Reddit user zanetackett, Director of Community and Product Development for Bitfinex, is now claiming that losses total 119,756 BTC in the hack reported on earlier today. Attackers were apparently able to obtain the offline keys used for the multisig setup used by the exchange, though Buttfinex officials have yet to comment on the exact attack vector. The company further states that "their insurance does not cover these losses" and that "Any settlements will be at the current market prices as of 18:00 UTC" which was just at $600 per coin.
Monthly Archives: August 2016
Yet Another Underwhelming Effort To Fork Bitcoin Unveiled
After the grossly underwhelming reveal of last month's "Terminator Plan" hard fork buzz this month brings yet another social engineering attempt. A new subreddit named "btcfork" was publicly announced and it swiftly filled with a bunch of activity from people who won't attach names to the positions they are trying to advance. Apparently having people with names was the problem this whole time! This latest attempt comes after Ethereum hard forked with substantial lulz. The nameless posters however insist that this will be different and successful. Sorry fork, your loss.
Network Difficulty Experiences Modest Drop Of ~5.4% In Second Change Post Halving
Bitcoin network difficulty fell ~5.43 percent from 213492501107.51336670 to 201893210853.05895996 in its second adjustment following the second halving of the Bitcoin block reward subsidy. The first adjustment following the halving was a very slight increase in difficulty. Paired with the bleeding and breaking occurring among fiat/Bitcoin interfaces it looks like the short term forecast is "there will be lulz."
Phuctor Finds Seven Keys Produced With Null RNG, And Other Curiosities
Phuctor is a public service, operated by S.NSA. It catalogues extant RSA public keys which are known to be inexpensively breakable.1
Recently, Phuctor's algorithmic arsenal was expanded to include a search for perfect squares, which was then further generalized to Fermat's factorization method. A perfect square RSA modulus results from an ill-conceived, subverted, or otherwise catastrophically-broken key generator where a cryptographic prime P is created and immediately re-used verbatim, as prime Q. An RSA modulus factorable via Fermat's method contains two factors which are dangerously (i.e., cheaply-discoverably) close together. This typically results from a lulzimplementation of RSA where prime Q is generated by finding NextPrime(P), rather than independently.
The perfect square finder immediately yielded up a modulus which consisted merely of the square of the next prime following 2^1023. This type of RSA public modulus is consistent with a scenario where a PGP client is operated on a system containing a null-outputting RNG. This trivially-breakable modulus was found to occur in no fewer than seven RSA public keys, claiming the following user IDs:
- Mahmood Khadeer <mhkhadee AT hotmail.com>
- none <algemeenoptie2 AT gmail.com>
- Godless Prayer <godless.prayer AT gmx.de>
- john <john.k.pescador AT hawaii.gov>
- Bjoern Schroedel <bjoern AT schroedel.cc>
- Bjoern Schroedel <bjoern.schroedel AT gmx.de>
- Nick Ruston <alliancemicro AT dodemall.redcheetah.com>
Mr. Pescador appears to be, or to have once been, an employee of the State of Hawaii, a curator of data.hawaii.gov (archived), and — apparently — of an empty GitHub repository. (archived). Mr. Khadeer is the President of the Muslim Association of Puget Sound (MAPS) in Redmond (archived), famous primarily for 'heartfelt condemnations' (archived) of this and that, published like clockwork for the past decade. Not much is publicly known about the other victims and/or perpetrators of brain-damaged cryptography in the above list.
The subsequent search for Fermat-factorable RSA moduli yielded exactly one additional result. This very peculiar PGP public key is suggestive of an aborted attempt at the development of a cross-site scripting (XSS) attack against PGP users who might decode the key and display its User ID field in certain WWW browsers.
Peace in our ctime();
For the comedic gold let it be pointed out that prior to Phuctor's existence this kind of key simply did not exist, as per official truth. Nowadays they "obviously" do exist, but after the failure of embrace-extend-hijack attempts spearheaded by Hanno Böck, the deceitful shitbag they're simply "not interesting" as per the same official narrative ; and moreover, systematic causes for their existence still do not exist, at any rate not past "Cosmic Rays did it". Certainly the involvement of the usual array of inept USG agencies can not possibly be suspected. Isn't official nonsense ever so fascinating ? ↩
Bitfinex Breaks: Fiat Exchange That Never Had Anything To Do With Bitcoin Finally Goes Away
To quote from 2013 :
I. Self-moderated "support thread", filled with a bunch of socks posting nonsense. This is standard scammer operating procedure.
II. Running stolen, bug ridden software (the old Bitcoinica codebase) that has already proven itself useless in the marketplace (three times!)
