Will lightweight anonymity protocols finally give us anonymous torrenting? Will it make it possible to pirate stuff without having to pay for VPNs or using superslow unsuited-for-p2p Tor?
If I learned something is the more difficult you make it to find your identity, the harder you make it for people to share files to each other, if we talk about protocols.
Nathan Barnes
Oh wow... Is this thing still active? i was one of the original OPs, but i never thought it would survive for this long.
Charles James
Yeah, it scared me when their wiki went offline but apparently it runs on Tor. It has a team now.
Cooper Taylor
Thank you user, the first video is especially interesting.
Hudson Torres
its good anyway
Carter Moore
>Oh wow... Is this thing still active? Sure is, the Zeitgeist is with us. >i was one of the original OPs, The OP that was going to compile all the resources? >but i never thought it would survive for this long. It does take a lot of work though. Checked out the FAQ? It is pretty huge now, far more comprehensive than the Wikipedia article. If it is really a long time since you were here you might also want to know that there are two more FAQs on the FTP, one on /sec/ careers and one on radio tech.
I've been thinking long and hard about how to introduce methods for profit into decentralized networking, so that it happens naturally and quickly like bitcoin did, and so far this is the system I've come up with: >each user pays 1$ or less/ month to use the D-net >any user can host an "inter-node" (a node between the user and the destination) >each node that the signal passes through gets an amount of cash equal to the transmission cost (lets say 0.01c per packet) divided by the number of nodes it goes through. That means that the less nodes there are between A and B, the more each inter-node host gets payed. >there are additional factors, such as speed of transmission (meaning that if you node takes less time than another, then your node gets more), packet size (1Mbit gets you more than 1Kbit), if your node is faster than a neighbor node it takes priority in transmitting the user packet, and thus the greater the number of packets the larger the share of "transmission fee", also proximity between nodes plays a role in the calculation. >in essence, the plan is to move towards decentralized networking by introducing a profit, so that in the same way bitcoin mining has become a thing, so will decentralized hosting. What do you think /hsg/? Would this work? Would this backfire? Better ways to implement outsourced networking? etc?
As a case study, lets say that there are 10 user packets going to location D (destination). There are 7 nodes. In case RED, 1 packet is being sent across 2 inter-nodes, that means that for a transmission fee of 1$ each node is getting payed 0.50$ each assuming they are equal. In case BLUE, 2 packets are being sent across 4 nodes, assuming all nodes are equal each node is getting payed 0.25$ each, which is less. Thus profiteers will improve their tech to get more cash, thus improving the network.
>What do you think /hsg/? You might missed the thread, mate.
Ayden Cooper
If each user is controlling a node then I see no barriers other than to keep the cost for the maintenance of hardware, which then yes the costs can be shared. The tough part on a decentralized network is you don't have 100% way to administrate the costs, you have to agree with neighbors. Unless you have a standard for collaboration when nodes pay for shared maintenance. Once you go past the hardware maintenance you no longer have to think on information passing through nodes do you? All administrators of nodes will have the highest authority of their independent nodes unless again you have a standard and agree certain kind of packets to pass, such as certain encrypted networks and services like a distributed youtube or something. It really depends on how much of an organization this has now.
Jeremiah Butler
You're all a pack of useless dirtbags. You have done nothing and will never do anything meaningful. There's no god but if there was, it would burn you.
Gabriel Robinson
>You have done nothing You missed out on the FAQs that were made in this very general?
John Perez
Sorry not to fit your average consumerist Sup Forums thread.
Sebastian Ramirez
I'd think it would be easier to have nodes 'bid' for packet throughput by offering lower and lower prices. Of course, there is the element of speed involved, so the packet sender can optimize their network for high speed/high cost or lower speed/low cost or maybe even lowest speed/no cost.
Colton Kelly
Why did you post this?
Isaac Gutierrez
Thanks, have a nice day! :)
Jason Smith
Hey y'all. I'm just getting into infosec. I'm going for an OSCP this summer as a sink or swim type deal. What would people recommend before then besides the usual know networking, bash, and python shit? I've already read a lot of blog posts recommending some good vulnhubs but I'm also curious about some preparation tips people usually don't bring up.
