/tech/ - Tech

Technology.

catalog
Mode: Thread
Name
E-mail
Subject
Message

Max message length: 8192

Files

Max file size: 80.00 MB

Max files: 5

Captcha
Password

(used to delete files and postings)

Misc

Remember to follow the rules


(159.59 KB 497x496 feralhogs.png)
Linux, BSD setups Comrade 08/09/2019 (Fri) 21:33:50 No. 2179 [Reply] [Last]
Discuss what's your setup and collection of applications on your personal computers, smartphones, embedded devices, Industrial equipment, etc. for opsec that other anons could use.
Gnu radio for police chatter?
raspberry pi gps with security features?
Special ECM equipment you're willing to show?
Post them here.
29 posts and 4 images omitted.
>>746
>Was wondering what Android/lineage build you guys would recommend, something thats reasonably secure (At this point just worried about companies stealing my metadata) and want to get rid of the adds that keep coming up in my shitty international version of android they've given me.
There is no such thing as a secure cell phone. Replicant is the closest you can get with android, but your device is not supported: https://replicant.us Looking around on XDA for you it seems like all your options are roughly equivalent in terms of security. Just get a official rom I guess.

>Cell phones are tracking and surveillance devices. They all enable the phone system to record where the user goes, and many (perhaps all) can be remotely converted into listening devices.
>>746
There is no such thing as a secure smart phone, install lineage OS on it to have a non shit version of linux, and turn it off when it doesn't need to be on, leave it at home when you can
>>823
*non shit version of android
Don't commodify your personal information. Everything is on a permanent record. Woke leftists are crypto-anarchists. Cyberpunk is now! Stop blocking Tor users!

>Computer:
OS: When your not into QubesOS, you should consider using a hardened Debian with VirtualBox running Whonix and for more OpSec running Tails from an USB-Stick.
Mail: Thunderbird with Enigmail and TorBirdy; provider: RiseUp, Autistici, posteo, protonmail, tutanota, disroot etc
Password manager: KeePassXC
Encryption: zuluCrypt
PGP: gpa or Kleopatra
Browser addons: uBlock, uMatrix, https everywhere, decentraleyes, Privaqcy Badger, User Agent Switcher, CanvasBlocker, Cookie Auto Delete
Cloud: NextCloud
PDF: Okular
Office: LibreOffice

>Smartphone:
OS: When you don't have a Google Pixel running GrapheneOS you should get LineageOS or any non-Google privacy enhancing AOSP. See https://www.xda-developers.com/
VPN Mode: channel everything through Tor via Orbot
Browser: Tor Browser, Firefox Klar (when you don't have
App Store: F-Droid (, Aurora, Yalp -> run Google Play Store apps only isolated through Working Profiles via Shelter)
Mail: K9
PGP: OpenKeychain
Adblock: Blokada
Spoofing: NetGuard, Private Location, Wi-Fi Privacy Police, MacChanger, SnoopSnitch
Messengers: Briar, Signal, Wire, Riot.im, TRIfA
Camera: ObscuraCam
Maps: OsmAnd~
Text: Markor, LibreOffice Viewer, muPDF
>>879
>RiseUp
They literally read your fucking e-mails to maintain their censorious terms of service.

(134.50 KB 620x258 prog-languages.png)
Languages Comrade 04/06/2017 (Thu) 08:59:43 No. 3318 [Reply] [Last]
What programming languages do you guys use? I'm mostly Python, Java, C#, C++. Used to like functional programming but IMO now that regular OO languages have alot of function features like first class functions its not as big a deal to write code in a pure functional language like lisp or haskell, better to write regular python or something and occasionally write some functional-styled code
12 posts omitted.
>What programming languages do you guys use?
C#, F#, python when I need to quickly process some data files (its much more expressive and easier to work with loading files and lack of type system allows me to do autistic quick designs, but unmaintainable)
rust,,, the communist programming language
>>316
I was under the impression that the default serialization and backend representation for DateTime in C# was ISO 8601 complaint which is UTC
>>143
I enjoy programming in R7RS Scheme, although it's not very practical if you're trying to follow the standard. I have some familiarity with C which I strongly dislike, desperately wishing my familiarity was with Ada instead. I also have some familiarity with Clojure, Ocaml, Elisp, and Chip8 the former two having interesting properties, the third being acceptable, and the fourth being a good learning experience.
python for general purpose
php/sql for web dev
c++ for performance critical

