Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

4 Neutral

1 Follower

About Blaze657

  • Rank
    Rank #2

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Lecture # 11 Enroll 01/29/2020 Lecturer: Turner [18:12:19] <Turner> Today we have the theme Enroll. I will tell you what it is, where to get it, and how to use it. In my opinion - this is the easiest way to work on the thing. [18:13:12] <Turner> What is Enroll? Enroll is an ordinary SS (credit card), or debit (but for all the time I worked on Enroll’s I found only one bank that makes it possible to clear a debit) and a personal account for this card. It has its own functions that allow us to expand our capabilities. Consider them. [18:14:10] <Turner> Change Billing address Most of the banks allow you to change the billing address to the one we need (drop / client / middle) in an online account in your personal account. [18:15:26] <Turner> Why do we need this? In USA there is a system for reconciling billing addresses and shipping addresses, called AVS. You should have already learned about this from the first lectures. And in yus, most of the shops are very important in this regard. [18:16:12] <Turner> What can be the problems with different shipping’s billing’s? The shop may refuse to make your order, or will throw you checks. [18:17:01] <Turner> In order to get around this, rollks will help us. In many, it is possible to change the billing address of KX to your own. This is done very simply in your account. In the desired tab (Change Billig Adress) enter the address you need. After that, we go to the shop, and beat billing = shipping. [18:17:50] <Turner> As a rule, a shift is carried out 1-3 working days (depending on the bank, most often - 3). Weekends do not count. [18:18:37] <Turner> Remember, not all banks have such an opportunity. In some banks, there is simply no change in billing. Or it is possible with the help of dialing. [18:19:01] <Turner> Mini deposits / Mini Also, access to your personal account allows us to see mini-deposits (Mini-deposits / mini-deposits / mini-deposits). [18:19:39] <Turner> Minicabs are a micro transaction that a shop charges you. As a rule, the amount of minicar will be in the region of 1-2 dollars. This transaction serves as a verification of your card in the shop. [18:20:28] <Turner> Shop withdraws a small amount of money from you and asks you to say exactly what amount they have withdrawn from your card, or the transaction code that came with this minicar. This can be viewed in the history of the card in your account. [18:21:02] <Turner> After you entered it, then everything is Ok. The level of confidence of the shop to you is greatly increased and from the side of the shop there will be no problems with this order 99%, but this applies only to those shops for which minicars are very important. [18:21:52] <Turner> There are shops for which bill = spike is not important, the main thing for them is to ship minicars. If they have minifics verified, then with a warrant 99%, that there will be no problems. [18:22:18] <Turner> I will give you a couple of examples for a better understanding. [18:22:53] <Turner> I have a roll of some kind of bank, which displays minicars instant. [18:23:38] <Turner> I go on Steam, and drive it into a hundred bucks. Steam immediately blocks my account for a week for manual verification of this operation, or offers to accept mini-cards for verification. [18:24:30] <Turner> I am sending these minicars, Steam sends 2 mini-transactions. I go to the roll, see what two transactions came from Steam, and confirm them on Steam’e. That's it, the hold is being removed, Steam is used to the card, and then I undress this card in the same Steam without any delays and holds. [18:25:30] <Turner> The following example Skrill without a minicom allows you to deposit 140 bucks in the acc, but if I confirm the minicom, I can already deposit up to 5k there. [18:26:04] <Turner> But, I want to note in advance. Most offices a la Steam, Skrill, etc. are already overdue by rollers, and they pass certain bins / banks / cards. How to find out which one will let? Only thanks to personal experience. Or to find out from knowledgeable people (such information is not given for free). [18:26:55] <Turner> VBV / MCSC Roughly speaking, this is an Internet pin code. If he comes to the CIS in SMS, then in the US it is static, that is, one does not change. KH installs it himself. [18:27:36] <Turner> VBV (Verified by Visa) - if a VISA card. MCSC (MasterCard Secure Code) - if a MasterCard. Amex and Discover do not have this type of protection at all. [18:28:09] <Turner> Usually you can install it when driving. At the time of payment, a window pops up and asks for this code, there you can either immediately put your own one, or just reset the old one and also put your own, or install it in advance. [18:28:49] <Turner> Previously, it was possible to install VBV on the Visa website, but now this website is closed and this possibility has been transferred to some banks in your account. [18:29:46] <Turner> There is a similar one for MasterCard. I did not save it, but in our forum it can be found, more than once it was mentioned. [18:30:22] <Turner> As a result, if there is VBV in the shop and you enter it, then the shop’s confidence in you increases, which increases the success of your order. [18:30:40] <Turner> There are such shops and services that without VBV will not miss an order at all. [18:31:21] <Turner> Change phone One of the most important advantages of rolls and the last which we will consider. [18:32:00] <Turner> We all know that we can call with the substitution of the number that was indicated when buying the card / or we found in the office, but, a shop can always call back to the number from which we called. [18:33:19] <Turner> If the shop does this, then they will go to the holder, we don’t need it. Even a call from our number, which we could buy on Skype, will not save us, because now we often call the bank from the bank to verify the address, name of the holder, as well as his phone number. [18:34:20] <Turner> And if the bank says that the information does not converge, then immediately the shop cancels the transit, and the bank blocks the card. The end, we do not have a warrant, and the card is dead. [18:35:13] <Turner> In this case, the enroll will help us. Together with the billing address, we can change the phone. As a result, when a shop calls the bank, all the information provided coincides and the pack will safely go to your drop. [18:36:04] <Turner> But there is another side to the coin. Recently, many banks, with any suspicious activity on the roll, can ring KX. [18:36:55] <Turner> They will check with KX if he carried out a data change, followed by a re-release of the card and blocking the rollers. Based on this, you need to understand that changing a billing or phone can not always be successful. [18:37:45] <Turner> Where can I get it? We now know what Enroll is, the following question arises: "Where can I get it?". [18:38:27] <Turner> There are two options: Buy from us on the forum, or else pick it yourself. [18:39:33] <Turner> The first way: We go to the forum on the forum "carding offers" and buy the enroll from the seller you like, for example from me: D [18:39:58] <Turner> The second way, already more difficult, we try to roll ourselves. [18:40:43] <Turner> I can warn you in advance, maybe I’ll fart from the first time, and maybe from the fifth I won’t be able to break the card. I also want to warn that it is worth doing when there is free money. [18:41:45] <Turner> My first roll came out the first time, and then I could not make 5 cards in a row. [18:42:31] <Turner> In this case, we must know the banks that play with a minimum of information, we must buy a SS, and break through the very information to it. [18:43:37] <Turner> Different banks require different Old for enroll. [18:44:41] <Turner> They can just ask for SSN / DOB, but they can also ask for their mother’s maiden name, pin code, billing phone, answers to the backgroup of the holder, the code provided by the bank, account number, etc. . [18:45:39] <Turner> We need those that ask for SSN / DOB SSN - Holder Social Security Number DOB - date of birth of the holder [18:46:44] <Turner> We have a lot of services on the board that deal with this type of breakout, I recommend contacting the Syndicate, A.C.A.B. [18:47:34] <Turner> Next, having received ssn / dob, we go to the bank’s website and look for a link to register. Not always on the main website of the bank it is. But if you do not spend much time, then you can find it. [18:48:13] <Turner> Most often the enroll process looks the same in all banks. We enter the card details, name on the card, additional info (ssn / dob), email. If everything is fine at this stage, then we’ll be asked to choose secret questions and come up with answers to them. [18:50:02] <Turner> What could go wrong: You enter your data, but it doesn’t let you map the card, here are a few options: -Card is dead -Information is broken wrong -The card does not belong to the person who was indicated at the time of purchase, but the real holder is mom / dad / wife / husband / son -The card is not the main one, but serves only as an additional card that is tied to the main account of the husband / wife / mom / dad or someone else [18:51:00] <Turner> There have been cases, when entering data, the bank wrote that the wrong data was entered. But I was sure that the card was alive, after that I punched their relatives (wife / husband / parents) and then rolled the card. [18:51:54] <Turner> But I recommend doing this when there is experience and free money. [18:52:50] <Turner> And the last "nuisance": -The card was bundled up to you, that is, the holder has already registered a personal account We will consider this in more detail. [18:54:10] <Turner> Primary Enroll and ReRoll There are two kinds of Enroll 1. Primary - the holder has not yet made a personal account before you, and you calmly do it yourself 2. ReRoll - a personal account has already been made before you, but the bank gives you the opportunity to restore your login and password. Most often, for this you need to have the same information as with the enroll primary, sometimes we can get to the background of the holder in the form of secret questions. [18:55:03] <Turner> Also, many banks for ReRoll’a require you to specify the set Username or E-mail. In this case, there is no point in trying to restore access because the data for recovery will be sent to kx by mail. [18:56:03] <Turner> To get to Primary Enroll, I can advise you to take cards with a maximum card expiration date, that is, freshly issued cards with an exp date ** / 22 or ** / 23 [18:57:02] <Turner> The larger the exp date, the better. But not all banks work. Some banks most likely offer to register a personal account when receiving a card, and as a result, many cards of this bank are already closed. But these are isolated cases. [18:57:52] <Turner> It’s much more likely that the holder didn’t get his hands on creating a personal account. [18:58:09] <Turner> As a rule, the balance that we can use is signed - available credit. [18:58:35] <Turner> The balance that KX spent is Current Balance. [19:00:38] <Turner> I’ll tell you for those who don’t know how credit cards work. Roughly speaking, KX takes a loan from a bank, and these funds are kept on a card, not cash. Accordingly, the Current balance is that part of the loan funds that has been spent, and Available credit is how much is still available. Do not confuse these concepts! [19:02:10] <Turner> 441802 441297 441323 - these are the beans of the First National Bank of Omaha. He rolls quite easily. On this bank you can practice. It’s quite overdue and it will be difficult to drive it well into popular services. [19:02:43] <Turner> And the way the whole process goes through with me. [19:03:10] <Turner> I take bins that I know that they’re rolling around and go to the shopping center to see what is available. [19:03:26] <Turner> I select a few cards, I punch extra scs to them. [19:03:48] <Turner> When enrolling, I take my grandfather / ssh / Sox under the card holder. [19:04:07] <Turner> I go to the site and try to roll. [19:04:44] <Turner> I save all the cards that turned out to be chopped until Monday. [19:05:33] <Turner> On Monday I take Sox / ssh / grandfather already under the drop staff and change the address. [19:06:02] <Turner> Further the address changes from 1-3 working days, days off are not taken into account. [19:06:42] <Turner> After that I go to drive. Do not immediately drive the roll into a bunch of places, drive it into one shop, wait until the pack is delivered and go drive it again if the card is still alive. [19:07:32] <Turner> Regarding the euro enroll, this is a completely separate topic from the USAA rolloc. They are obtained in other ways and used for other purposes, since the billing address is not there. [19:08:41] <Turner> That's about it. Ask your questions, in 10 minutes I will begin to answer. Now is not a big smoke break. [19:15:30] <MaisWindows> If we replace the billing address on the American card, for example, with the drop address in the Russian Federation, will it be suspicious? or drop should be from usa? [19:16:33] <Turner> Yes, it will be suspicious and as far as I know none will allow you to change the billing address outside the United States. Yes, drop should in the USE. [19:16:47] <Turner> * not a single bank [19:17:11] <revolvervv81> 1. If the ss does not roll (what went wrong) - is the bank indicating the reason for the refusal in the message? Can I understand what the problem is? 2. Do I need to bury the ss during working hours? Or is it possible at any time? 3. To cover the ss, do you need a sphere or is it enough vpn? 4. Is it possible in the video, or do I need to change the email address? 5. ReRoll needs to be used very quickly, because kx knows that he has a personal account and uses it? In your personal account you can see when kx went into it? Where did the payments, in which shops? 6. Can I have a couple of examples of Banks / bins (zayuzanyh) that easily roll around to fill a hand? [19:23:39] <Turner> 1. In most cases, the bank will report a problem (incorrect data, the main kx is another person, the card is dead / unmade) 2. It is possible at any time, but preferably not during working hours kh. 3. Desirable sphere, vpn - not enough. 4. During enrol, you can put your mail. 5. ReRoll needs to be used quickly, but it can block almost instantly since a kx notification will come. In your personal account you can see the date of the last entry, and all the transes on the card. [19:24:35] <Necrolyt> Now there are many where they sell clips under NFC. Explain what is their feature? Do they have access to some kind of mobile services like apple or google? Why are they so expensive? How do they beat them at all, with a mobile or just tied a card thanks to a roll in some kind of Google account? [19:26:10] <Turner> Their feature is that they can be linked to NFC services. As for working with enrol, you will have a lecture tomorrow. [19:26:36] <Artil352> 1) how to determine which shops (services) Are minis and / or bill = spike important? 2) How much does this infa pass cost certain bin / bank / cards in Steam Skrill, etc.? 3) [19:29:48] <Turner> "Similar there is for MasterCard. I didn’t save it, but in our forum you can find it, they mentioned him more than once. "Who is there? I don’t understand. if you can repeat what it is about? MCSC? Did Doesn't KH put it? 4) "In this case, we must know the banks that roll with a minimum of information "- how to find out? 5) "There have been cases when entering data bank I wrote that the wrong data was entered. But I was sure the card was alive. " - why was sure? there are some Ways to check it for sure? 5) Is it possible to merge the entire balance from the rollers? Or how best to do? 6) Is it possible to pay from usa rolls abroad (for example, to Asia or the Middle East) under the guise of for example paying for a tour or buying software? [19:32:38] <Rarka_> How is the price of the rollers formed? As an example, you sell two rollers, both for individuals, one bank, one state, a husband and a balance difference of $ 200, but the one on which costs more money is cheaper . Rolka and BA are these different things or the same thing? [19:32:54] <Rarka_> litter by accident [19:36:31] <Turner> 1. Through trial and error. 2. Depends on who you buy from) 3. The answer in the lecture. 4. Through trial and error, or learn this information from knowledgeable people. 5. Checker, for an error during the roll indicated incorrect data. 6. If you can merge the whole balance, then merge) To merge as much as possible you need: a good system that gives a shop and a lot of luck. 7. Depends on the service in which you drive and merch. In this case, the video should have the function of removing the region of the lock. By default, many banks have a restriction on purchases abroad. [19:39:48] <Turner> Rarka_ The price is formed from the bank, the balance, from the capabilities of the bin. Rolka and BA are two different things and should not be confused) [19:44:15] <Turner> Any other questions? [19:44:48] <net23> what is the difference between rollers and ba [19:46:48] <Turner> Rolka is a card with access to an online account. A BA is a bank account with route number accounting number. Most often, a bank account can do without a physical card. [19:47:14] <Artil352> Do you have a sample clip with the region of the lock removed? [19:47:49] <Turner> I don’t shoot the lok region. Rollers with the ability to remove the region lock are. Yes [19:48:03] <Turner> Yes, you can contact and pick the right one [19:52:42] <Turner> Since there are no more questions, this concludes the lecture. Thank you all and good training)
  2. Lecture # 10 Search for shops, analysis of merchants 01/28/2020 Lecturer: Wiz (8:06:21 AM) Wiz: Hello everyone, I'm your lecturer today. (8:06:32 AM) Wiz: Please do not flood during my lecture, write down the questions and at the end of the lecture I will answer your questions. (8:07:02 AM) Wiz: The topic we're going to cover today is finding shops and what merchants are. (8:07:18 AM) Wiz: You all know what a shop is - it's an online store with goods, services or services that interest you. (8:07:35 AM) Wiz: But our lecture will be about how you can find the right shop for working with it and how to determine the merchand that processes payments on this site, find out if it suits you for work, your material and skills . (8:08:04 AM) Wiz: Merchant account - an account for accepting payments by credit card, bank or other means through an online payment on the site. (8:08:20 AM) Wiz: individuals or legal entities are registered in the merchant account to open an account, which is then used to receive payments on the Internet. (8:08:29 AM) Wiz: Do not confuse with a payment aggregator !!! (8:08:36 AM) Wiz: Now let's move on from terms to shopping. (8:08:53 AM) Wiz: Remember that just with search queries - the words you type in any search engine in the query string, for example: buy apple iphone 11, or buy macbook pro, or buy Gucci jeans. (8:09:03 AM) Wiz: You won’t be able to find the right site right away, since you have to shovel dozens or hundreds of pages. Since the front pages of search engines will always be shopping giants, like BestBuy, Amazon, Seers, etc. You can work with them, but there you need a completely different approach and experience. It’s impossible to get the first SS and hit 10k dollars, don’t try. (8:09:12 AM) Wiz: What are we going to do? (8:09:19 AM) Wiz: I’ll tell you that there are really many options. (8:09:26 AM) Wiz: Conventionally, they can be divided into two types: (8:09:32 AM) Wiz: Type # 1 is SEO optimized queries: (8:10:07 AM) Wiz: 1. You can search for shops using seo-optimization resources, one of the sites of the desired subject. Seo optimization is a set of measures for internal and external website optimization, for promoting it in search engines. Accordingly, the higher the site’s position in the search engine, the greater the traffic, and accordingly, higher-frequency queries are used to promote it. (8:10:20 AM) Wiz: For example: at the request of Gucci jeans google gives the following picture. http://prntscr.com/gpqxsz, for example, take the 5th site: http://prntscr.com/gpqxig (8:10:30 AM) Wiz: Go to the site, find any necessary category (in this case, skinny jeans) and right-click on a free field in the browser field. (8:10:47 AM) Wiz: We need the line View Page Source http://prntscr.com/gpqy48 - click on it, we get this: http://prntscr.com/gpqyez - we see, in the meta name line - registered requests for which this page is moving (8:11:17 AM) Wiz: All we have to do is compile the queries with our own and go look for it more precisely, for example: if you make such a request “clothes shop + inurl: super slim jeans” then Google will give out http://prntscr.com / gpqzqh (8:11:35 AM) Wiz: 2. Shops can also be searched through the “query operators”, which can be found in more detail here https://sites.google.com/site/tilromen/poleznoe/kak-pravilno- sostavit-poiskovoj-zapros-google, and even better to study them on SEO forums, there are a lot of interesting things to find there. (8:11:55 AM) Wiz: As an example, I’ll give the following query statement: clothes shop + inurl: e-gift - gives us a list of shops that have the phrase e-gift in the link, or “clothes totes egift” - Double quotes allow find only the expression that they contain. (8:12:02 AM) Wiz: 3. Alexa (8:12:08 AM) Wiz: A very handy tool for finding shops or what is Alexa and why is it needed? https://www.alexa.com/ (8:12:37 AM) Wiz: the Wikipedia site for all sites on the Internet, yes believe me. She conducts statistics, audits and creates reports on sites. In the paid version, you can order an audit of your site here and it will tell you what can be improved. (8:12:50 AM) Wiz: But we are interested in something else - this is the top chart of sites. Yes, as there is a top chart of songs on the radio, here on Alex, you put on a top list of sites. (8:13:00 AM) Wiz: The question is, why? (8:14:22 AM) Wiz: I’ll answer that so you can find a shop for yourself and our shops are not in the top, but somewhere in the middle or slightly lower. Since fraud is usually weaker on them, but manual checks of orders are often found, there are fewer orders, and therefore fewer fraud attempts, etc. https://www.alexa.com/topsites/category/Top/Shopping Here are the search filters, where you can select by country, the specifics of shop goods, etc. (8:15:04 AM) Wiz: 4. Search with the help of the docks (8:15:13 AM) Wiz: Units have come up with this concept, let’s take a look at the concept of roads and what it is so that we can understand how you can use it in our future work. (8:15:26 AM) Wiz: DORKI is a list of various specific queries in a search engine used in the process of (downloading from a server) site databases. (8:15:36 AM) Wiz: in other words, a request to a search engine, in response to which the system will give a list of pages of sites whose address contains this same DORC. (8:18:25 AM) Wiz: It is most often used for hacking - hacking databases using SQL injection into site databases through certain vulnerabilities of template sites or sites based on the designer, the public system. (8:18:33 AM) Wiz: Crackers use databases from so many dorks, although sometimes they squeeze all Juice (juices) from any one, information about which (a hole on the site) was bought somewhere. Special programs search for pages matching search engines in search engines and write them to a file. (8:19:34 AM) Wiz: Next, the cracker, by another program, scans the database of the received sites for vulnerabilities, as a result of which he finds a couple of (or maybe a dozen) leaky sites from which he then downloads the database (passwords from accounts, e -mail` and so on). (8:19:39 AM) Wiz: Where to get them? (8:19:48 AM) Wiz: You can do nothing complicated yourself, a lot of videos on YouTube. You can buy ready-made but do not advise. (8:20:00 AM) Wiz: Simple Request Example intext: bestblog - search for "bestblog" only in the text of the document. (8:20:35 AM) Wiz: Dorki is a certain type of vulnerability that you create, then drop the dumper in sql to merge the base with either MAIL; HASH or MAIL: PASSWORD (8:20:44 AM) Wiz: And in our case, we just use it to search for shops (8:21:00 AM) Wiz: Type No. 2 - auctions, markets, thematic forums, forums with reviews about goods and shops, etc. (8:21:57 AM) Wiz: 1. Shops can also be searched through Ebay, but not everyone has their own sites, you need to search. Just go to the product we are interested in and see the seller’s information, if it’s a shop, we’ll see that the page is usually colorful and the seller’s name is like freeshippngshoes, bestshoes, goodwatches, etc. Study carefully (8:23:33 AM) Wiz: Then we just have to drive this data into Google and go to the shop’s website, if one exists. However, it is not always possible to immediately bypass the antifraud system of the shop, it is sometimes easier to drive into ebay (but more on that in lectures on the brute of Ebay) (8:24:36 AM) Wiz: 2. Shops can also be searched through Amazon. We go to amazon.com, enter a query in the search bar, for example, SSD. We are interested in the left column http://prntscr.com/dusrr7, go down below, we need the line "Seller" and click "See More" http://prntscr.com/dussij, we will be redirected to the next page http: // prntscr. com / dust0d. (8:26:49 AM) Wiz: This page lists sellers of products in this category. It remains for us to copy their names and paste into Google, and then by analogy with the previous one. (8:26:57 AM) Wiz: 3. Shops can also be searched on thematic forums, for example: a forum for young mothers, or a fishing forum. With the right approach and SI - you will be poured a bunch of shops that you will look for a very long time on the Internet. (8:27:10 AM) Wiz: Thanks to Michelle's young mother - she suggested a great shop with expensive baby carriages and a bespontovaya antifraud system. The shop unfortunately closed, and the strollers arrived in RU) (8:27:18 AM) Wiz: Shops can be found at http://www.resellerratings.com (8:27:32 AM) Wiz: The drop down menu has store ratings. There we select browse all stores by category and from the left there will be a menu with categories. We select for example apparel and jewelry. We see "sort by" and click (8:27:54 AM) Wiz: So we’ll display the lowest rated sites on the first page. But these sites in the section of clothing and bizhi 468 pages. About 70% of them are with a zero rating and about three quarters of those 70% of shops are small, good giving. (8:28:06 AM) Wiz: Sometimes shops come across, it seems like there is no rating on this site, but in fact the store is big and the hell just sends it. (8:28:20 AM) Wiz: In fact, there are many ways to find the shops we need, with the right product, but most of the time I use these methods of work. I recommend that you experiment with query operators, as this is the fastest and most convenient way to search for shops. (8:28:35 AM) Wiz: In my experience, sometimes large stores send much better than small ones, but this is more an exception and direct hands than just luck). Trying to break through all the shops you like. (8:29:01 AM) Wiz: Sometimes there is also a scam shop, for example, I met one where Iphone 11 cost 399 bucks, so it's better not to beat the mate in such shops, they were created by our colleagues to collect the mat. (8:29:09 AM) Wiz: Carefully study the shop before driving !!! read its rules, delivery conditions, communicate with support, etc. (8:29:18 AM) Wiz: 4.Markets (8:29:26 AM) Wiz: Searching for shops on the markets is simple, you go to google or any other search engine, but still Google is a giant and many people go there. (8:29:36 AM) Wiz: First, go only from the ip of the country where you will be looking for goods. Since Google is filtering out shops by country. (8:29:56 AM) Wiz: For example: I went to google site under ip USA and enter the Xgimi Z6 request (8:30:03 AM) Wiz: http://prntscr.com/nzvz7r this is a video projector (8:30:11 AM) Wiz: We will see the following http://prntscr.com/nzvzr0 (8:30:30 AM) Wiz: You immediately see the block from the sponsors, but this is not our goal, because here there are always top shops, but above we see the Shopping tab, which is what we need. The essence of the search here is through filters, set the necessary requirements and filter out the top shops, we find the suitable option. (8:30:58 AM) Wiz: Xgimi Z6 came successfully, was ordered from one of the shops on the market. By the way, I really liked it. So go ahead, analyze and try, the main thing is to write everything down, every move. Especially at the initial stage, this is important, so you will understand what you did wrong or vice versa. (8:31:09 AM) Wiz: So we come to the second part of our lecture - what is merchandise? (8:31:20 AM) Wiz: And so again. (8:32:32 AM) Wiz: Merchant account - an account for accepting payments by credit card, bank or other means through an online payment on the site. individuals or legal entities are registered in the merchant account to open an account, which is then used to receive payments on the Internet. (8:32:40 AM) Wiz: To make it easier for you, we’ll talk about the shop, as if we were creating it for ourselves as a lego. (8:35:07 AM) Wiz: i.e. having created a site, we register our account in the payment system and get a merchant account, the system in which we are registered gives us data for our site, as a rule for the majority of the main site systems (the engines on which the site was created) there are modules (your image, some site engines You are from certain modules, you make the necessary functionality on the site) for such payment systems where you simply enter the data received from the merchant account. And now you have a full-fledged payment gateway on your site. (8:36:38 AM) Wiz: Payment Gateway - a hardware-software complex that allows you to automate the process of accepting payments online. A payment gateway is developed by a payment system that determines its specification and is responsible for its support. (8:36:46 AM) Wiz: Usually a payment gateway is divided into several parts: (8:38:05 AM) Wiz: • form of payment - a page on the seller’s website that contains an HTML form that contains a number of necessary parameters (seller’s identifier, amount and comment of payment). Having activated the form, the buyer is redirected to the payment gateway itself; (8:38:10 AM) Wiz: • payment page - a page or a set of pages on which the buyer re-sees the purchase data, he is given the opportunity to refuse the payment, log in or select certain options. The actions that must be completed to successfully complete the purchase depend entirely on the payment system; (8:38:29 AM) Wiz: • payment status pages (“Success URL” and “Fail URL”) - pages on the seller’s website to which the buyer is redirected in case of successful or unsuccessful completion of the payment process; (8:38:49 AM) Wiz: • payment result page (“Result URL”) - a page on the seller’s website that is called by the payment gateway bot regardless of the buyer’s actions (even if the buyer disconnects after payment and cannot switch to payment status page, payment result page will be called up). The payment result page accepts data on the past payment transaction and it is at this stage that the necessary changes related to this payment should be made. (8:38:59 AM) Wiz: In addition to the payment systems themselves, where you can create a merchant account, there are also intermediaries - this is an aggregator of payments, therefore at the very beginning I said do not confuse these concepts. (8:39:05 AM) Wiz: Aggregator (e-commerce) - an e-commerce company engaged in the establishment of multiple agreements with individual payment systems and service providers, as well as with telecom operators to facilitate the process of organizing payment for goods by consumers - through the Internet. (8:39:22 AM) Wiz: To determine the merch, I most often use the site http://builtwith.com/, - whoever has the opportunity can buy a subscription there for their hard-earned money, it costs 500 bucks a month, don’t even think about scraping - will not work!!! (8:39:28 AM) Wiz: The easiest ways: (8:39:37 AM) Wiz: 1) We drive the shop address into the line and on the site itself look in the payment section or in the Terms section, where the payment gateway that processes the payment should be described. (8:39:46 AM) Wiz: 2) Sometimes the merch is not shown, then you have to look for redirects in the browser http://prntscr.com/o02kzb or, at the time of filling in the details, move the cursor over the data and open the Q element inspector in Firefox or ctrl + shif + I in Google chrome and look for data or when you click pay, you monitor changes (8:39:56 AM) Wiz: 3) Sometimes you have to beat at random, this also happens. When the code is hidden by another code or functions in the code. (8:40:07 AM) Wiz: As for the Euro merchants, most often they can be seen during the checkout, that is, when you drive in a card, since most euro shops do not post information about merchandise on the initial pages. (8:40:23 AM) Wiz: Given the peculiarities of setting up the system in shops, it often happens that shops do not see the full address of the holder, but only see ZIP. Therefore, it is sometimes advisable to take a card under a mid / drop zip, and drive a beat = thorn at their address. Such shops can only be found in tests. (8:40:47 AM) Wiz: I also recommend taking a roller and punching your favorite shops in small amounts to the holder's address in order to see the movement on the map. Some shops write off money right away, some hold and / or require you to enter the code from the test transes, some write off at the time of sending the pack, so having this information, you can easily choose the mat and method of working with a specific merch (8:40:59 AM) Wiz: We’ll go over yus in detail in the next lecture, and now I’ll give examples of euro merchants: (8:41:07 AM) Wiz: 1. SagePay (Saga) - always, every shop likes different types of cards. There is no safebox for amex. SK and USU eats on reset, but not all bins. If the card is included, they are almost always sent. As for air, the same principle. (8:41:25 AM) Wiz: Stub Hub + virtual pos terminal - very often found on sites that sell tickets for various events. It’s quite difficult to drive in this merch, VBV - always, yus couldn’t cram even once, only EU. Everything is firing, right down to the color of the socks on you, but it's worth it). (8:41:34 AM) Wiz: 2. BancaSella is one of the great merchants of the WBV. With a bang yusa and yuk for dumping. There is a miracle and no war. 100% hit if the trans has passed. (8:41:45 AM) Wiz: 3. Adyen is also handsome, all countries crawl, there is no safe deposit box, the discovery is in most shops, and this is a sure round of the war. However, even with the entered card, the shop can get to the bottom. As for air / hotels - if the card is included, 100% hit. Book and tickets, keep in your pocket (8:41:56 AM) Wiz: 4. Bucharoo is a complicated Dutch merch. VBV / Seyfkey, You can drive in and you - but very rarely - rather the exception. However, there are shops with which SI is displayed, you can drive in poses or other mat. (8:42:07 AM) Wiz: 5. Wirecard - there is no VBV, as well as Amexa in fact, it eats wonderful USS, at least 3 months ago, when I tested it. It happens without the war. (8:42:13 AM) Wiz: 6. Erstes is the same Wirecard. (8:42:23 AM) Wiz: 7. SaferPay - vbv, only eu. Sometimes without VBV. (8:42:32 AM) Wiz: 8. Euro payment service - the usa mat goes well under the reset. Yuk mat eats at least 5k, without any complaints (8:42:45 AM) Wiz: 9. Zerogrey - he eats everything as before, only give the bean fresher. 99% chance that the first order will need rendering. If done well (photo and not scan) then success is guaranteed. I advise you to always open an acc in a shop, if the card survives after the first sending - squeeze the maximum from it (8:42:58 AM) Wiz: 10.PayPal and all his brothers - it’s clear here, I don’t consider, there will be separate lectures at which they will explain everything in much more detail. And of course I will touch on it in more detail in my next lecture. (8:43:24 AM) Wiz: This lecture is over, with regard to a more detailed analysis of the merchandise and a few chips for me from the merchandise, then everything will be in my next lecture - MERCEDES, creating, setting up and working with them. (8:43:34 AM) Wiz: Thank you for your attention and can you sign? if you have a question (8:43:38 AM) Wiz: I’m leaving for 10 minutes, and then I’ll start asking in order. (9:02:54 AM) Wiz: (8:52:10 AM) macpru: is it adviseable to use usa cards in eu shop? Its your question? (9:03:17 AM) Wiz: Preferably, I won’t say anything about it) But what is possible - yes. But you need to know in some merchants and where you can. And it turns out with tests. (9:04:51 AM) bloomberg7: I read in parallel the free methodology from and practically doesn’t differ in comments about various merchandises in eu, hasn’t anything really changed? (9:05:56 AM) Wiz: It’s different in that some shops die, others change merchandise all the time, but the basic approach does not change. Only sometimes it gets tougher or goes to a manual check, but it all depends on the shop (9:06:10 AM) Rarka_: is it possible to search for shops through a search engine by the name of the merch? (9:06:21 AM) Wiz: through the dorks (9:06:33 AM) Wiz: condition is written there (9:06:48 AM) Revolvervv81: Are there Euro merchas without 3dS? (you can give an example, or how to look for them) I saw on the forum that they were selling such information, is this a divorce? (9:06:55 AM) Wiz: either google via seo request, wrote out (9:07:16 AM) Wiz: Revolvervv81: Are there euro merchas without 3dS? (you can give an example, or how to look for them) I saw on the forum that they were selling such information, is this a divorce? (9:08:07 AM) Wiz: There are, but as I said, everything is constantly changing. In one month, the shop uses for example WorldPay merch, and then it was blocked there or he decided to change the merch and another (9:08:16 AM) Wiz: only with tests with a roller to do everything and from personal experience (9:08:35 AM) Wiz: And buy any info through the guarantor on the forum (9:08:44 AM) Wiz: test and then confirm (9:11:03 AM) Wiz: Speak on english please (9:11:37 AM) xevious: when searching for the site. Should i use in vm or isnt that important (9:12:31 AM) xevious: and after the search and i want to card the website, can i use the cookies from the search? (9:14:16 AM) Wiz: if you are just looking for stores, then it's not necessary, just search from the ip of that country and from the browser with the necessary language installed. if you are doing cookies for furute payment, it is necessary did from the sphere or a configured browser like as card holder (9:15:04 AM) bloomberg7: is it possible to use shops that are displayed in advertisements, for example instances, are they not very popular there? How many clothing items can be driven into examples in a shop? (9:15:04 AM) xevious: no thx (9:15:10 AM) net23: explain in detail what merch is, didn’t you understand anyway, is it like a payment system ?, like kiwi, Yandex money, etc.?, Is there anything similar in Russia? (9:15:42 AM) Wiz: Well, there are usually insta shops in Ints, not shops (9:15:52 AM) Wiz: but if they have websites, then why not (9:16:08 AM) Wiz: just roll test their merch and find out for yourself (9:16:10 AM) Wiz: Record (9:16:30 AM) Wiz: by clothing up to 1000usd (9:16:40 AM) Wiz: initially no more than 500 (9:16:48 AM) Wiz: then flair comes with experience (9:18:56 AM) Wiz: Merch is the one who accepts payments. For example, the highest level on cards is merchandise from mastercard and visa companies, below are intermediary companies whose accreditation is to accept payments from cards, that's what we are talking about (9:19:12 AM) Wiz: Kiwi and Yandex are just examples of such (9:19:22 AM) net23: ok (9:20:13 AM) Wiz: there are also aggregators, for example in Russia - a robotic cash desk that offers you to register an account with them and accept up to 20 payment methods, for%. Otia, you can register directly with poison or kiwi, etc. (9:20:59 AM) MaisWindows: What is Rolka? (9:21:14 AM) Wiz: This is a card with full access to the online bank. for instance (9:21:40 AM) Wiz: you have a card with full data on the holder, including a response to MMN or the like (9:21:57 AM) Wiz: you can go to the bank’s website and try to clear a card (9:22:04 AM) Wiz: i.e. set up an online bank (9:22:29 AM) Wiz: if it was not created before you, if it was, then you can zenrolit, i.e. recreate with the same data (9:22:47 AM) Wiz: if all goes well and all the info comes up, then you get an online bank (9:22:53 AM) Wiz: see the balance and the transes on the map (9:23:03 AM) Wiz: hence you will see what the shop did (9:23:17 AM) Wiz: deducted or only made authorization of the amount (9:23:31 AM) Wiz: or asked for minicrafts for the shipyard and asked you what (9:23:49 AM) Wiz: and you answered him, therefore your order will go through 90% (9:24:14 AM) xevious: is it better to buy hacked accounts / logs for carding the big websites or should you beter create your won one? (9:25:25 AM) Wiz: At the beginning of work, it is better to use your logs and look for shops there and try to change addresses or send them to the hold of postal shipment (9:25:46 AM) Kto-to: who pays for everything in the end? (9:26:26 AM) Kto-to: merch, bank, shop (9:26:30 AM) Wiz: How often does Holdr then submit to an unauthorized trance and he is refunded, pays the shop (9:26:45 AM) Wiz: but situations are different (9:26:54 AM) Wiz: but 80% is a shop (9:27:08 AM) Kto-to: what does an unauthorized trance mean (9:27:10 AM) Rarka_: not a lot off topic, you can change the bill in the rollers, which means the bill can be made by drop and everything is in chocolate (9:27:42 AM) Wiz: no, in most cases now you can’t change the beat in roll (9:27:51 AM) Wiz: but there are map beans that allow (9:28:00 AM) Wiz: either in the online bank, by dialing (9:28:10 AM) Wiz: Kto-to: what does an unauthorized trance mean (9:28:49 AM) Wiz: this is when a holder writes a statement to the bank that he didn’t make such a payment and the bank starts an investigation and then withdraws money from the merchandise, and the merchand hangs the debt for the shop (9:29:12 AM) Wiz: Theme for reviews, I will be grateful for your reviews If you have any questions, write to the toad (9:29:18 AM) Wiz: but better in PM (9:29:26 AM) Wiz: that's it for today, thank you all (9:29:32 AM) bloomberg7: and another important question for me, I live in Europe, is it dangerous for me to work on my eu cards? Why do you recommend testing with rollers, because you can test without enroll? (9:30:39 AM) Wiz: there’s a separate conversation, but there is always danger. You need to secure yourself maximally with the PC settings for work. Rolka I already wrote what is needed and what are the advantages, but this is in the USA. By eu rollers can rarely be created
