I normally post on pol or horror, but, this thread calls out to anyone with eyes to see.
Adobe Systems, operates in a RICO de facto criminal status at this time, by any decent law abiding and TECH-AWARE judge, --if such a creature can ever be said to exist.
What they have done, to the words of simple ASCII notepad days, is in one word, atrocious, and in two words, outright treason. OP, what you ask for may be delivered but they will then operate against it like vipers. Why do you think they need so many versions? Indeed, were I in charge, I'd hunt down their last dozen boards and operating humans and I would force these to perform 24/7 filibustered gitmo style televised testimony. Not only would it make great TV, it'd give President Trump something useful to do in terms of cleaning the swamp in the tech field.
So to summarize, Adobe Systems, completely makes a product that has more holes than swiss cheese on a shooting range, and then continues to allow themselves to exist and spew product called PDF at us all, even after their total disaster called "The Aurora Hacks".
They can only surf on the brilliance of Photochop for so long, eventually that wave reaches the beach and all their other waves must also do so.
Continuing from >>>/tech/597 https://archive.is/INR3l This is for non specific, general tips for anonymous web browsing and downloads, tips on browsers and browser configurations for the security concious that you don't want to make a new thread for.
>>884 That's not really me, but a@a can be nothing more than an empty hollow identity for anyone that likes your stuff and is passionate about OPSEC, so yes it's a@a though it's masonnigger because he used to be easily identified by not articulating well enough and making common spelling errors that only he makes, hence, the stylometry suggestion.
The squirrels have gotten in the mailbag as the guys discuss an unfortunate new vulnerability in Squirrelmail. Plus an interesting new entrant to the anonymous domain name space from some of the internet’s most famous rabble rousers. Then Dan & Wes get just a bit jealous of Canada’s new take on net neutrality & more!
>The searx.me server is reaching its limits. >Searx is no commercial enterprise, it lacks all the resources available to the services you normally visit, we don't have neither a marketing department, nor do we have datacenters, nor devops teams.
Anyone here interested? If you know any good host (outside of the US, Canada, China, Russia and UK) that has the last stable branch of openbsd running and where I can have root without limitation, at a good price (<$30) we could plan it.
ps. no, I don't want to use any other system. If you want to do it by yourself, go ahead.
Today, April 28th 2017, WikiLeaks publishes the documentation and source code for CIA's "Scribbles" project, a document-watermarking preprocessing system to embed "Web beacon"-style tags into documents that are likely to be copied by Insiders, Whistleblowers, Journalists or others. The released version (v1.0 RC1) is dated March, 1st 2016 and classified SECRET//ORCON/NOFORN until 2066.
Scribbles is intended for off-line preprocessing of Microsoft Office documents. For reasons of operational security the user guide demands that "[t]he Scribbles executable, parameter files, receipts and log files should not be installed on a target machine, nor left in a location where it might be collected by an adversary."
According to the documentation, "the Scribbles document watermarking tool has been successfully tested on [...] Microsoft Office 2013 (on Windows 8.1 x64), documents from Office versions 97-2016 (Office 95 documents will not work!) [and d]ocuments that are not be locked forms, encrypted, or password-protected". But this limitation to Microsoft Office documents seems to create problems: "If the targeted end-user opens them up in a different application, such as OpenOffice or LibreOffice, the watermark images and URLs may be visible to the end-user. For this reason, always make sure that the host names and URL components are logically consistent with the original content. If you are concerned that the targeted end-user may open these documents in a non-Microsoft Office application, please take some test documents and evaluate them in the likely application before deploying them."
Security researches and forensic experts will find more detailed information on how watermarks are applied to documents in the source code, which is included in this publication as a zipped archive.
that's ridiculous anon. you can securely encrypt a flash drive with veracrypt or even do it on an offline machine with an obscure hashing algorithm/implementation you found in BSD ports if you are that paranoid
If you are all hell bent on a hardware encrypted drive, I don't think I have anything useful to say. I don't understand why anyone would want one as most people face only one of two distinct threats, both of which suggest hardware encryption is a stupid waste of money. You are probably worried about one of:
a) Preventing a three letter agency snooping your Allah blessed plans for great Jihad. Commercial hardware can't be trusted in this situation, NSA is but a step along their production line. You're wasting dinars better spent on hashish and entertaining unclean western wimminz.
b) Some vague nuisance. You want to shield mummy from the true extent of you furry pr0n addiction? The next chimpout is but a street corner away from you? Use VeraCrypt and save up for that special NRA membership drive that comes with a complementary handgun.
1. Do you know how to backup?
2. Have you ever successfully and completely restored something from backup?
3. Do you have a CURRENT AND COMPLETE backup of ALL your data on a PHYSICALLY SEPARATE MEDIUM?
>Most things work without js, and those that don't are often not worth your time anyway.
