TheFootMan
|
|
April 11, 2014, 07:22:49 PM |
|
Since anyone can download and read the code how would they do this?
They could've modified the downloadable binary and force a dev to sign the compiled binary so that it looks legit. Not sure how fast a slight modification would've been noticed this way. Checking the code and diffing it with previous releases would show nothing nefarious, and compiling from source and comparing it to the released binary might as well not work very well, as I guess different environments have different build environments and builds will be slightly different unless environments are duplicated exactly? So the change in the binary might for instance allow siphoning of private keys to an adversary. And if the adversary was careful, stealing of coins could go on slowly as not to raise too much suspicion, or it could be used to just control bitcoin addresses, and then freeze them once it's necessary. Ie. 'freezing' it by transferring coins using the stolen private keys. I don't know if there currently is any process whereby the binaries released are checked by several parties before they're ok'ed. The Sha256 checksums and pgp signature only proves that the holder of that signature has vouched for those checksums. There should ideally be some 'paranoid bitcoin' project, or better yet several of them serving as watchdogs alerting the larger community once something nefarious happens. Ideally to stay safe, one should always diff a new release against a previous release by checking what code is added, then understand this code and ensure nothing nefarious has been added, and then compile it yourself. But how could one be sure that eventually sometime some distributor of a linux system doesn't distribute it with a compiler that will insert some nefarious code once it discovers that a bitcoin binary is being made. There's a lot of trust we need to place in other people - and if you become too paranoid, you could worry about details all day long.
|
|
|
|
madmadmax
|
|
April 11, 2014, 07:39:24 PM |
|
Where are you getting the data from for the blackmarkets? And CP is most certainly being bought and sold with BTC, just like it is with dollars and Paypal too, but of course the government will signal its illicit uses out to make their point.
There is no proof of a widespread market for CP in BTC though. There is certainly proof for black markets that deal in CP for UDS.
|
▄▄▄▄▄ ▄▄▄▄▄ ▄▄█▀▀▀▀▀▀██▄ ▄▄█▀▀▀▀▀▀▀█▄ ▄██▀ ▀██▄ ▄██▀ ▀█▄ ██▀ ▀██▄ ▀▀ ██ ██ ▀██ ▄▄▄▄▄▄▄▄██ ██ ▀██▄ ▀▀▀▀▀▀▀▀▀▀ ██▄ ▄██ ▀██▄ ▄▄▄ ▀██▄ ▄██▀ ▀██▄▄ ▄██▀ ▀▀██████▀▀ ▀▀██████▀▀
| | █ ║ █ | ✔ Unchained Smart Contracts ✔ Decentralized Oracle ✔ Infinitly Scalable
| ✔ Blockchain Technology ✔ Turing-Complete ✔ State-Channels
| █ ║ █ | ▄████▄▄ ▄ ██ ████████████▀ ████▄ █████████████▀ ▀████████▄▄ █████████████ ▄▄█████████████████████████ ██████████████████████████ ▀██████████████████████ █████████████████████ ▀█████████████████▀ ▄█████████████▀ ▄▄███████████████▀ ▀▀▀▀▀▀▀▀▀▀▀
| | ▄██▄ ▄ ▐████ ▄▄ █████ ██████████ █████████████████▀ ▄████████████▀████▌ ██████████ ▀████ ▀▀ █████ ██████████ ▀████▌▄████████████▀ ▄▄▄███████████████▌ ██████████▀ ▐████ ▀▀▀ ████▌ ▀▀▀ ▀███▀
| | f | | █ ║ █ | |
|
|
|
franky1
Legendary
Offline
Activity: 4368
Merit: 4740
|
|
April 11, 2014, 07:43:08 PM |
|
they already have. SHA-256 is NSA child
if the NSA could use heartbleed for anything useful, then why did they need to contact google to get DPR's emails. why did they then contact the UK's GCHQ to brute force password break DPR's files?? Because the NSA are not as great as they claim. so chill out. NSA dont have a backdoor into sha256
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
justusranvier
Legendary
Offline
Activity: 1400
Merit: 1013
|
|
April 11, 2014, 08:22:20 PM |
|
There is no proof of a widespread market for CP in BTC though. There's no proof that such a market really exists in any currency. For all we know, 99.9% of the child porn market is just sting operations selling to other sting operations, serving no purpose other than to keep a convenient digital bogeyman around to demolish inconvenient civil rights.
