Im just going through exploit-exercises. No CTFs this weekend means I just get to do main sequence.
Aaron Sanchez
different user, but I've been reading in the car my whole life. As long as I can see the window from my peripherals I'm fine. Once that's gone I start to get ill but still never anything unbearable.
Luke Williams
>umpc >nexus 5 with nethunter Which would you pick?
Jonathan Gomez
How safe is macOS as far as cyber security goes?
Owen Gutierrez
Can you please try this train wreck of a sentence again and elaborate upon what you actually want to know
Adam Hall
nexus
Jaxson Stewart
I can never seem to find any cyberpunk themes for my phone, been looking for a while and nothing allows your own wallpaper
Sebastian Nguyen
Try /wg/
Joshua Hall
Fuck why we so slow
Andrew Long
Sorry. I guess I want to know how vulnerable macOS is? I've followed most of the stuff in the OP about securing my web browser and I've been working on reducing my internet identity footprint, but I'm concerned as to how exploitable the OS is. I do a lot of work while connected to public WiFi, and while I do what I can to keep myself safe in that regard I'm still paranoid.
Nicholas Russell
contrary to popular belief, most on Sup Forums don't give a shit about cyberpunk stuff, or know anything about netsec
Jackson Scott
There are some very scary exploits out for OS X, that embed themselves into mainboard firmware
There are no where near the number as there is on Windows; two fold because the unix-like base makes it more secure than Windows and API hooks.
As it's been gaining serious popularity over the last ten years however, the market for OS X malware has ramped the fuck up.
It's secure enough skids aren't going to touch you. The scary government people however, are not stopped by OS X.
Looks pretty nice but I don't know if I would risk 60 bucks for trying it.
Ian Allen
What the actual fuck
Jeremiah Walker
anyone has used bone conduction headphones? are they any good?
i guess it makes breathing somewhat harder and i doubt it's comfortable for a longer period of time
but yeah, looks cool
Josiah Lopez
it's headphones that you put on your mouth, what is it that you don't understand
Nicholas Peterson
Is AES truly secure? Is the weak link the Key and Key exchange?
Is Diffie-Hellman
Nathaniel King
Why would I want that is what I don't understand
Dylan Reyes
>Key exchange Pass the hash is a major weakness that's exploited often
Eli Nelson
CTFs are for faggots go crack some real stuff that actually tries to be secure instead of toy challenges designed to be solved under a day
Julian Bell
Here's your (You).
Ryan Anderson
>Now I'm doing a large turd. Cyberdump?
>I love Fridays. Yup!
>Sorry for not bumping the old thread, I don't use my phone at work much. The strawpoll suggests a heavy European interest. I had expected more from the US and some from Asia. strawpoll.me/13665376/r We had 38 responses but last thread had about twice the posters.
Also: reminder of the Cyberpunk FTP archive: ftp://collectivecomputers.org:21212/Cyberpunk/ password: guest
Dylan Powell
Being broke, having a lot of NEET time on my hands, and thinking that having a general background in computers would give me a head start or act as a "stepping stone".
I'm studying Infosec, digital forensics & datasciemnce. Infosec is by far the most difficult and requires a wide breadth of knowledge.
Julian Sanders
This might be slightly off topic but does anyone know exactly how Theresa May intends to ban encryption? Is she going to ban RSA? AES? I've heard nothing on how they intend to implement this. They say they want some "master key" system, but I don't think they have any idea on how to implement that. It goes without saying that whatever they do will be a disaster and a complete failure, but I'd at least like to know what to expect.
Isaiah Cox
I don't know about the UK, but here in Aus the gov wants to pass legislation that will compel the us based companies to decrypt the messages the spooks ask for.
Let's read that again.
Australia will pass legislation that will compel US based companies to do things.
I don't know how the fuck turnball expects this to go, but I can see the companies just flat out ignoring it. Who the fuck does he think he is, making laws for other nations he isn't involved in?
Oh that's right, the laws of Australia come above the laws of mathematics. That is a direct quote from our prime minister.
Charles Jackson
They can already do that here. They want to ban end to end encryption. They want even PGP to be illegal unless it's backdoored. They're fucking idiots who don't know how encryption works. If I manually formed a PGP message with nothing but pen and paper, would they send me to jail? I have no idea how they intend for this system to work.
Logan Martinez
what makes you think May understands computers? Gary Mckinnon "hacked" nasa by searching empty passworded users and she sided with america to deport him because oh hes a bad man breaking those puters, no need to try the dude looking for UFOs in his own country, lets send him to one with a death penalty and shit...
the most she knows is what she hears from others at COBRA, which is a fucking supervillian corp name in the fuckin batman universe.
ayy lainon
Christopher Miller
>They can already do that here No they can't, otherwise banning it wouldn't be necessary.
Nathaniel Lopez
The secret is to sit in the back.
Aiden Turner
>Discontinued You fucker.
Anybody know what the best throat microphone/bone-conduction headphone combination is?
Hunter Rivera
I've never thought of anything being challenging. Just a lot of work that needs to get done and a lot of learning and practicing. Just know that you'll eventually reach your goal.
Daniel Martinez
ok so im running arch linux, my phone is rooted and flashed with a custom rom, i drive a hybrid car, i work in IT... now how do i start looking like i am from the future? khakis and a polo arent cutting it anymore
Carter Bailey
Maybe try something like this.
Owen Johnson
too old timey. i was thinking more jensen from deus ex but toned down a little
Ryan Russell
They can intercept client-to-server communications, but not client-to-client without effort.
Caleb Walker
...
Nathan Perry
You don't need to actively look like you're from the future. The more you do to bring yourself into the future, the more that the future expresses itself through you.
Also, consider getting /fit/ and becoming a /fa/ggot.