  3. Lecture # 9 Antidetects 01/27/2020 Lecturer: Xerl [19:15:01] <Xerl> Welcome to the lecture. Today the lecture is dedicated to Antidetects. In this lecture we will talk generally about antidetects, we will analyze two popular antidetects from the forum, which are great for our work, we will understand some features and chips in working with these programs. [19:16:36] <Xerl> For those who have long been in this field, I have heard a lot about Antidetects, but for beginners who have only recently come to this area it will be useful to find out what it is all about and with what “it are eating". Antidetect is a program or a set of programs that allows you to unify your system, change various prints and parameters in order to bypass the antifraud system in stores (shops), payment systems (Paypal, Skrill, etc.), online banking, and everything else, where you want to change your identity. A huge plus of antidetects is that they allow you to use your system to work without changing it, thereby saving you valuable time. Previously, the main task of Antidetects was simply to unify the system, but now - not just to unify the system, but to make all prints and parameters natural, so that you can "merge with the rest of the crowd of users." This is very useful and necessary, for example, when working with logs. [19:18:10] <Xerl> I will explain using available examples from life how antidetect and antifraud work: in the first case, if you imagine that the FACE ID on the Iphone is an antifraud system, and to unlock it you need to show a NEW face every time, then thanks to antidetect, we can make a very, very many faces, and each time calmly and successfully pass this defense. In the second case, if you imagine that the FACE ID on the Iphone is an antifraud system, and to unlock it you need to show the same face every time, which is basically the reality on the Iphone, then we can “copy” the owner’s face and successfully bypass protection (of course knowing roughly how this “facial print” should look). [19:19:52] <Xerl> But in modern Antifraud systems, too, are not fools and the development of new protections and detections does not stand still, therefore they are improved every day and today not only the parameters and prints of the system are evaluated, but also a number of other factors. For example, in such a large Amazon store or Paypal payment system, the behavioral factor is assessed by the neural network, your IP, DNS, and your “fingerprint” on the Internet are also evaluated according to various parameters (more details below). Therefore, although the antidetect plays an important role, success lies not only in its use, but in its proper use in combination with other factors, which I indicated above. With a conscious work, analysis of your drive-ins and various tools that you use - you are doomed to success :) [19:23:15] <Xerl> https://www.youtube.com/watch?v=2PQxoQQOPpY Screenshot: http://prntscr.com/isj1yg Above, I indicated a link to a video in which you can see how many factors the Antifraud system takes into account. Look after the lecture ends and you will see that the browser plays an important role, but this role is not the only one. In the screenshot, you can see how many parameters refer to the use of the E-mail address when driving in other services. [19:24:28] <Xerl> Types of antidetects There are two types of antidetects: 1) Antidetects that allow you to replace the iron settings of your system or your virtual machine. These parameters include: information about the processor, video card, BIOS, network card, folder creation date, and system, various other devices in the system. These antidetects are needed when working with programs that are installed on your Windows. These can be poker clients, for example, PokerStars, clients of bookmakers, etc. [19:27:10] <Xerl> Examples of topical iron antidetects: A) Antidetect 2.0 by Vektor T13 - The current solution in the field of iron antidetect from Vertor_T13 for VirtualBox. The solution is fully supported by the author, as can be seen from his telegram channel. The disadvantage of this solution is that the solution is free, so you won’t get a full technical support for free, and getting into a consultation for money will still take a huge amount of time and it’s not a fact that you will still receive it. B) Aff Combine (KRAKEN PRO) is a relatively new iron antidetect for VmWare, which also includes browser-based antidetect. Recently released version 1.0. Sold on our forum for $ 1,400. The antidetect is supported by the author, there is support in Telegram, a general chat for discussing work and solving various problems. We’ll talk more about this solution today below. [19:29:52] <Xerl> 2) Anti-detectors, which allow you to change browser settings, thereby simulating any system or device. Using these anti-detectors, you can simulate any system (Windows, MAC, Linux, Android, IOS), a browser (FF, Chrome, Opera, Safari), game consoles, Smart TV, etc. These antidetects can also be of two types: 1 view: Antidetect based on a normal browser in which the extension or Addon is installed. Basically, all antidetects of this type (Antidetect 7.8, Antidetect 8, Anti-Detect from Cert, Genesis Security, Anti-Detect Ivan Iovation, AFF Combine) Here Antidetects can be divided into two more categories: A) Firefox based antidetects. This category includes: Antidetect 7.5, Good Job Anti-Detect, AFF Combine, Ivan Iovation Anti-Detect) B) Chromuim browser-based antidetects. This category includes: Antidetect from Cert, Antidetect 8, Genesis Security. Category B antidetects have a higher purchase price than the first because they require more cash investments, more knowledge to create it. [19:32:32] <Xerl> 2 KIND OF ANTI-DETECTIONS: Antidetect written on the source code of the engine. Of the examples that I know, Linken Sphere can be attributed here. It is written in the source code of Chromuim, and therefore contains a very large number of possible chips and tools. But more on this later. Examples of relevant antidetects: Cert Anti-Detect - Chromuim-based antidetect. Binds to iron, i.e. can be used only on 1 system. The author of antidetect is one of the very first developers of antidetect in general, and especially based on the Chromuim browser. Updates are stable. Sold on Verif, costs $ 5000. The most expensive antidetect available. The price of the product is unreasonably high. Each update is also paid and costs from 50 to 300 $. Even if you missed some update and didn’t take it, you will have to pay for all previous updates to get the latest version. In my opinion, taking into account the remaining antidetects on the market, a beginner should not take it. Byte Antidetect 8 - Chromuim based antidetect. This author has other products: Antidetect 5,6,7, which are developed based on the Mozilla Firefox browser. They have shown and proven themselves in due time. Antidetect 8 is not a very popular product, there are no more than 30-40 users of antidetect. Also sold in Verife, price: $ 3000 + $ 100 per month subscription fee. This antidetect does not develop very quickly, but it has some advantages: free configs, non-unique Canvas and a small number of users. More about what Canvas will be below. [19:37:37] <Xerl> Byte Anti-Detect 7 - Anti-Detect based on the Firefox physical browser. In parallel with the 8th antidetect, the 7th version of the antidetect is supported and periodically updated. The author sells it for $ 500 forever / or for $ 100 but monthly. On our forum, you can buy version 7.1 from Billy Bones. The stock price for students is $ 50. The product is completely worth the money. A good option for a beginner, especially if you take for $ 50. Configs can also be purchased immediately from the author for $ 3 from Billy Bones for $ 1 and below, without the need to fulfill any conditions. By cons, the antidetect does not replace some prints, for example, audiofingerprint, some configs require a little manual editing. Antidetect Ivan Iovation - Antidetect from a Romanian author, who appeared on the market recently. It also includes iron antidetect, but the main focus is on the browser-side blood pressure, which is why I classified it in this category. Firefox based antidetect. The price of this solution is $ 200 per month, which is quite a considerable price for a beginner. Of the minuses of this Anti-Detect: its price, the complexity of installation, it is difficult to install and even the manual is very difficult and hemorrhaging, and technical support from the author costs 99 $ / 1 DAY, plus support only in English, binding to one system. From the pluses: non-unique canvas, but only a few pieces, well, the antidetect itself is still new, unstacked in carder circles, which is a good plus. I would advise him to take it NOT for beginners, for those who do not get any kind of shops, merch from other Anti-Detects. And then, given the fact that, for example, there are only a few pieces of non-unique canvas, you won’t be able to get into a drive in one drive. [19:39:22] <Xerl> Genesis Security - this product is not quite an Anti-Detect in the usual sense. It is used for logs. Now I will explain in more detail. This product has a Genesis Market, which has a large number of bots that you can buy. The price of a bot is on average from $ 20 to $ 60. A bot can contain logs, a browser cookie, and most importantly a fingerprint of its system (Fingerprint), which from the point of view of Anti-Detect can be called a config (more on that later). Buying a bot that has access to Paypal in the logs, a browser cookie and its fingerprint, we get essentially an excellent option for working with logs, thereby increasing the chance of success, because in addition to the logs and browser cookies, we have a system imprint, thereby evoking the best trust of Antifraud systems. But from the point of view of ordinary drives, it is not very rational on average $ 30 or more dollars per 1 config. But the plus of this option is that access to the store is free, there is no monthly payment or payment in order to get there. All expenses will only be in the purchase of bots (configs) Another significant minus for a beginner in this shop is that there are no replacements. Suppose, if you take the Paypal or Amazon log or any other shop log from the forum, from the Azorult stiller or another similar solution and the LOGIN / PASSWORD is incorrect, then you will be replaced, but there are no replacements in the Genesis shop. Therefore, for beginners, there is some risk of squandering money just like that, especially not being able to work with logs. In my opinion, for those who want to go in the direction of working with logs, it is first better to practice and learn from the logs of the Azorult stiller and the like that are sold on our forum, and only then, if necessary, switch to Genesis. [19:41:38] <Xerl> Well, since we have already touched on the topic of working with logs, the best option for working with the logs of the Azorult stiller and the like is definitely Linken Sphere. Using Linken Sphere, you can quickly and conveniently import cookies into the session, quickly configure the available parameters for the log: UserAgent, resolution, timezone, language, number of cores (hardwareConcurrency), RAM (deviceMemory), video card (WebGL). And using tools such as a heater and an automatic machine, it’s quick and convenient to warm up the desired store without spending a lot of time on it. [19:42:54] <Xerl> And we go, after a long digression, to a browser antidetect corresponding to price-quality, definitely suitable for beginners, and which is worth having in our "arsenal: Linken Sphere (Sphere) - one of the most popular antidetects. It is written on the source code of the Chromuim engine. For sale on our forum. Advantages include: Excellent support, updates, no binding to the system, spoofing of all the main fingerprints, built-in functionality for working with ssh, socks and tor, own unique socks service integrated into Anti-Detect, which will appear in the near future; the ability to drive from several tabs at once, because 1 tab as one system, and you can open a lot of such tabs; built-in automator and web emulator, etc. pluses. Also, for anyone who is being trained for the first time, they will be given Linken Sphere for 1 month for free. Therefore, you will be able to evaluate this product in practice. Cons, as for a beginner, will be: a monthly subscription of $ 95 (5% lifetime discount by user BBX), a shop with configurations is unavailable, i.e. configs; if there is no PRO subscription ($ 475 for half a year), there is no way to fully configure windows.navigator settings. But the combination of parameters allows you to fully recommend it, I also use it myself. [19:44:16] <Xerl> But it’s worth immediately explaining about driving in: antidetects are not a panacea and the loot button; it is just a tool. Therefore, do not neglect driving in from VNC, Dediks, virtual machines, real systems. It happens that for some reason it goes better in one shop, with something worse, for something it makes no difference at all. So make it a rule: "In the fight against antifraud, all means are good." I think it is worth explaining right away what a config is in any antidetect and what types of configs exist. A config is a set of files or just code that contains information about the browser and the system (browser javascript parameters, WebGL parameters, font set, etc., Canvas parameters and any others.) Simply put, a config is a snapshot of the system and browser. Using configs reduces the time to configure antidetect, just took, downloaded the config, and you're almost ready to go. Configs are real and generated. Real ones are those configs that are “copied” from real systems by collecting parameters, and the generated configs are made using the generator program. The minus of the generated configs is that the parameters may be incorrect, not correspond to reality. Currently, the generated configs are in little use at all. [19:45:38] <Xerl> Very often after the lecture there are questions about what Canvas, WebGL, WebRTC are. Therefore, I will immediately explain this with the simplest option that I have found for all time, so that each person can understand what it is and what it is eaten with. Canvas is a technology that is used to render the visual elements of web pages. Before 2006, when surfing the web to display a web page, the server had to transfer visual elements of the site to our PC - graphics, tables, etc., which heavily loaded the communication channel (remember the speed of that time) or we had to use Macromedia Flash, to watch a video, or play simple games. But then came Canvas, which is based on JavaScript and now the site does not transmit ready-made elements, but simply shows us the text of the script, which is not executed on the server, but ON OUR PC using our browser and our hardware. Speed increased, server load decreased, opportunities expanded. Canvas refers to 2D graphics. So, systems, depending on various parameters, render elements differently. This allows you to create a fingerprint, as well as determine which browser and OC it belongs to. [19:47:19] <Xerl> WebGL is a 3D building technology and this technology is based on the OpenGL accelerator, and to be more precise, on OpenGL ES. WebGL works like this - The website transfers javascript code to our PC, which is processed by our browser in two modes: 1. Software Acceleration 2. Hardware acceleration Since javascript is run only on the user's PC, the above accelerators will not be used from the server, but from our regular desktop or home PC. The algorithm is as follows: 1. Peaks are formed 2. Vertex shaders are formed 3. Between the vertices, lines are drawn and the shape of the image appears 4. Add geometry 5. Pixels are formed 6. Pixels are filled with color (Pixel shader) 7. Effects are added (smoothing, transparency, etc.) And that’s it - the picture is ready. For the user, this will take an instant, but the number of operations that will be carried out is simply colossal and hundreds of different graphic parameters take part in all this. This picture and a set of parameters allows you to create a print. [19:48:32] <Xerl> WebRTC is a technology that allows you to transfer audio and video streaming data between browsers and mobile applications. Thanks to WebRTC, user browsers can transfer data to each other directly. WebRTC does not need a separate server that stores and processes data. All data is processed directly by the browsers and mobile applications of end users. The danger of WebRTC technology lies in determining your real IP address. Since the connection is direct with another user, browser, website or mobile application, the network settings are ignored. To create audio and video communications, browsers must exchange external and local IP addresses. Therefore, despite the VPN, TOR is determined by the real IP address. If you use tunnels or socks, then WebRTC will be able to determine your real IP address for the proxy or the IP address of the VPN server if you use the VPN + tunnel / toe chain. [19:49:57] <Xerl> Any antidetect can and should be used for its anonymity and security in your chain. This, of course, is not a panacea, but I highly recommend adding an antidetect, at least the Sphere, to your security chain. Tips for securing your security with antidetects: First, use different configs on different sites. On one, let's say Windows OC, on another OC Linux. Secondly, periodically change these configs. Thirdly, store the software itself on an encrypted flash drive or hard drive or container. For Linken Sphere antidetector (Scope), you can add: A) Keep the password in your head in order to avoid the possibility of a third party logging into your antidetect account and receiving your configuration, history, cookies. B) Use in the TOR connection chain. [19:51:24] <Xerl> The Sphere is a free product from Linken Sphere developers. The advantages of this solution, even in contrast to Antidetects, are that: 1) The product is completely free. 2) The product does not have server bindings, hardware bindings, therefore, it can be used wherever you want 3) The product does not require installation, it is Portable, this is a huge plus in that it is convenient to transfer between systems, convenient to place on an encrypted container, flash drive, disk, and there will be no installation traces to all this. 4) The information about the sessions in this decision is also encrypted, which, if received by third parties, makes it impossible to use. 5) The product has all the necessary substitutions in its arsenal. [19:52:54] <Xerl> AFF Combine We pass to the main part of the lecture and consider two antidetects. One iron antidetect - AFF Combine, which combines browser antidetect and Linken Sphere - one of the best browser antidetects. For all questions about AFF Combine, by the way, you can always contact me in the LAN or Jabber or support, which will solve the problems with installation, with the configuration and configuration of antidetect. Telegram: @AFF_Combine This antidetect consists of two parts. We will analyze each part in detail: what, why, and why. So, after installation, open the first part of the antidetect. Run the file "clc.exe". Screenshot: https://prnt.sc/lu5yao [19:53:53] <Xerl> Press the “Connect” button and your personal copy of the antidetect will be authorized on the server and is fully ready to work. Screenshot: https://prnt.sc/lua3ps We will analyze in detail all the possible settings. 1 area shows which version of VMware is needed for the full operation of the iron antidetect. To put, of course, only this version. If you click on this inscription, a link will open for downloading Wmware of the desired version. A detailed step-by-step manual for installing a virtual machine on Windows 10 is attached to this antidetect. The Session Quality area under the number 10 shows the connection quality of your antidetect with the authorization server, and if authorization is successful, it is displayed that the connection to the server is successful: “connected” [19:55:09] <Xerl> We pass to the following area: "My Tools" The Share button allows you to make a shared folder for all physical devices and virtual machines. The feature is needed for quick and convenient transfer of files and folders, for example, to your virtual machines. To copy folders you need to use archives. Button 2 "Syscheck" shows your version of VMware, if it does not match the version you need. When it matches, it shows that everything is “SYSTEM OK” Button 3 “DNS LP” (DNS Leak Protection) is a useful feature for Windows 10. The fact is that in addition to the DNS server, which you specified in your system or system to drive in, Windows 7, 8.10 still sends everything to all in parallel known to the server system, but uses the response from the server from which information arrived faster. Those. it may not be the DNS server that is specified in the configuration. Therefore, the inclusion of this function is simply necessary for driving and for safety. Button 4 "Connect / Disconnect" just allows you to connect to the antidetect server for work or vice versa to disconnect from it. [19:56:43] <Xerl> The next area of "VMware" refers to the iron antidetect, just in this area you can select the components of your virtual machine on VmWare. Button 5 “Select graphics adapter” allows you to select the video card of your virtual machine from the drop-down list. There are video cards Nvidia, AMD, Intel (Only 5 pieces). I’ll clarify that the system does not just install the name of the video card and driver. Drivers for video cards will soon be available, and therefore, by installing various drivers, the uniqueness of the video card will be even greater, plus Canvas and WebGL will have a different fingerprint when installing different drivers. Button 6 “Select mainboard / chipset” allows you to select the motherboard of your virtual machine from the drop-down list (the motherboard is emulated). There are 8 Intel and AMD motherboards. After selecting the motherboard, the processor family is automatically selected, button 7 "Select CPU family". There is an opportunity to choose it yourself. There are 9 processors in total. [19:57:47] <Xerl> Button 7 "Select network vendor" allows you to select the MAC Address for the virtual machine from the drop-down list under the manufacturer. Only 15 manufacturers. Example: “D-Link, Asus, Apple, TP-link, etc.” Button 8 “Select network vendor” allows you to select your processor ID from the drop-down list. This feature is not for beginners, and is not yet available at all. This whole area makes it possible to obtain various real virtual systems: with different video cards, processors, network equipment and use them in turn or simultaneously, if the system requirements of your PC allow this. [19:58:47] <Xerl> The “Network” area (number 11) corresponds to the quality of the Internet connection and allows you to make some interesting points. Network Latency Tx / Rx allows you to add latency to receive (Rx) and send data (Tx) in milliseconds. Net packets loss Tx / Rx allows you to specify in percentage how much data will be lost when transmitting or receiving packets. In order for this to work, you need to click the switch from OFF to ON. Why is this even necessary? This allows you to emulate bad internet. Suppose if the Internet with 2G or even 3G, with a bad signal, with bad weather, there will be delays, roughly speaking, as in games there will be high ping, and some amount of data may be lost, again the analogy with games when the Internet “lags” . In conventional devices, this can also be, especially if the Internet is via a USB modem or through a DSL connection or via a satellite dish. [19:58:57] <Xerl> And the last area (number 12) is just the final one, in this part of the program. It allows you to just patch the Vmware program itself, so that the iron antidetect works (Patch VMware), and patch your virtual machines with the settings that you specify in the VMware area (numbers 5,6,7,8,9). [20:00:05] <Xerl> The first part of the antidetect was sorted out; we pass to the second. The second part also contains iron and browser antidetect. The second part can be used, like on those virtual machines that we created and patched (the first part of the program), and simply as a browser antidetect on your main system. Screenshot: https://prnt.sc/lw4ulz [20:01:02] <Xerl> 1) Button for switching between browser antidetect WEB (Firefox) and iron OS (Windows) 2) This area is intended to add a list of sites that will open when the antidetect is launched. “+” Adds the site, “-” deletes. 3) Button to create a new configuration. 4) Button to save the configuration. [20:02:06] <Xerl> 5) A button that allows you to select and load your configurations for work. When loading a configuration, the name of your configuration will be displayed instead of “Add or Open Config”. 6) Button for launching browser antidetect in private mode. This mode does not save browser history, cookies, search history, temporary files. 7) Button to launch the browser antidetect. [20:03:46] <Xerl> Go to the "Network ID" area. Screenshot: https://prnt.sc/lw6hd2 1) DNS Leak Protection - the same feature as in the first part of the program. If you use the second part of the program on the basis, then the second time it makes no sense to cut. If you are using a virtual machine, then you must enable it. 2) DPI Protection. The Deep Packet Inspection (abbreviated DPI) system performs an in-depth analysis of all packets passing through it and allows you to filter traffic by its contents. Enabling this feature allows you to bypass DPI systems and complicate your security surveillance. More details about this system: https://habr.com/post/111054/ (read at your leisure) 3) Allows you to select a network adapter to replace the MAC address. 4) Actually the substitution of the MAC address. The dice button makes this parameter random, random. You can also manually select the manufacturer (D-Link, Asus, Apple, TP-link, etc.). The Set New button sets the MAC address for the adapter. “Test eth ..” checks for MAC address spoofing. [20:05:50] <Xerl> Next area is HW ID's.Screenshot: https://prnt.sc/lw6i4y This area is responsible for replacing the processor in your system. From the drop-down list, you can select various processors for installation, you can manually specify the processor. The “Set” button sets the processor override. You can choose between Intel and AMD processors, set the processor frequency. [20:06:46] <Xerl> And the main area of the iron antidetect: "Windows ID". Screenshot: https://prnt.sc/lw72qf We will quickly analyze the main parameters. Let me remind you that dice makes this parameter random, random "SET ALL" - this button sets all the parameters from this area at once. [20:07:48] <Xerl> Owner (UName) - this parameter sets the username in OC. Company - this parameter sets the company name in OC. This field may be empty. Product name - this parameter sets the version of the Windows system and its number. Example: Windows 10 Pro Edition - this option also applies to the system version. Example: "Home", "Professional", "Enteprise" System build - this option sets the BUILD build of your system. You can view it by opening "All Programs" -> "Accessories" -> "Utilities" -> "System Information". [20:08:41] <Xerl> Windows ID / IE ID / MPID - this parameter sets the activation key of your operating system, the unique ID of Internet Explorer and Mediaplayer. Install Date - these parameters set the date and time of installing your OC on your system. Windows / Program Files dirs creation date / time - these parameters specify the date and time the Program Files folder was created in your OC. And the parameters of area “A” in the screenshot set the version and build number of your OC (a similar parameter of System Build), the version of the kernel. [20:09:51] <Xerl> We pass to the first part of the program - WEB (Firefox), i.e. browser antidetect. Let's start with the proxy section. Screenshot: https://prnt.sc/lw9tuj [20:12:13] <Xerl> This section allows you to connect Socks, Http, FTP, SSL Proxy and TOR. To enable TOR, you just need to click the inscription “Tor” in the upper right corner of this section. To work with us, it’s enough to use two modes: Socks and SSH. To connect, we use the IP: Port format, example: “”. If Socks / SSH has a Login: Password, then we use the section with the built-in Proxyfier. (Screenshot: http://prntscr.com/lw9w56). Just fill in IP, PORT, Login, Password and click the ">" button After successfully adding Proxy, you can check the IP using the MaxMind database. To do this, click on the picture “MaxMind” in the upper right corner, and after a few seconds in this section you will see all the necessary information by IP address. (Screenshot: http://prntscr.com/lw9xzi). We pay attention to two parameters: 1) No proxy - this parameter shows whether your IP is defined as a proxy. 2) Low - this parameter displays the level of IP “spam” on MaxMind databases (The smaller the better). The “Auto TZ” checkbox allows you to automatically set the Timezone in the system (time). [20:14:31] <Xerl> Configs Section (Screenshot: http://prntscr.com/lwa0jg). In this section, it will be possible to purchase paid configs. The main feature compared to other antidetects will be that configs will contain cookies, history of visits, logged in social networks. This, firstly, reduces our time for warming up and downloading the session, we don’t need to go to different sites and spend time on it, and secondly, logged in accounts from the side of the Antifraud shop can give us some confidence, and, therefore, the chances of a successful driving in may be higher. [20:16:04] <Xerl> Go to the next section. (Screenshot: https://prnt.sc/lwa57l) This section allows you to set the parameter UserAgent'a and language (Languages). For better traffic it is better to use user agents of the latest versions of Firefox browser. As for the language, the last parameter shows the coefficient of the preferred language from 0.1 to 0.9. Betting is best from 0.5 to 0.8. At the end, you need to click to switch to "ON" for the substitution to work. [20:17:18] <Xerl> We pass to substitutions of Canvas, WebGL and Audio. (Screenshot: http://prntscr.com/lwag5h). To generate the fingerprint data, you only need to click the "Generate" button. The slider controls the uniqueness of these prints. Without the need to move in a big direction is not worth it. Also in this section you can change the parameter responsible for the video card in WebGL (Unmasked Renderer). [20:18:17] <Xerl> The next section is related to fonts. Screenshot: https://prnt.sc/lwm3hm Checkbox Font FP - responsible for replacing the print of fonts. Under it is just a field with a random fingerprint generator. DF (Document Font) - a check mark is responsible for using document fonts / external CSS fonts in the browser. The “Use legible fonts” checkbox is responsible for using standard fonts in the browser, below you can specify and use non-standard fonts. [20:19:15] <Xerl> Section BOM | DOM. Screenshot: http://prntscr.com/lwmauw This section already refers to the config parameters. Without a strong need to touch them is not worth it. Actually what can be edited here? BuildID version of Firefox, there is the possibility to pre-warn it, the capacity of Windows (32-bit or 64-bit), the number of cores in the processor (most popular values: 2,4,8), the version of Windows (XP, 7,8, 8.1, 10) . [20:21:06] <Xerl> And the last interesting section is the "options". Screenshot: https://prnt.sc/lwmwn9 The most necessary parameters for work: Flash - this checkbox enables or disables Flash in your browser. It is better not to use Flash without the need. Plugin scan - this checkbox allows you to enable or disable the ability of sites to see your browser plug-ins. Be sure to include. WebGL - this checkbox enables or disables WebGL. Be sure to include. JSP Fingerprint - this checkmark includes the ability to get a unique fingerprint browser through the speed of video rendering and errors in the process. Better turn it on. [20:23:10] <Xerl> WebRTC - this checkbox enables or disables WebRTC. ClearRTC - this checkmark also applies to WebRTC and is associated with the display of external and internal. IP addresses Better turn it on. Unlinkable - a parameter for security, it is better not to use it for work. In a nutshell: the parameter prevents the site from seeing Cookies and other data in the browser of other sites, only those related to this site. Keyb.FP - this checkbox enables or disables the ability of the site to receive the fingerprint of your keyboard. Better turn it on. [20:24:58] <Xerl> And we move on to the Linken Sphere browser antidetect. For all questions, you can always, by the way, turn to a support service that will solve installation problems and launch a browser. Telegram: @devtnbrs So, I open the antidetect, enter the login / password. First of all, open the general browser settings. They are in the “Edit” tab, then from the drop-down list we find “Preferences”. Screenshot: https://prnt.sc/lkaf5p [20:26:21] <Xerl> You can read about all the settings and all points of the sphere in the documentation, but in the screenshot I highlighted all the most important and necessary settings for a beginner. 1. This parameter sets the default site, which will open after creating the session. You can install any checker, for example f.vision, whoer.net or the search engine Google, Yandex, Yahoo, or any site in general, which you may think of. 2. This parameter sets the default search engine, ie What kind of search engine will the search go through if you enter in the address bar of the browser. 3. This parameter sets the physical screen size. It is best to put it under the config, i.e. if in the config 1920 by 1080, then in this parameter we set the same values. A very important parameter, it is best to put it every time under the session (config). 4. This parameter sets the substitution of the system time. You can choose two options: either using Javascript, or the system time will change. Choose 2 option (system time). [20:28:16] <Xerl> 5. This parameter sets whether to use TOR during authorization in anti-detection. Check the box necessarily 6. This parameter sets whether or not to save the password for your account at login. For security, it is better to disable this checkbox. 7. This option allows you to close ports in Web Sockets. Web sockets is a protocol for messaging between a browser and a web server. Simply put, a site can check your open / closed Web Sockets ports. 8. This parameter allows you to enable / disable GPU acceleration in the browser. Simply put, if this function is enabled, then drawing elements and windows is faster. If possible, it is better to enable this item, but if the browser crashes, stops working after that, then it is better to disable this item. The remaining parameters are directed more than any little thing, and do not greatly affect the work, so you can read about them in the documentation. Now let's move on to setting up the sessions themselves in the browser, in other words - configs. In more detail about free and paid configs in this anti-detection and work options we will analyze at the end of the lecture. [20:29:34] <Xerl> So, let's start by parsing the first area. (Screenshot: https://prnt.sc/lkak5t) [20:29:38] <Xerl> 1. This parameter allows you to select a session from the list. 2. This parameter is needed to create a new session. To do this, enter the session name in this field. 3. This parameter allows you to write a note for the session. It is useful to indicate all the necessary information about the session, for example, about IP, open ports, whether driving from the session is successful or not, other features. Very useful feature. In order not to get confused in the sessions and to simplify your life for driving analysis, I advise you to indicate all the useful information in this field: Proxy Score, Risk Score, which shops were driven in, which method used the map, the result of driving, etc. 4. This parameter sets the session color in the browser. It is useful to use in order to make it more convenient not to get confused in them. [20:31:56] <Xerl> 5. This parameter allows you to completely print the session and, if necessary, not copy the canvas, fonts, rect, audiofingerprint prints. 6. This parameter is needed in order to rename the session. 7. This parameter allows you to enable / disable WebGL rendering using the resources of the video card. Disable only if the video card is weak or not at all, such as, for example, on remote servers. 8,9,10. These parameters allow you to enable / disable HTML 5 Storage, paragraph 9 - allows you to save data and use it even after the browser is rebooted, paragraph 10 - allows you to save and use data using the IndexedDB standard for storing large structured data. What you need to know: to drive them, it is better to turn them on, and if the session is for security, it is better to disconnect. [20:33:13] <Xerl> Go to the next area, i.e. section. (Screenshot: http://prntscr.com/lkb5e2) [20:34:37] <Xerl> 1. This parameter allows you to enable or disable Canvas spoofing. What is Canvas I explained above. This substitution uniqueizes Canvas, thereby changing this print. The only minus of all antidetects is that the uniqueness of Canvas becomes 100%, and the uniqueness of a real system is about 99% with something. Therefore, you can periodically disable this option if there is a suspicion that because of this, antifraud may not skip driving. 2. This parameter allows you to enable or disable the substitution of Audio fingerprint. The audio footprint in 2019 is no longer as rare as before; It has gained great popularity in antifraud systems recently. Website where you can check the audio print: https://audiofingerprint.openwpm.com/ Antidetect replaces 4 parameters: Fingerprint using DynamicsCompressor (sum of buffer values), Fingerprint using DynamicsCompressor (hash of full buffer), Fingerprint using OscillatorNode, Fingerprint using hybrid of OscillatorNode / DynamicsCompressor method [20:36:22] <Xerl> 3. This parameter allows you to enable or disable font substitution. Detect appeared a long time ago, is used everywhere. A special plus of the sphere is that you can not only replace the fingerprint, but also use any list of fonts or create your own. The site where you can check the font print: https://browserleaks.com/fonts (two “Fingerprint” parameters) 4. This parameter allows you to enable or disable the substitution of the browser coordinate system (rects). The getClientRects element allows you to get the exact position and pixel size of the desired element, and depending on the system, and more precisely on the system screen resolution, fonts and many other parameters, the results will be different. This detection also appeared a very long time ago and is highly popular. The site where you can check the fingerprint of rects: https://browserleaks.com/rects (Parameter: "Full Hash") 5. This option allows you to enable or disable the use of random plugins. It makes sense to use in free configs or if there are no plugins in the config. But it is best to prescribe them manually if necessary. [20:37:29] <Xerl> 6. This parameter allows you to enable or disable the storage and encryption of cookies. For your safety, the Must Have item. 7. This option allows you to enable or disable Flash. Flash technology is already obsolete, so in 2019 there is nothing suspicious about the fact that Flash is turned off. For many, it is no longer installed in the system at all. Include only when absolutely necessary. 8. This option allows you to enable or disable fingerprint uniqueization. Those. when you start the session every time they will be new. For security, you can completely use it, for driving in it is absolutely not worth using. 9. This parameter allows you to specify which fingerprints to unify (Canvas, Audio, Plugins, Rects, WebGL, Fonts, Media Devices). This parameter is closely related to the previous one. 10. This parameter blocks the output of the Canvas hash. There is no need to use the parameter. A practical effect on driving has not been noticed. [20:39:41] <Xerl> Let's move on to the next area. (Screenshot: http://prntscr.com/lkazhi) [20:40:59] <Xerl> 1. Select the type of connection. Now I will indicate the most necessary and describe them. No proxy - this type of connection involves the use of your Internet connection, i.e. as if using the most normal browser. It is necessary if you need to use Proxyfier and other programs to use Socks / SSH. But if you use these programs, then a huge plus of the sphere is “killed” in that you can use different sessions at the same time with different socks or SSH tunnels. The only option when at least it might be wise to use this type of connection is if you have a configured router in which it is possible to connect a sock or SSH tunnel, for example, a router from Sedoy. Tor - this type of connection is an excellent option for surfing sites, i.e. for use in the security chain, which I talked about at the beginning of the lecture. Socks, SSH Tunnel - these two types of connection are the basis for working with this product. These modes should be used for driving. For each session, you can configure different socks or SSH tunnels and use all the tabs (sessions) at the same time, i.e. work like a machine gun not from one session, but immediately from 3 or 5 or even more. [20:42:45] <Xerl> 2. Area for specifying SOCKS / SSH and port. Input Example: 3. This item disables Local IP in WebRTC. 4. This area is responsible for the Login / Password in Socks / SSH. If you have a Socks or SSH tunnel has a username / password, then you must definitely enter them in this area, if they are not there, just leave the fields empty. 5. This checkbox enables / disables WebRTC spoofing. If you disable the spoofing, your real WebRTC will be used. [20:44:12] <Xerl> 5. This checkbox enables / disables WebRTC spoofing. If you disable the spoofing, your real WebRTC will be used. 6. This checkbox is responsible for External IP WebRTC. The IP of the External WebRTC should match your IP Sock or SSH tunnel. The checkbox must be disabled if the IP connection is different from the IP that we get “on the output”. The output IP, by the way, is usually indicated in the history of the service where you take socks, for example in Faceless or Luxsocks. 7. This checkbox enables IPv6 spoofing. Use only if the IPv6 Leak Test item is leaking IP address on your system at the https://browserleaks.com/ip checker. Otherwise, do not include. 