This is a good point. When I used to encounter sites that required js to display at all, I'd usually enable js (which took several round of "Allow this..." since they all wanted to load additional shitty js) enough to at least read the content. Now I don't bother. People who aren't publishing garbage don't put it behind walls of js. And 99% of what's on Twitter is fucking garbage.
>>8385 Here's my story.
At first it started as autism when I was using tor, but after a while I enjoyed viewing websites like actual documents.
Once I opened the site, I clicked somewhere out of sheer muscle behaviour, a small pop-up in the right corner appeared even though I have them disabled, then it maximized itself, then a new tab appeared, when trying to close the tab I was asked if I was sure I want to close the tab by chromium and when i closed the pop-up the entire browser crashed.
I can't handle this shit. Once qutebrowser gets whitelisting capabilties thanks to the new config rework maybe I'll whitelist some sites I visit really often but fuck all other sites.
So I have this blog site which hasn't had any new entries in some time and I want to read it all one post a day.
How can I get rss feed which pushes chronologically all posts starting from the first one ?
I'm thinking of creating a subreddit, using automoderator and getting the feed for that subreddit but it's somewhat inconvenient since I have to get some karma on that account and wait 30 days.
body = Nokogiri::HTML(open("https://parahumans.wordpress.com/table-of-contents/")) body.css("strong a").each do |link| text =  page = Nokogiri::HTML(open(link["href"])) page.css("div[class=entry-content] p")[2..-2].each do |p| p.text.gsub! "<em>" "" text << p.text end title = page.at_css("title").text puts title
Can anyone here explain gallium nine to me please? I have been looking it up but the information is somewhat vague. From what I gather, it passes data from directx emulation straight to the GPU via a mesa function, without translating it to OpenGL. Essentially a passthrough of some kind for wine.
Are all d3d9 capable radeon cards compatible? Is this the standard Mesa shipped with most distros or do you get a special version from somewhere? More complicated: How can Mesa (an opengl implementation) pass direct information like that? Doesn't that go against what OpenGL does by design? Shouldn't this technically be for Vesa or whatever driver actually interacts with the hardware?
Gallium nine is a linux native implementation of the directx9 api. No translation required. Any radeon or Nvidia card is compatible as long as it's using their open source drivers and Mesa is compiled with gallium enabled.
Mesa is no longer just an opengl implementation. For example, it also contains a vulkan implementation (radv).
Gallium Nine is a state tracker implementation for the Gallium3D infrastructure presenting a Direct3D 9 API. As >>8355 says it's a "native" implementation, no emulation, no translation. It can work in other kernels too, not just Linux.
>Are all d3d9 capable radeon cards compatible? "d3d9 capable" is marketing speak directed at windoze customers. Irrelevant. The smart question to ask is: is the GPU supported by a Gallium3D Mesa driver?
>Is this the standard Mesa shipped with most distros or do you get a special version from somewhere? Gallium Nine was merged into upstream Mesa back in the 10.4 release (I think). So it should be available in all Gallium drivers shipped by current distros.
However, making use of Gallium Nine from Wine requires cooperation from Wine itself: it needs to know that it should look for, find, and prefer the native implementation provided by the DRI driver instead of the translation to OpenGL normally done by Wine. As of late 2016 the upstream Wine maintainer has refused merging the patches implementing this functionality. AFAIK, this hasn't changed in the last few months. Therefore, while you most likely can use your distro-supplied Mesa drivers, you will probably need to either compile your own Wine with the patches applied, or grab pre-patched binaries from somewhere (PPA, OBS, Copr, whatever).
>More complicated: How can Mesa (an opengl implementation) Mesa hasn't been "just" an OpenGL implementation for a long time. Mesa is more like a software laboratory, or culture medium, or factory, for experimenting with, growing, and assembling (the userspace parts of) graphics-acceleration drivers.
>pass direct information like that? Doesn't that go against what OpenGL does by design? Shouldn't this technically be for Vesa or whatever driver actually interacts with the hardware? What information? What is "like that"? What do you think "OpenGL does by design"? Vesa? I don't think you understand many of the words you use...
>>8357 >>pass direct information like that? Doesn't that go against what OpenGL does by design? Shouldn't this technically be for Vesa or whatever driver actually interacts with the hardware? >What information? What is "like that"? What do you think "OpenGL does by design"? Vesa? I don't think you understand many of the words you use... Because OpenGL is designed to go via the kernel rather than interface directly with the hardware, unlike directx. Vesa for example, a graphics driver, would though. By information, I'm only making a vague guess about what that actually is as I don't know anything about directx but I have read "d3d" data is passed direct to hardware by directx and in my ignorance I assumed that Mesa must also somehow do the same. This is also why I asked if a card had to be d3d9 capable, because I assumed it received the data directly, which I still assume it does rather than being translated in some way?
