/tech/ - Technology

Thread for watching rocket launches and shit.

So, I'm a musician, who wants to have a musical career (a lot of communist musicians had stable careers) and meanwhile stupid porkies tell me that "no, we'd prefer if you were replaced, prole, because there if no place for people like you" and I hear, not only music, but other art, computer science, programming etc. will be replaced by AI. How do we stop this, so people are still prosperous in the real socialst societies?

Darknet markets are as close as it gets to a free market, where you can order drugs and have it delivered to you by mail. The purpose of this thread is to discuss opsec, ask for help and discuss markets in general. This thread should be fully legal as long as you don't solicit or facilitate illegal transactions, meaning:

&ltDon't beg to buy from someone
&ltDon't attempt to sell to anyone here
&ltDon't link to dealer Instagram/Reddit/Snapchat accounts. These accounts are run by either scammers or feds.
&ltDon't directly link to any market. These links could be fake scam/fed markets, designed to phish your login details and steal your cryptocurrency. Only use https://dark.fail/

The following is my personal recommendation for good opsec while conducting business, however, you must [b]read the darknet market bible[/b] (.pdf attached) after you are done with this post. If you don't read theory, it's likely you will be caught and convicted.

>Will I be 100% safe?
In theory, no. The darknet market bible, together with this thread, is meant to minimize the risk of getting caught as much as possible. If you follow the exact procedure outlined in the bible, you should be okay, especially as a small-time buyer.

Tails
Tails is an Linux-based operating system that runs entirely on your RAM and is wiped when PC is powered off. If the cops intercept your item, conduct a controlled delivery and seize your machine, they will not be able to find evidence linking you to the package and you can deny involvement via a lawyer.
You will want to install the Tails operating system to a USB flash drive with at least 8GB of storage. Personally, I'd go for USB 3.0, with at least 16GB storage for persistent volume purposes, or even 128GB or more if you want to store the Monero local node on it. You also need a PC with at least 1GB RAM to run Tails. The bible contains a guide for installing Tails in [b]2.A.2 Installing Tails[/b]. You can download it here:
Post too long. Click here to view the full text.

Suckless seems like a great way to transition from rice to programming.
A good set of training-wheels for the bicycle of the mind.
However there's something extremely pathological about not wanting well designed and implemented features.
It's like cachexia from voluntarily avoiding healthy fats.

This isn't to advocate feature creep, which is ugly and doesn't add to the design of the system.
In rejecting big systemic components which integrate they may even make things more complex.
This is something like having a small standard library, avoiding RPC, or even loose coupling of components.
Implementing these can reduce duplication, and reduce complexity, while allowing more to be achieved.

Everywhere the minimalist takes something rich and make it small.

This might not sound that impressive, but i've just managed to get program-agnostic rio-style window creation working flawlessly in FVWM. Previously it was a flickery, unreliable mess of xdotool commands, but now it's spawning every window iconified, hooking into the window creation event to set geometry from my rectangle selection program and deiconifying it to its correct position.

If you could keep track of all terminals and from which one a particular program is spawned, you might be able to reach true rio emulation closer than even the plan9port version.

Desktop and window management general, i guess.

News from the radio (from like 5 mins ago): instagram is running an ad to promite a law at the european level to force ID verification to download stuff from the app store. Why? Because "teen safety".

I did a quick google search and was able to find this https://about.instagram.com/it-it/approvazionedeigenitori

> Instagram is therefore calling for European legislation that would require age verification and parental approval in app stores, where apps are normally downloaded.
> We are actively collaborating with other industry players, policy makers, civil society, parents and experts in support of this initiative.
> A survey conducted by Morning Consult indicates that three out of four parents in the eight European countries surveyed ( France, Italy, Denmark, Germany, Spain, Poland, Ireland, and the Netherlands), are in favor of legislation requiring parental approval for teen app downloads.

Anyone else?

Comrades, we need a thread on privacy. Any decent activist should try ways of staying anonymous on the web and prevent being tracked by governments and corporations.General tips===* Use free software as much as you can.* Use GNU/Linux and keep it up-to-date, to be sure that you don't have unpatched security exploits* Don't use Flash Player, use youtube-dl instead for watching streaming videos online* Do not use Google, use DuckDuckGo or StartPage instead* Use a password manager like Keepass or for GNU/Linux users keepassx. Create new passwords for every site that you visit and use a strong password as a master password. A tip for easy remembering of your master password is to use a sentence. "i fucking love cookies and tits!" with extra capital characters etc. is easier to remember than some random characters and long enough to prevent brute force attacks of any kind.* Use the Tor Browser Bundle if you really want to stay anonymous.Firefox====* Go to Preferences -> History and set History to "Never remember history". * See for additional tweaks: https://github.com/amq/firefox-debloat and https://vikingvpn.com/cybersecurity-wiki/browser-security/guide-hardening-mozilla-firefox-for-privacy-and-securityAdd-ons-----------* Use uBlock Origin for preventing tracking etc. Bonus: use hard-mode to manually whitelist external domains on sites. Don't use uBlock but be sure to use uBlock Origin https://github.com/gorhill/uBlock/wiki/Blocking-mode:-hard-mode* HTTPS Everywhere* DecentralEyes: prevents CDN hosting from tracking you (Google for Jquery etc.)* Self Destructing Cookies: only allow cookies that you choose to allowOS==* Encrypt your hard drive or home partition at least* If you use GNU/Linux, you can try to restrict systemd or syslog from logging. * Use a distribution which takes security seriously. Also, be sure that you don't install a lot of things outside the repository. It will cover most of your needs.Real life tips===* Pay with cash if you canFeel free to provide tips to each other comrades!

