Matt Whitlock has recently released a diceware tool for generating Bitcoin address and private key pairs on the venerable Texas Instruments TI-89 portable general purpose portable computer commonly marketed as a "graphing calculator." The software takes input derived from analog dice rolls. The source code, written in C, is available here and it compiles with TIGCC. Whitlock previously worked on the Lamassu Bitcoin ATM. A video where Whitlock demonstrates the key generation process at 10x speed is embedded below: Continue reading
Category Archives: Software
Obama Orders War On Computing And Bitcoin With New "Emergency" Order (Full Text)
Today United States President Barack Hussein Obama has issued an executive order under which he claims emergency power in order to direct the Treasury Department to take action against the property of persons engaged in "malicious" computing related activity. The description of activities determined to be malicious under the order includes is so vague as to potentially include any user of a computing system, but especially targets the normal work of security researchers in civilian employment as Rob Graham (local archive) highlights. The declaration of National Emergency establishes "hackers" as a clear and present danger to the point that people who have merely associated with or even unknowingly contributed any form of support to "hackers" can be subjected to sanctions typically reserved for war criminals, terrorists, and the leaders of drug cartels. Continue reading
March Bitcoin Foundation Update
March was an eventful month for the Bitcoin Foundation as mod6's latest update informs us. The highlight of the month was the release of a Bitcoin software reference implementation as version 0.5.3.1 which includes a build script to create statically linked binary executables from the foundation's source code release. Since the month's release work has continued on building and testing the reference software on a number of platforms, and work to continue porting the software to more software platforms and hardware architectures is planned for the future. Now that the foundation has released a reference implementation, they plan to develop a roadmap of future development goals and projects to pursue next. The full statement contains a number of acknowledgements recognizing the substantial number of people who have contributed to the Foundation success and accomplishments it has enjoyed in its first five months.
Basketball Team Relegated to Lower Division by MS Windows Misbehavior
The Paderhorn Baskets of the German Basketball Budesliga face potential relegation to the lower ProB division after Windows Update forced a delay of game so severe the league had to penalize Paderhorn by reducing their points in the league's standings. While the disastrous security consequences of Microsoft Windows are often the focus of criticism, in this case the disaster was triggered by Window's automatic update functionality which is generally regarded as annoying though somewhat beneficial. In this case however, the rogue behavior of the Windows Updater went from merely annoying to economically and professionally damaging.
March 19th OpenSSL Vulnerabilities Overview
The pre-announced OpenSSL updates purport to address 13 vulnerabilities. Two of the vulnerabilities were graded as being of High severity by the OpenSSL project. The first, CVE-2015-0291 allows client connections to engage in a denial of service attack against servers running OpenSSL. The second high severity issue was the older CVE-2015-0204 where RSA connections could be silently degraded to export quality RSA, originally OpenSSL graded this as a low security vulnerability but reclassified this as a high severity vulnerability. Continue reading
Bitcoin Foundation Reaches Release
The Bitcoin Foundation chaired by mod6 and ben_vulpes has announced its first release milestone. The release dubbed 0.5.3.1 by the foundation consists of a set of patches applied to the original 0.5.3 Satoshi codebase and recipe for combining it all into a static Bitcoin daemon build. This release removes a substantial amount of cruft from the original 0.5.3 release including hooks for Qt and Windows builds along with the problematic alert system and universal plug and play. This release works on Linux with supported release for other platforms planned in the future. The release tarball is available here.
OpenSSL Severe Vulnerability to be Revealed March 19th
The OpenSSL project has announced that on March 19th they will be releasing updates to address what they are referring to as a "highest severity defect" affecting all of their supported versions. Details of the vulnerability are being kept under embargo until the patches are released, though this time the OpenSSL has had the courtesy to disclose the issue to the LibreSSL core team. Here's a snippet from the OpenSSL security policy on high security vulnerabilities: Continue reading
Windows 'Stuxnet' Patch Left Vulnerability Open
Five years after Microsoft issued a patch (archived) to "close" the vulnerability that allowed the Stuxnet virus to propagate, Microsoft today issued another patch which purports to finish closing that same vulnerability. Reportedly rather than actually resolving the vulnerability the patch issued in 2010 merely increased the difficulty threshold for exploiting the open vulnerability. Continue reading
Crapware Still Bundles Mining Software
The uTorrent software has been bundled with a cryptocurrency miner in its latest update. This inclusion has generated a number of user complaints as the mining software degrades the performance of the users computer while also not offering them any benefit. This sort of user abuse is par for the course with explicitly closed source and Windows software.
Bitrated Launches Web of Trust Abomination
Bitrated.com originally started as an arbitrage service to provide consumers with the “protection" of what they have come to expect. The Bitrated Payment System allows for users and merchants to make reversible e-commerce transactions, since GPG contracts are apparently too hard to grasp. The two parties doing business each nominate and agree on a third party to act as a trust arbiter. A transaction is then structured through the payment system requiring 2 of 3 of parties wallet signatures to release the funds to an address. Continue reading