susanne (OP)
Newbie
Offline
Activity: 11
Merit: 0
|
|
February 22, 2013, 04:18:34 PM Last edit: February 22, 2013, 05:39:54 PM by susanne |
|
1. Observe that Bitcoin-Qt is released under the MIT license, not under any of the copyleft licenses. This allows you to modify the source code and distribute it as proprietary software. So, you can take advantage (and continue to take advantage) of all their work, but they can't do the same. Cool.
2. Develop a very fast bitcoin client, with an attractive but minimalistic GUI that's easy to use and has lots of great features.
3. Make an Android, iPhone, Windows, Linux, Mac, etc versions of it.
4. Make it proprietary. Never give out the source code! This is the most important thing.
5. Install adware, spyware and backdoors such as in uTorrent/BitTorrenttm. Don't worry about people finding out about the back doors, they can't tell if it's there without the source code. Tip: don't activate the adware/spyware features until enough people are using it. Let them get accustomed to the program first. Most are too lazy to switch to another client despite the adware and spyware if they are already accustomed to it. Want proof that they won't switch? Take a look at uTorrent/BitTorrenttm.
6. Advertise and get more people to use it.
7. Sell out to any company or government agency of your choosing.
8. ….
9. Profit!
If you found this tutorial useful, please donate to 1Hw3Meb9kbYZtGoSWQNqxa9Qw5pc6prFCe
|
|
|
|
str4wm4n
Legendary
Offline
Activity: 1611
Merit: 1001
|
|
February 22, 2013, 04:22:06 PM |
|
wait....there's a backdoor in uTorrent?
|
|
|
|
|
MrVivaldi
Newbie
Offline
Activity: 37
Merit: 0
|
|
February 22, 2013, 05:07:18 PM |
|
This is possible but not feasible. Good luck.
|
|
|
|
grondilu
Legendary
Offline
Activity: 1288
Merit: 1080
|
|
February 22, 2013, 05:15:29 PM |
|
This is possible but not feasible. Good luck.
I think the OP was not trying to claim he intended to realize such a scheme. It was rather a way of pointing out proprietary bitcoin clients which could indeed be following such an evil plan.
|
|
|
|
MrVivaldi
Newbie
Offline
Activity: 37
Merit: 0
|
|
February 22, 2013, 05:28:41 PM |
|
This is possible but not feasible. Good luck.
I think the OP was not trying to claim he intended to realize such a scheme. It was rather a way of pointing out proprietary bitcoin clients which could indeed be following such an evil plan. If you are using Bitcoin you accept responsibility for your money. If you don't take that responsibility seriously you may loose your money. "A fool and his money are soon parted."
|
|
|
|
grondilu
Legendary
Offline
Activity: 1288
Merit: 1080
|
|
February 22, 2013, 05:40:12 PM |
|
This is possible but not feasible. Good luck.
I think the OP was not trying to claim he intended to realize such a scheme. It was rather a way of pointing out proprietary bitcoin clients which could indeed be following such an evil plan. If you are using Bitcoin you accept responsibility for your money. If you don't take that responsibility seriously you may loose your money. "A fool and his money are soon parted." Don't tell me that. I only use free software. My sources.list has no "non-free" entry whatsoever.
|
|
|
|
Killdozer
|
|
February 22, 2013, 07:28:10 PM |
|
they can't tell if it's there without the source code And there goes any trust we might have had in you having any professional experience with this.
|
|
|
|
hashman
Legendary
Offline
Activity: 1264
Merit: 1008
|
|
February 22, 2013, 08:15:04 PM |
|
4. Make it proprietary. Never give out the source code! This is the most important thing.
5. Explain to the users that no you are not evil and you will not backup their private keys on your servers. 6. Don't understand why nobody uses your software +1
|
|
|
|
tvbcof
Legendary
Offline
Activity: 4760
Merit: 1282
|
|
February 22, 2013, 09:06:16 PM |
|
wait....there's a backdoor in uTorrent? There is a close source torrent application that anyone actually uses?!? It boggles the mind.
|
sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
|
|
|
ArticMine
Legendary
Offline
Activity: 2282
Merit: 1050
Monero Core Team
|
|
February 22, 2013, 10:36:11 PM |
|
The attacker better dot all the i's and cross all the t's with the MIT license otherwise the DMCA in the United States can be a very useful take-down tool. It is possible to pirate software under the MIT license and there is already a case of a successful DMCA take-down of involving software under the MIT license. The software was Bitcoin-Qt and the take-down was served against Solidcoin. https://bitcointalk.org/index.php?topic=57437.0;all This is not the first case involving of a DMCA take-down involving pirated Free Libre Open Source Software. I am aware of a case involving pirated Free Libre Open Source Software four years earlier. Having said this the GPL does provide much more protection against this kind of attack than the MIT license.
