(46.14 KB 887x272 masterTheorem.jpg)
Discord is shit Anonymous 10/22/2018 (Mon) 02:28:19 [Preview] No. 12909 [Reply] [Last 50 Posts]
Is there a Libre version of Discord that isn't so shit? It needs stuff like this:
>voice chat
>text chat
>Youtube and image embeds in text chat
>Free Software (Libre)
>you can host it on your own server
>you can make bots for it
>uses actual good encryption
>has a web interface and mobile app
>you don't have to have a mobile phone to register an account
9 posts and 1 image omitted.

Anonymous 11/07/2018 (Wed) 04:23:56 [Preview] No.12992 del
I think Assange is working for Russia or some other big actor too.
I mean, who the fuck even hosts wikileaks? If it was a one man's mission they'd just upload shit to freenet or something.

Anonymous 11/07/2018 (Wed) 13:41:15 [Preview] No.12995 del
Right, and WikiLeaks has thousands of documents regarding Israel which they still haven't released, so they're very picky in what they release into the public, which was apparent with the 2016 U.S. elections.

Anonymous 11/14/2018 (Wed) 17:51:17 [Preview] No.12997 del
Iceland laws protect free speech.

Anonymous 11/17/2018 (Sat) 18:21:16 [Preview] No.12999 del
I wasn't aware he was from the CIA. Thanks man.

How do you know they have such documents?

Online Security News Endwall 07/07/2016 (Thu) 06:09:23 [Preview] No. 149 [Reply] [Last 50 Posts]
See a news article or CVE bug report on an emerging computer security issue and want to share it? Post below.

I will also post links to Hak5 Threatwire videos.
Edited last time by Endwall on 07/07/2016 (Thu) 16:22:47.
513 posts and 3 images omitted.

Endwall 10/26/2018 (Fri) 04:35:08 [Preview] No.1330 del
Adult Site Leaks Data, Early TLS Versions Deprecated - ThreatWire
https://youtube.com/watch?v=DPle2qUDM3U [Embed]
Private Data from an Adult Site is Exposed, TLS 1.0 & 1.1 will be Deprecated In 2020, and an IoT Operating System is found Vulnerable to Hacks!

Endwall 11/04/2018 (Sun) 04:25:41 [Preview] No.1331 del
'Bypass DRM, Legally! Russia Tied to Infrastructure: Threatwire 8:44'
https://youtube.com/watch?v=_BQgr0xsywc [Embed]
A Privilege Escalation Flaw Hits Linux, you can now bypass DRM, legally, and Triton Malware is Tied To the Russian Government!

Endwall 11/15/2018 (Thu) 09:40:56 [Preview] No.1338 del
Will Election Security Ever Improve?! DJI Vulnerability “High Risk” - ThreatWire 11:22
https://youtube.com/watch?v=z6gjY8lZPUo [Embed]

Published on Nov 13, 2018
"USPS helps identity thieves steal your mail, a DJI vulnerability is listed as high risk, and Will Election Security Ever Improve?!"

Endwall 11/17/2018 (Sat) 06:50:58 [Preview] No.1339 del

A person or group claiming to have hacked ProtonMail and stolen "significant" amounts of data has posted a lengthy ransom demand with some wild claims to an anonymous Pastebin. ProtonMail states it's complete BS. According to the message, a hacker going by the name AmFearLiathMor makes quite a few interesting claims such as hacking ProtonMail's services and stealing user's email, that ProtonMail is sending their user's decrypted data to American servers, and that ProtonMail is abusing the lack of Subresource Integrity (SRI) use to purposely and maliciously steal their user's passwords. After reading the Pastebin message (archive.is link), which is shown in its entirety below minus some alleged keys, and seeing the amount of claims, the first thing that came to mind was a corporate version of the sextortion scams that have been running rampant lately. As I kept reading it, though, it just felt like a joke. Short Summary: We hacked Protonmail and have a significant amount of their data from the past few months. We are offering it back to Protonmail for a small fee, if they decline then we will publish or sell user data to the world. Long Explanation: While Protonmail's open-source code can be freely audited on Github, they haven't configured the mandatory SRI feature (https://www.w3.org/TR/SRI/). This leaves users without any guarantee about their source code integrity, thus allowing tampering and data collection at anytime. This will be totally transparent and unnoticed, because without enabling SRI all the users should inspect the website runtime code and its connections manually in the same moment they're being tampered with by Protonmail to discover it. Furthermore this requires spending a lot of time and advanced knowledge. With this being clarified, we have proven and recorded that Protonmail intentionally manipulated their source code to reveal users decryption keys (private keys) by collecting their password. Protonmail abuses the lack of SRI technology to serve a modified version of their code that allows full data collection and decryption of their users content. We haven't found the exact pattern that triggers this (probably by targeting IP ranges or just randomly to collect everybody's password), but again, we have proven and recorded this happens. After proving Protonmail knowingly permits misconfiguration to maliciously target users we decided to deploy our full capabilities against them. We began with months of dedicated penetration testing, we asked assistance from other organizations and deployed unreleased 0-days. Although arduous we successfully installed a permanent backdoor on their major machines without Protonmail’s knowledge, bypassing their detection mechanisms. Once we obtained that access we took advantage of their misconfiguration and collected passwords from a large percentage of active accounts that accessed Protonmail during that period. After that we were running a modified and automatized version of their webclient on our end, where we fetched, processed and stored email messages from those affected users in a huge database of our own, thus having significant useful information from many different individuals and companies. If you have used Protonmail in the past several months it is probable we have your Username/Password and your decrypted emails recorded on our own private server. We also have names, addresses (If entered), contact lists, IP addresses, and much more. We would not have been able to do this if Protonmail did not deliberately mis-configure their code to harm their own users. Incidentally during this period we noticed that Protonmail sends decrypted user data to American servers frequently. This may be due to the Swiss MLAT treaty requiring swiss companies reveal all their data to the Americans...

