Catalog of /os/


Mode: Thread

Max file size: 350.00 MB

Max files: 5

Remember to follow the rules

Max message length: 4096


R: 40 / I: 6 / P: 1

Meta Thread

Post any comments, concerns, or requests for the board in this thread.

R: 4 / I: 0 / P: 1

Welcome to Online Security: Sticky Thread

Hello and Welcome to /os/, Online Security. This is a board for the discussion of online security, privacy, anonymity, and news from cybersecurity and privacy world.
1.Follow the global rules
2.No Spam
3.No Classified Documents or leaks of Classified Documents or Files (News articles, or commentary about the documents or files is OK)
4.No Child Exploitation Material
5.Images should be safe for work and relevant to the post or thread, commentary can be NSFW
6.No Advertisements of Hacker Services or Solicitations for Hacking Services
Related Boards
tech >>>/tech/ Hacker >>>/h4x0r/ Security Concepts>>>/sec/ EndSoft >>>/endsoft/
Privacy Guides
Software Recommendations
Secure Computing Practices Links
Email Provider
CyberGuerrilla http://lu4qfnnkbnduxurt.onion
Volatile http://vola7ileiax4ueow.onion/
EludeMail http://eludemaillhqfkh5.onion/
secMail http://secmailw453j7piv.onion
Your own mail server. Postfix + Dovecot
GPG GNU Privacy Guard
Security Focused Operating Systems
OpenBSD ,
LibertyBSD ,
Parabola GNU/Linux ,
Arch Linux ,
Gentoo ,
Source Mage
Alpine Linux
QubesOS http://qubesosmamapaxpa.onion/
Whonix http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/
Systemd Free
Devuan http://devuanzuwu3xoqwp.onion
Parabloa GNU/Linux/OpenRC
Hyperbola GNU/Linux-Libre
Systemd Free
Live CDs
Tails, ;
TENS , , US Air Force Live CD , Online banking for mom and dad.
Heads http://fz474h2o46o2u7xj.onion ; Devuan non-systemd version of Tails (Disclaimer: Website uses occult language)
Full Disk Encryption
Computer Hardware
Any computer that can run libreboot.
Router Software

R: 0 / I: 0 / P: 1

Exploit development with artificial intelligence

Exploit development with artificial intelligence

Why don't hackers use artificial intelligence to develop exploits ?

It is quite easy to develop exploits with artificial intelligence.

They do not need to use their own computers for this. There are dozens of artificial intelligence services operating online.

A special artificial intelligence algorithm that you will prepare will scan all the vulnerabilities that have come up to date. By making comparisons between the vulnerabilities it scans, it determines the cause and source of the vulnerabilities in a way that a human cannot perceive.

Understands how to develop exploits against vulnerabilities by examining all exploits written.

That's what intelligence agencies do. This is how hackers should do it.

R: 0 / I: 0 / P: 1


R: 0 / I: 0 / P: 1

The "hardware antivirus"

Antivirus and cyber security systems used for computers are software-based.
Today, cyber espionage can be done not only with codes and programs, but also on hardware.
It is possible to spy directly on the hardware, bypassing the operating system and antivirus by loading harmful codes into the firmware on the chips of the hardware.
While it is possible to clean the malicious rootkits infecting the UEFI / BIOS firmware and Harddisk firmware of the computer by reinstalling the original firmware of the hardware manufacturer, the firmware of the chips in the other hardware of the computer (keyboard, mouse, mouse, usb controller, camera, microphone, video card, PCI slots and other hardware) It is not possible for ordinary people to detect and clean rootkits infected with the rootkit.
For this reason, a special operating system or special system software is required to detect rootkits that infect the firmware of chips in other hardware.
This system and operating system can detect by examining the signals given by other hardware to the system and by examining the operation of the firmware on the hardware chip, if possible, by examining its digital signature.
You can claim that the Sniffer and Monitor programs on the market can do this function. But these programs can examine as much as the operating system they are running gives them.
Therefore, a different system or operating system is required in this regard. Apart from this, "hardware antivirus" can be developed as an alternative to software antivirus and software cyber security systems.
Security software is usually installed on the operating system, the operating system kernel and, if necessary, the motherboard bios/uefi section. Alternatively, a "hardware antivirus" with a different motherboard and processor can be placed inside the existing computer case, regardless of the computer used.
The difference of this "hardware antivirus" from IDS, IPS and External Firewalls is that it can directly connect to the computer's memory, hard disk and network paths with a physical cable or implant, and physically control the computer system, ensuring the security of the computer regardless of the current operating system and motherboard.
This "hardware antivirus" can physically monitor the computer's input and output ports, stopping hard-to-detect BadUSB and NSA ANT tool attacks.