>>8363 >Because OpenGL is designed to go via the kernel rather than interface directly with the hardware, unlike directx. this is pure nonsense
first: directx != direct3d
second: of course both apis "go via the kernel"!
and nobody had to spend much thought to "design" them that way, because what else would you expect? that's what a os kernel does, it multiplexes access to hardware! (which is why dos doesn't count as a real os btw)
>Vesa for example, a graphics driver, would though. "vesa" is not a graphics driver
you don't know what you're saying
>By information, I'm only making a vague guess about ........ a gpu, even one that only advertises "direct3d capable" is not a "magical direct3d box"
a gpu is at its heart a collectionm of processors (mostly vector/superscalar/superpipelined architectures), some of them are fixed-function, some special-purpose, some general-purpose
a gpu driver will literally program those processors (the ones that are programmable anyway) in order to perform the intended "graphics processing", although it doesn't have to be "graphics"
>>8365 That was informative, ty. Clearly I had no idea how directx functions, not sure how I got the idea d3d data was passed direct to the driver. I think I read it once in a directx to opengl comparison forum post, blind leading the blind I guess.
Endware is a suite of programs geared towards internet privacy, security, and anonymity.
Endwall: endwall.sh is an iptables based firewall script designed to be implemented on any linux distribution shipped with iptables. endwall.sh is based on default drop policies, coupled with a novel strategy of passing packets on local host ports only for those enabled by the enduser. It comes with a variety of well used ports enabled with several additional port passing configurations available by uncommenting the script. It provides essential security to a new user.
Endsets: endsets.sh is a script that adds blacklisting and whitelisting functionality to endwall.sh. It depends on the program ipset. It is persistent on reboot if you enable ipset as a service. This is the recommended blacklisting tool for endwall if you are running a server or planning on opening up ports and services to the public and will require daily blacklisting of new incomming IPs.
Endlists: endlists.sh is a traditional text file list based blacklisting and whitelisting script. It has slow performance, and can't be updated on the fly. Good for <1000 ip subnets, very tedious and slow to run for more than that. Blocks the IPs by adding them as individual rules to the iptables ruleset. Works but not recommended for heavy duty on a server. May be useful for workstation use to block ip ranges if you are not opening up ports and services to public clients.
Endtools: endtools are a collection of scripts including alogz.sh, mlogz.sh, spamlogz.sh and iplookup.py. These scripts will help to service an enduser of endwall in adminstering endsets/endlists.
iplookup.py is a geoiplookup script written in python and requires python and pygeoip. It has simmilar functionality to maxmind's geoiplookup program and uses the maxmind *.dat files.
spamlogz.sh is a script that searches through log files to find flagged log entries flagged in endwall.sh, endsets.sh and endlists.sh.
alogz.sh is a daily log reading script designed to read the output of an apache http server's log output.
mlogz.sh is a daily log reading script designed to read the output of a postfix smtp server's log output.
endtv.sh is currently broken along with all of the filmon.tv channels that are cross listed in endstream. I get the following error message.
Playing: https://www.filmon.com/tv/bbc-news [ytdl_hook] ERROR: bbc-news: Failed to parse JSON (caused by JSONDecodeError('Expecting value: line 1 column 1 (char 0)',)); please report this issue on https://yt-dl.org/ bug . Make sure you are using the latest version; type youtube-dl -U to update. Be sure to call youtube-dl with the --verbose flag and include its complete output. [ytdl_hook] youtube-dl failed, trying to play URL directly ...
Well it was fun while it lasted. Someone please bug report this to youtube-dl.
I'll try to replace DW,RT,BBC,PressTV, with streams from some other source eventually. Hopefuly the youtube-dl developers just fix this.
browser randomly disappears but the process is still alive until you SIGKILL it. happened twice today within my 1 hour of browsing view source pops up a window that freezes for 10 seconds, and the rest of palememe is frozen for that duration webdev console also takes ages to open when saving webms, they often get at 0%. if you cancel them, they remain stuck there, and when you restart the browser (even after clearing everything with ctrl+shift+del), they silently download in the background (they arent visible in the downloads list) and then give you a popup saying they're done, or they overwrite the completed version with a half finished version of the file, whatever the fuck palememe feels like today firefug has all these problems too of course, except maybe the last one
>>8342 because you have some plugin or some bullshit nigger if you open https://youtube.com/watch?v=NRSBKyz2Kvk [Embed] and see no <video> anywhere in the source, it's not going to work without JS or a plugin (which, if you're just being a smartass and stating that it works without JS because you have a plugin, ironically is probably written in JS)
>>7874 >But AVOID HP LAPTOP AT ALL COST. Ain't that the truth, I have a really bulky HP laptop, great in specs wise, but once the wifi card started dying I bought one that had better OpenBSD compatibility only to have the HP bios firmware lock me out of installing it.