[ / / / / / / / / / / / / / ] [ dir / agatha2 / ausneets / chemo / dempart / doomer / film / general / vtest ]

/tech/ - Technology

Catalog   Archive

Winner of the 68rd Attention-Hungry Games
/d/ - Home of Headswap and Detachable Girl Threads

January 2019 - 8chan Transparency Report
Comment *
Password (Randomized for file and post deletion; you may also set your own.)
* = required field[▶ Show post options & limits]
Confused? See the FAQ.
Show oekaki applet
(replaces files and can be used instead)

Allowed file types:jpg, jpeg, gif, png, webm, mp4, pdf
Max filesize is 16 MB.
Max image dimensions are 15000 x 15000.
You may upload 3 per post.

File: 83491877e8f45c1⋯.png (256.21 KB, 450x399, 150:133, TAD.png)


Welcome to /tech/ - ∞chan's technology board.

Please check the rules before you post:


Looking for hardware or software recommendations? Check out the InstallGentoo Wiki:


/tech/ is for the discussion of technology and related topics.

/tech/ is NOT your personal tech support team or personal consumer review site. We have stickies for that. Keep those kinds of posts in there.

For tech support, software recommendations, and other questions that don't warrant their own thread, please use the '/tech/ Questions and Support' sticky.

For consumer advice, please use the consumer advice sticky located below.

For meta discussion, please go to >>>/metatech/.

For desktop threads, homescreen threads and ricing, please go to >>>/rice/.

For tech support/issues with computers:

https://startpage.com/ or https://ixquick.com (i.e., fucking Google it)



If you can't find what you're looking for and still need help, post in the tech questions sticky.

Looking to switch over to GNU/Linux? Don't know where to start?

Post too long. Click here to view the full text.

Post last edited at


>>>/agdg/ - Amateur Game Development General

>>>/biz/ - Business and Finance (and cryptocurrencies)

>>>/cyber/ - Cyberpunk & Science Fiction

>>>/emacs/ - GNU Emacs

>>>/sci/ - Science and Mathematics

>>>/electronics/ - Electronics Engineering

>>>/laboratory/ - STEM Discussion and STEM Shitposting

>>>/hamradio/ - Amateur Radio

>>>/lv/ - Libre Video Games

>>>/make/ - Make stuff

>>>/netplus/ - Networks and Plus

>>>/prog/ - Programming

>>>/rice/ - Desktop and Phone Ricing

>>>/t/ - Torrents & Trackers

>>>/templeos/ - The 64-Bit Temple Operating System

>>>/vape/ - Vaporizers

>>>/vir/ - Virtual Reality

>>>/wg/ - Wallpapers General

>>>/robowaifu/ - DIY Robotic Wives

>>>/machinecult/ - Machine Cult

Nerve Center combination: https://nerv.8ch.net/tech/agdg/biz/cyber/emacs/sci/electronics/laboratory/hamradio/lv/make/netplus/prog/riPost too long. Click here to view the full text.

Post last edited at

File: 53eac902e05dd53⋯.png (2.82 KB, 200x200, 1:1, questionmark.png)


Bring all your hardware, software and other troubles here.

399 posts and 52 image replies omitted. Click reply to view.


File: 1c572f820ed39e4⋯.jpg (11.44 KB, 225x208, 225:208, 1550483626046.jpg)

Hello, /tech/. I'm a n00b. Total programming languages illiterate. So I decided: I'm going to start by the easiest one, then decide my goals and move on to something serious. I just need to achieve something first. People around the net suggested Ruby. Seems promising. But is there something better for someone at point 0? Assume I'm a complete moron, no offense taken. Also, I'm looking for material, deadtree format is fine, in the lines of a corny m(p)aternal teacher taking the student by the hand - easy. Youtube channels and videos, pdfs. I take it!

File: 9cd31551fedf586⋯.png (4.65 KB, 200x200, 1:1, dollarsign.png)


Looking to buy something but aren't sure what to get? Ask here.