Chase Cook
I plan on automating the cost and payment method much like bitcoin to avoid the centralization of capital as well, to make it corruption-proof.
The plan is to create some minor overhead on the packets containing a node-to-node checksum or other automated function, which distributes cash as it passes by. Not unlike a pigeon shitting on you as it flies overhead, except the pigeon is the packet and the shit is shekels.
Another method would be to map out the path first, calculate cash for each node, and deposit that as it passes through each node.
I'm not exactly a network admin or familiar with servers all that much, but the principle still stands that there is a way to (with slight overhead) automate delivery of cash between each node as the packet passes through.
Something like this: Data | Data bufffer | Other info | $$$$$ Data | Data bufffer | Other info | $$$ Data | Data bufffer | Other info | $$ Data | Data bufffer | Other info | Destination Reached.
I'm willing to hear ideas though, especially if you are more familiar with networking than me. The goal is to avoid bureaucracy by automating it with something like block-chain tech in order to decentralize the way to earn capital, thus maintaining the free market and attracting profiteers naturally.
A standard cost will need to be set, but after that price will go up as overall mesh quality and demand goes up. So there will be a committee to determine the set cost of 1 month worth of usage, but they won't determine which node gets how much, that's up to the machines. Starting price will probably be 1$/month/user, and will max out at roughly 30$/month/user. The reasons for such a low starting price is to make it more attractive than centralized networks, since we can manage to have the cost so low which will give us an edge in competing with them. The specifics are foggy but i'm planning this out now so that when its implemented it doesn't go south and centralized, but still attracts profiteers.
Juan Ramirez
fuck, this didn't look like reddit spacing in the reply box D^:
Austin Rivera
>Not unlike a pigeon shitting on you as it flies overhead, except the pigeon is the packet and the shit is shekels. 10/10
Your idea has some appeal, not sure the software exists or if its really that functional but sounds interesting for sure. Sounds like IMCP (the thing you use to "ping" stuff with), so there might be a way to calculate this without much programming?
Eli Foster
>IMCP *ICMP, as in Internet Control Message Protocol, sorry.
Julian Rivera
>so there might be a way to calculate this without much programming? i'm certainly hoping so, such a function would make it profitable for those who wish to join, and with more people joining the public gets more involved, and before you know it we have more servers than we know what to do with and internet speeds comparable to or faster than what centrelized networks can provide, phasing them out through the free market and decentralizing the net.
Web hosts are destinations and thus "users" so they will be charged too, but differently from plebian users,, havent figured out how yet but fingers crossed this all works out and we have a D-net (or M-Net)(thats gonna be its name, its catchy and catchyness is great branding). I know there's a market for it in the public because i'm seeing half of every student at my Uni covering their cameras with electric tape, the public knows they are being watched and would hop onto a more private network if it existed and was easily accessible.
Still gonna need to figure out how to keep public opinion high without getting the infamy TOR has from pedos and other monsters... Definitely a riddle for the ages: how to make something private and secure while keeping it clean.
NSA will certainly try to get on this, thought it would be easier for them to act as destination nodes than as inter-nodes.
Your solutions to theres troubles are wanted /cyb-sec/, that's why i came to you.
Evan Brown
If this protocol works I don't see how you can get to anonymize it since you stated a datagram will sign each packed (which in turn be the payment). Eliminating the problems of Tor, though creating a new one for anonymity.
Julian Powell
>packed *packet, fuck.
Evan Mitchell
how does the datagram kill anonymity?
Also what problem with TOR?
Landon Howard
You might calculate a number of hops from sender to receiver, also the problem of tor is the one you said about bad press which is related to anonymity.
Jason Ramirez
Wait, how does my system eliminate the bad press problems of TOR?
>You might calculate a number of hops from sender to receiver Nah, i plan on just having it do it as an "in the moment" kind of method, where it caculates based on past node and next node, but is blind to the full path and doesn't track the number of hops. That is of course if such a thing is possible.
