This is probably not the right community but I haven't found a better one.

So I watched a video from Seytonic where he mentiond that some malware creates a windows link with the name of the usb on a usb. So I checked my usb because I remembered that I had to click 2 times on my usb to opened it. I found a link that contained cmd.exe and a name of a file next to it. Upload to the virustotal showed Raspberry Roblin worm.

I use Linux but my familly uses windows so I will have to go through all familly computers and remove the worm. Where can I find info how to remove this specific worm - Raspberry Roblin? On google I found a description about how the worm works but not specific files it creates and how to remove it.

The first page that shows up is microsoft.com and it says that windows defender detects the worm, but clearly it doesnt.

Edit: The worm was on one computer and it did not have windows defender installed. Seems like malware removed it and also disabled automatic updates. I installed MalwareBytes and sucessfully removed the worm :)

I found a few old phones from my family. II cleaned them, installed LineageOS and rooted most of them. On one I installed postmarketOS, one is still stock Android and one is lets say bricked (after installing lineagesos it stay on boot logo for ever, before that I installed lineageos and nethunter on it). One one disk encryption doesnt work for some reason.

Phones (all samsung galaxy):

• S4
• A5
• A5 (bricked)
• A5 (postmarketOS)
• J3
• J4+ (no encryption)
• A31 (stock)

What can I do with them? Something like Monero node or Tor relay, but I'm already running that on old pc. For something that needs speed I have rpis (like a website). Camera security system? Tracking device?

Is it possible to run (and autorun) cli apps and/or services that can access interent, bluetooth, gps, sensors, camera, files, etc. just like on linux? I'm a programmer and I don't like making normal android apps for a simple project.

Hi, I'm working on a PQC key establishment and authentication protocol. Currently it works like this:

1. Client and server each generate ECDSA and Dilithium identity keys and share them between each other, with usb for example.
2. Client sends to the server single-use ECDH public key, single-use Kyber public key, timestamp, ECDSA and Dilithium signature of everything before it.
3. Server verifies the message using clients identity keys, generates 2 secrets, one from ECDH and one from Kyber and then it uses blake3 kdf to derive a key from both secrets. Then it sends response with single-use ECDH public key, Kyber ciphertext, timestamp, ECDSA and Dilithium signature of everything before it.
4. Client verifies the message using servers identity keys, and generates 2 secrets, one from ECDH and one from Kyber ciphertext and then it uses blake3 kdf to derive a key from both secrets.

Kyber: kyber1024 ECDH: secp256k1 ECDSA: secp256k1

I will use the key for XChaCha20-blake3 aead. I don't know yet how will I generate and keep track of used/unused nonces.

Building this was interesting and fun, but I want more. How can I improve this key exchange, make it more secure, faster, and smaller? Both messages are huge (6268 bytes), because of Kyber and Dilithium.

Any ideas for what application could be this used?

Hi, I'm in a process of making fast, (extrenely) secure, and modern laptop. Currently I have Arch Linux with encrypted root partition (unlocked with Nitrokey or long password), secure boot, linux-hardened, firewalld, etc.

I'm running linux-hardened with custom config. I enabled AMD SME, kernel lockdown, added some xanmod patch for more specific cpus, and disabled some unnedded drivers (only those that I'm 100% sure I don't need - Intel, NVidia, Microsoft, Google, Amazon, Virtio). Currently it takes ~50 minutes to recompile the kernel. Are there any tutorials what drivers to disable to speed up this process? After doing that I will try to compile it with -O3 and LTO. Do you know any patches for performance?

I'm planning to enable encrypted swap, install ClaimAV and install flatpak versions for every non open-source app I have.

I also want to have SELinux. Does anyone know where can I learn it? I had it on Fedora and it was not fun using it.

What are other ways I can make my laptop more secure?

I have Arch Linux on Ryzen 7 3700X, 32gb of ram, and some Gigabyte motherboard with updated bios.

Few weeks ago my computer would startet crashing (screen would freeze) soon after login or even at boot about 50% of the time. I was lazy so when it crashed I just forced rebooted it (the power button). Then crashes became more common untill my system wouldn't even boot.

So I reinstalled and I had some trouble generating dracut bundles, because some zstd copression was corrupted. After booting freshly installed os it would crash again right before the login should show up. Switching kernel (from hardened to zen) fixed the problem. Then I installed basic apps (browsers, office, crypto stuff, steam, etc.) I rebooted and when I typed the password for my encrypted root it was wrong (Im sure I typed it correctly).

