/cyb/ + /netsec/

anyone wanna raid a megacorp

I am not elite enough ;_;

>Level 2: Don't save your passwords on a plaintext or in some "cloud" service like lastpass, create and remember one good main password and use KeePassX (and I mean the one with an X) and use the option to generate the rest.

i get really irritated when people who are half-proficient in tech get on a rant about how great last pass is and how much stronger it is than regular passwords. there's just so much wrong with the idea of giving all your passwords to a password company. it'd be different if it just encrypted them on your own machine

As I once see in a cyberpunk documentary using a little satire can help a cyberpunk to express itself. And whenever someone on Sup Forums recommends lastpass or something like it I use a pic like this.

What's the deal with all these skill-less wimps on Sup Forums? You talk so much about netsec, programming and your Hollywood sponsored cyberpunk bullshit but I've never seen any of you fools do some real hacking.

Get some hacking skills and stop barking like dogs, it's pathetic

lol! i really, really like this one. mind if i save it?

If you know python, ruby isn't too far away in terms of syntax. Go ask /dpt/ or /sqt/ for more info.

You won't really have many safe channels to talk shit like that anymore (everything gets down immediately). There was this french chat that was like popular some years back, is down too.

sure thing m8

>my entire career is the same as cyberpunk
Cool I think

how's the pay? i'm kind of split between software development and security. you never really hear about security jobs, not at my university at least. right now the current hope is to get a job in software dev at a giant corp like facebook or google. i know they pay a lot, but they also work them like dogs

...

Pay is area dependent. I'm at 60k, which seems low, but it's great for where I live and my experience. I'm in middle of nowhere America, not on the coasts.

I can't speak for your area, but any company of decent size is bound to have IT Security. I will say software development is not likely to be nearly as interesting, but that depends on the person I'd expect. [spoiler]Oh, and security is easy as fuck until something goes wrong, software is busting your ass all day every day.[/spoiler]

yeah i'm sure if you're doing security at google or something in california you'd be making 100k+, but having an extra 30k in expenses... i've been reading about the NSA's tailored access operations for a paper i have to write and it looks cool as FUCK. they have a thousand people there just developing exploits and tools. i've always related more to the bad guys anyways, dream job

Oh ya, I'd make a lot more, but it'd probably be a pay cut with living expenses.

My advice to you is that the black hat jobs are prolly a good 5% of the field and way more competitive. Most work is ensuring compliance (PCI, NIST, HIPPA, etc), watching the firewall, reviewing alarms in the fancy corporate tools, that sort of thing. Black hat comes up when you want to do some testing but that's about it.

Developing exploits is a nice fusion of security and software dev, but I wouldn't want to be the one trying my hand at that job market, not fresh out of college at least.

if you are going to add sec you should have used our pastebin not some shit one. also you could have added our irc. otherwise it is just another /cyb/ thread were people rp being hackers

Should I actually watch serial experiments lain or is it overrated?

literally just copy pasted from the last thread i could find in the archives and put it in a pastebin because the body was too long. deal w/ it

just the same outdated shit in the wiki

how does one get into a security jerb if you have basic compsci and webdev skills? I read half a book on shellcode and thought it was cool but likely very out of date. The hackernews guys made it sound like knowing crypto was a must but it seems like you need a math degree to understand it (and I'm good at math but it's a huge commitment to learn even undergrad crypto).

i never watched SEL but ghost in the shell the original movie is kino

KeepassXC is better.

hackernews guys?
You asked them the same question?
No a deeper understanding of crypto is not needed.

I'm very excited to start my infosec internship at a company that's gotten a lot of publicity in the news recently..they investigate espionage and nation-state attacks. For college students wondering how to break into the field, here's my advice: apply, apply, apply.

First get some basic understanding of infosec concepts. Symmetric and Asymmetric crypto, how stack overflows work conceptually, what type of security certifications are out there, basic tools like ones you might find in Backtrack Linux, etc. What you're looking for is just conversational knowledge that you can use in interviews.

Next, apply fucking everywhere you possibly can. I applied to every single infosec internship I could possibly find across the US for like 3 months straight. I have a good GPA so I ended up getting a slew of like 7 different offers by the end of my insane spree of applications, just gotta be disciplined about it.

Lastly, work on that resume. Throw in some projects that might even just take an hour or two to make, but do them to put them on the resume. If you're curious, I never got asked for code from a single project that I listed on my resume. Of course, all the projects, experience etc listed should be security related.

If any of you have any other questions, feel free to respond as I'll be lurking around this thread

gratz user-kun! my university offers NO security related courses whatsoever for the CSCI program. is that your major? any books or something of the like you'd recommend?

