arisuchan    [ tech / cult / art ]   [ λ / Δ ]   [ psy ]   [ ru ]   [ random ]   [ meta ]   [ all ]    info / stickers     temporarily disabledtemporarily disabled

/cyb/ - cyberpunk and cybersecurity

low life. high tech. anonymity. privacy. security.
Name
Email
Subject
Comment

formatting options

File
Password (For file deletion.)

Help me fix this shit. https://archive.arisuchan.jp/q/res/2703.html#2703

Kalyx ######


File: 1515208970097-0.pdf (7.63 MB, Understanding and Using C ….pdf)

File: 1515208970097-1.jpg (134.63 KB, 500x656, UANDUSINGCPOINTERS.jpg)

 No.2347[Reply]

>Improve your programming through a solid understanding of C pointers and memory management. With this practical book, you’ll learn how pointers provide the mechanism to dynamically manipulate memory, enhance support for data structures, and enable access to hardware. Author Richard Reese shows you how to use pointers with arrays, strings, structures, and functions, using memory models throughout the book.

 No.2349

Do people really need a 200+ pages book just for understanding pointers? It's not even a hard concept! When I saw the length of the book I thought it was going to go in-depth with memory management and systems programming but from the table of contents it just looks like a bloated tutorial. It doesn't even have exercises! Do people actually find this helpful? I suspect a few hours learning some very basic assembly might help more with pointers than reading this book.

 No.2366

>>2349
I mean, i learnt it with a single web page that was barely 4-5 paragraphs, and just applied it to dynamic data structures to master it. It doesnt need a 200+ pages book, this is absurd lmao

 No.2389

File: 1515853552911.pdf (2.15 MB, Linden_-_Expert_C_Programm….pdf)

>>2349
>>2366
Some years ago, I made a program to pitchshift/timestretch audio files in C with FFTW3 and libsndfile for a class, and at the time I had some experience with Processing (Java) and Python, but not with C at all.
I didn't read this book from cover to cover and just skimmed to the relevant parts for me, but it helped me a lot to make a bridge between the Java way of managing memory (GC, OOP, arrays as objects…) to the C one (malloc, structs, pointers (to pointers) to arrays…).

If I had to start a non-trivial project in C one more time, I would probably download it again at some point. Of course there are some equivalent resources on the web, but this book kinda saved my semester and covers a lot of cornercases and possible traps IIRC.

A more interesting book for people comfortable with C is "Expert C Programming, Deep C Secrets" though.
It's a bit dated since it was written before C99, but it's still very informative.



File: 1515300857378.jpg (262.53 KB, 1280x720, images.duckduckgo.com.jpg)

 No.2357[Reply]

enjoy US citizens https://motherboard.vice.com/en_us/article/43q4ng/border-guards-looked-through-nearly-60-percent-more-electronic-devices-in-2017-than-in-2016
btw if they can get drugs and soykaf across the border how about paying off someone to bring your encrypted HDD or SSD across.Seems better than handing it over to feds unless it's taken and they find your finger prints all over it.I'm only saying all this if you happen to have something that could get you put away for a long time otherwise just bend over when they tell you…. right?

 No.2359

>>2357
>otherwise just bend over when they tell you…. right?

Make a software that makes your phone appear blank, and only share it with elite arisu hackers
but I'm not one so that's probably already a thing
guess you're too late

 No.2364

File: 1515402441378.png (2.3 MB, 2702x1214, 7_1.png)

>>2359
One part of full disk encryption is what's called "plausible deniability", or the ability to plausibly deny the idea that any data except for a small amount is actually encrypted. To do this, LUKS (the defacto standard for GNU/Linux full disk encryption) overwrites the disk with random data, then encrypts it, making the encrypted data indistinguishable from random data.
Besides, the US can't do soykaf to your encrypted drives. The minute they turn on your computer and a password prompt is given, they'll just give up because most customs officers / tsa employees / etc. are fucking brain dead.
Source: Traveled to and from the US and to all five eyes countries with a fully encrypted laptop and phone (lineageOS) with no problems.

 No.2365

>>2364
Also, at least in the US, if LE orders you to decrypt / unlock / give them passwords to your drives you can technically deny them due to the fourth and fifth amendments in the US constitution. For example, in the case of your phone being taken away from you at the border, you could simply deny the LEO under the fourth amendment because they need probable cause and therefore a warrant to search your device. Another example would be that your laptop is seized at the border and LE demands you to decrypt it. You can then invoke your fifth amendment right, disallowing LE to force you to decrypt your drives. This is true for united states citizens and non citizens (see below article).
https://www.forbes.com/sites/danielfisher/2017/01/30/does-the-constitution-protect-non-citizens-judges-say-yes/#3be02f8b4f1d

 No.2367

>>2364
have you ever been stopped at a us border, or had your computers inspected?

