/tek/ - technobabble

Name
Subject
Message	Max message length: 66666
Files	Drag files to upload or click here to select them Max file size: 25.00 MB Max files: 5
Captcha	no cookies?
More
E-mail
Password	(used to delete files and postings)
Misc

The Non-Techies Guide for Techie-Shit for Great Praxis metis 08/02/2020 (Sun) 10:13:46 No. 25 [Reply]

I wanted to write a brief guide for activists/etc who are looking to safely share and discuss in online without using mainstream social media platforms. Laguna is a great example of what can be done without playing into the hands of facebook/discord/etc. I think it's extremely important for the freedom of ideas/discourse to return to the decentralized way the web used to be. Unfortunately, techies fucking love jargon- for some it's fun, for others it's job security... Either way, it's a pain in the ass to get a straightforward guide to doing this stuff without someone trying to sell you something. = Servers/Hosting = - DIY - To run a website, you'll need a server with a stable internet connection. Contrary to what the monopolies want you to believe, you can effectively do this with nearly any computer that has a stable internet connection. It doesn't even have to be a particularly powerful computer, pretty much anything built after 2005 should be great. Linux is currently one of the stronger options for operating systems, since there is a great suite of free (libre) software built around this purpose. Also it's really not as hard as some would lead you to believe to run linux. Fun DIY challenge: run a hidden radical website on a work owned machine! Installing: https://ubuntu.com/tutorials/install-ubuntu-server#1-overview Setting up the server: https://www.tecmint.com/initial-ubuntu-server-setup-guide/ - Other free options - You can get a 'free tier' server from AWS (Amazon Web Services) for about a year, likely to get kids hooked on their cloud crack. They aren't particularly careful about new accounts, so it should be possible just create new servers indefinitely. Microsoft's Azure and Google's Cloud Platform offer similar deals, and you can sometimes score promotional credits too.

Message too long. Click here to view full text.

Domains and Onions metis 08/02/2020 (Sun) 10:28:07 No. 26

= Domain Names = One unfortunate reality about the way the web works is that getting a domain name does cost money. If you followed the guide so far, your website link will just be an IP address (which is maybe cool, in like a 90s hacker way). In order to get a domain name, you'll have to go through a registrar. A '.com' TLD (Top Level Domain- the thing after the .) is usually the most expensive, but you can often times get other TLDs for much less, as low as a few dollars a year in some cases. I've had good luck with AWS's Route 53, since they're relatively easy to set up and inexpensive. There may be ways to get free domain names, but I can't vouch for any of them right now. If you have a friend who owns a domain name, you can ask them to forward a subdomain to your website- so you'd be <yoursite>.<theirsite>.whatever or <theirsite>.whatever/<yoursite> . = Tor Services / D E E P W E B = For extra hacktivist creds, you can set your site up as a Tor .onion service. This will make it accessible from within the Tor network, which is considerably safer for your users, privacy wise. This will not necessarily make you immune to nation-state spying and/or legal action, but it certainly makes it a bit less easy on the feds. https://community.torproject.org/onion-services/setup/

lagunanon 04/18/2022 (Mon) 16:27:34 No. 41

= Non-DIY options = There are many anarchist/leftist groups that have already done the technical work for you, and are offering online services for free (or self-cost). If you need a website or online tool for yourself or your group, this might be a simpler way to get it. Most will NOT have a publicly open registration, but I managed to get an account at most of these by asking nicely. Ask over email or IRC. Explain how their services can help you make the world better. Be mindful that you're talking to friends though, not a corporate support drone. You will have to know what type of service you want. metis has mentioned some above, I'll mention some more. All of these you can either run on your own machine, or use one run by a group. I'll link my favourite groups for each service. I'll link to services run by 4 different groups - Riseup, Autistici/Inventati, Systemli, and Disroot. (And throw in calyxinstitute for their VPN) To find more leftist groups that provide online services, look for pages of links like https://riseup.net/en/security/resources/radical-servers or https://www.systemli.org/friends/ = Blog = A blog is a simple page with text, pictures and maybe a comment field, that other people can visit to read what you've written. https://noblogs.org - Ready to use blogs, no technical setup required. Very popular.

