Categories
hacker culture

Using Bitcoin To Avoid US Poker Laws

Here is an interesting step that might broaden the market for bitcoins. Right now bitcoins fails a simple convenience test – it can take an hour or more to convert the money into bitcoins. Now an online poker store has added bitcoins as a form of payment, giving it a much wider reach:

http://www.businessweek.com/articles/2013-01-03/bitcoin-making-online-gambling-legal-in-the-u-dot-s-dot

“Michael Hajduk had sunk one year and about $20,000 into developing his online poker site, Infiniti Poker, when the U.S. online gambling market imploded. On April 15, 2011, a day now known in the industry as Black Friday, the U.S. Department of Justice shut down the three biggest poker sites accessible to players in the U.S., indicting 11 people on charges of bank fraud, money laundering, and illegal gambling. … Infiniti Poker … plans to accept Bitcoin when it launches later this month. The online currency may allow American gamblers to avoid running afoul of complex U.S. laws that prevent businesses from knowingly accepting money transfers for Internet gambling purposes. ‘Because we’re using Bitcoin, we’re not using U.S. banks — it’s all peer-to-peer,’ Hajduk says. ‘I don’t believe we’ll be doing anything wrong.'”

Hajduk says the ability to store Bitcoins on players’ computers is appealing. “At the end of the day, [the government] cannot freeze your account because they cannot kick down the door to Bitcoin,” he says

There are other risks as well. In recent months hackers have pulled off several Bitcoin heists, and this summer Bitcoin Savings & Trust, billed as a “Bitcoin hedge fund,” made off with more than $5 million entrusted to the site by investors, in what appears to be a Ponzi scheme. Also, Bitcoin wallets can vanish as a result of hard-drive crashes or other computer problems. That’s how at least one user lost 50,000 Bitcoins, according to Peter Vessenes, chairman of Bitcoin Foundation, an organization that helps develop and promote the virtual currency.

The economy for the infamous SilkRoad is much smaller than the 1.5 trillion+ profits that come from the international drug trade:

http://arstechnica.com/tech-policy/2012/08/study-estimates-2-million-a-month-in-bitcoin-drug-sales/
Silk Road sellers have collectively had around $1.9 million of sales per month in recent months. Almost 1,400 sellers have participated in the marketplace, and they have collectively earned positive ratings from 97.8 percent of buyers. And the service is growing, with Silk Road’s estimated commission revenue roughly doubling between March and July of this year.

The current market price for all existing bitcoins is estimated at over $100 million.

Categories
hacker culture Intelligence International Affairs

Interview With Jacob Appelbaum, Member of Tor and Wikileaks

If you’re wondering why they have a microscope embedded so deeply in his ass, he used to be a spokesperson for Wikileaks and he’s also a member of the Cult of the Dead Cow. Hacktivist’s have a six-degrees of Kevin Bacon connection to Wikileaks, it’s likely that not all of the material they receive was purposefully leaked. After credit card companies and banks cut ties with Wikileaks, they were introduced to an extended DDoS attack. As he describe in the interview, looking at metadata and relationships between people, even when using open source information, has created reliatble simulations of outcomttes.

Some of it is as safe as we think it can be, and some of it is not safe at all. The number one rule of “signals intelligence” is to look for plain text, or signaling information—who is talking to whom. For instance, you and I have been emailing, and that information, that metadata, isn’t encrypted, even if the contents of our messages are. This “social graph” information is worth more than the content. So, if you use SSL-encryption to talk to the OWS server for example, great, they don’t know what you’re saying. Maybe. Let’s assume the crypto is perfect. They see that you’re in a discussion on the site, they see that Bob is in a discussion, and they see that Emma is in a discussion. So what happens? They see an archive of the website, maybe they see that there were messages posted, and they see that the timing of the messages correlates to the time you were all browsing there. They don’t need to know to break a crypto to know what was said and who said it.

Traffic analysis. It’s as if they are sitting outside your house, watching you come and go, as well as the house of every activist you deal with. Except they’re doing it electronically. They watch you, they take notes, they infer information by the metadata of your life, which implies what it is that you’re doing. They can use it to figure out a cell of people, or a group of people, or whatever they call it in their parlance where activists become terrorists. And it’s through identification that they move into specific targeting, which is why it’s so important to keep this information safe first.