8. This checkbox completely disables WebRTC in the session. I clarify that it is WebRTC itself, and not its substitution. [20:45:12] <Xerl> 9. This feature allows you to install the DNS server manually. When you click the Check DNS button, its validity is checked. It must be used for security, as well as for driving if the DNS country of your Socks or SSH tunnel is different. This parameter is very important, since there are often SSH tunnels or Socks that show the DNS of another country, or your own DNS system (this is what happens by default if this field is empty and the Socks or SSH tunnel does not have its own parameter) , and you catch cancellations due to suspicious activity. 10. Button, which greatly simplifies the work. When you click on it, it checks the validity of the Socks / SSH tunnel and automatically sets the geolocation, session language, time zone, external WebRTC. [20:47:38] <Xerl> Let's move on to the next area. Screenshot: http://prntscr.com/lkan72 [20:48:05] <Xerl> 1. This section is associated with a UserAgent. In it, you can control UserAgents, i.e. add, edit or delete. The “Chrome”, “Safari”, “MSIE”, “Other” buttons allow you to quickly select UserAgent by browser type. The “Regenerate configure after useragent change” item allows you to change session parameters after changing the UserAgent 2. This section is responsible for the language of the session. Manually registering it is not necessary, it is easier to click the “Check proxy / geo” button and the language will be installed automatically under the country of the Socks / SSH tunnel. 3. This function allows you to block pop-ups on sites in the session, prohibits the creation of pop-ups. Use only if it is really necessary. [20:50:07] <Xerl> 4. This function should not be included unnecessarily. Simply put, you should enable it then, the site is loading crookedly or is not fully functional. 5. This feature blocks the entry of Russian characters on the site when driving. It’s useful to include, because in which case it does not allow you to enter Russian characters when driving. To enter Russian characters in the URL, of course, this feature does not work. [20:51:21] <Xerl> Let's move on to the next area. Screenshot: http://prntscr.com/lkat45 [20:52:07] <Xerl> 1. Config manager - free configurations for the sphere. At the moment there are more than 60,000. The downside is that they can be used by all active users, and the selection happens randomly. You can only choose the type of browser and OC when downloading a free config. 2. WebGL Parameters. I already talked about what WebGL is above, this section just allows you to configure all the parameters of WebGL 1 Version and WebGL 2 Versions or disable it completely if necessary. 3. Section "Advanced Settings". One of the most interesting and important sections of the field for me. In it you can edit most of the parameters, add plugins, edit HTTP headers. [20:53:23] <Xerl> 4. A set of Fonts. In this section, you can create / add or edit font names, i.e. create your own list of fonts that will see the antifraud of the shop in addition to the font print itself, which we examined above. 5. Button simulate window resolution. This function allows you to adjust your actual screen resolution to the session data. The function is necessary when working with mobile configs (Android, Iphone, as well as tablets). 6. Button simulate Touch Screen. The most necessary function when working with mobile configs. It completely simulates the operation of the Touch Screen, just like on mobile devices. 7. This parameter determines the screen length. Example: 1920 8. This parameter determines the width of the screen. Example: 1080 [20:54:59] <Xerl> The next two small areas. Screenshot: http://prntscr.com/lkapz3 1. This area is responsible for replacing the geolocation of your system. Latitude - geographical latitude, longitude - geographical longitude. 2. This area corresponds to the time zone and time. These two areas do not require manual adjustment. You just need to click the “check proxy / geo” button and the values will be set automatically under your SSH tunnel / Socks. [20:56:58] <Xerl> Let's move on to the possible options for working with this antidetect. 1. If you have access to the configshop, or you can purchase configs from someone, then take the desired config, add it to the antidetect, configure the connection to SSH / Socks, if necessary Custom DNS, configure the time zone and geo-location, fingerprints you need replace and drive forward. 2. If you don’t have access to the configshop or you don’t have anyone to get configs, then use the free configurations, which are already more than 60,000. After that, as in the first version, set up and drive forward. You can also manually adjust the necessary parameters in order to make the free configuration more unique. This can and should be done, because a considerable number of people use the built-in configs, and this can negatively affect the result. But for a beginner, they are more than suitable. It is also possible not to download a free config, but to write it yourself in a sphere from scratch, but for the first option, for the second, you need to have experience, knowledge of all parameters. [20:57:54] <Xerl> Useful tools in this Anti-Detect that you can use: 1) Antidetect has a Web Emulator - this function allows you to automatically simulate user behavior by visiting sites in automatic mode for you while you are drinking cold beer relaxing on a chair. In practice, this is necessary to warm up the store before driving, i.e. cookies are typed, a history of visits, or you can type history in the shop you are going to drive into. 2) The Anti-Detect has a function to automatically drive in text. Those. copy the text to the clipboard, press the key combination, and the antidetect imitates manual input. The function is very convenient and useful, but, despite the advanced imitation, the antifraud may not treat this function very well. Therefore, use only when more or less confident that this will not affect the success of driving. [20:58:36] <Xerl> 3) The Anti-Detector has an Automator - this is a more advanced heater that allows finer and more advanced settings for warming up shops. The downside is that to use this tool, you need to understand and study this tool well, because Writing a script for the machine is not so simple, and even few of all active users in the field can do this. [21:01:07] <Xerl> And now I will answer all your questions about antidetects or in general in our area of work. Leave feedback in your profile. Jabber for those who have questions or who personally want to chat: wirl@prv.st [21:03:16] <Serrwrtet> 1. How deep should cookies be? 2. If the Sox checker shows a location other than the Sphere’s automatic geolocation, should the parameters (longitude-latitude) be manually driven in via ZIP? 3. How relevant is the use of an “iron” antidetect in a cart? 4. Does the Sphere have an analogue of DPI Protection? [21:04:32] <Xerl> 1) If you mean how many pages to visit on the site, then FROM 2-3. 2) Better to bet on the Sox checker. 3) Someone applies, and applies in conjunction with the iron + browser 4) No [21:05:11] <bloomberg> 1) what browser antidetect would be better than linken sphere or kraken pro? 2) In what cases do I need to replace both the hardware and the browser at the same time? 3) The only minus of all antidetects is that the Canvas uniqueness becomes 100%, and the uniqueness of a real system is about 99% with something, didn’t you understand this? 4) is the sphere updated frequently, because the antifraud doesn’t doze off? 5? Is it possible to drive new or not delayed ones into free shops with free configs? 6) before driving into the shop do you need google cookies, YouTube, etc., and if so, haven't the antifraud seen that they are fresh? [21:08:09] <Xerl> 1) Browser rather Linken 2) Substitute in all cases (driving, sticking, BA, etc.). I mean, there are no special cases here. 3) If you explain in a simple way, then yes, the minus is that the canvas is too unique 4) Now not so often 5) Maybe. 6) A visit to these resources is advisable. Between the options - they are not there and they are fresh, it is better to choose the second. Moreover, this moment can be checked not by cookies [21:09:14] <macpru> 1) I have CC from phishing page already, is it advisable to buy random config for antidetect for shopping? Also do we get to learn how to get logs using Azorult stiler next lecture or soon? [21:11:11] <Xerl> if possible better use config from configshop or configure the config yourself About amazon and other lecture - i don't know. I'm only learn about Antidetects [21:11:16] <bloomberg> Is it possible to import a lot of all kinds of different cookies before each drive to show the active user, and only then fill in the cookies of the shop of interest? [21:12:29] <bloomberg> in working with logs also need a special config? [21:12:51] <Xerl> you can, I know that they did this when they take cookies and import them in several sessions. Let's just say, by cookie and visited site, detect when almost every site has a metric from Google or Facebook; I think this is the main detection. And here is how the final site will react to this - how lucky. [21:13:04] <Xerl> bloomberg: No, it's just better to adjust as much as possible to the parameters [21:16:29] <bloomberg> Do all antifrauds check the canvas? It seems that it’s easier to probably start with the logs, what can you say about this? [21:16:59] <Boat> Where can I read about AFF Combine? [21:17:22] <Xerl> in 2020 I think 95%. According to the logs, it’s easier to some extent, but the point here is in cookies, acc and not in the detection of canvas)) [21:18:56] <Boat> If that settings can be accessed? [21:19:37] <Xerl> you can [21:20:01] <bloomberg> as I understand it, it’s better to change the iron then, as you described, when you beat at the office, or poker, but they don’t give a damn what kind of processor or video card are there, because anything can be with user? [21:21:38] <Xerl> I think the main thing here is to keep track of the same, that is, The PC problem will be that there are several such passages in the system and, roughly speaking, your hardware will be "banned" [21:23:07] <Boat> Everything needs to be tried, and there questions will appear [21:24:05] <bloomberg> and you have a personal tag you gave or I did not see? [21:25:24] <revolvervv81> Thank you so much for the lecture !!! At first I was upset that you are not on the list of lecturers .... (like you are not in the Main working conference) ... The main questions will appear when we start working with the Sphere [21:25:25] <Xerl> in the PM on the forum about this) [21:25:54] <Boat> Thanks for the lecture, it was intelligible and understandable, finally I realized what Canvas, WebRTC, aWebGL are [21:25:59] <Xerl> revolvervv81: let's just say that I am now mainly connected with working with antique people, therefore it’s just a purely lecture of the Vedas
  4. Lecture # 8 Heating up the shops 01/23/2020 Lecturer: Teroza 19:15:19 - Teroza: Today I am your lecturer. 19:15:31 - Teroza: I will cover the topic of warming up shops / services / interaction with the support of the resource / SI in warming up. 19:15:42 - Teroza: The lecture will be divided into main sections: 19:15:57 - Teroza: Where to start when starting to warm up. Basic basics of warming behavior. Interaction with support of the resource you selected. Warm-up using dialing. Additional Information. 19:16:23 - Teroza: Before starting the lecture I will give a dictionary, I think you already know these definitions. 19:16:31 - Teroza: A small dictionary: Back / background - the most comprehensive information about a person, may include date of birth / SSN, car, place of residence, contact information, family information, etc. It breaks through with breakers or on popular sites - https://www.whitepages.com, peoplefinders, intelius. Driving / warrant - an online purchase in a store by entering payment information by the user. SSN- social security number - A unique nine-digit number assigned to US citizens and residents Dob - Date of birth. Cardholder / kx / holder - holder of a card / paper / bank account. Shop - shop) ss - credit card / debit card / predeyd card, etc. Pp - Paypal Ba - bank account. Pak - package with goods. Cookies - A small piece of data sent by a web server and stored on a user's computer. Whenever trying to open the page of the corresponding site, the web client sends this piece of data to the web server as part of the HTTP request. Copy paste - ctrl + c / ctrl + v (copy-paste) Antifraud is an automatic system for detecting fraudulent actions / transactions on a site. 19:17:09 - Teroza: -------------------------------------- 19:17:33 - Teroza: Section No. 1 Where to start when starting to warm up. 19:17:41 - Teroza: First of all, you need to understand: you are not a carder, you are a client, and the client is above all. 19:17:54 - Teroza: You must choose a hypothetical victim (shop / service) and prepare the material for work. I recommend that you do everything very creatively and do not spare time for this. 19:18:08 - Teroza: Getting Started Let's take Some John Franklin from Arizona as an example, you want to buy a camera on his behalf. 19:18:23 - Teroza: I recommend collecting the necessary background for the holder (at least his age and looking at his pages on social networks), use public sites like https://www.whitepages.com, peoplefinders, intelius (any working off)). 19:18:41 - Teroza: You have found the shop you need that sells canon cameras well, do not rush to go directly to your shop and add the canon to the basket. 19:18:51 - Teroza: Use the Google / Yahoo / Bing search engine and others. 19:19:07 - Teroza: Choose several shops, including yours, look at the canon you are interested in, create the appearance of interest in buying this camera. 19:19:19 - Teroza: In this article I will not explain what your email should be, I will give only brief recommendations: 19:19:30 - Teroza: use mail services that are popular in the country of the cardholder (in usa it's gmail, hotmail, yahoo, outlook) 19:19:41 - Teroza: use corporate mail if you are going to buy something specific and professional. 19:19:52 - Teroza: Some shops / services break through your mailing address for being in social networks and so on (keep this in mind) 19:20:09 - Teroza: john.franklin@gmail.com is perfect for John Franklin, try not to use numbers in the mailing address, use a dot to separate the first name / last name, if it doesn’t help, duplicate one letter in the first / last name. 19:20:36 - Teroza: Express answers to possible questions. 19:20:44 - Teroza: 1. Why do we need a back for a holder 19:20:53 - Teroza: You can always come up with a believable story for the purchase of goods and pass the necessary verification, if any. 19:21:04 - Teroza: 2. Why do you need to go into several shops and create activity there 19:21:18 - Teroza: there are two points in this, some serious platforms monitor the user’s activity and thereby level their evil control. The second reason for interacting with support, you can always ask why your store is more expensive or cheaper than in one or another, etc. 19:21:34 - Teroza: 3. Why do I need a date of birth and a correctly created mailing address? 19:21:47 - Teroza: The answer is extremely simple, some shops are not easy to enter the fields to fill in ext (date of birth), this information is made by them in the databases. A correctly created mailbox will not arouse suspicion from a fraud agent rather than johnik1337@mail.com 19:22:01 - Teroza: 4. Why is it worth using a search engine to go shopping? 19:22:18 - Teroza: Well, here the answer is extremely simple. Do you fill in additional cookies for yourself and especially those who do not use the search engine and immediately go to the site? Do you often write the full Wikipedia address in a string? Or computer? That's the same. 19:22:43 - Teroza: ------------------------------------------ ----- 19:23:01 - Teroza: Section No. 2 Basic principles of conducting a shop / service when warming up. 19:23:14 - Teroza: After completing the first stage: 19:23:24 - Teroza: Creating activity in other services with this product. Having broken back on the holder Preparing your material for work - correctly created mail, a set of necessary cookies. 19:23:36 - Teroza: The main stage of warming up the shop / service begins. 19:23:55 - Teroza: For each service or shop, the approach is significantly different from the other, somewhere it’s absolutely not worth the bother, somewhere it’s worthwhile to work hard and responsibly. 19:24:18 - Teroza: Take, for example, a store selling electronics, in your head you should remember forever, you are not a carder, but a client of this store. 19:24:38 - Teroza: first of all, any potential client climbed a certain number of shops before, in order to choose the best option for yourself, consider this. 19:24:50 - Teroza: Read the FAQ, delivery information, rules for using this service in the shop of your choice, read the contact information. 19:25:04 - Teroza: Important! 19:25:15 - Teroza: do not just click on it as if nothing had happened, but emulate an interest in buying, stop on the page 19:25:24 - Teroza: scroll through it, maybe look for something in Google that interests you. 19:25:45 - Teroza: You can subscribe to the shop newsletter, they love it very much. 19:25:57 - Teroza: Read the payment rules, think like a client and everything will work out. 19:26:17 - Teroza: Think about how, in which case to contact support. 19:26:30 - Teroza: On the shop website, go to the desired product category (do not recklessly wander around the shop / service, use your chosen product direction, is it not suspicious if a person wants to buy a camera, but watches a smart watch) 19:26:59 - Teroza: view the number of competing positions / add to your favorites the product you need, do not rush to add your product to the basket 19:27:09 - Teroza: Mandatory! 19:27:23 - Teroza: If you use the search in a shop, there can be no talk about any copy-paste! All to write only with your hands! 19:27:49 - Teroza: Go to the page of your chosen product, and follow the payment (pay as a guest or a new user is up to you / I try to pay with a guest) 19:28:14 - Teroza: Fill all the information about John with your hands in Antique. The sphere has a very convenient function. Paste Like Human Print recommend) 19:28:31 - Teroza: Mandatory for US / UK: indicate the correct billing address; this information is checked at the bank level (AVS). 19:28:46 - Teroza: You will immediately have a question - in the field a telephone number 19:29:03 - Teroza: I advise you to indicate the number of the holder, shops are rarely the first to disturb the holder / usually this action will add you a plus to antifraud. 19:29:22 - Teroza: If the holder’s phone is not there, indicate the phone under the holder’s staff / dedicated sip and so on. In extreme cases, enter the fake number, but do it at least for John’s staff in this case Arizona. 19:29:45 - Teroza: Before paying for the goods, in the shop there are often footnotes offering to get acquainted with additional information 19:30:03 - Teroza: if John familiarized it would play a plus for antifraud. Finally pay for the goods, do not forget to enter everything by hand, do not rush and be careful 19:30:14 - Teroza: Express answers to possible questions: 19:30:23 - Teroza: 1. Why can’t you copy-paste? 19:30:38 - Teroza: The answer is quite simple: the service can monitor this and no normal person can copy-paste everything) basically everything is written by hand. 19:30:50 - Teroza: 2. How long does it take to warm up a shop in this way? 19:31:02 - Teroza: It all depends on your shop / service, how secure it is, Good warming will never hurt. 19:31:24 - Teroza: 3. Why study the payment / delivery rules and other information? 19:31:35 - Teroza: This gives positive confidence points to antifraud + in the future can help when talking with support. 19:31:49 - Teroza: 4. Why not immediately open all the tabs and close? 19:32:00 - Teroza: All this is well monitored, and few people read at a speed of 10,000+ words per minute. 19:32:32 - Teroza: 5. What is the difference between warming up on the basis of the mail corp and personal? 19:33:02 - Teroza: Here the question is rather ambiguous, I use corporate mail most often to order something extraordinary (printer / coffee machine / work tool). In the case of corporate mail, I would recommend communicating more with support, asking about wholesale and so on. More on this later. 19:33:22 - Teroza: 6. Question about choosing a phone for billing / shipping 19:33:44 - Teroza: now more and more shops are monitoring this information, I recommend indicating John’s data, if you don’t have a phone, use Google’s voice, vulture, put an answering machine - they say that Hello is John, now I’m extremely busy, I’ll call you back later days, do not get sick. 19:34:01 - Teroza: 7. Which billing to indicate clearly, but which shipping 19:34:18 - Teroza: Always indicate beat = spike, the difference of these data will lead to an extensive question and unnecessary attention to the antifraud system, the only solution where you can beat this is communication with support, I'll tell you about this during the lecture. 19:34:33 - Teroza: 8. John's billing - how will I get a camera then? 19:34:49 - Teroza: This is a little beyond this lecture, but now the main solution is to stop your pack in the compartment (hold) and then pick-up it, or redirect your pack to the drop / middle (reroute) 19:35:13 - Teroza: Remember, the more time you spend on preparing a drive, the more time / money / nerves it will save you in the future. 19:35:24 - Teroza: ----------------------------------- 19:35:42 - Teroza: Section No. 3 Interaction with support of a resource of your choice. 19:36:08 - Teroza: When a deeply respected client, John Franklin added a camera to his favorites, after examining the sites of competitors and the policies of this shop, a special chapter begins - communication with support. 19:36:23 - Teroza: You must understand, for support you are a god and he prays for you. 19:36:37 - Teroza: Let's start with why contact with support is needed? 19:36:49 - Teroza: For myself, I have led several neutral stages of development. 19:37:04 - Teroza: - John Franklin does not know what delivery he will send his goods to, does he really want to secure it in the future, and there usps. 19:37:33 - Teroza: This is a fairly basic case and can be approached both at the beginning of heating and at the end. This will give a definite plus to the antifraud system and establish you already as a person in the shop. You contact the shop in the dialog box / by mail / via telephony and ask the necessary question, get the necessary answer, everything is quite simple. It is important to understand you are a person, not a robot, no copy paste inside the shop. If you write in a dialog box, you can specifically make a mistake in a difficult word, this will describe you as a person in the face of support. Communicate calmly and with interest, this is your key to victory. 19:37:50 - Teroza: - John Franklin is having difficulty deciding why he should buy it here? 19:38:19 - Teroza: Everything is just quite conditional here, write a support with a request to tell you about the advantage, is there any guarantee, why is it cheaper in your store, how fast do you deliver, etc.? You get a plus for antifraud. 19:38:41 - Teroza: - John Franklin wants to send a gift to his friend 19:39:02 - Teroza: oh this is actually not easy right now) but perhaps the key to this success is a good warm-up, preparation of material and backing, John’s task before the order is to find out the possibility of sending the goods to a friend or yourself to another address under any pretext, after it’s worth moving on to the order itself, use si engineering you were returning home (the car broke down, stopped in another state, your relative got sick and you are with him and support him, there is an abnormal heat in your state and you have moved to another one during your vacation ) 19:39:28 - Teroza: - John Franklin has difficulty paying 19:40:08 - Teroza: this item is rather unpleasant, maybe John doesn’t remember his password for vbv / 3ds, John doesn’t load the payment form and something like that - Here John must turn to support (beat John’s back) It’s advisable to start the conversation with the fact that you are fond of photography; John leads your Instagram; you have studied the selected product for a long time; you’ve got acquainted with the prices of your competitors; help with this, support can often carry mana Flax debit card to John that much easier by driving your. Support may ask you to ring, you must call to answer his questions and ask for help and you will help you) 19:40:42 - Teroza: - Well, the most classic after ordering 19:40:51 - Teroza: John wants to know information about his order. (here I think without comment, you want to know the status of your order) 19:41:05 - Teroza: ------------------------------------------ - 19:41:14 - Teroza: The negative stages of development come when it is not John who asks questions, but John asks questions) 19:41:28 - Teroza: 1. Classic development scenario - you were asked to undergo additional verification, prepare the information for the answers in this form. 19:42:15 - Teroza: Firs / midl / last name Email + telephone number Ssn (social security number) + dob (date of birth) Billing + shipping Your ss data + name of the bank that issued your card. What did you order and for what amount + order number Product number / code. For egift, they will additionally require the recipient address (name + email) 19:43:02 - Teroza: If you call yourself, everything is in your head, if a ringing rings in your place, provide all the information clearly + additional info. Be sure to give the dialer the number you want to call from. 19:43:26 - Teroza: What Options can be? 19:43:42 - Teroza: 1. You were contacted by mail and asked for additional information 19:44:05 - Teroza: It is very polite and believable to answer, take into account your response time, you should not answer at two in the afternoon in Moscow, John is probably still sleeping, Answer support at a convenient time of the day. If your support asked for documents (go, extract, etc.), it is very logical to assume that John will not have this at hand now, and you never know if he is going to work now, very politely inform the support that you are at work and can satisfy his request in the evening. When John gets home, he will certainly go to the post office and send everything that the store requires, preferably not scans, but photographs. 19:45:05 - Teroza: 2. Support asks John to contact him by mobile phone. 19:45:26 - Teroza: Get ready to remember your whole back and get more extensive, if you call yourself, very politely talk, tell me that you are fond of photography, ask why I needed to call you and the like, if you do not speak English, give this is a matter for professionals and familiarize them with the necessary back and order information. 19:45:45 - Teroza: ------------------------------------------ --- 19:45:56 - Teroza: Express answers to possible questions. 19:46:11 - Teroza: 1. How important is it to communicate with support before the warrant? 19:46:30 - Teroza: If you send to beat = spike, it all depends on the severity of this shop, often there is no need for communication, if your beat and spike are different, be sure to contact the shop. 19:46:45 - Teroza: 2. Why is it important to know which mail service this shop sends? 19:47:07 - Teroza: This is also slightly beyond the scope of this lecture, but think about your task so that Pak comes to your hands, you need to understand whether it is possible to do this with courier services that serve this shop. 19:47:24 - Teroza: 3. Why might support have questions for me? 19:47:49 - Teroza: In fact, this is the usual procedure, support can conduct a survey / find out if you are happy with everything when ordering, etc. But the main reason you overtook the jamb. 19:48:12 - Teroza: 4. What could be my mistake if the support asks to communicate with him? 19:48:28 - Teroza: Here you should think about everything from your system / IP / connection type / IP system compliance, etc., as well as how many fraud scores you score and why, you can avoid fraud speed points by doing the right preparation before driving , and a good warm-up, remember fraud glasses capture everything from your mailing address / system, before you read the rules for using this resource or not. 19:49:02 - Teroza: 5. What level of English is needed, why call and so on? 19:49:15 - Teroza: I will answer honestly - my language level is lame, I use the services of professionals, they use sip telephony and make phone calls with a number change, I advise you to always call from the phone that you indicated in your billing = shipping. 19:49:52 - Teroza: 6. What can the support ask, what should I answer, and so on? 19:50:10 - Teroza: For all this, you broke the back, let me give you a recent example, the support service of the rental service asked me to contact him, I, as a responsible settler, called him. They asked me how you found our service, why exactly us? 19:50:20 - Teroza: What college do I study in, etc.? 19:50:29 - Teroza: Asked to send a copy of ID. 19:51:02 - Teroza: I’ll tell you right away your friend’s flood, the answer to which college you study, come up with and answer in a detailed way, say I study at the college of art, study current trends in painting, graphics, sculpture, art objects, more recently I visited the Venice Biennale exhibition, I can send you a photo, it was an amazing life experience for me. Tell us more about yourself about your hobbies, ask what documents and in what form to send and follow all support orders. I wish you a lack of support questions) it’s better for you to make them a brain, and not vice versa) 19:51:19 - Teroza: ------------------------------------- 19:51:44 - Teroza: Section No. 4 Warm-up using dialing. 19:52:01 - Teroza: It’s worth starting with the fact that in many stores you can order goods by phone or get the information you need about the product. 19:52:13 - Teroza: What is the warm-up over the phone and why is it needed? 19:52:25 - Teroza: I will highlight a huge plus when warming up the shop by phone, before the warrant, before warming up the shop 19:52:42 - Teroza: on behalf of John, you call the store and are interested in basic things, about everything that I said earlier, find out about delivery / warranty, etc., say that you would like to purchase a camera. 19:52:53 - Teroza: Why should you call before the main warm-up? 19:53:05 - Teroza: Everything is very simple, your phone will already be in the system and when you indicate it, you will have a plus for antifraud! 19:53:17 - Teroza: Also, it is much more logical that the customer first calls to ask how it works, and then it will order. 19:53:29 - Teroza: Why should you call after driving in? 19:53:38 - Teroza: Everything is very simple, you as a client, want to find out whether everything went as it should, what you should do now, etc. 19:53:45 - Teroza: With this action you get + anti-fraud. 19:53:56 - Teroza: What nuances should be remembered when additional heating through the phone? 19:54:10 - Teroza: Remember that this is primarily an addition, not the main warm-up, be like a misunderstanding customer, maybe you should ask for a discount / promotional code. Speak pure English. 19:54:17 - Teroza: ---------------------------------------- 19:54:29 - Teroza: Section No. 5 Driving in with dialing. 19:55:00 - Teroza: This is a very excellent option in a shop if you are an insecure user of antique / doubt in the selection of IP / are afraid that your systems are not ideal. 19:55:26 - Teroza: It is worth using a call order, Everything is quite simple here, break at least the minimum back / create mail / select the phone from which you will call (holder / sip / gvois) 19:55:40 - Teroza: You should start by warming up by phone, support can offer you to place an order by phone now 19:55:56 - Teroza: you only need to tell what you want to buy / consult, after which you will be asked to dictate your data 19:56:17 - Teroza: (billing / shipping / contact details - email + phone number (indicate from which you are calling)) it is worth noting some shops, they may require more information in this case, keep this at hand: 19:56:39 - Teroza: Firs / midl / last name Email + telephone number Ssn (social security number) + dob (date of birth) Billing + shipping Your ss data + name of the bank that issued your card. What do you want to order, and for what amount. Product number / code. For egift, they will additionally require the recipient address (name + email) 19:56:52 - Teroza: After the received data, the support agent will manually enter your card and you will get the result of the work (up / down) 19:57:16 - Teroza: If you received a decline, do not exclude the human factor, ask the support to check the correctness of the entered data. 19:57:35 - Teroza: Express answers to possible questions. 19:57:54 - Teroza: 1. Is it mandatory to use warm-up using a telephone? 19:58:08 - Teroza: This is all very situational, for more serious shops I think this is a must-have solution, at the initial stage of the journey I recommend finding shops / services with a simpler and more understandable af. 19:58:21 - Teroza: 2. Why driving in a call, if you can do everything through the site? 19:58:33 - Teroza: There are a number of advantages af does not burn your system / you avoid 3d / vbv. 19:58:50 - Teroza: 3. What system should I call from? Can someone ring instead of me? 19:59:07 - Teroza: In order, it’s worth calling from sip telephony (naranaya example), it’s better to call with substitution for the holder’s phone, otherwise use the dedicated sip line / gvoice. 19:59:22 - Teroza: 4. What will af pay attention to with such a drive? 19:59:59 - Teroza: First of all, on the reality of your number / billing address / shipping address / your email. 20:00:28 - Teroza: ------------------------------------------ --- 20:00:53 - Teroza: Additional information and recommendations. 20:01:25 - Teroza: I recommend not immediately going into serious shops like china, apple and tp, start with something small, choose an unpopular shop with clothes, male / female cosmetics, hobby accessories and tp, fill your hand and everything will go . 20:01:45 - Teroza: Some recommendations before driving: 20:01:57 - Teroza: 1. Responsibly approach the setup of your system / without the proper system setup you can forget about success. 20:02:12 - Teroza: 2.Use adequate postal addresses + real holder phones / dedicated phones with an answering machine for the holder. 20:02:20 - Teroza: 3.Do not neglect the set of cookies. 20:02:30 - Teroza: 4.Do not make mistakes when entering information about kx - billing / shipping, etc. 20:02:42 - Teroza: 5. If you are not a confident native speaker of kh / entrust the work to professionals. 20:02:53 - Teroza: 6. When you give out the warrant for ringing, provide extensive information about the order + kx, this was discussed in the lecture. 20:03:06 - Teroza: 7. Monitor mail after driving in, always answer support and fulfill its requirements. 20:03:19 - Teroza: 8. Do not use copy paste in the shop where you want to drive. 20:03:30 - Teroza: 9. Always check the accuracy of the data you entered. 20:04:05 - Teroza: 10. To achieve success in the career, you need to work a lot) 20:04:11 - Teroza: --------------------------------------- 20:04:27 - Teroza: On this I will bring the lecture to the end, does anyone have any questions? 20:04:47 - Serrwrtet: What should I do if I corresponded with support in my non-ideal English, and then all the same I needed a dialer, which was given to the dialer, with its perfect English? Support will see the difference. 20:05:12 - Teroza: Not the fact that different one and the same support will see this 20:05:30 - Teroza: If you have imperfect English, write support with extremely simple sentences 20:05:37 - Teroza: To prevent this from being seen. 20:05:54 - revolvervv81: 1. "and there usps", - is there no possibility of reroute in this mail service? 2. Can examples of mail services that normally relate (allow) reroute? 3. “they call with the substitution of the number,” - the dialer is given a number when driven in and can he call from him by changing? 4. Driving with a dialing - can a dialer do? 20:06:25 - Teroza: 1. Usps does not revert and does not hold 20:06:34 - Teroza: 2. Ups / Fedex 20:06:56 - Teroza: 3. That's right, you give the number, and he calls with the help of substitution. 20:07:12 - Teroza: 4. Can make a call, yes, they have this service in the region of 15-20 bucks. 20:07:30 - usbnet: about the question, to contact the professionals, is there a service somewhere who will discuss it? and such a question I have with English, as it were, exactly, the answer is only if there is a difference in accent when talking with a support? 20:07:56 - Teroza: The emphasis has an important role, if you have an emphasis forget about ringing 20:08:11 - Teroza: @VeeChe @callmaker 20:08:19 - Teroza: Here are the dialers whose services I use 20:08:50 - artil352: 1) how to look for shops? example? at least a deferred site. to understand. 2) If a shop calls immediately, and you don’t boom, boom in English, what should I do? do not pick up and call back? 3) how much do you warm the shop? 1-2-3 days? 4) If the shop is not delayed, then you can drive a lot of it? Is it possible to beat one shop from one KX several times? 5) where to get photos of his documents? to order from renderers? 6) how will the dialers call from the number that I indicated? or do I need to arrange a phone number with them in advance? 7) In the Russian Federation it often happens that people do not live by registration, is it common in USA? can I go for it with personal billing and shipping address? Type I do not live by registration?) 20:09:23 - Teroza: 1. A lecture on finding shops you have had or will have. This is not my stuff) 20:09:43 - Teroza: 2. If the shop calls right away and you have poor English, give everything to it he will call back 20:10:08 - Teroza: 3. How much to warm the shop - I warm 15-30m 20:10:17 - Teroza: I see no reason to warm 1-2-3 days) 20:10:52 - Teroza: 4. You can drive a lot, why not? If you find a shop squeeze all the cream, do not sleep at night 20:11:06 - Teroza: go staff, make money 20:11:18 - Teroza: 5. you yourself answered your question) 20:11:42 - Teroza: 6. Give the numbers the numbers you want to call from and he will do everything himself. 20:12:06 - Teroza: 7. In Yus, all your places of residence are fighting in the base, no, you won’t eat it. 20:12:20 - Teroza: Does anyone else have questions? 20:14:53 - Rarka_: 20:13:42] <ShadowConsult> If we warmed up the shop and the payment failed, we throw out the account and start all over again? 20:15:22 - Teroza: <ShadowConsult> that's right 20:15:28 - Rarka_: Teroza: 20:13:42] <ShadowConsult> If we warmed up the shop and the payment failed, we throw out the account and start all over again? 20:15:29 - Teroza: I make about 20 attempts to drive in a day) 20:15:41 - Teroza: mb more 20:15:44 - Teroza: occasionally 20:16:16 - Teroza: If I did not see any questions, please forward 20:16:39 - artil352: No, just others asked you didn’t see you apparently))) 20:16:58 - artil352: and how many of 20 are successful? 20:17:14 - Rarka_: 1) If the card is decline, what to do, score, start a new personality, start over? 2) You beat the guest, because the ss shops give 5-15 minutes to check, so that if the card is decline, have time to make a refund? 3) What is the amount to start with for a trial drive into the store? 4) such a slightly abstract question about your example - how did you then use the rental service account if you started it in a strange name? 20:17:16 - Teroza: I would say 15 20:17:34 - Teroza: 1 - Score a drive into this attempt and start over 20:17:47 - bloomberg: net23: USPS is a mail service, it cannot be secured 20:17:57 - Teroza: 2 - there is no refound ss nothing to do with it, it's just easier and more convenient from a guest 20:18:05 - bloomberg: that is, change the address by dialing 20:18:07 - Teroza: 3 - I would drive up to 1000 bucks 20:18:10 - net23: what is to fix 20:18:33 - Teroza: 4 I did the bay at a percentage, pour money into the object, they pay a percentage 20:18:47 - Rarka_: through the sphere you hit or just through the portable 20:18:57 - analitik99: we have not yet reached the drive-in on the sphere?)) 20:19:06 - Rarka_: in the field I look at a lot of negative reviews that does not work lately 20:19:07 - Teroza: It's too early yet) 20:19:29 - Teroza: For the initial needs, the sphere is perfect, and then you decide 20:22:40 - Rarka_: <ShadowConsult> There is an option that you record from the screen at the moment you start driving in, etc., etc., with comments on what you are doing, so that later we can watch the recording "live", to cut off 80% of the questions? 20:23:00 - Teroza: there is no such option) 20:23:07 - Teroza: You will have a lecture by driving online 20:26:24 - Televizor: a whole section 20:28:28 - Teroza: In general, I say goodbye to you, all the success in your work 20:28:36 - Teroza: If you have any questions, ask them on the forum