III. Scammers themselves admit to crediting "investors" infinite USD/BTC to execute the naive users.
It's true that scammer tags aren't really given out much anymore, but that's no reason to allow well known scammers run amok. You have been warned.
To quote from 2016 :
We are investigating the breach to determine what happened, but we know that some of our users have had their bitcoins stolen. We are undertaking a review to determine which users have been affected by the breach. While we conduct this initial investigation and secure our environment, bitfinex.com will be taken down and the maintenance page will be left up.
Sorry for your loss.
Coinbase Engineering Director Jokes That Roger VERified Their Coins Are Safe
Coinbase Director of Engineering Charles Lee1 (WOT:coblee) today joked on Twitter that Roger Ver has VERified the Coinbase coins are safe. Roger similarly VERified that the coins at Mt Gox were safe and present in their reserves up until the moment Mt Gox died and even then for a bit of time after that. The history of Roger VERified jokes stretches back to December of 2012.
In December 2012 Roger Ver (WOT:nonperson) used his access to the administrative panel of Blockchain.info in order to compromise the supposedly secret information of a user of that service following a dispute over a payment error made by an unrelated venture of Roger Ver's (archived). The payment error was for 4.5119 Bitcoin, an amount that summed to less than 50 United States dollars at a time when buying that amount of Bitcoin was still an easy task.2
Compounding Roger Ver's mistake was his attempt at a cover up insisting that he was a sufficiently special snowflake to have all threads discussing the matter retitled, locked, and deleted (archived). At the time MPOE-PR (WOT:hanbot) wrote of his efforts:
We're not discussing the "change the thread title" part of your statement. We're discussing the "better yet, lock the thread and ask the mods to delete it" part of your statement.
It is not this thread that is causing undue alarm. The alarm is very much due, this BS of divulging customer details is widespread to the point of universality. Aurum did it, MtGox did it, the list is pretty much "everyone except MPEx". This has to cease, universally, as it has no place in BTC.
The other thing that has to cease is the unwarranted delusions of self importance. You personally are not great enough to request moderators to delete the signs of your stupidity "so as not to harm bitcoin". Should you want to request it, do it in the adequate terms, which are "I've been really stupid, please delete this before it ruins my reputation".
That aside, you personally are not big enough to harm Bitcoin, for one, and moreover this "too big to fail" mentality and the corresponding expectation of throwing everything to the wind for the sake of propping up random doods with self-awarded VIP status is completely irrational.
Since the Blockchain.info episode Roger Ver has continued his pursuit of pennies at the expense of potential fortunes. He publicly defended the insovlent Mt Gox, engaged in premature passport shennanigans that greatly restricted his ability to travel, further sold his illusion of credibility in the XTCoin and ClassicCoin pushes, and jumped on the ether huffing train shortly before their huffing bag detonated. Sorry for your Roger VERified loss.
Of "Litecoin" infamy. Litecoin was this "better Bitcoin" endorsed by Wired Magazine in August 2013 much like DogeCoin and Ethereum would later be "better Bitcoins" endorsed by mainstream media rags until they sunk. ↩
It was indeed less that four years ago that a person could acquire 5 whole Bitcoins for less than the price of a nice restaurant meal. ↩
Gawker Media's Nick Denton Personally Files For Bankruptcy
Gawker Media founder Nick Denton (WOT:nonperson) filed for bankruptcy protection. This follows Gawker Media's filing back in June. This bankruptcy filing follows Denton fraudulently misrepresenting to the court value of the Gawker Media stock posted as bond following the loss by his company and himself personally to Hulk Hogan. The day after Denton posted the Gawker media stock as bond, Gawker media filed for bankruptcy. Failing to take personal responsibility for his failings, Denton blames fellow homosexual in tech Peter Thiel (WOT:nonperson) for using his play money to support litigation against Denton and Gawker Media for outing Thiel's homosexuality. Sorry for your loss.
Tree Nuts Liberated In California
In a state known for enviro-mentalism, exorbitant housing prices, inoffensive wine, and year-round surfing, a $9.3 bn per year industry is being skimmed by asset liberators other than those in Sacramento and Washington (archived). These non-violent crimes – stealing truckloads of physical altcoins in the shapes of almonds, pistachios, and a variety of other tree nuts – are apparently being conducted using falsified documentation, laptops, and cell phones, tools widely known to be used by scammers and terrorists and probably next in line for the political firing squad after the beloved AR-15. Last year, 310.847 tons of untraceable anonymous tree nuts valued at $4.6 mn were reported stolen.
Unable to contend with unknown bands of brazen thieves stomping on their turf, California's State Assembly is looking to flush even more taxpayer money it doesn't have down the drain by creating an "Agricultural Cargo Theft Task Force" to contend with the rising challenge. Sorry for your nuts.
