Title: 😈😈😈 PGP 256% AIRDROP BOUNTY SIGNATURE SPAM CAMPAIGN! Old-school CRYPTO 😈😈😈 Post by: nullius on March 11, 2018, 11:59:29 PM Announcing the.nym.zone’s PGP 2256% AIRDROP SIGNATURE SPAM CAMPAIGN 😈😈😈 BOUNTY for old-school CRYPTO! 😈😈😈 Get your Pretty Good Privacy! (https://www.gnupg.org/) https://upload.wikimedia.org/wikipedia/commons/thumb/e/ec/Gnome-mime-application-pgp.svg/480px-Gnome-mime-application-pgp.svg.png Airdrop Bounty Shill Payola Terms: In exchange for your participation in this campaign, you will receive 2256%* airdrop bounty spam payola consisting of pretty good privacy for yourself and those with whom you communicate. (* All airdrop percentages herein stated apply the same quality of maths as seen in a typical scamcoin.) Privacy is one of the most valuable things you can have in this world (https://bitcointalk.org/index.php?topic=2527738.msg25852987#msg25852987). It is priceless! And the more you participate in this campaign, the more privacy you will get airdropped to you by virtue of natural consequences. This is without a doubt the #1 most honestly highest-paying spam campaign ever seen on this forum! By participating, you will also show off that you are elite and cypherpunk chic. Laugh at the n00bs who think that “crypto” means a knock-off shit (https://bitcointalk.org/index.php?topic=3013604.msg30997322#msg30997322)coin scam. You will be using old-school crypto, 90s cypherpunk style. Remember that the more you spam for the pro-PGP, pro-privacy message of this campaign, the more elite you will be! Incentives for posting (https://bitcointalk.org/index.php?topic=2103690.0): The more high-quality posts you make (as judged by the merit they earn) while participating in this campaign, the more awesome you will be. This will make you rightfully proud. Bonus giveaway: Replying in this thread with a post which is both witty and PGP-signed will give you a chance to show off! (Non-PGP-signed replies may be nuked by me, at my discretion.) To be eligible for airdrop, users must follow these rules: 0x0. Use PGP. 0x1. Use PGP! 0x2. Add at least one (1) PGP fingerprint to your signature. A longid/shortid (https://evil32.com/) does not suffice: You must devote space in your signature to at least one full fingerprint, at normal or greater font size. To qualify, the pertinent key MUST (https://tools.ietf.org/html/rfc2119) be available through sks-keyservers.net (https://sks-keyservers.net/). Of course, it MUST be a fingerprint for your own key, as verified through below requirements. It MUST contain uid(s) with valid e-mail address(es) which people can use to contact you privately, using PGP from any other mailserver in the world (Protonmail is unacceptable). If you are able to place links in your signature, then your PGP fingerprint MUST hyperlink to EITHER your key on sks-keyservers.net, OR on a website belonging to you or to some group or company of which you are a part (not on Keybase). See my own signature for an example. Note for those who already display full PGP fingerprints in their signatures: I suggest that you follow the above-described format. But if you don’t want to change your signature, I will consider it “grandfathered” if you post a link to an archive on web.archive.org or archive.is, showing a post of yours with your signature before the original timestamp of this post. Of course, you will still need to follow the other rules, including a PGP-signed joinder message in this thread per Rule 0x4 below. Privacy note for n00bs: As true whenever you distribute a PGP key, your e-mail address(es) will be available through your key’s uid(s). This is how the Internet is supposed to work: You give out an e-mail address, so that people can contact you. People connect. Magic happens! — I do realize that not everybody on a Web forum wishes to expose an e-mail address. Thus, I suggest two solutions: Consider using a mail provider with excellent spam blocking (https://bitcointalk.org/index.php?topic=3107013.0). Support my feature request for a forum remailer, in lieu of PM (https://bitcointalk.org/index.php?topic=3107102.0). 