Anonymous 02/14/2016 (Sun) 00:10:59 [Preview] No. 1726
About the developer: I will remain anonymous as best I can.
I am not a professional computer scientist or programmer.
I have other commitments and can't maintain a continuous development cycle, but will work on this project sporadically as I have ideas or as issues emerge.Help and assistance on ideas are welcome. Critique and criticism of my tools are also welcome. Positive and negative reviews of experiences using endwall endset and endtools are also welcome.Point out any bugs that you find in the code and or errors in logic or in style or implementation that you find in the script and I may modify it in a release upon review.
Anonymous 02/13/2016 (Sat) 06:51:33 [Preview] No. 1693
>>1687 1)My hope was to get some help with internet security by starting a thread asking for contributions of techniques and ideas. So far that's worked out pretty well. that ipsets thing has solved a major problem my server was running into. I'm glad I got that tip from here. Thanks >>1652 good work!
This entire board >>>/os/ is basically the last 30 mins of Star Trek 2: The Wrath of Khan, with Endwall in the staring roll as Khan, and Admiral Michael Rodgers in the Staring role as Captain James T. Kirk.
Endwall: "I spit my dying last spit at thee Rogers!!" Admiral Michael Rogers: "ENDWAAAAAAAAALLLLLLLLLLLL!!!!!!!!!!!!!!!!!!!"
Jupiter Broadcasting Performance Meltdown | TechSNAP 351 Posted on: January 11, 2018
http://www.jupiterbroadcasting.com/121472/performance-meltdown-techsnap-351/ The types of workloads that will see the largest performance impacts from Meltdown, tools to test yourself & the outlook for 2018. Plus a concise breakdown of Meltdown, Spectre & side-channel attacks like only TechSNAP can. Then we run through the timeline of events & the scuttlebutt of so called coordinated disclosure. We also discuss yet another security issue in macOS High Sierra, a backdoor in popular storage appliances.
Hak5 Break And Enter Dropbox - Amazon Key Gets Hacked - ThreatWire Amazon's Key has another vulnerability, Apple's source code gets leaked, and cryptomining hits government sites.
Continuing from >>>/tech/597 https://archive.is/INR3l This is for non specific, general tips for anonymous web browsing and downloads, tips on browsers and browser configurations for the security concious that you don't want to make a new thread for.
>>1126 I didnt make the image I found it on one of the rebeccablack/tech/ archives. Ghostery I still never was crazy about because it is like noscript if it noscript was bloated and didnt work. I always try and remember the addons I am missing when configuring a firefox fork and that was a good image to use back a year or 2 ago. >You can mess with the settings on most apps, repack them, and run them your way instead of having them screw with everything.
That is something I will keep in mind because some addons stop working like "white noise generator" which did what "trackmenot" does but in a seperate window with tabs randomly switching to random webpages.
I have a few suggestions to add to the list adnausium, dolus, tamperdata and http nowhere
If you are not used to using Linux, I recommend starting with Ubuntu. Unless you have a very good reason, starting with a pentest-specialized OS like Kali or BackBox seems stupid - I don't see why anyone would want to use these for general purpose computing. If you are experienced with Linux or don't mind a very steep learning curve, I would recommend Arch Linux or Gentoo.
4 GB USB probably enough, some OS will require 8 GB.
>>12337 It's a Gentoo image that has PORTAGE_BINHOST="https://cloveros.ga" in the /etc/portage/make.conf and packages built with CFLAGS="-Ofast -mmmx -mssse3 -pipe -funroll-loops -flto=8 -floop-block -floop-interchange -floop-strip-mine -ftree-loop-distribution" Gentoo is hands down the best Linux distro and CloverOS only makes this perfection easier to achieve.
Is there a way i could use the normal gentoo repositories with this? I see that you've set up your own repositories for use. I've tried disabling it but i only get either very limited use or git builds (9999?). I can't use the git versions either because they have this rather odd cycle dependency issue.
