That's a nasty one.  Emergency patches for iOS, iPadOS, and macOS have been issued:

• iOS 18.6.2
• iPadOS 18.6.2
• macOS Sequoia 15.6.1
• mac OS Sonoma 14.7.8
• mac OS Ventura 13.7.8

https://cryptonews.com/news/apple-issues-urgent-ios-update-to-fix-zero-click-hack-putting-crypto-wallets-at-risk/

[1/38)]

Just wondering, does this make any sense at all?

https://twitter.com/Justin_Bons/status/1810357305390616839

1/38) BTC's security model is broken

It has to double in price every 4 years for a century or sustain extremely high fees!

Just to maintain the present level of security...

Which is impossible, as it would exceed global GDP within decades

Therefore, BTC security is doomed!


2/38) Each halvening exponentially lowers the security budget; until it is gone!

These halvenings continue after exceeding global GDP for atleast 70 years before running out completely

If you understand exponentials & economics, you should know that this is entirely impossible!


3/38) Fees will also never reach sustained extremes due to the ratcheting effect of the fee market

Paying hundreds of dollars for a single TX is not realistic in a competitive free market

When fees spike, users leave, all due to the unnecessary addition of the block size limit!


4/38) This all means that BTC's long-term security is unsustainable without extremely high TX fees in the future!

The security of BTC will inevitably continue to decrease until it becomes profitable to attack

I predict this will happen in 4-12 years from now! (1-3 halvenings)


5/38) Hashrate does not equal security; bitcoiners like @saylor do not understand PoW

This chart of miner revenue proves that BTC's security is actually lower now than it was 3 years ago!

... (full thread on X)

[Pricing]

Do you have an old Electrum wallet but can't access it anymore because you lost both your password and seed? I may be able to help.

As a cybersecurity professional with strong Electrum expertise (*), I am fortunate to have
the right skillset as well as sufficient computing power to perform critical data recovery jobs.
I've had some success in helping people retrieve coins that were locked in old wallets, which is
why I've decided to start an Electrum-specific wallet rescue topic.

(*) Some of you may remember me as one of the earliest maintainers of Electrum builds for Windows
(mostly in 2012-2013). I've been busy with many other projects after that, but have never lost interest in Bitcoin.


Pricing

For values above 0.3 BTC, the fee will be 15% of the recovered funds, only in case of a successful recovery. There is ZERO cost otherwise.
By contrast, most recovery services charge 20% and have months-long backlogs.

How to proceed

Before I can start working on a case, I will need some initial information that will help with the search.
If you have a case you would like me to work on, please respond to this topic or DM me so we can have a chat.

Important

Please note, the wallet must be your own. I will not work on a wallet with unknown ownership.

I took a long hiatus from bitcoin and am back now.  Back in the day, brainwallets were a popular (though usually horribly insecure) storage option. Are people using them nowadays? Perhaps for storing small amounts?

Look at that URL. Watch out, folks.  



[EDIT] Reported to Google.

So long, exceptional person.

http://lists.extropy.org/pipermail/extropy-chat/2014-August/082585.html


Hal was a central figure of modern cryptography and will be remembered forever.
http://en.wikipedia.org/wiki/Hal_Finney_(cypherpunk)

Could some explain what's the point of these transactions?

https://blockchain.info/address/1KFHE7w8BhaENAswwryaoccDb6qcT6DbYY

Seems like coins just keep going out and back into the same address - only 1 output, and 1 input.  

Example:
  https://blockchain.info/tx/21e9c728ceb47450e7098c14208183c0c951e0b210dc4bbbb0a647e31aa2e033


How would that be useful? Am I missing something?

To help people who need this, I'm thinking of releasing KeyAngel, a locally-running vault that would effectively put a robust time gap between a configurable Bitcoin private key and yourself, which can be a very useful tool for curbing gambling addiction. It would be one of those really simple apps designed to do one thing well. Is anyone interested?  