0x3. Add the words, “Use PGP!” (or another pro-PGP message of your creative choice) to your signature. If you are able to place links in your signature, then the text must hyperlink to this thread. 0x4. Make a post in this thread to join the campaign. Requirements are further stated below (#post_post_joinder). 0x5. Spam the forum with high-quality posts which earn merit. Users who fail to spam the forum with meritorious high-quality posts may be kicked out of this campaign, at my exclusive discretion. 0x6. Spam your friends by PM, e-mail, knocking on their doors, etc., to preach to them the good word that they should Use PGP! 0x7. Spam the hell out of Twitter, Facebook, Telegram, Reddit, and every other “social media” site and communications channel, with messages promoting PGP use! Note: I don’t use any of these sites, so I can’t check up on this requirement. 0x8. If you show patent evidence of having failed to read the rules, then you will be banned from the campaign for a duration at my discretion (likely permanent). If you include a Bitcoin address in your PGP-signed joinder statement, then you will be permabanned from the campaign. If you have negative trust, then you may be banned from the campaign at my discretion. I may ban anybody for any reason or no reason, at my discretion. 0x9. These rules may be changed by me at any time. 0xa. Use PGP for your personal correspondence, your business correspondence—all your online corespondence, all the time! If any of your correspondents do not use PGP, then you should send them a PGP-signed message explaining to them they should use PGP. 0xb. (Optional) Staple copies of the Cyphernomicon (https://cypherpunks.to/faq/cyphernomicron/cyphernomicon.html), The Crypto Anarchist Manifesto (https://groups.csail.mit.edu/mac/classes/6.805/articles/crypto/cypherpunks/may-crypto-manifesto.html), A Cypherpunk’s Manifesto (https://www.activism.net/cypherpunk/manifesto.html), and other suitable propaganda to local lamp-posts, trees, goldfish, etc. 0xc. (Optional) If you are female and attractive, use PGP-encrypted e-mail (nullius@nym.zone) to express your intense desire for me. Otherwise, just send me a PGP-encrypted “hello”. 0xd. (* Required) Use Bitcoin. Bitcoin is cypherpunk money (https://bitcointalk.org/index.php?topic=2940686.msg31084730#msg31084730). Satoshi Nakamoto fulfilled a decades-old yearning when he invented Bitcoin! 0xe. (RECOMMENDED) Take the next steps to securing all your communications, such as by using OTR (https://otr.cypherpunks.ca/) for instant messaging (https://otr.im/). 0xf. Use PGP! Requirements for joinder post: To officially join this spam campaign, you must post in this thread a PGP clearsigned statement with the following information:
The statement MUST be PGP clearsigned. Those who post unsigned join requests will be banned from the campaign. You may enclose the statement in [code] tags if desired, or not if not desired. The important part is that I must be able to verify it. The statement MUST NOT contain any Bitcoin addresses, or other payment info. Those who post join requests containing payment addresses will be permabanned from this campaign. This rule is set so I can easily drop-kick bounty chasers who post in this thread without reading the rules. Other than this, you may include other info and/or witty remarks as you desire. Keybase links are not accepted, because I want to push people to get their keys out onto keyservers. A live example of a statement meeting the above requirements: Code: -----BEGIN PGP SIGNED MESSAGE----- With that, I myself join this campaign! Code: #ifndef FOURTH_WALL Meta: Why am I doing this? I am sufficiently passionate about PGP use that I would put on a live public sex show to promote it. For a serious discussion, see “On the virtue of Ciphersex (https://bitcointalk.org/index.php?topic=3062006.msg31817506#msg31817506)”. Moreover, I struggle with an internal conflict over signature advertising campaigns. I like signature ads (or at least tolerate them) when they make it worthwhile, or even make it possible for smart people to devote huge chunks of their lives to an Internet forum. I highly respect some people who carry paid sig ads. And I myself may come to face a pragmatic necessity for a paid signature ad. But I really dislike the concept. The old-school net curmudgeon in me feels that the purpose of a signature is for PGP fingerprints, witty quotes, and links to one’s own personal/business websites. It’s a matter of culture; and culture is pervasive. When I recently saw this opinion about how the forum thrived before paid signature advertising was invented—yes, I get it: Would you also be happy if all the signature campaigns are removed from the forum ? That will make all the merits and ranks useless than right. Radical solution lol, most users would be done using this forum. Nonsense. Five years ago there were no signature campaigns, and bitcoin was worth a few dollars. This forum thrived back then. Part of my motive behind this campaign is to create at least a modicum of positive social counter-pressure against monetary incentives. Taking myself as an example: The amount of money I could already get for a sig ad is very significant to me. It’s painful not to take it. One reason why I thus far don’t, is that I look at my PGP key fingerprints—and I get sad. Negativity against sig ads is only one part: I feel a positive urge to keep what I already have there. Money needs to compete with something which has non-monetary value to me. I want to induce others to feel the same way. Code: #endif /* !FOURTH_WALL */ End-User License Agreement: By copying, quoting, or even reading this post, you irrevocably signify your agreement to be forever bound by the following terms and conditions: Code: /** (Shamelessly pilfered from the original Beer-Ware License by Poul-Henning Kamp (http://phk.freebsd.dk/).) Credits:
Title: Re: 😈😈😈 PGP 256% AIRDROP BOUNTY SIGNATURE SPAM CAMPAIGN! Old-school CRYPTO 😈😈😈 Post by: nullius on March 11, 2018, 11:59:57 PM 😈😈😈 CAMPAIGN PARTICIPANTS 😈😈😈 Listed in chronological order. Further explanation/rules will be added here and in OP. (WIP) Note: All signatures have been verified by me. Timestamps given are the timestamps claimed in the signature, not the post timestamp. (Though if I see evidence of somebody playing games with this, I will use post timestamp for that person instead.)
Title: Re: 😈😈😈 PGP 256% AIRDROP BOUNTY SIGNATURE SPAM CAMPAIGN! Old-school CRYPTO 😈😈😈 Post by: nullius on March 12, 2018, 12:00:26 AM Reserved for metadata (if any).
Title: Re: 😈😈😈 PGP 256% AIRDROP BOUNTY SIGNATURE SPAM CAMPAIGN! Old-school CRYPTO 😈😈😈 Post by: mattcode on March 12, 2018, 03:01:42 PM Code: -----BEGIN PGP SIGNED MESSAGE----- Wish my signature space wasn't so restrictive so that I could fit "Use PGP!" instead of just "PGP!". ninja edit Just bought copper membership, everything fits nicely now :) Title: Re: 😈😈😈 PGP 256% AIRDROP BOUNTY SIGNATURE SPAM CAMPAIGN! Old-school CRYPTO 😈😈😈 Post by: YuTü.Co.in on March 14, 2018, 12:34:29 AM Professor nullius, would you be so kind in explaining to the class as to why PGP sigs are so long? BTW, nice lookin' apple you have there on your desk. I'm guessin' it's a Chelmsford Wonder. Was it from the teacher's pet or a leftover from your sacked lunch?