Black Lives Matter Releases Segregationist Demands
A group calling itself "The movement for Black Lives" claiming to speak as the voice of all smaller "Black Lives Matter" groups has issued a policy platform centered around six demands. Each of the six demands is composed of numerous sub demands. The demands are:
- End the war on Black people
We demand an end to the war against Black people. Since this country’s inception there have been named and unnamed wars on our communities. We demand an end to the criminalization, incarceration, and killing of our people. This includes:
An immediate end to the criminalization and dehumanization of Black youth across all areas of society including, but not limited to; our nation’s justice and education systems, social service agencies, and media and pop culture. This includes an end to zero-tolerance school policies and arrests of students, the removal of police from schools, and the reallocation of funds from police and punitive school discipline practices to restorative services.
An end to capital punishment.
An end to money bail, mandatory fines, fees, court surcharges and “defendant funded” court proceedings.
An end to the use of past criminal history to determine eligibility for housing, education, licenses, voting, loans, employment, and other services and needs.
An end to the war on Black immigrants including the repeal of the 1996 crime and immigration bills, an end to all deportations, immigrant detention, and Immigration and Custom Enforcement (ICE) raids, and mandated legal representation in immigration court.
An end to the war on Black trans, queer and gender nonconforming people including their addition to anti-discrimination civil rights protections to ensure they have full access to employment, health, housing and education.
An end to the mass surveillance of Black communities, and the end to the use of technologies that criminalize and target our communities (including IMSI catchers, drones, body cameras, and predictive policing software).
The demilitarization of law enforcement, including law enforcement in schools and on college campuses.
An immediate end to the privatization of police, prisons, jails, probation, parole, food, phone and all other criminal justice related services.
Until we achieve a world where cages are no longer used against our people we demand an immediate change in conditions and an end to public jails, detention centers, youth facilities and prisons as we know them. This includes the end of solitary confinement, the end of shackling of pregnant people, access to quality healthcare, and effective measures to address the needs of our youth, queer, gender nonconforming and trans families. - Reparations
We demand reparations for past and continuing harms. The government, responsible corporations and other institutions that have profited off of the harm they have inflicted on Black people — from colonialism to slavery through food and housing redlining, mass incarceration, and surveillance — must repair the harm done. This includes:
Reparations for the systemic denial of access to high quality educational opportunities in the form of full and free access for all Black people (including undocumented and currently and formerly incarcerated people) to lifetime education including: free access and open admissions to public community colleges and universities, technical education (technology, trade and agricultural), educational support programs, retroactive forgiveness of student loans, and support for lifetime learning programs.
Reparations for the continued divestment from, discrimination toward and exploitation of our communities in the form of a guaranteed minimum livable income for all Black people, with clearly articulated corporate regulations.
Reparations for the wealth extracted from our communities through environmental racism, slavery, food apartheid, housing discrimination and racialized capitalism in the form of corporate and government reparations focused on healing ongoing physical and mental trauma, and ensuring our access and control of food sources, housing and land.
Reparations for the cultural and educational exploitation, erasure, and extraction of our communities in the form of mandated public school curriculums that critically examine the political, economic, and social impacts of colonialism and slavery, and funding to support, build, preserve, and restore cultural assets and sacred sites to ensure the recognition and honoring of our collective struggles and triumphs.
Legislation at the federal and state level that requires the United States to acknowledge the lasting impacts of slavery, establish and execute a plan to address those impacts. This includes the immediate passage of H.R.40, the “Commission to Study Reparation Proposals for African-Americans Act” or subsequent versions which call for reparations remedies. - Invest-Divest
We demand investments in the education, health and safety of Black people, instead of investments in the criminalizing, caging, and harming of Black people. We want investments in Black communities, determined by Black communities, and divestment from exploitative forces including prisons, fossil fuels, police, surveillance and exploitative corporations. This includes:
A reallocation of funds at the federal, state and local level from policing and incarceration (JAG, COPS, VOCA) to long-term safety strategies such as education, local restorative justice services, and employment programs.
The retroactive decriminalization, immediate release and record expungement of all drug related offenses and prostitution, and reparations for the devastating impact of the “war on drugs” and criminalization of prostitution, including a reinvestment of the resulting savings and revenue into restorative services, mental health services, job programs and other programs supporting those impacted by the sex and drug trade.
Real, meaningful, and equitable universal health care that guarantees: proximity to nearby comprehensive health centers, culturally competent services for all people, specific services for queer, gender nonconforming, and trans people, full bodily autonomy, full reproductive services, mental health services, paid parental leave, and comprehensive quality child and elder care.
