arisuchan    [ tech / cult / art ]   [ λ / Δ ]   [ psy ]   [ ru ]   [ random ]   [ meta ]   [ all ]    info / stickers     temporarily disabledtemporarily disabled

/cyb/ - cyberpunk and cybersecurity

low life. high tech. anonymity. privacy. security.

formatting options

Password (For file deletion.)

Help me fix this shit.

Kalyx ######

File: 1539806933473.jpg (32.1 KB, 600x250, customLogo.gif.jpg)


It may be difficult for most and almost impossible to completely escape, but trying out best to rid ourselves of services that use us as the product is necessary to remaining as low lives.

Please share your suggestions and alternatives and DIY guides to often used solutions for email, calendars, file syncing, and common software.

(No JS needed and or LibreJS compliant)
(No JS for signup)
Kolab Now
(Working on LibreJS)
Kolab Now

Use are client you trust for email services that allow it and use non-free java script.

Search Engine

Cloud Solution
(Cloud Services)
Least Authority


Operating System

>More tools

>Remove Google footprint
22 posts and 2 image replies omitted. Click reply to view.


No more than anyone else.


tor-browser is better for privacy.
as far as 'functionality', they are comprable in many ways


>find one you have a good feeling about
or just host your own friend-o. its litterally what, two shell commands and maybe a little config tweaking ? you can even run it over Tor, and it doesnt take that much resources.

or hell, open it up to other netizens and harvest the data off them, if you can find any buyers.


On top of privacytools, check out
For alternatives and what to avoid when facing botnet.


Would use it over something like Google, outlook, etc. But I'm skeptical of how big they've gotten. I would stick to hosting your own or using services approved by FSF. No lie, riseup seems the best when it comes to email services.

File: 1539818126101.png (79.67 KB, 506x249, koya_pixividset.png)


If you're currently using social networks like Facebook, Twitter, looking for a home after Google+, left social media and you're just dying to get back in please consider using a federated social network to get your message out.

>What's federated social network

Also known as distrusted social network are a service that are spread across different providers, similar to an email. They all speak the same language, but not everyone is playing in the same sandbox.

>Why use Federated social media?

If you must use a social media platform these are the best way to have privacy. Some if you use another provider, but complete privacy on your end if you choose to host your own node.

[h1]Federated Projects[/h]
GNU social
>For more
11 posts omitted. Click reply to view.


>if you have to use social media

very few people need to use social media. They need to contact certain people, and those people happen to be on specific sites that fall under the banner of social media. Twitter, tumblr, facebook, what have you. Last I checked none of these sites were part of your federations, which makes them little more than a curiosity to most people.

Eventually, a critical mass will have to be reached. And I fear we are far from that mass for the majority of people.


mastodon, diaspora, and the others allow image posting, if you mean decentralized like bittorrent then look into retroshare



> If you have nothing public you won't have a social life.

I'm sorry but this whole post is absoloute nonsense. in what world does not using social media equate to having no social life?


Bingo. Instagram is the only mainstream social media I'm still active on. I tried Mastodon and it's just a soykaftier Twitter.

File: 1540752459591.jpg (318.65 KB, 1200x1200, deviant.jpg)


Alright /cyb/, I'm interested in becoming a physical pentester. Ive seen some interesting talks about it and it seems like an amazing job.
However it is hard to find resources on this kind of thing, and expecially for the UK. Ive seen countless of "common keys" for the US but none for Britland. Do you guys have any resources on this you wouldn't mind sharing? It would be greatly appreciated


What kind of resources do you seek exactly? Legally speaking or more practice in itself?


books/articles or videos on social engineering/lockpicking/disguising/general pentesting stuff, events to go to, common keys in uk, common faults in elevators/locks/doors, courses to take, people to learn from, companies that work in the field. Anything that can help really. Like what would i have to take in uni to get a job in pentesting? Cybersecurity? what if i wanna work in physical security, breaking into buildings not networks?


