[ / / / / / / / / / / / / / ] [ dir / ameta / chemo / ck / just / lit / mde / mewch / v8 ]

/tech/ - Technology

Catalog   Archive

Winner of the 68rd Attention-Hungry Games
/d/ - Home of Headswap and Detachable Girl Threads

January 2019 - 8chan Transparency Report
Email
Subject
Comment *
File
Password (Randomized for file and post deletion; you may also set your own.)
* = required field[▶ Show post options & limits]
Confused? See the FAQ.
Flag
Oekaki
Show oekaki applet
(replaces files and can be used instead)
Options

Allowed file types:jpg, jpeg, gif, png, webm, mp4, pdf
Max filesize is 16 MB.
Max image dimensions are 15000 x 15000.
You may upload 3 per post.


File: 17736b4d6947ead⋯.jpg (186.75 KB, 1224x874, 612:437, DG5EqFZUwAAIGBP.jpg)

 No.1026634[Reply]

wew

22 posts and 2 image replies omitted. Click reply to view.

 No.1030842

>>1030651

>Several years later a hacker did reveal it was possible

And then he died...

https://en.wikipedia.org/wiki/Barnaby_Jack


 No.1030845

>>1026680

i thought that all those things are very expensive and so proprietary that they are still running an old version of windows or maybe even dos


 No.1030848

>>1030842

>In 2012 Jack demonstrated the ability to assassinate a victim by hacking their pacemaker.

>Jack died a week before he was to give a presentation on hacking heart implants at the Black Hat 2013 conference

>According to the coroner's report, Jack died of an overdose of heroin, cocaine, Benadryl and Xanax.


 No.1030869

>>1030848

Possibly (((suicided))) for attempting to fully reveal glownigger tactics to the public


 No.1030938

File: 1b5c062ad86bd2c⋯.jpeg (113.58 KB, 1024x514, 512:257, 1b5c062ad86bd2c7fa8cbe4e3….jpeg)

>>1030848

How the fuck are Americans okay with these "totally coincidental" suicides happening all over their country?




 No.1023885[Reply]

>there is not a single non-botnet way to make .mp4 or .webm video

>even (((Open Source))) software puts a lot of metadata into files so CIA can identify you

>/tech/ idiots will still claim that (((Free software))) provides privacy and freedom

1. Make a funny cat video and post it to your youtube channel or post on your facebook account

2. Make a video about some CIA shit or some leaked documents, post it somewhere

3. CIA correlates your second video with the first (same metadata and fingerprint) and they have your real name from facebook or youtube

4. You go to Guantanamo for education

All of this is possible thanks to (((Free software))) and niggers that made it.

x264 is a botnet, stay away from it.

32 posts omitted. Click reply to view.

 No.1030435

>>1028143

>Frame size, I-frame, b-frame, displacement is all metadata that define how the picture should be reconstructed

>want to remove that

OP didn't say anything about removing metadata that is necessary to decode a video

>>1028232

>these are not unique

they don't have to be fully unique to be usable by them

>just use relatively common settings and not use exotic encoders

where are the statistics of most commonly used settings and encoders?


 No.1030505

>>1030435

>OP didn't say anything about removing metadata that is necessary to decode a video

OP did not even know such metadata exists


 No.1030540

>>1023885

Is this how low the IQ of a typical /tech/ poster?


 No.1030924

Use a hex editor and overwrite any offending bits.


 No.1031169

File: 09d06cc607b2449⋯.mp4 (889.97 KB, 1280x720, 16:9, [cut]One Splice per Run - ….mp4)

If the data is "required" and depends on things like the library versions, why not just use a bundle of encoders? You could pull any git commit of ffmpeg for example and use them at random via a script. Almost like how ReScene uses multiple versions of rar binary to reconstruct. Except in this case you store ffmpeg-sha1-1, ffmpeg-sha1-2, ffmpeg-sha1-3, etc. and instead of using a specific version on purpose, you use a random one.

Or just accept it. If the CIA has a problem with my videos, I want them to come and find me. I'll upload a fingerprinted video file of glowing green goo when it's over.