Evan Wood
>hacked nsa >by searching empty passworded users Lel wtf. Human retards making it easy. Buts its dudes own fault for getting caught.
>COBRA is batman Actually its GI Joe you gen Zer.
Oliver Hall
How to make an android smartphone more secure / private aside the following : -managing permissions -managing network connections -encrypting phone -using vpn -not using google services
Brayden Fisher
Why is IDA memed so much in the professional field? I understand it's the best at static analysis because of the hexrays decompiler but what advantage does it have over olly/x64dbg when dealing with packed and obfuscated stuff? Are you telling me most of the professional reversing is performed on unprotected software and people just analyze what the decompiler shits out instead of reading assembly?
Josiah Bailey
I've just begun reversing stuff and I think people hold IDA in such high regard because it's good at making guesses about code and data constructs. It also supports a lot of different file formats/processors.
Justin Jenkins
What do are your thoughts on Marcus Hutchkins (the guy who stopped WannaCry) getting arrested for "possibly writing malware-like code?
What are your* Never post while on painkillers. They do bad things to your grammar
Jackson Peterson
There are only 4 people in this thread who know anything at all about security and they don't post here often. AES has been proven to be secure on a logic level, but it has a lot of issues with side channel analysis on consumer hardware. CTFs are harder than the real thing. Here is your (you) You are mixing a debugger with a disassembler. Ida supports everything and is dirt cheap if you are looking at it from a business perspective. Nothing even comes close. Radare2 only recently became good enough to use, but it's hard to collaborate on and binary ninja is still to alpha but will end up being the thing students use. No idea need to wait for more information but leaning towards he did nothing wrong.
Adrian Ramirez
Most valuable things to me are how ida makes almost every internal function available in some way through its api (idapython) and it taking a lot of menial work out of the picture through its (fairly) competent and comprehensive analysis system.
Honorary mentions for allowing me to edit the colour of literally everything and the built in python interpreter.
As for decompiler vs disassembly, it depends on the person. Working with the decompiler requires knowing a lot about typing and you spend most of your time fixing the mess ida made. Working with the disassembler requires a lot more control flow and variable tracing, and perhaps a bit more experience to be good at.
Zachary Nguyen
Is there a good reason to move away from systemd? I've heard rumors of it being insecure but I fail to understand why that is
Zachary Harris
Arguably you could say that radare2 is easier to automate but it's lack of a user interface will hold it back from mainstream adoption.
Joseph Hernandez
It has a web-based UI that you can spawn from the command line but it's quite terrible. I wish x64dbg was available for Linux but at the same time I understand why it's not after having written a low level resource monitor for Linux. WinAPI may be garbage but it allows you to do so much with the system compared to the crippled procfs that you have to use for most stuff.
Matthew James
r2 has a webgui now but it's kind of a pain in the ass to get setup and use...
>android smartphone >-managing permissions doesn't work for processes and apps running as root. watch those >-managing network connections again, things running as root can circumvent these >-encrypting phone there's been several articles that the hardware crypto is broken because manufacturers fucked up. I don't have that article at hand, will report back >-using vpn making you easier to track imho. be aware that VPN providers are well known and if you use your own, ... well. >-not using google services good start but you'll need to use some if you don't want your phone as a browser and watch
Also it looks like Cybergoth is back with a vengeance.
Jason Anderson
wasn't that one of these whose canatries expired?
Hudson Fisher
You know we had a straw poll about this?
Zachary Bell
How can I store a piece of data forever? all of the storage mediums currently in use won't be usable in even 20 years. Is storing data on the Bitcoin blockchain or a similar currency a good idea?
Daniel Bell
There are only 4 people in this thread who know anything at all about bitcoin and they're all on holiday right now.
Julian Campbell
Tfw electron is a step up
Andrew Lee
what are some good resources on satellite /sec/
Brandon Green
There are only 4 people in this thread who know anything at all about satellites and they're all space right now.
Samuel Diaz
Where's the user who knows where the 4 people who know anything are?
Daniel Jenkins
History tells us that clay tablets and vellum will last for thousands of years.
I can see a market for clay tablet printers with cuneiform print heads. This writing was also decoded, but we have no idea if written English will be understood in 2000 years time.
Long time storage is acknowledged as a hard problem.
Joshua Gomez
NASA not NSA.
Chase Foster
This is a good meme
Lincoln Garcia
There's only 4 people who know about the 4 people and they are all having sex in the missionary position with the lights off for the purpose of procreation
Adam Nelson
You guys watch N O D E?
Isaiah Howard
I thought cockli got busted by the feds?
Liam Reyes
crystalline storage is becoming a thing and they are growing the crystals like in junior high science class. people involved estimate millions of years of storage. google 'superman crystal' for more.
You mean the YouTube channel where he makes/mods shit? If so, yeah ive got half a dozen project videos lined up to watch this morning
Camden Robinson
how would Sup Forums filter this to prevent people spreading child porn then? a neural network or something?
Isaiah Evans
That is just nav war, a sub set of electronic warfare. Pseudolites are commercially available and can be repurposed for this. With today's SDR systems the tech is available to anyone willing to spend some time putting the parts together.
This stuff should definitely in a /sec/ pasta. OP, are you copying this?
Easton Hernandez
Literally fucking nothing
Bentley Turner
>Sup Forums
It wouldn't because it runs on servers serving mostly text data, not a lot of hardware there. Not to mention all kinds of other data can be obscured, not just images. Could be text, like links to torrents or playlists, archive files. The size is concern for bigger files as for a 3MB raster saving only 1 bit per single channel byte yields just 128kBs. This can be circumvented by splitting the file around several images and then using a special function concatenate obfuscated data.
Ayden Adams
Go read up on Vmware ESXI. It's free and it's the general way most big enterprises set up their virtualized environments.