Maybe i should quickly make a simulation in C...
Hunter Miller
I was assuming the anonymity is removed, therefore the bad press on anonymity you mention is removed.
Doesn't looking at the current state of the packet let you know how many hops has done if it has a decreasing header like you mention? Anyway, maybe look at the research done at GNUnet on how they implement anonymizing protocols.
Brody Evans
I usually wait for page 7 or 8, but I'm really enjoying the G-Net conversation.
Lucas Cook
So, what happened with that outerheaven thing? that you guys hyped months ago?
Nathan Stewart
The decreasing header could be used to guess the number of hops, but it won't give an exact value unless we assume all inter-nodes have the same specs.
>GNUnet looking into it now fampai
Daniel Watson
It fell off the net, it remains a mystery. Rumours are that the operator was caught up in some serious data breach. That or an alphabet agency bagged him.
> git.gternet.me uses an invalid security certificate. The certificate expired on March 20, 2018, 2:17 PM. The current time is March 26, 2018, 12:52 AM. Error code: SEC_ERROR_EXPIRED_CERTIFICATE
Beginning my decuking lads. So far got Firefox nice. What's my next step.
Christian Nelson
get a firewall and if possible a good vpn
Landon Butler
Funny you mention bitcoin because what you're suggesting sounds similar to the Lightning Network being developed as the layer 2 scaling solution for bitcoin. Is there a specific use case you're interested in that requires this kind of network? If so maybe you can build an app, or "LApp" on top of the Lightning Network? It's fairly new and experimental but you'd be able to tap into the existing bitcoin network effect.
Easton Torres
Please tell me more about Lightning Network?
I don't really care about the method, all i want is to create a mesh-net by outsourcing it for capital. Integratng with bitcoin sounds like a good way of doing this, though i have yet to figure out how to make this accessible to the normie public and so far my best guess it some kind of contract between users and the network?
Grayson Johnson
To fully understand LN you need a full understanding of how bitcoin works. More specifically, the throughput limitations of a proof-of-work open blockchain. LN is an off chain solution intended to increase the limited throughput by several orders of magnitude. LN itself is essentially a giant opt in mesh network, where a bitcoin transaction between party A and B is routed through what are called "payment channels." This essentially means the transaction amount is identified and transferred through a route of existing LN wallets/nodes. LN nodes would receive small amounts from the transaction fee pool, but it's nothing at all like the bitcoin mining reward. It's more akin to the method you've come up with, or a microtransaction, since one of the main selling points for LN is reduced tx fees. Take a look more into the project by Lightning Labs. It's definitely interesting to think of the possibilities that can be built on top of this layer that could expand bitcoin's scope from just currency/store of value.
PS buy bitcoin :)
Juan Cox
The system sounds great especially in the context the other user thought of. But how would the integrity of the nodes be proofen and would the transaction in the end still be approved by the blockchain making it slower again?
Josiah Lopez
I don't know if I want my internet usage and comments permanently etched into the blockchain for all of posterity to decrypt or do other forensics. It's hard to have good, long-term privacy against a modestly-dedicated info hunter when using a permanent public leger.
Ian Thomas
Soon AI will be good enough to read through that leger and search for comments that match a certain person. Automated dissing, with all information in a single, sequentially arranged datastructure. Blockchain internet sounds like the NSA's dream. Don't fall for it.
Evan Wood
s/dissing/doxxing
Camden Young
Yeah, blockchains are way too centralized of a data-structure for me to trust them with the future of the internet. The future should be decentralized so that it is hard for bad actors to take control or easily monitor communications. Anyone peddling blockchains are NSA shills or trying to get rich off their crypto "investments" (gambles). Let's not forget the punk origins of cyberpunk and work towards a decentralized future for the internet where freedom and competition in data transmission are encouraged. If we get locked into a blockchain we will lose flexibility and the ability to innovate in our data transmission. New, p2p/direct means of transmitting data will be unable to compete with the massive, ever-aging monolith of the blockchain until its eventual collapse. Let's avoid that mistake. A decentralized, people-oriented meshnet, perhaps like is the smarter direction.