Comrade 09/17/2019 (Tue) 02:45:23 No. 2569 [Reply] [Last]
Is Raspberry pi 4 safe to use?
Comparing to Intel/Amd that may be backdoored
>>706
>Is Raspberry pi 4 safe to use dompared to Intel/Amd that may be backdoored?
Cortex-A72 in the Raspberry Pi 4 are vulnerable to speculative instruction attacks without software patching which reduces performance similarly to AMD and Intel CPUs but the Raspberry Pi 4 lacks the ME, AMT, PSP, Microcode, etc issues. There are still a tremendous amount of issues regarding software freedom though, and with a lack of software freedom necessarily comes a lack of security, to quote the FSF on this matter:
>Boards based on the Broadcom VideoCore 4 family, such as the Raspberry Pi, require nonfree software to startup, although signature checks are not enforced. A free proof-of-concept replacement firmware has been developed, but it is not in a usable state, and development has halted. Until the nonfree startup program is fully freed, these boards are useless in the free world.

>By default, the GPU requires a blob running in this same startup firmware. However, Broadcom also supplies an "experimental" free software stack, which could run without blobs, if the startup firmware were free.

>The startup program also implements accelerated video decoding, primarily using highly optimized proprietary code as well as some dedicated video decoding hardware blocks. There are intentional restrictions, apparently due to software patents, blocking the use of this code without a license key (a form of DRM). Nevertheless, video decoding can be done with free software on the CPU, with a performance and power cost.

>There is an additional concern for the Raspberry Pi Camera Module, produced specifically for use with the Raspberry Pi. In order to access the Camera Module, it requires the use of a binary-only driver on the Raspberry Pi. This driver refuses to work unless authentication of an ATSHA204A chip present on the camera board succeeds. This is a crypto chip capable of solving challenge-response requests using a captive secret key within it, essentially it is used to prevent hardware cloning and confirm that the camera board was not manufactured by a third party. In other words, it is a form of hardware DRM. If necessary, you can use a USB webcam supported by free software instead.
https://www.fsf.org/resources/hw/single-board-computers

Two secure products with roughly the same price range as the Raspberry Pi 4 are:
http://www.banana-pi.org/m1.html
https://www.olimex.com/Products/OLinuXino/A20/A20-OLinuXino-LIME2/

These products are of themselves as completely free of security faults as you can currently get, but keep in mind the software you run on your system is at this point far more important than the system its self. Performance of these devices is quite a bit less than that of Raspberry Pi 4 though. If you gave me your price range and requirements (what you want to run) I and others could better give you suggestions, and you could more directly achieve your objectives.
>>707
What about old hardware? Like a Pentium 133 or an AMD k-6 ?
>>721
>What about old hardware? Like a Pentium 133 or an AMD k-6?
Sure, you shouldn't really need to go that far back though, also those CPUs are probably slower than the systems I listed. It seems to me that at the very minimum some K-7 and Netburst CPUs would be a possibility. It's difficult for me to give suggestions though because they've just been consistently moving in this direction for such a long time, and because in many cases the early developments of these technologies are either innocuous or simple to work around.

2006-2008 is the grey area for Intel CPUs because this is when things started going south with AMT, ME, TPM, Microcode, Speculative Execution, etc. You really do have to do some research into the individual CPU to know for sure in this time span. I honestly don't know as much about AMD CPUs, I know some of them have speculative instruction issues since 2003. They started getting Microcode in 2007, they got SEM at some point post-2003 and they got their PSP system in 2013. It probably took a generation or two for each of these things to become strong enough to be harmful though as in Intel CPUs. If you really want to go back to the vary root of most of this it's with trusted computing which started to slowly be implemented starting around 2003:
https://www.eff.org/wp/trusted-computing-promise-and-risk
https://www.eff.org/wp/meditations-trusted-computing

