(18.15 KB 170x191 serveimage.png)
Anonymous 06/25/2016 (Sat) 13:37:23 [Preview] No. 5510 [Reply]
I have a whole free week on my hands and i want to make most of it by installing a fresh new distro. Since i value /tech/'s opinion, tought i'd ask you guys.

Been using Linux Mint fot a year, but now i want a distro that is clean and not full of software i don't need (like Mint is). Can't decide between Debian or Arch, help me maybe? I kinda have a life, so if Arch is really that high maintenance, it's out of the picture.
62 posts and 3 images omitted.

Anonymous 12/19/2016 (Mon) 14:55:46 [Preview] No. 7696 del
It's grand and critical, but it's no less grand and critical than the kernel.

You have a Unix-defying kernel, compiler, init system, C standard library, shell (usually), set of Unix utilities, windowing system, bootloader (usually), and then you complain about the init system going the same way?

Do you know the difference between the size of the Linux kernel and the original Unix kernel? Have you ever compared GNU code to Unix code?

Linux and GNU really, truly don't follow the Unix philosophy at all. They make up most of your system. Most other parts you could name (X11, Qt, KDE, OpenSSL, vim) don't follow it either.

Anonymous 12/22/2016 (Thu) 21:16:32 [Preview] No. 7720 del
As far as I'm concerned this is a non-problem. Just schedule it and it will do it automatically for you.

Anonymous 12/24/2016 (Sat) 11:27:50 [Preview] No. 7728 del
wow anon you really opened my eyes,
this writing style reminds me of that TP copypaster

Anonymous 01/19/2017 (Thu) 21:25:09 [Preview] No. 7876 del

is it really fair to compare LOC of linux(that runs on virtually anything relevent these days) to comfy days of PDP?

linux kernel code's quality VARIES.

For portion where linus himself and experienced devs invest most of their time tend to be high quality software with lots of technical gems.

It's just vendor specific parts where codes of rather questionable quality get introduced.

Small companies throwing in whatever crap that happens to compile and hipsters who wants title of 'linux developer' spoils community and ultimately, kernel itself.

Theo might be autist but at least he applies autism for better quality most of the time.

I'm not sure what's Linus' plan with kernel anymore...what is he trying to focus on with this dumpster fire.

Anonymous 01/20/2017 (Fri) 07:09:35 [Preview] No. 7879 del
Sure, Linux has reasons to be larger while sticking to the same philosophy, but not to this extent. It's also much larger because it's so filled with features. Its size is also the result of its very different design philosophy. And I don't think that's a bad thing, but I do think that it invalidates arguments that are just "this one other part of the system doesn't follow the unix philosophy either, therefore it's shit".

Email Anonymous 07/19/2016 (Tue) 03:36:37 [Preview] No. 5867 [Reply]
Is there a free email service that is better for privacy?

Like one headquartered in Iceland or something. I'm currently looking at openmailbox but registration was closed last time I checked.
91 posts and 2 images omitted.

Anonymous 09/27/2016 (Tue) 09:40:58 [Preview] No. 6854 del
But but, muh mom can't into pgp.

Anonymous 09/27/2016 (Tue) 17:20:01 [Preview] No. 6864 del
Give your mom mail client with automatic GPG usage and passwordless key. Claws-Mail works in that way, not sure about Thunderbird/forks.

Anonymous 09/27/2016 (Tue) 18:15:40 [Preview] No. 6865 del
Thanks sempai. Will do.

bump Anonymous 01/19/2017 (Thu) 15:24:13 [Preview] No. 7871 del
hey endwall, your email server is not accessible.

Does someone else run Tor hidden service SMTP server? Also, what's up with Tor posting captcha?

Endwall 01/20/2017 (Fri) 04:17:09 [Preview] No. 7878 del
Try again. I set the mail server up on my main desktop (with my gui) as a test. I turn my computer off when I go to school. I was planning on migrating the mail server to a dedicated tor server computer but never got around to it. No one emails me anyways. I'll leave my computer on in text mode tomorrow, so you can send me something. I really think this is the answer, I mean not withstanding all the other security problems with computers.

Air gap with private key and public key ring for recipients-> encode message -> port encrypted message by floppy disc to transmision computer -> Send encrypted mail to tor mail server.

Recieve mail to tor mail server -> port encrypted message by floppy to airgapped decryption computer running in text mode. decrypt message read, in sealed room with multiple locks -> destroy traces of communication (reboot).

I think this would do it. That way you never type on the online computer, and only type and encrypt and decrypt on the air gapped computer. If both counterparties do this it should work.

Unfortunately I'm not currently doing this, my private key is also on my workstation. One day I'll impliment this strategy, probably this summer. If everyone did this protocol that would mess the NSA up big time. It wouldn't matter if your workstation was compromised, they still wouldn't get the message.

USSR home computer programs on tape Anonymous 01/18/2017 (Wed) 22:25:05 [Preview] No. 7863 [Reply]
Does anyone on /tech/ know how to get programs for old computer from audio cassette? What emulators can run that? Rips are on http://25dxotevqkqyhqgi.onion/

Anonymous 01/18/2017 (Wed) 22:52:41 [Preview] No. 7864 del
More info needed. An emulator may not be available for the architecture. Unless you already own the required machine?

Anonymous 01/19/2017 (Thu) 01:45:30 [Preview] No. 7867 del
You can record the audio to WAV files and it's not hard to convert to binary from what I'm told.

https://youtube.com/watch?v=_9SM9lG47Ew [Embed]

Anonymous 01/19/2017 (Thu) 12:36:28 [Preview] No. 7870 del
If it is 8 bit computer produced by USSR it might be Agat. Their early edition came with cassette tape reader.