Message too long. Click here to view full text.

P E E R T U B E 0fux 04/03/2022 (Sun) 04:41:08 No. 36 [Reply]

Anyone know any good peertube instances? preferably, left leaning or at least vaguely progressive...

lagunanon 04/18/2022 (Mon) 03:13:40 No. 40

https://kolektiva.media/videos/local - for and by anarchists. Made by members of sub.media and antimidia

LineageOS & Custom Android Roms lagunanon 12/28/2021 (Tue) 02:54:42 No. 34 [Reply]

anybody else here use LineageOS? https://lineageos.org/ If you don't know It's a custom android rom based on the Android Open Source Project, it's (usually) very stable and by default has no google spyware built in. If you have any older android phones there's a pretty good chance it's supported: see the supported devices here https://wiki.lineageos.org/devices/ I got a lineage tv (nexus player) a couple lineage phones and now when I try a phone with Google Play Rootkit I can't stand it, it's amazing how people can tolerate corporate spyware/adware running on their phone and no way to disable it. If you have a google pixel, also consider GrapheneOS, which is considered highly secure https://grapheneos.org/

Edited last time by 0fux on 12/28/2021 (Tue) 02:55:44.

lagunanon 12/28/2021 (Tue) 07:17:43 No. 35

>>34 calyxOS also pretty interesting https://calyxos.org/ has about the same supported device list as GraphenOS, however CalyxOS can support MigroG in case you absolutely need Gplay

Anonymous 05/14/2020 (Thu) 18:04:26 No. 15 [Reply]

Who here does HTB, Vulnhub, tryhackme, cyberseclab. What do you think of hacking labs as a way to get better at infosec

Anonymous 05/15/2020 (Fri) 21:42:06 No. 16

those all look cool, haven't used them personally, though, I learned mostly through books and forums, like any 2600 group will teach you a bit, there's also .onion forums where you can talk to blackhats…

my method of learning pentesting involved setting up a virtual lab on one computer – i used virtual box to set up a bunch of different virtual machines running windows xp 7 etc. as well as different linux distro, then from my laptop running Kali live usb i would try out various tools, setup a honeypot http server, etc. there's so many ways to do it.

the most essential tools being nmap, wireshark, ncat/netcat and metasploit ( if you wanna go the easy route.) also learning a good scripting language – Lua, Python, even perl can help out alot.

metis 08/02/2020 (Sun) 10:52:54 No. 27

They can be fun, certainly good for getting a feel for things. Though, I'd advise against putting too much emphasis on them as a means to improve at offensive security as a whole. That's a bit like learning to shoot a gun by playing Call of Duty, though some of the VM boot-to-root ones are decent if you're working towards getting an OSCP or something. If you're looking to start a career in the security field, directing your efforts towards offensive security (red teaming/pentesting) at first specifically will limit your options as these jobs are fairly rare. Sadly, the best approach to getting into the field is to just get a couple certs and brush up on compliance jargon, lie through your teeth to recruiters and do the analyst thing for a while. I'd argue that the best way to 'get better at infosec' is by getting familiar with software engineering and systems administration. Embrace your linux neckbeard, learn to windows server and active directory until you intimately hate it, read all the boring Java, SQL and C# books that the CS-Grad Jr. Devs read so you know how to break their shitty code. Understanding software engineering is really important for security hacking as well, and it seems lost on a lot of the current generation of 'hackers'. It's one thing to follow someone else's instruction/scripts on how to exploit something, but intimately understanding how software is designed will enable you to craft your own solutions.

lagunanon 08/02/2020 (Sun) 14:06:53 No. 28

>>27 I know vulnhub got a partnership with exploit-db, so new cool stuff is going to start happening.