Hey congratulations! I'm just an IT student thats more on the sysadmin side of things but I really liked reading your story since I'm writing my first resume right now.

lads what if we made a lain

LADS

Hey uhh guys I'm really interested in blockchain tech and I want to create a crypto. I'm really great at attracting talent and creating teams, I just don't know enough about cryptocurrencies to really get started.

What are some of the problems with Ethereum?

we /brit/?

yes you nonce

lainchan.jp/
wirechan.org/

(me)

No, also doesn't this go a bit against /cyb/ values to de-anonymise?

>lainchan.jp/
wrong

Im also ok with the merge

but I still dont catch the word 'netsec'.

netsec? sec? whitehack only stuff?
afraid of illegal stuff?
hacking IS NOT a crime.

theory is fine but real adrenaline is on the wild inet ..
cyberpunk always welcome because of yes.

what are you? what do you want to be?
today's script kiddies could be hackers of tomorrow, so im not afraid.

Hack the fucking planet, be curious about tech, share knowledge, have phun meanwhile.. lifestyle

Sometimes i have the feel that i know you all even if i never didnt meet anyone of you.

Keep the shit up and running.

I agree with you man.

rubyist here. Depends what you want to do. Its handling of binary files and stuff like that is prettty solid. My background's in web automation and shit like that; ruby is fucking legit for web scraping and stuff (httpclient + nokogiri). Also the language is real fucking pretty, the gem ecosystem is top notch, and Ruby 2.4 just came out.

i really don't have the spare time to learn another language for no real reason in particular, but this convinced me! i got the well rounded rubyist, will be going through that cheers la'

i think it's just always been called netsec because it's a more inclusive term than hacker (the modern sense) would be since that indicates black hat only. whereas netsec makes all the hats feel included. (and that people are afraid of being called a script kiddy or made fun of for thinking hacking is really cool, so they don't call it hacking, they call it netsec)

It isnt a matter of the tedious job of learning a new languague.

It's about achieving what you want to do , learn new things and progressing from there (:

was this as hilariously terrible as i assumed it'd be? mediocre score on rotten tomatoes but not comically bad
:*

good to see lainchan up and running again

I understand the logic you are explaining.

But netsec for me refers to the word network.

network is an important thing for 'hacking' but not the only one. Thats my point

What is lainchan?

why not go there and find out?

lainzine 4 out when

lainchan,org, a /cyb/ imageboard
it got wiped by the previous owner a while back and the current admin team have slowly put it back together.

there's another website called lainchan,jp which was made after the wipe because one of the org admins (allegedly) was mad that appleman was being slow with her recommendations for the website and just taking his time in general.

anyway, it's a cool website, stop by sometime

there was a thread on it, an unedited version got posted

sorry for not actually posting the addresses, i was getting spam filter'd

>it got wiped by the previous owner a while back and the current admin team have slowly put it back together.
i think kalyx thought appleman would have backups on a different server, and that it'd just be a bit of banter with the site down a couple hours

yeah, i never really liked kalyx but i don't blame him. i would've thought appledude would have secure backups too

doesn't seem very smart for people to openly discuss things that can put them in jail for most their life.

the best criticism you can do is go to cinema and watch thin movie yourself.

I enjoyed it because i was in an pesimistic spectation (I knew Scarlet doesnt like to "move" in action movies).

For me was a good movie, well filmed and cyb af.

I think moar ppl from /sec/ thread is running a ctf this weekend.

without counting those lurkers who have something to tell (probably).
expect be readed by a growing community
no worries heh

Opinions on CS/Networking/Cyber Sec degrees & careers

I'm leaning towards Cyber Sec, I was doing CS, I'm quite familiar with Linux.

> degrees & careers

those are corporate memes
I have seen sixteen years old guys with more knowledge than those people.

Only requirements to learn are a pc and an internet access.
Pick your interest (or what you want to do) and start from there.

Advance over the years and keep it up.
???
profit

bump

Just watch it, unlikely you'll love it, but at least you'll be able to make connection with the images posted around.

I can't get the hang of linux CLI. How does one get good at it? Regular expressions are even worse.

Everyone who isn't a retard know you don't learn much in academia, it gives you a few guidelines and a best it proves you have the potential to actually learn more on your own.

But how the fuck you get a position in security without a degree? Everyone asks for a degree.

you can start for example doing simple things like those you do on windows: compress things, navigate through system hierarchy, learn how to pipe program output from an app no the input of another.
Most basic regexp is piping output of something (lets say, a 'cat' from a text file) to grep: cat file.txt| grep 'pattern'

start from there.

Im unsure about genting a position in sec field.
Main reason is I do not want to bastarize my hobby.
Maybe Im wrong (hope so)

What's going on with lainchan?
>Kalyx behaved like a stereotype and nuked the server with the backups.
>Appleman had to start from scratch, asks on /q/ which boards he should rebuild.
>...
>lainchan dot org has plenty of boards and content
>lainchan dot jp is empty and seems like a rebuild.

