Governments Can Soon Feel Less Threatened By Bitcoin’s Anonymity

Soon, the governments of the world will not need to worry about the anonymous properties of Bitcoin so much.

If you think about it, Bitcoin is mostly a PGP Key ring and a replicated accounting ledger. The ledger lets you know how much money you have, the public keys allow you to receive money, the private keys allow you to spend money (digitally sign it off). The most significant point of this is that while carrying your money around, you’ll have the means to digitally sign any electronic message with an intuitive and easy to access medium.

Imagine one day you go to your local government’s motor vehicle department to renew your driver’s license. When it comes time to pay the fees, Bitcoin payment is mandatory. The reason the government wants you to use Bitcoin over their fiat dollars, is so they can associate your public Bitcoin address with your identity.

After you’ve renewed your license and registered your Bitcoin address with the government, you’ll need to pick up some milk at the groceries. Because Bitcoin is more efficient than cash, the grocer will require them as payment. However, it’s now not just a simple scan of a QR code and off you go – the grocer wants to make sure that 0 confirmation transaction will go through. So they present you with a challenge string (or a hash of it) “timestamp customer_id receipt_number amount” and before your transaction can be completed, you’ll need to sigh that challenge with your government registered Bitcoin key as a part of their “know your customer” policy. If there is any problem with the transaction, the store has a digitally signed receipt from you to confirm the transaction and contact information on file to help remediate the problem through email and their web site.

Eventually, merchants will be required to retain digitally signed receipts from customers for items the government would like to track. An this would not be very hard to implement in the lightest of clients. Some issues such as key revocation might have to be addressed, but it doesn’t seem any harder than applying for a new drivers license and registering a new Bitcoin address when it gets lost or compromised.

Additionally, these same Bitcoin keys can be used to create digital signatures for purposes other than financial transactions – Electronic document authenticity and acknowledgement, authentication, and acceptance of terms of service, etc.

These ideas might not result in the best outcome for privacy advocates, but if it is what we must endure for the governments of the world to accept Bitcoin – Personally, I accept it.

Posted in Bitcoin, Digital Signatures

Bitcoin Bingo

Bitcoin Bingo is a game designed to teach people the basic principles behind Bitcoin Mining, demonstrate its important role for the system, and can be a great socializer at Bitcoin Meetups. The Las Vegas Bitcoin Meetup is planning on using this as a raffle game to give out Bitcoin related door prizes like TShirts.

The Setup

The host will generate a random 6+ digit number on their laptop. This can be done with an LibreOffice or Google Docs spreadsheet and a randomly generated number in a huge font size. When everyone is ready, the number is displayed to the players. Each round will require a new random number. This is referred to as “The Block”.

Up to 4 experienced players or volunteers are chosen to mine the first round to show the N00bs how its done. At the beginning of each subsequent round, up to two “n00b” miners are added to the game (to a maximum of 9 players). Each round’s difficulty rating is calculated by the formula (10 – Bitcoin Bingo Players).

How To Play

The host displays the “Block” number and calculated difficulty level to all the players at the same time. Each player will then immediately generate their own single digit random number, know as the “Nonce”, and append it to the “Block” number. Example: If the Block is 523853 and the player picks 4 as their Nonce, their number to reduce or “Hash”, is 5238534.

Phase One – Hashing

Hashing is performed by calculating the “Pythagorean Reduction” of the Block and Nonce numbers. To hash their problem, each digit is added to the next, recursively, until there is only one digit remaining. Example:

Block: 523853
Nonce: 4
Problem: 523853+4 = 5+2+3+8+5+3+4 = 30 ...
   = 3+0 = 3

Once the Hash has been resolved, it is compared to the difficulty set at the beginning of the round. The first person to calculate a hash below the round’s difficulty yells out their Nonce to the rest of the crowd. If their solution is not less than the difficulty, then the player will pick a new Nonce and try again.

Phase Two – Confirmation

Now that someone has called “Bingo!”, other Miner’s have two options:
1) Continuing their work on their own Nonce – in case the Bingo yelling Miner messed up their calculation.
or, 2) They can begin to confirm the work of one of the Bingo solvers. The first Miner to confirm the solution yells “Confirmed!”.

