Jun 10 2024

Duckduckgo Launches Anonymous AI Chatbots

Category: Anonymousdisc7 @ 7:10 am

DuckDuckGo has unveiled a new feature, AI Chat, which offers users an anonymous way to access popular AI chatbots.

This innovative service includes models like OpenAI’s GPT 3.5 Turbo, Anthropic’s Claude 3 Haiku, and two open-source models, Meta Llama 3 and Mistral’s Mixtral 8x7B.

A New Era Of Private AI Interaction

DuckDuckGo’s AI Chat is designed to provide a private and anonymous experience for users who want to interact with AI chatbots.

This optional feature is free to use within a daily limit and can be easily switched off if desired.

The company emphasizes that all chats are private, anonymized, and not used for any AI model training.

According to the Spreadprivacy blog, Users can access DuckDuckGo AI Chat through various entry points, including duck.ai, duckduckgo.com/chat, the Chat tab on search results pages, or via the !ai and !chat bang shortcuts.

All these routes lead to the same destination, ensuring a seamless user experience.

Why AI Chat?

DuckDuckGo’s mission is to demonstrate that online privacy can be easily maintained.

The company believes people should be able to use the internet and digital tools without sacrificing their privacy.

This philosophy has driven the development of products that add a layer of privacy to everyday online activities, from search and browsing to email and now generative AI with AI Chat.

According to recent Pew research, many U.S. adults have concerns about AI’s impact on privacy, even as they recognize its potential benefits in other areas.

DuckDuckGo AI Chat aims to address these concerns by offering a private and anonymous way to use AI chatbots.

Enhancing The Search Experience

DuckDuckGo takes a thoughtful approach to integrating AI features in the competitive landscape of generative AI.

Before rolling out, the company carefully considers how these features can enhance the search and browsing experience.

AI Chat and search are seen as complementary tools that can help users find information more effectively, especially when exploring new topics.

For instance, users might start with AI Chat to ask a few questions and then switch to traditional search to find reviews, prices, or other primary sources.

Conversely, they might begin with a search and then use AI Chat for follow-up queries.

This flexibility allows users to choose the method that best suits their needs.

How It Works And Ensures Privacy

Users can select their preferred chat model and interact like any other chat interface when they land on the AI Chat page.

All chats are completely anonymous, with DuckDuckGo removing users’ IP addresses and using its own instead.

This ensures that requests appear from DuckDuckGo, not the individual user.

DuckDuckGo does not save or store any chats. While the underlying model providers may temporarily store chats to ensure system functionality, they cannot trace them back to individual users.

Agreements with model providers ensure that any saved chats are deleted within 30 days and are not used for model training.

AI Chat is free to use within a daily limit, maintaining strict user anonymity.

DuckDuckGo plans to keep the current level of access free while exploring a paid plan for higher usage limits and more advanced chat models.

DuckDuckGo is already working on improvements to AI Chat, including new capabilities like custom system prompts and general user experience enhancements.

The company also plans to add more chat models, potentially including DuckDuckGo– or user-hosted options.

Users are encouraged to provide feedback on desired features via the Share Feedback button on the AI Chat screen.

To experience DuckDuckGo AI Chat, visit duck.ai or duckduckgo.com/chat.

You can also find it on your search results page under the Chat tab or initiate a chat using the !ai or !chat bang shortcuts.

If AI Chat isn’t for you, it can be easily disabled in the Search settings menu.

We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency

InfoSec services | InfoSec books | Follow our blog | DISC llc is listed on The vCISO Directory | ISO 27k Chat bot

Tags: Chatbots, DuckDuckGo

Jan 30 2023


Category: Anonymous,Information Privacy,Information SecurityDISC @ 9:44 am


The MAC address is (should be) unique to each network interface. By the way, if the device has several network interfaces, then each of them has its own MAC address. For example, laptops have at least two network interfaces: wired and Wi-Fi – each of them has an MAC address. Desktop computers are usually the same. When we talk about “changing  MAC addresses”, we need to understand that there are several of these addresses. By the way, each port has its own unique MAC address, if the device supports wireless networks, then each wireless interface (2.4 GHz and 5 GHz) also has its own MAC address.

