Latest posts of: ArticMine

Show Posts
Pages: « 1 ... 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 [144] 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 »

2861

Bitcoin / Press / Re: Bitcoins - Secured by NSA designed Encryption or Backdoored ?

on: September 16, 2013, 03:03:58 AM

Quote from: bitsalame on September 16, 2013, 01:25:46 AM Quote from: p2pbucks on September 13, 2013, 11:31:48 PM there is no backdoor in a open discussed algorithm Well, it is really hard to be categorical in saying that there is NO backdoor in open source AT ALL. Actually being open can allows an army of programmers posing as contributors attempting to introduce a carefully crafted glitch with plausible deniability in mind that could go undetected for a while. So it is not really impossible, but way more complicated demanding a lot of planning and effort. The hard part in an algorithm I guess is to be able to convince people that a bad idea is actually a good one. So I guess that instead of messing with an open algorithm, it would be easier to be messing up with its implementation. @ArticMine Very insightful. DRMs could be NSA's secret weapons. It would make a lot of sense actually, I always thought that the RIAA and the MPAA had a ridiculous amount of power for mere creative and commercial rights. Especially considering the shady and aggressive tactics to implement DRMs such as the infamous Sony Rootkit. There is actually a very good case for DRM as an NSA secret weapon. The following NSA document from the Snowden leaks: http://cryptome.org/2013/09/nsa-sigint-enabling-propublica-13-0905.pdf refers in the first paragraph to Quote ... the consumer and other adversaries ... with no mention on the other hand of adversaries such as "terrorists" or "foreign governments". This begs the question: In which widespread application of cryptography is the consumer the primary adversary? The answer of course is DRM. The other thing to keep in mind is that between 2001 and 2006 Microsoft spent billions of USD in order to rewrite major parts of Windows. This was ostensibly in order to perform the complete lockdown of the operating system required to support high definition content protection (HDCP) a form of DRM required as part of the Blu-ray specification. Microsoft paid a very high financial price for this so a purely commercial justification is very hard to find here. The move between XP and Vista was a very significant step in the gradual road between the very open nature of Microsoft Windows in the 1990s and the complete lockdown with DRM of Windows 8 RT today. The Sony rootkit of 2005 http://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal was very significant because it illustrated very clearly the very close relationship between malware and DRM. In reality they are both trying to solve the same problem with the same adversary, so it is hardly surprising that they would use very similar techniques or that one can be a vector for the other.

2862

Bitcoin / Bitcoin Discussion / Re: Bitcoin is becoming a black hole

on: September 16, 2013, 01:21:15 AM

I suspect in the case the problem may be the operating system, anti virus software and marketing detritus commonly found on store bought Microsoft Windows computers. I found that it took 26 hours to validate the blockchain using Bitcoin qt on the following very old laptop hardware: (This laptop by the way has a built in floppy drive and still has its Windows 2000 logo) Processor Pentium 4M 1.8 GHz (circa 2002) Ram 1GB Hardrive 120 GB, 5400 RPM IDE OS Ubuntu 10.04 It also has no problem keeping up with the blockchain.

2863

Bitcoin / Bitcoin Discussion / Re: NSA security backdoors make Bitcoin nearly worthless!

on: September 16, 2013, 12:53:09 AM

I responded to the "NSA security backdoors make Bitcoin nearly worthless" concerns here. https://bitcointalk.org/index.php?topic=293781.msg3155912#msg3155912. The backdoors are not in Bitcoin itself but rather in popular propriety operating systems and applications that are used by some people to run Bitcoin applications.

2864

Bitcoin / Bitcoin Discussion / Re: The great "Lost btc problem"

on: September 16, 2013, 12:44:09 AM

The solution to this issue is to increase currency divisibility. This will permit the continuation of mining well past 2140 where the reward per block would diminish with time to an ever smaller fraction of a satoshi. The 21000000 BTC limit is still respected. The economic impact of this would be below the addition of 1 satoshi to the total Bitcoin money supply because of the change in the rounding. Actually the last whole coin per block will be mined well before 2140. What is estimated is that before 2140 the last whole satoshi per block will be mined.