Crypto Anarchy thoughts? lagunanon 07/04/2020 (Sat) 01:04:58 No. 37 [Reply]

What's everyones thoughts on crypto anarchy and the writings of Timothy C. May, and steven Levy? While he does get associated with the bitcoin, but he has wrote a about subverting the state and the importance of privacy and anonymity. >crypto anarchy in a nutshell https://en.wikipedia.org/wiki/Crypto-anarchism >cryptoanarchist manifesto https://www.activism.net/cypherpunk/crypto-anarchy.html >anarchist hackers https://www.noisebridge.net/wiki/Anarchisthackers/ >anarcho hacker manifesto https://theanarchistlibrary.org/library/anarchohacker-manifesto-2018

crypto-anarchism lagunanon 07/04/2020 (Sat) 05:44:55 No. 38

it's pretty fuckin cool, it's unfortunate the idea has been hijacked by ancaps because their no reason that socialists can't find encryption, distributed darkets and other things useful. I think that every anarchist should learn at least basic cyber security and the basic of encryption and secure communications, so that we can teach that stuff to other people. That includes learning how to secure android phones with LineageOS and installing gnu/linux as well as using encrypted communication. We need to build a presence on the deep web, using p2p communicatoin and other channels that can't be censored by corporate media. We have to be prepared for the moment that the state and corporations don't allow us to talk about this stuff openly By utilizing distributed darknets like tor, i2p freenet, or zeronet, or federated social networks like mastodon/pleroma or diaspora, or p2p software like Qtox or RetroShare we create an online presence which is hydra-like: multiheaded, if they cut off one head there are two more to replace it.

lagunanon 07/04/2020 (Sat) 05:48:35 No. 39

>>37 there was a discussion early on on this subject, see here: https://laguna.pw/tek/res/2.html

Anonymous 06/08/2020 (Mon) 21:04:04 No. 17 [Reply]

With the recent protests, we need a collection of tradecraft use and combine technology with protesting and keeping protesters safe.

Anonymous 06/08/2020 (Mon) 23:56:57 No. 18

Indeed, have to find ways to make this information more accessible, like sharing memes, FB rants or tweeter threads helps reach many people but at the same time it's easily lost and has a limited reach.

It seems like every few years when protests spark up again we're starting over from square one.

I'm really surprised no one has started a wiki focused on specific issues related to protesting (call it revolutions wiki or something)

sprout distro has some great zines on security culture and protest tactics
see here: https://www.sproutdistro.com/catalog/zines/security/
here: https://www.sproutdistro.com/catalog/zines/direct-action/
and here: https://www.sproutdistro.com/catalog/zines/organizing/

But even then, notice these are all PDF format (often two paged) so they can't really be read via mobile which is how most people consume media these days.

If we want people to read this stuff, it needs to be available in mobile friendly format such as epub or reader friendly html. It needs to be *collected* in an easily searchable way that can also be downloaded en bulk for offline reading, and mirrored on multiple websites so it can't be taken down.

Anonymous 06/11/2020 (Thu) 16:38:35 No. 19

>>18
You Could setup a bunch of pirateboxes in CHAZ in order to setup info distribution networks.

Anonymous 06/12/2020 (Fri) 08:24:58 No. 20

>>19
true that, or small file servers pretty easy to set up, along with a mesh network, add instant messaging, you can even do voip via mumble to use as encrypted wifi walki talkies

Anonymous 06/13/2020 (Sat) 03:00:15 No. 21

>>20
I wanted to play a idea of some of the anon's here, you can use a standard LTE device (smartphone for example) with broadcastify or some police radio to give other activist info during protesting.

lagunanon 06/26/2020 (Fri) 15:18:33 No. 22

>>18 htz is a good zine for protesters it is a bit dated but decent https://mirror.hackthissite.org/hackthiszine/

lagunanon 07/04/2020 (Sat) 05:46:38 No. 24

>>21 intersting in the details of that anon, you mean like using a phone like a walkie-talkie?