The processor of Agat was clone of MOS 6052 so you might want to check out emulators written for it.



Anonymous 01/19/2017 (Thu) 21:15:05 [Preview] No. 7875 del

but even if you dump the programs encoded in cassette it would be bunch of boring games and programming utilities.

Anonymous 08/07/2016 (Sun) 16:15:07 [Preview] No. 6120 [Reply]
BSD Thread.

Let's have a thread about the permissive, copyleft style of operating systems known as BSD.

Discussion of Free,Net,Open,Dragonfly,Edge *BSD is welcome!

Linux and FSF users who would rather complain about licencing and that linux is better need not apply.


FreeBSD Quarterly Status Report: https://www.freebsd.org/news/status/report-2016-04-2016-06.html

Vulns found in freebsd-update and portsnap: https://lists.freebsd.org/pipermail/freebsd-security/2016-July/009016.html

OpenSSH 7.3 Released: http://www.openssh.com/txt/release-7.3

Message too long. Click here to view full text.

44 posts and 11 images omitted.

Anonymous 01/16/2017 (Mon) 07:18:12 [Preview] No. 7848 del
LibertyBSD looks like an interesting project


Anonymous 01/16/2017 (Mon) 17:48:16 [Preview] No. 7851 del
(92.24 KB 420x420 nah.png)

if you are not intel employee who can review and compile microcodes DO NOT BUY hardwares that require said microcodes to function properly.

said microcodes DO NOT EXECUTE in kernel privilege and they DO NOT fuck with kernel data structure.

they run INSIDE your shitty hardware. OpenBSD kernel READS said microcode and LOADS it inside your shitty hardware's INTERNAL MEMORY which is then EXECUTED BY your shitty hardware's OWN shitty processor.

non libre LINUX kernel ships with BINARY ONLY drivers that RUNS with KERNEL PRIVILEGE and said microcodes.

OpenBSD kernel DOES NOT ship with BINARY ONLY drivers.

Anonymous 01/17/2017 (Tue) 20:09:01 [Preview] No. 7861 del
What about hardened BSD on laptop?

Anonymous 01/19/2017 (Thu) 21:03:05 [Preview] No. 7874 del

it's still based on freebsd so suspend/resume and other quality of life features won't be available.

For daily driver OpenBSD laptops might be better.


crypto fails meta thread Anonymous 01/17/2017 (Tue) 01:31:24 [Preview] No. 7855 [Reply]

curve25519-donna implementation by google is susceptible to timing attack as MSVC runtime's 64bit multiplication is nonconstant time operation in x86 environment.

Anonymous 01/17/2017 (Tue) 01:41:22 [Preview] No. 7856 del

Anonymous 01/17/2017 (Tue) 01:44:03 [Preview] No. 7857 del

openssl command line's enc kdf is WEAK

Anonymous 01/17/2017 (Tue) 02:23:57 [Preview] No. 7858 del

Exposing HashMap's iteration order can cause O(n²) blowup even in innocent-looking code without the presence of an attacker.

In the presence of an attacker, access to the order of a dictionary allows HashDoS-like attacks with only two requests in common scenarios.

Anonymous 01/19/2017 (Thu) 20:54:17 [Preview] No. 7873 del
not story of failure but food for thought


Mining bitcoin with SAT solvers.

i0ne Pre-Induction i0ne 01/19/2017 (Thu) 01:03:54 [Preview] No. 7865 [Reply]

We are i0ne. We are a Security Penetration Team. Our goal is simple, we intend to expose the flaws of modern security procedures within this world of anonymity.

The lies that you have been told about being secured and safe from malicious persons will be revealed. You have been fed with lies...lies like social media and mainstream media websites such as Facebook, YouTube, CNN, and FOX News. These websites and corporations use you for revenue. They lie to you for their own gain.

They lie about Politics, Security, and News overall. This is absolutely despicable, and scummy. Multimillion Dollar Companies have lied to their users for decades, and it will not stop.

Nothing is secure, not even your personal information. We encourage you to believe these blatant lies, only to be proven otherwise.

If you are interested in induction into i0ne, please email us at i0neCONTACT@protonmail.ch

Anonymous 01/19/2017 (Thu) 01:31:09 [Preview] No. 7866 del
duh... are you new here?

Anonymous 01/19/2017 (Thu) 09:01:10 [Preview] No. 7868 del
(410.54 KB 764x2979 1478747085-2.jpg)

Anonymous 01/19/2017 (Thu) 16:05:55 [Preview] No. 7872 del
>. Our goal is simple, we intend to expose the flaws of modern security procedures within this world of anonymity.

Are you guys behind the spam war with /intg/

Anonymous 01/19/2017 (Thu) 21:49:03 [Preview] No. 7877 del
giff me 0 day poc || gtfo

Online Security News Endwall 07/07/2016 (Thu) 06:09:23 [Preview] No. 149 [Reply]
See a news article or CVE bug report on an emerging computer security issue and want to share it? Post below.

I will also post links to Hak5 Threatwire videos.
Edited last time by Endwall on 07/07/2016 (Thu) 16:22:47.
368 posts omitted.

Anonymous 01/15/2017 (Sun) 18:16:53 [Preview] No. 796 del
detailed instructions and tips for hooking system calls of android for REing and profiling applications.


