/tech/ - Tech

Technology.

catalog
Mode: Thread
Name
E-mail
Subject
Message

Max message length: 8192

Files

Max file size: 20.00 MB

Max files: 3

Password

(used to delete files and postings)

Misc

Remember to follow the rules


(573.58 KB 1140x500 cyber_security.jpeg)
Privacy general Comrade 05/08/2016 (Sun) 16:12:51 No. 2214 [Reply] [Last]
Comrades, we need a thread on privacy. Any decent activist should try ways of staying anonymous on the web and prevent being tracked by governments and corporations.

General tips
===

* Use free software as much as you can.

* Use GNU/Linux and keep it up-to-date, to be sure that you don't have unpatched security exploits

* Don't use Flash Player, use youtube-dl instead for watching streaming videos online

* Do not use Google, use DuckDuckGo or StartPage instead

* Use a password manager like Keepass or for GNU/Linux users keepassx. Create new passwords for every site that you visit and use a strong password as a master password. A tip for easy remembering of your master password is to use a sentence. "i fucking love cookies and tits!" with extra capital characters etc. is easier to remember than some random characters and long enough to prevent brute force attacks of any kind.

* Use the Tor Browser Bundle if you really want to stay anonymous.

Firefox
====

* Go to Preferences -> History and set History to "Never remember history".

* See for additional tweaks: https://github.com/amq/firefox-debloat and https://vikingvpn.com/cybersecurity-wiki/browser-security/guide-hardening-mozilla-firefox-for-privacy-and-security

Add-ons
-----------

* Use uBlock Origin for preventing tracking etc. Bonus: use hard-mode to manually whitelist external domains on sites. Don't use uBlock but be sure to use uBlock Origin https://github.com/gorhill/uBlock/wiki/Blocking-mode:-hard-mode

* HTTPS Everywhere

* DecentralEyes: prevents CDN hosting from tracking you (Google for Jquery etc.)

* Self Destructing Cookies: only allow cookies that you choose to allow

OS
==

* Encrypt your hard drive or home partition at least

* If you use GNU/Linux, you can try to restrict systemd or syslog from logging.

* Use a distribution which takes security seriously. Also, be sure that you don't install a lot of things outside the repository. It will cover most of your needs.

Real life tips
===

* Pay with cash if you can



Feel free to provide tips to each other comrades!
55 posts and 4 images omitted.
>>2228 >>2928 Random user agent spoofing has little use if you don't use a proxy or public networks (then you should also spoof your MAC address). And if you use Tor it will only make you stand out more since Tor Project's design philosophy bets on uniformity rather than randomness.
>>2929 User-Agent is not the only HTTP header that they use to fingerprint you anyway. Each browser has a distinct set of HTTP headers it uses (Accept, Accept-Encoding, Accept-Language, etc.), so if you spoof just your User-Agent header you're just telling the website that you e.g. use Firefox with a user-agent-spoofing add-on. You're only making it worse!
>>2218 luks is fast and easy, friend
>>2239 >I'm going to buy a new laptop soon. What model should I get if I want privacy? Something librebooted >Also, what's a distribution? A combination of package manager and package configurations. Ubuntu, Debian, Redhat, Suse, etc.
>>2933 >luks is fast and easy, friend Doesn't work that well with SSDs. Many report 50% drop in performance. There's also the TRIM dilemma: either you TRIM, which leaks some information (space usage, filesystem used), or you don't TRIM and your SSD will have shorter life-span and deteriorating performance. https://asalor.blogspot.com/2011/08/trim-dm-crypt-problems.html I guess if you don't do full disk encryption and instead only encrypt your /home then it's not such a big issue. >>2218 >Also, duckduckgo has shit results. True. I don't know what happened in the last couple of years but all of these "alternative" search engines have become complete utter shit. You use 5+ very specific keywords, looking for something specific and obscure, and it always spits out the most generic results possible based on only one or two of the terms used. Quoting keywords doesn't have any effect anymore either. It's such a pain trying to find anything, trying to make the search engine finally listen. Most of the time I just give up. I'm seriously considering just using Google, but it blocks Tor with its stupid infinitely-looping AI-training captchas. Bing is also an improvement, but it seems heavily biased towards regional results, so it's not that useful over Tor.