I have no idea wtf went wrong with my system. I have almost the same everthing on my laptop (hardened, btrfs, luks encrytped drives, systemd boot, etc.) and it works great. And I never experienced any crashes on live usb on my pc.

I ran some random test (its passmark memtest86 v9.3 pro) on my medicat usb. Right now its 92% finished with 1070 errors. This just can't be good :(

Now I will play with some bios settings (like disable xmp), reflash other version, maybe switch a ssd... I will also try other distro, but I can't daily drive them. Arch gives me a ton of flexibility and I don't want to lose it. Maybe NixOS or Gentoo, but gentoo doesnt have systemd (I want to use Mullvad as my vpn and their app reqires it).

Do you maybe know what could be wrong and how to fix it. Thank you for reading this post and thank you very much for answering.

I don't know if this is arch bug or its something wrong with my system. If this is not right community to ask this, plese direct me to the right one (just please not reddit).

Edit: I ran memtest again without one ramstick and it gave me no errors! Thank you for all help and suggestions :)

Edit: I also tried only the faulty ram stick and the PC wouldn't even boot.

Edit: Booting PC with only the faulty ram stick corrupted my bios... I guess I will have to reflash bios anyway.

Hi, I've just paid for Mullvad VPN (personally recommend) with XMR. That looked like this:

1. I copied the address (one time subaddress) and the amount, checked if everything matched (and it did) and pressed send.
2. On my Ledger I checked the fee, accepted, checked the amount, accepted, checked the address... REJECTED, because the address was different.
3. Repeated the step above probably 2 times, installed ClaimAV and started full scan of my machine for malware.
4. Because the Monero Wallet GUI was freshly installed from official Arch Linux repo and it showed the right address I decided to still accept the transaction. Worst case I lose 10 €.
5. While the transaction was pending I tried to prove payment using LocalMonero's block explorer and I got an error. So I basically got hacked and lost 10 € ...
6. Checked Mullvad VPN app and... it was paid???

Can someone explain me what just happened? My ledger showed a different address than what I copied, but the transaction still went to the right person. I started using Ledger only a month ago and I haven't been paying with it much. If this is all good and right, how can I tell if I'm being scammed on my Ledger?

OXEN is a fork of Monero that uses proof of stake instead of proof of work and supports instant transactions. Lokinet (onion router, like tor) and Session (messanger) are build on top of it. I just discovered it a week ago and I'm suprised that I hadn't heard of it before. In my opinion It's a better Monero (except that Monero has higher and more stable price)? What do you think about OXEM? Is it better or not, and why?

Hi, I want to pay with online prepaid visa in person. I could add it to Google Pay, but Google Pay doesn't support NFC payments on GrapheneOS. Do you know any other app that lrts you do that?

I want to make my own website, like a blog where I talk about tech and tutorials and such. Something like https://kerkour.com and https://lukesmith.xyz. Any ideas for simple but modern design?

Hi, I'm building a personal website and I don't want it to be used to train AI. In my robots.txt file I blocked:

• ChatGPT-User
• GPTBot
• Google-Extended
• FacebookBot

What bots should I also add? Are there any other ways to block AI bots?

IMPORTANT: I don't want to block search engine crawlers, only bots that are used to train AI.

Hi, I'm thinking of building a personal website about tech, privacy, open source, etc. Any recommendations about where can I buy domain? .com is taken, but everything else is not. Shuld I take .tech (few dolars more expensive) or something more basic?

I use Pi-Hole and works great. I've heard about AdGuard and seems the same thing as PiHole, but you have to install an app/extension. Everyone in this community recommend NextDNS. Whats the difference between them?

Hi, I'm looking for a distro for my laptop. My first distro was Pop!_OS, then I switched to Fedora, then Arch for a year and 2 months ago I switched to Fedora Silverblue, because I wanted to try immutable distro that relies on containers and flatpaks to be usefull. Silverblue is great but not so much for me, its not flexible enough.

I'm thinking of switching to Arch but maybe it's time for something else. Maybe NixOS or Void, Gentoo probably not, I don't have time for compiling everything. What do you recommend?

It must support full disk encryption, secure boot with signing with YOUR OWN KEYS, systemd (because of MullvadVPN), everything else I think can work on any distro (Gnome, podman, kvm, etc.).

Hi, where can I spend/sell/trade Pi cryptocurrency?