Sorry i'm not good with gentoo and the handbook isn't helping
Run minimal, if there is a zero day for one service say apache, but you also host your mail using postfix, depending on the severity of the exploit, your loose your mail security as well.
If your server doesn't need a package to do its job, don't install it. Run minimal for the same reason as above. Once the attacker gets in they'll have more tools to work with the more you install.
Run postfix and dovecot on one server, and httpd on another shut off port 25 143 on the apache server, and depending on your use case shut off port 80, input on the mail server, etc. Run with the minimum number of ports open for each service to operate.
I'm not an expert but these are just feelings about it. I'm not rich enough to host all of my services on different computers but if you are you should.
There is "owner" module that allows controlling OUTPUT traffic on per user or per group basis. And if you use separate users for every service running just like you should, you can control every service with iptables. For example permit traffic going to internet for tor daemon user and permit only localhost traffic for everything else.
Endwall guy should keep irrelevant compile instructions in this thread by editing the OP or edit the Sticky thread before purging said irrelevant posts in various threads. Just remind them to compile from source and redirect them to this thread.
What's the safest possible way to browse the internet anonymously and safely? There's a thread on /tech/ with the endwall developer talking about proxychains, and that seems pretty cool. Some of the links to proxy lists seem dead, and I have found some online but why should I trust these random 'free' proxies?
What about proxychains over VPN? I'm currently using Mullvad which is alright, and I'm curious about more security if need be. Does a VPN -> proxychain -> TOR connection work? Sounds horribly slow in theory, but I think we all know that privacy comes at a cost in our current world.
I suppose I could call this a 'VPN/proxy/TOR general thread.'
>>1116 Cheers, Endwall. Any updates in the interim will be published at that link. And hopefully with another living soul around, it'll attract others and we can turn this closed cycle into a growing fibonacci spiral.
One thing people will notice but never say is that normies WANT TO USE VPNS THEY THINK THEY CAN USE ONE ON A PHONE.
Look at android and itunes top apps paid and free. Those lists are LITTERED with BULLSHIT VPN apps that DO NOTHING for privacy. Hypocrites. Anyone who says "lets microchip everyone I aint got nothing to hide" They do they are hiding behind that talking point instead of an actual opinion. Somehow the media has convinced the people to want to ban vpns while the top apps for mobile are vpn apps aside from games and shit like tinder.
These cucks want all they microchips laws to go through. They think hola free vpn .apk is going to hide them as they downvote something they are supposed to downvote. Look at chrome extentions firefox extensions. All browser fingerprint spoofing.Look at the most torrented proprietary software. All virus protection programs like mcaffe and norton antivirus.
they think that they are not supposed to use vpns or shit that actually works. A bunch of incognitos pretending they dont need privacy. They dont need privacy now that being a pathetic homosexual that does nothing but pout about liberal nonsense is the ideal citizen.
>>1120 Perhaps the most loud are the most unaware. I would bet my money the ones who care know anything about VPNs aren't dumb enough to yell and scream about muh terrorists or such. Or atleast there may be a little overlap.
>>1124 Ah mate, I'm on your side, there's been some miscommunication. What I meant was the age old "vocal minority" being the loudest, while the majority quietly enjoys their lot, with a slyly opportunistic smirk.
>Facebook acquisition of Israeli mobile-analytics company Onavo (a VPN service) >data show in detail how the social-media giant employs it to measure what people do on their phones beyond Facebook's own suite of apps. >"Websites and apps have used market-research services for years," the spokesman said >has been downloaded an estimated 24 million times
A lot of browser addons or extensions claim to improve privacy and security. These include Ghostery, Disconnect and Privacy Badger along with a slew of others.
I think for most entry level computer users that those type of addons might provide something useful. To people who are more experienced with browsers and their extensions they seem like a gimmick or just fancy visual feedback. A lot bells and whistles with very little actual functionality.
Adblocker Ultimate accomplishes the two jobs that all adblockers must. First it has to have a pretty good idea of what is undesirable content and what it is that users want to see or interact with. Also there are no false positives; Adblocker Ultimate pretty much never identifies images or other website content as ads when they aren't.