So, since the MAC address must be unique, it allows you to uniquely identify the network device. And since this network device is part of your computer, this allows you to uniquely identify your computer. Moreover, the MAC address (also called a hardware, physical address) does not change when the operating system changes.

In short, the replacement of the MAC address is needed so that it is not possible to track and identify the device by the MAC address. But there is a more important reason (than paranoia) to learn about MAC addresses and about methods from substitution, or prohibiting changes in your system. Based on MAC addresses, user identification can be performed when connected via the Intercepting Portal. A few words about the Intercepting Portal. Captive Portal). This is a way to force the user to comply with certain conditions for providing Internet access. You can most often encounter examples of Intercepting Portals in public places that provide Internet access services via Wi-Fi to an indefinite circle of people, but who want to identify the user and / or allow access only to persons with credentials. For example, at the airport you may need to confirm your phone number via SMS to access the free Wi-Fi network. The hotel will provide you with a username and password for accessing the Internet via Wi-Fi – this ensures that only hotel customers can use Wi-Fi services. 

Due to the features of the Intercepting Portal, user identification is based on MAC addresses. And starting with NetworkManager 1.4.0 (a popular program for managing network connections on Linux), an automatic MAC-address spoofing is now present. And in case of incorrect settings, you may encounter an Internet access problem running through the Intercepting Portal. There are also problems with customized filtering by MAC on the router.

Well, for pentesting experts , of course, there are reasons to change the MAC address: for example, to pretend to be another user, and take advantage of its open access to the magical world of the Internet, or to increase anonymity.

Who can see my MAC address?

The MAC address is used to transfer data on a local network. That is, it is not transmitted when connecting to websites and when accessing the global network. Although there are exceptions: some vulnerabilities allow a person who is not on your local network to find out your MAC address.

If you connect to the router via the local network, then the router knows your MAC address, but if you open the site on the Internet, the site owner cannot find out your MAC address. 

All devices located on the local network can see each other’s MAC addresses (there are many scanners that can get this data). An example of a local network scan made using arp-scan. A slightly different situation with wireless network interfaces. If you are connected to an access point (router), then all the rules of the local network work: the router and other devices can find out your MAC address. But also any person who is within the reach of your Wi-Fi signal (from the phone, laptop) can find out your MAC address.


NetworkManager may reassign MAC installed by other programs

Starting with NetworkManager 1.4.0, this program supports MAC spoofing, and has many different options.

So that we can understand them, we need to understand some concepts

First, network adapters are :

  • wired (ethernet);
  • wireless (wifi).

For each group, MAC rules are customized separately.

Secondly, a wireless adapter can be in two states:

  • scanning (search, not connected to the network) – is set using the property wifi.scan-rand-mac-address, default set to yes, which means that during scanning it sets an arbitrary MAC address. Another acceptable value is no;
  • connected to the network – installed using the property wifi.cloned-mac-address, the default value is preserve.

For wired interface (installed by property ethernet.cloned-mac-address) and the wireless interface in the connection state (installed by the property wifi.cloned-mac-address) the following values are available (regimes):

  • clearly specified MAC address (t.e. you can write the desired value that will be assigned to the network interface)
  • permanent: use the MAC address sewn into the device
  • preserve: do not change the device’s MAC address after activation (for example, if the MAC has been changed by another program, the current address will be used)
  • random: generate a random variable for each connection
  • stable: similar to random â€“ i.e. for each connection to generate a random variable, NO when connecting to the same network, the same value will be generated
  • NULL / not installed: This is the default value that allows you to roll back to global settings by default. If global settings are not set, then NetworkManager rolls back to the value preserve.

If you are trying to change the MAC in other ways and you are failing, it is entirely possible that NetworkManager, which changes the MAC in its own rules, is to blame. Since most Linux distributions with a NetworkManager graphical interface are installed and running by default, to solve your problem, you must first understand how NetworkManager works and by what rules.