Endwall 01/17/2017 (Tue) 02:48:40 [Preview] No. 799 del
E Hacking News
Italian siblings arrested for cyberattack
Monday, January 16, 2017
Italian police have arrested a nuclear engineer, Giulio Occhionero, 45 and his sister, Francesca Maria Occhionero, 49 for hacking into 18,000 high-profile email accounts, including the former Prime Minister. Authorities suspect that the siblings may have ties to the Freemasons, because the malware used in the hack was called Eye Pyramid believed to be a reference to the all-seeing eye of God, or Eye of Providence, a symbol typically associated with Freemasonry. The name of the software may also have been a play on his own surname – Occhionero means “black eye” in Italian. The widespread cyber-attack compromised communications of prominent Italian institutions and individuals, including Vatican’s two former Prime Ministers, Vatican cardinals, bank executives and other high profile targets, which prosecutors claim was used to conduct insider trading. Mario Draghi, the president of the European Central Bank was also among the targeted individuals. Former Prime Minister, Matteo Renzi was also one who resigned in December last year after losing a constitutional reform referendum. The attackers, who have dual residencies in London and Rome, are accused of spearphishing attacks using malware to gain access to victims' email accounts and illegally accessing classified information and breaching and intercepting information technology systems and data communications since 2012. The siblings were most recently living in Italy. Vatican officials have not yet commented on the attack and it is yet unknown to what extent sensitive Vatican information may have been compromised. There are indications the malware campaign may have been running from as early as 2008. In total, just under 1800 passwords were allegedly captured by the Occhionero siblings, who exfiltrated around 87 gigabytes of data to servers in the United States. Mr Occhionero who had strong links to the Masonic movement allegedly developed software that infected email accounts, enabling him to access the information. Several of the compromised accounts belonged to Mason members. Whether or not there are ties to the Masons, cyber security experts believe it is highly unlikely that the sibling pair acted alone. The illegally accessed information was stored on servers in the United States, leading to an ongoing investigation with the assistance of the FBI’s cyberdivision. The stolen data has been seized by Italian police and the FBI. Italian police believe the siblings used the stolen confidential information to make investments through a firm operated by Mr Occhionero, a nuclear engineer by profession.

Anonymous 01/17/2017 (Tue) 14:33:06 [Preview] No. 800 del

Endwall 01/19/2017 (Thu) 03:34:25 [Preview] No. 801 del
Is WhatsApp Secure? - Threat Wire - Duration: 8 minutes, 2 seconds.
https://youtube.com/watch?v=0yenDWEXpo0 [Embed]

Endwall 01/19/2017 (Thu) 03:37:39 [Preview] No. 802 del
Jupiter Broadcasting
Internet of Voice Triggers | TechSNAP 302
The Github enterprise SQL scare, malware that lives in your browser, Dan’s mail server war story, your feedback, a righteous roundup & more!

(4.89 MB 500x281 1446448543096.webm)
Webm thread Anonymous 05/23/2016 (Mon) 23:08:37 [Preview] No. 3991 [Reply]
Post your /tech/ related webms
2 posts and 2 images omitted.

Anonymous 06/30/2016 (Thu) 22:55:28 [Preview] No. 5679 del

Anonymous 01/09/2017 (Mon) 16:00:16 [Preview] No. 7810 del
(3.45 MB 450x360 wana dance.webm)
(3.85 MB 1280x720 watchdogs.webm)
(3.32 MB 296x200 win98.webm)

Anonymous 01/09/2017 (Mon) 16:09:45 [Preview] No. 7811 del
(3.67 MB 854x480 the matrix.webm)
(1.46 MB 324x240 missle.webm)

Anonymous 01/16/2017 (Mon) 08:41:00 [Preview] No. 7849 del

Anonymous 01/18/2017 (Wed) 05:07:12 [Preview] No. 7862 del
kek on that last one

(421.28 KB 700x525 suzuku.gif)
Nodev 08/21/2016 (Sun) 15:08:39 [Preview] No. 972 [Reply]
Dead board vandalized by spam...

Nodev 01/17/2017 (Tue) 14:49:18 [Preview] No. 1105 del
i feel you brother

DIY, Modular, Open source Laptop Anonymous 01/03/2017 (Tue) 09:21:19 [Preview] No. 7768 [Reply]
Laptop form factor open source hardware design, built from off the shelf components for DIY, modular, open source computing.

CPU, RAM, graphics: 1x single board computer
FSB, ports: 2x powered USB hub
Battery: 1x USB powerbank, >5000 mAh, >2A
Input: 1x USB keyboard
Input: 1x USB trackpad
Storage: 1x USB flash drive
Network: 1x USB WiFi dongle
Audio: 1x USB sound card/headset
Display: 1x USB powered HDMI monitor
Case: 3D printed or DIY glued wooden case

-Completely modular, customizable, upgradeable and repairable
-User serviceable by all users
-Universal, modular battery and charger. Can swap battery when depleted

Message too long. Click here to view full text.

12 posts and 1 image omitted.

Anonymous 01/11/2017 (Wed) 11:34:17 [Preview] No. 7819 del
>muh intel

I am typing this very post in shitty Chinese board based chromebook so what are you trying to prove?

that you never worked on arm devices?



>muh usb runs fasta than copper substrate

usb sends command and control data through same line.

You can't have 480 Mbps purely for data. at maximum it would be something between 400 Mbps to 300 Mbps (for usb 2.0) for SINGLE connection at BEST(i.e. it's still theoretical value).

Message too long. Click here to view full text.