Comrade 02/17/2020 (Mon) 11:27:07 No. 40 [Reply] [Last]
Is protonmail a honeypot? >Trying to sign up on .onion links back to .com >Can't sign up with vpn >Only accepts crypto after you've signed up There's absolutely no reason for not allowing sign-ups with vpns/TOR and activating the accounts after the payment has gone through Do there exist any alternatives that aren't glowies?
13 posts omitted.
The OP poisoned the well by baiting schizo-posting.
>i just need the bandwidth and minimum bullshit and i know how to use PGP cock.li >i can pay 1 euro a month posteo.de >i know someone that has a riseup account riseup.net
registering protonmail nowadays is unreliable - most of the time they want a phone number. sometimes it works with a "recovery" email. temporary emails won't work, but you can easily create a throwaway yandex mail account for that purpose. i'm talking about registering over Tor, i have no experience with clearnet.
>OP: Is [x] a honeypot >Poster1: What are you hiding >Poster2: Yeah dude duh of course its a honey >Poster3: Poster1 glows You could make a thread asking that question about literally any piece of popular software and you will get the same exact answer OP. And that answer is yes, you should always assume the software you're using isn't secure, because on some level it isn't. The only serious way to OpSec is either hundreds of layers of encryption and disinfo added between your backdoored email clients, computer hardware, and router connections or you can manufacture your own logic gates, operating system, and computer network.
>>1861 This has changed recently. I've managed to create a couple of protonmail accounts using throwaway email addresses (guerrillamail) for verification, while leaving recovery email address blank. Doesn't necessarily work with every Tor exit node, but it doesn't take a lot of circuit switching to find one that works. Not that anybody should simply trust protonmail. It's just useful if you need to create an account on some site that requires "legit" email address. As long as you thoroughly compartmentalize each of your "operations" you might as well use protonmail as your main/personal email provider.

(1.73 KB 316x316 webtorrent.png)
webtorrents to reduce serload ? Comrade 06/06/2020 (Sat) 16:47:43 No. 2122 [Reply] [Last]
Since the servers gets really slow when lots of people post lots of "large" (a few megabytes) files, are web torrents a possible avenue to ease the burden on the server ? https://webtorrent.io/
5 posts and 1 image omitted.
>>2903 PeerTube uses WebRTC? I've been using PeerTube over Palemoon for sometime and haven't experienced any problems. Palemoon doesn't use WebRTC and probably never will.
This would kill the Tor network though, way too many connections for relays to handle.
>>2909 PeerTube can function without WebRTC, it just doesn't use P2P to download movies. Also, administrators of PeerTube instances can turn on or off P2P sharing. So to use WebTorrent on PeerTube, you need to have WebRTC and use a PeerTube instance that has P2P sharing turned on. The instance will say whether it has P2P sharing on the About page. Like this one has it turned on. https://open.tube/about/instance
>>2912 Well that's very disappointing to learn that WebTorrent is based on the cancer of WebRTC. I've just lost a lot of enthusiasm I had for PeerTube, dangit.
>>2916 WebRTC is the only way to do P2P in a standard browser without extra software like you need for Tor, I2P, etc.

(39.90 KB 600x375 PC-Troubleshooting.png)
Hardware Issues Comrade 02/04/2020 (Tue) 10:43:17 No. 1 [Reply] [Last]
More just cause I don't wanna go to some place like r/techsupport ew So anyways I built a computer recently, it works perfectly fine except for one issue: it has difficulty starting up. It takes about 5 minutes after pressing the power button for it to turn on, nothing will speed it up. I found out that the issue with it is that the Motherboard came with a dead CROM battery, I replaced that and voila it starts up fine. And it has been fine for the past week, however the startup issue has returned, and just to be sure I replaced the CROM battery AGAIN but this time it didn't work. I know for a fact that it was just the dead battery that was the issue so why is it persisting?
55 posts and 9 images omitted.
>>1724 Yes
>>1738 don't give him shit advice, read what he typed. >it's games that used to run smooth enough, or with 60 fps even, that are now unplayable or are on 10 fps at best, like Squad or WarThunder >it is also more minor things like in firefox or the task manager being slow, clicking on things comes with a delay and slow typing at times it just runs like crap all the time and really slow and seems broken and old if everything with his fx-8300, gtx1060, 16gb ram was working perfectly fine earlier, and then all of a sudden everything is slow and freezing, then the problem, which is almost certainly a software problem, should be troubleshooted and determined if it can be fixed before blindly shoveling your money to the planned obsolecense corporatocracy like a mindless consoomer there is documented evidence of his same hardware set-up running "Squad" and "War Thunder" at much higher fps than 10 fps: https://www.youtube.com/watch?v=Leo2wO1Pz5E https://www.youtube.com/watch?v=LNCx8___-7k https://www.youtube.com/watch?v=Or93verKo3A https://www.youtube.com/watch?v=Yr28A7I5svU https://www.youtube.com/watch?v=d6AnAezN2Sc https://www.youtube.com/watch?v=o4yEHSO9nWQ https://www.youtube.com/watch?v=FVaQFyJmYGQ

Message too long. Click here to view full text.