The extension is also easy to turn off. You can disable it entirely or just for a webpage. The function that allows you to add new blocked elements works extremely well.
Authy integrates authentication into the browser. I have not personally used this extension. The use of authenticators is extremely powerful security wise. I prefer to use my phone and download apps that have authenticators because I see having two different pieces of hardware as more secure than an application running beside another on the same device.
HTTPS Everywhere forces connections on websites to be made through HTTPS instead of HTTP. I have seen a number of times where a website's homepage will have HTTPS enabled but some other portion will not be encrypted through HTTPS.
Keeper Password Manager is by far one of my favorite addons. It does a perfect job of saving usernames and passwords. It allows for the easy generation of new passwords that are extremely secure. The features that it offers for free are top notch.
I don't endorse google chrome, and generally avoid any products and services produced by this company if you want to maintain computer and internet privacy and security. Their entire business model is to invade your privacy and sell the information to advertisers and to the government. Avoid all of their products if possible.
That said I'm sure this thread might be helpfull to windows users. So go ahead and start a Windows 7 security thread as well.
TrackMeNot is a lightweight browser extension that helps protect web searchers from surveillance and data-profiling by search engines. It does so not by means of concealment or encryption (i.e. covering one's tracks), but instead, paradoxically, by the opposite strategy: noise and obfuscation. With TrackMeNot, actual web searches, lost in a cloud of false leads, are essentially hidden in plain view. User-installed TrackMeNot works with the Chrome Browser and popular search engines (AOL, Yahoo!, Google, and Bing) and requires no 3rd-party servers or services.
CIAO identifies trusted and working free proxies using its own community. CIAO is instrumented to collect anonymous data about proxy performance and behavior (e.g., amount of data downloaded, page download duration). This data is reported to our servers as an input for the proxy selection algorithm. To bootstrap this process, our servers discover free proxies by crawling proxy aggregator websites. Each proxy is then tested daily to verify reachability, performance, and behavior. ''
(useful for sites like mega.co.nz)
I would recommend getting the binary, or compiling yourself, a Firefox 52 ESR. ESR/Nightly/Dev builds have extra features that regular versions don't. Such as installing non-Mozilla signed apps and more about:config options.
I would also recommend using this doc to mess with your settings in about:config. It's not a comprehensive list (I've yet to be able to spoof my vendor), but it has enough where you can work towards making yourself camouflaged. Using this site
And HTML5 canvas is one of the best ways to track you, considering it generates a near-unique signature for users. For this, you should use this and set your settings to "fake readout API" and "constant" for random number generation. This will help blend you in with the rest of the user info. Turning it off is almost as bad as having it on, because that in and of itself is a unique fingerprint.
>>12362 >a nice problem to have Not really, I'd like to be here all day long...
>What do you do? Videomaking and stuff like that. I would like to get into formal proof/verification, though. Maybe in the next years following.
>>12383 How ironic, people from /g/ couldn't decide on a logo to making an operating system for many years until some dedicated dev had kept on improving the content of the frequently abandoned /g/ project more than the logo up to how it is now (CloverOS), yet people like you care less about content and care more about a fucking picture.
People here in the last thread couldn't decide on anything collectively, and I did listen to someone's request in providing a good image but that guy needed to polish that image a little more to be presentable to my standards yet he was just too busy to deliver. Same goes to the guy that wanted to have a custom CSS that fits his own terminal colorscheme, he didn't come back to post the finished CSS. You have to be the change that you want to see in here. However, if you really want me to make a new sticky just to qualm your autism, the blood will be on your hands.
Provide me a competent image and have someone else here to agree with you in its implementation and do it ASAP but don't make me wait too long. However, this is really truly a non issue, but the real issue is that I will only allow just one more sticky image change. Get it right this time or I'll remind you all it's your guys' fault and I'll make a new sticky without any OP image and make it an official rule to not bitch about the sticky thread image posthumorously when there's no sticky image to even complain about.