2865

Economy / Service Discussion / Re: Mt.Gox Account secured with Yubikey but still had 29 BTCs stolen

on: September 15, 2013, 09:47:01 PM

Quote from: JRam on September 15, 2013, 09:32:17 PM Quote from: ArticMine on September 15, 2013, 09:19:57 PM Quote from: chriswilmer on September 15, 2013, 09:01:59 PM Quote from: casascius on September 15, 2013, 02:24:54 PM I am extremely shocked that MtGox does not have one simple security feature that I have asked for more than a year ago (when I still was willing to do business with MtGox): Allow users to lock withdrawals to a single bitcoin address And allow changes only with a signed message (PGP or a signed message from the current address) EDIT: or (per another suggestion in this thread) after waiting out a lockout period long enough for the real account owner to contest a request initiated by a hacker This would virtually eliminate ALL the theft without ANY groundbreaking innovation (other than a small modicum of easily acquired common sense) There might still be theft if the person gets their wallet stolen, but that's a burden that sits squarely on the user, and moves the risk completely out of MtGox's sphere of concern. +21000000 -21000000 MSFT shares It will not solve the problem if the Bitcoin address is in a wallet that is in a compromised Microsoft Windows computer. One must keep in mind that is the theft is caused by malware on the user's computer in the first place. How is locking the account to a Bitcoin address on the same infected computer going to solve the problem? It only serves to create a false sense of security for the user. If this was really malware on my PC, the logs would not show the Chinese ip address of 60.166.242.186 accessing my account. After all, wouldn't it be more legitimate to simply use my own ip address to access my account? The notion that I just 'sat' on my Yubikey sent to me by Mt. Gox is just silly. I had no other use for this piece of junk. I wish I had the wisdom to save some of the images I posted so I could use it to catch Mt. Gox on an inconsistently later but I think this is the end of the line for me on bitcoins. Thanks for anyone that helped and believed in my case. I will be pursuing this case a bit further with my local police department but that will be it. The malware steals the credentials via for example a keylogger, and then sends them to the attacker in China. The attacker then logs into the account at MTGox with the stolen credentials from China. Even if the case be made that the Yubikey was compromised, there still remains the fact that the computer was compromised by malware running on Microsoft Windows to obtain the login credentials and to compromise the Yubikey in the first place.

2866

Economy / Service Discussion / Re: Mt.Gox Account secured with Yubikey but still had 29 BTCs stolen

on: September 15, 2013, 09:27:11 PM

Quote from: mpr20rt on September 15, 2013, 09:24:43 PM brain or paper wallets solve that Not if they are created on an infected computer in the first place.

2867

Economy / Service Discussion / Re: Mt.Gox Account secured with Yubikey but still had 29 BTCs stolen

on: September 15, 2013, 09:19:57 PM

Quote from: chriswilmer on September 15, 2013, 09:01:59 PM Quote from: casascius on September 15, 2013, 02:24:54 PM I am extremely shocked that MtGox does not have one simple security feature that I have asked for more than a year ago (when I still was willing to do business with MtGox): Allow users to lock withdrawals to a single bitcoin address And allow changes only with a signed message (PGP or a signed message from the current address) EDIT: or (per another suggestion in this thread) after waiting out a lockout period long enough for the real account owner to contest a request initiated by a hacker This would virtually eliminate ALL the theft without ANY groundbreaking innovation (other than a small modicum of easily acquired common sense) There might still be theft if the person gets their wallet stolen, but that's a burden that sits squarely on the user, and moves the risk completely out of MtGox's sphere of concern. +21000000 -21000000 MSFT shares It will not solve the problem if the Bitcoin address is in a wallet that is in a compromised Microsoft Windows computer. One must keep in mind that is the theft is caused by malware on the user's computer in the first place. How is locking the account to a Bitcoin address on the same infected computer going to solve the problem? It only serves to create a false sense of security for the user.