  5. Lecture # 7 Drops, in the intermediaries. 01/22/2020 Lecturer: iTerry [19:16:14] <Terry> The topic of today's lecture, drops / intermediaries. [19:16:31] <Terry> My nickname is iTerry [19:16:51] <Terry> We will break the lecture into two parts. In the first I will tell about intermediaries, the second part will be devoted to drops, or rather I will tell you about everything a carder needs to know about them. [19:17:13] <Terry> Part 1 Intermediaries, otherwise they are called mail forwarders, which means transferring mail. It is clear what they are doing based on the name. [19:17:43] <Terry> The mediator will help you deliver the package from the USA, Europe and other countries to your country of residence. Many online stores do not have international delivery, which is why we have to use intermediaries. [19:17:54] <Terry> This is the main reason for using them. [19:18:14] <Terry> There are, of course, other reasons that I will tell you about in today's lecture. [19:18:33] <Terry> So, the first reason. The store does not send goods to the Russian Federation or any other CIS country. Take the same Amazon, delivery to Russia is limited by a very small amount of goods, there is no liquidation at all. [19:18:54] <Terry> That is why we use an intermediary, pay him a certain amount of dollars, he sends the parcel to your country in a way convenient for you. [19:19:01] <Terry> The second reason is consolidation. [19:19:26] <Terry> Suppose you find a store that sells goods to your country, but you understand that you need to order 3 products in a week, and delivery to your country costs $ 70 in the store [19:19:37] <Terry> At the same time, delivery to the US or the EU is free. [19:20:07] <Terry> We order goods for an intermediary within 2 weeks, the intermediary combines these goods in one package and sends it to you. The cost of delivery from an intermediary is about $ 50; total savings are about $ 300. [19:20:35] <Terry> This I'm talking about an adequate intermediary. Amounts always fluctuate around $ 50 depending on the weight and volume of the package. [19:20:50] <Terry> That's actually I think the two main reasons why people use intermediaries. [19:21:12] <Terry> Do not forget that the intermediaries were created not for us, carders, but for ordinary people who want to receive high-quality, or cheap goods from the same America. [19:21:23] <Terry> So, let's move on to the next point, this is a search for "our" intermediary. [19:21:35] <Terry> In the closed section on the forum there is a list of intermediaries around the world. You can familiarize yourself with it. [19:21:52] <Terry> https://www.sendspace.com/file/dqfm4s link to download the list of intermediaries [19:22:12] <Terry> Actually here you can find intermediaries around the world. [19:22:27] <Terry> Decided on the country in which we will work, go to the next paragraph. [19:22:45] <Terry> The first thing that we do? We go and look on the Internet for feedback on the work of this intermediary. [19:23:08] <Terry> Reviews are relatively recent, those in 2015 may not correspond to reality. [19:23:23] <Terry> I read the reviews, if, in principle, there are isolated cases of bad behavior of the intermediary, and the rest of the good reviews go to the next step. [19:23:31] <Terry> We go to the website of the intermediary and read the FAQ [19:23:42] <Terry> There may be fees for receiving, sending, storing parcels. [19:23:53] <Terry> After reading the FAQ you will have very few questions about this intermediary. [19:24:03] <Terry> The third thing to do is chat with the support team [19:24:29] <Terry> We write to them in the mail what interests us, you can even get a trivial question, the answer to which is written in the FAQ section, you need this in order to find out how efficient the intermediary is. [19:24:55] <Terry> Agree, if you have any problems with your parcels, you will want to get help from the intermediary whom you pay money as quickly as possible. [19:25:10] <Terry> Also, the response speed of a support service employee will show the speed of the intermediary. [19:25:34] <Terry> This applies to adding a delivered pack to your personal account, consolidating several products, sending speed and many other services that an intermediary can offer. [19:25:43] <Terry> When the answer came we look at the errors in the text, the form of communication. [19:26:01] <Terry> If you feel that you are talking in a boorish manner, the text is full of grammatical errors, we conclude that this is not a reliable intermediary, but Sharashkin cantor. [19:26:19] <Terry> When working with such intermediaries, you will lose packages, they will try to fuck you as much as possible, if you encounter any problems they will ignore you, or they may even send you 3 funny letters. [19:26:34] <Terry> So, the normal response time, the morning of the day after asking the question. [19:26:48] <Terry> It's good when there is an online chat and you get a consultation within 10 minutes. You can trust such an intermediary. [19:27:02] <Terry> I really like the work of the intermediary Parcel post. She is in EU and in the US. [19:27:17] <Terry> What I like doesn't mean I recommend it. They, like everyone, really do not like carbox packs. [19:27:36] <Terry> You can work with this intermediary only if the packages come to the name registered initially in the intermediary. [19:27:44] <Terry> Parcels received in American names are also not accepted. [19:28:03] <Terry> So we talked with the support service, read the reviews, we were satisfied with their storage and shipping conditions, then we begin to feel in the middle. [19:28:11] <Terry> We don’t pour there a mountain of iPhones [19:28:23] <Terry> We hit 1 phone, 1 prefix, we are waiting. [19:28:38] <Terry> The package comes, now our main task is to send the whole thing to ourselves. [19:28:57] <Terry> The first thing to do is order a product photo, unless of course the product is made from a verified store. [19:29:14] <Terry> Many people drive into ebay, and instead of a phone and playstation, a brick and a jar of shit (in the literal sense) can google, shit delivery. [19:29:33] <Terry> Shit sellers send if they burned that karzh purchase. I had one such time. [19:29:50] <Terry> A photo usually costs $ 5, we immediately see from the photo that we got a phone and a set-top box. [19:30:04] <Terry> Next, we send a request for consolidation and sending. [19:30:20] <Terry> If everyone sends without problems, we mark the intermediary as good. [19:30:38] <Terry> Next time you can send a little more stuff. [19:30:52] <Terry> The most important thing in finding your intermediary, do not think that you are a carder. You are an ordinary person who wants to use the services of mail forwarding. [19:31:04] <Terry> The next stage of the lecture, registration in the personal account of the intermediary. [19:31:22] <Terry> Intermediaries are both with a personal account, and without it. [19:31:37] <Terry> On the intermediary with a personal account, the identification of the parcel occurs according to the personal code assigned during registration. [19:31:58] <Terry> This number is usually written in the address of the intermediary, and they require that it be in the shipping address. [19:32:13] <Terry> This is a plus only for an intermediary, for us it is a huge minus [19:32:36] <Terry> The plus for the intermediary is that he can quickly track whose order it is and add it to your personal account, minus for us is that the seller sees that you are sending the parcel to the address of the intermediary. [19:32:46] <Terry> This is the first bell that you are a carder. [19:33:09] <Terry> You can try to mislead the seller, you just have to write the word Suite in front of these numbers [19:33:15] <Terry> Translated as office. [19:33:28] <Terry> And our number turns into a long office number. [19:33:51] <Terry> The intermediaries do not touch this word, and the seller cannot deny that there is such an office) [19:33:59] <Terry> Next, the second type of intermediaries that do not require registration. [19:34:21] <Terry> In this case, the identification of the pack occurs by the name of the surname in the shipping address, and all manipulations with the packs by the intermediary are made through communication with you by mail. [19:34:40] <Terry> This is basically convenient. I worked somehow in Germany, there is a mediator meest, so here our communication happened exactly there. [19:34:59] <Terry> The speed of the intermediary did not decrease from this, they also sent all the photos, track numbers and so on. [19:35:24] <Terry> It is advisable to register an intermediary not for fictitious data, but at least for a passport scan, which you can buy on the forum. [19:35:41] <Terry> Any intermediary can request a passport photo from you, this should not be a problem for you. [19:36:03] <Terry> Mostly require a front page and a registration page. take care of their availability and register and send packages to intermediaries only from scans. [19:36:14] <Terry> Also, to send packs to our country, many mediums ask for a TIN [19:36:23] <Terry> He makes his way to the bank’s tinks website. very comfortably [19:36:40] <Terry> Regarding the acceptance by the middlemen of the packs in the name of kh, there are very few of these now, it can take months to search, but you can try. [19:36:53] <Terry> For such packages, it is better to use drops. [19:37:10] <Terry> About consolidation, description of goods, additional services and filling out a declaration. [19:37:25] <Terry> Never send expensive liquid and Deshmanian clothes together. [19:37:39] <Terry> Your liquid laptop will reach and lie quietly, and slippers for 5 bucks will kill the account in the middle along with the laptop. [19:37:52] <Terry> The next reason why you do not need to send everything together is a customs clearance [19:38:11] <Terry> A pack will arrive at the customs of the Russian Federation, they will see that the laptop is expensive, they will request invoices for all goods in the pack. [19:38:22] <Terry> I think it will be hemorrhoid to draw invoices for 5 shirts, 3 pairs of socks, toothbrushes, razors, flash drives, and a laptop. [19:38:35] <Terry> We send liquid goods that are dear to you to a separate intermediary account. [19:38:55] <Terry> As soon as he came to the middle, we immediately sent to the Russian Federation. [19:39:05] <Terry> Illiquid staff can also be accumulated. [19:39:24] <Terry> How to accumulate there for 500-600 dollars, we send to the Russian Federation. [19:39:35] <Terry> Here are all sorts of nishtyaks, nice. [19:39:48] <Terry> The declaration does not need to sit down and write a brand / model of socks, flash drives, etc. [19:40:01] <Terry> We just write a flash drive, the declared value of 5 dollars [19:40:19] <Terry> Or for example iPhone, we write the same phone, and in the end you can still attribute China. [19:40:36] <Terry> immediately iPhone from 600 dollars turns into a phone for 30 [19:40:51] <Terry> It is desirable that the iphone be used or restored. customs officers are not stupid either. [19:41:13] <Terry> Do not underestimate the cost of a liquid new product, brokers at customs know best how much a certain model of product costs. [19:41:47] <Terry> So if you decide to indicate in the declaration that this is iphone 11 PRO 512 GB, then you don’t need to write him the price of 500 dollars, no one will believe you, problems will start that should be avoided. [19:41:58] <Terry> Next, about registering in the intermediary's personal account. [19:42:14] <Terry> Registration and visits to the intermediary are best done from the country where the package will go. [19:42:32] <Terry> That is, Vasya Pupkin from the Russian Federation is registered, which means we go from the IP of the Russian Federation [19:42:44] <Terry> Let's analyze the example of the meest.us intermediary [19:42:55] <Terry> They don’t give a damn where you come from, personally checked by me. [19:43:10] <Terry> But only the myst was checked for the possibility of entering through any country. [19:43:25] <Terry> It is important for them that the packs are with a number, and the name matches the name of registration and delivery in ru. [19:43:44] <Terry> As a rule, intermediaries have several addresses in the USA, almost all addresses are located in tax-free states such as New Jersey, Delaware. [19:43:53] <Terry> Purchases shipped to this state are not taxed. [19:44:04] <Terry> So, we go to the site in the middle, click to register. [19:44:21] <Terry> we fill in all the data from the purchased passport scan, we write the phone number or invented, or if there are SIM cards left then the numbers from them. [19:44:36] <Terry> We go into the account and see our address for the delivery of parcels. [19:44:49] <Terry> He will be of this kind [19:45:15] <Terry> First name Last name 600 Markley St. 107451 Port Reading, NJ 07064 [19:45:29] <Terry> The first line is clear, there will be a name a surname from a scan on which you registered. [19:45:39] <Terry> the next is street line 1 [19:45:48] <Terry> This is the primary address [19:46:04] <Terry> Next line Street line 2 [19:46:21] <Terry> These are the numbers about which I spoke long [19:46:38] <Terry> Just add a Suite in front of them [19:46:55] <Terry> And this is already becoming not so suspicious [19:47:07] <Terry> Next, we see the state city and zip code, respectively. [19:47:13] <Terry> Everything is simple here [19:47:21] <Terry> What else do we see in the broker's office [19:47:31] <Terry> There is a button to add an order. We press it when they sent us some stuff and gave the track number [19:47:39] <Terry> Add this pack to the expected [19:47:50] <Terry> This is done to speed up the processing of your package and add it to your account [19:48:05] <Terry> In principle, everything is intuitive, especially when the package arrives. They write to you all the actions that you must do. [19:48:20] <Terry> Now let's talk about the delivery options for your packages. [19:48:30] <Terry> There are 3 types of delivery [19:48:37] <Terry> By sea, air, land transport [19:48:47] <Terry> Air is the most expensive but also the fastest [19:49:21] <Terry> By sea, we send only heavy packages, such as disks to a car, and so on. It is possible to send goods not requiring urgent delivery. There are also goods that can be sent only by sea, for example perfume and alcohol. [19:49:38] <Terry> Third view of ground transportation [19:50:00] <Terry> It is usually used when shipping from a neighboring country. Faster and cheaper shipping method. Customs clearance is faster than air or sea. [19:50:12] <Terry> Shipping cost is calculated based on the weight of your package [19:50:22] <Terry> There are two kinds of package weight, volumetric weight and physical [19:50:49] <Terry> And shipping cost is usually considered from more weight [19:51:03] <Terry> Physical weight is the weight of the package when weighed [19:51:16] <Terry> Volumetric weight depends on the size of the package and is calculated by the formula: [19:51:42] <Terry> length (inc) x height (inc) x width (inc) / 139 = weight in pounds; length (cm) x width (cm) x height (cm) / 5000 (some divided by 4000) = weight in kg. [19:51:53] <Terry> You need to pay for an intermediary only with white money, or non-charge (money balance, VCC). [19:52:08] <Terry> I don’t need to ask about paper and vsc right now, you will be told about this in future training [19:52:17] <Terry> Sending on average from US 2-3 weeks [19:52:34] <Terry> During this time, the charge will arrive and there have been parcels deployed already from the office in the Russian Federation. [19:52:52] <Terry> Usually, when sending a parcel you get insurance, a completely unnecessary thing. Money and goods do not return. [19:53:04] <Terry> Next, the package was sent to ru, successfully passed customs, now it needs to be accepted [19:53:14] <Terry> There are 2 options for receiving packages [19:53:23] <Terry> For a certain person, it may be you [19:53:30] <Terry> and to any data [19:53:43] <Terry> The first option is simple, they came showed a passport, they received a package [19:53:56] <Terry> But we think about security [19:54:17] <Terry> Right now they came up with a new thing, an accelerated system for receiving packages [19:54:29] <Terry> On our forum, guys make such rooms for a fee [19:54:47] <Terry> We order the goods for a specific person, we accept SMS in the mail and you get a pack without documents. [19:54:56] <Terry> The second method is more expensive and safe. [19:55:10] <Terry> Drop services accept any data (name) of the package. [19:55:25] <Terry> In RU this service is presented by Leonxx, buysell and a couple more on the forum. [19:55:39] <Terry> The reception costs 1k, they take it from any departments to any names. [19:55:44] <Terry> is very convenient [19:55:51] <Terry> If the staff is not for your personal use [19:56:05] <Terry> Then it can be sold directly from the forwarding service on the forum, for example [19:56:11] <Terry> if for personal then [19:56:17] <Terry> the cost of delivery to the regions in the daytime is not more than 500 rubles [19:56:23] <Terry> for 1500 you feel any kind of security [19:56:35] <Terry> You can accept goods from a courier from a courier for any scan printed with your face. [19:56:47] <Terry> In any place they phoned the brother by courier and took the pack at the entrance of the left house showing a copy of the left's passport. [19:57:04] <Terry> About the intermediaries, now just a little bit about drops, we have a smoke and I will answer your questions. [19:57:46] <Terry> drops are ordinary people who accept your packs. Drops are of 2 types: adjustable and non-adjustable. [19:58:36] <Terry> Drop drops are drops that don’t know they accept the package. There is always the possibility of missing a drop with packages. Such drops are sought for example on job sites or similar offices. Usually, expensive packs are not sent to such drops. The life of such drops is 10-15 days. The cost of accepting packages by such drops is usually 20-50 bucks. [19:59:04] <Terry> Sometimes receiving and sending is free from test drops. [19:59:56] <Terry> Non-adjustable drops - a type of drops that clearly understand what risks they are taking. The risk of losing packs is minimized. Such drops get a good salary and a drop life of 2-3 months on average. However, they most often have slightly different work rules. You can learn more about the rules from drop services that provide drop services. The cost of admission is usually 70-100 dollars or% of the cost of the pack for a liquid staff. [20:00:49] <Terry> Recently, drop services began to work on stingy, that is, they take a pack - they pay you your%. Different drop services have different types of goods for acceptance and, accordingly, different%. For liquid technology, Apple can give up to 55%. Driving a staf on stingy will save you from the problem of delivering goods to RU and selling them, and will help you make money much faster. However, the amount of earnings will be much lower than if you brought staf to yourself and sold in RU, this applies to the top liquid expensive stuff. [20:01:15] <Terry> If the goods were sent stingy, from the moment the pack was sent for drop, an average week passes before payment is received. And if you send the goods in the middle and want to sell in RU - on average it will take 4-5 weeks. Here it is up to you to decide, quickly and little, or longer and longer. [20:01:28] <Terry> As soon as drops get a pack, to send to the middle, drop service needs a label. [20:01:48] <Terry> A label is like a mail form. That is, a piece of paper in which it is written from whom it was sent, from what address it goes, to whom it is addressed and to what address. Such labels can be ordered on the forum from the respective sellers. Typically, a cage label costs about 5-10 bucks, if the label is white, the price can reach $ 500, for example, for a 70-inch plasma.The price depends on the garabits and the range of sending the parcel. [20:02:01] <Terry> A label is needed so that the drop driver does not bother filling out documents, paying, etc., but simply pasted this piece of paper on the parcel and took it to the post office, there he will be taken from him silently and she will go to the place destination. [20:02:10] <Terry> An example of a label can be found here: http://prntscr.com/iekzf5 [20:02:16] <Terry> 1 - name of the sender 2 - Sender Street 3 - City / State / Sender's Index 4 - full name of the recipient 5 - Recipient Street 6 - City / State / Recipient Index 7 - Date of dispatch 8 - Parcel weight 9 - Delivery Date 10 - Track parcel number [20:02:24] <Terry> So, we finished the lecture, who has any questions? and wait for our turn. I'll go smoke and I will answer [20:06:17] <id666> Terry: 1. will we be provided with a list of some trusted intermediaries that we work with ourselves? 2. let's say I decided to make a parcel on a fake id, what should I do in this case if I don’t accept parcels in American names in the middle? 3. The first thing to do is to order a photo of the goods, unless of course the goods are made from a verified store. - I don’t understand who to order from? and why pay $ 5 for it? and if the photo is left? 4. There are 2 options for receiving packages. For a certain person, it can be you - then they will not put a bottle on? maybe I don’t want to do that either. 5. expedited system for receiving packages - can I link or the name of these guys? 6. will they tell us how to safely sell goods in Russia? [20:07:53] <Terry> 1) meest parcel post. I work with them 2) fake id take drops from post offices. environments are not involved 3) To order from the middle, as he will accept the parcel so that the photo is made for $ 5 4) They will plant. 5) There is currently no access to the forum, try using the search. 6) On the forum. [20:08:12] <xevious> 1. Is there a site that you recommend sending to Europe / Netherlands? 2. If you want to buy something, you need to register a copy, right? You cannot order packages at a different address from the cc owner due to AVS. So you should always register when purchasing with CC or am I wrong? [20:08:45] <Terry> 1) Parcel post 2) Can be ordered from another payment service [20:09:00] <revolvervv81> 1. In the midst, repacking the goods? Remove labels? 2. Do we fill out the declaration ourselves? 3. When driving, specify the data in the middle - is this a spike address? 4. At the forum I met the term "Salary drops", is it the same as non-movable? 5. Dropservices provide data for driving in (spike address)? 6. Dropservices can stick a label themselves, for a fee? [20:10:06] <Terry> 1) Yes 2) Yes, on the site in between 3) Yes, that's right 4) yes, it is non-adjustable. 5) Yes 6) You drop them a label and they glue [20:10:29] <artil352> 1) If (for example, from yesterday’s lesson) you quit ss and send it to the middle, does the shop expand the shop? I thought you need to send to the address kx and intercept. Can I immediately send to the medium? 2) How do you yourself accept staf if not a secret? 3) If you use the "tricks" in the Russian Federation, then you need to register an acc in the middle of their data? 4) Is it possible to accept staf on boxes that are sometimes in the shopping center [20:11:09] <artil352> 2) In the Russian Federation [20:11:43] <Terry> 1) With ss vryatli it will turn out in the middle. environments are used for driving from Gift and other methods. with ss better on drop 2) As described. Send yourself a bastard 3) They accept any data 4) Yes you can) [20:11:52] <Serrwrtet> 1. At what stage do you need a drop from a shop-bought purchase to getting to RU? Does it replace drop service? 2. In what cases is there an advantage to using drop, and in which drop service? 3. And what does the “life span" of a drop mean? [20:13:02] <Terry> 1) Drop in ru is needed to get a pack in ru from the middle 2) Drop in ru is needed for receiving from the middle, drop service buys goods and accepts it [20:13:14] <Terry> 3) The time when he is ready to accept packs [20:13:28] <Rarka_> 1! Regarding the label's label, the package may not reach from the drop to the middle, or how the mechanism for making such labels works / [20:13:58] <Terry> May not reach. You can buy a white label, but in general all the cards are used and are ready to take risks. [20:14:05] <bloomberg7> what is the point of beating directly to the middle, if many shops have the addresses of the middle in the black list? How is the difference between the label and white label? [20:14:44] <Terry> In the middle with an ebay you can beat, which they usually do. A karzh is made with a karzh. other people's ss and others, whites are paid out of their own or without charge [20:14:54] <stic_> 1) And how will the drop receive the label to paste it on to send to the middle? or is he just printing it? and who fills in the data of this label, in the case of white and in the case of a karz-label, and how to buy this white label? 2) what are the disadvantages of using a karz-label, how often do not they reach? 3) using this label, we ask you to send the intermediary to the registered data, well, will he already send a pack with the same name to our country? do not care for intermediaries that this is not a purchase, but a package from a private trader? 4) pulls out invoices before sending it to the medium or does it need to be immediately asked? [20:15:43] <stic_> 5) c can you beat from different bill / spike? and everything passes? or use euro ss? [20:16:50] <Terry> 1) You send the drop of the label, it will print it and stick it on the pack. You fill in the data on the website of the transport company such as UPS Fedex. 2) Cons that can not reach, rarely reaches but does happen. 3) Yes, do not care in the middle, he can not see it bought or from a private trader. 4) Yes, you have to ask 5) Yes it is possible, in ebay beat from a stick basically. [20:16:59] <macpru> 1) How secure is an intermediary if you buy with brute cc .... Since a carded transaction will be reported in the future, does it affect an intermediary after the card or transaction is disputed ? 2) I have had issue of shopping where the tracking was canceled online because it was disputed but had left already and tracking info could show but I got my package .. do you advice this type of transaction to intermediary or drop since no evidence only trust . 3) To Register with intermidiary ,, we have to register as an office you meant? [20:19:29] <Terry> macpru: 1) the Intermediary does not see payment information. Can only then come charge from the store, or the cops. 2) I didn't understand anything 3) register As an individual. For purchases, we use the office number instead of the cell number. [20:19:53] <BruseLee> 1) how safe is it to receive parcels to boxes in the shopping center? 2) regarding payment with white money, it turns out you need a left paypal not in your name, on which you will need to throw money in advance? or how, didn’t quite understand how to pay with white money without lighting up my data? [20:20:49] <Terry> 1) Yes, IMHO is quite safe. It’s safe to work at the plant, and here everything needs to be calculated. 2) Yes, you can, you can buy vcc for 60 percent. Vcc will tell you what it is in the future. type of card [20:20:55] <Necrolyt> at what stage can they deploy the parcel if they hit a drop in the store? If she's on her way, can she be deployed? [20:21:01] <Terry> yes [20:21:06] <Terry> how the drop will accept [20:21:10] <Terry> so security [20:22:12] <Terry> Dachshund gentlemen, thank you all for your presence. I feel not very important. write who will have questions in PM on the forum to me. Good luck in further training, see you at the last lecture
  6. Lecture # 6 Bank cards 01/21/2020 Lecturer: Gunnar 6:29:04 PM - Gunnar: So, today we’ll talk a little about bank cards, the principles of their work and the nuances of buying them for work, and we will touch upon such issues as check cards, 3DS / VBV and why we even get “good” cards decline 6:29:24 PM - Gunnar: Each of you has come across bank cards one way or another in your life, but few have wondered how the card payment process works and what information the plastic and the information printed on it carry 6:29:48 PM - Gunnar: The first thing a beginner carder needs to learn is basic information about bank cards in the context of our shadow activity 6:30:16 PM - Gunnar: in our context, CC (Credit Card, credit card, cardboard, etc.) - carefully stolen data from a real (or virtual) card holder who does not live in the CIS countries 6:30:53 PM - Gunnar: Where do we get the cardboard? 3 main options - buy in shops, from private (or not so) sellers, or get it yourself (from a fake site, from a botnet, some hacked database, or from any other place where your imagination is enough) 6:31:13 PM - Gunnar: Consider the most popular and obvious option when buying a card 6:31:24 PM - Gunnar: Upon purchase, you will receive a cardboard in approximately the following format: 6:31:35 PM - Gunnar: 4147400219040084 | 10/20 | 826 | Richard Brown | 56 Groveview Cir # 302 | Rochester | 14612 | NY | USA | 661-298-0881 | richielang@aol.com 6:31:49 PM - Gunnar: Each shop / seller has a different format, you can customize it somewhere, but the main points are identical 6:32:04 PM - Gunnar: In our example, 4147400219040084 is the credit card number; 6:32:21 PM - Gunnar: 10/20 (10 month / 20 year) - card expiration date (Expiry / Expiration Date); 6:32:35 PM - Gunnar: 826 - CVV / CVV2 / CVC card security code; 6:32:53 PM - Gunnar: Richard Lang - First and Last Name (first name, last name); 6:33:06 PM - Gunnar: 56 Groveview Cir - Address Line 1 (first line of address); 6:33:41 PM - Gunnar: # 302 - Address Line 2 (second line of address). Please note that the street name and house number is always Line 1, and the apartment / extension / office number is Line 2. If the house is private, then Address Line 2 will be absent. 6:33:48 PM - Gunnar: Rochester - a city; 6:34:01 PM - Gunnar: 14612 - Zip code (zip, an analog of our zip code); 6:34:13 PM - Gunnar: NY (New York) - state; 6:34:20 PM - Gunnar: USA - country; 6:34:33 PM - Gunnar: 661-298-0881 - phone; 6:34:44 PM - Gunnar: richielang@aol.com - holder email address. 6:35:18 PM - Gunnar: The minimum required information to work is CC number, Expiration Date, CVV, First / Last name, Address line 1, Zip code. 6:35:38 PM - Gunnar: Let's dwell on the card number, it contains important information for work 6:35:58 PM - Gunnar: BIN (Bank Identification Number) - first 6 digits of a credit card number 6:36:25 PM - Gunnar: Each banking organization has a pool of unique numbers that are assigned to the cards they issue. 6:36:57 PM - Gunnar: These numbers contain information about the payment system (Visa / MC / AmEx / Discover, etc.), the issuing bank, the card level (Classic / Gold / Platinum, etc. .), type of card (Credit / Debit / Prepaid) 6:37:33 PM - Gunnar: The first BIN digit identifies Major Industry Identifier (MII) - the global payment system in which this card works 6:38:12 PM - Gunnar: The main payment systems you will encounter are AmEx (the first digit of the card starts at 3), Visa (4), MasterCard (5), Discover (6). 6:39:01 PM - Gunnar: Detailed information about bins can be found on services like binlist.net, binov.net (the latter is very convenient for mass search of bins and reverse search of bins by banks, I recommend writing down) 6:39:16 PM - Gunnar: If we break through the BIN cards from the example above (414740), we will see the following information: 6:39:21 PM - Gunnar: TYPE: VISA; BANK: CHASE BANK USA, N.A .; RANK: CREDIT; TYPE: SIGNATURE; COUNTRY: USA 6:39:48 PM - Gunnar: The remaining digits of the card, except the last, identify the holder's account in the bank, and the last digit is the control, designed to validate the bank card number using the Luhn Algorithm. 6:39:59 PM - Gunnar: Now, with regard to directly buying cards in shops 6:40:15 PM - Gunnar: When buying cards, one of the most important parameters is the validity of the base in which the card entered the store 6:40:57 PM - Gunnar: By shop / seller, it is determined like this: a random number of cards are taken randomly and validated by a checker. Suppose, out of 10 cards 7 valid cards were issued - the validity of such a base is about 70% 6:42:23 PM - Gunnar: I would also like to say that validity is the only, perhaps, really measurable criterion for the quality of cards, but it is far from being a parameter that guarantees successful entry of cards into the service you need. Much depends on the source, where the maps came from - and which one is better, can only be established experimentally. 6:43:14 PM - Gunnar: So, regarding the check of cards. A card checker is a service that drives cards through its merchants. Checkers can work in different ways: a small amount ($ 1-2) can be authorized from the card through the merchants of the checker and come back after a short period of time. This method is bad in that the holder can be configured with notifications for transes and a suspicious transaction may cause him to block the card. Well, or he just at the wrong time can check the bank statement. 6:43:34 PM - Gunnar: More advanced checkers use non-charge validation ($ 0 authorization), which goes unnoticed by the holder and gives a response from the payment system about the validity of the card. 6:44:09 PM - Gunnar: An alternative way to check a card for validity is to link it to some services (as an example, to Google, or to any other service where the card fits into your personal account) 6:44:35 PM - Gunnar: This is a fairly safe check method, which minimizes the risk of card death, provided that it also uses the principle of non-charge validation. 6:45:18 PM - Gunnar: In normal shops for invalid cards, a refund is provided - usually it takes 5-15 minutes for a check. If you do not trust your method of checking cards, you can check a card after driving in to minimize the likelihood of her dying from the check. It is also worth remembering that checkers built into shops often spoil cards much more than your own check methods, so use them only if you are sure that the card is invalid. 6:45:49 PM - Gunnar: A few words about CC species. As I said above, most often in work you will meet cards Visa, MasterCard, American Express, Discover 6:46:46 PM - Gunnar: From my experience, it’s easiest to find good Visa and MC beans, but in practice I have seen fat amex beans. The problem with working with Amex is that usually on these cards the holder receives a lot of alerts and, if a fraudulent transaction is detected, the chargeback flies very quickly 6:47:26 PM - Gunnar: Visa, MasterCard and Discover cards have 16 digits per card number and 3-digit CVV codes. Amex has 15 digits in the card number and a 4-digit CVV. This does not affect anything, but any self-respecting carder should know this. 6:47:43 PM - Gunnar: When working with cards, sooner or later you will come across 3D Secure security mechanisms. 6:48:21 PM - Gunnar: For Visa cards, it is called Visa Secure / Verified by Visa (VBV); MC has MasterCard Secure Code (MCSC) and Amex has SafeKey 6:49:09 PM - Gunnar: If you drive into a merch with an activated 3DS system, during the transaction you will be redirected to the static code entry page, which should be known to the holder 6:50:16 PM - Gunnar: These codes will not be known to you when you purchase a card, however, for some bins you can reset them. Also, the implementation of 3DS is beginning to gain more and more popularity, where a one-time code is used for confirmation, sent by SMS / e-mail. Fortunately, there are still quite a few US banks that would introduce such protection (and, conversely, there are more and more banks in the EU) 6:51:40 PM - Gunnar: Also, there is a separate type of map that passes 3DS pages automatically. The bottom line is that in this case, instead of entering the code during the transaction, its details are closely examined by the antifraud of the bank and, if everything suits him, approves of it. Such cards are called autovbv (auto-win) and with their help you can often beat in services with activated 3DS 6:53:39 PM - Gunnar: In general, if you are working on a things with US shops and stumbled upon a shop with activated VBV / MCSC, the easiest way to get into such a shop is to find another one. If you beat any service, or work on the EU - there you already need to look for bins with reset / auto-start, which will climb into your merch. Unfortunately, the only effective method of finding such beans is testing. Yes, you need to buy and interrupt a large number of cards before you find the right ones. Sometimes you can narrow your search by buying auto-win or auto-reset beans from trust sellers - however, this does not mean that such beans will be suitable for your service / shop. 6:53:55 PM - Gunnar: Let's talk a bit about the types and levels of SS 6:54:55 PM - Gunnar: Credit - a card on which you can spend borrowed funds, i.e. not having your own money in the account. Moreover, US cards on credit cards often do not have such a thing as a positive balance - you can only spend credit on them and repay a loan. The more KX has a Credit Score, the higher credit limits the bank gives. 6:55:24 PM - Gunnar: Debit - a card that can only be used within the amount available on the account. The debit card will necessarily be tied to a bank account and is a kind of key to a bank account for the convenience of everyday payments. 6:56:07 PM - Gunnar: Prepaid - a card with a prepaid amount - a smart card that stores electronic money deposited in advance by the cardholder. In many respects, they are similar to debit, but unlike them, they are not related to bank accounts. Often found in payment systems like Payoneer, ePayments, etc. Some merchants refuse to work with prepaid cards. 6:57:30 PM - Gunnar: As for the card levels, there are a lot of them and they are different for different banks. From Classic to Black. On the one hand, cards of a higher level indicate a higher status of the owner and potentially there may be more money on them than on cards of low levels. However, when working on the US on high-level cards, there may be no trivial balances, there may be limits on transactions and such bins will simply not give 6:57:57 PM - Gunnar: In working with US cards, I much encounter Classic cards and similar "low" levels that are great for our work 6:58:51 PM - Gunnar: So I can’t give you a definite recommendation like “take platinum, it will give” (a common misconception in our environment). Only test and identify patterns in your practice. 6:59:45 PM - Gunnar: I also want to note that far from always having a balance on a card (and even missing limits) equals a successful drive. Now I will give a detailed explanation of why this happens. To do this, we consider in detail the entire kitchen that occurs when paying with a card and hidden from the eyes of the layman. 6:59:56 PM - Gunnar: Let's analyze the main participants in the payment process: 7:00:18 PM - Gunnar: - KX: cardholder, owner of the card with which the payment is made; 7:01:03 PM - Gunnar: - Merchant: in fact, the online point of sale of the goods with a current account, which should ultimately receive funds for the goods. Many confuse the merchant and what is more correctly called a payment gateway. These are different things, but on the carder slang, for simplicity, we talk about them as a whole (about merchandise). 7:01:44 PM - Gunnar: - Payment Gateway - a technology that allows you to connect a merchant with a processing center and an acquiring bank; 7:02:27 PM - Gunnar: - The processing center is a high-tech system for processing bank card payments in the field of electronic commerce. It receives data from payment gateways, processes and redirects it to the issuing bank; 7:03:11 PM - Gunnar: - Issuing Bank (KX Bank): a bank that also operates under the jurisdiction of one of the global payment systems and issued a card to the holder; 7:03:48 PM - Gunnar: - The global payment system (Visa / MC, etc.) is an organization that regulates and produces interbank settlements. In simple words, it allows you to transfer money from the account of the issuing bank to the account of the acquiring bank and dispels the entire process that occurs during this. 7:05:08 PM - Gunnar: After clicking the Place Order button on the KX, the data first goes to the shop’s antifraud system. It evaluates your order according to its huge array of criteria and decides whether to pass the order further automatically, send on a manual verif or give you instant decline. At this stage, in most cases, these cards have not gone further than the shop. 7:05:55 PM - Gunnar: If you passed an antifraud check, or the manager manually updated your order, the payment process continues. 7:06:34 PM - Gunnar: After the order has been updated, your data is collected, encrypted and transmitted to the Payment Gateway. In turn, it evaluates the transaction according to its own criteria (gateways have their own antifrauds that allow detecting suspicious patterns) and can immediately deploy payment. 7:07:19 PM - Gunnar: Let's say the KX transaction did not seem suspicious to the gateway - in this case, it transfers all the data further to the processing center. The processing center again checks its criteria for fraudulent transactions and decides whether to forward the transaction. 7:07:42 PM - Gunnar: If the processing center liked everything - the transaction goes through the global payment system to the issuing bank 7:09:11 PM - Gunnar: The issuing bank analyzes KX transactions if it seems out of the ordinary (for example, kx never bought anything more than $ 100 from a card, and you suddenly try to drive a gold bar for $ 10k ) - can also wrap up the transaction. I want to note that often previous, real successful transactions in the service you have chosen can increase confidence in yours. Therefore, it is often possible to drive from logs from attached paychecks even from those bins that never climb under normal conditions 7:09:39 PM - Gunnar: The issuing bank also looks at the limits set by the holder and, of course, the availability of available own / credit funds. 7:10:19 PM - Gunnar: If it seems to the issuing bank that everything is in order, it sends a positive response to the acquiring bank back through the global payment system, which in turn returns the result of the successful transaction to the payment gateway and the gateway responds directly to you or the shop manager about successful payment 7:11:27 PM - Gunnar: Actually, that’s why the fact that you have a card with a known balance on hand does not give you confidence in a successful drive. For each transaction, you are dealing with a multi-stage antifraud (shop, payment gateway, processing center and banks). 7:12:35 PM - Gunnar: It also follows that many of the popular bins are just “staggered” and don’t get into the shops / services you need. In this context, “delayed” means that a large percentage of fraudulent transactions were noticed from the cards of such a bin, and all levels of antifraud react poorly to them. 7:13:51 PM - Gunnar: Your task for successful SS driving is to maximize the tuning of your car and your shop actions for a real user, and with the painstaking tests and experiments to select the very beans that will lead you to the treasured profit 7:14:55 PM - Gunnar: In more detail, all these points in the context of a direct drive into a shop with an SS under a pickup truck, we will analyze with you on the corresponding lecture. Also, you still have a lot of lectures, where one way or another will affect the work with maps 7:15:07 PM - Gunnar: Today we have everything on the cards, I'm waiting for your questions 7:15:58 PM - Gunnar: Is everyone asleep? ) 7:16:14 PM - timoha26: 1. which checker is better to use in work? 2. Before you drive in, you need to look at what amount the kx transaction had and to beat within these amounts? 7:17:06 PM - Gunnar: 1. One that does not kill cards. I don’t use checkers who advertise on karzh forums, but I always find services where you can attach a card and when it is linked, it is validated. This is the most "clean" and native check method. 7:18:53 PM - Gunnar: 2. Optionally, you may have a bin that purely statistically climbs good amounts into the service you need and it makes no sense to analyze transactions in such a situation. Plus, in order to see such info, you need to either break the card, which is often hemorrhoid, adds time to breaking through, or ring the bank, which also often requires at least SSN. Because I hardly do this, I prefer to look at statistics on volumes, it turns out more reliable. 7:20:23 PM - revolvervv81: Examples of checkers that use non-charge validation? Is it possible to determine a card with autovbv (autowave) only through tests? How to find out the limits on the card? How to increase them? How to get the cards yourself? 7:21:06 PM - Gunnar: 1. If we are talking about service checkers, then luxchecker used to be one, until it got angry. Now I don’t know how they are doing, I haven’t been using it for a long time. And so - the same google 7:21:38 PM - Gunnar: 2. Yes, only with tests. Previously, there were options with map generation and driving generics into merchants with 3DS, but they no longer work 7:22:46 PM - Gunnar: 3. Is it just ringing the bank. You can not always raise it. If you work precisely, then before the transaction you can try to ring the bank and ask to remove the limit for a specific trans, but this will require an experienced dialer and breaking through the information 7:23:23 PM - Gunnar: 4. Either raise the botnet or break the shops. In any case, all such methods require investments and skills. 7:23:30 PM - bloomberg7: 1) how do you know when the card data went beyond the shop? 2) And the merch itself (that is, the payment acceptance service can determine the delay of the bins or does the shop only pay attention to it? 3) I don’t understand when money is debited from the card, I always find out about it by SMS, do Americans have no notification? 7:24:42 PM - Gunnar: 1. Usually only by indirect parameters - for example, a transaction is wrapped in a shop instantly. There are no 100% factors 7:26:14 PM - Gunnar: 2. Of course, merchants have their own statistics. An antifraud on certain bins may be delayed at the shop (for example, the shop will be triggered by driving an iPhone 11 Pro Max with 414720 because there were already 20 such fraud drives). only find this out by thorough testing. Before you actually bought some cards and tried using them for the specific store / service, you never know if they actually work. 7:44:35 PM - Gunnar: And I didn't quite catch the second part 7:44:44 PM - Gunnar: You meant binding? 7:44:56 PM - Gunnar: artil352: Depends only on your experience. Knowing the service and the bins well, you can stomp stably for 10k. Initially, it depends on the chosen direction - for example, for a pickup there is no sense at all to hit less than $ 1000 7:44:59 PM - macpru: yes bindingg 7:45:57 PM - Gunnar: macpru: You can add a card to a service like google (go to play.google.com> payments). If it's being added successfully, it's valid. Google does this validation thing prior to adding a card 7:46:18 PM - revolvervv81: There are a lot of ss shops on the forum. Will you advise the shops? Or the ones you work with 7:46:42 PM - macpru: ok 7:47:06 PM - Gunnar: There will be a lecture where we will analyze this issue in detail (lectures on Airbnb near the end of the training). And so, ferum, bingo, cvvme, topcc 7:47:16 PM - Gunnar: Getting Started and What I Work With 7:47:25 PM - bloomberg7: Why don’t banks introduce some kind of additional protection so that they wouldn’t give a damn about fraudulent operations? Why doesn’t it make sense to hit small amounts under peaks? 7:49:27 PM - Gunnar: Well, they are slowly entering. But the banking system of the states is archaic and slow, at the moment the cost of implementing such decisions exceeds the losses from carding, that's why our sphere still lives. Plus, any introduction of 3DS and similar systems reduces conversion (people think it's too complicated and just don’t pay with a card), so shops and services always look for a balance between conversion and security using fine-tuning anti-fraud systems 7:49:53 PM - Gunnar: Because under the pickup under the pickup most often they take goods with a total value of $ 1k + 7:50:16 PM - Gunnar: Well, the fakeID pickup cost per forwarding is $ 500 on average 7:50:21 PM - Gunnar: Because it does not make sense 7:50:55 PM - Gunnar: If you use pick-up services that use movable drops that drive by trust - there yes, it can still be relatively reasonable 7:52:03 PM - artil352: That's interesting, if I want to hiss something through pickup services, will there be a lecture on how to do this safely? 7:52:32 PM - Gunnar: well, there will be a separate pick-up lecture and a mid-lecture, I think you will learn a lot from them on this subject 7:53:47 PM - macpru: example of mastercard world elite .. can it be used for shopping too since it gives discount on travel for travelers .. is it adviseable to use for shoping? 7:55:15 PM - Gunnar: Card level itself says basically nothing about will this card be cardable or not. There are no dependencies at all. The only thing to find out will it actually work as you want it is to test it - so once again, nothing new can be said here 7:55:46 PM - net23: what is a pickup truck? 7:56:28 PM - Gunnar: There will be a separate lecture on this subject. If briefly - driving a staff to the address of KX, followed by a hold at the branch and raising drops with fake ID 7:56:38 PM - Gunnar: either by proxy 7:58:12 PM - Gunnar: Okay, if everyone is tired, thank you all for participating 7:58:19 PM - Gunnar: If anything, contact the telegrams 7:58:33 PM - Gunnar: Also, I will be glad to receive feedback on the lecture on the forum 7:58:44 PM - Gunnar: You're welcome, if anything, to the telegrams