For example, they see that we’re meeting. They know that I have really good operational security. I have no phone. I have no computer. It would be very hard to track me here unless they had me physically followed. But they can still get to me by way of you. They just have to own your phone, or steal your recorder on the way out. The key thing is that good operational security has to be integrated into all of our lives so that observation of what we’re doing is much harder. Of course it’s not perfect. They can still target us, for instance, by sending us an exploit in our email, or a link in a web browser that compromises each of our computers. But if they have to exploit us directly, that changes things a lot. For one, the NYPD is not going to be writing exploits. They might buy software to break into your computer, but if they make a mistake, we can catch them. But it’s impossible to catch them if they’re in a building somewhere reading our text messages as they flow by, as they go through the switching center, as they write them down. We want to raise the bar so much that they have to attack us directly, and then in theory the law protects us to some extent.

But iPhones, for instance, don’t have a removable battery; they power off via the power button. So if I wrote a backdoor for the iPhone, it would play an animation that looked just like a black screen. And then when you pressed the button to turn it back on it would pretend to boot. Just play two videos. Link

Categories
hacker culture Psychology

On Speed Reading

In order to get up to a high word-per-minute reading basis, you have to cut out subvocalization. The trick I’ve found for doing this is that once you start reading at a certain speed it’s impossible for you to subvocalize.  My own experience has shown me that chunking things together at this speed actually increases my comprehension. My old speed was about 750-850 wpm with 83% accuracy, though I’m somewhat out of practice now. You temporarily lose some comprehension as you adjust to new speeds, so it’s better to warm up with filler material.

However it seems my method won’t work for everyone:

I have tried almost everything to eliminate subvocalization, but I remain unsuccessful. Here is a somewhat comprehensive list of my failed techniques:

  • Counting out loud.
  • Counting internally (through subvocalization).
  • Listening to various types of music.
  • Humming.
  • Making a drawn out noise, both out loud and through subvocalization. (In the latter case I hear both the noise and the words internally.)

I have also tried the often-suggested method of reading so fast that I can’t possibly subvocalize all the words, and this has also been unsuccessful. While I am already capable of reading and understanding without subvocalizing every single word, after reading for half an hour to an hour every night faster than I was comfortable with (highly reduced comprehension) I noticed no increase in how fast I could read with normal comprehension. I don’t expect a great difference to occur instantly, but I calculated no difference at all, which caused me to conclude the method I was using was unsuccessful. Link

On the other hand, it can be easier to break through hard problems by reading things out loud to gain a better understanding of it. It’s sort of a mute point though, grasping difficult technical concepts is about more than just reading speed. To get a really solid handle on things you have to use spaced repetition, the roman room method and the “Feynman” technique:

Here is a free webapp you can load up and insert text in to get started:

http://www.spreeder.com/app.php

Make sure your material (the What) is fairly easy for you. You should know something about the subject matter and have no major problems with the vocabulary, style, or ideas. Don’t expect to read Scientific American or Spinoza’s philosophy rapidly and with full comprehension the first time through, unless you are a scientist or philosopher. Link

On a side note, I suspect that this method may be applicable to remote viewing training, we can prevent analytic overlay by chunking and therefore speed up the process. Taking the time to stop and draw out or put information into words unpacks the knowledge and slows you down to the point that you start subvocalizing. New techniques combined with the integration of electromagnetic stimulation and fMRI can advance the field beyond it’s current lackluster state. Mystics have spent generations trying to figure out ways to quiet the mind, though now this meditation is used more for it’s emotionally therapeutic benefits rather than for increasing raw focusing power.

See also:

https://colonyofcommodus.wordpress.com/2012/06/19/more-crv-stuff/

https://colonyofcommodus.wordpress.com/2012/05/23/psicontrolled-remote-viewing-testing-resources/

Categories
gaming hacker culture trolling

Troll Appoints Self “Official Trainer” on Black Ops Server, Rage Ensues

As a Yank, I enjoy hearing the different accents and slang from all over the UK in General Minus’ griefing videos.
“You nob’ead!”