2868

Economy / Service Discussion / Re: Mt.Gox Account secured with Yubikey but still had 29 BTCs stolen

on: September 15, 2013, 08:52:59 PM

Quote from: btcdrak on September 15, 2013, 02:19:22 PM This story could be a hoax if this is true: https://twitter.com/MagicalTux/status/379247601289142273 - for those of you who don't know, MagicalTux (Mark Karpeles) is the CEO of MtGox I would trust MTGox's systems any day before trusting a Microsoft Windows computer. My take is that the theft was due to the OP using Microsoft Windows to trade on MTGox and could have been prevented by the OP having used GNU / Linux instead. By the way storing the Bitcoins in the OP's computer rather than in MTGox, in this case, is not a good idea since the OP is using Microsoft Windows.

2869

Bitcoin / Press / Re: Bitcoins - Secured by NSA designed Encryption or Backdoored ?

on: September 15, 2013, 12:05:49 AM

Quote Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it. Edward Snowden http://www.theguardian.com/world/2013/jun/17/edward-snowden-nsa-files-whistleblower I prefer to go directly to the source. So what are the endpoints here? For most people the endpoints are: 1) A Microsoft Windows computer (or even far worse a Windows 8 RT device). Note: Early versions of Microsoft Windows such as Windows 3.1 or Windows NT may be fine. 2) A mobile device running IOS 3) A mobile device running unrooted Android 4) A MacOS computer. It is possible this is a low risk in a propriety OS; however Apple's strong support for lockdown in IOS means that MacOS should not be trusted also The backdoors are likely in blobs of propriety code in a propriety OS or in add on propriety applications such as CarrierIQ http://en.wikipedia.org/wiki/Carrier_IQ that require root to remove in Android. One must also keep in mind that modern Windows Operating Systems and IOS are designed from the ground up to lock out the owner of the device from key parts of the OS in order to implement DRM. So the same DRM components in the OS can be used to create all sorts of backdoors outside the device owner's control. To understand how DRM is so intimately related to back doors on only needs to look at the recent Android vulnerability that was recently used to steal Bitcoins. The vulnerability in Android was detected and Google issued a patch. So far so good, but what happens if the device manufacturer or the telco does not push the patch to the end users? If the device is not rooted the vulnerability remains. If the owner of the device takes back control and roots the device then the owner can secure the device, by installing the patch, and prevent the Bitcoin theft. This however brakes the DRM in the device and makes the MPAA, RIAA and other copyright holders vulnerable to piracy by the device owner. The choice to me here is very simple, secure Bitcoins, or full DRM support in the OS but not both. I use GNU / Linux for my Bitcoins for this very simple reason and can sleep well at night knowing that the GPL v3 code deep within GNU / Linux helps keep my Bitcoins safe.

2870

Economy / Speculation / Re: Please tell the truth

on: September 14, 2013, 10:41:48 PM

Quote from: adamstgBit on September 13, 2013, 10:37:41 PM i mostly sell high and buy higher This is equivalent to buy high sell low if one uses BTC as the base currency. In short one is buying CAD high and then selling CAD low for BTC.

2871

Economy / Speculation / Re: Automated posting

on: September 14, 2013, 10:26:02 PM

Quote from: ChartBuddy on September 14, 2013, 10:02:33 PM Charts are still not loading.

2872

Economy / Speculation / Re: Wall Observer - MtGoxUSD wall movement tracker - Hardcore

on: September 10, 2013, 07:42:47 PM

Quote from: xxjs on September 10, 2013, 07:32:57 PM Quote from: uhoh on September 10, 2013, 07:16:20 PM WB to "the world's most sophisticated trading platform." It can't even compete with NASDAQ on downtime. 3h15min against nasdaqs 3h. NASDAQ does not even come close to what MTGox and most other Bitcoin exchanges do when it comes to uptime since the Bitcoin exchanges run 24 hours a day 365 days a year.

