Bitcoin Forum

1. Observe that Bitcoin-Qt is released under the MIT license, not under any of the copyleft licenses. This allows you to modify the source code and distribute it as proprietary software. So, you can take advantage (and continue to take advantage) of all their work, but they can't do the same. Cool.

2. Develop a very fast bitcoin client, with an attractive but minimalistic GUI that's easy to use and has lots of great features.

3. Make an Android, iPhone, Windows, Linux, Mac, etc versions of it.

4. Make it proprietary. Never give out the source code! This is the most important thing.

5. Install adware, spyware and backdoors such as in uTorrent/BitTorrent^tm. Don't worry about people finding out about the back doors, they can't tell if it's there without the source code. Tip: don't activate the adware/spyware features until enough people are using it. Let them get accustomed to the program first. Most are too lazy to switch to another client despite the adware and spyware if they are already accustomed to it. Want proof that they won't switch? Take a look at uTorrent/BitTorrent^tm.

6. Advertise and get more people to use it.

7. Sell out to any company or government agency of your choosing.

8. ….

9. Profit!


If you found this tutorial useful, please donate to 1Hw3Meb9kbYZtGoSWQNqxa9Qw5pc6prFCe

wait....there's a backdoor in uTorrent????

Can you tell there isn't one if you don't have the source code? It has adware and spyware by default, so why not also backdoors?

The server database program Interbase had a backdoor until it was released as open source:
http://it.slashdot.org/story/01/01/11/1318207/interbase-backdoor-secret-for-six-years-revealed-in-source

This is possible but not feasible. Good luck.

I think the OP was not trying to claim he intended to realize such a scheme.  It was rather a way of pointing out proprietary bitcoin clients which could indeed be following such an evil plan.

If you are using Bitcoin you accept responsibility for your money. If you don't take that responsibility seriously you may loose your money.
"A fool and his money are soon parted."

Don't tell me that.  I only use free software.  My sources.list has no "non-free" entry whatsoever.

And there goes any trust we might have had in you having any professional experience with this.

+1

There is a close source torrent application that anyone actually uses?!?  It boggles the mind.

The attacker better dot all the i's and cross all the t's with the MIT license otherwise the DMCA in the United States can be a very useful take-down tool. It is possible to pirate software under the MIT license and there is already a case of a successful DMCA take-down of involving software under the MIT license. The software was Bitcoin-Qt and the take-down was served against Solidcoin. https://bitcointalk.org/index.php?topic=57437.0;all (https://bitcointalk.org/index.php?topic=57437.0;all) This is not the first case involving of a DMCA take-down involving pirated Free Libre Open Source Software. I am aware of a case involving pirated Free Libre Open Source Software four years earlier.


Having said this the GPL does provide much more protection against this kind of attack than the MIT license.

omg

I've yet to use the front door, let alone look in the windows.

What actual evidence do you have of this? So far this is just a baseless sacreligious opensource-lover babble.

+1.
Exactly, it has nothing to do with OS being stolen or open source or proprietary. (Well perhaps in sense that Microsoft has used those monies made off Windows to actually make it easy to use so that more people would do it.) For example Red Hat is proprietary, and yet there aren't many viruses for it either.
Nevertheless, a claim that a windows OS would contain a spambot or DDOS software, be it bought for legitimately or pirated is just nonsense.

I think susanne filled in her application for a SCAMMER tag and we should approve it.

It has everything to do with whether the OS is proprietary or Free Software / Open Source. First RedHat Enterprise Linux is not proprietary. Ever heard of CentOS, http://en.wikipedia.org/wiki/CentOS (http://en.wikipedia.org/wiki/CentOS)? One of the key differences between proprietary (for example Windows) and Free Software / Open Source Operating Systems (for example GNU/Linux and this includes commercial  distributions such as RedHat Enterprise Linux, those that are both commercial and community such as Ubuntu, and those that are community such as Debian, Arch, Trisquel) is that the source code is available for any to to examine and test for vulnerabilities. This places the black hats and white hats on an even footing and consequently gives the white hats a huge advantage. With Windows on the other hand certain Black hats such as the security agencies of many countries have been given access by Microsoft to the Windows source code while most of those trying to defend themselves from cyberattacks do not have have any access. The recent news reports about alleged hacking by Chinese Government Agencies or for that matter the Stuxnet Incident, http://en.wikipedia.org/wiki/Stuxnet (http://en.wikipedia.org/wiki/Stuxnet), involving the security agencies of the United States and Israel should serve as a stark warning to anyone who uses Microsoft Windows and is concerned in even the very slightest about excessive state power and control.  