Software support. Most UNIX-like systems lack support for mainstream tools that these guys need. Also, the US government has contracts with Microsoft, as well as universities.
The server running the services from police is most likely a gnu/linux or BSD system.
Some sensitive groups in inteligence agencies don't use Windows because of security, just the 'normal' police.
A group of hardware hackers came across a small transmitter inside Lenovo AC Adapters, that when turned on, would send signals to your computer which would then send data to Lenovo about your charging habits on February 9, 2018.
The application that allowed this to work is included in all Windows 10 operating systems that come pre-installed on Lenovo computers and has supposedly been this way for eight months.
When asked about the purpose of these chips, Lenovo stated that they were to create better computers and help with power reduction in specific situations, and also acknowledged that these chips are in no way malicious and will never be used for malicious purposes.
Having defeated a defamation claim for speculating that using Grsecurity's Linux kernel hardening code may expose you to legal risk under the terms of the GPLv2 license, Bruce Perens is back in court.
This time, he's demanding Bradley Spengler \u2013 who runs Open Source Security Inc and develops Grsecurity \u2013 foots his hefty legal bills, after Spengler failed to successfully sue Perens for libel.
Perens, a noted figure in the open source community, and his legal team from O'Melveny & Myers LLP \u2013 as they previously told The Register \u2013 want to be awarded attorneys' fees under California's anti-SLAPP statute, a law designed to deter litigation that aims to suppress lawful speech.
That deterrence takes the form of presenting unsuccessful litigants with the bill for the cost of defending against meritless claims.
"Plaintiffs Open Source Security, Inc. and Bradley Spengler sued Defendant Bruce Perens to bully him from expressing his opinions that Plaintiffs' business practices violate Open Source licensing conditions and to discourage others from expressing the same opinions," Perens' latest filing, submitted to a US district court in San Francisco today, declared.
"Rather than allowing the public to judge Plaintiffs' contrary opinions through public debate, Plaintiffs tried to 'win' the argument on this unsettled legal issue by suing him."
Perens is asking for $667,665.25 in fees, which covers 833.9 hours expended on the litigation by numerous attorneys and a $188,687.75 success fee agreed upon to allow Perens to retain representation he might not otherwise have been able to afford.
Disregard this faggot, he can't even post the goddamn link to the article to make people reply to the /news/ thread while having a slightly misleading subject line (goes to show the OP is very much so technology illiterate). Just read the article for yourself.
This spent a whole year on reddit and no one saw it because the poster had zero attention whoring karma. Reddit is such a fucking echo chamber full of faggots jerking each other off they didn't notice the leak of the decade. I fucking hate reddit so god damn fucking much.
On topic: this could result in some awesome hacks, however I hear this will be exploits only as the hardware won't allow a custom bootloader or something?
>>12374 You didn't heed my warning the last time in >>12294 which that last stunt was just terrible. The first thread you've made was okay, but the previous thread you made at least had the fucking link. This is really my extended warning in not deleting your overly sensationalized drivel immediately at sight. You have contributed essentially nothing of use, nor to this very thread. I honestly prefer desktop threads over your pathetic attempt at technology journalism when you yourself don't understand what you're saying. I'm going to lock this fucking thread too, please don't come back.
>When can I buy a lowRISC SoC? >As with most tech projects, the most accurate answer is “When it’s ready”. >We are expecting to crowdfund an initial instantiation of the lowRISC platform during the course of 2017.
I'm pretty sure the lowRISC FAQ said 2016 last year. It didn't happen, obviously, and it was changed to 2017, but we're running out of that, too. Ten weeks left, boys. Is a lowRISC SoC vaporware for another year?
At what point do we start looking to the J-x processors based on Hitachi's SuperH architecture? The last SH-4 patents are expiring this year.
>>12350 >why RISC chips always run so fucking hot ARM is RISC and run really cold. I don't think that a issue is RISC. Power was constructed primarilly for servers, so it will have more cores running, more L1 cache entries, so on.