Anonymous 11/17/2018 (Sat) 07:10:01 [Preview] No.1340 del


We'll see where this goes. If you use protonmail, encrypt your messages with your own pgp key. Don't rely on any third party to keep your messages safe.
This just puts proton mail into gmail territory. If you want real email security follow the general steps posted here:


Even if you use gpg and the attacker has access to the encrypted cypher text, frequency analysis can be used to perform probabilistic decryption, and then check words against a dictionary to confirm the decryption (completely automated). So add alot of noise to lower the signal to noise ratio if your cypher text is stored remotely by a third party. I'm removing protonmail from the recommended carriers if this attack is confirmed with evidence.

tor /cyber/ chatroom Anonymous 09/25/2018 (Tue) 18:10:41 [Preview] No. 294 [Reply] [Last 50 Posts]
A few anons on 8ch made an anonymous chatroom behind Tor, but the place is a bit small at the moment. Come and chill with us.
4 posts and 3 images omitted.

Anonymous 10/13/2018 (Sat) 23:41:22 [Preview] No.299 del
(33.25 KB 240x240 Hasbro_4c_no_R.png)
My Little Pony is created by Jews (Hassenfeld and Goldner) for retards (and children) like you.

Anonymous 10/13/2018 (Sat) 23:45:28 [Preview] No.300 del
Owned by Jews, not created. Bonnie Zacherle was its original creator.

Anonymous 10/14/2018 (Sun) 16:22:23 [Preview] No.301 del
Kill yourself.

Doom. All doom. Hacker Alliance Against Daniel H 11/16/2018 (Fri) 20:23:25 [Preview] No.302 del
(78.22 KB 675x863 s-l16001.jpg)
Hosting hacked

On November 15th around 10-11 PM UTC the hosting server got hacked. As per my analysis it seems someone got access to the database and deleted all accounts. Noteworthy, also the account "root" has been deleted. To this day around 6500 Hidden Services were hosted on the server. There is no way to recover from this breach, all data is gone.


Status: Stick a fork innit. She done.

Anonymous 11/16/2018 (Fri) 20:31:44 [Preview] No.303 del
anyone using the cyberpunk aesthetic is technologically incompetent

EndChan/InfinityNow Terminal Client Morphosis 06/03/2018 (Sun) 21:18:45 [Preview] No. 12749 [Reply] [Last 50 Posts]
How hard would it be to create a terminal client for endchan/InfinityNow? I know that the OverChan android app can view this site; does that work by scraping or is there an API?

It would be much more comfy to browse here from the terminal than through the browser. You could have proper keyboard navigation between posts, and you wouldn't need a mouse at all. The biggest issue that comes to mind would be solving the captcha for making posts.
14 posts and 2 images omitted.

Anonymous 10/28/2018 (Sun) 21:06:30 [Preview] No.12947 del
I was going to write something similiar a week ago, but thought "Nah, too lazy". Thanks for it, anon!

BTW, what's your terminal font?

Anonymous 10/28/2018 (Sun) 21:23:18 [Preview] No.12948 del
np dude.
My font is lucy tewi.

Anonymous 11/14/2018 (Wed) 17:42:10 [Preview] No.12996 del
Your code is the best code until someone do it better. Thanks for share the code.

Anonymous 11/15/2018 (Thu) 05:42:43 [Preview] No.12998 del
w3m works pretty well too.

buy cialis buy_cialis 09/14/2016 (Wed) 13:26:04 [Preview] No. 594 [Reply] [Last 50 Posts]
I am so grateful for your blog article.Really thank you! Fantastic.

Anonymous 11/12/2018 (Mon) 19:32:50 [Preview] No.610 del
You're welcome

Endware Endwall 05/03/2016 (Tue) 08:54:28 [Preview] No. 32 [Reply] [Last 50 Posts]
Endware is a suite of programs geared towards internet privacy, security, and anonymity.

Endwall: endwall.sh is an iptables based firewall script designed to be implemented on any linux distribution shipped with iptables. endwall.sh is based on default drop policies, coupled with a novel strategy of passing packets on local host ports only for those enabled by the enduser. It comes with a variety of well used ports enabled with several additional port passing configurations available by uncommenting the script. It provides essential security to a new user.

Endsets: endsets.sh is a script that adds blacklisting and whitelisting functionality to endwall.sh. It depends on the program ipset. It is persistent on reboot if you enable ipset as a service. This is the recommended blacklisting tool for endwall if you are running a server or planning on opening up ports and services to the public and will require daily blacklisting of new incomming IPs.

Endlists: endlists.sh is a traditional text file list based blacklisting and whitelisting script. It has slow performance, and can't be updated on the fly. Good for <1000 ip subnets, very tedious and slow to run for more than that. Blocks the IPs by adding them as individual rules to the iptables ruleset. Works but not recommended for heavy duty on a server. May be useful for workstation use to block ip ranges if you are not opening up ports and services to public clients.

Endtools: endtools are a collection of scripts including alogz.sh, mlogz.sh, spamlogz.sh and iplookup.py. These scripts will help to service an enduser of endwall in adminstering endsets/endlists.

iplookup.py is a geoiplookup script written in python and requires python and pygeoip. It has simmilar functionality to maxmind's geoiplookup program and uses the maxmind *.dat files.

spamlogz.sh is a script that searches through log files to find flagged log entries flagged in endwall.sh, endsets.sh and endlists.sh.

alogz.sh is a daily log reading script designed to read the output of an apache http server's log output.

mlogz.sh is a daily log reading script designed to read the output of a postfix smtp server's log output.

Message too long. Click here to view full text.

222 posts and 3 images omitted.

Anonymous 09/26/2018 (Wed) 13:16:24 [Preview] No.1320 del
Got used to wakabamark. LOL. How do I escape the markup These [​co​de] things and all? HTML chars?

Anonymous 11/08/2018 (Thu) 08:36:13 [Preview] No.1333 del
I've been looking through the endware scripts. What advantages does dnslookup have over a regular nslookup?

Endwall 11/10/2018 (Sat) 03:48:41 [Preview] No.1334 del
Nothing really, I was using dnsrez.sh with ip_origin.sh to get the geo-locations of websites,

$ ip_origin $( dnsrez www.endchan.xyz ) PT Portugal

$ ip_origin $( dnsrez www.endchan.xyz www.8ch.net ) PT Portugal US United States US United States

It's something to work with and modify the output as you see fit by querying the records and then formatting them. I haven't really done much with those scripts, and I didn't really publicize them, I just discretely added them to the list of files once they were working. dnslookup uses the python library pydns to do the query to your dns server. dnsrez uses the dnspython library.

