I have worked for several years in bitcoin community. In May 2014 I have published a paper in which I formulated the theory of programmed self-destruction of crypto currency. Few points about this My conclusion was that many crypto currencies were genetically programmed or bound to self-destruct. This is absolutely certain. Not because they were …
Continue reading ‘On Forces of Self-Destruction in Bitcoin’ »
I have spend a few recent days at 2015 CCC congress in Hamburg. CCC is the biggest security conference in Europe with 12,000 participants, and potentially more [tickets were sold out]. Most talks I have attended were really good! 90% are really excellent. CCC is IMHO also the best security conference in Europe. A place like …
Continue reading ‘RNG – Do Not Stop Worrying About Linux urandom’ »
Edward Lucas wrote a nice piece on how businesses can dramatically improve their cyber-security. He says that: “Well-run organisations will stop using passwords and logins in 2016. Instead they will use identifiers that are harder to copy, fake, steal or guess […] Security questions will stop being […] “mother’s maiden name”. Instead they will ask …
According to BBC and many other sources, islamic state terrorists use a messaging app called Telegram to encrypt communications for groups of users. On the surface, Telegram developers seem to support high security standards: they have published the spec and API and funded in November 2014 a handsome 300,000 USD cash prize for cracking …
Continue reading ‘How Islamic State Terrorists Encrypt Their Messages’ »
A so called Bitcoin Generator Tool v.2.9 have been released today (Sat 3 Oct 2015) and already 260 downloads within a few hours! It is a ZIP file which claims that it performs full access on the Bitcoin central SQL database and allows one to add bitcoins to his account. Needless to say there is no such …
Continue reading ‘Criminals Exploit Lack Of Knowledge of How Bitcoin Works’ »
Two prominent bitcoin gurus Gavin Andresen and Mike Hearn decided to release their own software distribution of bitcoin and ALTER the specification of bitcoin! There will be a possibility to mine blocks with a new version number and new rules. This is meant to make bitcoin more democratic: larger blocks, more transactions per second, lower fees, wider …
An interesting paper on the state of InfoSec apathy in which we have lived for too long now. Some citations: “[…]stop buying from vendors who don’t have a strong public – and practical – commitment to security”. “We need to show that we will use our wallets with …
Open source security software also helps criminals. For example TrueCrypt being free and easy to modify has lowered entry barriers for establishing criminal and cyber-espionnage operations (the same applies, well to Bitcoin software!). Example: Operation Potato Express. A fully functional clone of TrueCrypt was since at least 2011 distributed from Russian web sites such as …
Researchers at UCL and in the US claim that the current systems for e-government citizen/user authentication (for example when dealing with taxes or public services), are deeply FLAWED. The main issue raised is that the current systems which are under roll-out in the UK and the US are very poorly engineered with respect to central server/hub …
Continue reading ‘Should One Be Able to Undetectably Impersonate Citizens?’ »
The final report can be found here. The report identifies 4 major vulnerabilities, 2 of them are judged of high severity and are as follows: The most commonly used windows versions of TrueCrypt were found to have a specific problem with calling the function CryptAcquireContext which is used in Truecrypt exclusively for the purpose of …