[ / / / / / / / / / / / / / ] [ dir / ameta / chemo / ck / just / lit / mde / mewch / v8 ]

/tech/ - Technology

Catalog   Archive

Winner of the 68rd Attention-Hungry Games
/d/ - Home of Headswap and Detachable Girl Threads

January 2019 - 8chan Transparency Report
Comment *
Password (Randomized for file and post deletion; you may also set your own.)
* = required field[▶ Show post options & limits]
Confused? See the FAQ.
Show oekaki applet
(replaces files and can be used instead)

Allowed file types:jpg, jpeg, gif, png, webm, mp4, pdf
Max filesize is 16 MB.
Max image dimensions are 15000 x 15000.
You may upload 3 per post.

File: 17736b4d6947ead⋯.jpg (186.75 KB, 1224x874, 612:437, DG5EqFZUwAAIGBP.jpg)



22 posts and 2 image replies omitted. Click reply to view.



>Several years later a hacker did reveal it was possible

And then he died...




i thought that all those things are very expensive and so proprietary that they are still running an old version of windows or maybe even dos



>In 2012 Jack demonstrated the ability to assassinate a victim by hacking their pacemaker.

>Jack died a week before he was to give a presentation on hacking heart implants at the Black Hat 2013 conference

>According to the coroner's report, Jack died of an overdose of heroin, cocaine, Benadryl and Xanax.



Possibly (((suicided))) for attempting to fully reveal glownigger tactics to the public


File: 1b5c062ad86bd2c⋯.jpeg (113.58 KB, 1024x514, 512:257, 1b5c062ad86bd2c7fa8cbe4e3….jpeg)


How the fuck are Americans okay with these "totally coincidental" suicides happening all over their country?


>there is not a single non-botnet way to make .mp4 or .webm video

>even (((Open Source))) software puts a lot of metadata into files so CIA can identify you

>/tech/ idiots will still claim that (((Free software))) provides privacy and freedom

1. Make a funny cat video and post it to your youtube channel or post on your facebook account

2. Make a video about some CIA shit or some leaked documents, post it somewhere

3. CIA correlates your second video with the first (same metadata and fingerprint) and they have your real name from facebook or youtube

4. You go to Guantanamo for education

All of this is possible thanks to (((Free software))) and niggers that made it.

x264 is a botnet, stay away from it.

32 posts omitted. Click reply to view.



>Frame size, I-frame, b-frame, displacement is all metadata that define how the picture should be reconstructed

>want to remove that

OP didn't say anything about removing metadata that is necessary to decode a video


>these are not unique

they don't have to be fully unique to be usable by them

>just use relatively common settings and not use exotic encoders

where are the statistics of most commonly used settings and encoders?



>OP didn't say anything about removing metadata that is necessary to decode a video

OP did not even know such metadata exists



Is this how low the IQ of a typical /tech/ poster?


Use a hex editor and overwrite any offending bits.


File: 09d06cc607b2449⋯.mp4 (889.97 KB, 1280x720, 16:9, [cut]One Splice per Run - ….mp4)

If the data is "required" and depends on things like the library versions, why not just use a bundle of encoders? You could pull any git commit of ffmpeg for example and use them at random via a script. Almost like how ReScene uses multiple versions of rar binary to reconstruct. Except in this case you store ffmpeg-sha1-1, ffmpeg-sha1-2, ffmpeg-sha1-3, etc. and instead of using a specific version on purpose, you use a random one.

Or just accept it. If the CIA has a problem with my videos, I want them to come and find me. I'll upload a fingerprinted video file of glowing green goo when it's over.

File: 99f672d67506003⋯.png (525.18 KB, 1289x572, 1289:572, fedirino.png)


>Home security

>online privacy

>PC and data destruction methods

>How to hide questionable images, video, audio, etc. (stenography)


>B-but I dont have anything to hide!


>B-but if you've done nothing wrong you should have nothing to hide!

If I've done nothing wrong there is no reason to search me.


>LiveUSB/LiveCD Review v1.1


>Web Posting Assessment v.2


>TrueCrypt 7.1a [Last official release]




>The Paranoid #! (now #!!) Security Guide

Post too long. Click here to view the full text.
86 posts and 10 image replies omitted. Click reply to view.