Minus’ patronizing attitude is made worse by the fact he has a comparatively posh London area accent. He always gets the Geordie and Scouse players stirred up into a rage by seeming to look down on them as chavs.
In one of his videos he actually calls them all ‘peasants.’

Minus is a master manipulator, maneuvering his marks into qualifying themselves even when he is obviously the one in the wrong.
He gets them to surrender their moral high ground by getting them to curse at him furiously while he sticks to superficially polite language.
Time after time, he gets them to lose their cool and from that moment, he’s the one in control.

He may start out with mere team killing, but by tacitly threatening to kill teammates, he forces them to kill him, causing them to lose points. Worse, this leaves his teammates without a clear pretext to get him banned.

Perhaps the best for last: He bluffs that he’s about to leave the server but doesn’t. Everyone obviously wants him to leave, so he toys with them keeping them in a state of suspense until he’s finally satisfied.

Categories
gaming hacker culture trolling

Picard Harasses A Ventrilo Channel

Categories
hacker culture technology

Anon’s Advice On Computer Hardware Security

• use a CD-R to boot (even better: a Pocket CD-R as you can carry them around more easily, but they are harder to come by nowadays)
• CD-Rs have digits and characters carved/lasered/whatevered into their inner ring close to the center which are probably unique to every disc: memorize those and always check them in case someone tries to slip you a fake CD-ROM
• under Linux, you have to boot the kernel from the CD, but that means you have to burn a new one after every kernel upgrade. to circumvent that, use the kexec program and work it into the boot scripts so that the boot CD boots the updated kernel from the decrypted harddrive (yes, it means you have to enter your password twice for each bootstrap — you’ll get used to it).
• buy a clean, cheap keyboard and glue it shut so that no hardware keylogger or microphone can be implanted into it; switch keyboards if you have a Model M
• use a disk password with maximum entropy, i.e. if you algorithm is 256 bits wide, generate 256 or more random bits and convert them into a form that can be typed on a keyboard (I use XXEnc which gives passwords 43 chars wide)
• change your disk passwords every time you re-install your distro to restore system integrity
• put something over your keyboard while typing the password to protect against cameras
• Debian boot scripts make it possible to key in your password using the power button using input-events, though I only did this once and I have to admit that it is quite paranoid even for my standards.
• to protect against BIOS rootkits, take out the Flash chip, cut off the Write Enable pin, put it back in, and seal it off with epoxy glue so everyone trying to Flash it will have to destroy your motherboard.
if you’re really paranoid disassemble audit the BIOS code beforehand

• always shut down your machine when leaving the house for more than 5 minutes
• always lock the desktop/workstation when walking away from it, esp. when answering the door. NO EXCEPTIONS!
• write and setup a dead man’s daemon; it is possible to add a manually triggered sudden death primer that will kill the machine if not deactivated within twenty minutes for when the police busts down your door.
• always remember that encryption algorithms have shelf life, so if you confess to a murder on your hard drive, and someone gets an encrypted image, all they have to do is wait.
• at some point in the future, encryption will inevitably become illegal, so you’ll have to switch to data carriers which are small enough to be easily hidden; however, the government will make them illegal eventually as well, so when you stockpile a certain gun type after the next shooting spree, consider stockpiling a few microSD cards as well.
• I personally think plausible deniability setups are useless: if you live somewhere where encryption is illegal, you are living in a place where the police will find other ways to get clear text (i.e. they will have it tortured out of you). You can still use one if it makes you sleep better at night.

• Disable Firewire if you have it. Firewire devices have access to the entire memory and can be used to own your box immediately. Gluing the ports shut would be the safest, but I think deactivating them in the BIOS should suffice (correct me if I’m wrong here). (credit: mycall)
• Similar problems exist for USB devices under Linux all OSes with USB support due to the trusting nature of the USB kernel drivers architecture, but I don’t know enough here to give a solution. Just not plugging in untrusted USB devices while having a display or a shell open would probably help already. Here’s an article with more details on USB HID attacks.
• Realize that there are forensic Uninterrupted Power Supply (USP) devices, i.e. maintain screen locking discipline because I don’t see how else to counter this. (credit: anonmouse/mindbender)
• Cold boot attacks are hard to defend against by anything other than gluing your memory into the banks with epoxy.
• Be careful when setting up data-destroying booby-traps (physical AND software); things like these piss of judges more than you might think, and in some jurisdictions this is even illegal.