These files aren't working on either of my main machines right now...I figured out the problem it was the shebang...

Change the shebang to this

#! /usr/bin/python2

Message too long. Click here to view full text.

Edited last time by Endwall on 11/10/2018 (Sat) 04:43:50.

Endwall 11/10/2018 (Sat) 04:51:11 [Preview] No.1336 del
Endware is on hiatus until December 22. I have too much school work. I'm literally busy everyday with some assignment or lab report, or studying for a quiz or test, or trying to catch up. I'll do some fixing up and cleaning up and updating over Christmas.

Anonymous 11/12/2018 (Mon) 12:39:21 [Preview] No.1337 del
Good luck on your tests & assessment


(434.19 KB 1266x1509 1416575617064.png)
How to secure firefox forks post legacy Anonymous 10/22/2018 (Mon) 01:33:52 [Preview] No. 12908 [Reply] [Last 50 Posts]
Icecat now no longer supports LEGACY EXTENTIONS. Pic related is some of the extentions that are mostly legacy now.
Is the new firefox basically a waste of time? Is palemoon and waterfox the only forks that still support legacy extentions?
18 posts and 1 image omitted.

Anonymous 11/04/2018 (Sun) 18:46:32 [Preview] No.12983 del
>By controlling which domains your browser connects to you make its fingerprint more unique which isn't helping you maintain privacy.
Most websites aren't going to go out of their way to track people by how they connect to their trackers. Not only that, but since you're connecting to a third party website, the main websites won't be able to tell without some kind of javascript. And even then all they'll probably do is bitch about adblock.
Most of the tracking data is "willingly" handed over to companies. They're not going to out of their way to get the few stray fish smart enough to not swim into the belly of the beast.

Anonymous 11/06/2018 (Tue) 08:50:09 [Preview] No.12985 del
>Most websites aren't going to go out of their way to track people by how they connect to their trackers.
They don't need to. Their technologies do it for them.
Why would you think google &co don't care about adblockers? They do, they even wanted to integrate one into chrome at some point, I'm pretty sure as part of the "Embrace, extend, and extinguish" strategy.
It's 2018, all major websites record your every fucking mouse movement.
>a domain which I have not connected to will analyze the log of another domain I have not connected to, just to time-correlate to a 3rd domain I have connected to...
Not what I meant, also suggests that you probably don't know much about how websites work, but still possible because different domains != different entities.
Good goy. The more you follow your instincts the easier you are to manipulate.

Anonymous 11/06/2018 (Tue) 16:37:44 [Preview] No.12987 del
(3.48 KB 76x76 icon38@2x.png)
Just do not leave Javascript enabled, and block all non-essential third-party resources. It's incredibly counter-intuitive to do otherwise.
If enough people would do that that would increase the anonymity set and solves the problem you're raising.
Then again, Tor, I2P, and VPNs aren't secure anyway because those are low latency networks so it is incredibly easy for the MI5, NSA, GCHQ, whatever to correlate ingoing and outgoing traffic.
So anyway, you are suggestion that we sent our URL referrers to every single advertisement, tracker, and third-party server that a web page contains? Very smart ...

Anonymous 11/07/2018 (Wed) 04:42:08 [Preview] No.12993 del
(20.70 KB 680x503 c16.jpg)
>all non-essential third-party resources
Again, you doing that by hand increases your browser's fingerprint uniqueness drastically.
> It's incredibly counter-intuitive to do otherwise.
<Good goy. The more you follow your intuition the easier you are to manipulate.
>If enough people would do that that
You get it.
>Then again, Tor, I2P, and VPNs aren't secure anyway because those are low latency networks so it is incredibly easy for the MI5, NSA, GCHQ, whatever to correlate ingoing and outgoing traffic.
Gosh, the traffic is easy to correlate precisely because they aren't low latency networks. I2p however is also constantly routing other people's traffic so if you leave your i2p router 24/7 you make traffic correlation (the kind your are talking about) impossible.
>So anyway, you are suggestion that we sent our URL referrers to every single advertisement, tracker, and third-party server that a web page contains? Very smart ...
Yes, that's how anonymity works, you need to blend in. Just don't do that from your IP.

Anonymous 11/07/2018 (Wed) 04:49:24 [Preview] No.12994 del
i just do the private browsing

(30.89 KB 800x800 Sticky.jpg)
Anonymous Board owner 05/09/2018 (Wed) 22:40:59 [Preview] No. 12705 [Reply] [Last 50 Posts]
Welcome to /tech/, a technology board. This board is for general discussion of technology.

Rule 1: Only threads about technology or /tech/ itself are allowed.
Rule 2: NSFW content are only allowed if they are spoilered.
Rule 3: No referral links, asking for cryptocurrencies, advertising or similar.
Rule 4: No spam or posts without meaningful content.

All rules and policies are open for discussion in this thread.

IRC: #/tech/, #InfinityNow and #endchan on irc.rizon.net - https://qchat.rizon.net/
Wiki (OLD): https://wiki.installgentoo.com/

Archived sticky threads:


Message too long. Click here to view full text.

Edited last time by _ on 06/19/2018 (Tue) 02:20:22.
26 posts and 4 images omitted.

betamax Board owner 10/26/2018 (Fri) 09:25:15 [Preview] No.12940 del
Deleted advertisement and locked two old threads on the same topic about Discord but keeping the new Discord thread up. Don't be a cunt.

Anonymous 11/04/2018 (Sun) 00:20:32 [Preview] No.12975 del
(94.75 KB 532x759 500003061-03-01.jpeg)
(70.98 KB 648x260 Sebesta On Zuse.png)
Was Konrad Zuse a jew?

I'm still not so sharp on their phenotype, in this picture, he seems to have a (((indicative))) nose and a slight weak chin.

I just discovered that guy by reading Sebesta. Didn't know the reich also invented the digital computer.

Anonymous 11/04/2018 (Sun) 02:11:21 [Preview] No.12976 del
There were many Jewish people involved in all fields of technology as are people of (more) European descent. Jews and non-Jewish Europeans have a similar IQ (despite the myth)

betamax Board owner 11/04/2018 (Sun) 08:07:52 [Preview] No.12979 del
I see no valid sources claiming that Konrad Zuse being a jewish person. He was overall apolitical, didn't care too much as to who he was working for, rather, the funds necessary to pursue his work. This isn't /pol/ though, so keep such question to a minimum.