>How is it that x86 has gotten around this? From what I know, adaptative methods. For example, the clock and voltage adapts to the need of the user.
Endware is a suite of programs geared towards internet privacy, security, and anonymity.
Endwall: endwall.sh is an iptables based firewall script designed to be implemented on any linux distribution shipped with iptables. endwall.sh is based on default drop policies, coupled with a novel strategy of passing packets on local host ports only for those enabled by the enduser. It comes with a variety of well used ports enabled with several additional port passing configurations available by uncommenting the script. It provides essential security to a new user.
Endsets: endsets.sh is a script that adds blacklisting and whitelisting functionality to endwall.sh. It depends on the program ipset. It is persistent on reboot if you enable ipset as a service. This is the recommended blacklisting tool for endwall if you are running a server or planning on opening up ports and services to the public and will require daily blacklisting of new incomming IPs.
Endlists: endlists.sh is a traditional text file list based blacklisting and whitelisting script. It has slow performance, and can't be updated on the fly. Good for <1000 ip subnets, very tedious and slow to run for more than that. Blocks the IPs by adding them as individual rules to the iptables ruleset. Works but not recommended for heavy duty on a server. May be useful for workstation use to block ip ranges if you are not opening up ports and services to public clients.
Endtools: endtools are a collection of scripts including alogz.sh, mlogz.sh, spamlogz.sh and iplookup.py. These scripts will help to service an enduser of endwall in adminstering endsets/endlists.
iplookup.py is a geoiplookup script written in python and requires python and pygeoip. It has simmilar functionality to maxmind's geoiplookup program and uses the maxmind *.dat files.
spamlogz.sh is a script that searches through log files to find flagged log entries flagged in endwall.sh, endsets.sh and endlists.sh.
alogz.sh is a daily log reading script designed to read the output of an apache http server's log output.
mlogz.sh is a daily log reading script designed to read the output of a postfix smtp server's log output.
Proxyload is down again (I noticed this 2 weeks ago). They changed something with the website. I'll look at this next weekend.
I fixed some channels in endstream and added some stuff to endradio.
I spruced up rmpac-files so that the user just needs to capture the error output of pacman -Su, but doesn't need to edit the file as it will jump to the proper line automatically. It now asks you for deletion confirmation.
I also made a windows version of endstream called winstream as a batch file it's in prototype stage and works with the windows version of youtube-dl and mpv, it needs some sprucing up, but it's low priority. I made this to play news at school on the windows computers with the projector screens, it works well enough.
>>440 Nature is intelligent, I repeat, indescript! Always organized mysterious, the code, everything! As a rule, an accessory to the flow of the subconscious, in the dark, this virtual training is not enough. Many times people die, they, as before, on the tiled floor, but also in vivo...
>>12301 What stops an attacker from disguising malicious device as a legit one with ease if it's just a short UUID string that defines a device purpose and identity, not a cryptographically signed public key.
>broken links on a site lmoa
Hie, I'm trying to find a good solution to never get out of storage on my HDDs, for my backups and my regular use.
What is your data storage solution?
I want, if possible, a solution that is the most freedom compliant.
There is the usb HDDs, 3/4 plugged on a rasp.
There is the NAS with 3.5' HDDs in it.
Maybe a cheap 20$ computer with the HDDs in it with linux installed...
What should be the best? What HDD to buy (there are these backdoors, even though I don't think I can find any without)
Is there some kind of file system with scalable fault tolerance/precautions?
Lets say i want to store away 500MB on a DVD and i create an image that fills the whole 4.7GB of a DVD with various redundant blocks of that data, surrounded by check sums and whatnot, as much as i like (scalable).
I hope this way it will be more likely that you can read or recover that data after a long time and you have the convenience of a DVD storage.
A nice tool for easy reading/recovering would be helpful.
Even if you had a box with 2m thick lead walls isolating your machine, if a cable for eg. power supply goes into that box, your machine might not be EMP save.