I too have crossed US and other international borders several times recently, and the extent of my problems has been forgetting to put quite all of my electronics in a separate bin for the scanner.

I am curious about the experiences of someone who has attracted more attention. What did they want, and what was needed to satisfy them? Did they have an interest in devices like external hard disks (or general hard disks) or just in working computers (cellphones laptops etc)? If its not too prying, what exact airports did this occur at, and are there any details of your physical appearance, background, et cetera, that might incur above-average suspicion?

Additionally: as I understand it if you are a US citizen you _must_ be allowed into the US, the cbp can take your devices but they cannot block your entry into the country for noncooperation.

 No.2373

This podcast has some some good ideas, just bare through the 101 stuff they provide for the tech illiterate:

https://thefinalstrawradio.noblogs.org/post/2018/01/03/error451-07-borders-and-devices/



File: 1514303584819-0.jpg (39.42 KB, 320x264, 6-858f14.jpg)

 No.2295[Reply]

>6.858 Computer Systems Security is a class about the design and implementation of secure computer systems. Lectures cover threat models, attacks that compromise security, and techniques for achieving security, based on recent research papers. Topics include operating system (OS) security, capabilities, information flow control, language security, network protocols, hardware security, and security in web applications.

 No.2296

>1. Introduction, Threat Models
https://www.youtube.com/watch?v=GqmQg-cszw4

>Instructor

Nickolai Zeldovich

>Summary

In this lecture, Professor Zeldovich gives a brief overview of the class, summarizing class organization and the concept of threat models.

>Video Download

https://archive.org/download/MIT6.858F14/MIT6_858F14_lec01_300k.mp4

>Subtitles Download

https://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-858-computer-systems-security-fall-2014/video-lectures/lecture-1-introduction-threat-models/GqmQg-cszw4.srt

Lecture starts at 5:40

 No.2301

>>2296
>Notes:
Security: Achieving some goal when there is an adversary present.
When can divided into three parts:

I. Policy: The goal you want to achieve. The statement about what I want my system to be able to do.

Examples:
Confidentiality: "Only I should be able to read the grades file for 6.858"
Integrity: "Only the staff can upload the final grades"
Availiability: "A web site should be available even while the adversary try to take it down"

II. Threat Model: What is the adversary thinking about? Assumptions. Modelling their own goals.

Examples:
"The adv. doesn't know the password."
"The adv. doesn't have physical access to the phone, keys or laptop."

III. Mechanism: Software, Hardware or System design implementation where our policy is followed as long the adversary follows the threat model.


How is the policy vulnerable?
Example: Recovery questions.

 No.2337

File: 1515126012936.png (387.46 KB, 847x419, Screenshot_1.png)

>2. Control Hijacking Attacks
https://www.youtube.com/watch?v=r4KjHEgg9Wg

>Instructor

James Mickens

>Summary

In this lecture, Professor Mickens continues the topic of buffer overflows, discussing approaches to such control hijacking attacks.

 No.2346

File: 1515205758991.png (345.41 KB, 706x1000, __cibo_blame_drawn_by_miko….png)

>>2337
>Notes:
1. System softwre is often written in C. Databases, compilers, network servers, your favorite shell command. Why? The dev community is obsessed with speed. C is supposed to be high level assembly and all the mission critical systems are written in C.

2. The problem.
C exposes raw memory addresses. Not only that but also performs no bounds checking when programs manipulate those raw addresses. Recipe for disaster. Why doesn't C check these bounds? One reason is because the hardware doesn't do that. Another reason is it can be very difficult to determine the semantic of what it means to have a pointer that's actually in bounds. There is exists techniques for prevent this but none of them are bulletproof.

3. Knowledge of the x86 architecture.
Answers to questions like What's the direction that the stack grows,
what are the calling convetion for functions. When you invoke a C function, what is the stack going to look like? When you allocate an object on the heap, what are those chief allocation structures going to look like?



File: 1513993088637.png (207.23 KB, 1759x1132, qtox.png)

 No.2267[Reply]

Tox is a decentralized encrypted alternative to skype developed by chan users for chan users. It supports text, audio, video, and group chats.