  7. Lecture # 5 Security and configuration of a virtual machine 01/20/2020 Lecturer: Payne (19:15:46) Payne: Greetings. Topic of the lecture: "Security and configuration of the virtual machine." (19:16:13) Payne: The lecture includes the following parts: 1. General characteristics of privacy and security. 2. Structural adjustment of a virtual machine: programs and parameters. 3. Financial turnover, taking into account the properties of anonymity in the network. (19:16:49) Payne: It’s customary to start from the basics, first of all, we will consider the fundamental rules of behavior in the field of Internet activity. (19:17:13) Payne: Security. It is necessary to be guided by a number of rules, violating which is strictly not recommended: (19:17:29) Payne:? Stop the dissemination of any personal information. The location and composition of the family, details, e-mails, social networks, specific nicknames that match the Instagram account, information about work activities and subscriber numbers should not leave the boundaries of a pure operating system and mind. (19:18:16) Payne: Regardless of the person interested, buddy or colleague - anyone may not be the one who wants to be seen, I am no exception. It is important to be aware of what we intend to do and remember: “The personal must remain personal, the working must be working.” It applies not only to people, but also to Internet resources, from which the conclusion follows. (19:18:52) Payne:? Do not resort to the use of personal phone numbers, e-mails and social networks to register accounts on gray sites or stores. Mobile and Internet service providers, as well as e-mail companies, in most cases will simply issue information at the request of the competent services. (19:19:20) Payne: Registration of mail that requires the adoption of an SMS code for activation is carried out using virtual online activators, for example: https://sms-activate.ru/. There are dozens of similar services; finding them will not be difficult. The forum has services, including for receiving messages to real numbers of English-speaking countries. (19:20:00) Payne:? Uncompromising rejection of activities in all countries of the post-Soviet space. It is much easier to track a resident who is in direct physical and administrative reach, which is once again confirmed by statistics and observations. (19:20:27) Payne: This means that the use of this kind of material, shops and services is prohibited, dictated by common sense, and not by any code of honor. (19:20:59) Payne:? For the same reason, parcels are received through intermediaries and dummies. It is strongly discouraged to involve personal identification data in the characteristic process of the circulation of goods and finances in any form. (19:21:37) Payne:? Communication tools and correspondence histories corresponding to them should not be in open form on the main operating system. Inside a virtual machine? permissible. Skype, WhatsApp, Viber messengers and others like them are nonsense, due to the track record of leaks and vulnerabilities discovered that look like backdoors. (19:22:36) Payne: Regarding Jabber, it’s important to use only servers that have a sufficient level of trust and reputation, and if possible to protect the communication space, if possible, enable OTR encryption. In the PSI + client, there are plugins, for Pidgin it is downloaded separately. (19:23:26) Payne: By the way, making contacts in the public domain is fraught with spam, hacking attempts and possible fake accounts that are similar to your own, which in the future can add to your worries. There is such a need - additional ones are created. (19:24:11) Payne:? Methods for storing virtual machine images and information must have their own levels of protection. First of all, physical media: hard disk, SSD (both external and internal) or an ordinary flash drive. A removable drive is also convenient because in a critical situation it can be quickly physically removed or rendered unusable. (19:24:44) Payne: Two characteristics play a significant role in choosing a device: volume and speed. There is little memory, so the choice is solely at your own discretion, a convenient minimum? 32GB. (19:25:33) Payne: Speed is a consequence of the type of storage device and the characteristics of a computer. SSDs are definitely faster than hard drives, but the cost is clearly higher. For removable drives, the USB connection method is also significant: versions 3.0 and 3.1 win compared to v2.0 - for a simple definition of the version, you can see the color of the ports, with 3.0+ it is blue. (19:26:21) Payne: When it comes to drive settings, it's mostly encryption. When choosing a specialized program, you can stop at Veracrypt; BitLocker and similar solutions are not recommended. Veracrypt is a fork of Truecrypt due to the closure of the latter and the doubt that arose on this basis. (19:27:02) Payne: A container is created or the entire drive is encrypted, then confidential information is placed inside, in order to view which you need to decrypt (unmount) the password. To prevent the risk of capturing a password from RAM, hibernation is turned off, - instructions according to the operating system on the Internet. (19:27:42) Payne: In addition, the program has the ability to create a hidden operating system. In case of emergency it will be possible to issue a password from the main one, existing in parallel, while the hidden one will continue to store files. Containers with a double bottom work in approximately the same way. Detailed manuals are in the main working conference on the forum and in the program help, in addition, the functionality is intuitive. (19:28:27) Payne:? For each site, account and container, passwords must be unique. The use of identical passwords often results in the loss of all accounts at once, since when draining one database the information from it can be used on other sites. There is no insurance against the sale or hacking of the database of any store of material, leaks from popular resources and subsequently banal brute force attacks by the enemy. (19:29:05) Payne: The KeePass or equivalent can serve as a password manager. Needless to say, “qwerty54321” is not a strong password at all. (19:29:28) Payne: However, it’s appropriate to inform about the convenient function of two-factor authentication. 2FA is an additional degree of protection implemented by generating code passwords every 30 seconds, which will not be superfluous to use where possible. For example, Authy or OTP applications are suitable. (19:30:01) Payne:? A separate virtual machine is created as a preventive measure to infect the virus. In order not to establish control over the device or to intercept passwords directly from the system, the installation of dubious and unverified programs is performed in a pre-prepared virtual system. (19:30:42) Payne:? It is recommended to periodically make backup copies of the most important data, which must be encrypted separately from the working system. (19:31:16) Payne: To summarize the general conclusion on the first part, you can do this: neglect and half measures in matters of security have negative consequences. It’s not as troublesome to observe basic hygiene rules as getting caught because of naivety or losing money due to account theft. (19:31:58) Payne: Setting up a virtual machine. Virtualization software - VMware and VritualBox, where the latter version also works on Linux, and the solution for macOS is Parallels Desktop. The set of virtual machine settings does not change depending on the main system, just like the choice of an option for work does not matter. (19:32:37) Payne: Almost always in bios / uefi virtualization extensions are enabled, but some manufacturers disable them by default. The method of getting into this interface differs from the main system and computer model, so it’s worth using a search engine, virtualization, in the main, appears as VT, AMD-V or V. Extensions. (19:33:18) Payne: A virtual machine has two fundamental functions: everyday use and work. Combining is not forbidden, however, the craft provides for constant changes of ip-addresses, a number of programs and parameters, so it is possible to make individual assemblies for different purposes. (19:34:06) Payne: 1. The working arsenal includes the following: ? VPN An encrypted connection from the user to the server through which the network is connected. In order to avoid conflicts with other IP accesses, it is installed on the main system. It is optimal to choose a service of third world countries; there can be no talk of a post-Soviet space; commercial service should not keep logging. (19:34:52) Payne: You can create a VPN yourself by internally configuring a server dedicated to this purpose. A whole lecture could be given under the instructions, and their breakthrough network, for these reasons, will not be covered. After connecting, the IP address must change. (19:35:20) Payne: The function of blocking traffic in case of unintentional disconnection of IP access for the purpose of insurance against disclosing a real IP address in VPN clients is called KillSwitch (or similar) and is contained in many clients, and it is implemented in Windows by creating rules in Firewall Properties: Outbound connections> Block of three tabs; then Outbound Rules> Program> Networking Application> Allow the connection. There are special programs on the network. (19:36:33) Payne:? A set of common browsers: Firefox, Chrome, Safari, TOR Browser and others. As for the latter, forums and material stores often have mirrors in the .onion zone, which must be opened through a torus. To prevent leakage of the real IP address, disable WebRTC technology in browsers: https://bit.ly/2F2BTLW. (19:37:39) Payne: - In order to mask the IP address for work, SOCKS proxies and SSH tunnels are used. Present in the format ip-port + login-password (not always). These network protocols use different connection methods, for the initiation of which you should install a kit from Proxifier for socks and Bitvise or PuTTY for tunnels, respectively. (19:38:21) Payne: The “Resolve hostnames through proxy” checkbox in the “Name Resolutions” item is turned on in the Proxifier, directly the socks are added in the “Proxy Servers” tab. When using Proxifier in conjunction with Bitvise or PuTTY for SSH, a rule is added to “Rules” on the label of the desired client, where the first or second item is selected in Action; the Sox should be of the form without a password. (19:39:11) Payne: Other settings come down to correlating input fields in clients and information about IP access - ip, ports, logins and passwords. There are plenty of guides on the aforementioned clients in the network and on the forum, so we won’t get acquainted in detail. (19:39:45) Payne: - Antidetect? a program that uniquely works on the Internet, replacing browser fingerprints, for example, Linken Sphere. If there is a virtual machine, it is optional, although from a security point of view, tools should be stored in an isolated area. Use at will, on this subject there will be a lecture in the future. (19:40:31) Payne: - Convenient text editor for recording. Freedom of choice is provided here, but if you raise the question with an edge, you can give a few examples: Notepad ++, RightNote, Standard Notes, CherryTree. At the same time, as with passwords and backups, it is definitely not worth keeping information in the cloud storage. (19:41:04) Payne: The final connection sequence in the minimum acceptable configuration will be as follows: main system> VPN> encrypted storage area> virtual system> SOCKS / SSH> Internet. (19:41:47) Payne: The chain is variable and can be supplemented in every way by introducing new links. For example, the last two items can be replaced with remote desktops: ... virtual system> VNC / RDP / dedicated server> Internet. Is it possible to supplement with antidetect, building a series of VPN? in sum, maneuvering is limited only by imagination. (19:42:48) Payne: 2. The spectrum of parameters originates in the antifraud system. Antifraud - a system designed to evaluate financial transactions on the Internet for fraud. In fact, it is at the center of rules, filters, and lists. Knowledge of the internal kitchen in the future will be of help to overcome the "barrier" of antifraud systems. (19:43:36) Payne: There are two categories to distinguish from the set of rules included in the system: IP-address and digital fingerprints. It is necessary to investigate their contents in order to have an idea of the mechanism of substitution of visibility - camouflage and from what perspective the future "buyer" will be evaluated. (19:44:02) Payne: A) IP address. (19:44:13) Payne:? Black Lists or Black Lists. Such databases are formed by various companies that monitor IP addresses that carry out DDoS attacks, spam and other dark activities. Then, Internet providers, postal services, payment systems, banks and shops use them to check visitors. Consequently, an attempt to place an order with a dirty IP address will usually end in failure: TOR, public VPNs and proxy services are dotted with black lists. (19:45:05) Payne: In addition, sometimes subnets of certain Internet providers become victims of prejudice based on the range of addresses previously involved in fraudulent activity. (19:45:38) Payne:? ISP and Hostname, or ISP and hostname. Thanks to flashy headings in names such as "proxy", "hidden", "vpn", intentions can be set to conceal and mask traffic,? one of the business cards of a typical scammer. (19:46:20) Payne: Also, there are services that provide corporate or private provisioning services of virtual servers on remote access. By analogy with the previous paragraph, the IP address belonging to such a provider and specific systems (servers) contradict the pattern of the average buyer. (19:46:58) Payne: In simple terms, a virtual server, for example, Amazon’s remote desktop — is not presentable, a VPN service, proxying or tunneling traffic — is reprehensible. (19:47:39) Payne: In addition, there are providers who are in the high-risk zone from the point of view of many anti-fraud systems, which are often treated with increased attention. Examples from experience: rr, myfairpoint, frontier. Conversely, a few solid ones: qwest, charter, cox, att, verizon, comcast. In light of this, even the absence of black lists does not guarantee a result. (19:48:22) Payne:? DNS or domain name system? the connecting element of the site name and IP address on which this site is located. A kind of appendage and match with the IP address is not required; personal DNS should not leak. The decisive factor is usually not, but matching countries DNS and IP-address is without a doubt a plus. (19:48:59) Payne: Sometimes it’s absent on SOCKS or SSH, then you can: • register in the network adapter in the network control center and system sharing; • register in the settings of the router (router); • bundled with a VPN as one of the links in the chain. (19:49:46) Payne: - Two-way ping - the approximate time of the client-server route. When establishing characteristic indicators (mainly over 40ms), the IP address is classified as a tunnel, which through the prism of antifraud systems can be one of the indicators of a potentially fraudulent operation. (19:50:32) Payne: Unfortunately, without ownership of IP access at the administrator level, this cannot be resolved locally, which is why the following options remain: • replacement of IP access (SOCKS / SSH); • changing the link going to it in the connection chain, for example, changing the VPN server, - as an option, it does not always help; • if you have administrative rights, you must prohibit ICMP traffic, instructions according to the system can be found on the network. (19:51:49) Payne:? Open ports: 80, 81, 1080, 3128, 8123, 8080, 8081 and so on. They testify to the use of proxy means, while at the same time being a double-edged sword. Firstly, a significant number of these addresses are just the web admin interface of the router. Secondly, contrary to the statements of sites for checking anonymity, a lot of pure traffic is generated from the IP addresses of the above types. (19:52:47) Payne: Most of the properties of an IP address are essentially not “bad” or “good”. Proxies, VPNs, servers, and specific ISPs can be associated with a corporation, university, mobile operator, or other legitimate use of tools, whether it’s a personal purchase at work or operations from legal entities. faces. (19:53:20) Payne: In this case, the traffic of groups of people is transmitted through one Internet access point, for example, to use a firewall or to increase productivity. It follows that a radical policy of containing all suspicious elements will inadvertently cause the suffering of ordinary users. (19:54:08) Payne: In essence, this means: a) purchases from one IP address by different payment methods are possible, b) IP-addresses branded as “proxies” can be effective and c) there is a whole carriage for risk assessment and a small cart of other rules. Abstracts are confirmed experimentally. (19:54:46) Payne: A set of measures for calculating the probability of using a proxy is called "proxyScore". “RiskScore” - as the name implies, a risk assessment when analyzing a transaction in general or an IP address in particular. Are designated within 0-100, respectively, than the value is higher? the worse. Mostly verification services are integrated into material stores, and on the forum and on the network you can find private representatives. (19:55:48) Payne: The inherent variability of the evaluation criteria should be noted. Blacklists, ISPs and other attributes are changed daily, and also directly depend on specific anti-fraud systems, dozens of which should not have the same device and algorithms. For these reasons, it is extremely important to keep personal statistics. (19:56:39) Payne: B) Digital fingerprints. Fingerprint is a unique cast of browser and operating system settings. The receiving mechanism is actively used by antifraud systems both for assessing transaction risks and for simple tracking, because it allows you to recognize a client regardless of changing IP address, clearing cookies, and with a strong system and some settings. (19:57:11) Payne: From a security point of view, it represents a set of methods that identify a user against the background of others. Including, therefore, the principle of isolation of the working environment is declared: it is one thing to assign a unique identifier to an anonymous observer for the purpose of advertising tracking, and completely different to the “buyer”. (19:57:58) Payne: So, chronic use of a single configuration in the work will inevitably lead to recognition of the client, which can cause refusals to conduct transactions along with suspicious fingerprints. Very often, a data collection and analysis scenario includes: (19:58:34) Payne:? User Agent Along with the IP address, the first information that the site receives about the user when they visit it? browser name and version, device type, operating system and language. In order to be organic, you need to consider the language properties of the selected masking if the IP address is English? same system and browser. (19:58:54) BruseLee left the room. (19:59:19) Payne: One of the standards of analytical processes? statistical coincidence of illegal acts with a specific operating system or browser. You can illustrate this: for example, obviously suspicious proxies for the most part are based on Linux, which affects the attitude to the operating system itself. (20:00:10) Payne: The more bona fide traffic is generated from the operating system or browser in the world, the more blurry the black to white ratio is, which means camouflage will be more natural. A vivid example? line of Windows, macOS, iOS, Android. Browsers: Chrome, Firefox, Safari, IE, Edge. As with blacklists, analytical materials are collected in real time and depend on the service. (20:01:20) Payne:? Passive OS Fingerprint. A fingerprint is formed from the parameters of data transmission to the network that are typical of operating systems: size, packet lifetime, and others. Mismatch of fingerprints of the traffic IP-address and User-Agent (for example, the packet was sent by Linux, and the Windows client)? flaw in the user's portrait. (20:02:01) Payne: Because server-side configuration is the easiest way to smooth corners? change of IP access. Of the standard means, WiFi distribution from the required device can help you out through an emulator or neglect, provided that a compliant antifraud system is not crucial in the overall picture. (20:02:54) Payne: - Screen resolution, window size, scaling. Uniqueization parameters simultaneously involved in risk assessment. Extremely rare indicators distinguish the user, and unnatural for the User-Agent due to the use of anti-detectors or emulators may raise suspicions: the phone does not have computer permission. (20:03:43) Payne:? Time & time zone. The time and time zone of the operating system must correspond to the location of the IP address, because the roughness in the disguise can sow doubt. Acting intensively from one locality, to prevent identification, it is worth setting the deviation in seconds between local and system time. (20:04:23) Payne: - Fonts of the operating system. Font definition via Flash or JavaScript is a standard technique for user uniqueization. Operating systems have them by default, and the general list is replenished by installing programs with their own fonts: various kinds of Office, Adobe PDF, and so on. (20:05:05) Payne:? Extensions & Plugins? browser extensions and plugins installed. They can be detected by good antifraud systems by requesting the presence of certain id in the browser and fixing the display changes on the page. The simple “AdBlock” is unlikely to have a significant impact, but the tools to falsify the “User-Agent” and fingerprints against a serious opponent can play a trick. (20:06:02) Payne: • Flash Player. A plugin for playing audio and video Flash-format sites, as well as one of the unique mechanisms. To some extent, openness gives the impression of honesty, and yet it is not necessary to install it, since accessing Adobe Flash provides information about the browser and operating system. (20:06:45) Payne: Moreover, for today Flash the old module is turned off by default for many security reasons, due to the decline in popularity among users. However, it may be required to display the Flash content of certain sites, which will be notified accordingly. (20:07:28) Payne:? HTML5 Canvas (Canvas Fingerprint) and WebGL. Invisible rendering of elements by GPU resources with effects superimposed on them: text for Canvas and 3D object for WebGL. After processing, the data is converted to a hash code and attached to a common fingerprint for subsequent user identification. (20:08:17) Payne: Fonts, versions of the GPU drivers, color depth, filtering, lighting and shadows, textures, and so on - to produce a personalized result, the hardware and software features of the device are used, where are each of the fragments? variable, and as a result, the existence of distinctive signs is understandable. (20:09:08) Payne:? AudioContext Fingerprint. Evaluation of browser playback of low-frequency audio signal, similar to Canvas and WebGL, proceeds covertly taking into account the characteristics of the operating system and user equipment. Far from the most common method. (20:09:49) Payne: Filling of the fingerprint are: bitrate, decibel value, number of input and output channels, output delay, sampling frequency, operation time and others, based on the antifraud system. It is possible to correct the print by modifying the parameters in the Virtual Audio Cable program or analogs. (20:10:46) Payne: - Cookie. A small piece of data from a specific site stored in the operating system for authorization and settings. If there are cookies in the session, the site uniquely identifies the user, therefore, changing the disguise, you need to get rid of them. (20:11:20) Payne: - Personal data of a mimicking personality: addresses, contact information, payment methods. Association by, for example, email between different accounts in the same store is a compromising attribute. (20:11:50) Payne: To summarize. Is it smart to protect yourself from collecting a number of fingerprints by disabling the JavaScript programming language in the browser with which they are extracted? no way out. In this case, many sites will cease to function correctly, and there is no need to talk about strict compliance with the template of a respectable buyer. (20:12:42) Payne: That's why camouflage is used, purposefully changing the components of prints: a device for User-Agent, plug-ins for the browser, fonts for the operating system, by this principle. Nevertheless, it is important not to upset the delicate balance, too unique settings will lead to recognition. (20:13:29) Payne: It’s ironic, but even prohibiting tracking in browser settings (doNotTrack) or disabling cookies are parameters that highlight the user in and of themselves. Add to this atypical fonts or plugins, and we already have the opposite effect, a recognizable fingerprint. (20:14:11) Payne: On the other hand, the antifraud system is a tool for forecasting risks, but the main task of any store is to securely receive and maximize profits. Stores are able to control algorithms so that the antifraud system does not respond to every “zilch”, substituting honest buyers with a hot hand. (20:15:02) Payne: For any reason, whether it is a low-risk assortment or maximizing profits, stores set their own combinations of rules and an acceptable threshold for anomalies in prints. So, individual checks may be absent, and errors may not be taken into account, for example, AudioContext or some blacklists, and on the contrary, somewhere they will poke on all fronts. (20:15:55) Payne: Examples of sites for checking the characteristics of an IP address and operating system (checkers): • whoer.net; • whatleaks.com; • browserleaks.com; • 2ip.ru/privacy/; • ip-score.com; • maxmind.com; • f.vision. Repeatedly checking proxyScore, riskScore, Black List indicators sometimes provokes IP address pollution, you should not overdo it. (20:16:41) Payne: Financial turnover. Cryptocurrencies are an integral part of the profession. Most accepted have passed the test of time and the community: Bitcoin, Ethereum, Litecoin. The use of cryptocurrencies is technically possible, perhaps better implemented or more profitable in terms of investments at your own peril and risk. (20:17:28) Payne: It is noteworthy that, contrary to popular belief about cryptocurrencies as a “anonymous” payment system, they do not give carte blanche in the matter of financial transactions, this is a myth. Anonymity is the inability to establish the source, but due to the availability of cryptocurrency transactions in open form, the source address is the source, which allows you to track the cash flow vector. (20:18:12) Payne: On closer inspection, the prerogative of cryptocurrencies is confidentiality, lack of personal data during registration and transactions. It is necessary to distinguish between “anonymity” and “confidentiality”, while not taking into account the carelessness of “medium-sized fish”. (20:18:47) Payne: You can confuse the tracks by regularly changing the sending and receiving addresses (provided by many wallets), passing funds through various exchangers, cryptocurrencies or mixers. Mixer - transaction anonymization service. In practice, the technology of crushing customer funds into small parts and subsequent mixing with parts of other customers. The choice of mixers and exchangers, based on reviews and reputation. (20:19:38) Payne: There are two types of cryptocurrency wallets: “hot” and “cold”. Hot - anyone who needs access to the Internet: exchanges, online wallets, exchangers. So, in fact, the funds are located on the servers, and the client only gets access to them? I recall the news about the loss of funds after hacking exchanges. (20:20:07) Payne: Cold? The concept of local storage, which does not require constant access to the Internet. Despite the vulnerability of hot to hacking, they are convenient for frequent and small transactions, and the idea of cold is to safely store funds. (20:20:47) Payne: Recommended Wallets: • Bitcoin Core; • Electrum; • Blockchain. It is worth emphasizing that dealing with cryptocurrencies leaves the probability of losing funds due to external factors: depreciation, hacking of the exchange, exchange fraud. (20:21:18) Payne: In relation to fiat currencies (USD, EUR, RUB, UAH and so on) and operations from official exchanges, wallets or exchangers, the incognito behavior model is applied. The history of customer actions is preserved, so IP addresses, personal information and device fingerprints should not be involved in the financial turnover process. (20:21:43) Payne: Instead, you can use: ? Virtual machines and SMS activation services. (20:22:16) Payne:? Wallets, exchanges, and credit card accounts for dummies (drops). They can block or steal, it’s better not to delay such funds and periodically replace them. The corresponding services for verifying accounts and selling cards are on the forum. (20:22:46) Payne:? Many exchangers conduct cash transactions. Courier services are suitable for both withdrawal and deposit. ? Terminals Entering pre-registered confidential wallets. (20:23:08) Payne: An informal rule of cooperation with users in this field of activity? Guarantor Service. Saves nerve cells and finances. (20:23:25) Payne: That's all. Optionally, a review of the lecture can be sent here: We pass to questions, put "?". (20:24:27) Serrwrtet: 1. What is the fingerprint of proxy services? How critical is using a Linux fingerprint proxy? 2. How critical is it to use socks without your own DNS? (20:26:20) Payne: 1. Specifically, there is no such imprint. But in the name of the provider may appear the trigger word "proxy" or in a passive fingerprint. About both points was in a lecture, more attentively. Too critical - uncritical if the antifraud system is not from the breed of the toughest. 2. It is uncritical for the same reason, but in this case it should either not be determined at all, or not be Russian or similarly suspicious. (20:26:31) bloomberg7: 1) what is the difference between tunnels and Soxes? 2) Is it true that the sphere burns with many antifrauds? 3) Does Anitfrod provide a site for Marchant? 4) A lot of user identification methods, how to deal with it and how to find out which what is the antifraud that pays attention to? 5) if you work with the logs, then you do not need to bathe with the settings, just copy everything that the victim has? (20:29:12) Payne: 1. The fact that these are different connection protocols. 2. Depends on the settings of the sphere itself; I repeat, there will be a lecture on antidetects, and ask there 3) Shops can both write their own and rent a third-party one, there is no definite answer. 4. How to deal is described in the prints themselves and in the quote: “That's why camouflage is used to purposefully change the components of the prints: a device for User-Agent, browser plug-ins, fonts for the operating system - by this principle. Nevertheless, it’s important not to break fragile balance, too unique settings will lead to recognition. ", - I repeat, more carefully. Also, there are antidetects, various kinds of remote accesses, emulators and so on. 5. Well, the victim may not have all the necessary data, also, something may leak somewhere, so I would not call the approach after the sleeves acceptable. (20:29:18) Rarka_: Where do I see DNS on the Sox or not and the second question is whether the macadress antifraud is burning (20:29:45) Payne: 1. I gave a list of sites to check the characteristics 2. Through the browser - no (20:30:00) id666: Payne: where is it better to buy a proxy? (price / quality ratio) and which type is better to use? (20:30:35) Payne: SOCKS5. Material stores near the end of training will be in the main working conference (20:31:18) macpru: What about contacting vendors from the forum thru telegram or jabber? Also best to use in virtual? (20:32:06) Payne: Yes and yes. Jabber better. Telegram only on fake number, in virtual. (20:32:55) id666: Payne: will there be a separate topic for logs? (20:33:23) Payne: id666 Specify in the list of lectures in the topic of training, I do not make a schedule, I can not say) (20:34:02) macpru: if one can always change virual within intervals of 6 months with the same system with every indentity change? (20:34:13) macpru: or does it all rely on the system? (20:34:20) ShadowConsult: will we touch on all of this from today's lecture in practice? When using a sphere, do you need a lot of settings, can you configure VPN and TP, or is it all generated in it? (20:34:59) macpru: i meant will identity change as you change your virtuals? (20:37:16) Payne: ShadowConsult and why not? With any drive, you will touch the fingerprints, depending on the antifraud system, somewhere more, somewhere less. As you gain experience and the number of maganizas, go through everything. Scope - browser, it does not generate IP-access as a VPN, and SOCKS / SSH. macpru Didn't get your question. How to change fingerprints? By change their details, like system to USER-AGENT or fonts to system. There is some fingerprints, based on computer and system configuration, so just reinstall virtual machine won't always help. Idk try to ask again in other words. (20:38:27) usbnet: I write again, for some reason the toad does not plow with the clipboard (20:38:33) usbnet: wanted to copy (20:38:52) macpru: I got the answer thank you. (20:39:11) bloomberg7: how to find out which of the merchants in the shop and which of the merchants is the weaker antifraud, because they are somehow classified? (20:39:33) bloomberg7: as I understand it through trial and error? (20:40:34) usbnet: 1. regarding the encryption of the machine, are there any differences in performance if you use a separate removable drive and the main hard drive? 2. At the beginning, the moment was mentioned about not disclosing any personal information, and not storing the data. Did you mention this when working through a virtual machine? after all, working with the virtual machine will not cause any problems, and draining data from the main OS (20:40:40) Payne: 1. In the future we’ll tell you, now the topic is to configure a virtual machine :) 2. At least the approximate stability of the antifraud system can be deduced purely logically: a ballpoint pen store will not have an Amazon antifraud system, like Amazon or any other world-famous store with thousands of purchases per day, it will not have an antifraud store with socks; more details - experience, of course. (20:40:47) Payne: This is the answer of bloomberg7 (20:42:07) Payne: usbnet 1. If, for example, a removable SSD, and the main HDD - differences in speed. In short, it depends on the drives themselves, the principal ones do not. 2. It is always relevant in this field of activity. Outside of her, it’s a personal matter. (20:42:20) id666: Payne: will we get detailed step-by-step instructions for setting up a working PC in the future, or will we have to shovel, think out and read everything ourselves? (20:43:29) usbnet: 3. And which option is the best for encryption, in the main conference there are 4 encryption options, which is better to choose for someone who just at the beginning (at the moment I encrypted the main OS and the whole drive) (20:43:47) net23: I have a virtual activation key asking where to get it? (20:44:07) Payne: No need to think through anything, everything has already been voiced. But if this answer did not suit you, I will say this: we do not provide step-by-step instructions from the category "how to install a browser" or "how to install an operating system." Examine the information, understand the essence of the terminology - understand the principles of work. According to the functionality of some leadership programs, there is in the main working conference, the rest is just surfing, you can say. (20:45:14) Payne: usbnet That at the moment is enough. The best, in my humble opinion, encrypted external drive. net23 KMSAuto activator, for example. (20:45:19) Rarka_: The question about ports was raised, I don’t really care where I look at them in ip (20:45:38) Payne: Sites for checking the characteristics of the IP address and system were given in the lecture on them. (20:46:16) stic_: Question about AudioContext Fingerprint, I haven’t heard about it before, so I’m wondering if you need to install Virtual Audio Cable ”or an analogue and on the basis of and on the virtual machine where will we drive it from? (20:46:46) stic_: based on additional security when surfing, for example (20:47:50) Payne: No, not to be fired, but to change. To put there - from where the network is connected, go out from the virtual - and put it on it. This is not the most popular fingerprinting system, so you should not go in cycles. And on the basis of security, an extension to the browser will be sufficient, generating a fingerprint at random. (20:50:28) Kto-to: The sphere, as it were, separates the data from my computer and the data that is in the sphere (20:51:40) Payne: It’s as if generating new, but the idea is in the right direction. The sphere is antidetect, now the lecture is not about that and in the future a whole lecture will be reserved for antidetects, more details there. (20:51:57) Payne: Now I definitely say goodbye. All the best.