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
April 11, 2014, 08:54:39 PM |
|
they already have. SHA-256 is NSA child
if the NSA could use heartbleed for anything useful, then why did they need to contact google to get DPR's emails. why did they then contact the UK's GCHQ to brute force password break DPR's files?? Because the NSA are not as great as they claim. so chill out. NSA dont have a backdoor into sha256 Is there even a single example of a hashing algorithm with a backdoor?
|
|
|
|
bountygiver
Member
Offline
Activity: 100
Merit: 10
|
|
April 11, 2014, 10:37:07 PM |
|
Although you can say people can choose not to update to their fork. But how much willpower an average citizen has?
Government can always manipulate average joe's mind with media, if lots of normal people are using bitcoin qt, the government can easily convince them to use their fork. So next time when you are convincing others to use bitcoins, take a moment and remind yourself why we need bitcoins. The currency is meant to wake the people up, not to make quick money.
|
12dXW87Hhz3gUsXDDCB8rjJPsWdQzjwnm6
|
|
|
skooter
Member
Offline
Activity: 70
Merit: 10
|
|
April 12, 2014, 12:53:48 AM |
|
Can the developers of BitCoin be forced by law to change the code according to desires of the U.S. government?
No but they are working by other means such as either buying off or infiltrating software companies in order to introduce vulnerabilities that favor them. (aka the OpenSSL bug which was introduced to Bitcoin despite the fact of having a huge additional attack vector) The Bitcoin Foundation have also voiced their intentions of helping the CIA fight Bitcoin funded pedophilia (by which means?) which is huge anti-Bitcoin propaganda. If you run a simple calculation the Bitcoin black market is currently worth 2% of its economy (and all of it is drugs, we have no proof to believe otherwise) versus the nearly 30% black market of USD which includes organ sale, children, pedophilia, human trafficking, weapons of mass destruction etc etc. Unless you got a source for those #s, you just pulled them out of your ass.
|
|
|
|
marcus_of_augustus
Legendary
Offline
Activity: 3920
Merit: 2349
Eadem mutata resurgo
|
|
April 12, 2014, 01:08:36 AM |
|
X.509 for the de-anonymising win.
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
April 12, 2014, 01:28:37 AM |
|
they already have. SHA-256 is NSA child
if the NSA could use heartbleed for anything useful, then why did they need to contact google to get DPR's emails. why did they then contact the UK's GCHQ to brute force password break DPR's files?? Because the NSA are not as great as they claim. so chill out. NSA dont have a backdoor into sha256 So they have people like you thinking they don't have the original backdoors and use them. They can be evil and corrupt but not dumb. Do you have any evidence of this? indeed,can anyone provide any example of a backdoor to an opensource cryptographic hash function? Does such a thing exist?
|
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
|
|
April 12, 2014, 01:29:05 AM |
|
they already have. SHA-256 is NSA child
if the NSA could use heartbleed for anything useful, then why did they need to contact google to get DPR's emails. why did they then contact the UK's GCHQ to brute force password break DPR's files?? Because the NSA are not as great as they claim. so chill out. NSA dont have a backdoor into sha256 So they have people like you thinking they don't have the original backdoors and use them. They can be evil and corrupt but not dumb. Since it is mathematically impossible to recover the input text from the hash of that input text what exactly do you mean by a "back door" to a hashing function? Exactly what information could a back door give you once the hash is calculated?
|
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
April 12, 2014, 02:36:18 AM |
|
they already have. SHA-256 is NSA child
if the NSA could use heartbleed for anything useful, then why did they need to contact google to get DPR's emails. why did they then contact the UK's GCHQ to brute force password break DPR's files?? Because the NSA are not as great as they claim. so chill out. NSA dont have a backdoor into sha256 So they have people like you thinking they don't have the original backdoors and use them. They can be evil and corrupt but not dumb. Since it is mathematically impossible to recover the input text from the hash of that input text what exactly do you mean by a "back door" to a hashing function? Exactly what information could a back door give you once the hash is calculated? That's what I'm asking as well... No one is giving any answers.... Cryptography experts jump in please. Any documented backdoors in any cryptographic hashes, ever?