Categories
hacker culture technology

Software Piracy Rate – Weighted Average By Country

Most of the activity is from countries that are too poor to buy the product legally – The USA is at the very bottom

Categories
hacker culture Problem Solving Psychology

2 Ways Of Working Through Hard Problems

1. Write the problem out and then read it aloud. Sometime’s it’s easier to make sense of something if you hear it. 2. Create pictures of what you are thinking about, if you need to be creative link them with other images you already have (IE Roman Room Method). A lot of people have a hard time picturing things vividly, so you have to work up to being able to really use the technique properly.

Categories
hacker culture

Stand Tall

Exult in your existence, because that very process has blundered unwittingly on its own negation. Only a small, local negation, to be sure: only one species, and only a minority of that species; but there lies hope. Stand tall, Bipedal Ape. The shark may outswim you, the cheetah outrun you, the swift outfly you, the capuchin outclimb you, the elephant outpower you, the redwood outlast you. But you have the biggest gifts of all: the gift of understanding the ruthlessly cruel process that gave us all existence, and the gift of revulsion against its implications. -Anon

Categories
hacker culture

Truecrypt – Issues With Plausible Deniability

Right now there are legal wars in most of the Western world about whether someone should be forced to give up passwords to hidden volumes. There are precedents on both sides, however generally speaking they will try and twist your arm. So people came up with the plausible deniability option, along with encrypted files within files.

Cryptology isn’t my specialty, so forgive me if this is off.

The Truecrypt file should be named after a compressed file, .avi .jpg .mp3, ect… not .dll or anything like that else a hex editor can tell that it is not a legitimate .dll file. The hidden volume should be stored on a FAT or encrypted partition, with an encrypted OS and without using any programs like microsoft word, ect that log data and usage.

The clencher is, there appear to be incriminating headers at the beginning of volumes in the metadata which would reveal that it is an encrypted volume (though not revealing the contents therein). That means you can’t just claim that a partition is just an innocent corrupted .avi file. The Plausible deniability feature of truecrypt is therefore probably broken. Removable media, like encrypted external hard drives, may still be vulnerable due to the filesystem metadata. The ability which was added that allows you to run the entire OS encrypted, allowing you to create a decoy and a hidden OS along with data.

A link about the cracked older version dated 2008

http://www.schneier.com/blog/archives/2008/07/truecrypts_deni.html

Categories
Future Trends hacker culture

Human Destiny

Adapt. Evolve. And most importantly, assimilate.

When man looked out onto the world, he did not question how to make himself belong to it – he asked how to make it belong to him.

The first of what would soon be countless of animals we tamed was the canine. In it, we saw strength, ferocity, and loyalty. But we didn’t hunch to all fours and growl at them, no – we took the canine and put into them something of our own selves. We took the wolf and made them, in the smallest way, human. We gave them names and identities where they had none. And we trained them to understand full subordination. The canine learned to give up it’s life for the human.

We walked our planet, discontent with what we had. We adapted to the harshest of environments, living in places the non-humans would deem “unlivable,” and doing it with the crudest technologies. We evolved to this task further, to walk across any land and live. And we assimilated. We were not nurtured by our planet, but instead nurtured it. We taught our crops to grow according to our whims. We allowed the animals to learn how best to live in servitude under us, so that they might advance their own destiny aside ours, by our wishes. Even in our religions, we forged gods not of the plants, but of ourselves. The oldest religions claim we were made in God’s image, but now we know the truth – we made Him in ours.

Remember this, soldiers, when you leave this academy. This is our heritage. This is what it means to be human. The other races are content on borrowing their planets. We own them. That is our destiny – to walk alien lands, and tame them. – Anon

Categories
gaming hacker culture trolling

“EVERYONE TO TEH CHURCH”

Minecraft griefers visit a server where all the players are compelled by the admins to periodically attend a church, make donations, and get baptized.  The griefers’ mission: send this heavenly server to hell.