  8. Lecture # 4 Introduction to Security 01/17/2020 Lecturer: crowe [19:20:34] <crowe> I apologize for the delay! Today we will conduct a lecture in the rhythm that is familiar to you. Then I answer your questions. [19:20:56] <crowe> ==================================== [19:21:01] <crowe> ## Introduction to security [19:21:16] <crowe> I will try to explain in simple language how you can theoretically be hacked. I will manage without complicated terms for ordinary users of the lecture. I will also give you a colorful idea of hacking the operating system, and more advanced users will read technical information between the lines. [19:21:30] <crowe> I believe that a user of any operating system, and especially those who are involved in this work, needs to understand that professional viruses are not an executable file that has been renamed to a document and asks you to run (stiller or warrior). And not always blocking macros will prevent an attacker from executing code on your system. [19:22:30] <crowe> I myself use various OSes, from Windows to Linux, and have long been no longer a supporter of such holivars, which I will analyze a bit later on the example with MacBooks). [19:23:10] <crowe> I work on Linux, but sometimes use Windows. Further, there will be a lot of negativity about Linux, but it is not associated with any fanatical beliefs, I just want to objectively tell and convince you that it doesn’t matter what operating system you use - they can crack you everywhere. [19:23:21] <crowe> Remember my words with which I completed the articles on Encryption, namely in the Epilogue .. [19:23:29] <crowe> Security is the so-called weak link phenomenon. It is as strong as the weakest link in the chain. Strong encryption is often a strong link. [19:23:35] <crowe> As human beings, we are usually a weak link. As they say, my tongue is my enemy. [19:23:40] <crowe> Your choice of operating system is important to your security, privacy and anonymity. Different operating systems are suitable for different needs. [19:23:44] <crowe> For example, to draw graphics for you, I need to leave Linux on Windows since I need Photoshop and other graphic editors, we’ll talk more about that. But I think the basic message of the information is clear. [19:23:51] <crowe> The purpose of this section is to help you understand this difficult situation. Answer the questions: which operating system is suitable for your requirements based on risks and why you want to use it, for a specific situation, for specific requirements. [19:23:58] <crowe> It's like at school, to teach you how to orient yourself on the ground, it's exactly the same here, since your paranoia will not bring you to good. After all, without knowledge you can only make it worse .. [19:24:06] <crowe> Promise and clarity [19:24:20] <crowe> Let's talk about our choice of operating system and how it affects your security, because the operating system is the real basis of your security. [19:24:29] <crowe> There are many misconceptions when it comes to operating systems and security. You have probably heard, for example, that MacBooks cannot be infected with viruses. [19:24:37] <crowe> Also, many people constantly discuss how much a holey Windows operating system can be argued for years, but I wonder how safe Linux is? [19:26:23] <crowe> And there are people, let's call their Linux camp, who think that Linux is the best operating system. If you ask fans of Linux, and if you have an antivirus, then the answer will be only laughter. [19:26:32] <crowe> The argument is that Linux was created by professionals, and everything is protected by default (standard). Here we plant our beloved dog for Ubuntu and you can not worry about its data. [19:26:38] <crowe> In general, there are two things that are endless, the universe and the fools. Everything is clear with the universe, but what about the latter? Here's how to explain to various Windows users that you cannot work without anti-virus protection? And how to explain to the creators of MEGA Information Security Systems (antiviruses in the common people) that you cannot protect yourself from hacking by an access matrix (this is when they block reading or writing of certain files, that is, access control) and that hacking is not always: “Threat detected: autorun process .exe, trying to write to the system registry branch. " [19:26:43] <crowe> Your security looks good only in theory. Suppose you are the same Ubuntu user, you install this OS on the PC of your beloved dog Bob. Then many say the following - if Bob receives myDocument.docx message to Bob, then even if it turns out to be an executable file, and he starts it according to the instructions, then nothing will happen - after all, for most actions, you need the root password (administrator password in the sense). Are you seriously? Are you defending yourself from the invasion of the elementary school? Or, after all, from attackers who are members of criminal gangs, control large financial flows and simply mow loot on their brothers? [19:26:52] <crowe> This is a reference to those users who use and blindly believe in Information Security Tools (SES) or those courses that were taught to them in textbooks on Information Security (IS). [19:27:01] <crowe> Once upon a time, when Linux was just in its infancy, its users were mostly professionals. But over time, distributions convenient for the simple user appeared and the number of housewife users began to grow. And what does any housewife do? That's right, he makes Internet payments, and wherever the money flies there, like bees to a swarm of different scum who wants to fix his finances for free. 90% of housewives use Windows - and viruses are developed for this operating system, and only at least 20-30% of housewives will switch to Linux, then big finances for the development of malware will immediately pour in. And reports from antivirus companies show a slow but increasing number of such programs. [19:27:11] <crowe> Okay, back to Bob, the only reason you don’t worry about your safety is that developing a Trojan under its OS is unprofitable. And here it is - economically disadvantageous, the possible income of the attackers will be less than the costs. How long this will continue is a big question. [19:27:29] <crowe> But still, technically, how possible is it that Bob is hacked and the data is gone? If Bob’s security hobby is that nobody needs him and the viruses for his OS are not yet written, then this is a game of Russian roulette. [19:27:41] <crowe> Alice, Bob’s girlfriend, knows that Bob’s account has a tidy amount of coins (BEETHOVENY)))), the key rests on Pinocchio’s PC, and together with Pinocchio they decided to figure it out for two. What they need for this: a small start-up capital, direct hands of Pinocchio and a little courage. [19:28:00] <crowe> Alice knows that Bob is using Ubuntu 14 LTS. How does Bob hack the process? He, like most users, believes that Alice will send him an e-mail file with an attachment that he will be asked to launch and since he considers himself a specialist in the PC field and he will not start the file, then of course his data is safe! [19:28:11] <crowe> Mnogohodovochka from Pedro [19:28:19] <crowe> Then Alice goes to some nameless and shadow resource and buys from Pedro a vulnerability to Bob’s favorite browser for the Nth amount of forever green. Pedro not only provides Alice with technical information about the vulnerability, but also sends an example for Pinocchio (Alice’s accomplice). [19:28:25] <crowe> https://imgur.com/a/YMCfx [19:28:36] <crowe> The vulnerability Alice receives is a zero-day vulnerability in Google Chrome. For example, open holes CVE-2015-1233 or CVE-2014-3177, CVE-2014-3176, CVE-2013-6658 (see screenshots above) and how many are not closed yet and are known only in limited circles - a big question . (we will analyze in more detail later). [19:28:47] <crowe> see the link above (screenshots where) [19:29:01] <crowe> Take your time, take the time to look normally [19:29:24] <crowe> As can be seen from the description of vulnerabilities (see screenshots above), Alice can execute code in the context of the process and it will work not only on Windows, but also on Linux and Mac OS. Vulnerabilities are taken as an example randomly. Once again, these are BROWSER vulnerabilities. [19:29:39] <crowe> Pinocchio composes a script (JS - Java Script) and writes there a shell code (a set of lines that are written on the command line), which should be executed on the target system - Bob’s PC. To do this, he needs to somehow pass the link. The first option with mail Alice and Pinocchio immediately dismissed - Bob is a cautious user and does not open links from the mail. Then they decided to improvise a bit. They know that Bob is an ordinary person and does not suffer from paranoia ... Okay, in short, it’s not the point, for simplicity, Bob just clicked on the link - Alice persuaded, there was a gasket, or what kind of crap is not important. In general, he switched. [19:29:52] <crowe> After Bob visited the link in the context of his browser process, a small code was executed that wrote Pinocchio - just a few commands that later downloaded the virus body and went into its execution. But what about. Bob is sure that Alice just shows him her photos, no files are downloaded to the disk, there are no warnings, no one asks for passwords from root. [19:30:05] <crowe> We increase privileges [19:30:16] <crowe> After the development of Pinocchio began to carry out its first instructions on Bob's processor, the question arose, what to do next? In Bob’s theory, even if an infection occurs, he won’t be anything, Bob set up a complex password for root access, and suddenly he won’t enter it at any cost. [19:30:23] <crowe> Pinocchio and Alice foresaw such a question and resolved it in advance. The same Pedro told them that he had a couple of zero-day vulnerabilities in the Linux kernel, like the latest vulnerabilities in the kernel version 3.17 and 3.14 - CVE-2014-9322, CVE-2014-3153. [19:30:30] <crowe> Having read the description of vulnerabilities, Pinocchio realized that they would allow him to execute code in the context of Bob’s kernel. And all he needs is for his malicious application to take advantage of these fresh holes and execute the code in ring-0. [19:30:41] <crowe> While Bob suspects Alice’s unsuspecting photos, Pinocchio’s code has already seriously intruded into his system’s expanses and neither the antivirus (it simply doesn’t exist) nor anything else can even display a message about intrusion. Since Pinocchio decided not to stop there, he went on. Once at the lowest level of Bob’s OS, where only trusted code is supposed to be executed, Pinocchio began searching for the file that is responsible for running the OS. As soon as the Pinocchio software found this file, it modifies it so that when the Bob's PC restarts, the Pinocchio code continues to be executed. [19:30:52] <crowe> Rootkit (in Russian, "rootkit") - a program or a set of programs to hide traces of the presence of an attacker or malicious program in the system. [19:31:05] <crowe> And so Pinocchio and Alice got access to Pinocchio's PC running Linux, but how can they hide their presence? Bob is not a fool and every 5 minutes they will check the integrity of the OS system files. For this, Pinocchio decided that they would rewrite the code of the operating system itself, which is loaded into Bob’s PC memory, but how? After all, if you carry out the same actions on Windows, then one small system component will detect this and force restart the PC. [19:31:28] <crowe> Bob is not worried about his safety - after all, even if the malicious code is executed in the kernel, then in the latest versions of the Linux kernel, system memory areas are write-protected. Even if Pinocchio tries to rewrite the OS code in RAM, the processor will give an error and the PC will reboot. [19:31:37] <crowe> of course [19:31:39] <crowe> We can [19:32:46] <crowe> Then Pinocchio opened the documentation for the processor, which is on Bob’s PC and began to study ... He knows that the architecture of the processor is Bob x86, but what does it give? After all, the necessary pages in the kernel have write protection. Then Pinocchio drew attention to the register cr0 - a small memory block in which data is stored with which the processor works. And what will happen if I set the 16th bit to zero, quickly overwrite the necessary kernel methods and immediately restore the register - Pinocchio thought. And so he did, as it turned out if you reset this bit to zero, then write protection can be temporarily disabled. [19:32:58] <crowe> In this way Pinocchio gained full control over Bob’s OS, but then they found and fixed the vulnerability, but the code that entered this way in Bob’s OS could not be found. Every minute integrity control shows that not a single file in the system is changed - the Pinocchio program simply replaces it when reading. There are no new processes - the malicious process is simply hidden and if there are solutions on another OS that have been discovering such techniques for a long time, then this is not the case under Bob's OS. [19:33:14] <crowe> In general, the conclusion, Alice and Pinocchio took pity on Bob ... and deleted all his files. Oh well, seriously, never be so fanatically confident about anything. I tried to state the essence of the problem in a light form and without technical terms. [19:33:27] <crowe> Epilogue [19:33:37] <crowe> I wanted to show simple principles with this simple story. How does all this happen, that it is necessary to clearly separate virtualization and use it, because virtualization is another large-scale thing in your security setting. We will come back to this. [19:33:46] <crowe> That is, do not try to surf any resources on your PC, open suspicious links and download any unnecessary software, and it’s still not clear where to carefully approach your security issues regarding JS and include it on trusted resources and more. [19:34:00] <crowe> But as I promised earlier, I will not nightmare you. Typically, such vulnerabilities cost a lot of money, and the fact that it’s you who are hacked is reduced, while they are interested in you, the probability is extremely small. [19:34:15] <crowe> Risk Assessment [19:34:32] <crowe> In this part of the article, I would like to visually make some kind of risk assessment based on these points so that you can do it yourself as well. without any special skills, purely by its logic. We knowingly in the previous article abstracted and analyzed vulnerabilities, penetration modeling and other points. [19:35:02] <crowe> But why ask you .. Why did I tell you now about this, and the fact that not only the safety features matter. We worry about what our real risk is in the real world, and to determine it, we also need to take into account the history of bugs and security vulnerabilities. How weak, in fact, was a particular operating system? Perhaps you are interested in the question, which of the operating systems will we consider the weakest? Windows, OS X, or various Linux systems, perhaps the Linux kernel, which of them was the most vulnerable in history? [19:35:22] <crowe> https://www.cvedetails.com is a free database / source of information about CVE vulnerabilities (This is a generally accepted standard for naming vulnerabilities present in commercial and open-source software products). You can view vulnerability information by CVE number, exploits, vulnerability links, metasplit modules, a complete list of vulnerable products and cvss assessment reports and vulnerability tops over time, and much more. [19:35:38] <crowe> Let's try to work with this site. First, we will go to this page of the site - https://www.cvedetails.com/top-50-products.php - here is a list: “Top 50 products by the total number of vulnerable vulnerabilities” (from 1999 to the present) . [19:35:55] <crowe> And as we can see on the first line we have Linux Kernel - speaking in Russian. This is the Linux Kernel, as we see it takes the first line in terms of quantity .. And you probably ask what the hell? Linux you should be a standard. [19:37:30] <crowe> Okay, let's figure it out! The numbers that are shown in the right column are the number of vulnerabilities found in a particular operating system or application. [19:37:40] <crowe> https://i.imgur.com/yz6dmcX.png [19:37:49] <crowe> https://i.imgur.com/LhiTLgC.png [19:38:03] <crowe> There is a difference of 3 months between the data in the screenshots [19:38:18] <crowe> And so it will be further [19:38:35] <crowe> Let's go down to the bottom of the web page. We see there the following “Total number of vulnerabilities of 50 products by manufacturers” (see screenshots above). [19:39:05] <crowe> And as we can see Linux is no longer on the first line, but you say that Windows (Microsoft) is constantly updated, and it has a bunch of products on the Office market and other programs, and Apple has different versions of the operating system and their nuances too .. [19:39:25] <crowe> Yes, that's right. All of you will be right, but Linux has a bunch of everything ... Let's take a closer look at the specifics of this use. [19:39:41] <crowe> I want to teach you self-analysis. And the best way is to teach at least the base, just so that you start thinking with your head, and not the head of some school hacker, who are now divorced and who want to sell something without knowing the niche itself and the many moments that flow from it. [19:39:58] <crowe> Okay, we won’t be very abstruse, it’s better to sort it out in practice, and there I think you yourself will understand what I want to tell you about. [19:40:12] <crowe> Go to the page https://www.cvedetails.com/vendor.php?vendor_id=33 - this page shows Linux Vulnerability Statistics [19:40:22] <crowe> https://i.imgur.com/eYcMyc6.png [19:40:31] <crowe> https://i.imgur.com/r8bDjUF.png [19:40:45] <crowe> Let's get to know the first thing you should pay attention to (see screenshots above). [19:41:00] <crowe> 1. The number of vulnerabilities by year [19:41:17] <crowe> 2. Vulnerabilities by type [19:41:48] <crowe> Now you need to make out which parameters you should pay attention to: [19:42:08] <crowe> The first thing we should pay attention to is the number of vulnerabilities by years (figure 1), as we can see that every year there is a trend towards increased vulnerability detection; [19:42:24] <crowe> The second thing we should pay attention to is the degree of danger of vulnerabilities (figure 2), as we can see serious here are the execution of the code (Execute Code) and the buffer overflow (Overflow). [19:42:41] <crowe> Red and orange [19:42:55] <crowe> • The red column is the execution of code on the client side without his knowledge, I think no need to tell what is fraught. [19:43:06] <crowe> • The orange column is a buffer overflow, ie this refers to a phenomenon that occurs when a computer program writes data outside of a buffer allocated in memory. It is fraught with the fact that an increase in the level of privileges and a whole bunch more .. You can read more at https://ru.wikipedia.org/wiki/Buffer_Fill [19:43:15] <crowe> https://i.imgur.com/ilfcwll.png [19:43:29] <crowe> https://i.imgur.com/Ny4goay.png [19:43:43] <crowe> And for the sake of completeness, we can go a little higher and see a table with vulnerability trends over time (see screenshots above) based on structured data, we can easily analyze, since we see data ranking according to the time cycle (year) and also according to the degree of danger of the ulcers (these are columns). [19:44:01] <crowe> As we see in the first screenshot for October 2017, it was found: 166 potentially dangerous vulnerabilities in code execution (number 1) and 37 potentially dangerous vulnerabilities in overflow (number 2); [19:44:51] <crowe> Then, when 2017 is over, we see the following statistics: 169 vulnerabilities in code execution and 42 in buffer overflows. [19:45:11] <crowe> A little remark, I just update the training and on this I can make such statistics, in fact you do not need to wait 3 months, you can compare by years. I just thought that it would be nice to give such statistics, but not to delete the old one. [19:45:28] <crowe> https://i.imgur.com/yYYTnra.png [19:45:45] <crowe> https://i.imgur.com/JjAUSS3.png [19:45:59] <crowe> Detailed vulnerability statistics: 1st code execution and 2nd buffer overflow [19:46:10] <crowe> You can also click on these numbers and see detailed statistics on vulnerabilities (see screenshots above). [19:46:19] <crowe> Developer Analysis [19:46:33] <crowe> Now we have a small picture of how everything works, we analyzed it on the basis of Linux, but several candidates are required for analysis. Now I will consider in a brief capacious form on the example of 3 main developers, namely: [19:46:47] <crowe> • Linux [19:47:05] <crowe> • Microsoft [19:47:35] <crowe> • Apple [19:47:55] <crowe> https://i.imgur.com/LhiTLgC.png [19:48:12] <crowe> we took this screenshot at the beginning [19:48:29] <crowe> As we can see (see the screenshot above) in the general vulnerability statistics for all products: [19:48:43] <crowe> • Microsoft - 8938 vulnerabilities; [19:48:52] <crowe> • Apple - 5408 vulnerabilities; [19:49:09] <crowe> • Linux Kernel - 2000 vulnerabilities. [19:49:20] <crowe> https://i.imgur.com/Ny4goay.png [19:49:27] <crowe> https://i.imgur.com/oep1hkM.png [19:49:34] <crowe> https://i.imgur.com/6GUuyXq.png [19:49:45] <crowe> top to bottom: Microsoft, Apple, Linux [19:49:57] <crowe> https://i.imgur.com/ESqV1dc.png [19:50:10] <crowe> To make it easier for you to open and read [19:50:34] <crowe> For a better understanding, it will give information just like that .. [19:50:49] <crowe> https://i.imgur.com/6uNE2SP.png [19:51:02] <crowe> https://i.imgur.com/SgrbSMH.png [19:51:15] <crowe> Here it will be easier on the screenshot [19:51:26] <crowe> Let's look at some of these beliefs based on facts and statistics, and find out what we’ll actually come to when it comes to the security of these operating systems. [19:51:34] <crowe> So, 1st, we will be disassembling Windows, how much a holey Windows operating system can be argued for years. Actually, as I said earlier ... It is enough to look at the statistics previously described and that red light should light up in your consciousness that would signal you. [19:51:41] <crowe> But statistics are statistics, but let's see why. She initially had a weak security system .. It is worth giving her credit. In later versions of Microsoft operating systems, they began to take security issues seriously. [19:51:52] <crowe> And taking into account the latest products, the latest security features such as: BitLocker, EMET, Device Guard, Windows Hello and trusted Windows applications trusted apps, now there is a very serious set of security features. [19:52:03] <crowe> But is this really so? In general, I agree that the security of Windows operating systems is gradually improving, but this is not enough, and even more so for us. [19:52:16] <crowe> In these operating systems, everything is closely interconnected with Microsoft servers, all your actions in the system are reported to Microsoft servers by strings, Windows also fail, especially in the current version of Windows 10, problems associated with surveillance and confidentiality, this is not particularly related to security tools, but it pushes some people away what to say about us .. [19:52:40] <crowe> I would recommend reading this article: so you can look at the picture as a whole from the side. [19:52:55] <crowe> Important point: If you read the license agreement from Microsoft that comes with every Windows operating system, you will see that they will give your encryption key from BitLocker on the first call from law enforcement, and this will queue stumbles upon the idea, what the hell is Windows ?! Why are you storing my encryption passwords on your servers, what the hell. [19:53:08] <crowe> The fact is that by “ticking” the license agreement with Microsoft, users give corporations the right to manage their data. “We can access, disclose and store for ourselves your personal data, including any content, any files on your devices, in your letters and in other types of personal communications, if we have reason to consider it necessary to protect our customers or to comply conditions governing the use of our services ”- reads the license agreement. [19:53:22] <crowe> In other words, everything you say on the Web, write, save, create or download on your computer or any other device with Win 10, all this can be remotely deleted or copied from you - if someone at Microsoft decides that they need it. That is, under the terms of Microsoft’s EULA, even the authorization of the authorities is not required to interfere with and control the privacy of customers! [19:53:32] <crowe> Only enough permissions when installing OC from users who are too lazy to read the full license agreement. [19:53:40] <crowe> As I said, I will not disassemble Windows, my goal is to provide you with information so that you can see it and make some kind of comparative visual analysis. [19:53:47] <crowe> Most likely I will write an article about it shortly, and then I will refer to it ... It will be published in my section. If I find time for this ... [19:53:58] <crowe> Mac OS X [19:54:09] <crowe> Next we have it, Mac OS X, for today, again, like Windows, it contains reliable security features. Things like randomization of address space allocation, sandbox for launching applications, FileVault 2, privacy settings and Apple's trusted application store (AppStore). All strong security features. [19:54:23] <crowe> But if not for one “BUT” Mac OS X also has privacy issues [19:54:46] <crowe> If you upgraded to Mac OS X Yosemite (10.10), and you use the default settings, every time you start entering Spotlight (to open an application or find a file on your computer), local search terms and location that are sent to Apple and third parties (including Microsoft) (see screenshot https://puu.sh/xTGkj/dbe1f88d3e.png). [19:55:02] <crowe> The Washington Post also posted a Yosemite live video tracking demo. [19:55:15] <crowe> Let's open it https://www.washingtonpost.com/posttv/business/technology/how-apples-os-x-yosemite-tracks-you/2014/10/22/66df4386 -59f1-11e4-9d6c-756a229d8b18_video.html I want to add right away, if anyone is bad with English and with understanding, do not try to translate, then we will analyze everything in parts [19:55:28] <crowe> By the way the other day about poppy also came out info about hacking is not very good news, I did not prepare a text for it, but google for 2 times [19:55:39] <crowe> Let's take a look at this video, and whoever has a bad English will try to make out all the key points that you just watched. [19:55:46] <crowe> 1. For example, a simple Spotlight search output, a tool for finding files on your operating system, now transfers your location and the names of the files you are looking for to Apple on an ongoing basis. You may notice that your location is transferred to Apple even though you do not see the corresponding notification icon. They decided to withhold this notification under the pretext that users would be overloaded with too many notification messages. This means that if you agreed to use geolocation services, then you also agreed to transfer information about your location to Apple (see screenshot https://puu.sh/xTGyC/11d372083a.jpg) [19:55:53] <crowe> Let's open the .gif animation (https://puu.sh/xTGZQ/58a24bfd28.gif) and analyze it [19:56:04] <crowe> You may notice that data begins to be sent before you type, just as you press keys, that is, when I type, text is also sent)) [19:56:15] <crowe> As we can see, the author of the video says: “I’m looking for a document on my computer called“ secret plans that Obama leaked to me ”, and Apple receives information about this together with my location and user ID, which is a unique string of letters and numbers used for my identification. Apple tells us that this value changes every 15 minutes, but we have to believe that the new value does not bind to the previous one. Again, they get information about our location, and as the author shows, that he really is in the Washington Post office, based on the transmitted coordinates. [19:56:29] <crowe> Okay, let's quickly talk about how we can turn off these things with surveillance [19:56:52] <crowe> To disable these things, we first need to go to System Preferences> Spotlight (https://puu.sh/xTJ6F/e59027c2cd.png), we see in the screenshot all the places where Spotlight looks in order to search for you. This can be very helpful. However, this may be a privacy issue, as you can see. I would recommend disabling everything, but if you need something you can of course leave it. [19:57:08] <crowe> If you use Safari, then you need to disable the following, click Safari> Preferences> Search and uncheck the Include Spotlight Suggestions checkbox (see the screenshot https://puu.sh/xTJ2m/dcb32d4c13. png) [19:57:43] <crowe> There is also a good guide here, a link of karoch, it contains a lot of information about privacy issues in Mac OS X. More specifically, the site certificate has expired and the project seems to be dying. But if anyone has an old axis, you can deal with this problem, so I think it’s inappropriate to write about it [19:57:45] <crowe> https://github.com/drduh/macOS-Security-and-Privacy-Guide [19:57:57] <crowe> Next, we have Linux-like operating systems, the very foundation of our course. Please read this article before reading further [19:58:15] <crowe> In your case, I gave it yesterday, but today I’ll repeat all the links in principle on DZ so do not worry guys [19:58:16] <crowe> :) [19:58:36] <crowe> Linux-like operating systems, Unix-like operating systems. There is a wide variety of them; I group them all into one category. If you are looking for the most secure operating systems, then you will find them here, more precisely it will even say ONLY here. [19:58:47] <crowe> Things like SELinux are a good example of this, it is an implementation of Delimited Mandatory Access Control - MAC, which meets the requirements of the government and the military. [19:58:55] <crowe> Definition: Mandatory access control (MAC) - restriction of subjects' access to objects, based on assigning a confidentiality label for the information contained in objects and issuing official permissions (admission) subjects to access information of this level of confidentiality. Also sometimes translated as Forced Access Control. This is a method that combines protection and restriction of rights, applied to computer processes, data and system devices and designed to prevent their unwanted use. [19:59:02] <crowe> SELinux (SELinux) is a kernel-level access control system. This is not so much an important point for you to focus on this point. [19:59:13] <crowe> We will analyze more standard operating systems: Ubuntu, Debian, Fedora, Arch Linux, Tails, etc. - again, they all have fairly reliable security features. [19:59:24] <crowe> When we look at Windows, Mac OS X, and Linux, they are all in similar conditions. [19:59:37] <crowe> But when it comes to their existing security features and capabilities. When we add privacy to our security kit, we need to start looking at Linux distributions. [20:00:01] <crowe> I would recommend using Linux distributions for security, but you will have to sacrifice interoperability and usability. For example, you will not be able to use Photoshop or Microsoft Office, although this can be solved with the help of “wine” - what it is you can watch on YouTube, or maybe I will analyze it in this course. I don’t know, it takes a lot of time to write, a lot of disastrous .. [20:00:16] <crowe> In a nutshell, if you don’t know, there are many, many operating systems that have evolved in a certain way since the mid-1960s from an operating system called UNIX (it was headed by a paid system for corporations, etc.) [20:00:36] <crowe> I promised to give you a list of operating systems when I said that it’s worth choosing systems that have money to quickly eliminate vulnerabilities, here you can see clearly how many Linux distributions are and from whom they came from: [20:00:50] <crowe> Just look at how many operating systems are based on Debian, now you can return to the statistics that we did on the analysis earlier, and look at it slightly from a different angle. [20:01:00] <crowe> To do this, open: https://upload.wikimedia.org/wikipedia/commons/1/1b/Linux_Distribution_Timeline.svg - plus of this link is that it is a * .SVG format, therefore you You can search for this genealogical tree via Ctrl + F directly in the browser; [20:01:09] <crowe> Just look at how many operating systems are based on Debian, now you can return to the statistics that we did on the analysis earlier, and look at it slightly from a different angle. [20:01:23] <crowe> Minutes 3 you can poke to see where everything comes from an important moment analysis in detail then read more [20:01:38] <crowe> Here you will see that mainly distros have a so-called chassis, or rather not a chassis, you forget to forget this is my connector ... of course, it’s more like a carcass without casing .. something like that .. So here it is all have one and the main non-existent [20:01:55] <crowe> also in Linux .. red hut, debian, arch .. they are basic as you can see [20:02:25] <crowe> and from them everything develops in general look carefully poke then go read on [20:02:45] <crowe> At least take a basic look at some distributions you know and their parents, so to speak [20:03:02] <crowe> how it works [20:03:19] <crowe> Okay .. We’re going further [20:03:33] <crowe> I would recommend using distributions based on Debian - Debian, Kali Linux, Parrot OS, as well as Fedora, Arch Linux [20:03:43] <crowe> At the end there will be a list with a bunch of distributors for Debian and in the same place with a little remark [20:03:53] <crowe> Let's talk a little about these operating systems [20:04:07] <crowe> As you already noticed when you became acquainted with * .SVG infographics above, the 2 main communities are Debian and RedHat, there are also a bunch of others, but as I said earlier: "if if you have a lesser-known Linux or Unix-like operating system, you may find that patching is slower because they are not backed by huge multibillion-dollar corporations where all patches are on stream. " [20:04:21] <crowe> The same goes for the community support and so on ... [20:04:39] <crowe> Fedora Linux is a Linux distribution with one of the largest user communities, among other distributions. But it is not as popular as Debian. There is a perception among users that Fedora is difficult to use and configure. [20:05:09] <crowe> A significant plus of this system is that Fedora is only free software. The Linux operating system is very often regarded as free software. But this is not 100% true. Although most of the programs you use are free, some drivers and firmware are closed source. There are also open source components, but with a limited license, such as media codecs. [20:05:29] <crowe> At the very beginning of the Linux section, I asked you to familiarize yourself with the article that described security issues and proprietary software, specifically for this reference. [20:05:46] <crowe> Distribution developers determine how often their users will come in contact with proprietary software. They may include media codecs, video card drivers and network adapters, as well as additional modules, such as Adobe Flash, in the distribution kit. This will help users listen to music, play games and browse the web, but this is not free software. [20:06:03] <crowe> Fedora takes a principled stand on this issue. This helps to avoid lawsuits against Red Hat. Non-free software is simply not allowed in the repository. The distribution kit will not stop you from installing such programs, but it will not help either. You will have to use third-party repositories, such as RPM Fusion. This is one of the reasons why Fedora is considered difficult. But adding a repository to the system is a matter of several minutes. [20:06:17] <crowe> But such articles, https://habrahabr.ru/post/337290, are of course a little misleading .. Since before, non-commercial products, as far as I remember, did not fall under such prohibitions. Although the Fedora Project is sponsored by Red Riding Hood to develop new technologies, it is a non-profit structure and does not derive profit from its activities, as I understand it. Strange is all. [20:06:27] <crowe> You can record it at home too [20:06:36] <crowe> Arch Linux is an independently developed Linux distribution optimized for i686 and x86 / 64 architectures, aimed at experienced Linux users. [20:06:50] <crowe> In general, you need to be a competent user to use this system, you need to be aware of this in advance. She uses Pacman, a proprietary package manager from the creator of Arch Linux. Pacman provides the installation of current updates with full control of package dependencies, working on a system of floating releases or rolling releases. Arch can be installed from a disk image or from an FTP server. [20:07:05] <crowe> I’ll explain the package manager / repository - it’s like the App Store or Google Play from where you can download and install the application or program you need in 2 clicks. [20:07:22] <crowe> The default installation process provides a solid foundation for users to create a custom installation. In addition, the Arch Build System (ABS) utility provided the ability to easily build new packages, modify the configuration of stock packages, and share these packages with other users through the Arch User Repository. This is a lightweight Linux distribution. It installs primarily freeware and open source software and software from the community-supported AUR repository. [20:07:52] <crowe> Ubuntu - To dismiss this question, I’ll say right away that Ubuntu sends your data to 3 parties without your consent. [20:08:12] <crowe> If you are a Ubuntu user and you use the default settings, every time you start entering Dash (to open the application or find a file on your computer), your search terms are sent to various three people, some of which advertise you. [20:08:29] <crowe> By the way, you can recall the situation about Windows that decided to give out WIndows 10 for free, but in the end it collects all the data supposedly for advertising, that is, all your personal information, etc. In general, I do not want to repeat myself for this reason, since the bias is more precisely not towards her, I already talked enough to think about her. If you want more information on this system, at least check out the WIndows License Agreement. And your eye will begin to twitch) [20:08:46] <crowe> To your Ubuntu account, to prevent sending data to third parties, you need to follow a series of instructions on this site https://fixubuntu.com/ follow the instructions here, it shows how to change the necessary settings . Earlier, we looked at a similar situation using Mac OS X as an example. [20:09:00] <crowe> However, in any case, I do not recommend Ubuntu, I only bring this to your interest if it so happens that you use this system. Ubuntu is better for privacy and anonymity than Windows or Mac OS X. I recommend Ubuntu to people who have no Linux experience and who think that the above distributions are too complicated to learn. [20:09:10] <crowe> There are Ubuntu Mate forks there, sort of fixed [20:09:19] <crowe> Debian is a Linux-based operating system, it is a Linux distribution. It consists entirely of free, open source software, most of which is under the GNU General Public License. [20:09:33] <crowe> The Debian distribution contains over 51,000 packages of compiled programs that are packaged in a great format for easy installation on your machine. All of them are free. It looks like a tower. At the base is the kernel, above it are the main tools, then all the programs that you run on the computer. At the top of this tower is Debian, carefully organizing and putting it all together so that all components can work together. [20:09:48] <crowe> With this approach, your system will not knock on Microsoft home servers. [20:10:05] <crowe> Tails is a Debian-based Linux distribution designed to ensure privacy and anonymity. It is a continuation of the development of the Incognito OS. All outgoing connections are wrapped in an anonymous Tor network, and all non-anonymous connections are blocked. The system is designed to boot from LiveCD or LiveUSB and does not leave marks on the machine where it was used. The Tor project is the main sponsor of TAILS. The operating system was recommended for use by the Free Press Foundation and was also used by Edward Snowden to expose PRISM. [20:10:36] <crowe> Use it only for surf, for example, surf is a communication browser, etc. that is, one-time rides like surfing and mustache [20:10:56] <crowe> ride = chatted = looked [20:11:13] <crowe> Since you get fucked with him sho mama don’t grieve your ass will burn like hellish hell [20:11:30] <crowe> For example, they came somewhere to stick a USB flash drive from their OS, surfed, pulled out everything [20:11:44] <crowe> Kali Linux - GNU / Linux-LiveCD, which emerged as a result of the merger of WHAX and Auditor Security Collection. The project was created by Mati Aharoni (Mati Aharoni) and Max Moser (Max Moser). Designed primarily for safety testing. [20:11:54] <crowe> The predecessor of Kali was BackTrack, created on the basis of several linux distributions. Originally intended for use on the Slackware OS, then it smoothly switched to Ubuntu. After the basis became Debian. [20:12:04] <crowe> Parrot OS - A growing sesurity distribution based on Debian-linux. Pretty easy to learn, suitable for both beginners and professionals. This distribution is aimed at both penetration testing and anonymous work on the Internet. [20:12:18] <crowe> A fairly easy and effective tool, many security experts found in it a replacement for the increasingly "gluttonous" Kali, especially since Parrot uses Kali repositories for updates. Uses MATE graphical dummy and LightDM display manager. Lecture # 4 Introduction to Security Based on * unix-Like Systems [20:12:32] <crowe> In terms of functionality, it is similar to Kali Linux, here, too, a huge amount of special software for security testing is supplied with the system. [20:12:50] <crowe> As you can see, all the systems that I mentioned above are mostly based on Debian one way or another. (starting with ubuntu and below [20:13:20] <crowe> How you will resolve with Linux security updates will depend on the distribution you are using. I am going to talk about security updates using the example of Debian and Debian based systems. [20:13:40] <crowe> See, here https://wiki.debian.org/Derivatives/Census lists all derivatives of Debian distributions. Many of them are operating systems important to the security field, such as Kali, Tails, and so on. The Debian project does an excellent job of providing security updates for Debian. [20:13:57] <crowe> Here you can read about other distributions, I just said that to find some kind of distribution from the list, in stop words, what it is oriented to, its main idea (the idea of the project means etc.) [20:14:14] <crowe> Security is a priority for this project and this operating system. [20:14:28] <crowe> If you want to find the details of the security issues patches are being fixed for, look at the security information page provided by Debian. [20:14:38] <crowe> https://www.debian.org/security [20:14:48] <crowe> If you go down below, you will see all the updates. You can click on any update and get more information about this particular update. You can go to the Miter CVE directory and learn more about the vulnerability you select. Here is detailed information about this vulnerability. See more details here. And from here we can get to various sources for more information, and in principle, we can even find the exploit code for this vulnerability. We analyzed this earlier using the example site https://www.cvedetails.com. [20:15:02] <crowe> According to the Debian Project, they handle all security issues brought to their attention and fix them within a reasonable amount of time. They also say that many security warnings are coordinated by other free software vendors and published on the same day as the vulnerability found, and that they have an internal Security Audit team that looks for new or uncorrected security errors in the archives. They also believe that security by hiding does not work, and that the public availability of information allows us to find security vulnerabilities, and that's cool. [20:15:16] <crowe> All this is good, that’s why I recommend Debian based distributions as the main reliable operating system for everyday use when it comes to security, privacy and anonymity. [20:15:34] <crowe> I decided not to give a parsing of the installation example, etc. The only thing you need to understand is that you need to record the installation flash drive in ddimage mode through rufus for example, and Linuxsoids can use the dd command to do this. [20:16:04] <crowe> https://i.imgur.com/tD3lDok.png [20:16:24] <crowe> Here is what dd image is [20:16:41] <crowe> In order to simply not litter and make porridge in your head, if there are those people / group of people who have decided to master Linux environment tightly. Put the system, you can directly contact me, or as I said earlier, contact via correspondence QUESTION / ANSWER. [20:16:58] <crowe> Where everyone will already consult and help with certain issues, in essence, the segment of your actions is similar to working with Windows and what Payne will tell you, so maybe a little installation is different, and so everything is similar. [20:17:12] <crowe> A lot of videos are on YouTube where an example of installing the operating system, partitioning a disk, and other things is shown. [20:17:23] <crowe> Linux is an amazing system that you need to learn to work with and it will become your faithful friend. It’s like with a pet, how to train it on how to master it, it will be so complaisant and half-schoonous for you. [20:17:32] <crowe> So if anyone has any questions, put a “?” And we will sort them all out. [20:19:08] <crowe> So guys let's give you more info right now [20:19:10] <crowe> updated [20:19:14] <crowe> to you, but I'm out of the way [20:19:17] <crowe> and you read the pluses put [20:19:23] <crowe> And in general [20:19:24] <crowe> ??? [20:19:26] <crowe> write [20:19:30] <crowe> who has questions [20:21:22] <crowe> https://labanote.com/?d724ed508338b350#UiRqMPN73f4OxobIq6yY6jLwrTnt3LeWcPlv9F3vczQ= [20:21:29] <crowe> Threw it like that [20:21:35] <crowe> to make it easier to read who read [20:21:39] <crowe> put the pluses there [20:21:44] <crowe> Who has questions write ??? [20:21:48] <crowe> and we will work on issues [20:23:20] <crowe> Lecture all [20:23:30] <crowe> If you have any suggestions or questions or need help [20:23:33] <crowe> I will give contacts in DZ [20:23:36] <BruseLee> how to make macro lock on windows and can it be done? [20:23:38] <crowe> yours so you can contact me [20:23:50] <crowe> Macro lock as I understand it for Word?> [20:24:13] <crowe> Generally better to use isolation [20:24:20] <crowe> that is, the system inside the system [20:24:20] <BruseLee> for where it can be implemented) [20:24:32] <crowe> relatively speaking virtual [20:24:40] <crowe> that is, you place a malicious file in it [20:24:43] <crowe> or subtle [20:24:46] <crowe> open it there [20:24:56] <crowe> and then roll back the state of the virtual machine to the previously saved thereby [20:25:01] <crowe> exclude the fact of system infection [20:25:20] <crowe> it’s clear what is meant? [20:25:26] <BruseLee> + - yes [20:25:38] <Boat> How can I connect vpn to a virtual machine (Virtual. Box) and generally the whole vpn-tor chain (vusoniks :) - vpn. The foundation I have Kali Linux put Virtual box in it threw Wyusix connected Windows for work [20:25:43] <BruseLee> in practice, do it and it will be clear [20:28:16] <crowe> https://www.youtube.com/watch?v=Qte4X-rdr2Q [20:28:20] <crowe> How to use snapshots in a virtual box [20:28:21] <artil352> There is so much information that there’s a mess in my head, but it’s capacious and understandable to the best of my ability)) I think I’ll reread everything in the logs slowly and if there are questions, I’ll throw it into the question and answer)))) [20:28:23] <crowe> if that's what I was talking about [20:28:33] <crowe> Yes, I see right now I’ll answer [20:29:22] <crowe> In general, with regard to VPN and how to throw it [20:29:26] <crowe> The variations are just REST [20:29:29] <crowe> In general, that [20:30:02] <crowe> the bottom line is [20:30:10] <crowe> if you do it you can do it both programmatically and using [20:30:27] <crowe> there hardware routers [20:30:29] <crowe> or systems that [20:30:33] <crowe> are used there [20:30:37] <crowe> FIR and stuff like that [20:31:00] <crowe> If you have questions in principle, you can already [20:31:07] <crowe> ask or write me the contacts in the DZ [20:31:22] <terrorgreed> why is Qubes OS not mentioned? [20:31:24] <Boat> I wonder how programmatically how to get it into a virtual machine [20:31:48] <Boat> Ok I’ll write on the contacts [20:32:32] <terrorgreed> the most advanced in terms of security and convenient OS with virtualization of everything that is possible [20:32:46] <terrorgreed> in its very architecture [20:32:47] <crowe> Well, the system is generally convenient [20:32:51] <crowe> but it’s not standardized [20:32:57] <crowe> if people have some kind of non-standard systems [20:32:59] <crowe> oh [20:33:10] <crowe> non-standard use cases and stuff like that [20:33:14] <crowe> then this is not a system [20:33:17] <crowe> And the whole hatred [20:35:36] <crowe> Karoche is waiting for questions from you [20:35:37] <crowe> guys [20:35:42] <crowe> while read there ask [20:35:44] <crowe> let's do [20:35:45] <crowe> break [20:35:49] <crowe> then 10 minutes [20:35:59] <crowe> And after the break we’ll continue [20:44:20] <terrorgreed> yes, Qubes OS requires a lot of knowledge and understanding of the intricacies and even the right hardware for effective use, but in skilled hands, I’m sure there is nothing more powerful at the moment. Under it, the Whonix virtual machines easily live. The main feature is that all applications run in cubes, i.e. separate virtual machines between which you can create any conceivable traffic connection. For example, you can build a VPN1-> Tor-> VPN2 chain in a couple of minutes, while the torus gate will be in a separate virtual machine, the VPN machines will also be in separate ones, the firewall will also be made separate and the physical access to the network adapter will be separate. In general, the topic is very deep, it has been developed for a long time and is constantly being improved. Naturally, all are open-source. Who cares, I advise you to study [20:48:29] <terrorgreed> also, I would like to add that there are vulnerabilities that do not concern the operating system, and you also need to know and think about them. For example, firmware in the Intel Management Engine that is present on almost any laptop [20:48:39] <terrorgreed> is essentially a separate computer [20:48:44] <terrorgreed> with proprietary software [20:50:56] <crowe> if you want to ride [20:51:01] <crowe> the bottom line is that with the chain [20:51:04] <crowe> VPN Thor VPN [20:51:53] <crowe> you lose the essence of the torus [20:51:53] <crowe> namely what the torus has [20:51:53] <crowe> 1 im 3 knots [20:51:53] <crowe> that is, they don’t know each other [20:51:53] <crowe> that is essentially [20:51:53] <crowe> If you have a global passive [20:51:53] <crowe> observer [20:52:02] <crowe> then you essentially do [20:52:05] <crowe> him all the work for himself [20:52:09] <crowe> because you are aiming for two vpn [20:52:12] <terrorgreed> VPN1 and VPN2 are different in this chain [20:52:15] <crowe> and limit the possibility of a permanent shift [20:52:18] <crowe> un address [20:52:19] <crowe> at the end of the torus [20:52:31] <crowe>))))))))))))) 0000000000000 [20:53:03] <crowe> The tour is not big how the TOP works [20:53:03] <crowe> 1 relay it is assigned to YOU [20:53:03] <crowe> for 3 months [20:53:03] <crowe> 2-3 [20:53:03] <crowe> called GUARD [20:53:03] <crowe> two subsequent relays [20:53:03] <crowe> are constantly changing [20:53:09] <crowe> To read traffic [20:53:11] <crowe> more precisely install [20:53:13] <crowe> who connected [20:53:19] <crowe> it is necessary that the input relay and the input [20:53:23] <crowe> were compromised [20:53:25] <crowe> by one person [20:53:30] <crowe> to proliferate traffic correlation [20:53:31] <crowe> in case [20:53:34] <crowe> if you use [20:53:37] <crowe> VPN at the end after the torus [20:53:45] <crowe> that is VPN 2 belongs to the party [20:53:49] <crowe> who has commented [20:53:53] <crowe> input relay [20:53:55] <crowe> that is, GUARD [20:53:59] <crowe> then flutter to everyone what is your TOP) [20:54:01] <crowe> since by [20:54:03] <crowe> of the correlation [20:54:06] <crowe> will figure you out [20:54:09] <crowe> with a 100% chance [20:54:13] <crowe> VPN VPN [20:54:14] <crowe> works [20:54:16] <crowe> but not everywhere [20:54:19] <crowe> and not for all tasks [20:54:23] <crowe> here the question is if it’s in anonymotsi [20:54:25] <crowe> special [20:54:28] <crowe> then the question is pure [20:54:33] <crowe> tore is welcomed more [20:54:36] <crowe> VPN is not anonymity [20:54:39] <crowe> it's just a cover-up [20:54:43] <crowe> of your downloads [20:54:53] <crowe> and hiding your traffic [20:54:55] <crowe> from the provider [20:54:56] <crowe> ALL [20:55:03] <crowe> So it's not so simple with a cube [20:55:08] <crowe> yes he is well reorganized [20:55:17] <crowe> But you can stir up things like that using [20:55:24] <crowe> perrot or potassium [20:55:40] <crowe> while on the cube you won’t turn on TeamViewer [20:55:50] <crowe> Have to install Standalone [20:55:53] <crowe> system [20:55:59] <crowe> there are its own nuances of this system [20:56:09] <crowe> and for ALL, or even most, she won’t [20:56:11] <crowe> since it’s very difficult [20:56:17] <crowe> it is built on the basis of Fedor [20:56:19] <crowe> And that's another minus [20:56:23] <crowe> In the plan for beginners [20:56:43] <crowe> Anyone else has any questions?) [20:56:46] <terrorgreed> agrees that VPN1-> Tor-> VPN2 should be used wisely, like everything else. As for the increase, I ask you not to take it like that, since there was no such goal, even in the slightest manifestation 20:57:26] <Rarka_> questions will come later) this amount of information is hard to digest) [21:01:55] <Reimon> What axis do you recommend to set for work and for homework? [21:02:05] <crowe> Guys just shouldn’t blindly go over some decisions [21:02:07] <crowe> like a cube [21:02:10] <crowe> is a very complex system [21:02:16] <crowe> and very moody in iron [21:02:26] <crowe> and she’s very memory friendly [21:02:36] <crowe> you need at least 8 GB [21:02:46] <crowe> And better all 16 GB for a minimum of its use [21:02:55] <crowe> Normally it's 32 or more [21:04:59] <crowe> Ramon [21:05:01] <crowe> did not see the question [21:05:03] <crowe> on the axis count [21:05:09] <crowe> you can take essentially any OS [21:05:10] <Reimon> What axis do you recommend to set for work and for homework? [21:05:15] <crowe> from Windows [21:05:16] <crowe> Before Linux [21:05:22] <crowe> here the question is how you feel comfortable [21:05:25] <crowe> Linux is safer [21:05:28] <crowe> windows less [21:05:37] <crowe> For home use windows [21:05:45] <crowe> if you use for home use [21:05:46] <crowe> there [21:05:48] <crowe> movie games [21:05:51] <crowe> payment of bills [21:06:05] <Reimon> From Linux, what do you recommend? [21:07:51] <crowe> Kali [21:07:55] <crowe> or feather [21:07:59] <crowe> you can bet if advanced [21:08:06] <crowe> and so, in principle, you can put ubuntu [21:08:07] <Rarka_> in [21:08:08] <crowe> and start with her [21:08:11] <crowe> or pure debian [21:08:13] <Reimon> ATP [21:08:34] <jayall87> to work on debian, does it make sense to leave mas pro or need to buy another car? [21:09:01] <crowe> Many fuck with poppies [21:09:07] <crowe> and it’s easier to buy a car for 20 pieces [21:09:12] <crowe> extra and without care with hands somewhere [21:09:14] <crowe> relatively speaking [21:09:20] <crowe> So here depends on skills [21:09:49] <crowe> But knowing how the Apple wants to control everything and other things do not inspire confidence [21:09:52] <Rarka_> which VPN do you recommend from paid ones and if you need it if you work through the sphere [21:10:10] <crowe> VPN is needed if you want to hide your traffic from the provider in fact [21:10:16] <crowe> and YES you need him [21:10:21] <crowe> always [21:10:26] <crowe> which VPN I advise [21:10:29] <crowe> His [21:10:32] <crowe> 10 bucks [21:10:33] <crowe>: D [21:10:34] <crowe> month [21:10:51] <crowe> And as a matter of fact I won’t tell you [21:10:53] <crowe> to VPN account [21:11:21] <Rarka_> it makes sense to raise its vpn for personal needs on European servers? [21:11:54] <crowe> Generally yes [21:11:57] <crowe> since most of the time [21:12:01] <crowe> spying on the main [21:12:03] <crowe> VPN servers [21:12:05] <crowe> by the GPA [21:12:07] <crowe> of the same [21:12:13] <crowe> so there’s a double-edged sword and even that [21:12:18] <crowe> Your VPN is always better [21:12:25] <crowe> since you are sure that providers do not store logs? [21:12:32] <crowe> any provider will store logs [21:12:35] <crowe> at least a technical plan [21:12:44] <crowe> since if some kind of load from a person comes out [21:12:56] <artil352> And your VPN is in terms of connecting to yours? or can you raise for 10 bucks a month personal? [21:13:08] <crowe> It’s not just the issue of configs [21:13:10] <crowe> So [21:13:15] <crowe> shcha for services [21:13:16] <crowe> I will give Old [21:13:18] <crowe> by his [21:13:21] <crowe> and there will be an answer [21:13:26] <crowe> do not read between the lines I will copy it even [21:14:31] <crowe> https://labanote.com/?f5d444b6e248adfd#z63RkTedby5wHA7fJsB9X4b7LQKCU+jqrr0cx/IwlJg= [21:14:59] <crowe> https://imgur.com/Wtgmjtg.png [21:15:25] <crowe> IMPORTANT I want to immediately answer the common point that arises among many people, I paid for the training, why should I pay for consultations or safety training if this should be included in my course program. You are right, but there is one point. I can easily help anyone who wants to answer his questions that he asks me for free, or redirect him if it’s not in my competence where to turn to him for help. Otherwise, if you come to me not with a question or you don’t have a desire to understand the topic, immerse yourself in it, look for material and dig in everything yourself, but you just want to get the service without any problems, but only for money. Since I will spend much more of my time on this, since there it will already be necessary to find out the problem, sort it out, clarify what you need and how you see it, that is, completely immerse yourself in the solution with your head to give you a conditionally speaking service, but for services accepted to pay. Once again, if you ask me questions, no problem, I will help for free, otherwise only for a fee. [21:15:58] <crowe> And yes you have a discount of up to 50% [21:16:12] <crowe> If you order conditionally speaking now who needs what [21:16:17] <crowe> there are contacts you can consult [21:16:24] <crowe> If you need anything related to the questions [21:16:26] <crowe> as I said [21:16:31] <crowe> https://imgur.com/Wtgmjtg.png [21:16:33] <crowe> Read this screen [21:18:20] <crowe> Anyone have questions? [21:19:10] <Serrwrtet> If using a VPN provides only concealment of traffic, then how do you programmatically implement anonymity in a cart? [21:20:15] <crowe> Use the TOP [21:20:21] <crowe> traffic traffic [21:20:32] <crowe> That is, VPN - TOR [21:20:34] <crowe> onwards [21:20:41] <crowe> Yes, for example, after the Torah, you can set the VPN if necessary [21:20:47] <crowe> But understand what tuning issues are here [21:20:48] <crowe> depends [21:20:57] <crowe> since the bunch can be more secure or super less [21:21:05] <crowe> Well basically always less [21:24:14] <artil352> Another question: Does the sphere not cover all privacy problems? How to build a better chain with her?