2873

Economy / Speculation / Re: Wall Observer - MtGoxUSD wall movement tracker - Hardcore

on: September 09, 2013, 02:52:09 AM

Quote from: MickeyT2008 on September 09, 2013, 02:35:58 AM ... Still no walls to discuss, Gox is getting boring, I wonder how long that's going to last? Often it suddenly gets very dramatic when it's been quiet for a while. (usually when I'm not looking) My take: A little bear that just ran out of steam.

2874

Bitcoin / Bitcoin Discussion / Re: PlayerAuctions.com removed Bitcoin sales.

on: September 09, 2013, 12:39:02 AM

Quote from: Magazine on September 09, 2013, 12:33:09 AM Quote from: ArticMine on September 09, 2013, 12:30:28 AM From looking at the PlayerAuctions site I get the idea that they were selling Bitcoin for PayPal USD not using Bitcoin as a payment source for their other products. If this is indeed the case then PayPal is right here. Accepting PayPal for Bitcoin is just asking for fraud and chargebacks and PayPal in right in blocking this. People list up offers and people buy them and PlayerAuctions escrow the trade by holding the cash then release the cash when both users confirm and they send the vendor the cash via PayPal. They also had a way you could buy Wow and Runescape gold etc via Bitcoin as a payment option. Yes but were they selling Bitcoin for PayPal USD? I get this idea because Bitcoin is still listed on their site as a product not as a funding source. Bitcoin is way more liquid than Wow or Runescape gold etc, hence the massive chargeback risk. This is not 2010 anymore.

2875

Bitcoin / Bitcoin Discussion / Re: PlayerAuctions.com removed Bitcoin sales.

on: September 09, 2013, 12:30:28 AM

From looking at the PlayerAuctions site I get the idea that they were selling Bitcoin for PayPal USD not using Bitcoin as a payment source for their other products. If this is indeed the case then PayPal is right here. Accepting PayPal for Bitcoin is just asking for fraud and chargebacks and PayPal is totally right in blocking this. Bottom line they are doing Bitcoin wrong, that is why the got in trouble with PayPal.

2876

Other / Meta / Re: PM phishing attack on Bitcoin Forum - Potential theft of Bitcoin on Windows

on: September 09, 2013, 12:07:54 AM

Here is another Meta tread on this topic. https://bitcointalk.org/index.php?topic=289882

2877

Other / Meta / PM phishing attack on Bitcoin Forum - Potential theft of Bitcoin on Windows

on: September 08, 2013, 11:56:51 PM

I wish to draw everyone attention to the following thread in Meta https://bitcointalk.org/index.php?topic=289995.0 where the site bitcointalk.us is collecting users passwords in http://bitcointalk.us/passes.txt Also a note from your friendly GNU / Linux user to those who use Microsoft Windows. If you run the .exe in the PM under Microsoft Windows your Bitcoins and other cryptocurrencies could potentially be at risk from malware. Note: I have not tried the .exe on Windows so this is just a possibility.