Note: There is no perfect solution to the time vault problem, each approach has some benefits and drawbacks, but my goal with KeyAngel was to make it robust enough to help users enforce their decisions, while not requiring to trust any third-party website or service. All source code would be provided to interested users, of course.

I am also open to suggestions and opinions from gambling site operators.

Shoot any questions or comments here or by PM if you are interested in this. The app itself is fully functional already, and I and a few friends have been using it with great success, but since my free time is extremely limited, I will only make a more simple GUI and further develop the app if there are enough interested users (say around 25-30 users for a start), or donators are willing to fund the project.

Note: feel free to post or PM me from a sockpuppet account if you're a "whale" and would like to remain anonymous.

The Aha! moment...

https://blockchain.info/tx/4ee89f7cf824a85ad5f11d52604ffdebe9f01302bcea8ddec0af450f9185ddf1

[0.015s electrum.icetwy.re 0.016s electrum.cafebitcoin.com]

Here's a quick little script to find out what servers have lowest latency for you.

For instance, for users in Europe, the top 2 servers consistently are:

0.015s   electrum.icetwy.re                
0.016s   electrum.cafebitcoin.com        

Code:

'''
 *   Python 2.x source - By flatfly (GPG ID: 0xF91975FF)
 *
 *   No warranty, explicit or implicit, provided.
'''

import socket, time

best = 5      
ax = getservers().keys()
print 'quicktesting ' + str(len(ax)) + ' servers...'
print '\n\n'
    
for host in ax:

  try:
    s=socket.socket()
    s.settimeout(1)
    t0 = time.time()
    s.connect((host, 50002))
    t1 = time.time()
    delta = t1-t0
    print host.ljust(35) + '{:6.3f}s'.format(delta)
    if delta < best:  
      best = delta
      best_host = host
    s.close()  
  except:
    pass  

print '\n'
print 'lowest latency: '
print best_host.ljust(35) + '{:6.3f}s'.format(best)

Have a look at this post by deepceleron. Could a dev investigate whether this is true?

https://bitcointalk.org/index.php?topic=391979.msg4231960#msg4231960

Anybody knows who they are? They seem to be bleeding fees...

edit: or is that unavoidable due to the high number of inputs?

link: https://blockchain.info/address/13p4zncq6m3Ax7tvKhEG2k49hgwfS5g7ic
 

[as they are happening]

This command-line tool displays transactions as they are happening on the blockchain.
It's similar to a network trace, but for blockchain activity. It has the ability to automatically flag large transfers.  It can be useful in identifying interesting patterns in transactions.

Warning: watching the live blockchain action can be hypnotic!

Features:
- Print new transactions to the console, in the following format:
   UTC Time, Total Amount (sum of all outputs), Main recipient, Transaction Fee
- Big (50+ BTC) transactions and extreme fees are flagged.
- Also shows "new block" events, with the corresponding block reward
- No private keys, admin privileges, or credentials of any sort are needed.
- 100% Python -> runs fine on OS X, Linux, Windows and Android!
- NEW August 2014: transaction type guessing engine  (in private beta build only)
- Low-latency encrypted websocket connections
- Extremely light on resources and bandwidth
 
I will be adding new features and parameters on a regular basis.


The current data source is the blockchain.info websocket API. Direct local bitcoind support, while a little more complex, could also be implemented in case there is enough demand for that.

Many thanks for your support - donations will help me continue development!

As a little bonus, you will be treated to a colorful ASCII easter egg (in the Windows build only, for now), if chainsnort sees a tip being sent to my tip jar [1111127SpvabYpoeDoiz5L7QPkfiSh2Q] - The easter egg changes depending on the size of the transaction

I also have a separate edition with some features that are useful for forensic and technical investigation purposes. I'm not releasing it at the moment but PM me if interested.