  9. Lecture # 3 Encryption Day 2 01/15/2020 Lecturer: Mans77 (19:17:05) Mans: Lahn, chased (19:26:01) Mans: Now I will give a lecture more quickly so that we can still answer questions normally. (19:26:06) Mans: And the toad troit (19:26:13) Mans: Today there will be another DZ (19:26:16) Mans: important (19:27:02) Mans: Today we’ll talk in more detail what encryption consists of as a whole, a short introductory course, we went through, let's go deep into what the hash itself, etc. (19:27:30) Mans: ============================ Hashing ============================ (19:27:51) Mans: Hashing is the conversion of an array of input data of arbitrary length into a (output) bit string of a fixed length, performed by a specific algorithm. A function that implements the algorithm and performs the conversion is called a "hash function" or "convolution function." The source data is called an input array, "key" or "message". The result of the conversion (output) is called a "hash", "hash code", "hash sum", "message summary". (19:28:34) Mans: Image https://i.imgur.com/XOkcgDw.png (19:28:52) Mans: Let's look at the image, see here: (19:29:00) Mans: 1. Input (19:29:11) Mans: 2. Algorithm or hash function (19:29:47) Mans: 3. Output Resulting output that always has a fixed size. The hash function accepts input of any size. This can be an e-mail, a file, a word, in our case, the phrase, and the data is converted using a hash function in the following form (19:30:03) Mans: =========================== 732b01dfbfc088bf6e958b0d2d6f1482a3c35c7437b798fdeb6e77c78d84ccb1 ============================ (19:30:18) Mans: https://i.imgur.com/qumM1zD.gif (19:30:44) Mans: For better assimilation and analysis of the material, let's move away from the dry text and make a visual demonstration (19:31:40) Mans: As we can see from the animated gif above, our input data is converted using a hashing algorithm, namely SHA-256, into output data of a fixed size. (19:32:21) Mans: Explanation: As we see, when changing our input data by adding "=)", our output data have a different look, since the multiplier has changed in the bit equivalent. Therefore, the very meaning of the output has changed. When you return to the original input data, the value again had its original form. (19:32:40) Mans: You can imagine this as an example: (19:33:34) Mans: The hash algorithm itself is the second arbitrary factor, let it be 2, then: (19:33:47) Mans: analitik99, what do you think? (19:34:04) Mans: 1. 2 * 5 = 10 (19:34:12) Mans: 2.2 * 7 = 14 (19:34:22) Mans: 3. 2 * 5 = 10 (19:35:00) Mans: So with a hash, only the hashing algorithm has more complex mathematical operations than I mentioned, if you need a specific transformation formula used in the algorithm, see Wikipedia. (19:35:29) Mans: An important feature of a hash function is that you cannot convert from a hash back to the original input. This is a one-way hash function and does not need keys for it. (19:36:08) Mans: For an example, again we look at our gif that I gave earlier (19:36:24) Mans: Hello,> SHA-256> 732b01dfbfc088bf6e958b0d2d6f1482a3c35c7437b798fdeb6e77c78d84ccb1 (19:36:44) Mans: As we can see, we used only the input data, which keys we didn’t use, and then we got the resulting output data, which always has a fixed size depending on the type of function that you use. (19:37:18) Mans: This ensures integrity and allows the detection of unintentional modifications. It does not provide confidentiality, authentication, it does not allow to determine the presence of intentional modification. (19:38:02) Mans: BTW: There are many examples of hash functions: MD2, MD4, MD5, HAVAL, SHA, SHA-1, SHA-256, SHA-384, SHA-512, Tiger and so on. (19:38:12) Mans: WHAT TO USE: Nowadays, if you select a cryptographic system, you should use SHA-256 and higher, I mean SHA-384 and SHA-512 and so on. (19:38:49) Mans: To make it easier to deal with the material, move away from the dry text and simulate the situation (19:39:01) Mans: Let's say you were given a task to learn to download the Windows 7 Home Premium x64bit operating system (19:39:35) Mans: We know that this operating system comes from a Microsoft developer, then we go to the search and make the following search request: (19:40:11) Mans: =========================== site: microsoft.com Windows 7 Home Premium hash ============================ (19:40:32) Mans: https://i.imgur.com/1aluylg.gif (19:41:14) Mans: operator site: This operator restricts the search to a specific domain or site. That is, if we make a request: site: microsoft.com Windows 7 Home Premium hash, then the results will be obtained from pages containing the words "Windows", "7", "Home", "Premium" and "hash" on the site " microsoft.com ”, not in other parts of the Internet. (19:42:21) Mans: This information is also key to search for shops using operators in search engines, for more details on how to search using operators in Google, use this article (https://habrahabr.ru/ sandbox / 46956 /). (19:42:33) Mans: As we can see from GIFs above, I easily found the hash sum of the Windows 7 Home Premium 64bit operating system on the official Microsoft website. (19:42:55) Mans: Here it is - SHA1 Hash value: 6C9058389C1E2E5122B7C933275F963EDF1C07B9 (19:43:31) Mans: Actually, I would recommend finding hash amounts and searching starting from 256 and higher, but there was only this amount on the off site, so I’ll take what is (19:43:44) Mans: Next, we need to find a file that matches this hash sum, for this we also use the Google search engine and operators, how to search using operators and what is the link above. (19:43:58) Mans: inurl: download "6C9058389C1E2E5122B7C933275F963EDF1C07B9" (19:44:04) Mans: https://i.imgur.com/WYFFiuT.gif (19:44:55) Mans: After you download this file, using our hash sum you can make sure that this file has not changed, i.e. he has integrity. (19:45:07) Mans: There are tools you can download to do this. https://en.wikipedia.org/wiki/Comparison_of_file_verification_software (19:45:36) Mans: One of these tools is Quick Hash (https://quickhash-gui.org), and I will demonstrate how to verify hash sums and verify the integrity of the information received. (19:45:43) Mans: https://i.imgur.com/6NRRQA6.gif (19:46:44) Mans: Although in that video in which I threw off yesterday there was a much more perfect example (19:46:52) Mans: As we can see, the hash amount of the downloaded file corresponds to the hash amount given to us from the official Microsoft website. (19:47:30) Mans: I will also attach below information on other hashes of this file (19:47:35) Mans: MD5: DA319B5826162829C436306BEBEA7F0F (19:47:42) Mans: SHA-1: 6C9058389C1E2E5122B7C933275F963EDF1C07B9 (19:47:48) Mans: SHA-256: C10A9DA74A34E3AB57446CDDD7A0F825D526DA78D9796D442DB5022C33E3CB7F (19:47:56) Mans: SHA-512: E0CB678BF9577C70F33EDDC0221BC44ACD5ABD4938567B92DC31939B814E72D01FAC882870AB0834395F1A77C2CD5856FD88D2B05FBE1D1D9CCE9713C1AB (19:48:17) Mans: You may notice that as these digits increase in the hash algorithm, the length of the hash becomes larger as it is the length in bits. SHA-1 is short, 256, 512 and MD5, which is weak and should not be used at all. So this is a way to confirm that the file you downloaded has retained its integrity. (19:48:32) Mans: Some of you will probably wonder: "What if the file I'm about to download is already compromised?" Let's say we have a website (https://www.veracrypt.fr) of VeraCrypt software (https://ru.wikipedia.org/wiki/VeraCrypt). (19:48:57) Mans: And I want to download VeraCrypt, the site has hash sums of files encoded in SHA-256 and SHA-512 (19:49:05) Mans: SHA-256: 6cff2cce52eb97321b1696f82e9ccefa7c80328d91c49bf10b49e3897677896e VeraCrypt Setup 1.21.exe (19:49:12) Mans: SHA-512: 5c68a5a14fa22ee30eb51bc7d3fd35207f58eefb8da492f338c6dac54f68133885c47fa2b172d87836142c75d838dac782b9faca406a2ffb8854cc1d1 (19:50:03) Mans: However, there is one “BUT”, if the website was compromised, it means that the attackers could replace this file for download and add something to it, a trojan or something for surveillance, and they could also replace the checksum. (19:50:18) Mans: Therefore, the hash means nothing, that is, it cannot detect an intentional modification of the file. And we need something else to make sure that this software really comes from the developer. That the VeraCrypt site is the official VeraCrypt site, etc. (19:50:39) Mans: And here we come to the certificates, digital signatures and other tools that we will now analyze, but for now let's touch on the not unimportant essence of hashing. (19:50:58) Mans: I do not want to copy, etc. as it is important here to convey everything in color (19:51:08) Mans: https://i.imgur.com/d0VpoIU.png (19:51:16) Mans: https://i.imgur.com/I4LLHNH.png (19:51:48) Mans: Now let's talk about Digital Signatures (19:51:58) Mans: =========================== (19:52:10) Mans: Do not forget to open the screenshots above there is text (19:52:39) Mans: So let's go back again to our VeraCrypt how to find out that the site is truly official and the software comes from the developer. (19:53:20) Mans: A simple and rather tricky way to find an official site is to find software on Wikipedia and follow the link to the official software site there. (19:53:29) Mans: However, we can also click on the whole castle and see a certificate there that it was issued (19:53:51) Mans: https://puu.sh/xQAFM/e687c816ce.png (19:54:06) Mans: Digital signature is the value of a hash. This is the result of a fixed-size hash function that is encrypted with the sender’s private key to create a digital signature or a signed message. (19:54:34) Mans: From a technical point of view, a digital signature is a mark confirming the person who signed the message. This is the issuance of a guarantee for an object that was signed with its help. (19:54:46) Mans: For clarity, what is a digital signature, open a screenshot (https://puu.sh/xQAFM/e687c816ce.png) and look at Signing (19:54:58) Mans: Signing: What you can see in the infographic above, but based on our file, which we are parsing (19:55:50) Mans: Hash Algorithm> Hash Value (6cff2cce52eb97321b1696f82e9ccefa7c80328d91c49bf10b49e3897677896e)> Private Key (see Asymmetric Encryption) = Digital Signature (19:56:04) Mans: If the encryption object is digitally signed, then authentication is provided, because the object is encrypted using a private key, which only the owner of this private key can encrypt. This is authentication. (19:56:41) Mans: It ensures the impossibility of non-repudiation, because, again, the sender’s private key was used. And it provides integrity as we have hash. (19:57:16) Mans: A digital signature can be used, for example, in software. It can be used for drivers inside your operating system. It can be used for certificates and confirm that the signed objects come precisely from the person indicated in the certificate and that the data integrity of these objects has been preserved, that is, they have not undergone any changes. (19:58:16) Mans: But how to make sure that the file really comes from the developer, in our case VeraCrypt, that is, in case of cheating, etc. you could say with 100% certainty that I used your software, and it was signed with your digital signature. (19:58:50) Mans: https://puu.sh/xQB20/5166e3d0c8.gif - usually the certificate is checked automatically and you probably (19:58:59) Mans: After watching the gif, we open the screenshot (https://puu.sh/xQB5Y/c840f4670d.png) (19:59:28) Mans: What we see here. Certificate issued: to whom - IDRIX SARL, by whom - GlobalSign. So, GlobalSign is a company whose private key was used to digitally sign this program. GlobalSign reports: "This software is legitimate and has not been modified." It says here: "The certificate is intended to certify that the software comes from the software developer, the software is protected from modification after its release." (20:00:18) Mans: To find out if this is a valid digital signature or not, we need to turn the original process in the opposite direction. (20:00:30) Mans: That is, we open our screenshot again (https://puu.sh/xQAFM/e687c816ce.png) (20:01:00) Mans: Check: What you can see in the infographic above, but based on our file, which we are parsing (20:01:39) Mans: Signed message> Public key (this .asc file usually has the following form - https://www.idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc, the private key looks the same too) = Hash value, i.e. it should turn out 6cff2cce52eb97321b1696f82e9ccefa7c80328d91c49bf10b49e3897677896e (20:02:12) Mans: After that, this hash value will need to be verified with the hash indicated, that is, open the QuickHash program there, run our file and in the algorithm that it is presented to us, everything should match, if the file itself does not match , and there may be a trojan, or something to wiretap for us, or something else bad (20:02:34) Mans: SHA-256: 6cff2cce52eb97321b1696f82e9ccefa7c80328d91c49bf10b49e3897677896e VeraCrypt Setup 1.21.exe (20:03:10) Mans: I checked the received hash (https://puu.sh/xQBAz/8905455dd7.png) and as we can see in the screenshot they are identical therefore the files are legitimate and correspond to the digital signature of the developer, and this file is exactly comes from him. (20:03:41) Mans: And this software in case of infection of your computer with WannaCry or some other bad virus, he will be guilty. (20:04:27) Mans: For example, it’s like you would have denied as a child that they didn’t gobble up sweets, and your mother pokes evidence in your face, for example, a video recording and says, everything is written down for me, look here. And no matter how you turn away, that's what a digital signature does. (20:04:53) Mans: Read a few times if you do not understand, and try to delve into this point is really important (20:05:20) Mans: And what we saw directly on this screenshot (https://puu.sh/xQAFM/e687c816ce.png) (20:05:58) Mans: This is because Windows verifies the certificate for authenticity, that really such a certificate is registered with such a number is all business. (20:06:10) Mans: Let's draw an analogy to understand what Windows does when it writes these lines (https://puu.sh/xQBLa/604166ab6c.png) in the certificate (20:06:38) Mans: You came to the bank with fake money, and they check the money through special solutions or devices, and then the bang and the paint is washed off, or watermarks do not appear and you are told that your bills do not correspond and this fake, so is Windows. (20:07:27) Mans: That is, if someone else rewrote all the certificate data and made a copy of the certificate for signing, with such data, it would not correspond to reality well - this is a more complicated topic, but I think it’s clear. (20:07:49) Mans: And if the verification fails, you usually see this warning (https://puu.sh/xQC61/ef80678f6b.png) (20:08:16) Mans: This means that the file does not have a digital signature or Windows (remember the bank employee) does not trust this digital signature (and in the case of the bank employee, it does not trust in your banknote) you can I’ve described the method above (and the bank employee can also check it on his device or there by applying solutions). (20:09:19) Mans: In Linux, this is simple, since you just don’t install proprietary software, since all software is usually installed from official repositories, where all the checks go through, you can find out more what a repository is and other things here (20:09:41) Mans: Write this article as your homework for self study (20:10:18) Mans: Let’s go through this material again, because I’m sure for some it all may seem rather difficult to understand. (20:10:25) Mans: https://puu.sh/xQAFM/e687c816ce.png - watch signing (20:11:00) Mans: So, the value of the hash (of the program itself, that is, if the dude himself drove it through QuciHash), which was encrypted using the private key (his personal key, his personal fingerprint on the network, so to speak) of the sender or software release. This is a digital signature. (20:11:11) Mans: It provides authentication, non-repudiation, and integrity. And if you encrypt something and in addition provide it with a digital signature, then you can achieve confidentiality along with authentication, non-repudiation and integrity. (20:11:51) Mans: Digital signatures verify that a program or anything else is received from a specific person or publisher, and they protect the software or messages from modifying them after they have been published or sent. (20:12:04) Mans: On this I think we figured out the digital signatures. (20:12:52) Mans: On my own I’ll add you have a great video that I recorded for you there is a certificate and key hash check (20:12:58) Mans: if you watched it, you should understand what it was about, I tried to drive and show with the mouse there. So I think there should be no difficulties in this aspect (20:13:04) Mans: ========================== Let's move on to End-to-End Encryption (E2EE) ============================ (20:13:22) Mans: End-to-end encryption is that the data is encrypted by the sender and decrypted only by the recipient. If you want to avoid tracking, mass surveillance, hackers and so on, then you need this type of encryption of the transmitted data. (20:13:51) Mans: Examples of end-to-end encryption technology are such things as PGP, S / MIME, OTR, which stands for “off the record” (Russian “not for recording”), ZRTP, what stands for Z in the RTP protocol, as well as SSL and TLS, implemented correctly, all of this can be used as end-to-end encryption. (20:14:37) Mans: Companies that develop software that uses end-to-end encryption and zero-disclosure systems cannot disclose details of the exchange of data to your enemies, even under duress, even if they themselves wanted to. This is the advantage of zero-disclosure end-to-end encryption. (20:14:52) Mans: End-to-end encryption provides protection during data transfer, but it is obvious that it cannot protect data after receiving it. Next you need another protection mechanism. Use end-to-end encryption wherever possible. (20:15:37) Mans: Using secure HTTPS on all websites is becoming increasingly necessary, regardless of the type of data transferred. (20:16:19) Mans: Let me show you what END-TO-END encryption is for example with websites (20:16:26) Mans: This is a digital certificate, the same as a digital signature, there are a number of differences, there are certification authorities, etc. you usually don’t come across this; I won’t describe who is interested in google “Key Certification Authorities and HTTPS” and “Digital certificates” (20:16:31) Mans: https://i.imgur.com/vu8CtAA.png (20:16:35) Mans: https://i.imgur.com/b5keJaP.png (20:17:28) Mans: A green lock in a URL or HTTPS means that your ISP or, let's say, the government, they can only track the target domain. What does it mean? (20:18:07) Mans: Let's say an attacker is located between us and Google in the same way as in the case of sending a message in the infographic above. He will not be able to find out exactly what I was looking for, because this is the end (or subscription from English end-to-end) encryption between my browser and server. (20:18:47) Mans: Let's look at a visual example and see what the provider can find out about us. (20:18:52) Mans: First, we will use an example of an unencrypted connection using an HTTP connection. (20:19:21) Mans: HTTP, HyperText Transfer Protocol - a widespread data transfer protocol, originally intended for the transfer of hypertext documents (that is, when you click on a word in an article, go to another web page). (20:19:30) Mans: By default, the HTTP protocol uses TCP port 80. (20:19:57) Mans: For the screenshots below, I will use the program for analyzing WireShark network traffic. (20:20:32) Mans: For the experiment, I took a site based on the uznayvse.ru HTTP protocol after I click on the link, the request from the site will be displayed in the WireShark program window under the number 1-n, but let's look right away for what each program window for better assimilation of material. (20:20:35) Mans: https://puu.sh/xxprc/f66caaecd9.png (20:20:45) Mans: 1. This area is called Packet List - in it you can see which server is exchanging data, the protocol that is used and general information about frames. (20:21:26) Mans: 2. The next area is called Packet Details - it displays the details of the packages that were selected in the Packet List. (20:21:52) Mans: 3. And the last area is called Packet Bite - it displays the 16th display of this package, also displays an offset in the form of a ask, and also if we right-click on this area we can see how all this will be ironed in bits. (20:22:12) Mans: This is what happens when you click on a link, all traffic data is immediately filtered (20:22:19) Mans: https://i.imgur.com/TJvYxzB.gif (20:22:40) Mans: Let's take a look at the received packets in more detail and learn more about tracking, analysis, etc. (20:22:48) Mans: https://i.imgur.com/FVVoABb.jpg (20:23:04) Mans: 1. Forwarded packets by our filter (20:23:21) Mans: 2. The target domain, that is, the main page of the site without any heresy after the slash "/" (20:23:30) Mans: 3. User agent, that is, browser settings, operating system version and other parameters .. (20:23:53) Mans: 4. Referer - indicates from which page we went to this page since we went from a protected page, there were many redirected packages, in the end we referred to ourselves from the same page if For example, I switched from the main page of the site to this one in the referee would be the main page of the site. (see the screenshot below with an explanation to fully understand the meaning). (20:24:20) Mans: 5. Cookies, or session) Here your password has arrived) You can log into your session as a logged in user and rummage) from a logged in user that is you (20:24:37) Mans: 6. Well, this is the final page where we are (20:24:46) Mans: BTW: If you think this is the ceiling that this software can do, then I'm afraid to upset you; this is just the tip of the iceberg (20:26:09) Mans: https://i.imgur.com/75Zcarg.jpg (20:26:21) Mans: In order for you to have no doubts after reading, I decided to parse these points by going from one page of the website to another and as we can see: (20:27:01) Mans: 1. Refer - indicates the previous page that we analyzed from it we came to this page (20:27:08) Mans: 2. What page are we on now? (20:27:53) Mans: As we can see on its own, the HTTP protocol does not imply the use of encryption to transmit information. However, for HTTP there is a common extension that implements the packaging of transmitted data in the SSL or TLS cryptographic protocol. (20:28:23) Mans: The name of this extension is HTTPS (HyperText Transfer Protocol Secure). For HTTPS connections, TCP port 443 is usually used. HTTPS is widely used to protect information from interception, and also, as a rule, provides protection against man-in-the-middle attacks if the certificate is verified on the client, and however, the private key of the certificate was not compromised, the user did not confirm the use of the unsigned certificate, and certificates of the certificate authority of the attacker were not implemented on the user's computer. (20:29:15) Mans: https://i.imgur.com/IApps4z.jpg (20:29:35) Mans: 1. Google - has a secure HTTPS connection protocol (20:29:45) Mans: 2. Data request packet over the secure HTTPS protocol (20:29:55) Mans: 3. As we see in the package details we only have Encrypted Application Data: 0000000000000016eec0818f25b5eb9bd4690883155a74b6 ... (20:30:21) Mans: we have no other (additional) information that is contained on web pages or where the person is located (20:30:31) Mans: 4. Since we have a 2-digit IP address with which server the packet is exchanged, we look at what this IP address is and based on the data we can conclude that the person located on the Google landing page. (20:31:05) Mans: Essentially, using HTTPS is safe, and as I said earlier, that: Companies that develop software that uses end-to-end encryption and zero-disclosure systems cannot disclose details of the exchange of data to your enemies, even under duress, even if they themselves wanted it. This is the advantage of zero-disclosure end-to-end encryption. (20:31:09) Mans: =========================== SSLStrip - remove HTTPS ============================ (20:31:27) Mans: But also based on this there are attacks to remove SSL, let's quickly figure out what it is ?? (20:32:27) Mans: Any attacker who can be located between the source and destination of traffic, in our case COMPUTER and SERVER, this attacker can make an attack of the form “Man in the middle” (Russian “Man in the middle”). One of these attacks, which requires very small skills and resources, is called SSL stripping (rus. "Removing SSL"). The attacker acts as a proxy here and replaces the encrypted HTTPS connections with HTTP connections. (20:32:34) Mans: Let's open a screenshot and see what it is https://puu.sh/xQFWy/edbaf90d7a.png (20:32:53) Mans: 1. As we can see, we are sending a request with http (20:33:18) Mans: 2. It goes through SSLStrip and does not change, it also goes further (20:33:29) Mans: 3. The server sees that you came through an insecure protocol without encryption and changes it to secure using encryption, that is, HTTPS (that is, 301 or 302 redirects are performed - this is configured on the server) (20:33:57) Mans: 4. SSLStrip sees that the server has sent you a request in HTTPS (see clause 3) and automatically changes it to insecure as well, that is, to HTTP thereby removing TLS encryption (20:34:28) Mans: SSLStrip here proxies the response from the web server, simulating your browser, and sends you the HTTP version of the site back. The server will never notice the differences. (20:35:09) Mans: Since the server thinks that you are communicating over the secure HTTPS protocol, since it does not see that the attacker (SSLStrip) has changed the protocol to unsafe for you (20:36:29) Mans: And what you see is almost indistinguishable from a genuine site. Let me show you what the website should look like. (20:37:24) Mans: https://puu.sh/xQHeu/014bf0515b.png (20:38:43) Mans: 1. We see a secure version of CLUB, that is, with end-to-end encryption (20:38:52) Mans: 2. Now I have done HTTPS-stripping (SSL removal - SSLStrip). And this is the version of the site after the attack. (20:39:56) Mans: As you can see, the difference is that you now do not have HTTPS and most people will not notice this difference. And as I said, the server will never notice that something is wrong, because it communicates with a proxy that behaves just like you would. (20:40:02) Mans: https://i.imgur.com/i0Hr9em.png (20:40:07) Mans: https://i.imgur.com/SHYhxql.png (20:40:12) Mans: https://i.imgur.com/qLqO8qp.jpg (20:41:20) Mans: The text above, and I advise you to read it, read it this way, since highlighting with color will help you easier to master the material (20:41:57) Mans: https://youtu.be/0wpxrPD90a4 - 1 Part MITM. How is the MITM attack carried out. (20:42:10) Mans: https://youtu.be/quZjKlrmCvQ - 2 Part of MITM. We attack the network with MITM methods (20:42:56) Mans: =========================== Epilogue ============================ (20:43:40) Mans: Encryption is a fantastic tool for privacy, security and anonymity, it is a tool that really works and attackers (hackers) will try to avoid it. (20:43:56) Mans: In simple terms .. No fool would ever make a direct attack on encryption. (20:44:12) Mans: As the saying goes, a smart mountain will not go, a smart mountain will go around. And you should keep that in mind. And all they can do is find weaknesses. (20:44:23) Mans: Remember the case of Ross Ulbricht, the creator of the Silk Road, he was caught on a captcha. That is, on a simple little thing, since people forget about the most important thing, namely about the simplest things .. Azah so to speak. (20:44:52) Mans: That is, no one will ever crack your passwords, etc. it is much easier for them to install a keylogger on your system, or send you a link to a site with an infected JS script and perform an attack, or a PDF file, etc. . (20:45:17) Mans: But as I said encryption, no one will ever want to break. Attackers will simply try to circumvent encryption. You should keep this in mind. (20:45:31) Mans: Security is the so-called weak link phenomenon. It is as strong as the weakest link in the chain. Strong encryption is often a strong link. (20:46:00) Mans: We human beings are usually the weakest link. As they say my tongue is my enemy (20:46:38) Mans: At this, my lecture and my Epilogue came to its logical conclusion! (20:46:50) Mans: Now set? and drove over (20:47:22) Valan: "As we can see, the hash amount of the downloaded file corresponds to the hash amount given to us from the official Microsoft website" But we already downloaded the file on our laptop, could we bring the virus along with the downloaded file? How to check without downloading a file? (20:50:06) Mans: Valan, so as not to bring the virus to the PC, we always download files from off sources. We never download files from obscure sites. If we are afraid to download the file to the base, then for a start we download to the virtual machine, everything is checked there, and only then we transfer it to the PC. (20:50:20) xevious: Can I get these photos in English? It would help a lot more. (20:51:24) Mans: xevious, of course you can redo it, but it will take some time. (20:51:45) Mans: let's think about how to make it more convenient for you. (20:51:50) bloomberg: as I understand it, in the asymmetric sender and the recipient exchange public keys and already decrypt the message with their own private keys? There are no questions as such, because you still need to read and sort through the shelves, the only other question is how much Does this come in handy for us? (20:52:51) xevious: any method on how? Because I can not copy text from a PNG file. If someone printed this, I could translate it and make photoshop so that we had its English version. (20:53:14) Mans: There is no one in the hole itself, but understanding how security works and that you don’t need to download all the crap to your PC, this will come in handy. Let me give you an example. (20:53:49) BruseLee: xevious: try google translator from photo (20:54:42) Valan: In order to find the original hash, for example, you need to find the offsite via Wikipedia, write a request through the operator in Google with the addition of Hash? (20:55:57) Mans: Karj brings quick money, that an ordinary person at regular work can earn in a year or two, you can earn in a month. But you keep almost all of the coin in the BTC, and so an understanding of these fundamentals will save you from the fact that you will not get a stilak and your blood grandmothers will not be blown away. We had people. He worked fine, but he knew the dicks of security, and as a result, about 50 cue balls were poured from him when they drove a stylak onto him. And merged in the year 17, when the cue ball was worth it. I think understanding of this will come to you over time. (20:56:17) Mans: Valan, you wait now for your turn, do not immediately duplicate the question. (20:56:51) kon_sta_1: What should I do and does it mean that I’m attacked, and my home Internet is compromised if, when I try to access, I’m already faced with an insecure connection? (20:57:35) kon_sta_1: At the same time, my Google page is still protected or other https pages (20:58:46) Mans: kon_sta_1, no, of course. it’s just that when you enter the VVH you find yourself in a mirror that goes without an SSL certificate. there is nothing to worry about. This happens when they tell us and we don’t always have time to throw encryption on the mirror. (20:59:45) Serrwrtet: In what cases should WireShark be used in our work? Examples? (21:02:47) Mans: Serrwrtet, it is precisely in the kart that there is no need for this software. It is to monitor traffic. This can come in handy when writing software or parsers / checkers. (21:03:04) Mans: Valan, that's right. (21:03:12) Kto-to: Kak ponyat 'chto ya chto-to podcepil. Kak proverit 'i chto delat' (21:05:22) Mans: Kto-to, you won’t understand it until the grandmas leave the card or the anti-virus starts to sound the alarm. We put an antivirus when a trojan gets into blackout, you will find out about it. What to do, clean the OS completely and do not download anything on the basis. (21:05:47) Mans: Remember, all files start from TXT and ending with pictures we open only on the virtual. (21:05:58) Mans: Since all the gluings are small (21:06:09) Reimon: Can a provider conduct a man attack in the middle? I'm talking about the law of Spring. SORM. (21:07:57) Mans: Reimon, SORM - I think they can do anything. because of this, we always use vpn. (21:08:18) xevious: How does this work for people living outside of Russia? Should I always use vpn when entering the forum or does it not matter. Maybe because the Russian site is suspicious (21:08:32) Devi Johns: Regarding the keylogger, like Neo Spy, how to determine what it costs? Suppose someone puts it and without a special password does not open it. Also encryption in fact. (21:09:36) Devi Johns: I mean that such programs are often covered by programs from the developer. (21:11:06) Mans: xevious, for all people who are connected with darknet and no matter where they live! the main rule is to ensure the safety of your workplace. We always use VPN. Starting from surfing on our forums and ending with driving in and working in other directions. (21:14:01) Reimon: Is it safe to enter tor through browser? Passwords do not steal on the last node? (21:14:26) Mans: Devi Johns, monitoring the task manager. there should this process be visible. (21:14:56) BruseLee: Reimon: I advise you to put an authenticator) (21:15:42) kon_sta_1: Which antivirus do you recommend? You can ask for a link to a verified source (21:16:31) Mans: kon_sta_1 https://www.esetnod32.ru/ https://ru.malwarebytes.com/ work out normally (21:17:56) Rarka_: please remind me which good link you haven’t saved since the first lecture ( (21:20:21) Mans: Rarka_ all the info is in the first posts. https://mullvad.net/en/ (21:20:32) jayall87: 1. po VPN: kak proishodit zashita dannyh? provaider vse ravno vidit paketi kotorie uhodyat v storonniy server i prihodyat iz nego. mozhno nemnogo podrobnee please :) i 2: pri karzhe kakim inetom polzovat'sya? domashnim wifi ili s levoy sim? (21:24:43) Mans :) jayall87 -https: //wifigid.ru/poleznoe-i-interesnoe/vpn read. everything will be clear here. (21:25:14) Mans: You can use a wire, BUT! do not forget about vpn and socks. (21:25:43) Mans: So she is completely in English. you need a ru version. (21:26:22) Mans: XP builds on VBox Assembly for communication and surfing (RU language) https://drive.google.com/open?id=0B4_swz4ZHnoja2pPQzVyeF91M0E (21:26:45) Serrwrtet: Is it safe to have a shared folder between the host and the virtual machine? (21:27:11) Mans: Serrwrtet, I would not advise. The total buffer for your eyes should be enough. (21:27:25) Boat: 1.How can I find out if a VPN seller keeps logs? 2. And if you use a wired Internet, from whom can I buy a flashed router? (21:28:13) Mans: Boat: 1. You won’t know at all, just for conscience or to raise your own VPN, which definitely does not keep logs. 2. Yes, there are enough offers on the forum. (21:29:05) xevious: Is there a way to delete everything and start all over again? If I used a new provider and after that only used vpn, I would be safe. Would that be my only option again being full anony? (21:30:22) Mans: xevious, no, so this doesn't work. don't be paranoid! we buy vpn and quietly study \ work. (21:32:49) Valan: If I’ve connected to my home waffle at least once without VPN, but haven’t done anything illegal yet, only later, is it still necessary to burn the hut and leave? (21:33:46) Mans: Valan, it’s better to fly to the moon or Mars, they won’t find you there)) And of course not, we live and work as before without panic and fuss. (21:35:04) Mans: no question (21:35:09) Mans: Thank you all for sending! (21:35:12) Mans: Till tomorrow (21:35:17) Mans: now I’m throwing DZ (21:35:24) Mans: to the main