NetworkManager settings, including settings related to MAC, can be done in a file /etc/NetworkManager/NetworkManager.conf or adding an additional file with the extension . . . .conf to the directory /etc/NetworkManager/conf.d 

The second option is highly recommended, since when updating NetworkManager usually replaces the main one . . . . . . . . . .conf file and if you made changes to /etc/NetworkManager/NetworkManager.conf, then the settings you made will be overwritten.


If you want the MAC address to be replaced with each connection, but the same MAC is used in the connection to the same network, then the file /etc/NetworkManager/conf.d/mac.conf:

1sudo gedit /etc/NetworkManager/conf.d/mac.conf

Add lines :


Lines with ethernet.cloned-mac-address & wifi.cloned-mac-address can be added individually or together.

Check the current values :

1ip link

Restart the service :

1sudo systemctl restart NetworkManager

We will make connections to wired and wireless networks. Now check the values of MAC again 

As you can see, MAC is replaced for both the wired and wireless interfaces.

As already mentioned, the same addresses will be generated for the same networks, if you want different MACs each time even for the same networks, then the lines should look like this:



Ubuntu and Linux Mint use NetworkManager versions that support automatic MAC configuration. However, if you connect a Wi-Fi card to Ubuntu or Linux Mint, you will see a real MAC. This is due to the fact that in the file /etc/NetworkManager/NetworkManager.conf indicated not to spoof :

To change this, open the file :

1sudo gedit /etc/NetworkManager/NetworkManager.conf

And delete the lines :


or comment on them to make it happen :


or change no on yes:


And restart NetworkManager :

1sudo systemctl restart NetworkManager

Similarly, you can add lines to replace MAC (these settings create a new address for each connection, but when connecting to the same networks, the same address is used):




We will use the program ip, which is included in the package iproute2.

Let’s start by checking the current MAC address with the command :

1ip link show interface_name

Where Interface_name â€“ This is the name of a particular network interface that you want to see. If you do not know the name, or want to see all the interfaces, then the command can be started like this :

1ip link show

At the moment, we are interested in the part that follows after link / ether“and represents a 6-byte number. It will look something like this :

1link/ether 00:c0:ca:96:cf:cb

The first step for spoofing MAC addresses is to transfer the interface to a state down. This is done by the team

1sudo ip link set dev interface_name down

Where Interface_name replaces the real name. In my case, this wlan0, then the real team looks like this:

1sudo ip link set dev wlan0 down

Next, we go directly to the MAC spoofing. You can use any hexadecimal value, but some networks may be configured not to assign IP addresses to customers whose MAC address does not match any known vendor (producer). In these cases, so that you can successfully connect to the network, use the MAC prefix of any real vendor (first three bytes) and use arbitrary values for the next three bytes.

To change the MAC, we need to run the command :

1sudo ip link set dev interface_name address XX:XX:XX:XX:XX:XX

Where XX: XX: XX: XX: XX: XX â€“ This is the desired new MAC .

For example, I want to set the hardware address EC: 9B: F3: 68: 68: 28 for my adapter, then the team looks like this:

1sudo ip link set dev wlan0 address EC:9B:F3:68:68:28

In the last step, we return the interface to the state up. This can be done by a team of the form :

1sudo ip link set dev interface_name up

For my system, a real team:

1sudo ip link set dev wlan0 up

If you want to check if the MAC is really changed, just run the command again:

1ip link show interface_name

Value after “link / ether“should be the one you installed.


Another method uses macchanger (also known as the GNU MAC Changer). This program offers various functions, such as changing the address so that it matches a particular manufacturer, or its complete randomization.

Set macchanger – it is usually present in official repositories, and in Kali Linux it is installed by default.

At the time of the change of the MAC, the device should not be used (be connected in any way, or have status up). To transfer the interface to a state down:

1sudo ip link set dev interface_name down

For spoofing, you need to specify the name of the interface, and replace in each next command wlan0 in the name of the interface that you want to change the MAC.