Another concern for x86_64 systems is that they have non-free bios which need to be re-flashed with coreboot or libreboot in order to be able to boot using only free software. This problem is near universal with only a few examples of machines with modern Intel CPUs being the exception. Additionally the vast majority of systems lack support for libreboot/coreboot. Due to this there is no x86 system I can point to and say out of the box this is capable of running a desktop environment securely.
>>707
>http://www.banana-pi.org/m1.html
It recently came to my attention that there is actually a great deal of controversy on this board. It seems that it's not entirely standardized that it's not entirely open-source hardware, and there are a number of legal disputes with it. Given that I'd likely suggest the other board as a raspberry pi replacement.

(70.37 KB 852x480 1.jpg)
Protonmail Comrade 08/25/2019 (Sun) 02:18:18 No. 2163 [Reply] [Last]
hey what do you guys think of protonmail?

i use gmail right now

>founded at CERN, lol
10 posts and 2 images omitted.
opinions on tutanota?
What about disroot?
>>586
Yes, it's called self hosting your own email server and using the right encryption
But in general, no internet service that's outside of your hands (on which you relay a lot of sensitive information) is safe
>>604
Yeah but even then you are still having an exchange between two parties.
Expecting everyone to commit to Encryption standards is silly in this day and age
Try dismail.de

(412.40 KB 3200x2400 anarchist computer.jpg)
Revolutionary tech work Comrade 08/25/2019 (Sun) 14:58:45 No. 2559 [Reply] [Last]
I have knowledge for FreeBSD/Linux system administration and programming skills in C, C++ and Lisp. What's the best way to use these for revolutionary work?

I thought of making an application useful for punks, bums and people living an anarchist lifestyle but these people usually either can't afford or choose not to use this kind of technology. I thought of an application that could help anarchists organize but I'm thinking it could also be used against us, because it could help fascist groups identify and find us as much as it could help anarchists find and help each other. This is dangerous because it's as useful for fascist missions as it is for anti-fascist/anarchist ones. Otherwise, hosting something like an IRC platform and creating an application to ease its use could be nice but it's already being done by IRC channels, Facebook/Messenger groups and Discord groups, and it still excludes people who don't have access to this kind of technology. The goal in making a new application would thus be to help people help others, or to make the use of the application by indoctrinated people useful to anarchists without them having to use the application. I can't find any interesting idea fitting one of these descriptions.

Right now the only thing I can see is contributing to open source software that's already being used as backbones for other revolutionary software, like news sites, blogs, applications, etc. to contribute indirectly to these while having as big an impact as possible (contributing to a library used by many platforms helps more platforms than directly contributing to one). That would be low-level stuff like nginx, widely used libraries, an IRC daemon used by IRC networks hosting leftist channels, etc.

About the FSF, contributing to software of theirs that interest me like emacs would only be useful for other programmers, who, by that fact, should already have enough talent to take care of their own and thus should be helping others. This goes for many projects by GNU and the FSF, which are often aimed at corporations and corporate pawns to make them dependent on their software and leech for donations to the foundation. In other words, the software is made to help capitalists who have money to give to the FSF. Also, contributing to GNU projects would force me to voluntarily give the copyright of my contribution to the FSF, thus alienating me of my own work. Maintaining intellectual ownership over my contribution is important to me, because even though I'm using a free license, I want to be recognized for it. The fruit of my labour is mine, made for others, and the way the FSF does things goes against that. Contributing to FreeBSD, on the other hand, would give me this, even though it has the same issue of being aimed at capitalists who have money to give to the FreeBSD Foundation.