R: 283 / I: 0 / P: 1


Endware is a suite of programs geared towards internet privacy, security, and anonymity.

Endwall: is an iptables based firewall script designed to be implemented on any linux distribution shipped with iptables. is based on default drop policies, coupled with a novel strategy of passing packets on local host ports only for those enabled by the enduser. It comes with a variety of well used ports enabled with several additional port passing configurations available by uncommenting the script. It provides essential security to a new user.

Endsets: is a script that adds blacklisting and whitelisting functionality to It depends on the program ipset. It is persistent on reboot if you enable ipset as a service. This is the recommended blacklisting tool for endwall if you are running a server or planning on opening up ports and services to the public and will require daily blacklisting of new incomming IPs.

Endlists: is a traditional text file list based blacklisting and whitelisting script. It has slow performance, and can't be updated on the fly. Good for <1000 ip subnets, very tedious and slow to run for more than that. Blocks the IPs by adding them as individual rules to the iptables ruleset. Works but not recommended for heavy duty on a server. May be useful for workstation use to block ip ranges if you are not opening up ports and services to public clients.

Endtools: endtools are a collection of scripts including,, and These scripts will help to service an enduser of endwall in adminstering endsets/endlists. is a geoiplookup script written in python and requires python and pygeoip. It has simmilar functionality to maxmind's geoiplookup program and uses the maxmind *.dat files. is a script that searches through log files to find flagged log entries flagged in, and is a daily log reading script designed to read the output of an apache http server's log output. is a daily log reading script designed to read the output of a postfix smtp server's log output.

Endtube: is an anonymizing download manager for youtube videos. This program can use https proxies, tor, and youtube-dl to download videos from youtube or other video vendor sites by selecting a random user-agent and a random proxy, and by using random delay timing between downloads to create bursts rather than streams.

Endloads: is a command line interface (cli) download manager forked from that uses random download timing, random user-agents, wget and torsocks.

These programs may be found at the following locations:
Endware Development Team Hidden Service

provided for ease of access to new users to linux, and for access to Endware by non tor users, on an incremental basis.

More programs will be added to the Endware program suite as their creation and customization become obvious, evident, and necessary.

All programs in the Endware suite were inspired by EndChan and were named in honor of and we thank OdiliTime for his patronage and for his generous hosting of this project.

R: 98 / I: 4 / P: 1

Internet Security General

Continuing from >>>/tech/597
This is for non specific, general tips for anonymous web browsing and downloads, tips on browsers and browser configurations for the security concious that you don't want to make a new thread for.

R: 89 / I: 5 / P: 1

VPN/proxy/TOR general thread

Cool board idea.

What's the safest possible way to browse the internet anonymously and safely? There's a thread on /tech/ with the endwall developer talking about proxychains, and that seems pretty cool. Some of the links to proxy lists seem dead, and I have found some online but why should I trust these random 'free' proxies?

What about proxychains over VPN? I'm currently using Mullvad which is alright, and I'm curious about more security if need be. Does a VPN -> proxychain -> TOR connection work? Sounds horribly slow in theory, but I think we all know that privacy comes at a cost in our current world.

I suppose I could call this a 'VPN/proxy/TOR general thread.'

R: 12 / I: 0 / P: 1

I for one welcome our new overlord

I was about to claim this board, but seems like Endwall guy claimed it. Please disable captcha for replies. Also, guess this is a meta thread.

R: 17 / I: 0 / P: 1

System Resources

I have some observations to make.

## I just tested these systems:
MS DOS 6.22 runs in 384K of memory (1994)
MS Windows 3.11 runs in 2MB of memory with a full mouse driven GUI (1994)
Macintosh OS 7.53 runs in 7.4MB of memory , full GUI + TCP/IP (1996)
Macintosh OS 8.1 runs in 13.2MB of memory, (1997)
Macintosh OS 8.6 runs in 26MB of meomory, (1998)

OpenBSD 6.1 starts in text mode command line in 27MB of memory
OpenBSD 6.1 in Xenocara uses 65-80MB of memory to start up.

