arisuchan    [ tech / cult / art ]   [ λ / Δ ]   [ psy ]   [ ru ]   [ random ]   [ meta ]   [ all ]    info / stickers     temporarily disabledtemporarily disabled

/cyb/ - cyberpunk and cybersecurity

low life. high tech. anonymity. privacy. security.

formatting options

Password (For file deletion.)

Help me fix this shit.

Kalyx ######

File: 1552756009568.jpg (243.88 KB, 1920x1315, 1552755282061.jpg)


Psychedelic Warlord, legendary hacker and the guy that came up with the name "The Cult of the Dead Cow" in April 85, is actually Beto O'Rourke.


A damn shame someone that amazing became a politcian. Not a fan of some of his policies. I wish him and the people he serves the best of luck.

File: 1547093791697.gif (909.23 KB, 398x299, GNEb.gif)


So, I was wondering what kind of hardware I should get to build a privacy-respecting computer like what's been discussed on here. There's plenty of talk about the software, but I wanted to know what would be best to buy, be it a laptop or a desktop, in order to get these programs up and running and not be controlled by google or Microsoft. Any advice?
9 posts and 1 image reply omitted. Click reply to view.


>Look at GNU Guix for source based things or as overlay/packagesource to your main os.
Compiling from source is default but you can also switch to using a binary repo (they call it "substitutes"). There is also a "challenge" command which will build a package from source and compare it to binaries to check if repos are legit which is pretty cool.
What worries me about Guix is the sheer complexity of it all.

>Gentoo is a nice idea but packaging masochism and understaffed.

The two main advantages of Gentoo is that by compiling everything from source you can
1) avoid bloat by cutting out software features you don't want (e.g. firefox without pulseaudio)
2) add extra security at compile time (e.g. stack cookies)
Compiling everything takes time though and can easily outweigh the advantages for most people.

>It requires that you run a docker container with a premade modified ubuntu image that it spits out the same binary except signature.
To be fair that is just the state of software in 2019. Nobody knows how to write and deploy code anymore without depending on 20,000 libraries and dumping their whole dev environment into a container.




Tails and Qubes are incredibly different items.

Tails is focused on providing anonymity, and mainly provides security through non-persistence. It has interesting features like a visual clocking mode to make it appear like WIndows 8 to stop you from standing out visually to others locally.

Qubues is security focused distribution focused on providing a hardened end-point through virtualization, and isolation of processes. It does have a non-persistance mechanism (Temporary VMs), but doesn't have all of the anonymity features tails has (eg wiping memory on shutdown).

Both are very cool, but very different. If you install tails, you are doing it wrong.


run your own VPN in some soykaf VPS host with disposable payment information in a country like Russia or another decent non eyes country


is it elitist to assume most people who couldn't set up their own XMPP server or use the one you setup to talk and verify simple OTR fingerprints aren't going to have the associated OPSEC and awareness to even keep device encrypted or secure enough to be private?

signal is centralized, riot/matrix is too technical for normalfags. telegram is untrusted for same reason as signal.

implying you can lead them all around in a insider trade but you cannot make them contribute to ZRTP/SRTP and Jitsi projects that aren't jitisi meet.

File: 1550671354489.jpg (41.27 KB, 640x433, newsmth.jpg)


Bulletin Board System are still popular in China/Taiwan and have millions of users.

Did anyone ever look into these? Is there anything meaningful or even english content? From the wiki, it seems like the chinese government shut down a whole bunch of them and after reopening, you had to register with your data, so there is no anonymous posting. Taiwan seems to be good though.

Anyway I find it interesting that such systems are still alive and well somewhere on this planet. Are BBS still in widespread use in other places? I could imagine South Africa or India or so? I know that we still have them in the west, but it always seemed like they are only there to serve nostalgia with few users and little activity.
4 posts omitted. Click reply to view.



Yeah sure, it's great if your poor and would definitely love to have something like that if i had limited resources.

I just think you can have the same thing less complicated then BBS.


> it is currently administrated by the Electronic BBS Research Society as a non-commercial and open-source BBS.[2]

Hunh. That's pretty cool.


South Africa doesn't really have much in the way of an internet culture I'm afraid. Most of the country only came online post-facebook and most of the country uses the internet via a mobile device, rather than a PC or laptop


Really makes me think what kind of underground online networks exist in countries like China. With such an absurd amount of people and such an oppressive government there is bound to be a lot of different networks for shady stuff and user privacy.


Your wrong. Its a text stream rendered on server to a terminal. There is no javascript, no plugins, no DOM. Only an incredibly tiny attack surface - the terminal - tested over decades.

File: 1527079744793.png (670.52 KB, 1200x758, rs1.png)


Retroshare is a p2p program providing email, chat rooms, file sharing, forums, channels, over fully encrypted tunnels. It can replace most things you need to do online. Find it at or through your distributions package manager. Retroshare has gotten many new features recently.

Retroshare supports full hidden service mode. When you get to the profile creation popup don't use the default. Instead click the advanced button and then configure your tor hidden service. This adds another layer of encryption and provides anonymity. We have a chatroom on retroshare right now. Come try it out!
41 posts and 4 image replies omitted. Click reply to view.


Here's mine



Tor only node



Does anyone actually still chat actively on here? Last I checked the retroshare community was mostly just hypnofetishists.





File: 1549828042100.jpg (59.19 KB, 420x251, Virus_Blaster.jpg)


Since vxheaven website is completely dead, do you know any websites of this type which is still active ?
Is the vxscene definitively dead ?


sad indeed. viruses have been commercialized into trojans and cryptolockers


Yup :(
Sadly the cool assembly viruses have been replaced by soykafty .NET ransomwares


Is there an archive of it? I remember reading some pretty cool stuff there.