What does /tech/ do to help people with their tech skills?
4 posts omitted.
>>588
>pic
Have they on purpose tried to make him look like V/Anonymous?
>>602
I work with Backend for a lot of different Systems, if the project goes open source i would be happy to help with some backend coding.
>Some other considerations:
>- Could attract right wing terrorists and allow them to organize (not probable, but possible)
>- Bosses could infiltrate syndicates
You could have syndicates be on invitation basis (Where you write the moderator of the board why you want to join) as well as encouraging moderation of each syndicate (as you said something along the lines of reddit? that's your choice i guess)
Having a back-end you also have to take into consideration where you want to host it. I am setting a server up for personal use, if the application requires not too much load i could be swayed to help hosting it.
Good luck if you go forward with this idea Anon
>>647
there's now a thread dedicated to this idea, >>638
>>588
Write a malicious worm that targets the computer systems of banks and stock trading companies.
Create something to help people commit financial fraud. Fraud is a huge multi-billion dollar industry and many poor people actually depend on stuff like cards to get free food delivery and stuff. I used to do this kind of stuff everyday for over a year to fill my kitchen up with as much food as I could.

(11.68 KB 474x308 r5635563456234.jpeg)
Packet sniffing and interception via PAU06 Panda wireless Comrade 08/21/2019 (Wed) 00:32:36 No. 2156 [Reply] [Last]
So I bought this pandawireless wifi card for packet sniffing.
i managed too get it running and in monitor mode on my computer, but, my machine keeps yelling at me about airmon-ng already being installed under "iw" which is what I used to put my dongle into monitor mode, but, I am not seeing any applications with iw loike airdump that allows me to monitor traffic in the area.

Can anyone help me actually make use of my wifi cards monitor mode?
1 post omitted.
>>548

[email protected]:~$ airmon-ng

Command 'airmon-ng' not found, but can be installed with:

sudo apt install aircrack-ng

[email protected]~$ sudo apt install aircrack-ng
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package aircrack-ng is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
However the following packages replace it:
iw

E: Package 'aircrack-ng' has no installation candidate


That's what happens when I try and install airmon.

All I want to do is monitor my network traffic and see who is using my network and what they are doing and, if possible, rate limit people/ deny them service all together.
>>548
Lmfao, i'm stupid. My repository needed updating. That being said I still don't know what to do with monitor mode.
>>551

crude monitoring capability should be provided by even the most gimped router's http frontend provided by ISPs. if you are serious about regulating your own wireless network, you should get router that allows custom firmware/openwrt from get go. Right now I would suggest you to just go wardriving and find any useful throwaway AP. keep in mind most ISPs of the world use few digits of hexadecimal number as WPA key so bruteforcing them is feasible
>>566
Yeah but how exactly do I go about monitoring and analyzing my network traffic?
>>569
Switch the card to monitor mode and run airodump on it, you lazy faggot. There's a lab session on their aircrack website about capturing a 4 way WPA-PSK handshake. Try that.

(104.85 KB 837x803 1501117252661.png)
cybersocialist planning poll Comrade 08/11/2019 (Sun) 06:27:35 No. 3240 [Reply] [Last]
https://forms.gle/3sBQnaFXdv5jhBAa7

answer some questions about how you would like the hypothetical open source software to be written.
72 posts and 11 images omitted.
Labor time anon here, I am practicing the Rust Actix + Diesel + Yew stack with another project right now, plus schoolwork. It will be a while before I post more progress.
>>571
rustanon, whats wrong with the rocket framework? seems more intuitive than actix
(270.29 KB plan_with_AIT.pdf)
>>562
Cockshott's plan, also detailed here in this (PDF), is a bit confusing in the sense that hes using a neural net for something non typical. Neural nets under capitalism are typically used for machine learning tasks like classification, regression etc. Wheras he is using it for a very atypical purpose (tractable solution to an LP problem).
>>572
As far as I can tell, Rocket and Actix-web have mostly the same layout for projects. Rocket just has a few more nice macros. On the other hand, Actix is much faster at the moment due to having async capability. Rocket says they're implementing the capability right now, but it's not there yet.

(310.56 KB 600x400 techcrew.jpg)
(234.67 KB 600x400 techcrew2.jpg)
(249.71 KB 600x400 techcrew3.jpg)
cybermemes Comrade 08/13/2019 (Tue) 08:36:14 No. 2153 [Reply] [Last]
some /tech/ memes.
(176.03 KB 600x400 techcrew4.jpg)

Delete
Report

no cookies?