Anonymous 11/06/2018 (Tue) 18:01:01 [Preview] No.12988 del
Understood. Thank you.

Indeed. One has got to have some neurons to mentalize so much trickery.

Why are you still running systemd? Anonymous 10/24/2018 (Wed) 07:43:56 [Preview] No. 12921 [Reply] [Last 50 Posts]
Serious question, not sure what else to add.
15 posts omitted.

Anonymous 10/30/2018 (Tue) 06:59:24 [Preview] No.12960 del
>Neat, yet another half-baked OS (I guess). Why can't people simply contribute to an existing project instead of creating the Nth fork and letting it fail again and again.
Cause everyone has different idea of perfect distro

Anonymous 10/30/2018 (Tue) 09:25:34 [Preview] No.12962 del
You're right, and to be honest Bedrock does do things quite differently though I don't see what's the use for it myself.

Anonymous 10/30/2018 (Tue) 09:39:10 [Preview] No.12963 del
You should have spoilered those images

Anonymous 10/30/2018 (Tue) 10:40:17 [Preview] No.12964 del
I want to use Alpine, but need some glibc dependent software. In that case, I use bedrock with Alpine and random glibc-based distro

Discussion Thread Endwall 02/24/2018 (Sat) 01:52:08 [Preview] No. 1145 [Reply] [Last 50 Posts]
Want to say something off topic about anything?

Have a hot tip about something in the computer security world that doesn't fit into any current thread or category?

Want to chat with your fellow invisible 7 proxy friends?

Want to tell Lt. Gen Michael Hayden, GEN Keith Alexander, ADM Michael Rogers, GOOGLE, AMAZON, FACEBOOK and Microsoft etc. how you feel?

It's open mic at >>>/os/ , anything goes!!

Put all of your banter here:
45 posts and 1 image omitted.

Endwall 09/23/2018 (Sun) 21:01:45 [Preview] No.1313 del
Telephone Network Interface Device Box
https://youtube.com/watch?v=2DtwQpQ0dz8 [Embed]
https://youtube.com/watch?v=awAQahRYjnQ [Embed]

Endwall 09/23/2018 (Sun) 21:15:12 [Preview] No.1314 del
Park in a white Van, with battery powered rig, and a 100ft extension cord for the telephone, at 3am. Open it up, connect, post disconnect, lock it, drive away.

Anonymous 09/26/2018 (Wed) 13:16:47 [Preview] No.1321 del
Login, Endwall guy.

Endwall 09/27/2018 (Thu) 04:11:20 [Preview] No.1322 del

I added code tags to >>>/endsoft/

They weren't enabled for some reason. I'm logged in right now, I'll be getting down to homework in a bit, so I'll be off soon. Thanks.

Endwall 11/04/2018 (Sun) 06:14:40 [Preview] No.1332 del
The Invisible Man

Queen - The Invisible Man (Official Video)
https://youtube.com/watch?v=zKdxd718WXg [Embed]

Queen - The Invisible Man (Rare Alternative Version)
https://youtube.com/watch?v=GItyEOAiZ2A [Embed]

Queen- The Invisible Man (HQ)
https://youtube.com/watch?v=PLBRQgksQNU [Embed]
Edited last time by Endwall on 11/06/2018 (Tue) 03:58:05.

(162.95 KB 800x800 random.jpg)
Anonymous 10/29/2018 (Mon) 14:30:31 [Preview] No. 12952 [Reply] [Last 50 Posts]
What do you think about Suckless ideology?
3 posts omitted.

Anonymous 10/29/2018 (Mon) 17:55:13 [Preview] No.12956 del
I'd prefer a fucking fully functioning system first before we start cutting away the fat.

Anonymous 10/29/2018 (Mon) 22:09:35 [Preview] No.12957 del
Sometimes it works (dwm, dmenu, sxiv), sometimes it doesn't (st, surf, sent).

Anonymous 10/29/2018 (Mon) 22:17:35 [Preview] No.12958 del

Anonymous 10/30/2018 (Tue) 07:58:34 [Preview] No.12961 del
Their code isn't even signed. There distro doesn't verify packages.
The site is made by some edgy 19 yo boys most likely or older guys suffering from OCD or something.

Anonymous 10/31/2018 (Wed) 08:11:40 [Preview] No.12965 del
found the rxvt faggot

(206.06 KB 1500x788 1080.jpg)
Anonymous 06/21/2018 (Thu) 22:54:06 [Preview] No. 12804 [Reply] [Last 50 Posts]
Does there exist any alternatives to the CUDA technologies offered by Nvidia? Asking because of a few software applications which I desire to run but rely on those technologies to work most efficiently.

Anonymous 10/29/2018 (Mon) 06:49:33 [Preview] No.12951 del
OpenCL. Also newly released VUDA based on Vulkan

discord Anonymous 11/11/2017 (Sat) 08:03:10 [Preview] No. 11739 [Reply] [Last 50 Posts]
Reasons its shit:

1) IP logging
2) Posts are forever
3) Avatar fagging
4) If you change your IP it demands a phone number or you can't use the same username again if you registered.
5) Full of status messages: I'm paying fallout 4
5) It's catching on with faggots and now every chan and forum wants you to join their discord for that board. Irc didn't ever have 1-4 and wasn't as popular as discord is becoming.

Web 3.0 really will be a fucking chat room on every site.

Anonymous 11/11/2017 (Sat) 11:11:10 [Preview] No. 11740 del
There is already a thread about discord. I don't know why it bothers you so much if discord exists, just don't use it. Based on what I've seen so far most people who use it, are your average gamers talking like "omg memes kek dude lmao". On IRC there is at least some sort of discussion going on, but even there I can sense the presence of neo-/pol/-meme crap. Last day I joined #electronics on freenode and what did I get? Some dude talking about socialists. I don't know if I'm going insane, but people are talking about politics a lot more than in the past. Last US election had a really big impact on the internet, it changed people in a bad way.