Anonymous 01/11/2017 (Wed) 11:50:42 [Preview] No. 7820 del
(30.03 KB 300x250 brighter .png)


>There are several reasons why your device will never be able to use all of this bandwidth. First of all, the USB bus is shared among several users. Even if you are plugged into different ports on the motherboard, you are probably sharing the same host controller as all of the other devices on the bus, so your device is sharing the USB bus bandwidth with all of the other devices.

>Second, USB is a packetized protocol where longer blocks of data are divided into 512-byte packets. Each packet contains a header identifying the packet contents, and a CRC at the end of the packet for data integrity. Each packet also requires an ACK from the other side of the link. Start of Frame (SOF) packets are sent every 125 uSec (microframe) to maintain timing on the bus. The net effect of this is that the theoretical maximum bandwidth of USB is 13 bulk packets per microframe, or 53,248,000 bytes/second. Even this limit is not achievable with current host controllers, which can receive 10 bulk packets/microframe or send 8 bulk packets/microframe.

>500mA – This is the absolute maximum power allowed under the USB spec

don't listen to haters op!

bright future awaits you!

Anonymous 01/12/2017 (Thu) 16:08:24 [Preview] No. 7825 del
There are also x86 SBCs out there. Many of them also have LVDS connector for display, which opens up some options with used panels from laptop PCs (although I'm not sure everything is compatible).

Just look into embedded pico-ITX

I want to build a UMPC with Pentium N 3710 (Braswell) based pico-ITX board. Although this would be relatively expensive it has a much more capable GPU than any of the ARM stuff out there. x86 and real OpenGL/DirectX acceleration should make a lot of neat things simple to achieve.

Also for rapid prototyping of enclosure, forget wood unless you're really good at working with that. Look into Sintra PVC foam board. I've worked with it in the past as enclosures for power supplies and other projects. That was with 6mm thick sheets. Really easy to work with, does not take a lot of tools. You basically would want a T-Square or Triangle and some sharp knife or razor to score with then break it. Anywhere that you need to attach a component through a screw hole you would just drill a very small pilot hole and use a small wood screw. The PVC foam board can be glued together with a wide variety of adhesives but thin cyanoacrylate works better than most. That's just regular super glue.

I'm probably going with 3mm this time considering the UMPC will be small I think that's sufficient, although it will be built in layers that are glued together, thicker than 3mm in many spots.

If done properly this could have excellent results and be achievable without spending a lot of time learning 3D modeling or CAD. Or having to spend all that time designing a 3D model and send it off for printing not quite 100% sure if it's going to all fit together just right.

I'm still looking for a good option for the hinges, friction hinges can be surprisingly expensive.

Anonymous 01/12/2017 (Thu) 16:13:40 [Preview] No. 7826 del
A few companies that manufacture and sell x86 pico-ITX SBCs (and have prices and ordering available on their site):

(Israeli company, but if you're buying Intel that's irrelevant)

(DFI is a Taiwanese company that has always made very high quality motherboards. They used to be famous for excellent gaming motherboards during the socket 939 era, but these days focus on industrial and embedded stuff)

Anonymous 01/17/2017 (Tue) 08:58:36 [Preview] No. 7860 del
Specifications for >>7814
CPU: 1 Ghz A31S ARM Cortex-A7 Quad-Core
GPU: PowerVR SGX544MP2
Display: M155 GAEMS 15.5" LED TN LCD, 1366 x 768
Network: 10/100/1000 Ethernet, WiFi 802.11b/g/n
Battery length: 5 hours (10000 mAh @ 10 W)
Ports: 7x USB 2.0, 2x 3.5mm Audio output, 1x 3.5mm Audio input, 1x HDMI
Weight: <2 kg
Dimensions: 38cm x 24cm x 3cm (folded)
Total cost: $254.99

>I am typing this very post in shitty Chinese board based chromebook so what are you trying to prove?

If you used the linked chipset, then with nonfree wireless and video drivers?

Message too long. Click here to view full text.

(10.70 KB 109x130 gccegg-65.png)
Compilers Anonymous 11/24/2016 (Thu) 12:48:06 [Preview] No. 7468 [Reply]
Can someone, please, "red-pill" me in compilers. Particularly, C compilers.
Why use anything besides GCC? What's the difference between all of them?
12 posts and 4 images omitted.

Anonymous 01/15/2017 (Sun) 08:08:41 [Preview] No. 7832 del
i was reading that gcc sucks at some point.... and that clang is better... i dont know personally why, i used gcc and it was ok, i am now on fbsd and using clang and its okay also... dont know

Anonymous 01/15/2017 (Sun) 09:03:55 [Preview] No. 7833 del
Are we really having this thread? Remember the DEPRECATED meme? That was based off of the anti GCC pro Clang sperglord.

Anonymous 01/15/2017 (Sun) 09:06:34 [Preview] No. 7834 del
(311.56 KB 612x792 1352501355093.png)

Anonymous 01/15/2017 (Sun) 12:52:37 [Preview] No. 7835 del

>typical linux fanboy

nobody said LLVM/clang is better than gcc in this thread so far.
(except for brief mention in >>7469)

General consensus was that if you are not kernel/os developer you may as well shut up and use whatever your distro provided.

What are you trying to prove beside your incompetence?

Anonymous 01/17/2017 (Tue) 07:56:13 [Preview] No. 7859 del
redpill me on chiru.no

(128.61 KB 1200x675 chip.jpg)
Pocket CHIP Anonymous 05/15/2016 (Sun) 17:39:56 [Preview] No. 3593 [Reply]
Does anyone here have experience with the Pocket CHIP, or the CHIP in general? As an option for mobile computing it seems much cheaper than things like the Dragonbox Pyra and OpenPandora, but much more powerful/useful than a chroot on an Android touchscreen device. Is it good? Are there similar computers?
15 posts and 1 image omitted.