A constitutional right at the state and federal level to a fully-funded education which includes a clear articulation of the right to: a free education for all, special protections for queer and trans students, wrap around services, social workers, free health services (including reproductive body autonomy), a curriculum that acknowledges and addresses students’ material and cultural needs, physical activity and recreation, high quality food, free daycare, and freedom from unwarranted search, seizure or arrest.
A divestment from industrial multinational use of fossil fuels and investment in community- based sustainable energy solutions.
A cut in military expenditures and a reallocation of those funds to invest in domestic infrastructure and community well-being. - Economic Justice
We demand economic justice for all and a reconstruction of the economy to ensure Black communities have collective ownership, not merely access. This includes:
A progressive restructuring of tax codes at the local, state, and federal levels to ensure a radical and sustainable redistribution of wealth.
Federal and state job programs that specifically target the most economically marginalized Black people, and compensation for those involved in the care economy. Job programs must provide a living wage and encourage support for local workers centers, unions, and Black-owned businesses which are accountable to the community.
A right to restored land, clean air, clean water and housing and an end to the exploitative privatization of natural resources — including land and water. We seek democratic control over how resources are preserved, used and distributed and do so while honoring and respecting the rights of our Indigenous family.
The right for workers to organize in public and private sectors especially in “On Demand Economy” jobs.
Restore the Glass-Steagall Act to break up the large banks, and call for the National Credit Union Administration and the US Department of the Treasury to change policies and practices around regulation, reporting and consolidation to allow for the continuation and creation of black banks, small and community development credit unions, insurance companies and other financial institutions.
An end to the Trans-Pacific Partnership and a renegotiation of all trade agreements to prioritize the interests of workers and communities.
Through tax incentives, loans and other government directed resources, support the development of cooperative or social economy networks to help facilitate trade across and in Black communities globally. All aid in the form of grants, loans or contracts to help facilitate this must go to Black led or Black supported networks and organizations as defined by the communities.
Financial support of Black alternative institutions including policy that subsidizes and offers low-interest, interest-free or federally guaranteed low-interest loans to promote the development of cooperatives (food, residential, etc.), land trusts and culturally responsive health infrastructures that serve the collective needs of our communities.
Protections for workers in industries that are not appropriately regulated including domestic workers, farm workers, and tipped workers, and for workers — many of whom are Black women and incarcerated people— who have been exploited and remain unprotected. This includes the immediate passage at the Federal and state level of the Domestic Workers Bill of Rights and extension of worker protections to incarcerated people. - Community Control
We demand a world where those most impacted in our communities control the laws, institutions, and policies that are meant to serve us – from our schools to our local budgets, economies, police departments, and our land – while recognizing that the rights and histories of our Indigenous family must also be respected. This includes:
Direct democratic community control of local, state, and federal law enforcement agencies, ensuring that communities most harmed by destructive policing have the power to hire and fire officers, determine disciplinary action, control budgets and policies, and subpoena relevant agency information.
An end to the privatization of education and real community control by parents, students and community members of schools including democratic school boards and community control of curriculum, hiring, firing and discipline policies.
Participatory budgeting at the local, state and federal level. - Political Power
We demand independent Black political power and Black self-determination in all areas of society. We envision a remaking of the current U.S. political system in order to create a real democracy where Black people and all marginalized people can effectively exercise full political power. This includes:
An end to the criminalization of Black political activity including the immediate release of all political prisoners and an end to the repression of political parties.
Public financing of elections and the end of money controlling politics through ending super PACs and unchecked corporate donations.
Election protection, electoral expansion and the right to vote for all people including: full access, guarantees, and protections of the right to vote for all people through universal voter registration, automatic voter registration, pre-registration for 16-year-olds, same day voter registration, voting day holidays, enfranchisement of formerly and presently incarcerated people, local and state resident voting for undocumented people, and a ban on any disenfranchisement laws.
Full access to technology including net neutrality and universal access to the internet without discrimination and full representation for all.
Protection and increased funding for Black institutions including Historically Black Colleges and Universities (HBCU’s), Black media and cultural, political and social formations.
Coinbase And Reddit Work To Hide Blood From Users
With rumours of insolvency still buzzing on social media, Coinbase CEO Brian Armstrong took to Twitter to announcing that the company "has all funds to cover user deposits." Apparently cryptographic proof is too hard for the company to present to the public. (archived) Irate users quickly responded with calls for independent audits as Ether huffers still wonder why the exchange refuses to credit their Ethereum Classic tokens to their accounts. Armstrong reminded users that Coinbase "is not a wallet" and users can store their funds in a multisig vault – the exact same type of setup that failed to protect users of Evolution darknet market when it collapsed in an exit scam. The official Coinbase site still bills itself as a digital currency wallet, and offers a "wallet app" on the Google Play store. The companion announcement on reddit quickly was upvoated to the front page. Sorry fork, your loss.