Hi, currently I have a almost none backups and I want to change them. I have a PC with Nextcloud on 500gb ssd that I also use for gaming (1tb system drive). Nextcloud would be used to store/sync images, documents, contacts, and calendar from my phone and laptop. I also have an old pc that has 2x 80gb, 120gb, 320gb, and 500gb hdd. I want to use it for other backups like OS snapshots, programming projects, etc. but its not a big hdd but a lot of small hdds. Should I store each backup on 2 drives? Can I automate this? Any suggestions would be helpful.

I just discovered this amazing app! It lets you remove (or just disable) preinstalled apps like Facebook, Netflix, etc. and system apps like samsung knox apps, diagnostic, bixby, and even One UI (but you must have installed other launcher). You can’t brick your device, worst case it falls into a boot loop and after 5 reboots it will factory reset.

Debloating your device will make it faster, more private and more secure (less atack surface).

I just discovered this amazing app! It lets you remove (or just disable) preinstalled apps like Facebook, Netflix, etc. and system apps like samsung knox apps, diagnostic, bixby, and even One UI (but you must have installed other launcher). You can't brick your device, worst case it falls into a boot loop and after 5 reboots it will factory reset.

Debloating your device will make it faster, more private and more secure (less atack surface).

Online privacy: Best privacy related thing I've done is use a nickname. If I search my real name on Google, only two results show up (and my Instagram, but I deleted it) from the same site, my place in some school competition. That's it! But if I search my made-up nickname... Github, Gitlab, Reddit, StackOverflow, LocalMonero, fucking SuperTuxKart and A LOT MORE related results - basically my whole internet life. I stared using randomly generated username for each account in case my name is somehow leaked from my nickname account.

A month ago I also bought Pixel 7a and installed GrapheneOS as my daily driver. Separate accounts are AWESOME. I have account for personal use (family, photos, friends, etc.), (not basic) internet use (Lemmy, podcasts, torrenting, youtube/newpipe, etc.), google apps (maps, drive, galaxy wearable, etc.), finances (banking app, Paypal, crypto wallets, etc.), school apps (teams & ms office, Canva, etc.), and anonymous account (Tor, OnionShare, Session, Briar, etc.).

On personal profile I have "always on" VPN to my house, so anywhere I am, apps think I'm home and it's useful for public Wi-Fi-s. On the internet profile I have "always on" MullvadVPN. On anonymous profile I have "always

I use self-hosted Bitwarden. Can this de-anonymous me on the internet profile, because traffic from Bitwarden goes to my home, or will this know only Mullvad (that already knows my home IP, because it has to)?

I also switched to ProtonMail, LibreWolf, and Startpage. I self-host Nextcloud, Syncthing, Monero node, Pi-Hole, etc.

Recently I started deleting all my accounts that I don't use anymore. Now I'm pretty happy about my anonymity online.

Physical privacy & security: I weak ago I got a RFID blocking wallet. I bought it in a store where I am signed in for news and sales, and I also get a lot of cheaper things because of it. But they basically track everything I buy, where and when. And that is with all stores if you have the stores card (I only have one, because parents pay for everything currently). Does anyone know if this stores share data between each other or with someone else? I live in Europe, I know we have better privacy laws than US but it's still bad, right? I am also joined in club of students in my city - cheaper movies, skiing, tickets, etc. Is that also a privacy concern?

Payments: For privacy reasons only pay in cash, I know. What about if there is no cash option? I've heard of prepaid debit cards, but they only work in US. Is there any way for private payments in Europe? If not would something like Revolut be more private than traditional banks?

For online payments I can buy prepaid debit cards for US services in XMR. And for not US services like ProtonMail? Is there something like privacy.com (with virtual cards) in Europe?

Thank you for all comments :)

Hi, I just switched from arch to fedora silverblue. I have secure boot enabled with factory keys (microsoft). How can I sign bootloader and kernel and other stuff with my own keys using something like sbctl? Is this even possible using Fedora Silverblue?

Thank you :)

Hi, Im searching for a secure distro for normal daily use for my laptop. Currently Im running arch linux with full disk encryption, secure boot, linux hardened, firewalld and most apps as flatpaks (with some disabled permissions using flatseal). I think its pretty secure laptop but it could be more secure.

Tails and Whonix are the most secure but they are not ment for normal daily use...

There is a lot of new immutable distros. Getting (system) malware is harder to get on them. Im most interested in blendOS, because its based. Does anyone know if it has full disk encryption, secure boot, etc. or can it be done by the user? What about other distros like Fedora Silverblue?

Any other recommendations?

Thank you :)