Technicians in Covid-19 Anonymous 05/13/2020 (Wed) 20:45:07 No. 13 [Reply]

Hello, I have been a computer and network technician now for over 5 years now and I wanted to shed some light on the current changes affecting myself and other techs. While it does sting to rarely be appreciated for our work, the current feeling of alienation and lack of appreciation for our labor has been grossly apparent. While supplying people with the emergency hardware, software and remote assistance needed, I find that the outrage received from the people we assist has grown beyond the typical. My few fellow "essential workers" and I have put up with more shouting and disappointment than ever before and we cannot react outside of trying to calmly explain a solution to apparent problems. While I understand that people need to ventilate their frustrations, it is all to common to feel like someones techno servant with the way we have been treated. How has the pandemic affected your working environments as computer techs and how has that made you feel?

Anonymous 05/14/2020 (Thu) 03:01:54 No. 14

know exactly what you mean, my call center is still open, somehow our streaming service is 'essential", people are fucking lonely and bored and desperate and a little unhinged, like phones ring off the hook most nights when it used to be dead… customer service is always rough, but now so many of these people feel like any service workers exist as some kind of emotional punching bag, or we're like some old game console the more they beat on the better it will work…

piratebox Anonymous 05/10/2020 (Sun) 10:24:06 No. 11 [Reply]

Piratebox(https://piratebox.cc) was a project to turn cheap routers and rasberry pi's into offline networked devices intended for use in activism and public assemblies. A piratebox featured file uploads, live chat, an imageboard and some other features. There was/is even app available for android ( https://piratebox.cc/android )

It was pretty cool,

but like so many cool open source projects, the lead dev had other things to do and no one has been able to take the project over completely, so the project has been shelved see this post https://forum.piratebox.cc/read.php?9,23070 There is still a fairly active community on reddit https://www.reddit.com/r/Piratebox/

There were many technical issues – it used lighthttpd, buggy etc. see this https://river.cat/2017/11/Re%C3%AFmplementing-PirateBox

It has inspired a number of other projects based around the idea of experimenting with mesh networks / captive portal logins / wireless access points, in a way that is accessible to regular people.

LibraryBox is a more serious project aimed at Libraries, hospitals and other public institutions for hosting information on a local network http://jasongriffey.net/librarybox/

Emptybox is a project on the other end of the spectrum designed for "the purpose of media art, performance, and/or play" https://github.com/brannondorsey/EmptyBox

http://nethood.org/links/ has a pretty exensive list of similar projects

Of course you don't need a 'piratebox' to set up a chan / chat server / filesharing over a local network, you can do that on literally any device…

Anonymous 05/10/2020 (Sun) 10:28:24 No. 12

pretty good rundown of the features… https://www.linux-magazine.com/Issues/2018/211/PirateBox

is that tinyIB?

Gnu Net Anonymous 04/26/2020 (Sun) 06:25:21 No. 9 [Reply]

A few years ago when I first heard about gnu net i thought it was yet another gnu project clone of yet another distributed darknet, but now that the projects matured, it looks like their ambitions are basically to replace to underlying structure (tcp(ip) of the internet itself with something fundamentally more secure, robust and decentralized.

https://gnunet.org/en/about.html

" GNUnet is an alternative network stack for building secure, decentralized and privacy-preserving distributed applications. Our goal is to replace the old insecure Internet protocol stack. Starting from an application for secure publication of files, it has grown to include all kinds of basic protocol components and applications towards the creation of a GNU internet."

(…)

"GNUnet is typically run as an overlay network on top of the existing Internet infrastructure forming the basis of a hybrid peer-to-peer mesh and relay backbone for applications to run on. It could just as well be run independently of the Internet, over dedicated radio and cable."

While it doesn't seem the project near a point where regular people can make use of it, We can imagine some post-apocalyptic society where 'the internet' is a mesh network running off old routers and PCs, refashioned cable wires and Ham radio nodes running decentralized encrypted protocols…

Anonymous 04/23/2020 (Thu) 04:41:17 No. 2 [Reply]

Is hacking praxis or tech?