File: 99f672d67506003⋯.png (525.18 KB, 1289x572, 1289:572, fedirino.png)

 No.1007449[Reply]

>Home security

>online privacy

>PC and data destruction methods

>How to hide questionable images, video, audio, etc. (stenography)

-==COMMON BULLSHIT==-

>B-but I dont have anything to hide!

https://chronicle.com/article/Why-Privacy-Matters-Even-if/127461/

>B-but if you've done nothing wrong you should have nothing to hide!

If I've done nothing wrong there is no reason to search me.

-==TOOLS TO USE==-

>LiveUSB/LiveCD Review v1.1

http://pastebin.com/BbmZ8hiR

>Web Posting Assessment v.2

http://imgur.com/T8q7eB0

>TrueCrypt 7.1a [Last official release]

https://www.grc.com/misc/truecrypt/truecrypt.htm

http://istruecryptauditedyet.com/

https://wiki.installgentoo.com/index.php/Encryption

>The Paranoid #! (now #!!) Security Guide

Post too long. Click here to view the full text.
86 posts and 10 image replies omitted. Click reply to view.

 No.1029979

>>1026517

>>1026550

>>1026653

I have at least one of these in every computer: http://onerng.info/onerng/

I put a USB hub inside my X200 too, and embedded one inside that - keeps my USB ports free of kinda obnoxiously sized/shaped dongles, and always travels with me.


 No.1030778

What's the best OS for securing yourself against the US government and corporate dataminers?


 No.1030797

>>1029891

Yes. I still didn't recover from it.


 No.1030837

>>1030778

You would need your behavior to change. It is all the same shit that just needs to be configured/hardened by someone competent. All your software isn't really much use when you buy ALL of your hardware from these (((corporations))) in the first place. Physical access to a box has been accomplished.


 No.1030840

>>1030778

Same as other responder.

Using Qubes/Whonix dispVMs is possibly the best other than Tails.




File: 97e1ea6579621ed⋯.png (141 B, 225x150, 3:2, logo.png)

File: e1bcb8327e98f55⋯.jpg (76.04 KB, 766x772, 383:386, the_worst_javascript.jpg)

 No.969082[Reply]

There is a big problem with a lot of free software nowadays, and that's bloat. There's a really good article put out by the suckless community on this issue (https://suckless.org/philosophy). This page does good at describing the practical problems of bloated software, but I want to talk about the ethical issues surrounding "bloatware".

Now, technically, all bloatware put under a free licence is free software. But that doesn't mean that you can edit it, at least not easily. Freedom 1 of the Four Essential Freedoms states that the user has the freedom to "study how the program works." How the hell can you study the program if it's all jumbled up? This produces the same problem that proprietary blobs do: a gateway from studying how the program works. It may be easier than machine program to read, but given enough lines, the program becomes virtually unreadable.

What are some examples of this?

> chromium, firefox, most GUI web browsers

> bloated window managers

> anything GNU touches

> the big elephant in the room that came from Red Hat

> the Linux kernel (there's no way one program needs 4.8 million lines)

Now, how can we solve this? Start by using simple software. Don't use urxvt, use st. Don't use i3, use dwm. Now that's not to shill the suckless community. But they're really the only ones pushing on this issue, even though they only come at it from a practical perspective. Start by rolling up your sleeves and learning how to patch these programs so they do the things you want them to do.

Another good idea is to build a LFS build using only simple programs. Rather than the GNU utilities, use some of the BSD utilities, or Plan 9. Ideally this should be available in a distro, but that probably won't happen for a while. If anyone wants to work on this with me over the long term, let me know in this thread.

Pic not related, but it is awful progrPost too long. Click here to view the full text.

352 posts and 22 image replies omitted. Click reply to view.

 No.1030324

>>1030299

>No one specified "C-descended languages" until you did right now

I specified "lua or python" ten posts ago. Lisp or perl would probably beat any of the three, but it obviously isn't because of how high level the langauge is. Instead it's because perl for one has insanely specialized operators, and lisp lets you write insanely specialized macros. But the whole point is to make it easier for a someone else to edit your code, and using insanely specalized structures makes it difficult to understand and therefore start editing.


 No.1030326

>>1030299

>Notice how I specifically said *performance*, not safety or other concerns. In that case, neither of those languages are appropriate, especially C++

What would be a relatively safer language than any of those? Would Ada, Spark or Forth be any better?