Anonymous 01/15/2017 (Sun) 21:30:38 [Preview] No. 7842 del

does 3d acceleration work out of the box?

I heard CHIP team were working with ARM for bringing mali gpu support for mainline linux.

can you share contents of dmesg, lsmod and uname -a?

Anonymous 01/16/2017 (Mon) 05:22:53 [Preview] No. 7846 del
It's mostly a problem that there's almost no existing worthwhile software for linux that uses OpenGL ES

But yes the GLES acceleration works now, it's pretty much limited to Quake 3 and a few other things. After I bought it I did the research and you would be surprised just how few open source engines and games support GLES (on linux, there are quite a few for android)

Anonymous 01/16/2017 (Mon) 17:52:35 [Preview] No. 7852 del

so I heard. tbf it wasn't like we had that much hardwares capable of GLES for general purpose boards (outside of android phones that is).

Did CHIP team ported mainline linux as promised?

Anonymous 01/16/2017 (Mon) 19:39:24 [Preview] No. 7853 del
I'm not sure the latest but I think the main sticking point is NAND drivers

Anonymous 01/17/2017 (Tue) 00:05:42 [Preview] No. 7854 del
Actually this thread has me wanting to mess around with the pocket chip some more. It seems to me that a game that I've compiled on the chip before (Cataclysm DDA, SDL) should work automatically with GLES. But it was completely software rendering last time I tried. Unless the MESA libraries in the repos were compiled without the right options.

(589.86 KB 770x435 opera.png)
Opera neon Anonymous 01/15/2017 (Sun) 13:34:12 [Preview] No. 7836 [Reply]
https://youtube.com/watch?v=t4MikGVvQOA [Embed]

This looks absolutely horrific

Sage Sage 01/15/2017 (Sun) 16:04:29 [Preview] No. 7837 del
>Blog type post
>Stating your opinion

Anonymous 01/15/2017 (Sun) 18:48:00 [Preview] No. 7840 del
proprietary sfotware is GROSS

Anonymous 01/16/2017 (Mon) 07:05:36 [Preview] No. 7847 del

>le edgy greentext
>implying your opinion of OP

Anonymous 01/16/2017 (Mon) 17:32:04 [Preview] No. 7850 del

(751.73 KB 640x400 gentoo.png)
Why haven't you installed gentoo yet? Anonymous 12/16/2016 (Fri) 17:36:10 [Preview] No. 7636 [Reply]
19 posts and 3 images omitted.

Anonymous 01/04/2017 (Wed) 00:47:31 [Preview] No. 7776 del
because sabotage is marginally better

Anonymous 01/04/2017 (Wed) 01:24:11 [Preview] No. 7779 del
fuck this whole 'rolling' release distributions that change compiler once every motherfucking week just to see how gcc developers fuck up this time.

Anonymous 01/04/2017 (Wed) 01:37:32 [Preview] No. 7780 del
>over a thousand lines of code
oh no

Anonymous 01/04/2017 (Wed) 03:57:34 [Preview] No. 7781 del

but why would you run Gentoo on production server?

good to see someone else running hardened gentoo on Chromebook. Are you using arm based one?

I got Asus rockchip base Chromebook last month and it's working great with musl hardened

Anonymous 01/15/2017 (Sun) 22:29:42 [Preview] No. 7845 del

Secure OSes Anonymous 05/09/2016 (Mon) 18:21:17 [Preview] No. 37 [Reply]
What is the best OS option for a secure setup?
How do OpenBSD and Linux with patches compare in terms of the security they offer?
47 posts and 1 image omitted.

Anonymous 01/09/2017 (Mon) 04:10:39 [Preview] No. 783 del

What's this?

FuguIta is the Live System which was based on OpenBSD operating system and has following features;

Similar to HDD installation
This Live System is intended to be similar to HDD installation as much as possible.
After bootstrap completed, you can login to the environment like the one which was just installed on HDD.
In this environment, many ordinary files have replaced to symbolic links. So you can replace or modify them by yourself.
Portable workplace
You can save your own environment into Floppy Disk and/or USB flashdrive. Then you will be able to retrieve it at next boot time.
Low hardware requirements
Unless you will use X, this Live System requires 48MB of memory to run.
Following stable version
We're trying to track the OpenBSD-stable version, and to apply all errata patches.

Message too long. Click here to view full text.

Anonymous 01/12/2017 (Thu) 06:40:58 [Preview] No. 786 del
I've had great luck with Alpine on my servers. Yeah, binary packages but it's been amazingly stable for me over a few years.

Alpine is getting pretty popular though, for awhile ncopa was threatening to shut down development for lack of time (he couldn't afford to work on it after losing a sponsor). I used to donate to him.

Then suddenly Docker made its announcement regarding Alpine and everything changed. All mentions of a way to donate on the Alpine website disappeared, development surged, and they get major donations of hardware as well. Has me a little bit worried that it could be sold out. Lots of new names on the contributors list on recent versions.