It got a small split because some moderators couldn't handle it with the new admin and still wanted to keep the community with them because they sure aren't getting anyone else. In my opinion it was more like they wanted a reason to save the former admin who sold the site and later on fucked with one of the boards leading to him getting demodded.
This is not healthy, I suggest to not think about their useless quarrels that take away from topics of interest.

Lot of kids roleplaying in this thread
Is there anyone else here that actually gets paid to do vr

>there's another website called lainchan,jp which was made after the wipe because one of the org admins (allegedly) was mad that appleman was being slow with her recommendations for the website and just taking his time in general.
And wipe happened because one of the former owners deliberately destroyed the original site a few months after he sold it, he claimed he didn't have access to the server when he was selling it. After that, he regretted his decision, wiped it and joined ".jp" after that. If you are looking for Sup Forums tier generals with 2 posters and 15 mods, go for ".jp".

I expected the film to be terrible, but I saw a director interview and he described it as a 'reimagining' of the original story. this told me they would tell the story in a new way, just as was done with all the OVAs. I liked that they gave Batou and Mokoto back stories, although they did dumb it down for today's audiences. don't expect deep philosophical dialog, but it's OK.

>Level 23: Use a source based distro without crypto libraries on its package manager.
Level 24: Become a great pentester and make the world a better place.

I forgot about that. Yes man, hack the fucking planet!

Really? Can you give me a link to the thread? Would be really awesome since I'm searching for some communities to hack with and sharing knowledge, challenging each other and so on. Any recommendations?

Anybody have that video of the (I think British) dude at some kind of convention doxing a guy on stage with facebook and then calling him to leave a message with a bunch of his personal info in it? I've been looking for it but I can't find it for some reason.

maybe you can find something on media.ccc.de if not, look for the standard youtube channels

Can't seem to find it with that site, but thanks anyway. Looks like there's a lot of interesting content on there.

Yeah it is! The service is owned by the great ccc in Germany. You have to check them out. This is our hacker culture here :)

>hack the planet
H-how?

Me must hack into the core mainframe via mantle firewall and then overload the central while loop forcing the command execution to stop or even better, to get even faster. If we wire additional controls to tamper at the sillicon level we might control the planet's spin cycle, granting us total dominance. Destroy sleep schedule, destroy the society.

get a degree then
I do this not for a job but as a dedicated hobby and for fun.

idk dude, I'm going to a technical college for a two year degree in networking and I feel like I've learned some pretty important stuff and made some progress. Then again, I only went in with some basic windows and unix knowledge so there was a lot of room for improvement. Maybe I just got lucky and ended up with good teachers.

That being said, everything I'm learning there could easily be self-taught online, but tuition is cheap and I get that magical piece of paper that doesn't get my application immediately tossed into the trash so it was worth it imo.

Can anyone recommend me a book on how to write better optimized programs and algorithms,standard techniques,conventions,etc.?

Akira.

I'm CS and I go to a pretty shitty school in the middle of nowhere, so we don't have any security courses here either. Honestly for CS we're lucky that it's in such high demand that the school isn't very important; any engineering/STEM degree is more of a trade anyway, so if you know your stuff then you should be fine. For books, I'd really recommend a small pdf that isn't very popular that I found on reddit - Game Hacking by Nick Cano. For anybody looking to gain low-level reverse engineering skills, I would HIGHLY recommend this book. Some of the concepts are difficult, but everything is explained very well. Also it's not just drill drill drill, you get to actually hack games which is super rewarding. The fact that you'll be able to hack modern games on the Windows platform means that the skills your gaining are actually applicable in the real world in 2017. I spent one of my breaks from school writing an entire notebook worth notes to summarize each chapter of the book, if anyone would like me to scan that I'd also be open to it

>/cyb/ + /netsec/

I'm 100% on board with this. Any reverse software engineers here? What are your favorite gdb commands, for me it's x/x and x/i.

i think you're looking for the programming thread, this is the retards pretending to be hackers thread

Pic related

I hate to break it to you, but that's not black hat.

Isn't this book about computer hardware?

>implying you know what kind of testing it is

check out the overthewire wargame in the netsec pastebin in the op, it's pretty good for getting the hang of it. also reading some books on linux wouldn't hurt. don't pick out anything too in-depth, since you won't absorb it probably

i think it'd just be white hat pentesting right? black hat implies illegal activity, not being on the offensive team

No, it's although it does touch on that. It's mostly about computer architecture and assembly language.

thread was closed on saturday.
I dont remember IRC channel name, maybe someone can tell

You're right but whenever anyone is talking about hacking at all in any context they keep saying black hat. I've just accepted the term's evolution at this point.

fair enough

#Sup Forumssec Rizon