome and encouraged. NSA shills need not apply.
Lastest template i found here:
pastebin.com
Previously on /Fucko/:
Security of truecrypt, stenography, told "i-don't-need-security-:^)"-fags and much more.
/fucko/ General Thread - Security, privacy
Other urls found in this thread:
chronicle.com
web.archive.org
papers.ssrn.com
aclu.org
wired.com
mic.com
uwec.edu
webcitation.org
youtube.com
12bytes.org
www80.zippyshare.com
github.com
arstechnica.com
en.wikipedia.org
wiki.gentoo.org
action.aclu.org
twitter.com
Forgot about the squads. I'll use this one tho.
>pic related it's for me forgetting about this
Some more useful info
Very nice thanks user!
How is stenography used in privacy matters?
how secure would this online backup solution be?
>self hosted nextcloud
>FDE
>individual user encryption
>hosted through a VPN
...
Hiding your sensitive data in regular looking files is pretty useful no?
E.g. storing your keepass database on a cloud storage provider but without them knowing its a keepass database?
How would you set up a drive to nuke itself after only one misspelling of its fairly simple password?
>But I dont have anything to hide :^)
chronicle.com
Does anybody have a copy of this article? Fucking paywalls.
I'll try to find it for you hang on.
got it.
web.archive.org
Fucking retarded paywall that is...
You could get a good door and keep it locked like a normal person.
Burglar-proof doors (idk what americunts call them) are proven to be completely ram resistant.
Always depends on your threat model. Hard to say without stating your goal. Are you hosting it to anons you don't know? To very close friends? To family? What kind of info will they store on it?
Archive.org doesn't have it, get the PDF from here:
uwec.edu
threat model is hackers/thieves, hosting it for myself and close friends, I'll be using it to share files with anons on Sup Forums though (hence the VPN) I'd have no way to know could be anything from pictures of dogs to bomb schematics
And the original article published in 2011:
wtf they had it literally half an hour ago. God dammit should have screenshotted. Shit they must have updated it to not show now. Found it there on a date around 2011 i think.
Also, "Why Privacy Matters":
youtube.com
One of the best presented and most concise talks about privacy in today's world that's ever existed, by Glenn Greenwald
God i love it when i don't close a tab. Screenshoting it now. hang on!
And also for Firefox users (if you're not using Firefox then fuck you and your privacy because that's about how much you care about it):
12bytes.org
Just updated within the past 24 hours as well, it get regular updates whenever something useful is discovered.
I use social media to promote my business, but I also heavily care about privacy (I even run a systemd free distro on my laptop).
I'm thinking of getting a new phone with either Sailfish OS or Copperhead OS and carry it around in a Faraday bag. What do you think?
see told yah they had it
>59015802 is the original article word for word.
That copy-pasta left off the 1/ at the end hence it didn't work, and yes it's still cached there.
Oh thanks didn't notice.
ooh damn i'm a retard. Sorry about all this :/
I think you don't seem to realize that there is no privacy anymore, and carrying a smartphone in a Faraday bag or whatever kinda defeats the purpose. At some point you're going to need to remove it and make use of it and as soon as that happens you're vulnerable, regardless of whatever 'secure' OS it is supposedly running.
Nothing is secure anymore, nothing is private, especially if you have to connect to the Internet in any way, shape, or form - everything is monitored and can be traced back to you at some point in time, anonymity is a myth anymore if some TLA decides to focus on you.
What firewall do you use at home? I've been using a Checkpoint 600 appliance w a license for a year for the past ... Year. Work wants it back now. Thinking ubiquiti?
Do you have a phone? Is there any mobile phone you would recommend?
And are you saying you believe there is no internet privacy whatsoever, even outside the world of mobile devices?
Well, here is it anyway. Enjoy the read! Save and share. :-)
You could just offer up the entire book itself, like so:
Any tips on what router I should buy? Obviously should be flashable with DD-wrt or the likes.
Do combined 4g/wifi routers with battery exists that have this possibility?
Ah thanks man! But for the uninitiated the article is a good start i think.
bbuuump
Whats some cool shit to check out on freenet?
if you're asking, you shouldn't even care about "cool stuff".
Thanks! But I also would love to have a simpler one that I can show to normies and convince them, do you have something like that?
I'm starting to wonder if ">install Kali" should become the ">install Gentoo" of security threads.
>install Kelly
Secret stach and the fantasy freesite are good
Personally I'd rather go hardened gentoo over kali from a defensive standpoint.
Thinking about slamming SE Linux on a toughbook good idea bad idea?
or should I go for tails persistently on an SSD
I hear vising the TAILS website puts you on an instant watch list.
What happens then?
I imagine that there are varying levels of surveillance.
For example - everyone, regardless of who they are, is part of the all-encompassing botnet. All text messages, ISP logs, general information is held at one level.