 No.1030328


 No.1030567

>>1030299

Some languages, like C, are exactly like C. Hope I haven't blown your mind.


 No.1030759

>>1030567

Your point being?




File: 6e6efcc06949410⋯.jpg (69.52 KB, 800x1000, 4:5, john-carmack-vr-script.jpg)

 No.1029370[Reply]

I'm still completely in the excited-newbie honeymoon phase, but writing Rust code feels very wholesome.

https://twitter.com/id_aa_carmack/status/1094419108781789184

49 posts and 7 image replies omitted. Click reply to view.

 No.1029733

it can be as wholesome as you want it to

doesnt mean it will work with 30 programmers in production environment

it wont, it CANT, because its for BABIES


 No.1029742

>>1029370

>the same guy who thought MEGATEXTURES was a good idea despite being massive I/O bottlenecks and lack of video memory a consumer would have at the time of release

His recent innovations have been lackluster.


 No.1029753

i think he knows what hes saying

its probably him seeing the "potential in 10 years or so" instead of current realities


 No.1030551

>>1029582

I didn't know of anyone who played that, it was either Unreal Tournament or Counterstrike


 No.1030575

>>1030551

That's how it is being a plebeian amongst plebeians.




File: e4b063b5a57c86b⋯.png (29.68 KB, 516x420, 43:35, AMO-1.png)

 No.1027757[Reply]

I've been running a Tor exit relay for about a year now and am pushing several terabytes of data a month. I recently decided that I want to contribute even more to censorship free Internet projects so I have been looking in to things like decentralized VPNs which then brought me to thinks like I2P, CJDNS, Hyperboria, etc. Honestly I think I'm in a little over my head here. Anyway, money really isn't too much of a concern for me and I have a powerful VPS sitting here not doing anything. How can I best put this guy to use to benefit the dark net?

19 posts omitted. Click reply to view.

 No.1028515

>>1028116

The list of tor nodes - guard middle and exit - is publicly available. Many websites block everything on the list by default.


 No.1028562

>>1028119

>your exit node doesn't see your endpoint traffic


 No.1028568

>>1027757

Thank you for your service.


 No.1030468

File: 7c2a7e3c466a7b6⋯.jpg (61.15 KB, 333x334, 333:334, 1448674510084.jpg)

File: eef89968beefaf4⋯.jpg (28.95 KB, 510x600, 17:20, eef89968beefaf4ed7deb8bcab….jpg)

>>1027757

thank you for your service. One thing you could do is host some darkweb domains. Just host some of your own if you want. We need more onion sites, even if its just a blank "hello world"

site. The new onion domains that are really long are cool. Check out the anonabox, its a hardware router that lets yu be a middle node/ bridge relay/ onion hosting service with a few clicks, and its portable.

Keep on keeping on

also

>>1028088

checked


 No.1030483

>>1027758

This game is actually fun, I just played it last night with a couple anons from my local Taiwanese waterboarding forum.




File: b0d5120c33e5a25⋯.png (6.93 KB, 1024x576, 16:9, dcd5ba2ec3f743d.png)

 No.1029091[Reply]

I found a way to detect vocal tracks with black singers. What should I do with this technology?

11 posts omitted. Click reply to view.

 No.1030451

>>1030449

And how could we tell if it was working?


 No.1030464

File: 38b06a75a369a2b⋯.png (984.76 KB, 1000x1500, 2:3, right-wing-ai-comic.png)

>>1029092

>>1029094

>>1030378

>>1030417

>>1030449

All good ideas to utilize the technology.

>>1030417

>>1030442

>>1030443

I second these anons. Show us the code.

>>1029091

Any technology that identifies our racial enemies is potentially useful in target acquisition systems for the coming AI killbot cleansing.


 No.1030471

Larping faggot gtfo


 No.1030782

>>1030444

Nigger


 No.1030813

>>1029091 Shut up, you racist and rapist!




 No.1030405[Reply]

where to steal free VPS like a nigger? without giving your real credit card.

I do have money but it's not easy to buy VPS anonymously.

are free VPS a trial only for few days, then they kill it?

is there a way to go to public place with a computer, install your malware/VPS software and use it as VPS?

or hack someone's PC online to use it as VPS?

I need minimum hardware, minimum internet bandwidth, doesn't matter.

