The prediction market BitBet is showing the money decidedly favors Lee Sedol over Google's AlphaGo to win their upcoming match in March. Early betting favored AlphaGo, as reported by Geekwire (archived), but continued betting has moved the odds to more than 2:1 in Sedol's favor.
Category Archives: Software
Google Unveils Glibc DNS Client Vulnerability, Many Bitcoin Implementations Affected
Today Google's online security blog unveiled a buffer overflow in the Gnu C library's DNS client (archived). The vulnerability allows the getaddrinfo function to overflow opening the doors to all manner of malice. This vulnerability affects all Bitcoin implementations compiled against the GNU C library which invoke DNS. This includes Bitcoin Core and the clients programmed to eventually fork into altcoins including the "Bitcoin" XT and "Bitcoin" "Classic" network clients. The reference Bitcoin implementation maintained by the Bitcoin Foundation is unaffected as DNS was excised from that client,1 and scripts are available for building the reference implementation against the musl C library.2 It is strongly recommended that Bitcoin users patch their preferred client3 to remove DNS or move to a client maintained by a team that cares about security and eliminating unnecessary attack surfaces in advance.
Optical Disc Software Approaching International Crisis
TorrentFreak reports that a substantial lobbying campaign is underway to push the United States Trade Representative to puntively place Antigua on the copyright Priority Watchlist (archived). The dispute centers around continued sales of Antigua based Slysoft's software for backing up the content of optical disc entertainment media. Adversarial legal proceedings are proceeding against Slysoft in Antigua, but through the wonders of this "Rule of Law" business Antigua is compelled to continue allowing Slysoft to continue sales as the courts make decisions according to Antiguan law. At the present Antigua has the blessing of the World Trade Organization to open an explicitly piracy related internet service as compensation for the United State's continued assaults on Antigua's online gaming industry. If the Trade Repesentative moves to sanction Antigua this would be yet another example of the United States refusal to accept that its jurisdiction ends where other state borders begin.
Alan Reiner Quits Armory as Multi-Year Commercialization Effort Fails
Today Alan Reiner announced he is quitting Armory wallet development, and that efforts to commercialize the Armory Bitcoin wallet have failed. Armory started life as a promising wallet management tool that runs on top of a local Bitcoin daemon, but when a "phone home" feature became public knowledge any potential of trusting Reiner as a software developer or Armory as a software product was lost. Reiner with the help of serial fundraiser Trace Mayer raised funds in an attempt to make a business out of the Armory software. Reiner's announcement is presented in full below: Continue reading
Linux Keyrings Bug Dates Back To 3.8 Kernel
Perception Point today publicly disclosed a vulnerability in the way Linux kernels from 2012's version 3.8 and later handle keys (archived).
Lightning Network Code Finally Public
Code for the Lightning network daemon has been made public for the first time on Github (archived). The daemon at present is limited to operation on its own special testnet-L where transaction ids are normalized to prevent malleability. The daemon's README warns against deploying the daemon on the live Bitcoin network or any altcoins in its present state. Blockstream's publication of this code comes as fiat concerns grow more desperate to project their own failings on to Bitcoin through their latest "ClassicCoin" forking effort.
OpenSSH Client Bug Leaks Memory Contents
A newly revealed bug in the OpenSSH client from versions 5.4 through 7.1 allows memory contents to be read by malicious servers (archived). The vulnerability exists in code that allows "roaming" which was added to the OpenSSH client but not the OpenSSH server. Patches which remove the roaming code from the OpenSSH client are available.
Reference Client Patch Bans Bloom Filter Parasites
Today asciilifeform of No Such lAbs offered for review a patch to the reference Bitcoin Client that spares full node operators the burden of having to handle connections from parasitic SPV clients making Bloom filter requests. This complements other recent work on the reference Bitcoin client to promote communion among Bitcoin full nodes absent distractions presented by various things that are not other full nodes. When a node running this patch receives a bloom filter request the debug.log entry looks like: Continue reading
Bitcoin Foundation Address Recap
The Bitcoin Foundation opened the year with a State of Bitcoin Address sharing a few developments as the Foundation continues in its second year of work. The address is highlighted by the Foundation's impending move to tag their reference client version 0.5.4 with the release label. Other developments include: Continue reading
Juniper Fiasco: Greenwald Complicit In Sustaining Mass Surveillance
It was after Juniper burned a vulnerability in its products used to support NSA and GCHQ spying, and after independent researchers discovered the nature of the back door (archived) that Glen Greenwald, formerly of the Guardian, revealed that this vulnerability was in a stash of disclosures he received more than two years ago from Edward Snowden. Greenwald's reveal came six days after Juniper disclosed the existence of the backdoor and a day after independent researches began presenting serious evidence indicating the backdoor was born in the USA. Continue reading