First thing you really need to look into IMO are the legal requirements. For example, in my state if I wanted to get into it, I'd need to become a licensed locksmith first, which means taking some specific training and exams, otherwise all the tools of the trade are illegal to own. Then you at least know if there's a mandatory first step to clear before anything else.

You almost definitely don't need any fancy university degree for physical stuff although there are some that might be useful if it's not a cost to you.

File: 1541382829442.jpg (1.42 MB, 4608x3456, SunUltraII-01.jpg)


Just got a hold of an old Sun Ultra II creator 3D workstation, with the keyboard and mouse and an extra 13w3 video card with all of the cables. Does alice know what sort of display I should get for this? It looks like there's a few Sun 13w3 monitors on ebay going for ~$300. I could use a 13w3 -> vga adapter but I kind of want a period correct monitor or at least on that matches.

Also post your retro workstations.

File: 1539546673872.png (1.29 MB, 1600x900, polybius-listingthumb-01-p….png)


I'm looking at deploying a server soon; I'm going to monitor the file system for any changes.

There is AIDE & Tripwire. I've ruled out Tripwire as it seems to be poorly maintained in favor of their commercial variant.

There are a lot of posts stating that it's best to automate the integrity checking using a cron job.

I personally see this as a risk; automating the check would mean the binary & database would need to be locally stored and/or not stored in an encrypted container.

How does alice go about monitoring changes to their system?


File: 1539778909641.jpg (23.25 KB, 1280x720, secret.jpg)

I really just rsync all my stuff and read the log. Usually there are only a couple changed files so the whole process takes like 5 to 10 seconds. I'm well aware that if this is about thousands of files that change every day this approach makes zero sense, but it works for me anyway.


I assume this is VPS or similar

in this case whomever owns your server ultimately can of course, modify something such that your automated system cannot tell, or in such a way that the local checking system doesnt trigger an alarm to you, if they are careful.

a reliable way would be to create say, a weekly file listing hashes of 'major files' on the system. kernel, libraries, data, config files, what have you. This could be a cron job.

On a seperate system you trust, you either sync this file each time, and check for hash changes, or even you could hash that file and keep a 'system hash'.

I just dont like the idea of maintaining the ultimate monitoring be on the untrusted system.

File: 1530946284969.jpg (4.98 MB, 2735x2735, asgr.jpg)


Maybe we've had this thread a million times and I'm sorry if so, but I promise I'm not trying to slide. I kind of came to this epiphany that all this anonymity and security I've spent the past half decade absorbed into is a colossal waste of time. I've never been able to convince people to use free software or encrypted communications, thus everything I work for for my own privacy is completely ruined by them. Not to mention that if anyone wanted to monitor me, they could probably get through whatever defenses I put up, Google tracks your location by using cellphone towers. I'm not perfect myself; I can't be like Stallman.

Overall, I've realized that friends and family and just general relationships are the only thing that matter in this world, and I've been pushing them away over this illusion of safety I've made for myself.

I think I just want to give up on it all lainons. I just want to be normal. I'm turning location on on my phone.
16 posts and 1 image reply omitted. Click reply to view.


Just take a look at /feels/. Probably half of them can't even manage their own lives.



Yep. It's easy to see that you almost can't use the internet anymore without being monitored & catalogued.

Ultimately, everyone is to blame. We threw it all in for convenience, and many of us continue to do so. I wonder how many here have Facebook, use Google services & Discord?

It really was only going to go one way. As soon as the field split off from the more scientific/engineering aspect & became dominated by corporate & business demands…'fuck everyone's privacy; we're here to make money'

I personally find working in the IT industry the biggest blight on my ability to stay 'underground' and maintain privacy. You're forced to play the game with their tools and maintain a sense of availability using their platforms.


These could be entirely different groups of people. On an anonymous forum you can't know.