Come join Club Cyberia toxs largest group chat. You can get invited to the group chat by adding lainbot the friendly club cyberia group bot. Lainbots ID is:

"415732B8A549B2A1F9A278B91C649B9E30F07330E8818246375D19E52F927C57F08A44E082F6"

You will need to install a tox client. qtox is the recommended option but there are a variety of clients such as toxic for cli users.

Download links can be found on the description page at "https://github.com/qTox/qTox". Binaries are provided for Windows, OSX, and Linux. You can also build it yourself if you are feeling adventurous.

Once you add lainbot as a friend just type "invite 0" to get a invitation. You can also type "help" for more options.
lainbot should automatically send you an invitation when you start tox.

WARNING: Tox is a peer to peer program without servers just like torrents. This means that your friends on Tox can see your IP. If you are worried about this you need to use Tor. Luckily Tox has easy Tor integration, just go into your settings and setup the SOCKS5 proxy for anonymous chatting.
13 posts and 1 image reply omitted. Click reply to view.

 No.2302

>>2274
How is XMPP not decentralized? You can self host your own account any time and can contact / communicate with any other user of the protocol.

Do you not know what decentralization is?

 No.2303

>>2302
Perhaps they equate "decentralization" with "peer to peer". It's certainly an erroneous standpoint, but a common one.

 No.2332

File: 1515096025318.jpeg (30.57 KB, 400x289, 7B286A9B-1C74-41DA-9F87-F….jpeg)

>>2321
Please don’t derail the thread.
Ok, back onto the topic:
Isn’t peer to peer just a form of distributed system?

 No.2339

>>2332
Yes it is, but bootstrap servers are needed to discover other peers.
A server keeps metadata on you and acts as third party adversary.
Connections are direct, so local adversaries have more chances of profiling you too.
Tox is a solution against Microsoft/Google/Apple spying, not against ISP/FBI/KGB/SIS.
It all depends on your threat map and is not a all-in-one solution.

 No.2341

>>2339
Tox is not an anonymity network and if they tried to make it one it would be a stupid idea.

Connections are not required to be "direct". Tox works just fine over an anonymity network such as tor.

Bootstrap servers are not required to find peers that is simply the most convenient way. You could go ask a good chum of yours to provide their IP for you and you could add it as the node in the bootup list.

Tox absolutely prevents spying by ISP FBI KGB etc. They cannot read your messages unlike say facebook messenger.

In the worst case they get timing information on when your node is online, and they get your IP address. If you don't want that meta information leaked there are existing precautions that you have to do anyways (leaving nodes online / tor).



File: 1515096730004.gif (675.29 KB, 500x375, tumblr_nk0ac5UFsj1ts7f01o1….gif)

 No.2333[Reply]

Let's discuss hacking or general usage of devices in the RFID range, including standard identification cards, NFC/13.56mhz tags, and NDEF.


File: 1511820478627.jpg (125.75 KB, 900x506, 1511728111925-0.jpg)

 No.2046[Reply]

Hey Arisu, do you watch Trouble? It's a monthly show made by submedia, the same guys who used to make stimulator's ITEOTWAWKIAIFF. Unlike that show Trouble is not about recent events but every episode is centered about a single topic.

The most recent episode was about hacking, they interviewed all kind of interesting people, including Jeremy Hammond. It's aimed at people who don't know much about the topic but are politically active, so it's a bit basic but for that purpose I found it very good. What do you think about it?

If you have not seen it, here you can watch it:
https://sub.media/video/trouble-8-hack-the-system/
https://archive.org/details/TroubleS1E8

Some older episodes very also pretty /cyb/, like #5 which was about surveillance, but unlike most other resources on the topic it did not ignore the problem of snitches and informants. Episode #6 on counter-insurgency was also very good, and I also liked #7 which is about community organized disaster relief.
44 posts and 12 image replies omitted. Click reply to view.

 No.2288

>>2276
I'm all for it!

 No.2290

>>2276
Arisuchan is a piece of soykaf not worth its secrecy if it can't even operate under full surveillance by all 3 letter agencies.

So if a lainzine is not sent on that account, they know about us but don't care because there's nothing of interest here; if we do send one, we have been promoted cool wannabe kids and nothing happened again.

 No.2307

>>2113
> there is no ideology;
wat
he hates neocons
those were both neocons
he hates authority more than any teenager you can find

WL is pure ideology

 No.2323

Communism is anarchist in nature, for communism is a society that has achieved statelessness, where money is no longer necessary and classes have disappeared. It is the end goal of every socialist society, which under Lenin's definition is a transitional period where a state exists to defend the gains of the revolution defended under a vanguard.