Of course.  It would be absurd to think that a network carrier would install a Narus in their peering center, completely illegally, as well.  Oops.  Thank god for our congress and the concept of immunity to patch up indiscretions.

I seem to remember about a decade ago Microsoft getting caught red handed with NSA_Key or some such in their crypto library when they forgot to strip a service pack binary.  Nobody gave a shit then, and certainly they will not now after a decade more of conditioning and all those bad bad terrorists and all that.  After all, nobody is doing anything wrong and besides only paranoid wackos would believe in 'conspiracy theories' and nobody wants that label associated with them.

I actually do not believe that Microsoft has installed back doors into Windows at the behest of the US or any other government. What they have done is to provide the source code to the security services of many countries. For example the FSB (the successor to the KGB) in Russia. http://www.zdnet.com/microsoft-opens-source-code-to-russian-secret-service-3040089481/ (http://www.zdnet.com/microsoft-opens-source-code-to-russian-secret-service-3040089481/) With this knowledge a security service can then write malware to attack companies and organizations in other countries. This creates an asymmetry where the attacker has access to the source code but the defender does not. In addition since Windows XP Microsoft has installed a "self destruct" mechanism into Windows in an attempt prevent software piracy. It is called Windows activation.  Most people approach Windows activation from the perspective of the attacker "the pirate" turning Windows from a "pirated" state to a "genuine" state. But consider the reverse where an attacker "the terrorist" turns Windows from a  "genuine" state to a "pirated" state as a form of cyber-terrorism against critical infrastructure. What Microsoft had done with the DRM in product activation is to create a massive single point of failure. Just ask one question how much critical infrastructure worldwide is controlled by computers running Microsoft Windows?

I am not into doomsday prepping; however the most credible doomsday scenario I can see is the massive worldwide deactivation of Microsoft Windows.

By the way it is not just governments one has to be worried about. http://www.microsoft.com/en-us/sharedsource/default.aspx (http://www.microsoft.com/en-us/sharedsource/default.aspx)

You are dead right about corporations caring about profit only.  It is actually a legal obligation.  If playing ball with the state security apparatus balances out as more lucrative than some loss of credibility, and thus business, that is exactly what they will do.  In the end nobody gave a shit about AT&T.  In part because everyone else was probably doing the same thing (except perhaps Verizon who's CEO, interestingly, ended up in some trouble with the SEC making it one of the very few occasions in recent memory that that body has hassled anyone higher than a 20-something year old goober who didn't pay attention to the legal department's memos about what not to put in e-mail.)

Nobody really gave a shit about Carrier IQ either.  I don't doubt for a minute that the same things (keystroke logging and what-not) continue but I suspect that the processes and messaging will be better hidden to avoid detection.  Just like Bitcoin ought to be thinking about in my opinion.

A don't trust nor like AT&T, but the same goes for the other carriers as well.  It's not going to impact who I do business with, but that's mostly because I don't have many options an not much choice in the matter anyway due to how peering works.  Doubtless this was analyzed by a marketing department within the organization.  In the San Francisco incident (and probably most others) it is the government who is almost completely to blame anyway.  AT&T's CEO didn't wake up one day and decide he wanted to spy on people.  The idea, and who knows how much of what kind or pressure, was brought to bear on them.

On top of that, for every soul who is annoyed at AT&T's malfeasance there are five more who consider them heroes for helping to kill Bin Laden.

With respect to packet snooping between my Windows box and the net, I've done it on occasion.  It's interesting but tedious.  And like I said, I would anticipate that people who have their shit together would be passing data back in a way which would be hard to recognize via simplistic methods of analyzing discrete packets.  I mean it is not my forte', but I would certainly be deigning root kit keystroke loggers to cache data and embed it in other expected transfers (like update scans and what-not.)

I do not use proprietary software unless there is no open source option, so go ahead and make me rich.
 

There's adware by default, wouldn't surprise me if utorrent had a backdoor and sell out all your info to RIAA/MPAA