|
|
|
|
|
Phinnaeus Gage
Legendary
Offline
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
|
|
February 23, 2013, 02:56:54 AM |
|
wait....there's a backdoor in uTorrent? I've yet to use the front door, let alone look in the windows.
|
|
|
|
Killdozer
|
|
February 23, 2013, 11:08:15 AM |
|
their stolen operating system is likely to be a spambot and DDOS drone What actual evidence do you have of this? So far this is just a baseless sacreligious opensource-lover babble.
|
|
|
|
Killdozer
|
|
February 24, 2013, 02:07:13 PM |
|
Not exactly. Windows OSs are FAR more likely that unix-based ones to become hijacked. This, however, has less to do with how it is developed and everything to do with market share. Because most people run Windows, most malware targets Windows. Additionally, many people who use computers have no computer knowledge whatsoever, and therefore don't know how to configure their OS to be secure. Most of those people run Windows. Unix-based OSs have less idiots using them, and therefore the average unix-based system is more secure than the average Windows system. +1. Exactly, it has nothing to do with OS being stolen or open source or proprietary. (Well perhaps in sense that Microsoft has used those monies made off Windows to actually make it easy to use so that more people would do it.) For example Red Hat is proprietary, and yet there aren't many viruses for it either. Nevertheless, a claim that a windows OS would contain a spambot or DDOS software, be it bought for legitimately or pirated is just nonsense.
|
|
|
|
mjc
|
|
February 24, 2013, 06:52:11 PM |
|
I think susanne filled in her application for a SCAMMER tag and we should approve it.
|
|
|
|
ArticMine
Legendary
Offline
Activity: 2282
Merit: 1050
Monero Core Team
|
|
February 24, 2013, 09:54:28 PM |
|
Not exactly. Windows OSs are FAR more likely that unix-based ones to become hijacked. This, however, has less to do with how it is developed and everything to do with market share. Because most people run Windows, most malware targets Windows. Additionally, many people who use computers have no computer knowledge whatsoever, and therefore don't know how to configure their OS to be secure. Most of those people run Windows. Unix-based OSs have less idiots using them, and therefore the average unix-based system is more secure than the average Windows system. +1. Exactly, it has nothing to do with OS being stolen or open source or proprietary. (Well perhaps in sense that Microsoft has used those monies made off Windows to actually make it easy to use so that more people would do it.) For example Red Hat is proprietary, and yet there aren't many viruses for it either. Nevertheless, a claim that a windows OS would contain a spambot or DDOS software, be it bought for legitimately or pirated is just nonsense. It has everything to do with whether the OS is proprietary or Free Software / Open Source. First RedHat Enterprise Linux is not proprietary. Ever heard of CentOS, http://en.wikipedia.org/wiki/CentOS? One of the key differences between proprietary (for example Windows) and Free Software / Open Source Operating Systems (for example GNU/Linux and this includes commercial distributions such as RedHat Enterprise Linux, those that are both commercial and community such as Ubuntu, and those that are community such as Debian, Arch, Trisquel) is that the source code is available for any to to examine and test for vulnerabilities. This places the black hats and white hats on an even footing and consequently gives the white hats a huge advantage. With Windows on the other hand certain Black hats such as the security agencies of many countries have been given access by Microsoft to the Windows source code while most of those trying to defend themselves from cyberattacks do not have have any access. The recent news reports about alleged hacking by Chinese Government Agencies or for that matter the Stuxnet Incident, http://en.wikipedia.org/wiki/Stuxnet, involving the security agencies of the United States and Israel should serve as a stark warning to anyone who uses Microsoft Windows and is concerned in even the very slightest about excessive state power and control.
|
|
|
|
tvbcof
Legendary
Offline
Activity: 4760
Merit: 1282
|
|
February 25, 2013, 12:10:27 AM |
|
If you think Microsoft are going to bet their reputation on the secrecy a highly illegal agreement with the US Government to install backdoors in Windows, you sir, are losing it. ...
Of course. It would be absurd to think that a network carrier would install a Narus in their peering center, completely illegally, as well. Oops. Thank god for our congress and the concept of immunity to patch up indiscretions. I seem to remember about a decade ago Microsoft getting caught red handed with NSA_Key or some such in their crypto library when they forgot to strip a service pack binary. Nobody gave a shit then, and certainly they will not now after a decade more of conditioning and all those bad bad terrorists and all that. After all, nobody is doing anything wrong and besides only paranoid wackos would believe in 'conspiracy theories' and nobody wants that label associated with them.