IM is not great for everything, there are some genuine uses for it, but it's mostly shitposting. You need to take some time to write a meaningful post, think about the content and structure it well.

Anonymous 11/12/2017 (Sun) 02:41:40 [Preview] No. 11743 del
So like sysadmin Odilitime, Sapphire team, and Balrog

Anonymous 11/22/2017 (Wed) 22:03:41 [Preview] No.11789 del
Why did so many fall for their massive shilling campaign?
It just popped out of nowhere, and suddenly became the most popular VoIP client, while being objectively worse than the competition.
>it's so much easier to setup a server
How is this a good thing? This just means that the admins are guaranteed to be tech illiterate normalfags.
>server hosting is free
No it's not. You're paying with your personal info to the jews and Chinese.

Discord sucks Anonymous 10/29/2017 (Sun) 03:38:40 [Preview] No. 11609 [Reply] [Last 50 Posts]
You know what sucks about discord is you can't use TOR to register a username anonymously. Sure you can use it, but as soon as you change IPs once they send an e-mail verification and then demand mobile verification before you can continue to use discord.
11 posts omitted.

Anonymous 11/07/2017 (Tue) 17:11:49 [Preview] No. 11711 del
>demand mobile verification

OK, I'll never use this service then.

I hate how many email services are now demanding mobile verification now days. Thus I am the only one I know who uses a foreign email service. It's ridiculous that they are mandating your personal info just to use their services. Fuck them all. I won't use that shit.

Anonymous 11/07/2017 (Tue) 17:14:53 [Preview] No. 11713 del
>phone verification service on the net

Anon, I would love to know more about this. Is there a way to spoof mobile verifications to create emails? If so I'm excited and want to know more!

Anonymous 12/01/2017 (Fri) 02:19:42 [Preview] No.11824 del

Anonymous 12/12/2017 (Tue) 23:58:58 [Preview] No.11919 del
me and 2 other's were trying to use memecord in the same house because one of us was in a separate room and didn't want to move his PC. it started saying a bunch of shit about "suspicious activity", "your account is disabled for your security", "plz give cellphone number", etc. pure cancer

Anonymous 10/25/2018 (Thu) 06:23:00 [Preview] No.12930 del
Fuck off you sedevacantist.

(220.29 KB 1920x1080 1498596199651.png)
Anonymous 06/28/2017 (Wed) 14:13:05 [Preview] No. 8768 [Reply] [Last 50 Posts]
/g/ is building an OS

It's a riced out, gentoo based desktop distro

Has a nice low ram footprint

irc.rizon.net #cloveros
111 posts and 57 images omitted.

Anonymous 05/18/2018 (Fri) 01:29:31 [Preview] No.12734 del
Nice background.

Anonymous 07/18/2018 (Wed) 11:50:41 [Preview] No.12839 del
Pretty cool distro, however.
There are a few things that the maintainers neglect to tell in their repository.
Things like the overlays used in the binaries.
From what I've been able to piece together is that most bins and most of their package.use is built around the Libressl overlay and (maybe?) a few others.

There is also a huge problem right now with the way they setup nvidia drivers.
The driver that is downloaded and supplied is (again from my understanding) built for linux version 4.14.* whilest CloverOS currently runs 4.16.* which is a uge problem because installing these drivers will destroy your install.
additionally, the nvidia drivers supplied are 396.24-r1 which is the unstable versions that lack legacy support for some older(not that old) graphics cards.
The system doesn't store a local version of their Gentoo sources, so if you want to go full Gentoo you'll have to download the sources.
This made getting dkms nvidia drivers a bit annoying.

It would be great if the script was updated to serve a dkms version of nvidia drivers, various versions would help with legacy support.
That being said, i get the feeling the scripts weren't designed much with supporting a wide range of systems.
If you use some memeware thinkpad/toughbook this distro is perfect right out of the gate.
If you want to get some other kind of setup to work it'll require a bit of legwork, but that's not a bad thing.
It's amazing how simplified this makes a your regular Gentoo install.
Because it's Gentoo I've been able to get most of the above to work perfectly.

Anonymous 07/20/2018 (Fri) 15:54:14 [Preview] No.12845 del
Not to be too forward, but I want to lick your desktop. Do you find this is a common reaction?

Anonymous 09/15/2018 (Sat) 09:37:54 [Preview] No.12869 del
I want to bite his desktop on the ass. I don't know how he can stand to have that as his background, I would have broken the screen or my dick before long.

Anonymous 10/24/2018 (Wed) 06:43:46 [Preview] No.12920 del
(32.88 KB 446x720 men-in-heels.jpg)
>when you think macOS is cool so you set up the dock but you also want to follow the latest trend i.e. tiling wms

Anonymous 07/12/2018 (Thu) 22:01:32 [Preview] No.12834 del
(213.43 KB 620x414 bitches.png)
I don't give a FUCK if they are getting into these political correctness stuff since I'm there to learn IT and security. And their tutorials are pretty good.

Anonymous 07/29/2018 (Sun) 12:18:14 [Preview] No.12849 del
any of you retards actually do stuff???
Have a home lab, go war driving, etc?
Or do you just copy paste links you'll never read

Anonymous 08/18/2018 (Sat) 15:40:59 [Preview] No.12860 del
>http http http
at least write https if a TLS version exists you lazy nigger

OPSEC Endwall 08/23/2016 (Tue) 01:08:39 [Preview] No. 357 [Reply] [Last 50 Posts]
Discuss best practices for operational security.
16 posts omitted.

Endwall 07/13/2018 (Fri) 23:55:01 [Preview] No.1251 del

I agree cook your own food. Buy from the local farmer's market, or from the grocery store. Cook your own food in your own house. Don't order in. As you mentioned its easy to poison you once they know your pattern. You call for take out and they intercept the delivery or have someone planted there to poison your pizza.

I just meant to say don't do crime or talk about crime or personal things on the phone, no phone sex, no dirty talk, just innocuous facts, and lawful business. "Hey are we low on milk? Yeah OK I'll pick some up, bye." Nothing about money, politics, drugs, crime, or sex. It's all being recorded digitally and stored, and if you become a "Person of Interest" they go through it and pin point all the incriminating stuff to use on you for blackmail, coercion, criminal indictment, front running etc.