Then, you got guys who would warrant slightly more watching. People who have the awareness of Sup Forums, voat, reddit? Maybe use linux? They are probably on a list that is slightly higher. We aren't being actively monitored, but now we are getting there.
A guy who uses Linux and browses Sup Forums? Who is aware of privacy/security based operating systems? Who doesn't have a facebook? Who maintains a limited online presence? Who watches porn? Everything about him is probably being retained now, but you still aren't a person of interest. I imagine at this point they simply maintain everything you do on record, so that in the future SHOULD you become someone they wish to look into, then they will be able to go back and scour through everything you've done using the algorithms they have developed.
No matter who you are, assume that you are already on a list. What we are uncertain of is the level of intrusion that we are subjected to. For sure though, not exaggerating, Sup Forums merits being on a list, I'm not trolling or anything I really can't express that enough
Get a phone with sdcard backdoor. For example huawei ones look for dload/update.app during boot - github.com
You can just rip those from internal phone ROM, and modify the squashfs image of /system slightly so that fstab mounts sdcard partitions to /cache and /data (running whole system off sd is possible too, but a bit involved to bastardize the rom for it). Repack kernel and new image as update.app, put the card in, start the phone and there it is - a removable boot drive for your phone. Remove the card, and its back to original.
I did this mainly because the sdcard image is rooted and heavily customized, while the internal rom is the original vendors (to not void warranty, as the local suppliers are fags about if you RMA a brick and there's a modified ROM). But as a side effect, this way you get perfect plausible deniability at airports by simply ejecting the sd card. Without it, the phone is pretty much stock, with no indication that entirely different world exist on some card that isn't there.
Sorry, I completely realize that I failed to answer the main part of your question
yeah, just visiting the site is instant watchlist. same for cubes
ALL deep web traffic is stored so it can be decrypted when quantum computing happens
Still have to crack each stored connection individually to learn anything useful Needle in haystack.
Know any other chink brands which do this with unlocked bootloader?
Anyone can guide me on picking a router?
I mean it's basically the first device that protects you right so makes sense to have it in this threat no?
What do I do if there are a bunch of accounts that I no longer use and don't know the password or don't even remember that they exist?
Also does Google delete everything? How they know how many accounts and shit you have?
Who is to say that they don't analyze your data for that already? You cucks made it mainstream enough that would warrant such precautions
Do you even know what stenography is?
Nigger kikes want mass surveillance so they can profit more for Israel
Yes, I think you mean steganography, which is also detectable with a little scrutiny
buy one which can run openwrt. if you're too normie to run GNU/Linux on elcheapo proprietary chinkbox, buy Turris which is basically the same, but comes preconfigured with paranoia defaults and normie web interface, yet still decent hardware for the buck.
Stock firmware is trash. All of it. It's poorly secured and rarely updated because companies making no-sharp-corners plastic boxes for the consumer market know that good security is expensive, and an ongoing commitment. They don't want to pay that expense, since 99% of consumers don't know or care about security, and so of course they won't pay for it. Also the company has made all the money they'll ever make from the device as soon as its sold, so they don't want to go on providing patches and new firmware for the thing for years. That's expensive.
So at a very minimum you want something that you can flash OpenWRT on. You can also take the crappy device out of the loop by putting it in dumb access point mode, and having something else do the routing, like a computer running pfSense.
Do you understand what selinux and tails are? They do completely different things.
A good access control system is essential if don't want your web browser to have full read write access to all the files your user has.
Been waiting eons for basef op and his thread. Thanks
This
I think about /fucko/ everyday. papa bless OP
>using the smiley with a carat nose
>quoting the smiley with a carat nose
The fuck is SE Linux?
NSA Security-enhanced Linux is a set of patches to the Linux kernel and some utilities to incorporate a strong, flexible mandatory access control (MAC) architecture into the major subsystems of the kernel. It provides an enhanced mechanism to enforce the separation of information based on confidentiality and integrity requirements, which allows threats of tampering and bypassing of application security mechanisms to be addressed and enables the confinement of damage that can be caused by malicious or flawed applications. It includes a set of sample security policy configuration files designed to meet common, general-purpose security goals.
Isn't it sort of pointless to try to protect your computer against no-knock raids? I was always taught that physical access to a computer means all the data will be eventually compromised
I know what SELinux is. You will note the lack of a space between E and L. You will also note that it's not a Linux distribution and, as such, the concept of "slamming [it] on [sic] a toughbook" does not make any logical sense.
If the account has been dormant for years then what does it matter, autismo?
Remember kids, if you're in America, you'd better have hidden volumes in all of your hard drives or you're going to get fucked.
Because they still exist and can be viewed, especially something like a Facebook.