I have at least one of these in every computer: http://onerng.info/onerng/

I put a USB hub inside my X200 too, and embedded one inside that - keeps my USB ports free of kinda obnoxiously sized/shaped dongles, and always travels with me.


What's the best OS for securing yourself against the US government and corporate dataminers?



Yes. I still didn't recover from it.



You would need your behavior to change. It is all the same shit that just needs to be configured/hardened by someone competent. All your software isn't really much use when you buy ALL of your hardware from these (((corporations))) in the first place. Physical access to a box has been accomplished.



Same as other responder.

Using Qubes/Whonix dispVMs is possibly the best other than Tails.

File: 97e1ea6579621ed⋯.png (141 B, 225x150, 3:2, logo.png)

File: e1bcb8327e98f55⋯.jpg (76.04 KB, 766x772, 383:386, the_worst_javascript.jpg)


There is a big problem with a lot of free software nowadays, and that's bloat. There's a really good article put out by the suckless community on this issue (https://suckless.org/philosophy). This page does good at describing the practical problems of bloated software, but I want to talk about the ethical issues surrounding "bloatware".

Now, technically, all bloatware put under a free licence is free software. But that doesn't mean that you can edit it, at least not easily. Freedom 1 of the Four Essential Freedoms states that the user has the freedom to "study how the program works." How the hell can you study the program if it's all jumbled up? This produces the same problem that proprietary blobs do: a gateway from studying how the program works. It may be easier than machine program to read, but given enough lines, the program becomes virtually unreadable.

What are some examples of this?

> chromium, firefox, most GUI web browsers

> bloated window managers

> anything GNU touches

> the big elephant in the room that came from Red Hat

> the Linux kernel (there's no way one program needs 4.8 million lines)

Now, how can we solve this? Start by using simple software. Don't use urxvt, use st. Don't use i3, use dwm. Now that's not to shill the suckless community. But they're really the only ones pushing on this issue, even though they only come at it from a practical perspective. Start by rolling up your sleeves and learning how to patch these programs so they do the things you want them to do.

Another good idea is to build a LFS build using only simple programs. Rather than the GNU utilities, use some of the BSD utilities, or Plan 9. Ideally this should be available in a distro, but that probably won't happen for a while. If anyone wants to work on this with me over the long term, let me know in this thread.

Pic not related, but it is awful progrPost too long. Click here to view the full text.

352 posts and 22 image replies omitted. Click reply to view.



>No one specified "C-descended languages" until you did right now

I specified "lua or python" ten posts ago. Lisp or perl would probably beat any of the three, but it obviously isn't because of how high level the langauge is. Instead it's because perl for one has insanely specialized operators, and lisp lets you write insanely specialized macros. But the whole point is to make it easier for a someone else to edit your code, and using insanely specalized structures makes it difficult to understand and therefore start editing.



>Notice how I specifically said *performance*, not safety or other concerns. In that case, neither of those languages are appropriate, especially C++

What would be a relatively safer language than any of those? Would Ada, Spark or Forth be any better?




Some languages, like C, are exactly like C. Hope I haven't blown your mind.



Your point being?

File: 6e6efcc06949410⋯.jpg (69.52 KB, 800x1000, 4:5, john-carmack-vr-script.jpg)


I'm still completely in the excited-newbie honeymoon phase, but writing Rust code feels very wholesome.


49 posts and 7 image replies omitted. Click reply to view.


it can be as wholesome as you want it to

doesnt mean it will work with 30 programmers in production environment

it wont, it CANT, because its for BABIES



>the same guy who thought MEGATEXTURES was a good idea despite being massive I/O bottlenecks and lack of video memory a consumer would have at the time of release

His recent innovations have been lackluster.


i think he knows what hes saying

its probably him seeing the "potential in 10 years or so" instead of current realities



I didn't know of anyone who played that, it was either Unreal Tournament or Counterstrike



That's how it is being a plebeian amongst plebeians.

File: e4b063b5a57c86b⋯.png (29.68 KB, 516x420, 43:35, AMO-1.png)


I've been running a Tor exit relay for about a year now and am pushing several terabytes of data a month. I recently decided that I want to contribute even more to censorship free Internet projects so I have been looking in to things like decentralized VPNs which then brought me to thinks like I2P, CJDNS, Hyperboria, etc. Honestly I think I'm in a little over my head here. Anyway, money really isn't too much of a concern for me and I have a powerful VPS sitting here not doing anything. How can I best put this guy to use to benefit the dark net?