Anonymous 01/12/2017 (Thu) 11:08:41 [Preview] No. 787 del

yeah alpine is really cool.

they are currently the only major distribution that supports musl as standard c library.

gentoo has musl-hardened/vanilla branch but it still has long way to go for stabilization

Anonymous 01/12/2017 (Thu) 20:45:27 [Preview] No. 788 del
why no linux-libre kernel for alpine
what are they trying to hide

Anonymous 01/15/2017 (Sun) 22:12:14 [Preview] No. 798 del

if you don't know how to compile kernel, don't buy hardwares that requre firmwares to work properly in the first place

Tor Anonymous 12/20/2016 (Tue) 16:00:02 [Preview] No. 7698 [Reply]
>Single Onion Services for muh "i don't need anonymity"
>decentralized RNG for muh cryptography wonders
>removing "tap handshake" old stuff in favor of ntor

>meanwhile block bypass still gonna eat your post and say "fuck you" to uncommon browser
15 posts omitted.

Anonymous 12/27/2016 (Tue) 12:05:22 [Preview] No. 7739 del
Actually i did too.

Anonymous 12/27/2016 (Tue) 14:07:24 [Preview] No. 7740 del
I heard that if you girlfriend has a feminine penis then you should eat more vegetables.

HTTPS at hidden services Anonymous 01/01/2017 (Sun) 00:11:24 [Preview] No. 7758 del
>Subject: businessCategory=Private Organization,jurisdictionOfIncorporationCountryName=US,jurisdictionOfIncorporationStateOrProvinceName=Delaware,serialNumber=5019303,STREET=20 Paoli Pike,postalCode=19301,C=US,ST=Pennsylvania,L=Paoli,O=Duck Duck Go\, Inc.,CN=3g2upl4pq6kufc4m.onion


>tfw https made friendly privoxy install incapable of removing browser headers, browser using that proxy sends something "bad" and fuckduckgo responds with "forbidden"

Anonymous 01/15/2017 (Sun) 21:26:13 [Preview] No. 7841 del
The trouble with Tor is the people treating it like a big truck that you just dump something on, when it is really a series of tubes, and when those tunes get filled your Internet can be delayed.

Anonymous 01/15/2017 (Sun) 22:11:22 [Preview] No. 7844 del
(164.55 KB 316x315 Al_Gore_on_Futurama.png)
Tell me more...

Compile Thread Anonymous 11/27/2016 (Sun) 20:44:39 [Preview] No. 692 [Reply]
Endwall guy should keep irrelevant compile instructions in this thread by editing the OP or edit the Sticky thread before purging said irrelevant posts in various threads. Just remind them to compile from source and redirect them to this thread.
5 posts omitted.

Tor mods Endwall 12/04/2016 (Sun) 06:01:18 [Preview] No. 709 del
change this to

digest_algorithm_t alg = DIGEST_SHA1;
digest_algorithm_t alg = DIGEST_SHA256;
Leave this alone it will break tor if you change it.


change to

Message too long. Click here to view full text.

Edited last time by Endwall on 12/22/2016 (Thu) 05:15:38.

Install torsocks from source Endwall 12/04/2016 (Sun) 06:01:50 [Preview] No. 710 del
Install Torsocks from source

$ su
# pacman -S git
# apt-get install git
$ mkdir -p ~/git
$ cd ~/git
$ git clone https://git.torproject.org/torsocks.git

or if tor is already running with previous version of torsocks
$ torsocks git clone https://git.torproject.org/torsocks.git

$ mkdir -p ~/tor
$ mv torsocks ~/tor
$ cd ~/tor
$ cd torsocks
$ ./autogen.sh

Message too long. Click here to view full text.

youtube-dl from git Endwall 12/04/2016 (Sun) 06:02:28 [Preview] No. 711 del
Install Youtube-dl from source git

$ cd ~/
$ mkdir -p git
$ cd git
$ torsocks git clone https://github.com/rg3/youtube-dl.git
$ cd youtube-dl
$ su
# torsocks pacman -S zip pandoc
# pacman -Rc youtube-dl
# exit
$ make
$ ls
$ cd ~/bin
$ ln -s ~/git/youtube-dl/youtube-dl youtube-dl
$ cd ~
$ export PATH=$HOME/bin:$PATH

Message too long. Click here to view full text.

Tor from git repo Endwall 12/04/2016 (Sun) 06:03:18 [Preview] No. 712 del
Clone tor from git repo


$ mkdir ~/git
$ cd ~/git
$ torsocks -i git clone http://dccbbv6cooddgcrq.onion/tor.git
$ cd tor
$ cd src
$ cd or
$ nano or.h
$ nano routerparse.c
$ nano circuituse.c
$ cd ..
$ sudo su

Message too long. Click here to view full text.

Anonymous 01/15/2017 (Sun) 22:04:32 [Preview] No. 797 del
is there reason to use torsocks over git's builtin socks5 proxy?

wouldn't it be better if you just register as http.proxy and https.proxy variable by git config?

Not sure what revision of git your distro ships with but using torsocks should be considered depreciated hack for applications with builtin socks5 proxy support.

(179.88 KB 860x280 broken-trust.jpg)
Anonymous 01/08/2017 (Sun) 21:04:28 [Preview] No. 7803 [Reply]
Someone is claiming that all files currently encrypted with OpenSSL have been salted to make them insecure:

Anonymous 01/08/2017 (Sun) 22:12:07 [Preview] No. 7804 del

>uninitialized heap might not contain random byte streams
>seed string "padding oracle here"

you guys are late to the party.

libressl already rampaged on prng to stick to os provided prng (and silently added some of them back, because ENGINEERING)

>what is this kdf even doing
>muh EVP_BytesToKey is brocken

well, what can I say.

openssl was not meant to be used as handy command line utility for encrypting files.

Message too long. Click here to view full text.