398 posts and 60 image replies omitted. Click reply to view.



Touch screens don't need high bandwidth you blithering moron. And they're not related to their size


>Popular Windows data compression tool WinRAR has patched a serious 19-year-old security flaw that was discovered on its platform, potentially impacting 500 million users.

>The path-traversal vulnerability, which WinRAR fixed in January, could allow bad actors to remotely execute malicious code on victims’ machines – simply by persuading them to open a file, researchers with Check Point Software said on Wednesday.

>“We found a logical bug using the WinAFL fuzzer and exploited it in WinRAR to gain full control over a victim’s computer,” said Nadav Grossman with Check Point in the analysis. “The exploit works by just extracting an archive, and puts over 500 million users at risk. This vulnerability has existed for over 19 years(!) and forced WinRAR to completely drop support for the vulnerable format.”

>Researchers specifically found a path-traversal vulnerability in unacev2.dll, a third-party dynamic link library in WinRAR used for parsing ACE (a data compression archive file format) archives.

>When taking a closer look at unacev2.dll, researchers found that “it’s an old dated dll compiled in 2006 without a protection mechanism. In the end, it turned out that we didn’t even need to bypass them,” said Grossman.

>Due to the lack of protections and support for unacev2.dll, researchers were able to easily rename an ACE file and give it a RAR extension within unacev2.dll. When opened by WinRAR, the fake ACE file containing a malicious program is extracted to the system’s startup folder – so the program would automatically begin running when the system starts.

>On an update on its website, WinRAR said: “WinRAR used this third-party library to unpack ACE archives. unacev2.dll had not been updated since 2005

<and we do not have access to its source code.

>So we decided to drop ACE archive format support to protect security of WinRAR users.”

>The PoC makes use of a chain of vulnerabiPost too long. Click here to view the full text.

14 posts omitted. Click reply to view.


The funny thing was that you could install apps onto sd cards back than on android 3.4 (I think it was 3.4). They removed that so people buy new phones with 10GB more whenever they run out of space.



they also removed it because android is a clusterfuck and would not load those apps properly in some cases


Backwards compatibility meme was a mistake.



>in some cases

Still not a reason to remove it. It's way more likely they removed it to sell more phones.


>remotely execute

>open a file

That's called a local exploit you faggots.


Since: http://oxwugzccvk3dk6tj.onion/tech/res/1018729.html

was bumplocked by the shadow admins (aka the programming code) (Since I'm winning on all counts: because I am correct on the law).


Quick recap, as told by anon:

Anonymous 02/05/19 (Tue) 14:47:16 No.1027517

Summary of this episode as this thread reaches the bump limit:

>an impersonator ("John Doe") created GitHub, then GitLab and BitBucket repos for trolling purposes

>MikeeUSA hit all three with DMCA (with the GitLab and BitBucket repos successfully taken down)

>meanwhile the impersonator opened the GitHub repo to pull requests; Mikee's butthurt as usual

>that GitHub repo's last commit was made last Thursday



>Gitlab and Bitbucket repos are down due to DMCA notices

>There is still no evidence he hit github with a DMCA

<100 IQ


"GPL is Revocable" (== incel terrorism -reddit)

226 posts and 4 image replies omitted. Click reply to view.



>15 days ago

>he was LARPing after all

Mikee is all talk and no action



It's in the hands of the 1000s of kernel hackers now.

My goal was to educate them so they would contact their local qualified attorney and formulate a strategy going forward.

If one erroneously believes one "has no case" because "LOLz No" one will not make an inquiry.

It's been months and the other side is still using the same non-arguments, I hope the kernel hackers of now and of old will see that.

One posted not too long ago on slashdot that he'd like to take his audio code contributions back from the kernel if he can, perhaps now he knows there is a way.


> In his communication, he cited a list of legal grounds valid within the United States legal framework to enable him to do so, as well as urging all developers to follow suit. In addition, he said he would continue to revoke the license for other left-wing parrots. Left-hand-liberal dump ZDNet has already published an angry article about this.