Even under the definition that the most oppressive regimes give (none of which claim to be communism but claim to want communism) are ancaps on point about communism being a heavily government enforced society.

 No.2324

Both anarchists and marxists have the same end goal, unless you are anti-civ, primitivist or mutualist. The difference is what to do before that and how society will be structured.



File: 1498243369564.png (20.26 KB, 120x277, Wikileaks_logo.svg.png)

 No.733[Reply]

What do you think of WikiLeaks, it seems like a good thing that helps keep people informed and helps keep tabs on governments, due one might see it as being far from separate from the agendas of governments considering WikiLeaks suppose lack of whistleblowing on Russia .

Do think there needs to be a alternative to WikiLeaks, it might be a good idea for something like that to be made since Julian Assange might end up tainting the project, considering the rape allegations.
16 posts and 4 image replies omitted. Click reply to view.

 No.976

>>971

>Do you personally have a way to verify this? My issue is that I inherently can't trust WikiLeaks when they're operatives and public face are so blatantly political, to the point of near outright support of the American president.


I verify what Wikileaks publishes the same way I verify any journalist's work.

Do the claims correspond with claims made by independent journalists, historians, researchers with disparate agendas? (e.g., are journalists who actively dislike Wikileaks reporting the same information?)

Do the claims correspond with the reality that I personally observe?

Are the claims logical and self-consistent?

Are people and organizations publicly acting on those claims in such a way that is only logical if the claims are factual? (For example, Microsoft rushing security patches that would specifically fix flaws exploited by CIA tools revealed by the Vault7 leaks. If the flaws weren't there, there wouldn't be a need for those patches.)

I don't blindly trust Wikileaks or use them as my only source of information. But I do consider them to be reputable.

 No.1050

>>745

> It does not matter how dirty the group leaking is or how much the leak benefits the group leaking, as wikileaks will release anything given to them in the name of freedom of information.


>>747
>Without demonstrating restraint or integrity they simply cannot operate under the flag of anything but anarchy.

Jesus Christ you guys are silly, they are literally a neo-anarchist site. I highly suspect that they follow a certain form of Nick-Land-like accelerationism, in which they would probably argue that the higher degree of information about the world that is released for the public, the higher the degree to which they will be inclined to revolt against the dominate order.

If you didn't realize this by now, you simply haven't been reading any of their documents/interviews.

 No.2304

File: 1514846559540.png (114.64 KB, 500x519, 2012-julian-assange-is-a-h….png)

I like them, and they do a lot of leaks on companies and such, but this is usually overplayed because people only care about the political ones and recently "muh Russia"

Regarding ASSange, maybe it's just that I started to learn more about him, but he comes off as ever more edgy. Him being cooped up for half a decade in there probably helped.
His stepdad was a cult member, and according to Wikipedia he used psychological pressure on them. He later run away.

He hates authority (at least what he perceives are unwarranted) with passion, and maybe that's where it comes from.

His anti-Hillary bias is so strong it hurts a little the cause when it comes to gaining new adepts, thought it's perfectly understandable as they made his life miserable and want him dead.


pic related is true too, I can't believe how many people turned their back on him

 No.2310

>>2304
>Hillary
>left
what the fuck am i reading lmao

 No.2311

>>2310
Too many self-described conservatives (especially American ones, and especially especially American religious conservatives) are under the delusion that liberal = left, simply because both camps oppose them.

Clinton's publicly-professed policies may be fairly described as a classical liberal (with a heavy emphasis on laissez-faire economics, almost to the point of social-darwinistic neo-classical liberalism), but they are certainly not leftist. (I personally think it's a front on her part and that she's really a pro-corporate fascist in the style of Benito Mussolini, but that's pure unobjective opinion on my part.)

About the only things that liberals and leftist have in common is a tendency not to use traditional organized religion as a tool of social control, and that they both at least pay lip service to the idea of innate civil rights that constrain how governments can act. (Of course in practice it's more complex, but hey, that's economics/politics/sociology for you.)



File: 1510679810824.png (496.55 KB, 738x415, meet-boston-dynamics-strea….png)

 No.1896[Reply]

https://www.youtube.com/watch?v=kgaO45SyaO4
welp, not too long untill they put a machine gun on it
3 posts and 1 image reply omitted. Click reply to view.