To find out the values of MAC, execute the command with the option -s:

1sudo macchanger -s wlan0

Something like:

12Current MAC:   00:c0:ca:96:cf:cb (ALFA, INC.)Permanent MAC: 00:c0:ca:96:cf:cb (ALFA, INC.)

The “Current MAC” line means the address at the moment, and “Permanent MAC” means a constant (real) address.

For spoofing the MAC address to a completely arbitrary address (option -r):

1sudo macchanger -r wlan0

About the following will be displayed :

123Current MAC:   00:c0:ca:96:cf:cb (ALFA, INC.)Permanent MAC: 00:c0:ca:96:cf:cb (ALFA, INC.)New MAC:    be:f7:5a:e7:12:c2 (unknown)

The first two lines are already explained, the line “New MAC” means a new address.

For randomization, only bytes that determine the uniqueness of the device, the current MAC address (i.e.e. if you check the MAC address, it will register as from the same vendor) run the command (option -e):

1sudo macchanger -e wlan0

To set the MAC address to a specific value, execute (option -m):

1sudo macchanger -m XX:XX:XX:XX:XX:XX wlan0

Here XX: XX: XX: XX: XX: XX â€“ This is the MAC you want to change to.

Finally, to return the MAC address to the original, constant value prescribed in the iron (option -p):

1sudo macchanger -p wlan0


NetworkManager currently provides a wealth of MAC spoofing capabilities, including a change to a random address, or to a specific one. A feature of NetworkManager is the separation of “scanning” and “connected” modes, i.e. you may not see that the settings made have already entered into force until you connect to any network.

If after the change of MAC you have problems with connecting (you cannot connect to networks – wired or wireless), this means that there is a ban on connecting with MAC from an unknown vendor (producer). In this case, you need to use the first three octets (bytes) of any real vendor, the remaining three octets can be arbitrary says pentesting experts.

The Art of Mac Malware: The Guide to Analyzing Malicious Software


Mar 25 2022

Anonymous Claims to Have Hacked the Central Bank of Russia

Category: Anonymous,HackingDISC @ 3:05 pm

Anonymous Hackers Fire 'Warning Shot' at Companies Refusing to Pull Out of  Russia - HS Today

We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency

Tags: Central Bank of Russia

Dec 03 2021

KAX17 threat actor is attempting to deanonymize Tor users running thousands of rogue relays

Category: AnonymousDISC @ 10:33 am

KAX17 ran relay servers in various positions within the Tor network, including entry and exit nodes, researchers at the Tor Project have removed hundreds of servers set up by the threat actor in October and November 2021.

In August 2020, the security researcher that goes online with the moniker Nusenu revealed that in May 2020 a threat actor managed to control roughly 23% of the entire Tor network’s exit nodes. Experts warned that this was the first time that a single actor controlled such a large number of Tor exit nodes. A Tor exit relay is the final relay that Tor traffic passes through before it reaches the intended destination. The Tor traffic exits through these relays, this means that the IP address of the exit relay is interpreted as the source of the traffic.  Tor Exit relays advertise their presence to the entire Tor network, so they can be used by any Tor user.

Controlling these relays it is possible to see which website the user connects to and, if an insecure connection is used, it is also possible to manipulate traffic. In May 2020, the threat actor managed to control over 380 Tor exit nodes, with a peak on May 22, when he controlled the 23.95% of Tor exit relay.

Nusenu told The Record that it has observed a recrudescence of the phenomenon associated to the same attacker.

“But a security researcher and Tor node operator going by Nusenu told The Record this week that it observed a pattern in some of these Tor relays with no contact information, which he first noticed in 2019 and has eventually traced back as far as 2017.” reads the post published by The Record. “Grouping these servers under the KAX17 umbrella, Nusenu says this threat actor has constantly added servers with no contact details to the Tor network in industrial quantities, operating servers in the realm of hundreds at any given point.”

KAX17 threat actor is attempting to deanonymize Tor users running thousands of rogue relays

Tags: Anonymity, Anonymous (group)