Its too bad that they removed all of the public pay phones...If there were no cameras in the area you had a small level of anonymity (very small). We're going to have to look to an encrypted VOIP by tcp solution for a "Secure Line". Even then don't trust it too much.

Anonymous 09/04/2018 (Tue) 22:26:56 [Preview] No.1306 del
>Use an OS like TAILS or Whonix to spoof your MAC address
Any BSD/Linux machine can do this with GNU macchanger [1].
I don't know how Tails or Whonix does Mac spoofing but I'd imagine they use the same thing.

1: https://directory.fsf.org/wiki/Macchanger (note: hasn't been updated in 4 years)

Anonymous 09/28/2018 (Fri) 07:34:00 [Preview] No.1323 del
Currently using Icecat 60.2.0 ESR. It comes with by far the best addon I've ever used on any web browser called Searxes' Third-party Request Blocker. I just use that instead of NoScript. Icecat as a web browser has a couple of issues, one of them being the same issue that the Tor browser has. I only install uBlock Origin, CanvasBlocker (enable expert mode to see what I mean), and Greasemonkey. I don't even use a user.js file because I generally trust Icecat. I cannot emphasize enough on how good the addon is. This is still not fully available for most distros but it is available for some.

passwords/passphrases Endwall 10/18/2018 (Thu) 22:50:06 [Preview] No.1328 del
Cross-posting copy-pasta from >>>/b/19022

"I've covered this in an old OPSEC thread and I think I'll report this password tip copypasta because it is a very good security tip (the two anons were originally from 8chan/n/):
Anon #1 posts following: Now As far as passwords go, here is how I do it: I'll give you an example by posting a supposed password: donotletthefedsseethisaccount887756

As you can tell, this passowrd has 35 characters total. This is A LOT of characters but also easy to memorize too, for example, its easy to remember the phrase; "do not let the feds see this account" ; and added to that phrase is a code (which you can also memorize easily) 887756. Once you come up with a phrase you can memorize it, then attach a code number you can easily remember right after it. This will make your password very difficult for hackers or spies to brute force using 'dictionary attacks' by adding random entropy at the end of the phrase (via the random code). This 'password' would be unbelievably hard to crack if it were not a fake and had I not posted it. Use your tinfoil hats, paranoia can be your best friend.

Anon #2 responds to Anon #1: It is better not to do letter/number type strings camel casing and special characters as well. Pass phrases are easier to remember but mixing it up makes it exponentially harder to brute. Though your example is secure enough a minor change can make a large difference in your password scheme. Also a lot of programs cut you off at 16 (or even fewer) characters so casing/ascii helps.

Ex: donotletthefedsseethisaccount887756 would average 10^66 tries. Just moving the numbers and adding casing/one special character you get: Do8Not8Let7The7Feds5See6This@ccount which bumps it up to 10^84 and is just as easy to remember."

Endwall 10/20/2018 (Sat) 04:58:20 [Preview] No.1329 del

While I think this is good, for memorization, I use 25-40 character random ascii passwords using /dev/urandom or
passgen.sh. I write these down in a notebook that I keep in a small safe in my computer room/ study. I
also add random characters inserted into the computer generated password. Some of these passwords are memorized
and not written down anywhere. For example the codes I use for user login and for cryptsetup and gpg are
memorized, while the codes for github, protonmail, and other online services are written down in a notebook that I keep in a safe. I use different passwords for every distinct online service.

Ultimately I would want a system as follows: 2 factor authentication, Factor 1 would be a 20-30 character
memorized passphrase number combination as mentioned above in >>1328 or using random memorized ASCII like I currently do. Factor 2 would be a 3.5" floppy disk with 1.44MB of random ASCII characters generated using OpenBSD on a Sun Sparc or DEC Alpha air-gap computer, with read only permissions and a hash, and the write protect toggle on. You would boot
your computer using both the disk key with the non-guessable ,random passphrase and with the memorized code.
You would keep the key in a safe in your study when not in use or on your person 24/7. Preferably you would
need both keys to open the encrypted computer. The memorized passphrase would allow you to boot to the point
where you need another key to decrypt the entire volume. This second stage uses a non dictionary, anti-brute
force password consisting of 1.44MB of random ASCII, that can't be guessed or memorized, stored on a floppy disk
for rapid destruction by neodymium magnet, mechanical shredding, and burning with a lighter. Once the volume is unlocked the computer should instruct you to remove the disk from the drive and stow it away, so that the OS never gets to or has the chance to read the contents of the disk once authenticated.

Message too long. Click here to view full text.

Terry Davis memorial compilation webm Anonymous 09/30/2018 (Sun) 09:33:39 [Preview] No. 12898 [Reply] [Last 50 Posts]
I want to make a memorial compilation of all his best moments in memorium. This needs to go here, the file size limit on 8ch make this more difficult to do there.

Lets upload and link content here to go into the compilation and let me know what you think the sequence should be and what if any background track.
2 posts and 2 images omitted.

Anonymous 09/30/2018 (Sun) 10:27:32 [Preview] No.12901 del

Anonymous 09/30/2018 (Sun) 10:28:46 [Preview] No.12902 del

Anonymous 10/09/2018 (Tue) 21:12:45 [Preview] No.12905 del

Anonymous 10/09/2018 (Tue) 22:52:20 [Preview] No.12906 del
Is there a youtube channel to youtube-dl? Stream sites he used? need more source material maybe even video of templeos in action .

Anonymous 10/10/2018 (Wed) 19:39:40 [Preview] No.12907 del
Terry had humor not sure if he realized that.

(999.11 KB 360x449 "Et tu, Palemoon?".gif)
Palemoon blacklists NoScript Anonymous 05/12/2018 (Sat) 03:01:36 [Preview] No. 12708 [Reply] [Last 50 Posts]
As the subject says. It's been entered into their custom "bitch at the user with a popup until they disable it" database. To be fair to the developer, he has solid reasons for his stance. I'll try to summarize as there is a lot of misinformation and emotion out there fogging the issue.