Title: 😈😈😈 PGP *fingerprints* airdropped to YuTü.Co.in!! SPONSORED BY RFC4880 😈😈😈 Post by: nullius on March 14, 2018, 02:00:40 AM Professor nullius, would you be so kind in explaining to the class as to why PGP sigs are so long? I presume that you refer to the long hexadecimal string in this spam campaign’s forum sig, not a PGP signature (as in a PGP-signed message). Well, class, that hexadecimal string is a PGP key fingerprint. It is calculated from the public part of the primary key, plus some metadata. To understand what that string is, open your textbooks to RFC 4880 § 12.2 (https://tools.ietf.org/html/rfc4880#section-12.2): Quote from: RFC 4880 § 12.2 A V4 fingerprint is the 160-bit SHA-1 hash of the octet 0x99, followed by the two-octet packet length, followed by the entire Public-Key packet starting with the version field. The Key ID is the low-order 64 bits of the fingerprint. To construct the public-key packet, you must consult several other sections of the RFC. Well, that’s not the pertinent part here... The answer to your question is that a PGP key fingerprint is a SHA-1 hash. A SHA-1 hash is 160 bits, or 20 binary octets. Encoded in hexadecimal, that takes 40 characters (not inclusive of any prepended “0x”). The 64-character “Key ID” mentioned above is simply a portion of the hash. I don’t consider that to be secure: Supercomputers or distributed computing can do 264 work; an although this is not directly applicable due to using ASICs made for a different hash, the global Bitcoin mining network already does 264 double-SHA-256 hashes in a fraction of a second. And the old 32-bit “short ID” is ridiculously insecure, as shown by the Evil32 site (https://evil32.com/). Rely only on the full fingerprint. N.b. that although SHA-1 is broken for collision attacks, faking somebody else’s PGP fingerprint would require a preimage attack. SHA-1 has not been broken for preimage attacks. For homework, please read RFC 4880. Tomorrow, I will give you a secret surprise pop quiz on which of the following items are needed to calculate a PGP fingerprint:
Title: Re: 😈😈😈 PGP *fingerprints* airdropped to YuTü.Co.in!! SPONSORED BY RFC4880 😈😈😈 Post by: YuTü.Co.in on March 14, 2018, 10:16:41 AM Professor nullius, would you be so kind in explaining to the class as to why PGP sigs are so long? I presume that you refer to the long hexadecimal string in this spam campaign’s forum sig, not a PGP signature (as in a PGP-signed message). Well, class, that hexadecimal string is a PGP key fingerprint. It is calculated from the public part of the primary key, plus some metadata. To understand what that string is, open your textbooks to RFC 4880 § 12.2 (https://tools.ietf.org/html/rfc4880#section-12.2): Quote from: RFC 4880 § 12.2 A V4 fingerprint is the 160-bit SHA-1 hash of the octet 0x99, followed by the two-octet packet length, followed by the entire Public-Key packet starting with the version field. The Key ID is the low-order 64 bits of the fingerprint. To construct the public-key packet, you must consult several other sections of the RFC. Well, that’s not the pertinent part here... The answer to your question is that a PGP key fingerprint is a SHA-1 hash. A SHA-1 hash is 160 bits, or 20 binary octets. Encoded in hexadecimal, that takes 40 characters (not inclusive of any prepended “0x”). The 64-character “Key ID” mentioned above is simply a portion of the hash. I don’t consider that to be secure: Supercomputers or distributed computing can do 264 work; an although this is not directly applicable due to using ASICs made for a different hash, the global Bitcoin mining network already does 264 double-SHA-256 hashes in a fraction of a second. And the old 32-bit “short ID” is ridiculously insecure, as shown by the Evil32 site (https://evil32.com/). Rely only on the full fingerprint. N.b. that although SHA-1 is broken for collision attacks, faking somebody else’s PGP fingerprint would require a preimage attack. SHA-1 has not been broken for preimage attacks. For homework, please read RFC 4880. Tomorrow, I will give you a secret surprise pop quiz on which of the following items are needed to calculate a PGP fingerprint:
Title: The Meretrix joins the 😈😈😈 PGP 256% SPAM CAMPAIGN 4 old-school CRYPTO! 😈😈😈 Post by: Meretrix on March 25, 2018, 04:29:37 PM Code: -----BEGIN PGP SIGNED MESSAGE----- Title: Re: 😈😈😈 PGP 256% AIRDROP BOUNTY SIGNATURE SPAM CAMPAIGN! Old-school CRYPTO 😈��😈 Post by: ovcijisir on May 27, 2018, 09:07:04 AM Great campaign! Didn't do all that is required but it sparked the interest for cryptography and made me realize why is it important.
|