## from recollection:
Windows 7 800MB of memory (2009)

Parabola GNU/Linux starts in text mode cli using 150MB of memory
Parabola GNU/Linux in weston uses 300MB of memory

If someone could fill in the blanks (ballpark) for Windowws 95,98, 200, XP,Temple OS, Minix, etc. That would be helpful. The point I'm trying to make is that if you could have a working GUI with TCP/IP networking in 2-15MB of ram why the hell does Linux need 150MB to start up and release a console to me? What the hell is going on in there?

How much does Alpine linux use? Minix? ReactOS? HelenOS? Temple OS? etc.

Less is better.

R: 0 / I: 0 / P: 2

secret badusb attack

When my computer is not connected to the internet, even though I formatted, changed the bios software and changed the hard disk firmware, the program opens by itself and the mouse cursor moves by itself. When I examine with the Wireshark program, an interrupt signal comes from the usb ports even though the device is not plugged into the usb ports. In this case, I am complaining. Logs are attached.
no programs are open. the signal is coming from usb ports not programs. Signal incoming ports are undefined and empty. An interrupt signal is coming, not a connect signal.
Before this event happened, when I checked the usb ports via wireshark, the interrupt signal was not coming.
It's not a simple badusb pressing keyboard keys.
It is a very sophisticated badusb attack that installs itself on a different linux pci module via the kernel.
badusb wireshark logs

R: 499 / I: 3 / P: 2

Online Security News

See a news article or CVE bug report on an emerging computer security issue and want to share it? Post below.

I will also post links to Hak5 Threatwire videos.

R: 8 / I: 4 / P: 2

Windows Security Thread

WINDOWS NT Security Thread

It turns out that MS Windows NT has an 80% market share in the Desktop Operating Systems Market (whatever that is...) So in all likelihood, if you work a job anywhere, you will be forced to sit down and work on one of these machines running this well known gem of an operating system. You probably won't have administrator rights, but that's OK, we'll make do.

In reality there is no Windows security but in this thread we will try to make life a little bit better even if it is just for a placebo effect. Also Windows hackers come and show us how you hack us up real good, and help our poor unprivileged users gain administrator rights without a password, so that they can install Mahjong. Windows Advanced Firewall, Registry Editing, Browsers, etc. Post all the tips and tricks to make Windows NT better than ever.

R: 48 / I: 0 / P: 2

Youtube Replacements

Google engages in sophisticated datamining of your video viewership. Youtube is also a prism service provider.

List any substitutes for youtube for use with youtube-dl or endtube below:

R: 86 / I: 6 / P: 2

Secure OSes

What is the best OS option for a secure setup?
How do OpenBSD and Linux with patches compare in terms of the security they offer?

R: 27 / I: 2 / P: 2


Discuss best practices for operational security.

R: 112 / I: 13 / P: 2

/vnc/ general

Pwn the chink edition
Come explore the internet with other Anons
Well let's give finalchan a go

R: 20 / I: 1 / P: 2


In this thread we will discuss cryptography, cryptosystems, crypt-analysis, and tools for cryptography such as gpg and other tools. If you work in this field or hear of some relevant news about this field feel free to contribute. Use hyperlinks and source citations to back up any claims made if necessary.

R: 14 / I: 1 / P: 2


Discuss hardware and alternative hardware concepts to increase computer and online privacy and security.

R: 37 / I: 4 / P: 2

Want to say something off topic about anything?

Have a hot tip about something in the computer security world that doesn't fit into any current thread or category?

Want to chat with your fellow invisible 7 proxy friends?

Want to tell Lt. Gen Michael Hayden, Lt. Gen James Clapper,GEN Keith Alexander, ADM Michael Rogers, GEN Paul Nakasone, GOOGLE, AMAZON, FACEBOOK, Microsoft, Apple, etc. how you feel?

It's open mic at >>>/os/ , anything goes!!

Put all of your banter here:

R: 0 / I: 0 / P: 3


I have a VPN and am using Tor with JavaScript turned off. What more can I do to boost security?

