/os/ - Online Security

 >>/902/
Apparently that thread goes back to 2012 and they just added to it.

 >>/897/
Most of the stuff he mentions is actually old info, or covered by Wikileaks, and of course, common sense. https://en.wikipedia.org/wiki/Upstream_collection https://en.wikipedia.org/wiki/Utah_Data_Center

The guy in the video had been harassed by the government because of his controversial book about magnetism. He also was one of the top guys in Apple customer support. Here's some example links: https://youtube.com/watch?v=rjkYccijTFA https://discussions.apple.com/docs/DOC-6031

 >>/898/
That site requires javascript to download. Upload the file here.

$ lspci
...
....
Communication controller: Intel Corporation 9 Series Chipset Family ME Interface #1
....

Thanks Intel.

I've been experiencing weird shit on my computer for the last couple of months.  Strange lock ups etc. This might explain it.  MFW.

prxy_unq txt
(6.77 MB, 0x0)

 >>/905/
Here is the proxy website list run through 
$ sort -du 

Alphabetical sort unique

Cuts the file from 75MB uncompressed to 6.8 MB. lines from 1.2 Million down to 111,000.

 >>/909/
Wonderful thanks!

Drop out of the gui into the shell in text mode. Have tmux, and links installed and configured for tor.

in what follows ; means follow the first command with the second command.

$ tmux
$ CNTRL + b ; SHIFT + " 
$ CNTRL + b ; SHIFT + "
repeat until there is a 2 line command window at the bottom of the screen. then let's remove the windows that we won't be using
$ CNTRL + b ; UP arrow
$ exit
$ CNTRL + b ; UP arrow
$ exit 
so now you have a large window and a fame at the bottom with a command line.

in the large window frame, start up links
$ links 

now you can browse and copy links and type stuff in the command window.  To get a new tab type:

$ CNTRL + b ; c

this brings up a new window that is clear, you can repeat this step to make more windows and switch between them using
the numbers 

$ CNTRL + b ; 0
$ CNTRL + b ; 1
etc

I like to open a window with endradio to listen to the news, while I browse the news and endchan, 8chan etc in the links text window.  If I need to download a youtube video or some file that I see I use oldtube or endtube or endget or endloads to download the content that I collect from youtube or from some other source.   I use this methodology to be productive in shells and environments that don't have a gui but that have the above tools.  Try it out in a terminal emulator first to get the hang of it, then use it in text mode for low profile security.

 >>/934/
That is much more complicated than it needs to be.
All that can be done with: tmux new links \; split-window -l 2
Which will
	Create a new session running links
	Create a new pane 2 line tall

 >>/935/
This is more efficient. It didn't work straight from the command line as presented though.  

I have to enter command mode to do this.

$ tmux new links
$ Ctrl + b ; Shift + : 
: split-window -l 2

Then repeat with a new window to multi tab
$ Ctrl +b ; c

As you can tell I don't know what the hell I'm doing. Another case of RTFM for Endwall. 

Thanks for the tip.

 >>/939/
> It didn't work straight from the command line as presented though.

Were you already in tmux? Try this, copy it exactly:
tmux neww links \; split-window -l 2

 >>/941/

Yeah it works, I'm not sure why it wasn't working earlier, I can't recall.
You typed an extra w in new. Thanks.

 >>/942/
> You typed an extra w in new.

That is for if you are already in tmux.

Router questions: Should I enable NAT? How about UPnP?

 >>/958/
BTW, I don't play any consoles and only have a few wireless devices.

 >>/958/
yes and yes.

 >>/958/
Universal Plug and Play UPnP is a bad idea. If you get malware they can own your network. Open the ports that you want open and only those ports and protocols, block everything else.  The first line in your firewall chain on you router should be:
BLOCK ALL INCOMING 
BLOCK ALL OUTGOING. 
What ever way that is set up according to your router. 
Then slowly open things up, starting with DNS, then HTTP, HTTPS, then whatever other ports and protocols you need. This will take more time but it will give you more control. 

NAT Network Address Translation. This should be OK to turn on. 

UPnP No, NAT OK.

Those are my thoughts on it. I'm not an expert.  Open only what you need and don't let your software on your OS control your router at will, set it up yourself.

 >>/884/
With i2p isn't there an ip you can plug in like with tor (socks5 127.0.0.1:9050) I think port 4444?? If so then you can add i2p to the mix. I think it called an out-proxy. You can also use this to run i2pd with proxychains i2pd.I have found this proxychains setup useful because running i2pd with torsocks doesn't work.

https://sourceforge.net/projects/vpnchains/

Been foolin around with this.