  10. Lecture # 2 Encryption Day 1 01/14/2020 Lecturer: crow [00:05:13] <crow> All questions tomorrow at the end of the second part [00:08:44] <crow> Greetings to all at this lecture today, I would like to discuss the pressing issues that many people get stuck in their heads. [00:09:17] <crow> Since this lecture is an introductory one, or rather, it starts at the beginning of your training, we will smoothly dive into the training sections. [00:10:02] <crow> If you think this information seems useless (unnecessary) to you - it seems to you, if you think that you know much more about this or the lecturer is wrong - most likely it seems to you. [00:10:27] <crow> But I am always happy to listen to criticism and correct my mistakes and to reconsider my view of pressing problems. [00:10:34] <crow> =========================== [00:10:37] <crow> Introduction [00:10:43] <crow> =========================== [00:11:12] <crow> Now let's talk about encryption, what is it and why you need it, let's start with the definitions. [00:12:45] <crow> Encryption (https://en.wikipedia.org/wiki/Encryption) is a method of converting data that is readable by a person, they are called plain text in a form that a person cannot read , and this is called ciphertext. This allows you to store or transmit data in an unreadable form, due to which they remain confidential and private. [00:12:57] <crow> Image: https://i.imgur.com/SsYAeh4.png [00:14:01] <crow> What we see from this infographic above is that encryption algorithms pass your data through software filters that use unpredictable mathematical processes to convert readable text into long strings of meaningless characters. [00:14:26] <crow>> This is how encryption works, and the whole problem is solved, you protected the transmitted data with encryption. [00:14:57] <crow> But in order to read the encrypted data, you need to decrypt it, so let's analyze this definition too. [00:16:30] <crow> Decryption (http://cryptography.ru/docs/decryption/) is a method of converting encrypted text back to human-readable text. If you perform a simple search on Google, you will see the HTTPS sign and the presence of a green lock icon here, which means that all the contents of web pages are inaccessible to people who monitor data transmission over the network. [00:17:57] <crow>> That is, for example, your provider writes all your traffic (monitors you on the Internet) about what you are doing, since you use TLS encryption, that is, in other words, HTTPS, the provider can not find out what exactly you are viewing on the site, he can only find out which site you are on, that is, which site is exchanging data with. [00:18:18] <crow>> But what exactly is not, because the data is transmitted in an encrypted, unreadable form. [00:18:40] <crow> Now, if briefly about how encryption and decryption work, let's move on. [00:18:47] <crow> =========================== [00:18:55] <crow> What encryption methods are there? [00:19:09] <crow> In general, there are only two encryption methods, these are: [00:19:35] <crow> - Symmetric encryption - uses the same key for both encryption and decryption. [00:20:20] <crow> - Asymmetric encryption - uses 2 different keys: one for encryption (also called public), the other for decryption (called private) or vice versa. [00:21:08] <crow> These methods solve certain problems and have both advantages and disadvantages. The specific choice of the method used depends on the purposes for which the information is encrypted. [00:21:15] <crow> https://youtu.be/89JyxcVn0lE [00:21:22] <crow> =========================== [00:21:28] <crow> The main goals of encryption [00:21:35] <crow> =========================== [00:21:58] <crow> The main purpose of encryption is used to store important information in encrypted form. [00:22:49] <crow> Generally, encryption is used to store important information in unreliable sources and transmit it through insecure communication channels. This data transfer is a 2-mutually inverse process: [00:23:17] <crow> - Before data is sent over the communication line or before storage, it is encrypted. [00:23:41] <crow> - To restore the original data from encrypted data, the decryption procedure is applied to them. [00:25:05] <crow> Encryption was originally used only to transmit confidential information. However, later they began to encrypt information in order to store it in unreliable sources. Information encryption for the purpose of its storage is used now, this avoids the need for a physical secure storage (usb, ssd disks). [00:25:12] <crow> =========================== [00:25:19] <crow> Symmetric encryption method [00:25:26] <crow> =========================== [00:25:35] <crow> Let's take a look at the infographic below [00:25:43] <crow> https://i.imgur.com/RnqOKMN.jpg [00:26:00] <crow> - The sender sends an encrypted message: `Hello, Marfa` [00:26:32] <crow> - Attackers intercept this message, but since they do not have a decryption key, they only see the character set: `% # & $!` [00:27:21] <crow> - The recipient, having the decryption key, can easily read the message that the sender sent in encrypted form, and he already sees the sender's text in its original form: `Hello, Marfa` [00:27:59] <crow> It will not be an exaggeration to say that encryption is the best tool in our arsenal for protecting against hackers and snooping. [00:28:18] <crow> Generally speaking, in simple words, there are two main components of encryption [00:28:53] <crow> - The encryption algorithm - is known publicly and many, many people have carefully studied it in an attempt to determine whether the algorithm is strong. [00:29:19] <crow> - Secret key - you can imagine that the secret key is a password and it must be kept secret. [00:29:31] <crow> Image: (https://i.imgur.com/XIYsooA.jpg) [00:30:03] <crow> See for yourself the infographics above, and based on the video above, you already understand that the secret key is the password. [00:30:26] <crow>> It turns out the algorithm can be represented as a lock, and the secret key is the key to this lock. [00:30:51] <crow> In symmetric cryptosystems, the same key is used for encryption and decryption. [00:31:52] <crow> Based on the infographics above, let's look at an example, I want to send Martha some kind of file, but I don’t want some 3 persons to be able to view it. For clarity and ease of use, I decided to encrypt this file with 7-Zip. [00:32:22] <crow> Using the same type of encryption (1st key), sectors / disks in VeraCrypt, TrueCrypt are encrypted and also take them as an example. [00:32:34] <crow> Image: (https://i.imgur.com/X0UMRdW.jpg) [00:32:41] <crow> =========================== [00:32:49] <crow> Let's take a look at the screenshot above: [00:32:56] <crow> =========================== [00:33:33] <crow> 1. The encryption algorithm is a mathematical process of converting information into a string of data that looks like a random set of characters and letters. [00:34:22] <crow> 2. A hash function is a conversion of input data, in our case into an output bit string. The objective of the function is to ensure integrity and to detect unintended modifications. [00:35:04] <crow> 3. AES-256 - indicates which algorithm is used (AES) and what block size (256), as we see in 7-Zip there is no possibility of detailed settings than in VeraCrypt. [00:36:04] <crow> 4. Using the entered password, your key will be generated for the selected encryption algorithm (in our case AES-256), for decryption you will need to specify the decryption algorithm if available and enter the password in our case again [00:36:48] <crow> At the output we get an encrypted archive, which, for unpacking and receiving information that is inside, you need to enter the decryption key, in simple terms, the password. [00:37:22] <crow> You may have noticed that the symmetric block encryption algorithm - Advanced Encryption Standard (AES) was used for encryption. [00:37:56] <crow> In this algorithm, only the 1st key is used, the key is created using our password (see paragraph 4 for clarity of conversion) [00:38:32] <crow> You can also choose what block size will be used for 128/256/512/1024 bits, in our case there were only options for 256 bits and 512 bits. [00:39:40] <crow>> BTW: Imagine a door and many locks on it. It will take you a long time to open or close this door. Also with algorithms, the higher the bitrate, the stronger the algorithm, but the slower it encrypts and decrypts, you can consider this the strength of the algorithm. [00:40:30] <crow> 256/512 bits is also the amount of key space, that is, a figure indicating the total number of different keys that you can get using this encryption algorithm. [00:40:54] <crow>> BTW: To crack a symmetric cipher, it is necessary to enumerate 2 ^ N combinations, where N is the key length. [00:42:05] <crow> To crack symmetric encryption with a 256-bit key length, you can create the following number of combinations, that is, possible keys: 2 ^ 256 = 1,157920892? 10 ?? or if you decompose 1.157920892? 10 ^ 77 in the calculation, the following number of possible variations is obtained (this is a 78-bit number). [00:42:12] <crow> =========================== [00:42:16] <crow> Here is the number: [00:42:22] <crow> =========================== [00:42:44] <crow> 2 ^ 256 = 115792089237316195423570985008687907853269984665640564039457584007913129639936 [00:43:14] <crow> If you can check for yourself this number on any engineering calculator, here's an example (https://web2.0calc.com/). [00:44:11] <crow> Thus, for everyone who doubts the safety of a chance of a collision of 2 ^ 256, there is a number: there is a chance that the collision will have 1 of more than 1.1579209e * 10 ^ 7 = 78-bit number (the higher number) [00:44:56] <crow> All this means that the key is extremely difficult to find, even with very powerful computers, but on the condition that you use a long and random password when generating the key. [00:45:52] <crow>> BTW: We’ll talk about the password separately, which one to use, etc. Together with the programs and why. In order not to clutter up your brain with unnecessary information at this stage, so keep your head busy, now let's talk about everything .. [00:46:48] <crow> People and governments are constantly trying to crack encryption algorithms. In this article I will give you a list of algorithms that are good and which are not, which of them are crackable, and which today are impossible to crack. [00:46:55] <crow> =========================== [00:47:04] <crow> Symmetric encryption algorithms: [00:47:11] <crow> =========================== [00:47:49] <crow> There are quite a lot of them, if you want to familiarize yourself with them, visit this page (https://www.veracrypt.fr/en/Encryption%20Algorithms.html). [00:48:13] <crow> If you do not want to understand and you just want to ask me what I would recommend: [00:49:33] <crow> Advanced Encryption Standard (AES) is a symmetric block encryption algorithm (block size 128 bits, key 128/192/256 bits), adopted as the encryption standard by the US government according to the results of the AES contest. This algorithm is well analyzed and is now widely used, as was the case with its predecessor DES. [00:49:56] <crow> Advanced Encryption Standard (AES) is a generally accepted standard for symmetric encryption. [00:50:39] <crow> For maximum protection, use AES-256 or more anywhere where possible, the AES encryption algorithm itself is fast and today it is impossible to crack. [00:50:46] <crow> =========================== [00:50:53] <crow> Asymmetric encryption method [00:51:00] <crow> =========================== [00:52:06] <crow> Very smart people invented this encryption using public and private keys and algorithms based on the complexity of certain mathematical problems. I will not go into the mathematical details, because understanding them is not necessary for your protection. [00:52:53] <crow> For the right choice of security features, you just need to have a basic understanding of the algorithms and the robustness of the algorithms, as well as the cryptographic systems that you are going to use. [00:54:15] <crow> As we know in the symmetric encryption method, the 1st secret key is used, while in the asymmetric encryption methods (or public key cryptography), one key (public) is used to encrypt information, and for decryption another (secret). These keys are different and cannot be obtained from one another. [00:54:22] <crow> =========================== [00:54:33] <crow> Let's fix this material right away: [00:54:40] <crow> =========================== [00:55:09] <crow> - Symmetric encryption method - 1st key, uses the same key for both encryption and decryption. [00:55:40] <crow> - Asymmetric encryption method - 2 keys public (public from Eng. Public) and private (private from Eng. Private) [00:56:05] <crow> I would recommend that you watch a short video on how the Asymmetric Encryption Method works [00:56:12] <crow> https://youtu.be/sGFbM-X6W_4 [00:56:59] <crow> When I talked about symmetric encryption earlier, we encrypted the file for Martha, but since it is symmetric encryption, to open this file you need a key that I used to encrypt the file. [00:57:26] <crow> The question arises, but how to transfer the key (password) in a safe way so that Martha can decrypt the file? [00:58:01] <crow>> In the modern world, the best way to transmit something and to be sure of the delivery of information to the specified recipient is personally in your hands. [00:59:02] <crow>> But this is not a good idea, since we may simply not know where the addressee is located, or it may be so far away that delivering something “personally in hand” becomes problematic, or maybe we just need anonymity. [00:59:38] <crow> In this case, you can use Martha’s public key, which she previously posted somewhere, so that people can contact her. [01:00:20] <crow> And here many have the question, why do we need all these troubles, if I can, for example, contact Martha using some kind of encryption in any other messenger? [01:00:58] <crow> Yes, that's right, but the essence of asymmetric encryption, when you encrypt something using PGP encryption, you do not need to trust a third party. [01:02:02] <crow> When encrypting the message with the public key of the marfa, you will be sure that the message will be read only by the owner of the private key, that is, the marfa, this guarantees sending to the source, the owner of the private key, which in our example is the marfa. [01:02:45] <crow> But since anyone can use the public key, you guarantee the anonymity of your message when sending, since anyone can use the public key. [01:04:26] <crow> The difference is that in asymmetric encryption there is a public key that is created to be known to any person, that is, it is a public key, and there is a private key that should always be kept secret and to be private. These keys are mathematically related and both are generated at the same time. They must be generated simultaneously, because they are mathematically related to each other. [01:06:11] <crow> Any website that uses HTTPS has public and private keys that are used to exchange a symmetric session key to send you encrypted data. This is a bit like the zip file we saw. They use these public / private keys and then they need to send another key, such as the key that we use for the Zip file, in order to encrypt (we will analyze end-to-end later) [01:06:18] <crow> =========================== [01:06:28] <crow> REMEMBER, REMEMBER and REMEMBER again: [01:06:50] <crow> - If you are encrypting using a private key, you need a public key for decryption; [01:07:12] <crow> - If you are encrypting using a public key, you need a private key for decryption; [01:07:19] <crow> =========================== [01:08:12] <crow>> In asymmetric encryption, if the message is encrypted with the 1st key, then the 2nd key is needed to decrypt this message. If you are encrypting using a private key, then you need a public key for decryption. [01:09:13] <crow> If you are encrypting using a public key, then to decrypt you need a private key. It is not possible to encrypt and decrypt with the same key, and this is extremely important. For encryption or decryption, you always need interconnected keys. [01:09:51] <crow> But why encrypt with a public or private key? What's the difference? What is the point of using them? Why not use only one of them? [01:10:24] <crow> Especially for you, I drew an infographic to simply and easily explain the usefulness of these keys and how they can be used. [01:10:31] <crow> =========================== [01:10:43] <crow> Image: (https://i.imgur.com/x5e8urO.jpg) [01:10:49] <crow> =========================== [01:11:22] <crow>> BTW: In this infographic, 2 encryption methods are considered, first we will deal with the green arrows, and then with the red ones. [01:11:29] <crow> =========================== [01:11:40] <crow> 1 way (green arrows) on infographics [01:11:47] <crow> =========================== [01:12:50] <crow> The method with green arrows shows that the sender encrypts with the recipient’s public key, Martha, which means that you need anonymity and confidentiality so that no one can read the message, except the recipient. [01:13:41] <crow>> IMPORTANT: Suppose you encrypt a file using the recipient’s public key. A message can only be decrypted by a person who has a suitable private key, that is, Martha's private key. [01:14:06] <crow>> Since we know that these keys are interconnected, we decrypt one with another and decipher it in no other way. [01:15:08] <crow> The recipient (Martha) cannot identify the sender of this message. Since the public (public) key is then public, that it is usually shared, and anyone can use Martha's public (public) key for encryption.[01:16:39] <crow> When the sender encrypts using the recipient’s public key, the message is confidential and can only be read by the recipient, who has a private key to decrypt the message, but as I said earlier, there is no way to identify the sender, when provided, of course, if you yourself do not send any data there for your subsequent identificatio[01:16:46] <crow> =========================== [01:16:57] <crow> 2 way (red arrows) on infographics [01:17:03] <crow> =========================== [01:17:31] <crow> All of the above translates into the 2nd method of using public (public) and private (private) keys. [01:19:23] <crow> If you encrypt with your own private key, it means that you are interested in authentication. In this case, it is important for you to let the recipient know that it was you who sent the encrypted message. To do this, you encrypt with your private key. This gives the recipient confidence that the only person who could encrypt this data is the person who owns this private key, your private key. [01:19:55] <crow>> EXAMPLE: You are the creator of some kind of software, but the government is indignant and impedes your activities in every way. [01:20:03] <crow>> We will simulate the following situation: [01:21:22] <crow>> Let's say I want to download this software, the hash of this file is indicated here, however, if the website is compromised, it means that attackers could replace this file for download and add a trojan or something to spy on me to him, and they could also replace the checksum. [01:22:16] <crow>> So this hash means nothing. It does not help detect intentional file modifications. We need something else to make sure that this site is actually the official software site. [01:24:21] <crow> And here we come to certificates, digital signatures and other means. All these documents are obtained as a result of cryptographic conversion of information using a private signature key and allowing to verify the absence of distortion of information in an electronic document from the moment the signature was generated (integrity), the signature belongs to the owner of the signature key certificate (authorship), and in case of successful verification, confirm the signing electronic document (non-repudiation) [01:24:27] <crow> We’ll talk about this later .. [01:25:22] <crow> Data encryption with the sender’s private key is called the public message format, because anyone who has a copy of the corresponding public (public) key can decrypt the message. [01:26:48] <crow> You can take it as if you had officially placed something on the Internet for public access, and since you encrypted it with your private key, anyone can make sure that it is you who left this message. Confidentiality or anonymity is not ensured in this case, but authentication of the sender, i.e. you, is ensured. [01:28:14] <crow> Next. When various encryption technologies are used in combination, such as those that we mentioned earlier, since they can all be used in combination and cannot be used separately, they are called a cryptographic system, and cryptosystems can provide you with a number of security tools. [01:28:21] <crow> =========================== [01:28:47] <crow> A cryptographic system can provide you with a range of security features. Among these tools: [01:28:53] <crow> =========================== [01:29:18] <crow> 1. Confidentiality - the need to prevent the leakage (disclosure) of any information; [01:29:46] <crow> 2. Authentication is an authentication procedure, that is, we know that Martha is real Martha and no one else; [01:30:20] <crow> 3. Prevention of rejection - which means that if you sent an encrypted message, then you will not be able to begin to deny this fact; [01:30:43] <crow> 4. Reliability - the authenticity of the fact that the message has not been modified in any way. [01:31:45] <crow> Examples of cryptosystems are any things that use encryption technology, these are: PGP, BitLocker, TrueCrypt, VeraCrypt, TLS, even BitTorrent, and even the 7-Zip we used to encrypt the file in a symmetrical way encryption. [01:32:29] <crow>> FOR EXAMPLE: In order for us to send our file to Martha, we can use Martha's public key to encrypt files, or to transfer anything encrypted. [01:33:30] <crow>> But for starters, of course, we need Martha’s public key, it’s enough to get it 1 time in some secure way, this is important, and after that we can always send encrypted messages available for reading exclusively to Marthe. [01:34:14] <crow> PGP - This is a system that we can use for these purposes, it uses encryption technology for messages, files and other information presented in electronic form [01:35:36] <crow>> DEFINITION: PGP (Pretty Good Privacy) - a computer program, also a library of functions that allows you to perform encryption and digital signing of messages, files and other information presented in electronic form, including transparent encryption of data on storage devices, for example, on a hard disk. [01:35:50] <crow> For these purposes we can use Jabber + PGP or OTR. [01:36:03] <crow> For the first time I’ll say this toad with OTR you eyes [01:36:37] <crow> If you do not own suppliers conditionally where you need to have a secure contact and always know that the person is who he claims to be [01:36:42] <crow> so OTR fuck up [01:37:28] <crow> But let's get back to encryption. When it comes to cryptography using public and private keys or asymmetric encryption, there are both strengths and weaknesses. [01:37:35] <crow> =========================== [01:37:48] <crow> Asymmetric encryption - public and private keys: [01:37:55] <crow> =========================== [01:38:52] <crow> 1. The best distribution of keys is because Martha can put her public key directly in her signature and anyone will be able to send her encrypted messages or data that only she can read. [01:40:06] <crow> 2. Scalability - if you use symmetric keys and want to send your file to Martha and, say, 10 more people, you will have to transfer your password 10 times. It is completely scalable. Asymmetric algorithms have better scalability than symmetric systems. [01:41:03] <crow> 3. Authentication, failure prevention - this means that if you sent an encrypted message, then you will not be able to start denying this fact. Since it was encrypted with a private private key, your private key [01:42:08] <crow> 4. Slow - if you look at the message length in bits (see the screenshot below) after asymmetric algorithms work, you will notice that it is much larger than encryption algorithms with symmetric keys, and this is evidence of how slower they are. [01:42:45] <crow> 5. Mathematically-intensive - The longer it is in bits, the greater the number of mathematical operations, and, consequently, the greater the load on the system. [01:42:52] <crow> =========================== [01:43:02] <crow> Symmetric encryption - private key: [01:43:09] <crow> =========================== [01:44:13] <crow> 1. Fast - if you look at the message length in bits (see screenshot below) after the symmetric algorithms work, you will notice that it is much smaller than encryption algorithms with asymmetric keys, and this is evidence of how fast they are. [01:44:51] <crow> 2. Reliable - Look at the above about AES-256 where I was calculating the number 2 ^ 256 and see for yourself, and there are 384/512/1024 and more .. [01:44:58] <crow> =========================== [01:45:13] <crow> For a visual demonstration, look at this infographic below: [01:45:25] <crow> Image: (https://i.imgur.com/2AznMXl.jpg) [01:46:59] <crow> In order to fix the material, let's return to the analogy with the number of locks on the door. With public and private keys, many, many locks hang on the door, so encryption and decryption take much longer. For the central processor, this is a large amount of mathematical operations, which is why there are hybrid systems, or hybrid cryptographic systems. [01:48:11] <crow> Public and private keys are used to exchange negotiation keys, and we use symmetric algorithms such as AES to encrypt data, thereby maximizing the benefits. HTTPS, using the TLS and SSL protocols, is an example of a similar type of hybrid system, like PGP. [01:49:18] <crow> Next, we will talk in more detail what encryption consists of as a whole short introductory course, we passed advise you to write down all the main points, in the future it will be precisely understanding that will help you in your work. Configuring servers, understanding other aspects of what is safe and what is not. [01:50:33] <crow> On this, the first part of my lecture on encryption came to its logical conclusion, tomorrow we will analyze in more detail those moments and questions that you may have today after this lecture and will more deeply drop into the encryption niche . We’ll also talk about many aspects of encryption in general. [01:51:01] <crow> All in all for today [01:51:17] <crow> If you have any questions, write them down and ask tomorrow after the lecture [01:51:36] <crow> Have a nice evening everyone :) [01:51:45] <crow> And see you tomorrow
  11. Training from Russian carders. All newcomers will be useful Lecture # 1 Introductory 1/13/2020 Lecturer: Mans77 (19:02:04) Mans: Hello everyone! We are waiting for 15 minutes for those who are late and start. (19:17:44) Mans: Stop the flood (19:18:30) Mans: Now I’m just saying, pluses and all the other phrases do not need to be written in the chat, even if you really want to. (19:19:21) Mans: I’m Mans77 from the forum and I’m your main curator for the entire period of training, and not only with the training, we keep in touch with some, although they passed my training in the 15th year. (19:20:12) Mans: Today we will have an introductory lecture and on I will tell you what awaits us this month, what and how it will be and what where to look. (19:20:29) Mans: We also get to know each other a little closer. (19:21:27) Mans: Immediately make a reservation, Karzh loves dating in this business, as in any one without more experienced friends. So initially I advise you to organize a powerful team within the group, which will help and motivate each participant. (19:22:10) Mans: We will start our studies with security lectures. (19:22:57) Mans: Since we have a lot of questions, vpn \ system \ setup \ data storage. Because of this, without the basics of security, they will quickly put us on a bottle. (19:23:12) Mans: I advise you to approach these lectures extremely responsibly. (19:24:20) Mans: I speak right after Linux. Who wants to transfer to it, but does not fumble in it, we take those. literature on this OS and study independently. Without it, you won’t understand and you won’t be able to work comfortably, wake up and suffer, and in 90% you won’t be able to move on the barge. (19:25:40) Mans: Next we will have lectures on the basics of cage. Analysis of bank cards \ Analysis of antifrauds \ Let's get acquainted with drops \ in the middle. (19:26:16) Mans: Everything is clear in detail, without the fundamentals you cannot get a quality drive in and the fact that it will pass and you will be sent the goods is rapidly approaching zero. (19:27:27) Mans: And after that we will begin to analyze all kinds of methods in the cart. How to buy GIFs \ How to work with Paypal \ Rolls / Air and Hotels (19:28:05) Mans: We’ll also have a video broadcast of driving a drive - driving a pickup, driving a GIF. (19:29:05) Mans: Those who come with zero knowledge and understand nothing, you can not worry! Our training is structured in such a way that you will understand everything, and that you will not understand, we will tell you and show you everything. (19:29:23) Mans: We will get to know the lecturers as we study. All lecturers are also in our forum conferences. (19:29:51) Mans: Each lecturer has his own sphere in the cart. Someone for Gift, some for PP, and some for Air and Hotels. (19:30:26) Mans: A lecture, on average, goes 1-1.30 (19:30:39) Mans: after question / answer (19:31:06) Mans: If there are any deviations from the schedule, we will give announcements in the main conference. (19:32:14) Mans: First comes the lesson material, then ask questions and the lecturer answers them. (19:32:27) Mans: When did the topic go. Does the lecturer put a sign? and writes that we are asking questions. (19:33:08) Mans: The lecturer takes turns writing nicknames -> You write a question -> The lecturer answers. (19:33:27) Mans: When there is a topic and a question appears, I advise you to immediately write it down in a notebook and when I call your nickname you just made a copy-paste. Saves a ton of time for everyone. (19:34:09) Mans: All relevant information (lecture logs, links, shops) will be added in the first posts on the forum in our group LAN. (19:35:26) Mans: Here we look at all the info. Those who missed lectures will have logs in this conference. (19:35:59) Mans: All questions that appear, we write in the question / answer konf. (19:39:04) Mans: We ask any questions at all. What is connected with the cage. we write everything there. Because many have similar questions and so that everyone sees the answers and does not ask all the same question a hundred times. (19:41:02) Mans: I just want to make a reservation about the questions and their answers) Many people write to me with a request to ask questions in the LAN, motivating them not to interfere with the guys from the conference and so on and so forth. Guys, your phobias about stupid questions, all this is nonsense! To begin with, you yourself are not small and our contingent is 95% adult and everyone understands that everyone has come to learn a new profession and if we do not work together to solve all issues and problems, we won’t succeed! So we write all questions here - (19:42:36) Mans: Or something urgent (19:44:26) Mans: The quickest thing I can answer is in the cart. (19:45:36) Mans: Since everyone writes a lot to us in drugs \ Carts \ Toads there is a simple instruction that they will answer you 99% (19:46:57) Mans: To prevent you from being missed, do the following: 1. Unsubscribe to drugs 2. Duplicate the issue in telegrams or toad. 3. If no response is received, upset the drug after 2 days. (19:48:00) Mans: I am online from Mon to Fri from 10 to 21 Moscow time. SAT day off and in the sun towards the evening already online. Do not be surprised if you write at 4-5 in the morning on MSC, but I do not answer) (19:48:09) Mans: By Sphere bonus (19:49:26) Mans: A sphere is issued to everyone at one moment. Sooner and later we do not give out to anyone. So do not ask this question to me and do not write to Sappa of the sphere on this question. (19:50:09) Mans: Tomorrow you will begin lectures on security. (19:51:09) Mans: You will have the message Crowe. He can be late, so no panic. If there are any changes in time, I will inform you this information. (19:51:47) Mans: And now we set? and I will answer your questions! (19:52:45) net23: will the lectures be audio or video or text? (19:54:39) Mans: net23: 90% of lectures text + video streams with driving in shops. (19:54:49) qmorgenshtern: will there be lectures on the logs? Sun work with shops with logs or with Amazon. or just lectures on ss? (19:55:50) Mans: qmorgenshtern, we’ll lie superficially, but we won’t go deep. There is no Amazon, there the fraud changes every day, it is easier to knock out a middle hand in a shop and have a profit. (19:55:58) MaisWindows: What is a sphere bonus? Do you need some preliminary steps to get it in the future? (19:57:46) Mans: MaisWindows: Will be given free access for 6 weeks to her. (19:59:05) BloomBerg: how will the main lectures be held, because writing to lecturers manually for a long time, as I understand the large amount of information? (20:00:32) Mans: BloomBerg, each lecturer has his own lecture log, which he constantly updates and corrects. At the lecture, he gives it to you gradually so that you can read everything and further formulate questions on the topic. (20:00:42) wayanfas: When I skipped classes, is there a way to view the lesson I’ve missed? (20:00:50) usbnet: 1. question on the practice that was written in terms of training, what is included in it and how will it go? (provide software, materials and someone personally will bring to profit?) 2. Regarding the recommendation to transfer to Linux, there are options to offer by the training manual, are there any tips what are the best training manuals for beginners to get comfortable with? 3. about driving in and other things related to karzh, which softwares will be needed to use and get profit, and we will get them for free or extra. payment? if so, issue verified sellers for collaboration? (20:01:35) revolver81: Will the logs be laid out day after day? to read and not skip. And will there be access to them after training? (20:02:43) Mans: revolver81, Martha manages the logs. Usually it spreads per day per day, but there are delays. Access remains with you all the time. (20:06:49) Mans: usbnet, 1. Practice goes like this - issued for the weekend DZ with the subsequent analysis of errors and questions in the conference question / answer. 2. Tomorrow Blood will say. 3. To drive in, you need a virtualka or Sphere (your sphere will go with a bonus of 6 weeks). The rest of the software at your request. What we give is enough for successful work. We have a lot of sellers on the site. The best way to check the seller is to read reviews in its topic. (20:07:00) MrQwiks: Not much rejected question. How do carders find Beans for the right service? And one more question. I have already paid the scope for 1 month, can I also get a bonus on top of this month? (20:07:39) Mans: MrQwiks 1. This will be discussed in lectures 2. Yes, of course, you will receive everything in full. (20:07:52) Necrolyt: 1. They said that there will be new builds of vin10 on the forum. When exactly? 2. When is the scope issued? (20:09:06) Mans: Necrolyt 1. I’m doing now how I’ll complete the pumping on the forum. 2. By the end of the training. week 5. (20:10:08) net23: who will help set up the machine and when? and can they help set up the phone for driving? (20:10:08) id666: Mans: a little clarification. lectures will be from Mon to Thu inclusively, at 19:00? (20:10:54) Mans: net23 - what needs to be configured? here you need specifics. Phones are not customizable. (20:11:05) Mans: id666, yeah, that's right. (20:11:15) Jayall87: what about working on macos? (20:12:27) Mans: Jayall87, I don’t really like him at all, even for white use. There is little software for it. If you work with him, then you need to distribute socks on the waffle. In general, everything is hemorrhagic. The best work with Windows / sphere / phone (20:12:49) Parlamenter: What does the assembly on vin10 mean? specifically what are assemblies? (20:13:16) wayanfas: 1. Can each operation work only on VMware? 2. Can I use RDP to replace it? (20:14:22) Mans: Parlamenter, a virtual machine for work. (20:14:51) Mans: wayanfas: 1. Not entirely clear. 2. Yes, you can work calmly with RDP (20:15:04) Rarka_: regarding work on MacOS, you put the sphere and don’t bother with virtual machines, all right, I understand? (20:15:39) Mans: Rarka, yes, Sphere of norms or WB and virtual machines. (20:15:51) net23: who can set up the phone? (20:16:10) Mans: net23, but why don’t you want to configure it yourself? (20:16:34) analitik99: will there be training on working with the sphere? (20:16:46) xevious: Linux is also a good way to work, right? or I better use windows. I have a parrot on my laptop. But if Windows is better for these things, I will install it right now. (20:17:00) net23: I don’t know how, it’s also necessary to go there as an administrator, etc. put some kind of program for work (20:17:15) Mans: analitik99, yes, there will be a lecture + there is a normal manual, how to work with it (20:18:11) Mans: net23, there’s just an option to learn. There are lots of manuals and text and video. Moreover, the lecture on androids will be. (20:18:53) Mans: xevious, windows will be better for karz than Linux. (20:19:23) Mans: But !! This is my IMHO)) I do not like a penguin ... (20:19:34) Serrwrtet: How important is ping in work and is it an antifraud? (20:20:58) Mans: Serrwrtet, we will analyze all this in lectures (20:21:15) Rarka_: Will working with enroll be affected in training? (20:22:43) Mans: Rarka_, of course there will be a lecture on skates. (20:22:51) Parlamenter: what does IMHO and the penguin mean? (20:24:08) Mans: Parlamenter - It is assumed that he began with the English phrase “In My Humble Opinion”, which can be literally translated into Russian as “in my humble opinion” 2. Penguin - Linux systems (20:24:19) Majesty: 1. Regarding working with the sphere, can it be installed on a virtual machine or can it be set to a slave machine from vpn and tp? 2. What method is better to drive in (ss, roll, logs), not counting warming up and so on. (20:25:57) Mans: Majesty, it’s possible on the basis, it is possible on the PC. I already do the assembly for it. 2. There is no better, all the ways are working and bring profit, and after it we just came here)) (20:26:09) academeg: what is driving in? (20:27:33) Mans: academeg, today I will add the dictionary of "young carder" in the first posts (20:29:08) Reimon: What days of the week will training take place? (20:30:04) Mans: Reimon, lectures will be from Mon to Thu inclusive, at 19:00 (20:30:39) Kto-to: Chto za voprosy u vas? Ne polenites 'prochitat', vse raspisano (20:32:02) net23: what are GIFs and driving a pickup truck) (20:32:22) Mans: we will analyze it all in lectures (20:33:35) GBC: I have a jaba on my phone, that is, all the lectures that take place remain but I can only read them by 10-11 o’clock in the evening, can I ask the lecturers questions later? Or the next day afternoon (20:34:21) Mans: GBC, yes of course you can, just write to the question \ answer (20:34:48) xevious: when will receive our bonus? and I saw that we get $ 200 for the Balance for distributing trading topics. But what is it? (20:35:28) wayanfas: If I missed a lesson. Is there any way to find the content again? (20:37:10) Mans :) xevious, this is if you create a trading topic for selling a video (as an example) you can spend this money on advertising. (20:37:24) Mans: wayanfas, yes, everything will be in our main conference. (20:38:06) Mans: In general, the sailors have no questions)) Today we finish) Thank you all for coming!
  • Create New...