Jacob Kelly
you've obviously never been to an art museum
Julian Ward
Sup Forums is basically an art museum
Tyler Mitchell
Both these are right, blockchain technology is not good for personal or private communication. Maybe there is a niche it can fill like contracts or other hosting of information, idk.
Nathaniel Russell
>is this gay child porn ? Did you even read the file name??
Gavin Richardson
Although user you're right, you must recall that user was talking "something alike" so maybe he can get just the LN proyect and adapt it to the G-Net. On other, matter, if for some reason our unic option would be the blockchain, Sup Forums created some kind of token or coin around the last winter or so. Maybe is the option to go?
Connor Rogers
>get a firewall Agreed. I have used Smoothwall but updates seem rather slow these days. Any better solutions?
Ayden Harris
In the essentials pastebin it says get Blender. I can't find it. Anyone link me please
I want to get into Cybersecurity but it only exists as a master's degree in my country (I guess) Is it possible to find a job in cyber security by only getting some certificates like OSCP CEH CCNA COMPTIA SECURITY+ etc? Or do I have to go through University first and then do it as a Master? What do companies prefer?
So, anyone here knows? The book seems rather comprehensible for an amateurish copy.
Charles Rivera
what /cyb/ things can you do with an unused macbook air
Wyatt Edwards
IRC server ?
Adam Ramirez
I live in Cyprus if that helps No I haven't read the FAQ, I can't find it in the resources to be honest.
Nolan Walker
install coreboot and gentoo
Christian Diaz
Most here knew Facebook was intrusive but I must admit the scope of it is still astonishing.
=== /sec/ News: >Fleeing Facebook app users realise what they agreed to in apps years ago - total slurpage theregister.co.uk/2018/03/25/facebook_app_privacy/ >Facebook Messenger on Android uploaded far more than expected. Specifically: metadata for phone calls and text messages, even though they were sent with Android's default phone and SMS apps, not Facebook's Messenger apps. Apps spying on apps? intriguing. It gets even better: >The data slurp included Facebook app users' interactions with others who are not on Facebook – meaning people who never gave the Social Network™ permission for anything are probably profiled in its data troves anyway.
When will this horror end?
Ayden Rodriguez
The FAQ lives here: ftp://collectivecomputers.org:21212/Books/Cyberpunk/
The /sec/ Career FAQ is a little bit below that, specifically: ftp://collectivecomputers.org:21212/Books/Cyberpunk/Security/ In both cases go for the highest numbered FAQ.
Kayden Howard
will night ever not be upon us?
It won't. I went through this with my mom a few years ago when I removed Google from my life. She couldn't understand why I would do that, and so I told her about the many and varied ways they record every detail of what you do. She was alarmed, being a heavy Google user, and asked me what she could do about it. "Well, you have to stop using Google", I said. "All of it?", she replied. "Search, Gmail, maps, Youtube...?" "Yes, all of it." "Well... I guess what they're doing isn't *that* bad...."
At the end of the day normies say they're concerned about privacy, and many of them genuinely are, but they won't change their ways or indeed lift a finger to get it. They all want this icky tech stuff to be someone else's problem, they want it to all be taken care of for them, so they'll continue to get spied on and exploited. Zuck knows full well that this is just a bad news cycle and that none of his revenue streams are in any serious long term danger.
Yo its knots from over at the gternet project. I have a node up and serving internet to my neighborhood using 5 raspberry pi 3s with stock antennas as meshed nodes. I need another person to set up something similar using the tools I wrote on our git to connect with and finally prove the concept. Also our git has an old ssl cert I know. I have a full time job and haven't had time to fix it. The project is not dead I'm waiting on yall for it to move forward. Join our IRC irc.jollo.org 9999 uses ssl
Anthony Young
Alright guys, wife is killing me. She is demanding an in home security system with cameras. Ive avoided it fpr a year or so but now she wants to order them herself... so before that happens. I know wifi IP based systems are out but are there any /sec/ approved methods to having in home cameras that are realistically viewable without a dedicated playback terminal?