 >>/958/
others are correct on UPnP

wifi is insecure, use cables as much as possible 

NAT should be enabled, but it isn't as important as making sure your router isn't compromised. There is FOSS router software available for maximum security, have a gander and lurk.

I use a cheap but private VPN service, with encryption and (allegedly) no IP logging reading the ToS.

I do not use wifi, that is insecure. My wifi chip in my computer (along with the bluetooth chip and camera) have been physically removed. Linux of-course.

I use Mozilla Firefox for the most part, sometimes Tor too.

One thing I do is make sure I manually program Bleachbit to scrub sqlite files in my browser directory routinely. Logs, caches, cookies etc: content-prefs.sqlite, cookies.sqlite, formhistory.sqlite, healthreport.sqlite, places.sqlite, signons.sqlite, webappsstore.sqlite (and their associated file formats) from my browser directory. Tor too stores these same kinds of databases, so any browser you use you'll want to learn what is in those directories and what they store.

Then, I also use Random Agent Spoofer to spoof my browser agent (spoofing metadata about what OS I use, what kind of browser it is, headers, get requests, etc.) and also allows me to disable webgl and geolocation in chrome.

I also use noscript and HTTPS Everywhere. Scrub noscript whitelist and reconfigure the list to your liking, whatever suites your browsing habits.

Go to  about:config  and learn how to use it, but be careful!!! There are some tweaks you can use to fortify and secure your browser, and to make it stop bragging about data.

Whats the deal with using i2p to torrent? Would you use a udp or tcp vpn?

 >>/1069/
I torrent behind tor. Not sure about doing this with I2P.

I use deluge with gtk and set the proxies to port 9050. Then add the torrent through a link, magnet or the actual torrent file. Then manually edit the trackers so that they are http only.  It should start downloading after that.

 >>/1079/
Yo, stop torrenting from behind tor right now. Either use i2p or a VPN, but for the love of god quit slowing down the network.It also doesn't even protect your identity.
https://blog.torproject.org/bittorrent-over-tor-isnt-good-idea
https://blog.torproject.org/why-tor-slow-and-what-were-going-do-about-it

 >>/1082/
The proxying works fine in Deluge. It's not leaking.  The trackers communicate by TCP, the traffic is TCP.   It works. The attack that is mentioned in the second article stem from applications that ignore your proxy and send traffic by UDP without tor.  That doesn't happen here.  Both the trackers and the traffic are proxied through Tor as TCP connections.  I dissmiss that complaint/claim.    

As for slowing down the networks, with download speeds at 250KB/s  I doubt it.  Thats about what I get using wget behind tor.   Rate throttle it if you want to be polite.

 Searching Youtube 

$ endjail
$ torsocks --shell
$ youtube-viewer

=>> Search for YouTube videos (:h for help)
>  Endchan
 1. EndChan/InifNow question and answer (by OdiliTime) [01:10:35]
 2. The Old 4Chan (by That Guy With A Voice) [01:48]
 3. The Voice Teens Philippines Battle Round: Clark vs. Chan - In The End (by The Voice Teens Philippines) [05:14]
...
=>> Select one or more videos to play (:h for help)
>  1
URL: https://youtube.com/watch?v=ParATBARwic
-> Channel   : OdiliTime
-> ChannelID : UC9YYaqKNOZa5ue-sxE0cuPA
-> Definition: HD
-> Duration  : 01:10:35
...
Copy the URL into a text file, list.txt , in leafpad, nano etc. and repeat
=>> Select one or more videos to play (:h for help)
>  :q

$ oldtube --list list.txt
$ oldtube https://youtube.com/watch?v=ParATBARwic

Using proxies:
$ proxyload
Format the first line of ssl_proxies.txt to remove everything but the ip address at the end (or just delete the first line)
$ protofix https ssl_proxies.txt | sort -R | sort -R >> sort_ssl.txt
$ endtube --ua-rand --proxylist sort_ssl.txt --list list.txt

Add proxycheck to the workflow to get working proxies only. 
$ proxycheck ssl_proxies.txt
$ protofix ssl_proxies_yt.txt | sort -R | sort -R >> sort_ssl_chk.txt

If you have a better workflow feel free to share.