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
April 12, 2014, 04:36:55 AM |
|
they already have. SHA-256 is NSA child
if the NSA could use heartbleed for anything useful, then why did they need to contact google to get DPR's emails. why did they then contact the UK's GCHQ to brute force password break DPR's files?? Because the NSA are not as great as they claim. so chill out. NSA dont have a backdoor into sha256 So they have people like you thinking they don't have the original backdoors and use them. They can be evil and corrupt but not dumb. Since it is mathematically impossible to recover the input text from the hash of that input text what exactly do you mean by a "back door" to a hashing function? Exactly what information could a back door give you once the hash is calculated? That's what I'm asking as well... No one is giving any answers.... Cryptography experts jump in please. Any documented backdoors in any cryptographic hashes, ever? lol its not like that: //backdoor code here it could be a vulnerability that got fix or a code that was designed to appear as a bug. Any examples though?
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
April 12, 2014, 04:54:31 AM |
|
they already have. SHA-256 is NSA child
if the NSA could use heartbleed for anything useful, then why did they need to contact google to get DPR's emails. why did they then contact the UK's GCHQ to brute force password break DPR's files?? Because the NSA are not as great as they claim. so chill out. NSA dont have a backdoor into sha256 So they have people like you thinking they don't have the original backdoors and use them. They can be evil and corrupt but not dumb. Since it is mathematically impossible to recover the input text from the hash of that input text what exactly do you mean by a "back door" to a hashing function? Exactly what information could a back door give you once the hash is calculated? That's what I'm asking as well... No one is giving any answers.... Cryptography experts jump in please. Any documented backdoors in any cryptographic hashes, ever? lol its not like that: //backdoor code here it could be a vulnerability that got fix or a code that was designed to appear as a bug. Any examples though? backdoors in OpenBSD's IPSec stack inserted by a FBI contractor. Googled this... Thanks for the example. But this doesn't even appear to be in the same ballpark. OpenBSD is apparently a "unix like operating system", and then you have an entire stack involving The IPSec layer. We're taking a pretty complex library of code here..... VERY different from cryptographic Hash function such as SHA-256 that can be implemented in a few dozen lines of code.... Not even really the same animal at all when you think about it... A backdoor to the hash function Itself, if possible, would have to be accomplished at the mathematical/theoretical level...which Is really my question to the mathematicians and cryptographers out there. Is THAT possible?
|
|
|
|
BitchicksHusband
|
|
April 12, 2014, 05:57:06 AM |
|
There is suspicion in secp256r1 that the NSA recommends a seemingly random values to use as your pseudorandom seed. Satoshi chose different values instead. Look at this article: http://bitcoinmagazine.com/7781/satoshis-genius-unexpected-ways-in-which-bitcoin-dodged-some-cryptographic-bullet/For secp256r1, the standard 256-bit pseudorandom curve, the seed is c49d360886e704936a6678e1139d26b7819f7e90, giving rise to the parameters:
p = 115792089210356248762697446949407573530086143415290314195533631308867097853951 a = 115792089210356248762697446949407573530086143415290314195533631308867097853948 b = 41058363725152142129326129780047268409114441015993725554835256314039467401291
The obvious question is this: where did the seed come from? Why was the seed not chosen to be some more innocent-looking number, like 15? In light of recent revelations regarding the US National Security Agency subverting cryptographic standards, an obvious concern is that the seed was somehow deliberately chosen in order to make the curve weak in some way that only the NSA knows.