 No.1921

>>1914
I can already see the press response to an event like that in my head. Every article willl most certainly end with "but this is just part of a larger conversation we need to have about AI police"

 No.1941

check out the prototype of this on their youtube channel. it has a long arm, and really shows off its capabilities better than this plastic framed one

 No.1953

I did see the new prototype that could jump up on boxes and do backflips and soykaf. A robot is now more athletic than me. I think I'll just lay down and die before the robots do it for me. I'd actually be excited to see A.I. develop and put into a robot or some such but fuck I don't want them to sell all our data and all that.

 No.2305

>>1896
>implying they haven't tried that already
Of course they been already trying aiming systems that are stable on moving objects (or that can re-aim in the shortest time after the carrier has stopped moving)

 No.2306

>>1898
>police robots in Dubai.
nice, now the stoning can be automated

the hanging will probably take a longer while, but I trust they'll get there in the 20's



File: 1511486423319.jpg (211.62 KB, 1600x900, cyberpunk2020_coverpicture….jpg)

 No.1967[Reply]

Hey guys, a few of the smaller cyberpunk communities are doing a thing this year, figured you chummers might want in.

Long story short, just going to be flooding the #cyberpunkmonday hashtag with cyberpunk talk. With /cyber/ practically dead, could be a chance to reconnect the community a lil.

See you guys there.

 No.1971

>>1967
Why twitter and not IRC? You aren't going to have particularly substantive conversations.

 No.1972

>>1971
exposure, primarily! twitter's structure inherently lets other people see that you're tweeting about something (in this case, cyberpunk) and gets people interested in it.

irc, on the other hand, would be pretty self contained

 No.1973

>>1972
And why does it need exposure?

 No.2298

File: 1514345707664.jpg (79.75 KB, 624x468, shadowrun.jpg)

Yo, DM. You might want these.
Enjoy, bitches.

Shadowrun + Cyberpunk [All Editions] - Tabletop RPG Library [1988-2015]
https://mega.nz/#F!yAUlEIzS!AflYfXrT0cIEIJsaQt5JHA

Shadowrun Soundtrack Discography [1993-2015]
https://mega.nz/#F!KMlBjIBT!pzOldXhcembCCn53HViGfA



File: 1511465176756.png (46.19 KB, 1080x408, 20171123_152750.png)

 No.1958[Reply]

In USA they're trying to take down Net Neutrality.

I'm personally horrified, i'm thinking that probably arisuchan wouldn't be a reality without NN, and that for people like the most of us who doesn't really care about social networks, netflix, and other corporate mass surveillance tools, this is going to be a disaster.
Fortunately in Europe there is still an article about NN in the constitution, but Europe is almost an american colony since the end of USSR, so probably they'll find a way to avoid it and take down NN in the Old Continent too.

What do you think about that, lain?
Are you in favor or against Net Neutrality?
And if you are in favor as you probably are, what can we do to fight for it?
91 posts and 18 image replies omitted. Click reply to view.

 No.2188

>>2167
Apples to oranges. Software patents, and so-called "intellectual property" in general are constructs of the state, an imposition through the power of the state of an artificial scarcity upon a naturally abundant resource.

>>2168
And that's exactly why employment is not theft. The employer provides resources - tools, designs, facilities, supply channels, etc. - that the worker cannot supply on his own. Thus, the employer is adding value to the mixture. Thus, the end product is not the fruit of the employee's labor alone. Thus, the employer is entitled to a cut of the proceeds from the sale of the product.

 No.2192

>>2188
How does owning capital justify making a profit? Yes, the machinery is all very important, but the owners of capital and the machinery or land itself are different entities. Further, the machinery is the crystalization of the labor of other workers who have been alienated from their product. The use of this dead labor, which merely passes on it's value, to extract surplus from living labor is simply vampiric. If someone does not personally use an item, why do they have any claim to own it? The capitalist's contribution is a slip of paper which enables him to generously allow the workers to use what is their birthright. You claim that intellectual property is artificial, but how is it less artificial than the standard of property applied to tangible items, where you can never even lay eyes on equiptment but still claim to own it and that you are entitled to work done with it? Certainly animals claim territory for themselves, but I have yet to see a wolf landlord claim land that they they themselves will never hunt on and then try to extract labor through rents.

 No.2193

>>2188
If the owner of a machine recieved a share of what the worker produced with it equal to the value that the machine contributed to the final product, then they wouldn't make a profit, just break even.

 No.2249

>>1960
why would someone use discord for anything else other than brewing soykaf?

 No.2282

>>2249
>Why would someone use this entire universe for anything else than brewing soykaf?
Do good where you can, Deckard



Delete Post [ ]
[1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20] [21] [22]
[ Catalog ]