 >>/1119/
Thanks for this, it's coincidentally at an opportune time and will be of use to a project I just started.
> ghostery phoning home
I did a quick sweep and didn't find anything, but I mostly skimmed. There's a few links I'm not too privy too and I didn't look deeper into any of the XMHL or send requests though, they're a mess.
https://pastebin.com/raw/czfymKNi
https://pastebin.com/raw/6mZmcSiH
IP greps bring back nothing of note: https://pastebin.com/raw/6mZmcSiH
https://pastebin.com/raw/puaX68W5
Did you make the image yourself? You can mess with the settings on most apps, repack them, and run them your way instead of having them screw with everything.

 >>/1126/
I didnt make the image I found it on one of the rebeccablack/tech/ archives. Ghostery I still never was crazy about because it is like noscript if it noscript was bloated and didnt work.
I always try and remember the addons I am missing when configuring a firefox fork and that was a good image to use back a year or 2 ago.
> You can mess with the settings on most apps, repack them, and run them your way instead of having them screw with everything.

That is something I will keep in mind because some addons stop working like "white noise generator" which did what "trackmenot" does but in a seperate window with tabs randomly switching to random webpages.

I have a few suggestions to add to the list
adnausium, dolus, tamperdata and http nowhere

if I did not lock the prefs.js I will use https://jm42.github.io/compare-user.js/ for about:config modifying.

 >>/1129/
> if I did not lock the prefs.js 
I just read up on this. It seems like locking is temporary and all you need to do to reverse it, is delete the lockfile. 
> I will use https://jm42.github.io/compare-user.js/ for about:config modifying.
These might be useful to you:
https://pastebin.com/pdEbeX1m
Full list of all prefs defined in Mozilla's source code for 52. Some of them are hidden/ i.e not set in about:config so there'll be no way to know about them. And: http://kb.mozillazine.org/About:config_entries
Is a nice util for quickly finding out what each does, and available settings.

 >>/1129/
And if you're using a beta version or one with a "MOZ_TELEMETRY_ON_BY_DEFAULT", telemetry is perma-on, so be careful.
firefox-52.0esr/modules/libpref/preferences.cpp

 >>/1130/
 >>/1131/
Thanks I always got confused about that. But you can never be too sure with firefox even forks have things like

camera.control.face_detection.enabled 

set to true on default.

I'm pretty sure Ghostery can be analyzed. I saw somewhere recently that they made it open source, so basically you can look through the source code if you want. Might be something worthwhile to do, but isn't necessarily something I would be able to do since I don't know shit about coding.

 >>/902/
Seems like ipproxyscraper works well for thesse links. It's a python script, so the source is viewable and it can be run on any OS.
https://sourceforge.net/projects/ipproxyscraperlinux/

 >>/1220/
Python2 will be deprecated soon, if it's not a python3 script, it'll probably not work.

 >>/1222/
oh nvm, there's still some time.

https://pythonclock.org/

lightweight rss readers 

I know there are simple scripts to read rss feeds. But as far as feed reader that is important because for example:

> manually clicking on a subscriber yt channel 

> updating an rss feed is a less footprint. 


Updating an rss feed id less of a footprint. I wonder if its worth it to obfuscate rss feed patterns like the trackmenot addon adds irrelevant searches to the browsers history? To do this you Just add a bunch of irrelevant feeds with your regular feeds.

Newsbeuter - simple terminal rss reader

NewsBoat   - https://github.com/newsboat/newsboat simular to newsbeuter but more intricate.

 >>/1220/
Really appreciate that program I never knew about it thanks for posting it. I usually use http://www.proxydb.net/leecher that has a 10 url limit the program you posted can do unlimited urls. With the files it crashes for me with big lists but if you curate a bunch of good links or rss feed xml pages even you can scrape a lot of proxies.

 >>/1224/
https://www.my-proxy.com/free-anonymous-proxy.html
https://freenetproxy.com/
https://coolproxies.blogspot.com.br
https://proxyfreaks.com/
https://oproxy.info
http://captchasniper.com/new/FreeProxies.txt
https://www.my-proxy.com/free-elite-proxy.html
https://sickproxy.com/
https://huntproxy.com/
http://www.white55.narod.ru/downloads/proxylist.txt
http://spys.me/proxy.txt
https://www.binary-zone.com/files/MyProxyList.txt
https://rootjazz.com/proxies/proxies.txt
http://cyber-hub.net/proxy/http.txt
http://cyber-gateway.net/get-proxy/free-proxy
">http://proxy.nghuyong.top/

here is a good list that works curate links like this from big lists from https://www.blackhatworld.com/seo/proxie-scraping-links.464079/page-34

 >>/1224/
whoops I described newsboat wrong its not more intricate
from the website 
> Newsboat is a fork of Newsbeuter, an RSS/Atom feed reader for the text console. The only difference is that Newsboat is actively maintained while Newsbeuter isn't. 


https://newsboat.org/

proxylists... txt
(9.99 MB, 0x0)

 >>/1225/
This source is good, but are they all http/s, or are there socks proxies involved as well? After running ipproxyscraper on it (which took hours, file related is my final result. Might save someone the effort), I got a list of IPs with ports, but no protocols specified.