Screenshots:






Latest public version: 0.43.3

OS X and Linux

Just copy and paste into a terminal:

1/ curl -o websocket.py https://raw.github.com/liris/websocket-client/master/websocket.py

2/ curl -o chainsnort.py https://gist.github.com/flatfly/8253870/raw/9733e34e469e1bcd8d0ae13565ade4eaa0490618/gistfile1.py

3/ python chainsnort.py


Windows build

Download

Please do leave some feedback or send a tip if you like this tool. Highly appreciated!


Legal stuff:
I share the source code of chainsnort for educational and reviewing purposes only. If you plan to reuse portions of the code in commercial, academic or government projects, please contact me.
                    
Also, I am developing this on my free time and with a VERY limited budget, so i welcome any donations. Also, all donators are entitled to a special color edition of chainsnort.  (Proper website coming soon)


SHA1: ac7c67d48d4f11aff93c4c8a5e3c304f9097d578

GPG signature for Windows executable:

Code:

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (MingW32)

iEYEABECAAYFAlLSrX4ACgkQ0dQqIfkZdf7H2wCgqhxvqnr9bAEuuemn0DruGjxF
c54An0NNSZOj4l72Z8RWpydTdkNlUVHc
=/Bo1
-----END PGP SIGNATURE-----

Source code for all platforms (Windows, Linux, OS X, Android): available at this gist.

Some users (mostly merchants and exchanges) have expressed the need to generate thousands or millions of addresses at once. I've looked at the options available and was surprised to find they were all quite slow, which is why I have knocked up a new little command: Bulkgen (not released yet.)
Below are some rough figures from my offline machine (a very old, VERY SLOW Win XP netbook.)

I will try to run the same tests on a faster machine soon.


Time required to generate 1000 addresses:

Code:

Bitcoind:    17 min      (C++)
Electrum lib:      19 min      (Python 2.x)
Bitaddress:   132 sec      (JavaScript)
Vanitygen: 15.3 sec      (C++)
Bulkgen:       7.8 sec      (Python 2.x + OpenSSL 1.0.1e)

EDIT: corrected results for Vanitygen and Bulkgen

Did I forget any other tools?


Bulkgen is an open-source bulk address generator tool, based on OpenSSL and a public domain library. It will be released for Windows only in the beginning. People will be welcome to port it to other platforms (which should be quite trivial).


Notes:
  
1. As far as I can see, bitcoind's getnewaddress does not only generate a new address, but also adds it into the wallet database, which takes extra time of course.
 
2. The command "Vanitygen -k 1" runs much faster than all other options, but I think this comes at a heavy cost: If one private key of the batch is compromised, all others becomes vulnerable, due to the fact that vanitygen only performs a new EC multiplication once every 10 million addresses, which is what allows it to be so fast (Please correct me if I'm wrong).

I keep seeing brainwallets getting hacked every other week. I would like to start the following little campaign to discourage the use of weak passphrases in brainwallets:

If you currently own a brainwallet that matches the below criteria, you can qualify for a nice 0.1 BTC bounty (exact amount to be confirmed) simply by transferring your funds to a strong/randomly generated brainwallet (or any other robust form of storage), and then disclosing the old (weaker) passphrase in this thread.

- passphrase length 20 characters or less.
- consisting mostly (at least 75%) of English words. 
- only 25+ BTC brainwallets will be considered.

Example: "bitcoin is awesome"   
 
Also, the funds must have stayed in the weaker brainwallet for at least 10 days to qualify.

People willing to contribute to the bounty can do so by donating to:
 1337sfeChyyzZLzdHLewXzcaAaJSNTM893

I am planning to run this campaign for the long run.

Note: Since this is quite a new idea, I reserve the right to change some of the rules during the first few weeks.

So let's give this a try!

[Link]

Here's the first 256KB retro-style (minimal) demo dedicated to bitcoin!
For those of us who are still nostalgic of the 8-bit era...