<3 Ryoussia



>It's been months and

...and you still could not file a valid DMCA claim, let alone sue anyone, let alone get any ruling on the matter.



Learn how to greentext nigger

File: 5b4e5bccfd45e4b⋯.jpg (28.13 KB, 410x461, 410:461, 1541062538931.jpg)


DuckDuckGo as an example: https://3g2upl4pq6kufc4m.onion/

What is the impact of using TLS on an .onion URL like this? Is it redundant? And/or is it counterproductive?

35 posts and 2 image replies omitted. Click reply to view.


>>1033739 If you set your DNS as (CloudFlare), you will meet any errors. (Google) or anything is okay.

archive.is (archive.fo) has problem with DNS.




So that site MUST move to CloudDNS, a cuckflare alternative.



One possible argument unmentioned so far is defense in depth.

If Tor was compromised, at least there is one more layer of encryption between you and the server. One more layer of shit for an adversary recording all traffic for later decryption to deal with, one more thorn that might juts keep you out of trouble for longer.

Likewise, for TLS in HTTPS.

But significantly more useful for browsing clearnet through Tor than onion sites on Tor.



Similar to how virtual machines were supposed to protect us from exploits with a nation-state adversary origin? We all saw how that went. Putting yet another layer of abstraction on top protects no one. It won't matter how many proxies you are behind or how many TLS tunnels you wrap around your traffic when public key encryption algorithms that ensure the safe data transit between nodes gets compromised.

All we need is a new public key encryption algorithm that can withstand quantum cryptanalysis.


So TCP is using a 16-bit checksum which only detects honest transmission error caused by noise in the transmission. However, one can easily swap two 16-bit words in a message, which has a 100% probability of being undetected. For stronger integrity checks, such as whether a man in the middle attacker actively changed the message, it is recommended to perform those checks at the application level.

But to the application, the TCP connection looks just like a stream of bytes, and at some point, the application may (or may not) detect that modified values were received (the modified message might still seem valid). How would a programmer handle this optimally?

I have the suspicion that this is not even possible without implementing your own packets on top of TCP, and then request the other party to re-send those higher-level packets. But if we go that far, why not directly use UDP and implement those higher-level packets with resend-requests in UDP? The only thing you'd still have to do in UDP would be the manual ordering of packets, but that seems comparatively easy. Also, UDP is faster than TCP, and you could directly use authenticated encryption on the protocol level, so instead of a 16-bit checksum, you'd have strong cryptographic guarantees about the integrity of the channel.

TL;DR: TCP makes it fucking hard to handle undetected transmission errors

Questioning validity of TCP

P.S.: Sorry if this is a double post, 8ch seems to have some problems right now.

8 posts omitted. Click reply to view.



Why ask, then?



>retard doesn't grok the difference between a checksum and a MAC

>what is tls

great thread


ITT: morons who don't understand the OSI model.


OP here, I am retard.



>TCP makes it fucking hard to handle undetected transmission errors

>handle undetected errors

Literally how is that supposed to be possible?

You can't handle something you do not know about.

TCP serves its purpose well, UDP is a viable alternative for many use cases (even when it means rolling your own pseudo-TCP protocol), and OP is a faggot.

File: 5eecfb8101cf7e7⋯.jpg (527.54 KB, 828x878, 414:439, 1550622366747.jpg)


What is going on in this timeline?

18 posts and 4 image replies omitted. Click reply to view.



Only six actually



We could drastically reduce the size of unicode by removing traditional chinese, nigger and arab (hewbrew included) langs which make up most unicode chars.


I'm not sure why this is technology. An anti-lgbt emoji is equally as worthless as all the other ones.



it's technology because it's not an emoji.




We should have a utf8 containment thread.