Thread for questions that don't deserve their own thread.
I wanna buy some headphones to go outside i don't want to spend more than 100€ on them. I want them to be mostly durable and secondly to have good sound quality, also i don't want to look like a jackass while wearing them, any suggestions?

i recently came to possess a printed out slide deck detailing an nsa collection program against telegram. i got it very accidentally, i live in a building with many national security-types and found the printout in the trash area. sounds crazy, not sure who's it was or why they took it out of a secure facility, but weirder things have happened. in a past life i used to work in government and even held a security clearance at times, and the program seems plausible to me. not going to post the slides themselves, don't want anyone to get in trouble, but i have no problem summarizing.

* the nsa collection program is called JUICYSTUFF. sometimes abbreviated JUST or JUST*. the program has buckets for different targets. JUSTRUMORS = russia, JUSTCHAOS = china, JUSTDISORDER = north korea, JUSTINSIGHT = iran, JUSTHAVOC = violent extremist organizations, JUSTMIRE = rest of world, JUSTSILENCE = telegram bots, etc.

* the program primarily uses two technical tools, TEMPTINGBAKE, sometimes abbreviated TEBA, and HUNTINGGLASS. both work by spoofing target users when interacting with telegram servers.

* TEMPTINGBAKE is the more sophisticated tool. given a telegram user id, it can collect the user's contact list, messages and media. it can only collect content accessible and readable on telegram servers so not things like secret chats. because its so sensitive nsa limits it to a few hundred targets per day. there are thousands of targeted users on TEMPTINGBAKE collection so most are collected every several weeks.

* HUNTINGGLASS requires a user id and additional telegram key information associated with the target user. nsa can usually provide this from other data holdings. it collects the same information as TEMPTINGBAKE.

* total telegram users targeted is in the 10s of thousands. tasking users is managed by an internal nsa jira instance. the target management aspect of the collection program is called JUDICIOUSHARVEST.

* nsa runs the program for the whole us intelligence community and the five eyes.

fair to have some skepticism about this, would love to see if any anons have heard of this program (i hadn't) or have ideas for figuring out accuracy. i hope the fact that this was printed means someone else out there with more knowledge is trying to get the word out. there's too much organizing that unfortunately happens on telegram not more secure methods imo, so i consider this as a warning. maybe telegram even tacPost too long. Click here to view the full text.

From https://krebsonsecurity.com/2024/10/the-global-surveillance-free-for-all-in-mobile-ad-data/
>The Mobile Advertising ID or MAID — the unique alphanumeric identifier assigned to each mobile device — was originally envisioned as a way to distinguish individual mobile customers without relying on personally identifiable information such as phone numbers or email addresses.

>However, there is now a robust industry of marketing and advertising companies that specialize in assembling enormous lists of MAIDs that are “enriched” with historical and personal information about the individual behind each MAID.

>Some vendors offered only a handful of data fields, such as first and last name, MAID and email address. Other brokers sold far more detailed histories along with their MAID, including each subject’s social media profiles, precise GPS coordinates, and even likely consumer category.

>How are advertisers and data brokers gaining access to so much information? Some sources of MAID data can be apps on your phone such as AccuWeather, GasBuddy, Grindr, and MyFitnessPal that collect your MAID and location and sell that to brokers.

>A user’s MAID profile and location data also is commonly shared as a consequence of simply using a smartphone to visit a web page that features ads. In the few milliseconds before those ads load, the website will send a “bid request” to various ad exchanges, where advertisers can bid on the chance to place their ad in front of users who match the consumer profiles they’re seeking. A great deal of data can be included in a bid request, including the user’s precise location (the current open standard for bid requests is detailed here).

>The trouble is that virtually anyone can access the “bidstream” data flowing through these so-called “realtime bidding” networks, because the information is simultaneously broadcast in the clear to hundreds of entities around the world.

>The result is that there are a number of marketing companies that now enrich and broker access to this mobile location information. Earlier this year, the German news outlet netzpPost too long. Click here to view the full text.