Anonymous 01/09/2017 (Mon) 01:07:48 [Preview] No. 7806 del
>Javascript is required for ZeroBin to work.
>Sorry for the inconvenience.

Anonymous 01/15/2017 (Sun) 21:54:23 [Preview] No. 7843 del


>The enc command is really just an example

>proprietary format that was never really
>intended for real data exchange.

would be interesting to see how many
hipsters actually exchange something
important with openssl enc because
'writing perl script is such a chore'

"Open Source Bitcoin Mixer" Anonymous 11/11/2016 (Fri) 00:29:46 [Preview] No. 7363 [Reply]
7 posts and 2 images omitted.

Anonymous 11/11/2016 (Fri) 12:46:22 [Preview] No. 7374 del
I tried uploading supported video formats and I got a bad gateway error even dough it passed the mime test.

Anonymous 11/18/2016 (Fri) 15:32:29 [Preview] No. 7441 del
BitcoinFog » http://foggeddriztrcar2.onion/ - [ mixer | en ]
BitcoinMixer » http://m2cylfgzmxwauyqz.onion/ - [ mixer | en ]
Bitblender » http://bitblendervrfkzr.onion/ - [ mixer | en ]
BitLaundry » http://laundryzlzgnni4n.onion/ - [ mixer | en ]
BitmixerIO » http://bitmixer2whesjgj.onion/ - [ mixer | en ]
Brave Bunny » http://braveb6iyacflzc2.onion/ - [ mixer | en ]
CleanCoin » http://cleancondgqja34b.onion/ - [ mixer | en ]
Helix Light » http://grams7enufi7jmdl.onion/helix/light - [ mixer | en ]
Helix » http://grams7enufi7jmdl.onion/helix - [ mixer | en ]
MixingSpace » http://7xerxhai3ezrykmc.onion/ - [ mixer | en ]

Anonymous 12/02/2016 (Fri) 05:47:31 [Preview] No. 7510 del
I've used
BitmixerIO » http://bitmixer2whesjgj.onion/ - [ mixer | en ]
Helix Light » http://grams7enufi7jmdl.onion/helix/light - [ mixer | en ]
Helix » http://grams7enufi7jmdl.onion/helix - [ mixer | en ]
and all of them worked well. Anyone who can confirm about other mixers?

Anonymous 12/02/2016 (Fri) 12:01:17 [Preview] No. 7511 del
Well, i found them on "hackerplace" http://hackerw6dcplg3ej.onion/
among other things (books, zines) they have a list of mixers.

logicalcum Anonymous 01/12/2017 (Thu) 23:15:17 [Preview] No. 7828 del
I can confirm that bitcoin fog works well, used it from time to time. But be careful, a lot of scam nowadays.
You can find original bitcoin fog address on a their twitter https://twitter.com/BitcoinFogg or on bitcointalk.

(29.73 KB 1172x380 logoText.png)
Anonymous 11/08/2016 (Tue) 12:47:02 [Preview] No. 7324 [Reply]
I'm running an instance of Tokumei that some of you wanted, I do not host the tor SFTP anymore.


Its pretty much anonymous microblogging with freedom of speech intended. Go mad.

Anonymous 01/10/2017 (Tue) 15:37:42 [Preview] No. 7816 del

Anonymous 01/11/2017 (Wed) 20:31:21 [Preview] No. 7823 del

Anonymous 01/12/2017 (Thu) 22:47:28 [Preview] No. 7827 del
hi walrus;

new posts are being posted to the end of the line (page 8)

(88.00 B 1x1 asd.png)
Anonymous 12/29/2016 (Thu) 19:38:09 [Preview] No. 7746 [Reply]
Which chan engine is the best, in terms of extensibility and performance?
4 posts omitted.

oldfag that uses nntpchan 12/31/2016 (Sat) 04:04:16 [Preview] No. 7756 del
What's a "chan engine", and how does it relate to technology?
I know what imageboards are, but never heard chan engine before. Is that like some sort of gurl motor that powers cats?
Whatever the hell it is, it doesn't read productive.

Anonymous 12/31/2016 (Sat) 14:14:48 [Preview] No. 7757 del
reminder that imageboards are CS102 homework assignment material.

Anonymous 01/08/2017 (Sun) 14:54:35 [Preview] No. 7800 del
(34.82 KB 998x161 webscale.jpeg)
> lynxchan
> high performance

Anonymous 01/08/2017 (Sun) 18:24:03 [Preview] No. 7802 del
>high performance
pick one

Anonymous 01/11/2017 (Wed) 23:39:49 [Preview] No. 7824 del
Infinity next :^)

Desktop R8 or H8 thread Anonymous 08/16/2016 (Tue) 18:12:19 [Preview] No. 6309 [Reply]
No desktop thread? Lets fix that.

I'll start with my laptop
24 posts and 3 images omitted.

Anonymous 01/08/2017 (Sun) 22:18:56 [Preview] No. 7805 del

Anonymous 01/09/2017 (Mon) 13:56:19 [Preview] No. 7809 del
is vlc bad?

Anonymous 01/09/2017 (Mon) 22:00:38 [Preview] No. 7812 del
why would you use it over mpv?

Anonymous 01/11/2017 (Wed) 16:28:48 [Preview] No. 7821 del
its not bad, but mplayer and mpv are better alternatives for videos. For music you could use mpd or lxmusic+xmms2 whatever.