>>12298 You are confused. There's three questions on your reply: filesystems, DVD and EMP safety
>file system with scalable fault tolerance/precautions Tahoe-LAFS.
>A nice tool for easy reading/recovering would be helpful. I don't know, but optical storage has only one advantage today, that is, you don't need to trust the micro-controler firmware.
>EMP >if a cable for eg. power supply goes into that box, your machine might not be EMP save. Wrong. The EMP would just stop the conduction of the electrons through the cable temporarily, not destroy the hadware itself (unless it's a pulse so high that the copper goes to melting point). Also, you don't need lead walls, unless you want radioactivity protection. A simple aluminium faraday cage would do the job just as well.
For backup I would say: if it's offline, do a RAID setup. If it's online, use Tahoe-LAFS and distribute the HDD's on different places.
>>12299 >>12298 From what I understand most electronics are vulnerable to electromagnetic pulses. However they have to be hooked up to the grid and/or have battery power to be vulnerable and/or have some kind of active Wifi signal to be vulnerable.
Faraday cages are safe as long as the electonics are NOT hooked up/powered on in any way and are properly sealed within the conductive material so they are not physically touching their conductive surrounding. For example, if you were to Faraday cage a basic cell phone, you would need to remove the batteries from it and then wrap it up with a plastic bag or inside a little cardboard box and then put that into a conductive surrounding (such as an old trash can) and making sure the lid is closed tightly so that no RF/Wifi signal can interfere with that electronic device. Then you have properly faraday'd it.
If the electronic is old and has no battery, no wifi, and is not hooked up to the grid at all it should be safe even if it is not faraday caged. I can't see how an EMP would effect it if its completely off-grid and not activated. (IF I HAPPEN TO BE WRONG ABOUT THAT, CORRECT ME PLEASE!)
My solution is to avoid having lots of data to worry about. I can pretty much fit everything on a 500 GB USB/portable hard disk. I recently bought another such disk since my backup drive is from 2009, so I'm going to copy all files to new drive. I also backup the most critical things onto CDR. These CDs are marked by date, so it functions like a historical archive.
>>12298 You don't need any special filesystem. Use PAR2 to create the redundant data.
https://github.com/Parchive/par2cmdline By default, it only creates 5% redundancy, but you can set it to 100% if you have room.
If you use this in conjunction with bzip2 and small block sizes, you should be able to recover from almost any error. Or just avoid compression altogether, if you have the room. Of course, many files like images and videos are already compressed, so can't do much about that short of dealing only with lossless formats (I mean the originals, not by stupidly converting MP3 to FLAC or whatever).
I saw the video featuring this pic (I don't remember when it's from). But it's not that serious. You should be 2 hundreds time more concerned about US/Europe surveillance than China. Because China is doing the same mistake than communism: brute-force the problem. Western system is far better engineered: they want to destroy the "questionable" content directly in your head. They want to create an anarchic bubble of chaotic information, so complicated that the common with little time can't detached the truth from the false. Moreover, they're stopping you to do effective research, by enclosing your view into a bubble as I said, who never challenge your believe. One practical exemple, if you discovered the MK Ultra program, and other "complotist" thesis, you'll be direct to bullshit complotist theory, like Flat earth, or alien life (or other bullshit injected in the chaos of information). You'll be shamed by medias, even your families, see that there is no consequence to your act, so you'll drop the thing by yourself, or enclose you in ignorance (or view through the problem, but it takes time and books). That's a far better system, because you don't know what is the problem. In China, everything that is banned is the problem. And at least, you know there is something wrong. Here, the mass, even though they have the feeling there is a lot of bullshit, don't even have the imagination or even just time/capabilities (the bubble) to swim in the anarchic internet infos.
Who cares about camera recognition in China. It's already here. And it's pretty irrelevant. The analysis of your whole internet history, will tell pretty accurately where you're heading. You search on your local train website to make itinerary? You search about vacation places? You have your phone on you? These infos are available since a shit tone of time. Palantir (in-q-tel funded) process them.
