Researchers at Ben Gurion University in Israel have demonstrated an attack that allows malware to communitcate between air gapped computers in close proximity by using the machine's onboard thermal sensors. The demonstration required somewhat controlled conditions and only achieved a transmission rate of eight bits per hour. The slow rate of transmission could however over an extended period of time be sufficient to leak valuable information including cryptographic keys. Continue reading
Author Archives: Aaron 'BingoBoingo' Rogier
Empire in Decline: US Retreats From Yemen, ISIS Escalates to Doxxing
In a double blow to the United State's interests in the Middle East their Special Forces soldiers have been compelled to abandon Yemen while ISIS has escalated their hostilities to include doxxing a hundred members of the United States Armed Forces. Continue reading
March 19th OpenSSL Vulnerabilities Overview
The pre-announced OpenSSL updates purport to address 13 vulnerabilities. Two of the vulnerabilities were graded as being of High severity by the OpenSSL project. The first, CVE-2015-0291 allows client connections to engage in a denial of service attack against servers running OpenSSL. The second high severity issue was the older CVE-2015-0204 where RSA connections could be silently degraded to export quality RSA, originally OpenSSL graded this as a low security vulnerability but reclassified this as a high severity vulnerability. Continue reading
UK Regulates Self Out of Bitcoin
Regulators in the United Kingdom have announced they will begin applying anti-money laundering rules on digital currency exchanges. The British treasury offers that the move will magically promote innovation and lessen criminal activity. This move however in reality means something other than what Reuters' press release on behalf of the Treasury supposes. Continue reading
Bitcoin Foundation Reaches Release
The Bitcoin Foundation chaired by mod6 and ben_vulpes has announced its first release milestone. The release dubbed 0.5.3.1 by the foundation consists of a set of patches applied to the original 0.5.3 Satoshi codebase and recipe for combining it all into a static Bitcoin daemon build. This release removes a substantial amount of cruft from the original 0.5.3 release including hooks for Qt and Windows builds along with the problematic alert system and universal plug and play. This release works on Linux with supported release for other platforms planned in the future. The release tarball is available here.
Journalist Barrett Brown Bears Full Restitution Brunt
After a guilty plea that when presented to the judge assigned him 63 months of time spent in a Federal prison and ordered nearly a million dollars in restitution, Barrett Brown's effort to have the restitution reduced has been denied by the United States District Court for the Northern District of Texas. Brown was ordered to pay restitution to Stratfor and others based on the full calculated damages for the crime of reporting on a crime where the actors responsible for committing the criminal act have not been found, convicted, or otherwise sanctioned. Continue reading
Largest Bitcoin Bet Resolved
The largest Bitcoin bet in terms of absolute value, where on BitBet.us Mircea Popescu laid down 1000 BTC of his own funds on the proposition that Bitcoin would outperform Warren Buffett's Berkshire Hathaway class A stock has been resolved as "No" with Bitcoin's exchange rate having suffered over the past 12 months. A year ago Mircea announced the bet on his blog Trilema and further declared that to hedge the bet he had sold Berkshire. Asked about how he felt about the bet's final outcome he offered: Continue reading
OpenSSL Severe Vulnerability to be Revealed March 19th
The OpenSSL project has announced that on March 19th they will be releasing updates to address what they are referring to as a "highest severity defect" affecting all of their supported versions. Details of the vulnerability are being kept under embargo until the patches are released, though this time the OpenSSL has had the courtesy to disclose the issue to the LibreSSL core team. Here's a snippet from the OpenSSL security policy on high security vulnerabilities: Continue reading
Coinbase Compliance Chief Resigns
The Washington Free Beacon reports that the Chief Compliance Officer of Coinbase has resigned. Chief Compliance Officer Martine Niejadlik resigned Coinbase after spending a bit more than a year with the organization. The Free Beacon notes that recently investors and regulators have been critical of Coinbase's "outreach" efforts where Coinbase has noted that Bitcoin does not respect international sanctions as well as Coinbase's failure to definitively achieve licensing in every US state it claims to operate.
Polish Bitcoin Embassy Closed
According to a post on a Polish language Bitcoin forum the Polish "Bitcoin Embassy" has closed. The operators report physical assault on at least one person affiliated with their effort along with a number of threatening communications directed at the embassy. The original announcement: Continue reading