The machine has an ID scanner. Why not just ensure one ID doesn't use the machine too often? Providing fingerprints is too much, I'd have no problem handing over my ID though.

Interesting. When I opened up my checking account it wasn't nearly that difficult though I'm not in the US and this was pre-911. All I needed was ID, SSN, and I had to fill out a short form. You could only do it in a branch too and not online, I think thats still the case. I must remember to close that account someday, haven't used it since 2012 - I've been using bitcoin as my bank account since then.


Yep you can bet your ass it will. It's already happening in other parts of the world where the laws/regulations regarding virtual currencies aren't well defined.


Not a hope if they require fingerprint and ID scans. Take a look at the video above of the two lawful customers and the difficulties they had. On top of that there is no way in hell I'd ever give ANYONE my fingerprints for any reason because that is WAY to personal, more personal than a picture of my dick IMO. In fact I'd way prefer to provide pictures of my dick instead of my fingerprints when using a bitcoin ATM and I'm an extremely boring law-abiding citizen which big brother should have no interest in at all.

Most countries don't, most countries do not have the power to force someone to decrypt data if they are not suspected of commiting a crime. Germany has very harsh laws in this area, so it wouldn't surprise me if they had key disclosure laws. For example, in Germany if you go into a store to buy a laptop and you tell the salesperson you are going to use it for hacking, they must not sell it to you. If they do they are guilty of a crime. Additionally simply possessing any "hacking tools" is an offence, including port scanning software which has more legitimate uses than illegitimate. This makes pentesting illegal in Germany and many computer security firms had to leave Germany when these laws came into effect. They also apparently treat Tor exit node operators really badly over there, there have been some scary stories.

I highly doubt that German key disclosure laws are as bad as in the UK as Germany has better laws regarding self-incrimination than the UK which you could use to your advantage should you be compelled to provide encryption keys.

Yes it is ridiculous. Thankfully the bitcoin ATM's I use do NOT require any form of identification, but to fully comply with AML requirements in the US you have to jump through all of these hoops.

It's absolutely ridiculous considering you don't even need to provide your fingerprints when opening a bank account, yet they require them everytime you use a bitcoin ATM.

Thats on purpose to allow people to sign up using a fake email address should you wish to remain anonymous.


Those sound pretty bad.

Do you have Javascript disabled? what browser are you using?

Maybe if you try waiting 6 minutes it'll fix #2.


You need to make the thread again if you get that error. The old thread is saved in your drafts folder so you can copy it across.

There is new forum software being made at the moment. It's going to be open source forum software that'll compete with existing ones like PHPBB, SMF and vBulletin. Apparently theymos does not like the existing ones (I would agree) hence why they decided to do that. The new software won't be ready for a while, though I believe they are launching an alpha version of it shortly.

You answered that question yourself.

LOL! What a degenerate. Who would stoop to that level, clearly it shows how dishonest and crooked this guy is. It's also quite hilarious he would actually say that in public. This guy is incredibly dumb on so many levels that it's kind of hard to believe.

On top of that, theymos will pay a hell of a lot more than $5,000 if you know of any security issues that affect the forum: https://bitcointalk.org/index.php?topic=309785.0

$5k isn't going to get him very far... LOL!

Maybe somebody should claim it and not deliver the 'product', not reply to any emails and refuse to refund him. Just to see how he would like it.

Just so you know, it is technically illegal to possess "hacking tools" in Germany. That includes port scanning tools. This was a problem for the developers of NMap as they were German.

https://www.schneier.com/blog/archives/2007/08/new_german_hack.html

Quite a stupid law if you ask me considering most hacks are carried out using an unmodified browser (things like SQL injection, XSS etc). I don't think you can take part unless maybe if you get the train to Belgium/Holland or another country and do it there  

You guys are misunderstanding.

The server DOES NOT LISTEN on port 9050. This is the Tor port that APPLICATIONS on the server use to connect each other. It is something that happens only locally. You will not find the server doing this.

Um... the guy already said that he was using bitcoind over tor. I was planning to do what you did, but that won't work. The server does not listen on any port according to the OP. Additionally the default bitcoind listening port is 8333 not 18333.

The problem with the WHOIS issue is that everyone knows that the email address for your Godaddy account is: harshjaiswal@gmail.com

Additionally when transferring a domain to another registrar it sends the verification email to that address, so if someone compromises your EPP code (or if you were using a registrar tht didn't use EPP) then they'd be able to transfer away the domain by hacking that email account.

So the main problem is if that account gets compromised they can steal your domain, or reset your Gapps account by verifying ownership using the DNS method.

The PayPal account for: harshjaiswal@gmail.com is the one that is suspended:



PS. If you know what you are doing you can trick PayPal into giving you information on the account holder (such as last 4 digits of your credit card which can be used to reset accounts for Apple and other services). Thats why I was poking around in there, sorry! they didn't give me any information anyway.

Yeah that is one thing I found funny. OP seems to think we actually need the IP to hack the server when we really don't. That is not how most modern hackers work.

I don't know if he'll pay up or not, I doubt he will tbh. The owners PayPal account is permanently suspended (not frozen, suspended indicates breach of TOS), I wonder why... But that doesn't make it less fun. Not everything is about money.

Hey guys, I'd recommend you read ALL of Neha's posts. Clearly most of you have missed all the details/hints provided.

BTW it isn't as hard as you guys think. Initially I thought that, but there are PLENTY of ways to get the IP of that server. You can do it by gaining access to GApps (I don't think it uses Tor to fetch mail), and there are literally hundreds of ways to do that. I have found a number of "potentially dangerous" things that nuovocard has done and I'll disclose them to them privately once I've given up and leave it up to them if they want to post them here in order to help you guys.

I know you said it ends in 13, but was that a trick question? Is it xxx.xxx.xxx.13 Or xxx.xxx.xxx.x13?


How would it talk to Google Apps without a public IP?

Does the server running bitcoind listen on port 8333?

Also someone could potentially run a couple of Tor nodes and find out which amazon IP's connect to them that end in 13, I would doubt there are many.

Thats the WEB SERVER. Thats not what we are after. We've been through this already...

Not only that you didn't even realize that cloudflare is a CDN, so thats not even the IP of the webserver.

What we need to find out is the IP of the server that is logging into Google Apps and pushing out those emails. They have cleaned the email headers, so the only way (well there are potentially others) to find it out is to hack their GApps account. They already told us the IP ends with 13 too.

Aren't you using monero? There is no open source ATI GPU miner for monero yet. It's one of the things that put me off CryptoNote completely.

Have a look at their thread:
https://bitcointalk.org/index.php?topic=583449.0

2/4 of the mining softwares listed are closed source.

Those were base64 encoded strings of some binary data.

It COULD be a signature, it could be an encrypted message, who knows really. Lots of things are base64 encoded including bitcoin signatures.

But you CANNOT verify the signature without the text so tweeting them without the text you want to sign would be useless - hence why I suspect its something else other than a bitcoin signature.

It could be anything really. It's not likely to be a signed message because you still need the message to verify it which he did not tweet.

I'd like to try and find out what it was though I can't find the original text and copying it from the screenshot is a bad idea as I can't tell if those are small L's or I's or 1's etc.

If someone can find the text of the tweets please post them here!

All I see is him asking a question and you replying like a dick. You could've just said "no I'm not cracking brainwallets" and that'd be it.

I would be OK with gmaxwell being an admin, heck he has commit access to bitcoin-core, you already trust him a lot if you use bitcoin. I doubt you'll find many people who don't want him to be a moderator other than Goat.