David Beckham has admitted that a big part of him has questioned whether he was right to retire from professional football but that he has been too busy over the past four months to dwell on the decision.

Hey that's great news.  He's still in pretty good shape.  He'll be signed in no time. Hope he gets a good contract!

Check out the bleeding edge tor source code!!

The 6-hop mod BREAKS THE COMPILING


torsocks git clone http://dccbbv6cooddgcrq.onion/tor.git

 >>/1241/
You can still do the 6 hop mod but in src/core/or/circuituse.c after you change default_path_len to 7 delete the line under it that says
else if fourhop_cutoff

also in src/core/or/or.h you can still change default_route_len to 6 but there is no option to modify max_recent_circuits from 1000 to 100

It compiled for me and linked in 

src/app/tor

I haven't fully tested it yet though.

But you're correct the options have all been removed from or.h .  Also much of the code has been moved around and segregated into different sub directories.  

Keep an eye on this.  Also if you have any other good Tor mods please feel free to share.

circuitstats.h: * 1000 is approx 2.5 days worth of continual-use circuits. */
circuitstats.h:#define CBT_NCIRCUITS_TO_OBSERVE 1000
circuitstats.h:#define CBT_MAX_RECENT_CIRCUITS 1000
circuitstats.h:#define CBT_MAX_MAX_RECENT_TIMEOUT_COUNT 10000
circuitstats.h:#define CBT_MAX_MIN_CIRCUITS_TO_OBSERVE 10000
circuitstats.h:#define CBT_DEFAULT_TIMEOUT_INITIAL_VALUE (60*1000)

this seems to have been moved into src/cor/or/circuitstats.h
 
use grep to search for other missing / moved variables. Thanks for the tip  >>/1241/ ,  >>/1242/ .

 IRC Workflow 
STEP 0)  grab endsh.sh

https://raw.githubusercontent.com/endwall2/endtools/master/endsh.sh

requires torsocks and firejail

STEP 1) Install IRSSI

$ su
# torsocks -i pacman -S irssi
# exit

STEP 2) Modify config file
$ cd ~
$ cd .irssi
$ nano config

scroll to the bottom find the settings section,

settings = {
  core = {
    real_name = "LSnIudlVU3PkBGRuT9VXSOW2WFJ8";
    user_name = "XPDNanEmI6yIFnJf7XStT5wr1SKG";
    nick = "Endwall";
    hostname = "7N3lxpzNCuNgRAslLgsTCBVkPopY";
  };
  "fe-text" = { actlist_sort = "refnum"; };
};

find the settings section and put in random characters, use passgen, change your nick here manually.

$ passgen --bytes 21

STEP 3) Connect

// get a torsocks shell and enter irssi
$ endsh   
$ irssi
[(status)] /connect endchan.net 6667 
[(status)] /join #ENDCHAN
[#ENDCHAN] /window left
[(status)] /help
[(status)] /window right
[#ENDCHAN] /part
[(status)] /disconnect
[(status)] /quit
$ exit
$ exit

for a site with SSL connect with the command 

[(status)] /connect -tls irc.cyberguerrilla.org 6697

[(status)] /connect -tls irc.blackhats.ru 6697
[(status)] /join #SECURITY

[#SECURITY] /part
[(status)] /disconnect
[(status)] /quit
$ exit
$ exit

Note: this method doesn't seem to work with .onion addresses, as it attempts to operate on local host and is denied by torsocks.
I seem to remember being able to access onion irc servers but I used a different program (I can't recall which client). Feel free to add or fill in the blanks.

 >>/1357/

You can also set up proxying to 127.0.0.1:9050 in Hexchat.  This works when connecting to the .onion addresses.

Settings->Preferences->Network-> Network Setup

Fill in the socks5 proxy information.  Then Add the new server in the connection tab using the .onion address and port number.  Works.

Unless there is a discount for buying a vpn with bitcoin. It is not necessarily an anonymous transaction because you theoretically connect to your raw ip with the bitcoin purchased vpn.

What is the search engine that should we use?

 >>/1792/
Use Tor browser for whatever you choose. Some use Searx onion, some use DuckDuckGo onion. I use bookmarks.

I use https://iptotal.io/ to find free socks proxies