File: 1544214356109.jpg (438.36 KB, 1960x1960, IMG_20181013_205644_243.jpg)



Gonna reformat this since write it in notepad but it'a not a bad start


But isnt it a bad idea to actual share security solutions?


>the file does not exist
Please post a pdf or an an archive link.


File: 1545303553100.webm (1.76 MB, 540x960, heat ore mith.webm)

Don't click, it's a virus.


>Google Drive
yeah I'm on larp^H^H^H^Harisuchan alright

File: 1537545418920.png (10.12 KB, 305x267, pass.png)


What password manager does Alice use?

I've been using LastPass for a few years now but I am ready to switch.
11 posts omitted. Click reply to view.


If you have a good enough main password then it doesn't really matter if they get hacked, right? They'll only have your hashed main password, which they can't do anything with (again, if its complex enough)?


A notepook with incomplete passwords.
Soaked in kerosene just in case.



Keepas2. It has never been inconvenient for me.


I'm using pass, the standard unix password manager

it just works
also syncs using git

File: 1511924495922.png (95.28 KB, 500x466, world-meme-database-im-hac….png)


What are you hacking, cracking, bypassing?

Remember don't post anything illegal or else mods will delete/ban.

Questions, ask away someone will help!

Where to start?

Dummy targets:


21 posts and 4 image replies omitted. Click reply to view.


I've been playing around with bWAPP for a little bit. I recommend it to anyone who wants to practice cracking web applications.


those were my general thoughts too, and funny how i had an opportunity, a haggard looking dude approached me in a shop line and asked for some change, he was a bit short of money to buy a pack of cigarettes. but i was paying with card. anyways, i should've offered to buy him an entire block of cigs or just give some money so he would pull it off

however it's kinda suspicious still, even if it will obviously be NOT ME.


I mean, probably better to have a weird thing that is not readily tied to one of your identities, than a normal thing that is. Maybe things could still be traced to you, but the more work you make that take, probably the better.


Is this legit?
I spy with my eye the little word "reward"…


Does anyone have any good resources for de-anonymizing tor onion services? I'm trying to do some pen testing on a .onion server I'm running that I've been messing around with to see if it leaks information. Resources on this seem very scarce so I'd love some advice or links.

File: 1541675120362.jpg (18.27 KB, 379x271, oracle.jpg)


I like this mans attitude when he rambles about the contemporary state of infosec where companies are soykaf and hackers delusional (see the "Why" part).

If you ever find a 0day, what would you do with it?
2 posts omitted. Click reply to view.


>they claim that 'information should be free'

Obviously, they want access to information which is not disclosed to them, in order to feel superior themselves. Powerless people who want power.
It's a widespread behavior in many forms. For instance, elitists who jump from one language to another in order to find the most obscure one, or hiding behind a wall of maths or whatever discipline presented in the scariest way, in order to discourage people to come get that seemingly free knowledge.
In an idyllic world where Google died, and everything is free as in freedom running on Gentoo, many if not most cyberpunk keyboard warriors would be looking for another cheap way to feel different, be it political or something else entirely. Or simply hiding or encrypting "free code" to "protect it" from skids.
That's hypocrisy, really.


Publicly disclosing a vulnerability in a widely-used program because you have a "disagreement with contemporary state of infosec" is an asshole move. That's like a firefighter unplugging the smoke alarms in a community hall because of an argument in the fire brigade. The people you've hurt had nothing to do with the disagreements you have, and you've actively made the group you're a member of worse as a whole.

>It's kinda funny how hacker culture apparently contradicts itself.
Not really. "Hacker culture" has been masturbatory garbage since day one.




no idea what to do with this but nice for deconstruction anyways


> If you ever find a 0day, what would you do with it?
The 0days I've found were in software I use.
I /could/ just patch my build of it, but I'm too lazy to do that each time I update.
I'm also lazy enough that if reporting the bug is too much of a pain in the ass I just don't bother.

File: 1545783990801.jpg (118.49 KB, 1067x600, ccc158_v-contentxl.jpg)


idk whether this chan is even still alive, but it was a year ago, and if anyone is coming to leipzig this year, there's more lain fanatics to be met. Come to the fuwa beria assembly.
if there's actually people replying we could hold a meetup or a lain watching session like last year.
11 posts and 1 image reply omitted. Click reply to view.


okay update they are very anal about copyright this year because of the german "GEMA" bullsoykaf (google it). two stages declined to offer us their place because of this.

BUT found a stage to go to, they asked about time, told them 1am. Apparently they're expecting a flashmob in ~2h there and running around with their hair on fire already. Told me to come back at midnight to ask again and probably it would be okay.

Freifunk stage here:,447.09,404.81,5

However, my laptop has no HDMI, so I need to find someone who lends his laptop for the screening.


aiming for ~1am (after the hebocon robot fight thingy) today/technically tomorrow at the FF stage i linked.

but the stage can only give me definitive confirmation at midnight, so monitor the thread till then.


okay the people from the stage will be there at 1am and help setup the screening even. we'll wait until 1:15am because setup and people being at hebocon. reply if you need longer.


File: 1546134560694.jpg (1.1 MB, 1996x1497, screening.jpg)


~5 of us are at the teehaus currently, last chance to meetup i guess

Delete Post [ ]
[1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20] [21] [22]
[ Catalog ]