Well I mean sure, I can't know anything per se. It's just that I don't see news of "foss privacy hackers" fighting the state either in mainstream or in foss privacy hacker news, but I do see a lot of slacktivism and ideology mishmash. Believing that the /feels/ people complaining about how lonely they are and the privacy hobbists who avoid all social media and can't start conversations IRL because nobody cares about their interests are totally different groups of people would be wishful thinking at best.


File: 1540512869295.jpg (989.95 KB, 1800x1800, cover.jpg)

>Overall, I've realized that friends and family and just general relationships are the only thing that matter in this world, and I've been pushing them away over this illusion of safety I've made for myself.

I found this to be a particularly strong sentiment. My relationships with people are also very important to me. I have drifted away from every person I knew that I don't see everyday due to the increase in effort required to communicate with them. I have a flip i keep around the house, but I hate texting, and don't take it out with me every day. All facebook, most google, and all amazon domains are among a few of the sites I have on my routers black list. It's been an internal struggle prioritizing between friendships and my beliefs.

There are many people I'd like to remain in contact with, but I'm not going to use websites / software that makes me unhappy to use. They are not worth self inflicting unhappiness upon myself, as important as they continue to be as friends in my life. This is one choie I make.

Personally, I'm convinced my beliefs are what cause me to be unhappy with the software that communication with these people necessitates; and I'm convinced that I choose my own beliefs. The way I see it, being unhappy with a particular piece of software is a choice, so that's a second choice I make.

From looking at my behavior we can see that I have made two choices against those relationships that are still very much genuinely important to me. This was a source of cognitive dissonance for me for a while. I had to come to terms with the fact that my beliefs were more important to me than those relationships.

So I first asked myself, are these beliefs really more important to me, or am I just acting that way. Are there genuine emotions behind that decision, which lead to my behavior, or is there something else at play. After some introspection, I discovered they were.

Even after this realization I feel saddened often by this distance between me and people I really care about, but when the sadness comes it doesn't come with any confusion, guilt, or self loathing. That is a win in my book.

File: 1539665786449.jpg (74.17 KB, 793x1080, 1d60235a1b707d4428f0bfdfdd….jpg)


gosh, i wish i was just as crazy as the tsuki people so i could actually make this happen


Serious question, are the tsuki people actually crazy? Or are they mostly larping?

I'm of the opinion that they are just being silly and are all kids or low-functioning autists.


I think some people are genuinely schizos that believe its real. But most people just joined for the aesthetic.


I know there are people that believed it throughly, I was once a member of the project (now derezzed). If I recall, one kid did in fact killed himself over it. But, a lot of people did join it to say that they were in it, and some people just enjoyed the community, and some were full on believers.


sure but which one of them was you?

File: 1496468202941.png (11.13 KB, 320x291, lainn.png)


Hello Lain,
I think it would be a good idea to have a thread where you help other versions of lain by telling them what things are important to stay anonymous in the wired, and how it is possible to regain anonymity. I at the very least would be grateful for pointers, since I have recently realized how terribly compromised I am and I am desperate to better my situation.
I myself do not have much to offer, I only know that you can:
1. Use VPNs and proxies, and Tor, to hide your location
2. Not link your online presences together
3. Behave in chaotic manners so as to make patterns in your behaviour more obfuscated
I am especially interested in manners to counteract compromised anonymity.
Delete this post and point me to another if it has already been done, or you deem it too low quality.
Thank you and I hope you can help me, Lain.
56 posts and 1 image reply omitted. Click reply to view.


You don't get on a list just for an antenna you self obsessed nigger glitterboy. Nobody gives a soykaf about your fatass.


Not everyone lives in Land of the Free. In some countries ordering an action camera gets you on a list for possession of conceived surveillance equipment.


Tor is designed to be resistant to malicious exits; the most pressing design flaw as of now is a tagging attack where colluding guards and exits can determine the circuit because of counter mode's malleability. We can fix this specifically by pivoting from counter mode or forcing the nonce to be a deterministic in some fashion; there is a proposal to do just that.