11 posts and 1 image reply omitted. Click reply to view.

 No.1030454

>>1030426 You're totally a newbie! You don't know how to buy VPS anonymous and don't know how to buy Bitcoin anonymous also!


 No.1030456

You can buy VPS by using not only Bitcoin but also anonymous cryptocurrencies!


 No.1030466

>>1030411

Leave your phone at home and drive to another city then. Sure your license plate will get caught on cameras, but if you're being watched to the point where Feds are pulling camera footage to track your movements based on plate number you're already fucked.


 No.1030469

>>1030439

Good luck buying with cash across borders.


 No.1031263

>>1030466

>pulling camera footage

>implying it's not just automatically recognized and logged




File: a4e4317a37b2ac9⋯.png (176.76 KB, 600x600, 1:1, 1549904485954.png)

 No.1030254[Reply]

7 posts and 3 image replies omitted. Click reply to view.

 No.1030374

File: e8eecfb5680036c⋯.jpg (55.85 KB, 394x392, 197:196, woman_in_tech.jpg)

Here, this one is pretty accurate


 No.1030448

Rape your own CS student!


 No.1030572

File: 251900550c58af8⋯.png (191.7 KB, 600x600, 1:1, 15730_guMIkZ4w.png)


 No.1033006

>>1030572

>brown eyes and hair

not white


 No.1033731

File: ebc66be4b3b696f⋯.jpg (754.07 KB, 1620x1080, 3:2, a_nice_french_woman.jpg)

>>1033006

Go back to /pol/ and have sex with your older first-cousin, the male one.




File: 90f7d54fcc98c0d⋯.jpg (104.31 KB, 1136x656, 71:41, Clipboard01.jpg)

 No.1018858[Reply]

Do you have a second to talk about terminal emulators?

Is there a reason not to use whatever defeault your distro comes with?

Are there noticable differences between different ones?

Which one are you currently using and why?

193 posts and 22 image replies omitted. Click reply to view.

 No.1029827

>>1024333

Fuck them - using st anyway.

>>1024358

>Reporting bugs" section in its entry in the Gentoo Wiki: https://wiki.gentoo.org/wiki/Rxvt-unicode is gold.

TopKek

>>1026489

This one never does what it should. I have to honour tge idea behind your post though


 No.1029829

By the way, how do I get powerline fonts to work in any of them (preferrably st though) on gentoo? I wanna try out the spacemacs config files but it looks like shit when all the glyphs are missing. It's literally the only thing that doesn't work yet.


 No.1029931

>>1029829

>Download and install a patched font (from https://github.com/powerline/fonts)

>in st/config.h change the line char font[] = .. to "Your Font for Powerline:pixelsize=12:antialias=true:autohint=true"

>sudo make install

this relies on fontconfig, naturally


 No.1029933

File: f660ef5f58afa4d⋯.png (1.56 KB, 932x468, 233:117, benis.png)

>>1027075

Moonrunes look like shit, but I see them literally two times per year max.


 No.1030178

>>1028423

>>1028423

It works fine in everything but st? really? That's kinda strange. On my machine it seems that st fucks w3m img up the 2nd least. It's only perfect in framebuffer mode. On Arch. On Gentoo, w3m doesn't seem to support fb mode.




 No.1030056[Reply]

South Korea government started to censor to foreign https websites. But it's similar to China, not North Korea.

https://www.reddit.com/r/privacy/comments/apfvod/south_korea_starts_censoring_illegal_https/

12 posts omitted. Click reply to view.

 No.1030203

>>1030056

This is what happens when you let a bunch of Workaholic Parents who don't want to talk to you "until you doctor" and retire until they're 80 decide what's best for your country and your way of life.

Oh wait, that's most of Asia today!


 No.1030285

>>1030186 I wanna rape every girl in Seoul!


 No.1030506

>>1030203

I'd assume this has to do with declining birthrates. Better get out and find a woman if you want to pleasure yourself.


 No.1030691

Korean girls are cute! Why are their pussys yummy? I can't believe how easy they are to fuck for foreigners, especially white men!