>/sec/ approved >without a dedicated playback terminal
pick one. seriously, clound connected is inheretly insecure and/or botnetted. The other day I was wondering why mine was scanning my LAN. turns out, it wasn't hacked (not reachable from outside) but had been trojanized by the vendor appearantly. That thing had only one huge binary running - responsible for communicating with the camera chip, image processing, connection to the 'cloud' and various dubious activities.
TLDR; go for a professional CCTV or be prepared to fund the hardware with your data
Jack Thomas
>wifi IP based systems are out I'd advise to couple any wifi system with a deauth catcher (anything that will intercept and alert if someone is fucking with your wifi, you won't be able to block it because the standard must be supported by both router and client. Too rare. You can get an idea of what I'm talking about from SYWorks waidps. Old and overkill for the task, but a neat one if you didn't know about it.).
Same goes for blackout detection (old android or old laptop with working battery, simple script to get charge status, if it detects that socket has been pulled off (it happens with a blackout) trigger the alarm. Assuming you are on a diy setup, probably you can't have battery backup. Just in case...
If you are "that" kind of paranoid guy, you can use the old droid to also monitor for MNC, LAC, CID and prevent imsi catchers to sinkhole your 3g alarm trigger (ye you better have one, if they blacked you out, probably internet will be gone, unless you use a backup mobile router on batteries or even said droid with a sim. But mobile is still a liability)
For the rest, get some raspis and webcams, and set up yourself. Tons of guides out there, but I think you'll want to have fun and make it. Once the hardware is "open" (rpi are not totally open) the only limit is your imagination. You can even install OpenCV and do some great shit like people or pet recognition.
>They all want this icky tech stuff to be someone else's problem It might be that it now has passed the tipping point. It is getting coverage on BBC World News and not in a good way:
=== /sec/ News update: >If I’ve got your number, so has Facebook bbc.com/news/technology-43539881 >Suddenly lots of people are waking up and asking themselves questions about Facebook. How much data am I sharing with the social media giant? Did I really give permission for it to be collected and stored?
The significane is about to dawn: >And, even more seriously, have I handed over my friends' data to be stored on some Californian server? >I am one of those people and what I've discovered has left me somewhat shocked. Over the weekend I got hold of my Facebook data. It's easy enough, you go to settings, then general account settings and click on download my data. >An hour or so later an email arrived with a link to click and I was downloading a 675MB folder chronicling all of my life on the network since I signed up in 2007.
>But then I clicked on a file called contacts. I was taken aback to find my entire contact list, thousands of phone numbers. Now this was not limited to Facebook friends and included many people in the public eye who might be disturbed to find that their private numbers were stored in this way. He is a journalist and now it is blindingly clear that much of contact confidentiality is completely blown, as in shared with FB and countless alphabet agencies who were more than eager to share it back with British agencies. I think we should consider all "anonymous" tip offs to be totally, utterly and completely compromised at this point.
And journalists have a lot more leverage in such cases than Joe Anonymous.
Gavin Rodriguez
I've used both rkhunter and chkrootkit. The former says I have 10 possible ones; chkrootkit says I might have ebury. Rkhunter says I have 6 suspect files too.
wat do I reformatted Linux just a few days ago, but earlier I didn't get 10 warnings..
Henry Lewis
Anyone know how I can translate raw wireless USB HID packets into something human readable? I want to be able to understand the keystrokes.
Ayden Parker
>Suddenly lots of people are waking up and asking themselves questions about Facebook. How much data am I sharing with the social media giant? Did I really give permission for it to be collected and stored? Lets hope they are really asking themselves that question. We thought normies will never care.
Samuel Scott
They'd better learn, and learn quickly.
With companies such as 23andMe plus CRISPR/Cas9 people will know their genetic makeup in greater detail than ever and this is high value information for everyone, from police and intelligence to schools and insurance companies. If (or rather when) that leaks out for a few hundred thousand people the implications will be enormous up to an including being shunned by insurance and pension funds. And there will be breaches.