File: 3970d54c8b5e04b⋯.png (16.04 KB, 1200x600, 2:1, og-copyrightbot-hd-3.png)


EU Copyright Law

>... any online community, platform or service that has existed for three or more years, or is making €10,000,001/year or more, is responsible for ensuring that no user ever posts anything that infringes copyright, even momentarily. This is impossible, and the closest any service can come to it is spending hundreds of millions of euros to develop automated copyright filters.

>any link that contains more than "single words or very short extracts" from a news story must be licensed, with no exceptions for noncommercial users, nonprofit projects, or even personal websites with ads or other income sources, no matter how small.

Why aren't we discussing this?


41 posts and 8 image replies omitted. Click reply to view.



>violating copyright is illegal

Wow i see. Article 13 is evil. Google is completely right. I'm going to #savetheinternet now.


Based EU



>The average british citizen would be happier if dead than alive.

Based and redpilled af



The EFF is biased af regarding to this:


Please read FULL text and then point out what's your actual concern. I will try to answer.

You can find the latest version at the bottom of this page: https://eur-lex.europa.eu/legal-content/EN/HIS/?uri=CELEX:52016PC0593


File: e65dec55594c7e4⋯.pdf (659.54 KB, CONSIL-ST_6637_2019_INIT-E….pdf)


>latest version

I uploaded a PDF for you

File: 6779b5ef7a946ba⋯.gif (12.68 KB, 381x287, 381:287, icon_extractor_2000_deskto….gif)



>corporate spyware

>Code of conducts & normie fuckery instead of actual work

>Still no year of the linux desktop

>Linux has been subverted by systemd fuckery

>Horrible flat UI interfaces that strain my eyes everywhere

>Actual government spyware all around

>still no truly secure computing

>Rampant javashite bloatware that forces you to upgrade your hardware

>software doesn't last and shit you write today doesn't last more than a couple years because everything breaks all the time and no one cares about writing lasting software

I'm so tired of technology.

How do I unplug if tech is all I know?

46 posts and 1 image reply omitted. Click reply to view.



also i like how this website uses a pandemic infographic to show what parts of the world they have their products in:




east/west reversed.





Litterally get autismbux and live a sage life.



>actually doesn't solve the problem, but just don't use "smart" products [0/9]

The problem here is more and more vendors are forcing "smart" bullshit. There was a story Nathan Lineback (the toastytech guy) wrote about how he had to go through hell and back not to get a Smart Thermostat.



>eating a liver every day

Hell yeah, I love liver. Could eat it for breakfast, lunch and dinner!

Why didn't they ever give me a prescription for that? Fucking kikes.

File: 054949dc94de87d⋯.png (525.34 KB, 1000x890, 100:89, Galen Winsor.png)


My name is Galen Winsor. I eat Uranium on the regular, just to show you that it's quite safe and to dispel the fears surrounding nuclear energy. I considered the used fuel pool at the Morris, IL recycling plant to be my personal warm swimming hole. What programming language should I use?


File: ef965ef3ab2f7c6⋯.jpg (815.86 KB, 2576x1936, 161:121, 20190219_001.jpg)


Dell Precision edition. As usual, the old one hit 400 posts again.

>tfw your M6500 died and all you're left with is this M4300 and two Pentium era Precisions

10 posts and 1 image reply omitted. Click reply to view.



never done anything to my x220. been using it for many years now sometimes even outside


And now my very first ThinkPad is officially on the way. Excited to get one and see what all the hype is about! I decided to grab a T400.



honest question: what's the downside to running Windows if you never connect to the internet and just use it to run old games?



They're pretty nice.




Yep, what he said. Isopropyl will clean more shit than you could see was on it in the first place.

Toothbrush to clean the fan (or buy a replacement online, just don't get shit ones from AliExpress). Compressed air can to blow out the heatsink(s). Replacement keyboard if the old one was too far gone.

WiFi card can often also be replaced with a much better (and more power efficient!) one if whitelist is removed.