Download: Link

SHA-1 hash: b62f0f74d8693df2dad924f07300c0fe0f9663fe

GPG signature:

Code:

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (MingW32)

iEYEABECAAYFAlKaAFUACgkQ0dQqIfkZdf7wdQCgohrevWmQ9x4umywLhUYHG9T5
k48An2PZ8WqsCcN9GidMltOR5dr+m3Xl
=G4zK
-----END PGP SIGNATURE-----

Notes:

 - For Windows only (all versions)
 - Should run even on very old hardware
 - 100% malware/adware free, although it's a good habit to always launch
    new software on an offline computer (without any critical data) or virtual machine.
 - Also remember to verify the GPG Signature
 - More (and better) demos will follow. Feel free to post requests!
 - Tips appreciated

Upon launching Electrum, I'm getting a wrong certificate warning for server e.nybex.com.
This has only started recently. Is anybody else getting this warning?

I'm in a scripting mood... So here's another very small Python script which just converts any 256-bit private key (passed as a Hex string) to the corresponding WIF key and BTC address.   Either pass such a number as an argument to the script (see screenshot) or just run it with no arguments to feed it with 256 crypto-secure bits from /dev/urandom.

The output can be also be used to cross-check results with websites such as bitaddress.org or brainwallet.org.

Confirmed to run fine on Windows (all editions), Mac, Linux, Raspberry Pi, and Android.

Code:

#Urandom2Wif by flatfly - requires ecdsa (sudo pip install ecdsa)

EDIT: see https://bitcointalk.org/index.php?topic=424691.0

More info about the WIF format: https://en.bitcoin.it/wiki/Wallet_import_format

[Classic 7-word mode:]

NoBrainr is a little command-line tool that is meant to do only one thing: easily create secure offline addresses with strong yet easy-to-remember private keys, suitable for brain wallets and paper wallets (cold storage.)

Classic 7-word mode:
Wed 11/20/2013  1:23:27.40> nb_create
1J8QaLPakjqd2yUraHwcehmqnjMgCfiy49 == cream lift usher sliver flux poses husk
Wed 11/20/2013  1:23:29.12> nb_create
15iKriJFiNUYwfdUyQ2UPTD9e5EAFDgcus == runes scold ghetto clicks ditch rafts panda
Wed 11/20/2013  1:23:30.89> nb_create
1M8uEahVymjwQNquCHnEYN1dCAcHL31dsi == dice barks green pitch tamper snowy cost
Wed 11/20/2013  1:23:32.71> nb_create
1G2YmiFZmhrQvvCPapTSXLoXF6Dm6FVWSm == fonts night lab! canon atop dx madly

Physical-dice (uber-paranoid) mode:
Wed 11/20/2013  1:25:59.23> nb_create 56231 15421 11454 23665 42325 66242 15524
17nBfyTPeDHZcLXToxCYvLXQXKxJzd8ULj == taint burma aha easy mj prayer well!

Main features:

- makes strong AND easy-to-remember passphrases (bit strength can easily be modified, if needed)
- 100% open source and SHORT source code (as in, less than 1024 bytes!)
- extremely easy to review
- runs 100% offline (standard Python 2.x)
- supports 2 generation modes: from /dev/urandom OR physical dice!
- cross platform: successfully tested on Windows, Linux, OS X, Android and Raspberry Pi


Note: For high amounts, it is strongly recommended to print and save a copy of the passphrase in a secure place (such as a personal or bank vault), to mitigate the risk of forgetting your passphrase after a few months/years.


Downloads on our web page: http://trax.x10.mx/

Hopefully this will help people create safer brainwallets. Feel free to suggest any improvements.
Also, any tips/donations are welcome and will encourage further script and wordlist updates.
Thanks!   Donation address:  1111127SpvabYpoeDoiz5L7QPkfiSh2Q


Credits:

Idea and implementation: svenfaw
Packaging and distribution: flatfly
Portions of code: jeromes

This is still a theoretical issue for now, but I've been thinking about it lately:

Most wars have been fought for money and power.
So as Bitcoin is most likely here to stay and grow, I
wouldn't be surprised if it is at the center of the next major war...

What do you think? Is this something we can prevent, or take into account?