1) The Palemoon project does not have enough developer juice to debug other software and addons.
2) Various users: "[website] does not work with Palemoon. Fix your shit, Moonman!"
3) Moonman: "Known issue. Stop being morons and disable NoScript. Thank you, and have a nice day."
4) Various users: "We did. Same problem. Fix your shit."
5) Moonman: "Oh. That's an actual issue with Palemoon then. I'm on it!"
6) Much hacking and cracking and time and talent are expended to no effect. Surprise! NoScript does not follow the standard of letting go of the browser when disabled. It lingers on. It has to be completely uninstalled with an added cache clearing operation on top of that.
7) Moonman: "It's NoScript. Get rid of it. Have a nice day."
8) Various users: "No. FIX YOUR SHIT!"
9) Moonman: "Crush. Kill. DESTROY!"

If you roll with my simplification you can see his point.

I have two observations. First, quite a few sites have a technical support checklist that runs like this: "What browser are you using? Palemoon? Oh good! We have two fixes you may choose from. One, use another browser. Two, go away and do not come back."

My irony sense is tingling.

Message too long. Click here to view full text.

15 posts and 1 image omitted.

Anonymous 07/31/2018 (Tue) 14:46:46 [Preview] No.12851 del

Been doing UGC for a test drive for some time now. The only irritations I've found so far:

1) No way to conveniently prevent automatic page refreshing.
2) Installing extensions is a bit of a hassle.
3) No non-M$ 32bit version

Only that last is really irksome. Why no 32bit version?

Anonymous 08/01/2018 (Wed) 13:33:07 [Preview] No.12852 del

It also enforces tear off tabs with no way to disable. Something else I hate.

Anonymous 08/25/2018 (Sat) 11:13:21 [Preview] No.12862 del
>no 32bit version
Rather no x86 version. You should've ditched x86 a long time ago.

Anonymous 10/09/2018 (Tue) 12:07:18 [Preview] No.12904 del
>adnausum situation
What ever happened to that? It was making the rounds awhile back and people just stopped talking about it. I tried using it but it was broken as fuck and wouldn't work on my setup so I forgot about it.

Anonymous 10/24/2018 (Wed) 06:39:43 [Preview] No.12919 del
Reading his thread is enough to not want to use palemoon like ever again

Meta Thread Endwall 07/12/2016 (Tue) 12:03:36 [Preview] No. 171 [Reply] [Last 50 Posts]
Post any comments, concerns, or requests for the board in this thread.
Edited last time by Endwall on 07/12/2016 (Tue) 12:15:00.
25 posts and 6 images omitted.

Endwall 02/12/2018 (Mon) 05:05:49 [Preview] No.1113 del

Self defense primarily.

Read these threads the answer is in here:

Anonymous 02/14/2016 (Sun) 00:10:59 [Preview] No. 1726
About the developer:
I will remain anonymous as best I can.
I am not a professional computer scientist or programmer.
I have other commitments and can't maintain a continuous development cycle, but will work on this project sporadically as I have ideas or as issues emerge.Help and assistance on ideas are welcome. Critique and criticism of my tools are also welcome. Positive and negative reviews of experiences using endwall endset and endtools are also welcome.Point out any bugs that you find in the code and or errors in logic or in style or implementation that you find in the script and I may modify it in a release upon review.

Anonymous 02/13/2016 (Sat) 06:51:33 [Preview] No. 1693
1)My hope was to get some help with internet security by starting a thread asking for contributions of techniques and ideas. So far that's worked out pretty well. that ipsets thing has solved a major problem my server was running into. I'm glad I got that tip from here. Thanks >>1652 good work!

Message too long. Click here to view full text.

Endwall 02/12/2018 (Mon) 05:16:08 [Preview] No.1114 del
This entire board >>>/os/ is basically the last 30 mins of Star Trek 2: The Wrath of Khan, with Endwall in the staring roll as Khan, and Admiral Michael Rodgers in the Staring role as Captain James T. Kirk.

Endwall: "I spit my dying last spit at thee Rogers!!"
Admiral Michael Rogers: "ENDWAAAAAAAAALLLLLLLLLLLL!!!!!!!!!!!!!!!!!!!"

Anonymous 02/13/2018 (Tue) 21:59:58 [Preview] No.1118 del
There we go.

Endwall 02/18/2018 (Sun) 05:49:07 [Preview] No.1136 del

How I thought my computer privacy and security and anonymity was doing:
https://youtube.com/watch?v=e7X01_j_oDA [Embed]

How my computer security privacy and anonymity actually is:
https://youtube.com/watch?v=iPQfwmfRq2s [Embed]
https://youtube.com/watch?v=xrUEjpHbUMM [Embed]
Edited last time by Endwall on 02/18/2018 (Sun) 06:46:54.

>banner Anonymous 10/07/2018 (Sun) 17:27:20 [Preview] No.1326 del
I see this banner as: oops, your penis has been encrypted!

Anonymous 09/19/2018 (Wed) 14:35:43 [Preview] No. 12870 [Reply] [Last 50 Posts]


posting via it rn
15 posts and 2 images omitted.

Anonymous 09/23/2018 (Sun) 16:36:15 [Preview] No.12893 del
the addresses are effectively the same idea as i2p, hash of public key bundle. the cool part is that the public key bundle has a slot for vanity nonces.

i can put it on my git if you really want an i2p mirror

Anonymous 09/24/2018 (Mon) 17:26:53 [Preview] No.12894 del
will release 0.2.3 soon ish

Anonymous 09/24/2018 (Mon) 19:33:08 [Preview] No.12895 del
(214.36 KB 1766x982 bw.jpeg)
lokinet works with your favorite anime too

Anonymous 09/24/2018 (Mon) 19:43:57 [Preview] No.12896 del
it's also probably compatible with shit anime. haven't tested fully yet.

Anonymous 10/03/2018 (Wed) 12:54:01 [Preview] No.12903 del

RISC-V desktop Anonymous 09/26/2018 (Wed) 17:35:42 [Preview] No. 12897 [Reply] [Last 50 Posts]
Western Digital published a guide to transform the RISC-V HiFive Unleashed board into a desktop:

SiFive completely open sourced their bootloader:

This means Coreboot can now have more development on SiFi platforms:
The usage of Linux kernel as a payload (instead of bloated UEFI stuff) is going good too with the project LinuxBoot:
Check this (very good) talk:

There's still some blobs, though. The GPU is not open hardware, although some project have open ISA (maybe in the next years):

Message too long. Click here to view full text.