 No.1031761

>>1030056 South Korea Expands Site Blocking Efforts with SNI Eavesdropping

February 14, 2019

South Korea will expand its site blocking measures with SNI eavesdropping, so HTTPS sites can be blocked as well. The new measure, which will also affect pirate sites, has generated widespread opposition. While it's more effective than standard DNS blocking, it's certainly not impossible to circumvent.

https://torrentfreak.com/south-korea-expands-site-blocking-efforts-with-sni-eavesdropping-190214/




File: 0a42e31fbdbd0f3⋯.jpg (260.81 KB, 1130x1015, 226:203, email-logo.jpg)

 No.1029241[Reply]

We all know email. It has been around for decades now. It's a mature system based on well-known protocols like SMTP, IMAP, POP3. Everybody uses it.

However, there are some that argue that this is a negative thing, and it is clear as to why. Email has been at the center of a lot of criticism and complaints, particularly about its security.

It's definitely messy when it comes to encryption. By default, no email is end-to-end encrypted. This means that communications can be intercepted by the service provider, or possibly by anyone in between if STARTTLS isn't enabled either

The only real way to achieve true end-to-end email encryption is through methods such as GPG. These methods can be more than a little unintuitive. Most mail clients have a third-party extension that offers this feature, with mixed results. On a personal note, I had a very bad experience with Enigmail, where it kept trying to generate its own keypairs for accounts and using them instead of only using the ones I told it to. Mutt's GPG is better in this regard, but I still have to figure out how to get that shit to work with multiple accounts. Some people find that these frustrations are enough for them to abandon the idea entirely, and just accept insecure email communications. That's certainly not a good sign. To a certain extent, email can seem like a dinosaur protocol held together with duct tape and glue.

This brings us to the question: Should society abandon email as we know it in favor of a communication system that prioritizes end-to-end encryption?

I've certainly seen some suggest this, particularly the EFF, who during the EFail panic prompted users to install Signal and use that instead. Furthermore, other encrypted chat choices are rising up, such as XMPP+OMEMO and Riot/Matrix.

This all sounds well and good. E2EE by default is always a good thing. I do have a few criticisms and concerns though.

For one, the shilling of signal in particular is a bit troublesome. Sure it's encrypted and "open", but it is still a very centralized system. The app only connects to one server, signal's, and that server handles everything. Outside of the code being open, how is this any more trustworthy than WhatsapPost too long. Click here to view the full text.

16 posts omitted. Click reply to view.

 No.1029466

>>1029465

I would also like to provide some answers I have received elsewhere, roughly summarized:

1. Matrix could replace it. Although Matrix implementations right now seem mostly like texting, the protocol could be used for something like electronic mail, much like how delta.chat took email and made it look like an instant messenger. The French govt already apparently uses matrix in the place of email.

2. Lavabit is creating DIME, which looks to be a drop-in replacement protocol for email. It has DMTP (SMTP replacement) and DMAP (IMAP replacement). This system goes a step beyond end-to-end encryption, and adds onion routing to make it anonymous as well.

3. Autocrypt can ease the process of using GPG email. It does have the issue of going back to cleartext in some cases though, and whether it will work well with old-school GPG is an unknown. Maybe that will be resolved in future standard versions.


 No.1029468

We should be looking into post-quantum cryptography before discussing what should the successor of email look like. I believe breaking current public key encryption algorithms with a quantum computer will become feasible in a couple decades, when most of us will still be alive.

https://en.wikipedia.org/wiki/Post-quantum_cryptography


 No.1029866

>>1029468

Doesn't matter. Any protocol out there conforms to the newest encryption standards when the last encryption standard is rendered unsafe.


 No.1029869

>>1029241

>E2EE by default is always a good thing.

Not for records keeping.


 No.1029914

>>1029468

>We should be looking into post-quantum cryptography before discussing what should the successor of email look like

Nope, you've got it exactly backwards. We should be discussing what the successor of email should look like and designing it such that asymmetric and symmetric encryption schemes can be slotted in and out of the protocol with a minimum of disruption. PQ crypto is already being worked on by a number of reputable groups, including djb's research group. When the algorithms are vetted and the implementations mature, they can be utilized.

It's similar to what's happening with TLS. There was already an experiment using PQ crypto for TLS connections.

https://www.imperialviolet.org/2018/04/11/pqconftls.html

Notice that it was an addition of a PQ scheme to TLS, not scrapping TLS and starting over.