File: a6b1a327f659e2b⋯.jpg (104.96 KB, 838x720, 419:360, 1529959884175.jpg)

File: 88887aa11c35f48⋯.mp4 (4.11 MB, 480x360, 4:3, 88887aa11c35f486f37523cdae….mp4)


The old thread passed the bump limit so I figured I'd make a fresh one. Discuss your old hardware. Are you fixing anything?

I have an IDE to mSATA adapter and an mSATA SSD coming in the mail to fix my thinkpad.

109 posts and 37 image replies omitted. Click reply to view.



would you rather I replace the screen on my T40 with another T40 screen rather than another option, then?



>Don't bother upgrading it with a LED backlight, that only makes sense with T6x's and up.

why's that?




8088 MPH pushed the IBM PC + CGA + PC Speaker combo to its limits. I wonder if the tricks shown in this demo could be used in practical multimedia applications (of the time)



read siege by james mason



Back in 1995 I had an ascii console demo on a 386 Linux system that played a MIDI tune which ended up going to a PC speaker PWM driver...

File: 48b0afc106822e1⋯.jpg (17.05 KB, 248x189, 248:189, 7a4b230d24ae4092d9e74d3b90….jpg)


In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.

diff --git a/crypto/af_alg.c b/crypto/af_alg.c
index 17eb09d222ff..ec78a04eb136 100644
--- a/crypto/af_alg.c
+++ b/crypto/af_alg.c
@@ -122,8 +122,10 @@ static void alg_do_release(const struct af_alg_type *type, void *private)

int af_alg_release(struct socket *sock)
- if (sock->sk)
+ if (sock->sk) {
+ sock->sk = NULL;
+ }
return 0;




50 posts and 4 image replies omitted. Click reply to view.



Read the function.



The comment clearly states that `sock_put` checks if the socket should be destroyed, which means that there could be some occurence where the socket doesn't need to be destroyed. By assigning the socket reference to NULL outside the function, the check is useless and ignored essentially.

I don't know who wrote the patch, but in my opinion, it is wrong.



>be in medieval hacker's guilde

>everyone uses bent hammers

>one day a journeyman shows off his invention: non-bent hammer

>he's able to build better stuff, with fewer personal injuries!

>the whole guild comes together

>the whole guild beats him black and blue, and makes him apologize to his bent hammer

>the medieval hackers guilde does not blame its tools for self-injury!



damn, that's true. The patch should reimplement sock_puts, and only set its arg NULL when that check succeeds.

There might be some other guarantee of the check always succeeding, that led the patch submitter to not bother, but probably he just didn't think it through.



The “Benny Hill” chase music played in my head while I scrolled through your list anon.




>muh rust

Protip: I didn't mention Rust. Stop building a strawman and admit that you are LARPers

File: 1aae0b65c391510⋯.png (121.53 KB, 2400x1260, 40:21, gdpr.png)


Has anyone actually tried to get their data from Facebook and such? What do they store and is it possible to delete it all? Or is GDPR just a puff of smoke? Just asking out of curiosity since I don't use those "services" which collect your data.

24 posts omitted. Click reply to view.



>Hopefully, after a huge wave of GDPR-related fines comes out, companies will respect it.

Why wouldn't they just leave?



Ah, yes. Why wouldn't they simply leave the second biggest market there is instead of adding a couple of parameters to their servers and a small announcement on their website?

No wonder you retards know more than everyone else, have more technical expertise than everyone else; yet you're the only ones not taking advantage of the startup boom to raise millions of dollars. Y'all just talking out of your asses.



businesses dont like extravagent and superfluous fines. also europe is a smaller market than china, india, africa. definitely not second largest market. dumb ass.



>also europe is a smaller market than china, india, africa.




fucking LOL



>also europe is a smaller market than china, india, africa.

Sure thing, pajeet.

Delete Post [ ]
Previous [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18]
| Catalog | Nerve Center | Cancer
[ / / / / / / / / / / / / / ] [ dir / agatha2 / ausneets / chemo / dempart / doomer / film / general / vtest ]