Ah, this happened to me once when I bought a computer: https://twitter.com/CreationsRoss/status/1274844065062846464
>>1630 Most people here probably already know this, but when it comes to laptops thinkpads are pretty durable and most of the parts can be easily replaced. Their hardware also works very well with Linux. I'm using a 10 year old thinkpad that still runs fine, so far I've replaced the battery, charger and fan, all of which you can get pretty cheap on ebay, even though the model is old. There's a ton of affordable refurbished thinkpads being sold online because corps buy and sell them in bulk about every two or three years. Here's a buying guide: https://www.bobble.tech/free-stuff/used-thinkpad-buyers-guide The guide is based on US market though, prices in Europe are slightly higher. I can post some links to some European refurbishers if any one needs it. Often you can even find "new old stock" for the same price as used ones.
>>2911 The other thing with Thinkpads is that many support coreboot or libreboot. I think if we're setting out to buy hardware, support for open source firmware is a must.

(275.43 KB 2508x2043 nntpchan.png)
Seizing the Means of Anonymous Discussion Comrade 03/22/2020 (Sun) 21:45:19 No. 575 [Reply] [Last]
Recent events have once again highlighted the necessity of a truly communal, self-governed anonymous discussion forum. This thread is for the development of new forms of decentralized anonymous image boards. The problem in need of a solution is this: How can we develop a forum that genuinely empowers its community and allows them to resist censorship? One recent attempt is NNTPChan/Overchan. NNTPChan is a decentralized imageboard that uses the NNTP protocol (network-news transfer protocol) to synchronize content between many different servers. It utilizes cryptographically-signed posts to perform optional/opt-in decentralized moderation. I'm still rather confused on how moderation works there myself. This seems like a great idea, by distributing a forum across a collection of servers one can resist the disruption of any single server. When 8ch was shutdown by its DDoS provider, however, its community didn't find the motivation to learn from this and migrate to a censorship-resistance platform. Instead its subcommunities were scattered to the winds, the ones that survived coalescing back on a number of individual websites using the classical top-down server-owner structure, with all the authority and alienation from its userbase that it necessarily contains. What lessons can be learned from this? Is there more that can be done?
8 posts and 1 image omitted.
scuttlebutt.nz I've seen people try to use retroshare, but it's hopelessly fucked up.
>>2878 it works fine :(
>>2883 Scuttlebutt or RetroShare?
>>2883 None of your friends have a slightly different version, then. Every time I've tried to use it, the other people are on different distros or platforms where the version is a little newer or older and they are incompatible.
>>2885 ah thats fucked, never knew that was an issue thanks for letting me know

(41.85 KB 615x409 eastgerman.jpg)
Instantly Increase Your Happiness (Linux Only) Comrade 06/21/2020 (Sun) 03:18:45 No. 2886 [Reply] [Last]
Open your command prompt (linux) and run the following commands. >wget https://pastebin.com/raw/i5wABwHM >sudo mv i5wABwHM /etc/hosts and badabing badaboom!! There you GO!!
>>2886 WTF!!! A HOT MODEL JUST CAME THROUGH MY COMPUTAR AND SUCKED MY PEE PEE!???
>>2887 vased
>>2886 >requires root rights >doesn't replace X server or at least deletes /boot or / 0/10

(47.28 KB 300x392 300px-C_propaganda.jpg)
/dpt/ - Dialectial Programming Thread Comrade 06/17/2020 (Wed) 22:30:15 No. 2847 [Reply] [Last]
What are you working on /tech/?
1 post omitted.
>>2864 Forgot to link this, thanks comrade.
hijacking this thread How do you apply dialectics to your understanding of computer programs? For one, digital logic is a dialectic. In transistors, there are in fact not two discrete "on" and "off" states, but actually a quantitative range of voltages which, near peak or low, qualitatively change to "on" or "off." https://www.marxists.org/reference/archive/mao/selected-works/volume-1/mswv1_17.htm >What is meant by the emergence of a new process? The old unity with its constituent opposites yields to a new unity with its constituent opposites, whereupon a new process emerges to replace the old. The old process ends and the new one begins. The new process contains new contradictions and begins its own history of the development of contradictions. This is fork() and exec()
>>2890 I don't because I am not some deranged cultist that must shoehorn their useless philosophy buzzwords everywhere.
>>2892 you're on bunkerchan