(98.58 KB 752x1061 473734734.jpg)
Anonymous 06/24/2018 (Sun) 20:08:57 [Preview] No. 12806 [Reply] [Last 50 Posts]

P2P web browsing via websites served and shared on individual nodes:
users can create their own websites and host them from their own computers/servers
users can upload and share other's websites on their own computers/servers
self serviced websites are manually named *but will generate a random entropy hash within the url, example:
node://7bv45ix0/8ch.net or node://c334o96y/endchan.xyz
*the random entropy hash prevents individuals from creating and overriding other established websites
endless domain creation: .com, .org, .info, .onion, .rebel, .on, .geek ... et al (infinite)
browser can access HTTP, HTTPS, FTP, Zeronet, Beaker, eMule/eDonkee and various obscure networks.
browser is enabled for users to share files with others, creating decentralized P2P file sharing
the browser would have its own built-in decentralized search engine similar to YaCy that can pull up any content found
high standard end-to-end encryption would be active by default for all P2P connections
browser has a lightweight bit-torrent client built-in
onion routing is not mandated but the option would be allowed within the browser
I2P routing would also be an option for users
Dust and IPFS could be utilized in the browser for further anonymity and resilient decentralization.

Message too long. Click here to view full text.

4 posts omitted.

Anonymous 07/12/2018 (Thu) 22:23:33 [Preview] No.12835 del
You want an internet suite stuffed into one browser?
That's sorta something what Seamonkey and ChromeOS do and dozens of failed projects before them did.
Which is not really good. Having interoperability and data exchange between different gui applications is cool, but having your browser to do all the work is asking for a trouble with too much attack surface. I am also pretty sure, you can have all this shit like accessing zeronet, irc, tor and i2p, download torrents and email with set of web browser addons.
You should also understand that hosting stuff from home computer puts drawbacks on availability compared to a remote VPS in a professional datacenter, or a dedicated server in your basement with nig-rigged car battery UPS which not everyone is eager to invest in.
>the random entropy hash prevents
You just came up with some useless bullshit. Look at how onion, eepsite, gnunet and cjdns domains are resolved and generated. It should not only be a "random hash", but also act as a public encryption key or public key hash without reliability on someone's DNS servers.
The main problem of "le decentralized internet" is how easy it would be for external powerful actor to remove pieces of it, and remove them not only for one group of users, but for everyone. Let's say you live in small corrupt country and post on facebook. Your country's government wants to remove your posts from facebook, but until those break facebook's tos or facebook has big-money business in your country, they don't care. And what would your country do then, ddos facebook or block it? The latter is feasible, but blocks can be avoided, the data still exists on Facebook's servers and is available for those who put much effort in it.
Now say again, you live in Ancapistan Enterprizes Real Estate. A society of decentralized Internetz and such. You host your blog from home, a small single board server and a 1 gbit unlimited connection, pretty nice isn't it? One day you post something bad about McFacebook corporation on your blog. Automated web crawlers of YaCy search engine detect wrongthink and it triggers McFacebook CEO personally. What happens next? They simply DDOS your weak 1gigabit-wide channel to the point when your ISP, or datacenter where your VPS is hosted disconnects your server for consuming too much traffic and blackholes all requests coming for your address, your server is already inaccessible at this moment. It's done, McFacebook corporation completed it's mission and eliminated you quickly. What would you do next? You either go to your ISP or some decentralized CDN provider and ask them to implement a DDOS protection, i.e. you have to find someone who will host your shit for free on pure enthusiasm (ipfs and webtorrent) or for thousands of shekels (Cloudflare) or in exchange for datamining (Facebook). Now you get the same modern Internet and web, where you have to host your important information on a big datacenter with wide bandwidth, distribute content over wide network of CDNs and gateway proxies.

Anonymous 07/18/2018 (Wed) 15:43:21 [Preview] No.12841 del
Yeah, some girls wrote it years ago
Then google hired them and gave them soul crushing jobs so they would forget about ever having written the wooden stake that could kill the google vampire

Anonymous 09/21/2018 (Fri) 15:23:03 [Preview] No.12879 del
>because will you accept to pay electricity and general infrastructure to host the website of someone else
Just similar to torrents. There is no need to have a full copy, giving endchan as example you could only have /tech/ and a few threads from other boards. You just seed when your pc is on anyway, that should not be expensive. Alternatively some retarded cryptocurrency stuff can be added.

OS Anonymous 09/21/2018 (Fri) 18:21:53 [Preview] No.12884 del
This relly sound like an OS.
You would need to become a router for a lot more traffic.
u also ned moar than jus browser.
I'm too dumb to see how a build in email client wouldn't be a
security threat.

Anonymous 09/22/2018 (Sat) 21:14:27 [Preview] No.12892 del
Isn't ZeroNet similar?

(34.60 KB 1200x800 DhabSjYW4AE8qu5.jpg)
The div that looks different in every browser. Anonymous 07/11/2018 (Wed) 23:02:51 [Preview] No. 12826 [Reply] [Last 50 Posts]

html {
display: table;
height: 100%;
width: 100%;

body {
display: table-cell;
vertical-align: middle;

div {
margin: auto;
width: 100px;
height: 100px;
outline: inset 100px green;

Message too long. Click here to view full text.

8 posts and 1 image omitted.

Anonymous 07/29/2018 (Sun) 14:00:08 [Preview] No.12850 del
wait could copyright the CSS as like the input and then own the rights to the various shit it spits out?

Anonymous 09/22/2018 (Sat) 01:30:58 [Preview] No.12885 del
(1.99 KB 308x293 qup.png)
Tested it in Qupzilla, got this

Anonymous 09/22/2018 (Sat) 11:47:00 [Preview] No.12886 del
This completely fucks the catalogue, try searching something then clear it.

Anonymous 09/22/2018 (Sat) 13:26:54 [Preview] No.12887 del

Anonymous 09/22/2018 (Sat) 19:34:10 [Preview] No.12890 del
Lol, queue x-files theme.

I bring the Binary Gospell to all....lol StIgnatiusofCyberspace 09/21/2018 (Fri) 04:35:09 [Preview] No. 293 [Reply] [Last 50 Posts]
No one really knows what the matrix is.....