I mean, it's like you never encountered /tech/nologies or got interested in modern surveillance.
>>11331 >look guys here I am, going through the city with IR blasters on my face blinding all those cameras all day, totally not suspicious rite >what are those handcuffs for, officer? >awww shit don't beat me I'm not a terrorist aah ah
>>11444 That doesn't work with me, since I am an anarchist (and I don't mean any political party by that name, I just value true individuality above all else). Their bullshit propaganda stands out, without even thinking about it. The patterns are pretty obvious: they try to set down "rules" to play by, try to make you think or behave in certain ways. They use the same shitty emotional tactics as in public schools to get people to conform. If you don't know wtf I'm talking about, then watch some of the videos or read the books by John Taylor Gatto.
Thought it would be worth sharing: a document from WikiLeaks explaining the tatics Russian Federal Security Service (FSB) is using to get intel. This is not new, but there's some information on how they operate (assuming WikiLeaks is trustworthy):
>Russian subscribers of mobile operators [...] expose valuable metadata, including phone and message records, device identifiers (IMEI, MAC addresses), network identifiers (IP addresses), cell tower information and much more. >The Traffic Data Mart is a system that records and monitors IP traffic for all mobile devices registered with the operator. [...] identified by IMEI/TAC, brand, model >National stacks of DPI / BigData / DataMining technologies and solutions for collection and analysis of information, as well as means of predicting social and business trends - the key to digital and financial sovereignty of the state and business in the XXI century
>>12304 SORM, what it does and general situation with surveillance/censorship in Russia is no longer secret for anons and these documents might be true, haven't checked them yet.
However, there are more than one company developing DPI and monitoring solutions in Russia, some of them publish corporate blogs, and even one of such devices got into hands of habrahabr user, revealing poor quality of your average subcontractor who usually hires a CS student for food and launders 1,5 million dollars for his work:
https://habrahabr.ru/post/282087/ https://sohabr.net/habr/post/282087/ City transport companies buy data off mobile operators to plan their routes, Yandex owns all big city taxis and is the sole provider for official bus/metro/commute train navigation apps. The fun thing, you can find all this info on habrahabr, both in corporate blogs and ordinary IT guy's blogs busting these apps shitty security and excessive datamining.
Another example, cities like Moscow have a centralized network of surveillance cameras, on roads, in apartment buildings and streets, in metro, every train and bus. It is also known that they use automatic face and walking posture recognition already for APBs. There is a website anyone can visit, register with their state ID and start snooping on people in real time.
Biggest russian "anonymous" imageboard 2ch handed itself to Mail.ru corporation in late 2016. It's pretty damn /cyber/ life here in Russia, more soykaf than schway though.
Not all network operators implement SORM properly, and sometimes it doesn't work. But most of them are bought out by state corporation Rostelecom. Mobile network operators are the worst since they clearly break the "net neutrality" principle and don't try to hide it. Limited data plans since lat year, "social networking" data plans and so on, traffic throttling aka QoS, DPI and http request filtering are in common knowledge and people are trying to bypass them. For example, simple shadowsocks is throttled by Yota operator, but when you add obfuscation and spoof headers as "vk.com", the speed goes back to advertised.
Source, this thread:
>>12309 Not really. Assange is getting more and more on in politics, I wouldn't be choked if he is now a government contractor.
Now, of course, Wikileaks is more than Assange. But I do think they use it as a weapon (governments "leaking" information purposefully, to affect economic tradings or whatever).
The people at Cryptome seem more radical, at the point that I see it as very difficult that they got corrupted by the "system power", as they would say.
Let's not forget that both Assange and Young (from Cryptome) used to be cypherpunks. And, for those who don't know, the cypherpunks was basically the most important mailing list for privacy and security computing. From there, they released PGP, the EFF, Tor and stopped multiple attempts from NSA (such as the backdoors on VPNs and the "clipper chip").