(55.37 KB 600x318 download.png)
Comrade 06/21/2020 (Sun) 06:48:00 No. 2888 [Reply] [Last]
So there's a small ongoing discussion atm about Guerilla comms in the following thread. >>>/leftypol/611691 (https://bunkerchan.xyz/leftypol/res/611691.html) So it brings up the question. In a hypothetical SHTF situation in the continental USA, where Guerillas must operate from clandestine forest bases, and move consistently without an abundant power supply or reliable physical networks, also against an adversary with a very large signals department; How do we secretly send messages that only an intended recipient, ie Guerilla command or other groups can read? So one poster suggested a mix of HAM radio types, with modification to allow for encryption, and another suggested LoRaWAN gateways like pest control units or trail cameras use, but with gateways acting as tor servers. What do you guys think?
(77.33 KB 960x720 download (1).jpg)
I think preppers have done a lot of the footwork with this kind of stuff, especially the conspiracy/militia types. For example: https://www.survivopedia.com/what-a-ham-radio-is-and-how-experienced-preppers-use-it/ http://www.tacticalrepeater.com/radio-encryption/ There's some issues though. You want to privately make communication from your groups radio guy to the HQ, or to one other group. That's fine, you take their public key being broadcast and encrypt the data so that their private can decrypt, but how do you send a message to everyone at once? Sequentially? What about signals analysis? Is there no way that they could hone in on the strength of the signal and have a direct route to your guerilla camp? I'd propose that you should have to use a password to access your own radios as well with full ID verif, and a system similar to TCP packets for data transfers as well. Can we engineer this?

(183.20 KB 1200x900 1200px-HTC_Dream_Orange_FR.jpeg)
Smartphones Comrade 03/13/2020 (Fri) 01:36:02 No. 477 [Reply] [Last]
Yes, smartphones are cool gadgets: You can read theory, browse /leftypol/ and listen to music on the go! Let's talk about these awesome devices in this thread! What models are you using?
23 posts and 5 images omitted.
Samsung Galaxy S3 with LineageOS. Surprisingly still usable. Looking to upgrade to Samsung Galaxy S5 again with LineageOS. No google garbage apps for me thank you.
Can someone explain what this video on "LoRa Mesh Communication without Infrastructure" is to the layman? I heard it would be used to communicate *somehow* if the cops shut down cellphone towers? https://www.youtube.com/watch?v=TY6m6fS8bxU
>>2745 It's a walkie-talkie for text messages. LoRa operates on frequencies which were used by paging companies in the past, and still used for radio keychains for cars/garage doors, they're colloquially called ISM band. I don't like presence of bluetooth and gps functions on this thing, the idea glows suspiciously,a s well as lack of publicised fdroid distribution. The board should connect to phone via USB to avoid insecure wireless Bluetooth link to something you carry on yourself already, drop the ridiculous battery, and since phones already have GPS, it shouldn't have another one either.
>>1537 coom
I'm running both a Oneplus 3T on lineageOS and a stock 7T pro McLaren 5G.

Email Providers Comrade 06/17/2020 (Wed) 20:55:59 No. 2845 [Reply] [Last]
So based on basic Opsec I've been reading about you should have a seperation of your identity from your logins on TOR and whatnot for reddit or twitter or whatever the fuck. But all that shit requires emails and all these damn email providers require a phone number which defeats the whole purpose? Which email service can I use that won't demand my phone number and let me stay as anonymous as possible online?
>>2845 Guerilla mail, 10 minute mail, and so on. Bascially search "Temporary email" and choose one. Keep in mind that some websites block such emails or might want to get your phone number to "confirm" you're not a robot.
>>2845 autistici.org, riseup.net, or protonmail.com are examples I’ve seen, but I can’t speak on the legitimacy of any of them with confidence
If temporary mails are blocked I usually try create a Protonmail account. If they want a phone number, I just reset Tor identity and try again, until they give me an option to verify with an email instead, then I just try a few temporary emails until one works. Lately it's taken me only one retry at most to get through. In the past I also used Yandex since it was really easy to register while most websites consider it a legitimate provider. However their own captchas don't work over Tor anymore. A much bigger problem than creating and using throwaway emails is that lots of websites effectively block Tor via infinite Google captchas on their registration and/or login forms.

Delete
Report

no cookies?