File: c491c930d981727⋯.jpg (35.99 KB, 495x411, 165:137, losers.jpg)

 No.1029876[Reply]

ok, no more memes. what is the best linux distro for the desktop?

e.g. which one are you using?

20 posts and 3 image replies omitted. Click reply to view.

 No.1030852

>>1029876

Manjaro KDE edition because it just works


 No.1031274

PCLinuxOS is great! No systemd. They make it easy to make a DVD of your OS. You make a normal install tweaked the way you like it. I do it on an external drive and then remove it unless I am making a new DVD. Then I run only from the DVD. When you shut down or reboot, nothing nasty sticks to it. You start again clean. When there have been enough updates to be annoying, you do the updates on your master O/S on the external and then you make a new DVD.

I am hard on my O/Ss and used to be always reinstalling them. Now I just reboot. Saves me a ton of time.

I like Matte but there are several desktops to choose from.

https://www.pclinuxos.com


 No.1031908

>>1029876

Install Gentoo.


 No.1033914


 No.1033916

>>1030049

GuixSD is without systemd and without binary blobs, however it's at version 0.16




File: 0eb410fa72c0713⋯.jpg (76.62 KB, 1200x675, 16:9, mpreg mark.jpg)

 No.1029512[Reply]

Good news, anons! Mark's mpreg fantasies have come true and he's expecting! What should we name the baby?

16 posts omitted. Click reply to view.

 No.1029847

alacrity


 No.1029848

Keith


 No.1030406

Little Enis


 No.1030973

>>1029638

Didn't he get his dick sucked by the /leftypol/ BO?


 No.1031098




File: 00de0fb28285a99⋯.png (181.37 KB, 316x316, 1:1, Logo_of_ANSSI.png)

File: def4f9bb59e7d0f⋯.png (1.17 KB, 209x209, 1:1, logo_rust.png)

 No.1029098[Reply]

Be part of ANSSI’s new « Guide to develop secure applications with Rust »

Rust is an open source programming language which combines security, modernity and performance. As well, it is gradually being adopted in a large number of projects. To support developers, ANSSI offers a new "Guide to develop secure applications with Rust". This guide is intended to be a living document and it’s open to all contributions from the community. The object of this document is to provide hints and recommendations for secure applications development using the Rust programming language, that allow users to benefits of the good level of trust the Rust language already provides.

Created in 2006, Rust is a free programming language that has gradually brought together a community of users involved in its use and development.

Thanks to this collaborative experience, many projects are now taking advantage of Rust’s qualities.

This language focuses on security without compromising performance in the development of any type of application.

The Guide to Develop Secure Applications with Rust

To support all developers in their use of Rust language, ANSSI offers a new “guide to develop secure applications with Rust”.

The guide intents to group recommendations that should be applied for application development with strong security level requirements.

The aim with the structure of this document is to consider separately different phases of a typical and simplified development process.

ANSSI invites you to become the actors of this open, interactive and evolving project

This initiative is also collaborative, to benefit from the expertise developed by the community over the past several years.

ANSSI calls on all contributors to be part of the development of this guide, which is now published in a “Beta” version.

Each user will be able to participate with our teams in the development of this new resource, made available on GitHub.

Post too long. Click here to view the full text.
14 posts omitted. Click reply to view.

 No.1029554


 No.1029734

>>1029446

>3. Check for outdated dependencies versions (cargo-outdated)

Don't. It's bloatware that could easily hide a virus. Just version control Cargo.lock and do cargo update.

>4. Check for security vulnerabilities report on dependencies (cargo-audit)

Don't. It's bloatware that could easily hide a virus.

>6. Zeroize memory of sensitive data after use

Don't bother. It's security theater.

>13. Handle correctly panic! in FFI

Compile with -C unwind=abort.


 No.1029736

>>1029734

>Compile with -C unwind=abort.

Correction: It's -C panic=abort


 No.1029806

>>1029446

>panic

Why didn't they just copy Lisp conditions?

http://www.nhplace.com/kent/Papers/Condition-Handling-2001.html


 No.1029809




Delete Post [ ]
[]
[1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18]
| Catalog | Nerve Center | Cancer
[ / / / / / / / / / / / / / ] [ dir / ameta / chemo / ck / just / lit / mde / mewch / v8 ]