19 posts omitted. Click reply to view.



The list of tor nodes - guard middle and exit - is publicly available. Many websites block everything on the list by default.



>your exit node doesn't see your endpoint traffic



Thank you for your service.


File: 7c2a7e3c466a7b6⋯.jpg (61.15 KB, 333x334, 333:334, 1448674510084.jpg)

File: eef89968beefaf4⋯.jpg (28.95 KB, 510x600, 17:20, eef89968beefaf4ed7deb8bcab….jpg)


thank you for your service. One thing you could do is host some darkweb domains. Just host some of your own if you want. We need more onion sites, even if its just a blank "hello world"

site. The new onion domains that are really long are cool. Check out the anonabox, its a hardware router that lets yu be a middle node/ bridge relay/ onion hosting service with a few clicks, and its portable.

Keep on keeping on






This game is actually fun, I just played it last night with a couple anons from my local Taiwanese waterboarding forum.

File: b0d5120c33e5a25⋯.png (6.93 KB, 1024x576, 16:9, dcd5ba2ec3f743d.png)


I found a way to detect vocal tracks with black singers. What should I do with this technology?

11 posts omitted. Click reply to view.



And how could we tell if it was working?


File: 38b06a75a369a2b⋯.png (984.76 KB, 1000x1500, 2:3, right-wing-ai-comic.png)






All good ideas to utilize the technology.




I second these anons. Show us the code.


Any technology that identifies our racial enemies is potentially useful in target acquisition systems for the coming AI killbot cleansing.


Larping faggot gtfo





>>1029091 Shut up, you racist and rapist!


where to steal free VPS like a nigger? without giving your real credit card.

I do have money but it's not easy to buy VPS anonymously.

are free VPS a trial only for few days, then they kill it?

is there a way to go to public place with a computer, install your malware/VPS software and use it as VPS?

or hack someone's PC online to use it as VPS?

I need minimum hardware, minimum internet bandwidth, doesn't matter.

11 posts and 1 image reply omitted. Click reply to view.


>>1030426 You're totally a newbie! You don't know how to buy VPS anonymous and don't know how to buy Bitcoin anonymous also!


You can buy VPS by using not only Bitcoin but also anonymous cryptocurrencies!



Leave your phone at home and drive to another city then. Sure your license plate will get caught on cameras, but if you're being watched to the point where Feds are pulling camera footage to track your movements based on plate number you're already fucked.



Good luck buying with cash across borders.



>pulling camera footage

>implying it's not just automatically recognized and logged

File: a4e4317a37b2ac9⋯.png (176.76 KB, 600x600, 1:1, 1549904485954.png)


7 posts and 3 image replies omitted. Click reply to view.


File: e8eecfb5680036c⋯.jpg (55.85 KB, 394x392, 197:196, woman_in_tech.jpg)

Here, this one is pretty accurate


Rape your own CS student!


File: 251900550c58af8⋯.png (191.7 KB, 600x600, 1:1, 15730_guMIkZ4w.png)



>brown eyes and hair

not white


File: ebc66be4b3b696f⋯.jpg (754.07 KB, 1620x1080, 3:2, a_nice_french_woman.jpg)


Go back to /pol/ and have sex with your older first-cousin, the male one.

File: 90f7d54fcc98c0d⋯.jpg (104.31 KB, 1136x656, 71:41, Clipboard01.jpg)


Do you have a second to talk about terminal emulators?

Is there a reason not to use whatever defeault your distro comes with?

Are there noticable differences between different ones?

Which one are you currently using and why?

193 posts and 22 image replies omitted. Click reply to view.



Fuck them - using st anyway.


>Reporting bugs" section in its entry in the Gentoo Wiki: https://wiki.gentoo.org/wiki/Rxvt-unicode is gold.



This one never does what it should. I have to honour tge idea behind your post though


By the way, how do I get powerline fonts to work in any of them (preferrably st though) on gentoo? I wanna try out the spacemacs config files but it looks like shit when all the glyphs are missing. It's literally the only thing that doesn't work yet.



>Download and install a patched font (from https://github.com/powerline/fonts)

>in st/config.h change the line char font[] = .. to "Your Font for Powerline:pixelsize=12:antialias=true:autohint=true"

>sudo make install

this relies on fontconfig, naturally


File: f660ef5f58afa4d⋯.png (1.56 KB, 932x468, 233:117, benis.png)


Moonrunes look like shit, but I see them literally two times per year max.