R: 3 / I: 0 / P: 3

Definitions and Threat Models

Definitions and Threat Models

In this thread we discuss the definitions of Privacy, Security, Anonymity. We also create and describe common threat models that chan users might face.

Who is the enemy? What tools do they potentially have? What could they do to you? How do you mitigate these threats and potential harms?

R: 0 / I: 0 / P: 3

openvpn vs wireguard

I read that wireguard has a smaller attack surface than openvpn. I think this might be an over-simplification. Can there be vulnerabilities when one piece of software interacts with another? If so, wouldn't it be more difficult to detect?

R: 60 / I: 1 / P: 3

Discussion Thread

Want to say something off topic about anything?

Have a hot tip about something in the computer security world that doesn't fit into any current thread or category?

Want to chat with your fellow invisible 7 proxy friends?

Want to tell Lt. Gen Michael Hayden, GEN Keith Alexander, ADM Michael Rogers, GEN Paul Nakasone, GOOGLE, AMAZON, FACEBOOK and Microsoft etc. how you feel?

It's open mic at >>>/os/ , anything goes!!

Put all of your banter here:

R: 9 / I: 0 / P: 3

Tor Hidden Service Mail Server

############### BEGINNING OF GUIDE ##########################

In this thread I document and revise how to set up a tor hidden service email server, you may substitute the servers that you are most comfortable with.

STEP 0) Collect the relevent files from The Endware Hidden Service
Set up a tor mail server using postfix or OpenSMTPd, with dovecot for imap or pop.

You may contact me anonymously at [email protected].onion
Use to send mail to this account.

Encrypt with pgp and send messages and files by email on a tor hidden mail service on port 25.

Everyone should do this. Then just share your hidden service address and handle.



http://nguipxnkrp3qrzrlduhsatpcpwehnblzmlkc5ifiumxq4z5jlh4lwvid.onion/content/dovecot/ <--- download all of these config files

Try it out!

STEP 1) Install Postfix

$ su
# torsocks pacman -S postfix dovecot
# ...

# cd /etc/postfix/
# cp /etc/postfix/

STEP 2) Install Dovecot

# cd /etc/dovecot/
# mkdir -p conf.d
# cp dovecot.conf /etc/dovecot/dovecot.conf
# cp *.conf /etc/dovecot/conf.d/
# cp *.ext /etc/dovecot/conf.d/

STEP 3) Make ssl self signed certificates for postfix and dovecot
And place these in the appropriate directory
This might require entropy so you might need to run haveged first

# torsocks pacman -S haveged
# haveged

# mkdir -p /etc/pki/tls/certs
# mkdir -p /etc/pki/tls/keys
# cd /etc/pki/tls/keys
# openssl req -x509 -newkey rsa:4096 -keyout postfix.key -out postfix.crt -days 365 -nodes
# openssl req -x509 -newkey rsa:4096 -keyout dovecot.key -out dovecot.crt -days 365 -nodes
# mv postfix.crt ../certs/
# mv dovecot.crt ../certs/

or use libressl or gnutls and create the same certificates

now go back and edit /etc/postfix/ and /etc/dovecot/dovecot.conf to reflect the location of the certificates and keys

STEP 4) Start the services

# systemctl enable postfix
# systemctl start postfix

# systemctl enable dovecot
# systemctl start dovecot

or the openrc equivalent to enable and start the services.

STEP 5) Setup tor for mail hidden service

# mkdir -p /srv/tor/mail

Add this to your torrc file and start tor

nano /usr/local/etc/tor/torrc

HiddenServiceDir /srv/tor/mail/
HiddenServiceVersion 3
HiddenServicePort 25

your hidden service name will be generated and placed in the directory /srv/tor/mail/hostname

# cat /srv/tor/mail/hostname

This is the hostname for your mail server. Go and edit /etc/postfix/ to reflect this.

Do Not Share the private key from this directory with anyone, and change the permisions to read only with no access to other.