|
sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
|
|
|
ArticMine
Legendary
Offline
Activity: 2282
Merit: 1050
Monero Core Team
|
|
February 25, 2013, 12:21:16 AM Last edit: February 25, 2013, 01:01:56 AM by ArticMine |
|
It has everything to do with whether the OS is proprietary or Free Software / Open Source. First RedHat Enterprise Linux is not proprietary. Ever heard of CentOS, http://en.wikipedia.org/wiki/CentOS? One of the key differences between proprietary (for example Windows) and Free Software / Open Source Operating Systems (for example GNU/Linux and this includes commercial distributions such as RedHat Enterprise Linux, those that are both commercial and community such as Ubuntu, and those that are community such as Debian, Arch, Trisquel) is that the source code is available for any to to examine and test for vulnerabilities. This places the black hats and white hats on an even footing and consequently gives the white hats a huge advantage. With Windows on the other hand certain Black hats such as the security agencies of many countries have been given access by Microsoft to the Windows source code while most of those trying to defend themselves from cyberattacks do not have have any access. The recent news reports about alleged hacking by Chinese Government Agencies or for that matter the Stuxnet Incident, http://en.wikipedia.org/wiki/Stuxnet, involving the security agencies of the United States and Israel should serve as a stark warning to anyone who uses Microsoft Windows and is concerned in even the very slightest about excessive state power and control. If you think Microsoft are going to bet their reputation on the secrecy a highly illegal agreement with the US Government to install backdoors in Windows, you sir, are losing it. Also, if you REALLY care about testing for vulnerabilities, there are things called fuzzers, plus debuggers and disassemblers to help you. No need for Microsoft to give away trade secrets just to ensure security. Software will always have bugs, and while I'd trust open source software somewhat more that proprietary software, it's not by a huge amount. I actually do not believe that Microsoft has installed back doors into Windows at the behest of the US or any other government. What they have done is to provide the source code to the security services of many countries. For example the FSB (the successor to the KGB) in Russia. http://www.zdnet.com/microsoft-opens-source-code-to-russian-secret-service-3040089481/ With this knowledge a security service can then write malware to attack companies and organizations in other countries. This creates an asymmetry where the attacker has access to the source code but the defender does not. In addition since Windows XP Microsoft has installed a "self destruct" mechanism into Windows in an attempt prevent software piracy. It is called Windows activation. Most people approach Windows activation from the perspective of the attacker "the pirate" turning Windows from a "pirated" state to a "genuine" state. But consider the reverse where an attacker "the terrorist" turns Windows from a "genuine" state to a "pirated" state as a form of cyber-terrorism against critical infrastructure. What Microsoft had done with the DRM in product activation is to create a massive single point of failure. Just ask one question how much critical infrastructure worldwide is controlled by computers running Microsoft Windows? I am not into doomsday prepping; however the most credible doomsday scenario I can see is the massive worldwide deactivation of Microsoft Windows. By the way it is not just governments one has to be worried about. http://www.microsoft.com/en-us/sharedsource/default.aspx
|
|
|
|
tvbcof
Legendary
Offline
Activity: 4760
Merit: 1282
|
|
February 25, 2013, 08:25:02 AM |
|
If you think Microsoft are going to bet their reputation on the secrecy a highly illegal agreement with the US Government to install backdoors in Windows, you sir, are losing it. ...
Of course. It would be absurd to think that a network carrier would install a Narus in their peering center, completely illegally, as well. Oops. Thank god for our congress and the concept of immunity to patch up indiscretions. I seem to remember about a decade ago Microsoft getting caught red handed with NSA_Key or some such in their crypto library when they forgot to strip a service pack binary. Nobody gave a shit then, and certainly they will not now after a decade more of conditioning and all those bad bad terrorists and all that. After all, nobody is doing anything wrong and besides only paranoid wackos would believe in 'conspiracy theories' and nobody wants that label associated with them. Nothing was ever proven with that NSA_Key thing, which is why there was some suspicion, but in the end, no one cared. Companies exist to make money, plain and simple. They are amoral, and will do whatever is necessary to achieve that goal. Why would one sabotage themselves by agreeing to something like this, knowing about all the other secret agreements that have gotten busted (I'm looking at YOU, AT&T). That's just begging to have your credibility destroyed. You are dead right about corporations caring about profit only. It is actually a legal obligation. If playing ball with the state security apparatus balances out as more lucrative than some loss of credibility, and thus business, that is exactly what they will do. In the end nobody gave a shit about AT&T. In part because everyone else was probably doing the same thing (except perhaps Verizon who's CEO, interestingly, ended up in some trouble with the SEC making it one of the very few occasions in recent memory that that body has hassled anyone higher than a 20-something year old goober who didn't pay attention to the legal department's memos about what not to put in e-mail.) Nobody really gave a shit about Carrier IQ either. I don't doubt for a minute that the same things (keystroke logging and what-not) continue but I suspect that the processes and messaging will be better hidden to avoid detection. Just like Bitcoin ought to be thinking about in my opinion.
|
sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
|
|
|
|