It works fine in everything but st? really? That's kinda strange. On my machine it seems that st fucks w3m img up the 2nd least. It's only perfect in framebuffer mode. On Arch. On Gentoo, w3m doesn't seem to support fb mode.


South Korea government started to censor to foreign https websites. But it's similar to China, not North Korea.


12 posts omitted. Click reply to view.



This is what happens when you let a bunch of Workaholic Parents who don't want to talk to you "until you doctor" and retire until they're 80 decide what's best for your country and your way of life.

Oh wait, that's most of Asia today!


>>1030186 I wanna rape every girl in Seoul!



I'd assume this has to do with declining birthrates. Better get out and find a woman if you want to pleasure yourself.


Korean girls are cute! Why are their pussys yummy? I can't believe how easy they are to fuck for foreigners, especially white men!


>>1030056 South Korea Expands Site Blocking Efforts with SNI Eavesdropping

February 14, 2019

South Korea will expand its site blocking measures with SNI eavesdropping, so HTTPS sites can be blocked as well. The new measure, which will also affect pirate sites, has generated widespread opposition. While it's more effective than standard DNS blocking, it's certainly not impossible to circumvent.


File: 0a42e31fbdbd0f3⋯.jpg (260.81 KB, 1130x1015, 226:203, email-logo.jpg)


We all know email. It has been around for decades now. It's a mature system based on well-known protocols like SMTP, IMAP, POP3. Everybody uses it.

However, there are some that argue that this is a negative thing, and it is clear as to why. Email has been at the center of a lot of criticism and complaints, particularly about its security.

It's definitely messy when it comes to encryption. By default, no email is end-to-end encrypted. This means that communications can be intercepted by the service provider, or possibly by anyone in between if STARTTLS isn't enabled either

The only real way to achieve true end-to-end email encryption is through methods such as GPG. These methods can be more than a little unintuitive. Most mail clients have a third-party extension that offers this feature, with mixed results. On a personal note, I had a very bad experience with Enigmail, where it kept trying to generate its own keypairs for accounts and using them instead of only using the ones I told it to. Mutt's GPG is better in this regard, but I still have to figure out how to get that shit to work with multiple accounts. Some people find that these frustrations are enough for them to abandon the idea entirely, and just accept insecure email communications. That's certainly not a good sign. To a certain extent, email can seem like a dinosaur protocol held together with duct tape and glue.

This brings us to the question: Should society abandon email as we know it in favor of a communication system that prioritizes end-to-end encryption?

I've certainly seen some suggest this, particularly the EFF, who during the EFail panic prompted users to install Signal and use that instead. Furthermore, other encrypted chat choices are rising up, such as XMPP+OMEMO and Riot/Matrix.

This all sounds well and good. E2EE by default is always a good thing. I do have a few criticisms and concerns though.

For one, the shilling of signal in particular is a bit troublesome. Sure it's encrypted and "open", but it is still a very centralized system. The app only connects to one server, signal's, and that server handles everything. Outside of the code being open, how is this any more trustworthy than WhatsapPost too long. Click here to view the full text.

16 posts omitted. Click reply to view.



I would also like to provide some answers I have received elsewhere, roughly summarized:

1. Matrix could replace it. Although Matrix implementations right now seem mostly like texting, the protocol could be used for something like electronic mail, much like how delta.chat took email and made it look like an instant messenger. The French govt already apparently uses matrix in the place of email.

2. Lavabit is creating DIME, which looks to be a drop-in replacement protocol for email. It has DMTP (SMTP replacement) and DMAP (IMAP replacement). This system goes a step beyond end-to-end encryption, and adds onion routing to make it anonymous as well.

3. Autocrypt can ease the process of using GPG email. It does have the issue of going back to cleartext in some cases though, and whether it will work well with old-school GPG is an unknown. Maybe that will be resolved in future standard versions.


We should be looking into post-quantum cryptography before discussing what should the successor of email look like. I believe breaking current public key encryption algorithms with a quantum computer will become feasible in a couple decades, when most of us will still be alive.




Doesn't matter. Any protocol out there conforms to the newest encryption standards when the last encryption standard is rendered unsafe.