# chmod o-rwx /srv/tor/mail
# chmod g-rwx /srv/tor/mail
# chmod u-w /srv/tor/mail

#################### INTERMISSION #########################################

R: 0 / I: 0 / P: 3

Tor Relays

I thought that we should have a thread on running a Tor relay from home, as it didn't seem to fit in with the existing Tor thread. There are several benefits, namely that it mixes any traffic you yourself make on Tor with the traffic of others, which could make it harder to perform traffic correlation. It also increases the bandwidth of the Tor network, of course.

torrc Relay Configuration
Nickname <your nickname>
ORPort 9001
ExitRelay 0
SocksPort 0
ControlSocket 0
ContactInfo <your email>

This config sets up the Tor daemon to run as a middle node. I'd recommend using a separate email as the contact info. The nickname can be anything you want.
It's possible to run it as an exit node, by changing ExitRelay to 1. However, this is very likely to bring the attention of your ISP/Law Enforcement, and you'll probably get banned from many clearnet sites.

It's best to check if your ISP cares about running a relay; mine is apparently fine with it, but I imagine that some may get annoyed and send you letters, or rate limit you or something like that. There's a list at, although it is incomplete.

This thread would probably be good for discussing running similar things with other networks (BT seedboxes, GNUnet nodes etc).

R: 19 / I: 2 / P: 3

Endware EULA

The Endware EULA is one of the most insanely idiotic things I have ever read. At no point in your rambling, incoherent license were you even close to anything that could be considered a rational thought. Everyone in the open source movement is now dumber for it having been written. I award you no points, and may God have mercy on your soul.

Also, btw, it's probably not meaningfully enforceable. A halfway competent lawyer would tear it to shreds in a court of law.

You should really consider changing it to one of the standard OSI or FSF approved licenses, most of which have been vetted by lawyers, some of which have actually been tested in court and (almost?) none of which are insane garbage like the Endware EULA.

R: 14 / I: 0 / P: 3

Compile Thread

Endwall guy should keep irrelevant compile instructions in this thread by editing the OP or edit the Sticky thread before purging said irrelevant posts in various threads. Just remind them to compile from source and redirect them to this thread.

R: 5 / I: 1 / P: 3

Chrome Addons

A lot of browser addons or extensions claim to improve privacy and security. These include Ghostery, Disconnect and Privacy Badger along with a slew of others.

I think for most entry level computer users that those type of addons might provide something useful. To people who are more experienced with browsers and their extensions they seem like a gimmick or just fancy visual feedback. A lot bells and whistles with very little actual functionality.

What can really make surfing the internet a much safer experience? If we focus on HTTPS, SSL and Digital Certificates then we have a good head start. From there we can protect ourselves from ads that might lead to sketchy websites. We can beef up our passwords and add authenticators to our accounts. At the most zealous level we can disable javascript and flash.

The following extensions are for Chrome.

Adblocker Ultimate accomplishes the two jobs that all adblockers must. First it has to have a pretty good idea of what is undesirable content and what it is that users want to see or interact with. Also there are no false positives; Adblocker Ultimate pretty much never identifies images or other website content as ads when they aren't.

The extension is also easy to turn off. You can disable it entirely or just for a webpage. The function that allows you to add new blocked elements works extremely well.

Authy integrates authentication into the browser. I have not personally used this extension. The use of authenticators is extremely powerful security wise. I prefer to use my phone and download apps that have authenticators because I see having two different pieces of hardware as more secure than an application running beside another on the same device.

R: 3 / I: 0 / P: 3


Anyone here run FreeBSD on hardware?

R: 2 / I: 0 / P: 4

BTC Mixing services links


R: 0 / I: 0 / P: 4

end/tech/ archive

All of the hundreds of threads just deleted from end/tech/ are available there.

R: 7 / I: 0 / P: 4

SSH privacy

How can I anonymously ssh into something? Going through Tor and using a freshly generated key for identification is obvious, but how can I make sure that there is no data leakage above all that? I haven't been able to find any guides on that, even though it seems like something a lot of people might be interested in doing.

R: 5 / I: 0 / P: 4

Non ICAAN controlled domains

I have a website but I'm afraid that it won't stay up within the first year that Trump gets in. I would eventually pay for my own static IP but before then, I need to really decide on what website domains I should use that isn't too expensive. Some territorial domains have specifications as to what can and can't be done while other domains are controlled by FVEY. .is BTW, is super expensive, I was told that the price is around $500.

R: 0 / I: 0 / P: 4


R: 5 / I: 1 / P: 4


what do they have?