That being said what are some hacking groups that you like or like reading about.

Hackthiszine is dead so I'm looking for something similar?

what does everyone thing of anarcho hackers?
https://hispagatos.org/

1 post and 1 image omitted.

anarchist hackers Anonymous 04/23/2020 (Thu) 05:49:26 No. 4

>what does everyone thing of anarcho hackers?

I think that the original hacker ethos has always been anarchistic – a combination of of individual freedom, opposition to authority and some sense of social justice – the belief that your individual direct action can make a difference and make the world a better place. Even with the straight criminal hacking it's basically like a pure egoism, a rejection of all other authority.

We need to see more of that imo

I fux with Hispagatos but that's a pretty small community, I'm not sure if there are hacktivist crews like there used to, at least I'm nowhere near that, but I hope I'm wrong there.

We just have a few years until Jeremy Hammond gets released, that guys a fuckin hero in my opinion https://en.wikipedia.org/wiki/Jeremy_Hammond

>what are some hacking groups that you like or like reading about.

Love reading about the golden age of the bulletin boards– late 80s to mid 90s – it seemed like it was so easy to get into it back then, and then the "Anonymous" era late 2000's early 2010's, but i just missed that period in terms of knowing how to code. The really early days are interesting to like 60s and 70s – as long as there have been computers there have been hackers.

These days it's different, on the one hand it's easier to get into coding, or learn how to "pentest" but it's so fucking corporate its' disgusting – I feel the outlaw spirit of hacking has really suffered.

The state has a true pronged strategy of dealing with hackers – either take this absurd amount of money or go to prison for 10-20 years.

Historical hacker groups Anonymous 04/23/2020 (Thu) 05:50:35 No. 5

A few books I'd recommend
* Hackers Heroes of the Digital Revolution by Steven Levy — long and incredibly researched, covers the history of hacker culture from it's origins in the 50's "Artifitial Intelligence" labs up until the early 80s.
* The Hacker Crackdown: Law and Disorder on the Electronic Frontier by cyberpunk author Bruce Sterling, covers the hacker scene in the late 80s early 90s and the insane government response to it… there's some interviews with the founders of 2600 and hackers like Phiber Optik
* We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency by Parmy Olson, hella researched, this woman basically embedded herself at the height of it, goes into the history of the subculture in some depth.

Anonymous 04/23/2020 (Thu) 07:21:14 No. 6

in my opinion it depends on context. i feel like this snippet from "inventing the future" captures my views pretty perfectly - i'm unsure if it counts as "praxis" in and of itself but having a technologically literate left comes in handy when dealing with industrial action in our boring dystopia (eg. in ireland a Marxist youth group used SMS bombing to prevent an eviction in their area)

choke points Anonymous 04/23/2020 (Thu) 20:09:08 No. 7

>>6

that exerpt reminds me of how some syndicalists talk about 'choke points' sections in the supply chain that workers can focus on to cause maximum disruption — if we have a technichally literate left and working class those choke points and our ability to access them multiply.

Also, i think it's important to appeal to programmers and engineers and such more than ever, considering that this more and more will constitute the proletariat. The poorer elements of the information industries today will be educating the next generation.

Good book right here: Choke points - logistics workers disrupting the global supply chain

https://plataformacascais.com/plataformacascais/partilha/livros/ciencias-sociais/125-choke-points-logistics-workers-disrupting-the-global-supply-chain/file.html

Anonymous 04/24/2020 (Fri) 01:00:48 No. 8

>>7
Agree with your point about agitating towards those in tech - at the moment there's this weird alienation between developers and the software they develop (eg. some lad on Twitter who claimed to be a socialist while developing software Walmart uses to prevent unionization) - STEM doesn't have to be a cold, inhuman thing but it's quite convenient for those in power for it to remain as such.