>E2EE by default is always a good thing.

Not for records keeping.



>We should be looking into post-quantum cryptography before discussing what should the successor of email look like

Nope, you've got it exactly backwards. We should be discussing what the successor of email should look like and designing it such that asymmetric and symmetric encryption schemes can be slotted in and out of the protocol with a minimum of disruption. PQ crypto is already being worked on by a number of reputable groups, including djb's research group. When the algorithms are vetted and the implementations mature, they can be utilized.

It's similar to what's happening with TLS. There was already an experiment using PQ crypto for TLS connections.


Notice that it was an addition of a PQ scheme to TLS, not scrapping TLS and starting over.

File: c491c930d981727⋯.jpg (35.99 KB, 495x411, 165:137, losers.jpg)


ok, no more memes. what is the best linux distro for the desktop?

e.g. which one are you using?

20 posts and 3 image replies omitted. Click reply to view.



Manjaro KDE edition because it just works


PCLinuxOS is great! No systemd. They make it easy to make a DVD of your OS. You make a normal install tweaked the way you like it. I do it on an external drive and then remove it unless I am making a new DVD. Then I run only from the DVD. When you shut down or reboot, nothing nasty sticks to it. You start again clean. When there have been enough updates to be annoying, you do the updates on your master O/S on the external and then you make a new DVD.

I am hard on my O/Ss and used to be always reinstalling them. Now I just reboot. Saves me a ton of time.

I like Matte but there are several desktops to choose from.




Install Gentoo.




GuixSD is without systemd and without binary blobs, however it's at version 0.16

File: 0eb410fa72c0713⋯.jpg (76.62 KB, 1200x675, 16:9, mpreg mark.jpg)


Good news, anons! Mark's mpreg fantasies have come true and he's expecting! What should we name the baby?

16 posts omitted. Click reply to view.






Little Enis



Didn't he get his dick sucked by the /leftypol/ BO?


File: 00de0fb28285a99⋯.png (181.37 KB, 316x316, 1:1, Logo_of_ANSSI.png)

File: def4f9bb59e7d0f⋯.png (1.17 KB, 209x209, 1:1, logo_rust.png)


Be part of ANSSI’s new « Guide to develop secure applications with Rust »

Rust is an open source programming language which combines security, modernity and performance. As well, it is gradually being adopted in a large number of projects. To support developers, ANSSI offers a new "Guide to develop secure applications with Rust". This guide is intended to be a living document and it’s open to all contributions from the community. The object of this document is to provide hints and recommendations for secure applications development using the Rust programming language, that allow users to benefits of the good level of trust the Rust language already provides.

Created in 2006, Rust is a free programming language that has gradually brought together a community of users involved in its use and development.

Thanks to this collaborative experience, many projects are now taking advantage of Rust’s qualities.

This language focuses on security without compromising performance in the development of any type of application.

The Guide to Develop Secure Applications with Rust

To support all developers in their use of Rust language, ANSSI offers a new “guide to develop secure applications with Rust”.

The guide intents to group recommendations that should be applied for application development with strong security level requirements.

The aim with the structure of this document is to consider separately different phases of a typical and simplified development process.

ANSSI invites you to become the actors of this open, interactive and evolving project

This initiative is also collaborative, to benefit from the expertise developed by the community over the past several years.

ANSSI calls on all contributors to be part of the development of this guide, which is now published in a “Beta” version.

Each user will be able to participate with our teams in the development of this new resource, made available on GitHub.

Post too long. Click here to view the full text.
14 posts omitted. Click reply to view.




>3. Check for outdated dependencies versions (cargo-outdated)

Don't. It's bloatware that could easily hide a virus. Just version control Cargo.lock and do cargo update.

>4. Check for security vulnerabilities report on dependencies (cargo-audit)

Don't. It's bloatware that could easily hide a virus.

>6. Zeroize memory of sensitive data after use

Don't bother. It's security theater.

>13. Handle correctly panic! in FFI

Compile with -C unwind=abort.



>Compile with -C unwind=abort.

Correction: It's -C panic=abort




Why didn't they just copy Lisp conditions?



Delete Post [ ]
[1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18]
| Catalog | Nerve Center | Cancer
[ / / / / / / / / / / / / / ] [ dir / ameta / chemo / ck / just / lit / mde / mewch / v8 ]