2878

Other / Meta / Re: PM phishing attempt

on: September 08, 2013, 11:18:57 PM

Here the output of Code: whois bitcointalk.us under GNU / Linux. Quote whois bitcointalk.us Domain Name: BITCOINTALK.US Domain ID: D41433869-US Sponsoring Registrar: eNom, Inc. Sponsoring Registrar IANA ID: 48 Registrar URL (registration services): whois.enom.com Domain Status: clientTransferProhibited Registrant ID: 7AAF8BE1EEF0E518 Registrant Name: mark cordero Registrant Organization: Marky''s organization Registrant Address1: 1581 Nuzum Court Registrant City: Williamsville Registrant State/Province: NY Registrant Postal Code: 14221 Registrant Country: United States Registrant Country Code: US Registrant Phone Number: +618.5857186 Registrant Email: varomint@hotmail.com Registrant Application Purpose: P1 Registrant Nexus Category: C21 Administrative Contact ID: FAC2C7E1EEF0E518 Administrative Contact Name: mark cordero Administrative Contact Organization: Marky''s organization Administrative Contact Address1: 1581 Nuzum Court Administrative Contact City: Williamsville Administrative Contact State/Province: NY Administrative Contact Postal Code: 14221 Administrative Contact Country: United States Administrative Contact Country Code: US Administrative Contact Phone Number: +61.5857186 Administrative Contact Email: varomint@hotmail.com Billing Contact ID: 7AAF8BE1EEF0E518 Billing Contact Name: mark cordero Billing Contact Organization: Marky''s organization Billing Contact Address1: 1581 Nuzum Court Billing Contact City: Williamsville Billing Contact State/Province: NY Billing Contact Postal Code: 14221 Billing Contact Country: United States Billing Contact Country Code: US Billing Contact Phone Number: +618.5857186 Billing Contact Email: varomint@hotmail.com Billing Application Purpose: P1 Billing Nexus Category: C21 Technical Contact ID: FAC2C7E1EEF0E518 Technical Contact Name: mark cordero Technical Contact Organization: Marky''s organization Technical Contact Address1: 1581 Nuzum Court Technical Contact City: Williamsville Technical Contact State/Province: NY Technical Contact Postal Code: 14221 Technical Contact Country: United States Technical Contact Country Code: US Technical Contact Phone Number: +61.5857186 Technical Contact Email: varomint@hotmail.com Name Server: NS1.FREEHOSTINGNOADS.NET Name Server: NS2.FREEHOSTINGNOADS.NET Name Server: NS3.FREEHOSTINGNOADS.NET Name Server: NS4.FREEHOSTINGNOADDS.NET Created by Registrar: eNom, Inc. Last Updated by Registrar: eNom, Inc. Domain Registration Date: Tue Aug 06 21:29:33 GMT 2013 Domain Expiration Date: Tue Aug 05 23:59:59 GMT 2014 Domain Last Updated Date: Sat Sep 07 23:17:39 GMT 2013 It is also distributed as a Windows executable which is a really poor way to distribute an audio file for the following two reasons: 1) Many Bitcoin users do not use Microsoft Windows. 2) Those Bitcoin users that use Microsoft Windows should be really sceptical of a .exe file since it could be used to install malware to steal Bitcoins and / or another cryptocurrency such as Litecoins etc.

2879

Economy / Speculation / Re: Wall Observer - MtGoxUSD wall movement tracker - Hardcore

on: September 08, 2013, 04:48:58 PM

Quote from: Its About Sharing on September 08, 2013, 04:46:06 PM Quote from: Walsoraj on September 08, 2013, 04:34:33 PM Another Snowden leak today. This one regards NSA's ability to hack into almost all, if not all, smartphones. Like the last leak, this one suggests the NSA's decryption power is much greater than we realize. http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html http://www.theverge.com/2013/9/7/4706018/nsa-reportedly-can-access-secure-blackberry-email-tap-other http://www.forbes.com/sites/timworstall/2013/09/08/links-08-sept-the-weekends-nsa-revelations/ Instead of Ubuntu doing Ubuntu4Android (with their cell phones), they should write their own Cell phone OS. Basically, just a scaled down Linux. The only hope we as people have is something open. IAS They have it is called Ubuntu Phone. http://www.ubuntu.com/phone however Ubuntu for Android will force the Android part to be open because of all the third party GPL v3 code in Ubuntu. A (GNU, Android or both) / Linux based phone OS, where the end user controls root will allow the end user to lock out the manufacturer and the telco and consequently any government or third party snoops. This does not affect the fundamental security of Bitcoin, other than the end user should run Bitcoin on a secure OS where the end user is the only person in control.

2880

Bitcoin / Bitcoin Discussion / Re: Schneier in the Guardian: all your coinz is belong to them?

on: September 08, 2013, 03:03:16 AM

I would trust Free Software / Open Source code written by the NSA or some other government agency long before trusting any propriety software particularly that written by Microsoft or Apple. Ironically there is a far greater chance of an NSA backdoor in propriety software from Microsoft or Apple than in SE Linux or Security Enhancements for Android.

Pages: « 1 ... 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 [144] 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 »