You cannot claim that 100% fail safety is possible. On any system for that matter. Case in point:
en.wikipedia.org
With that said, this defeatist attitude is literally psyop, as in: don't even try you cannot win.
Pro tip: you can have enough safety, to live a worry free life, provided you have a shred of intelligence and willingness.
Pro tip 2: You can win.
the lesson of this is that if the authorities take an interest in you personally and know who you are, you've lost. You need take precautions against that ever happening, not rely on anything to save you once it does.
You need to do both. Staying out of sight is the most important thing, but it doesn't always work out.
Gentoo hardened + grsecurity+PaX + SELinux with strict setup, wiki.gentoo.org
what is the point of your post?
Are you mentally retarded or just a fucking idiot?
Just a fucking idiot, I'm afraid. I can't seem to figure out what you're trying to tell us.
Just droppin that there
htll dot info
True?
the thing that makes cracking conventional passwords easy is that people are very non-random. They're very likely to make the first character a capital letter, much more so than other characters. They usually tack on numbers at the end. If the numbers are in the middle it's probably an l33tsp34k style substitution, etc.
Thing is, passphrases don't really solve this very well. Ask people to string together some words and they won't pick random ones, they'll pick something memorable. It stands a good chance of being something that makes sense as an English phrase or sentence. There goes most of your entropy, right off the bat. Rhymes are a good guess, as are song lyrics, famous quotes, etc.
The only thing that'll stand up to a guy with hashcat and a rack full of GPUs is something that's actually random, and long enough to blow up the number of guesses needed into huge numbers. "cp98rre12vfnXeG6wizHJz+A" is not in any danger. Of course it's impossible to remember. So what though, we have password managers. Its our attempts to maintain passwords that we can store in our heads, instead of in an encrypted file, that's making them all so ridiculously insecure.
>don't use Oxford commas
Why?
No, dictionary attacks are a thing.
Eh, yes and no. Yes because the people who take that advice will have a password like that anyway, and longer is always better. Randomxd sentences like that especially, since it would be more difficult to guess what the next word might be through looking at common usage. A lot of master password sections of key manager guides for normies recommend exactly that.
No, because it will never be remotely as strong as an equally long random string with a character set of 90+ (ie letters both caps and lowercase, numbers, and symbols) instead of 26-62 (letters and maybe numbers only).
I think it was a joke since that statement followed an Oxford comma
Maybe. From what I can tell, I'm not sure if this accounts for dictionary attacks.
You can treat each word in the English Language to be 1 bit in a dictionary attack. If you limit your guesses only to include real words the amount of combinations is possibly reduced.
I am incapable of doing the math to figure out by how much :/
useful only if you use a dead language like ancient sumerian
well you determine the possible combinations by taking the length of a password and raising it by a power using the number of characters.
So if you have a 6 letter password, all lowercase, it would have 6^26 possible combinations.
If you applied this to a sentence, it would be (number of words in the sentence) ^ (number of words in the dictionary), so a 6 word sentence would have 6^180000 possible combinations.
That's before you get into capitalization, punctuation, participles, all those permutations like 7 instead of t, etc.
I'll give you a webm for the next thread
"I'm sorry, sir, you have to give me your computer's password before you are allowed past the checkpoint."
wat do?
plead the fifth, as the american constitution protects against self-incrimination
That's backwards you donkey. It's charset^stringlength
>6^26
Wrong. With my PC that would take roughly 80,000 years to brute force.
It's actually 26^6, which would (and does) take only a fraction of a second to brute force with something like ophcrack.
want to encrypt my hdd but bitlocker doesnt come with my windows version
3rd party doesnt let me encrypt without reformatting the drive or do it easily on hdd with partitions
why bother. make it easy or I'm just going to leave it be
>using Windows
>Trusting Bitlocker
What are some good alternatives to google docs?
>Devuan GNU/Linux
>encrypted SSD
>vanilla torbrowser installed
>firefox-esr w/ uMatrix, uBlock Origin, HTTPS everywhere.
>planning to install dnscrypt
Smartphone-wise (I know smartphones are a no-no):
>LineageOS
>encrypted
>no GApps, no microG either
>95% of apps from f-droid
>dnscrypt installed and operational
Am I doing okay? (spare me the smartphones are massive botnet speech - I realise this completely).
Correct me if I'm wrong, but wasn't there some retarded court ruling that said that surrendering passwords doesn't count as self-incrimination? Could've sworn I read about that somewhere.
action.aclu.org
DRUMPFT BTFO!!!
uMatrix or No Script?
No Script
Need advice please. I travel a lot so I need a smartphone were I can read and edit my documents, write email, great battery life and secure. Security is really import for my job. What should I buy?
TrueCrypt or VeraCrypt? Which is more secure, and why?
veracrypt
truecrypt is obsolete