Ethan Parker
>will night ever not be upon us? Probably not. Unless it is summer beyond the polar circle in which case you get a few months long day with no night.
But here we are and night is once more upon us. And we again await Daybreak.
Just discovered the Harvard CS50 series of lecture videos and problem sets. Learning from a high energy guy explaining complex topics in accessible ways is much better than reading a bunch of web pages or text books. I've learnt more about C in the last couple of days than I ever would in a million years of browsing Sup Forums.
Ryder White
any1?
Samuel Harris
do NOT buy bitcoin right now guys
Ethan Hill
Not relevant to the thread, but I always wanted to move to the North of Europe. For cold weather and low sun time. Also nice internet (Yeah, priorites, right?)
Parker Baker
The problem is that they'll want to have their cake and eat it too. The solution is "you can't use Facebook", but they'll find that unacceptable, to great a loss of convenience. They'll demand that Something Be Done so that they can keep their Facebook, but have some regulation be made proscribing what it can collect and store. So some ridiculously inadequate and yet simultaneously over-complicated law will be drawn up and duly passed, which Facebook will duly ignore or work around. And then the normies will say "Gee, glad that's solved" and go back to sleep about privacy until we come back here in a few years.
A few radicals will demand that Facebook be broken up, but they won't do anything to prevent other companies, Google first in their ranks, to ply the same ad-selling business model that led to this. Even in Europe, with the GDPR and all, they'll never dare pass a law stating flatly "personal information may not be collected, used, or sold for any marketing purpose".
Luis Ward
its that user. Not sure how to implement monetary gains, but i do know that the free market is the key to decentralizing the net (or at least, a key) so the utilization of monero or some blockchain technology may be inevitable in this scheme. However, the net itself isn't a blockchain, its financially supported by one. I certainly will look into LN tech to see how it works and if it can be adapted in such a way as to make an anonymous ledger of some sort. In other words, if ledgers are involved the plan would be to record exchanges of cash only, and not the exchange of the data itself, in a sense. As noted before i am not too familiar with server technology, but i have already begun looking into it. Speaking of...
p2p isn't scalable as far as i am aware, and GNet is more focused on file sharing and shared accountability than anonymity and regular internet. Honestly at this point i doubt my system could scale as of yet, in fact ISP's are probably here to stay far into the future, but the hope is to create some kind of move to a less centralized lan, even if wan stays largely unchanged in the future. I don;t see many people using the mesh net for this purpose either, since most people want to use it for the normal internet, at which point someone or another will need to get in contact with an ISP, unless i'm wrong on wan or the true scale of the mesh net.
Speaking of, where's that map of all the local nodes and their approximate location?
Now there's an idea! this M-net idea of mine may start small, but God willing those seeking a profit will start establishing bridges between locations on land, and mayhaps even someone will be crazy enough to put their own geostationary satellite in orbit! at this point such dreams are merely hopes, but if there is profit to be made then anything is possible, and that is why i will find a way to make the mesh-net profitable, so that normies hop on the bandwagon like they did with bitcoin and spread this.
Parker Brown
Get in the gternet irc tomorrow. We are doing this work already and could use help
Aaron Hall
Learning crypto at uni. Any personal projects to undertake that put things like asym crypto, hashing and all that in practice? I was thinking of setting up PGP for some emails and maybe signing up with keybase and experimenting with that. Cheers everyone
Jonathan Hernandez
what time? Also i am a busy man, so i can't dedicate all my time to this.
William Garcia
What's the IRC?
Daniel Williams
Is there any way to compress this into a single tl;dr for a newfag?
I want to find a VPN service that is Dedicated rather than shared that I can set up fulltime accounts and emails on without having to worry about other users in the VPN network being able to possibly sniff packets etc and compromise my passwords.
How can I most secure/harden a Win 7 machine from outside connections or telemetry?
I really need some basic bitch steps so I can prevent the leaking that is already happening before I start using a VPN service. Any advice?