Beyond that, I very much doubt quantum hard key material will be introduced into the ntor handshake. SIDH could fit in the cell right now but there's significant performance issues. They're likely waiting for funding/the NIST process to finish, as it'd be preferable to use something based on lattices.

We do know that a theorized quantum computer can factorize numbers faster than classical computers…'s_algorithm? The question is whether you can actually build a quantum computer with the amount of qubits/error correcting code needed.
( disclaimer: I only sort of know what I'm talking about. )


>run tails in virtual machine and use for all anonymous things

why not use qubes/whonix?


Convenience, complexity, and system resources. Whatever the reason, Tails in a VM is not a great idea.

File: 1527323460828.jpg (642.99 KB, 1600x1200, kewel.jpg)


When we write we produce trackable patterns. These patterns can be used to track individuals across platforms, and across identities.

How does Alice protect herself from being tracked in this manner online? Are there any software tools she uses to alter her sentances?
6 posts omitted. Click reply to view.


anonymouth looks interesting, thank you.

>The same thread is on Lain chan and I'd like to hear your thoughts on my idea about using foreign language -> English common mistakes:
Linguistically, people from different areas of the world who use English as a second (or third, etc…) language make similar mistakes when they translate mentally before they speak.

This is also interesting, and I like the idea of droping hints that suggest the speaker has a different background than they do. If these are subtle enough to be not obvious, but nevertheless solidly present one could give an observer the impression that they have discovered something (and that it classifies the speaker in a way that excludes other identities).

As far as conscious emulation of an specific style, while I am sure those work in some areas, a concern rises as far as being able to actually maintain the impression. Most people speak, mostly normally. They have hints, and mannerisms, but they dont do XDDDD at the end of every line unless they are being a troll. Honestly even the iamverysmart style seems more typical of trolls than anything.

Probably, further, these caraciture impressions _draw_ attention to the speaker, even if they make the speaker differentiated from other identities, they make you strongly interesting – exactly the opposite of what you want.


>They have hints, and mannerisms, but they dont do XDDDD at the end of every line unless they are being a troll. Honestly even the iamverysmart style seems more typical of trolls than anything.
>Probably, further, these caraciture impressions _draw_ attention to the speaker, even if they make the speaker differentiated from other identities, they make you strongly interesting – exactly the opposite of what you want.
Precisely. I misunderstood what you originally said.


Extremely volatile personality.


There are online tests that can determine dialects of language you use, as well as your native language which all depend on what words you choose and how you structure sentences. These principles might also be used in forensic stylometry.


a thought: there exist some free translation softwares (example, moses). Though made for language translation they could be used for within language translations.

suppose I take say, some reasonably sized english novel, and go through it carefully, each sentance translating into my own words. I can then run this translator on my text, and try to get something with, we would assume the marks more of the author's writing than of myself.

File: 1535462069190.png (263.12 KB, 415x617, 1334482898242.png)


Notification addiction, wasting whole days (and nights) on the internet and putting more time into your online persona instead of self-improvement are among the worst ills of our time.
How to fix this?
22 posts and 5 image replies omitted. Click reply to view.


This thread has reminded me of the idea from the title text of . That is, add a small delay that you have to wait through before going to a distracting site which will reduce your urge to repeat the behavior.

There are a couple of browser extensions that implement this but they are unmaintained.


No fb.
No twitter.
No instagram.
No (insert a botnet client name here).
An old cyanogenmod fone.
I unironically am bored on my days off (I have 2 shifts/2 days off schedule) so much I don't know what to do with all this time.


Every time I try to #lolreturn2nature I see how hard nature is being raped to death. Believe me, I've done more to improve my life and surroundings than you ever will, I can tell by the easy answer approach you offer. Guess what? Still depressed.


what a narcissist but ok slay queen


> narcissist
> slay queen

I don't think either of these mean what you think they mean. You're offering cheap new agey solutions for a complex problem with biological and sociological roots, so don't expect to be taken seriously.

Delete Post [ ]
[1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20] [21] [22]
[ Catalog ]