Anonymous 01/11/2017 (Wed) 16:30:16 [Preview] No. 7822 del

(19.92 KB 465x341 halpmeh.jpg)
IPFS THREAD Anonymous 01/10/2017 (Tue) 01:35:41 [Preview] No. 7813 [Reply]

Anonymous 01/10/2017 (Tue) 16:27:05 [Preview] No. 7817 del
>Anonymous wrote on 01/10/2017 (Tue) 01:35:41
>You have been visited by the IPFS wrench of Serendipity
> _
> /_ \_____/ _|
> | __ |_. (ya thas wrench.. i guess?)
> \__/ \/
>Post an untracked ipfs hash below and republish the
>new contents or be FORCED to rewrite IPFS in Rust

I'll rewrite it in Rust. Where's the specifications? :^)

(37.26 KB 814x510 1.8Logo.png)
LynxChan 1.8 Anonymous 12/06/2016 (Tue) 12:40:15 [Preview] No. 7535 [Reply]
What is LynxChan?
LynxChan is a chan engine developed with performance, efficiency and flexibility in mind. It powers several chans ( http://lynxhub.com/lynxchan/res/285.html ) and contains a number of community-created front-ends ( https://gitgud.io/LynxChan/LynxChan-ThirdPartyFrontEnds ).
It offers a number of features, including:
-File deduplication, saving bandwidth, disk space and allowing users to post files without uploading them.
-Overboard, aggregating posts from the whole site on a single place so users can browse more easily.
-Multi-board, allowing users to aggregate posts from only selected boards.
-Extensive anti-spam and anti-flood tools that aim to both impede and reduce damage without inconveniencing users.
-Add-on support, which enables features to be added without the need for a fork.
-Modular front-end and language pack allows for the site owner to customize it without having to change the actual software.

LynxChan 1.8 main addition is multi-lingual support.
This feature allows site owners to specify alternative language packs and front-ends and associate languages to them.
When an user visits the site, the engine seamlessly picks an available language from the user and serves content in that language.

This version brings some other minor features so far:
-More granular and specific verbose modes.
-A terminal command to perform a clean shutdown of the engine.

Message too long. Click here to view full text.

42 posts and 5 images omitted.

Anonymous 12/07/2016 (Wed) 17:42:51 [Preview] No. 7586 del
Fuck it really is him. I recognize his collection of reaction images.

inb4 "take your meds"

endchan isn't one board, so I guess I fucked up by saying that. But I mostly use end/pol/ and /b/, and I have had quality discussions on them.

I don't discount the possibility of subverted mods, but at the same time there are faggots like you taking advantage of suspicion to attack the entire userbase of endchan.

but you're literally Imkampfy so why am I even talking to you.

Anonymous 12/07/2016 (Wed) 18:40:26 [Preview] No. 7587 del
(14.82 KB 500x323 logo.png.jpg)
honestly, i dont want endchan to be popular, nothing good has ever come out of that, i like it how it is now, i love you guys dont change

and we're obviously not dead yet lel

Anonymous 12/07/2016 (Wed) 20:48:59 [Preview] No. 7594 del
>The pages are not dynamic
well, not a surprise, suspected that (and it's ok)

>I don't get it, can you explain it further?
Static thread page with posting form, no captcha displayed. Form POSTs to /replyThread.js. What happens to text if it is not embedded into another form in reply page or saved at server? Discarded. Please don't rely on certain browser's ability to store form data. In replyThread.js, if user presented valid bypass cookie or is not subject to captcha check, just store form data as thread reply, put your "post added" in response and do your redirect to thread. If user have to fill captcha ("banned" IP and no cookie), put form data in replyThread.js response page as another form that features captcha. Storing post temporarily in DB and presenting only captcha text plus hidden form field with reference to stored post is fine too. Is that simple enough to implement?

Anonymous 12/07/2016 (Wed) 21:09:13 [Preview] No. 7595 del
>Is that simple enough to implement?
No. I recommend visiting http://endchan.xyz/blockBypass.js before submitting.

Anonymous 12/08/2016 (Thu) 18:02:17 [Preview] No. 7596 del
>even though it originally came from an acronym, Tor is not spelled "TOR". Only the first letter is capitalized. In fact, we can usually spot people who haven't read any of our website (and have instead learned everything they know about Tor from news articles) by the fact that they spell it wrong.

SSH privacy Anonymous 05/11/2016 (Wed) 18:16:01 [Preview] No. 42 [Reply]
How can I anonymously ssh into something? Going through Tor and using a freshly generated key for identification is obvious, but how can I make sure that there is no data leakage above all that? I haven't been able to find any guides on that, even though it seems like something a lot of people might be interested in doing.
2 posts omitted.

Anonymous 05/11/2016 (Wed) 21:01:41 [Preview] No. 45 del
>posting in the little retard's pet board
>captcha required

post this somewhere else if you are interested

Anonymous 10/21/2016 (Fri) 05:56:34 [Preview] No. 620 del
you gotta make suer your ssh deosn't show your key files to the server too

Anonymous 10/21/2016 (Fri) 12:05:39 [Preview] No. 621 del
Commenting out
SendEnv LANG LC_*
can help too.

Disabling pubkey auth is important. If you have passwordless key or have key loaded in ssh-agent, option
disables pubkey auth completely.

Also, there's this thing to demonstrate deanon by ssh key:

Anonymous 12/28/2016 (Wed) 01:52:02 [Preview] No. 748 del
Finally, my almonds have been activated.

Anonymous 01/08/2017 (Sun) 19:31:59 [Preview] No. 782 del
In ~/.ssh/config so you don't leak your username if you forget to specify one.
host *

user root