If the NSA knows of an elliptic curve vulnerability that affects only one specific curve, the pseudorandom parameter generation process would prevent them from standardizing it. However, if they knew of a weakness in one in every billion curves, then the process offers no protection; for all we know, c49d360886e704936a6678e1139d26b7819f7e90 could have been the billionth seed that the National Institute for Standards in Technology tried.
Fortunately, Bitcoin does not use pseudorandom curves; Bitcoin uses Koblitz curves. In Bitcoin’s secp256k1, the parameters are:
p = 115792089237316195423570985008687907853269984665640564039457584007908834671663 a = 0 b = 7
Read the whole thing, it's really a great read.
|
1BitcHiCK1iRa6YVY6qDqC6M594RBYLNPo
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
|
|
April 12, 2014, 06:03:41 AM |
|
SHA256 is a cryptographic hash function.
Secp256k1 is the elliptical curve used by Bitcoin.
They are not related in any way shape or form.
Two different subjects.
|
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
|
|
|
marcus_of_augustus
Legendary
Offline
Activity: 3920
Merit: 2349
Eadem mutata resurgo
|
|
April 12, 2014, 06:04:57 AM |
|
Is really my question to the mathematicians and cryptographers out there. Is THAT possible? Theoretically, yes. An 'error' in an arcane statistical method deep into long-winded technical RFC paper could get missed that makes the method weak in just the right amount in a known location. Other people can say it better https://www.schneier.com/essay-472.htmlThe third is the deliberate sabotaging of security. The primary example we have of this is the NSA's BULLRUN program, which tries to "insert vulnerabilities into commercial encryption systems, IT systems, networks and endpoint communication devices." This is the worst of the NSA's excesses, because it destroys our trust in the Internet, weakens the security all of us rely on and makes us more vulnerable to attackers worldwide.
|
|
|
|
Equate
|
|
April 12, 2014, 06:05:11 AM |
|
Until they are outside US, no chance
|
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
|
|
April 12, 2014, 06:12:04 AM |
|
Back to the idea of a weakness in a hash function: if you have a hash it is impossible to get back to the original text simply because by necessity and design there are always MANY input texts that hash to the same value.
|
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
|
|
|
btcxyzzz
Legendary
Offline
Activity: 888
Merit: 1000
Monero - secure, private and untraceable currency.
|
|
April 12, 2014, 08:08:07 AM |
|
i know 99% have simply downloaded the .exe and not even be bothered to check the code, in the hopes that someone smarter will check it and tell people to downgrade back to version 0.8x if something nasty was in the code.
make that 99.999999999% .... what i'm most affraid of is intentional bugs that can be found easily even if many geeks are looking to it...
|
|
|
|
TheFootMan
|
|
April 12, 2014, 12:11:17 PM |
|
Since anyone can download and read the code how would they do this?
They could've modified the downloadable binary and force a dev to sign the compiled binary so that it looks legit. Not sure how fast a slight modification would've been noticed this way. Checking the code and diffing it with previous releases would show nothing nefarious, and compiling from source and comparing it to the released binary might as well not work very well, as I guess different environments have different build environments and builds will be slightly different unless environments are duplicated exactly? So the change in the binary might for instance allow siphoning of private keys to an adversary. And if the adversary was careful, stealing of coins could go on slowly as not to raise too much suspicion, or it could be used to just control bitcoin addresses, and then freeze them once it's necessary. Ie. 'freezing' it by transferring coins using the stolen private keys. I don't know if there currently is any process whereby the binaries released are checked by several parties before they're ok'ed. The Sha256 checksums and pgp signature only proves that the holder of that signature has vouched for those checksums. There should ideally be some 'paranoid bitcoin' project, or better yet several of them serving as watchdogs alerting the larger community once something nefarious happens. Ideally to stay safe, one should always diff a new release against a previous release by checking what code is added, then understand this code and ensure nothing nefarious has been added, and then compile it yourself. But how could one be sure that eventually sometime some distributor of a linux system doesn't distribute it with a compiler that will insert some nefarious code once it discovers that a bitcoin binary is being made. There's a lot of trust we need to place in other people - and if you become too paranoid, you could worry about details all day long. Any comments to this ? ^^
|
|
|
|
|