The Miner that solved the Bingo gets the primary prize and the confirming Miner gets the secondary prize.

Important Points

The host should keep track of who is yelling “Bingo!” and attempting to confirm solutions as some Miners might be trying to poison the game with false claims. In this case, the order of claims will be very important.

Noobs watching the game should pay particular attention to how the difficulty level changes the game dynamic. The more people working on the problem, the harder it is to solve the problem.

It should be pointed out at some point that 51% of the players should confirm the solution before continuing to the next round or there may be a fraud being perpetrated by rouge Miners.

Acknowledgment

This game is “open source” and dedicated to the success of Bitcoin as a world currency. If you enjoyed playing Bitcoin Bingo or just simply like the idea of my game, please send a Bitcoin token of your appreciation to 112rddwbSLdieuAuw2mj45SN8qgMqh3N7h and/or purchase one of my TShirts. Thanks to gmaxwell and Not_Satoshi_Nakamoto for their input and sanity checking.

Thanks and Viva La Bitcoin!

Posted in Uncategorized

A couple of Bash scripts added

I’ve added two script pages. One is called jump, a ssh session logging script that supports non-repudiation. The other is called Cat Last, which reads the last updated jump log and helps or allows you to parse output from that jump session. This is specifically useful for network administration where some CLIs don’t allow for any useful parsing tools such as grep or awk.

Check them out, and please, let me know what you think!

Posted in Uncategorized

Junk Mail Reporting Parnership Program

I’ve always had issues sending email to MSN accounts from my Linode – getting bounces with the dreaded Blacklist 550-SC001 error message.

Well I apparently have broken through this wall having enrolled in the Junk Mail Reporting Partnership Program at Microsoft. It’s basically a contract that identifies your SMTP servers, a reporting email contact address you maintain, and a promise to respond to opt-out requests.

Here’s my welcome message:
Junk Mail Reporting Partnership Program Welcome Message

Posted in Email, Spam

Managing sshd Keys

One of my pet peeves is blindly accepting ssh server keys. This is usually cause by a lazy or uninformed Sysadmin who has failed to properly manage his server keys, but secondly by users discounting the importance of verifying server keys and not demanding their credential validation process be better protected.

As a server admin you have these responsibilities to your users:

  • Proper record keeping of your server keys
  • Backup/Restore procedures for server keys
  • A well defined process for publishing the server keys to allow easy validation by users.

As an ssh user, you have these responsibilities to your organization to maintain confidentiality and protect your own non-repudiation:

  • Do not blindly accept unknown ssh server fingerprints when you first connect to a server.
  • Initiate an incident when you your ssh client claims a problem with previously validated server keys.

When Sysadmins build a new server, the sshd keys should be backedup and fingerprint information recorded for future reference. From a console session on the newly build machine, backup the sshd key data usually located at /etc/ssh/ssh_host_*. Simply make sure the data is backed up to a secure location. The key to this step is to restore these keys if you ever need to rebuild the server. If you don’t, then you’re encouraging your users to blindly accept a new and unknown server key!

Fingerprint data can be recorded by the command “find /etc/ssh/*.pub -exec ssh-keygen -lf {} \;”, which will output something like:
[jtosh@primus ssh]$ find /etc/ssh/*.pub -exec ssh-keygen -lf {} \;
1024 3f:4a:c2:f1:bc:ad:73:08:c8:a2:11:07:60:32:26:a7 ssh_host_dsa_key.pub (DSA)
2048 86:07:13:98:d8:2d:26:24:63:77:80:03:d7:ca:dd:2b ssh_host_key.pub (RSA1)
2048 a3:05:84:91:2e:d1:a0:f2:c3:1a:9a:09:d6:77:16:34 ssh_host_rsa_key.pub (RSA)
[jtosh@primus ssh]$

A responsible admin will make this fingerprint data available to their users in an easy to access medium such as an intranet site or support FAQ.

To make live easy for your users, you might even gather the data in a format that can be automatically imported to their ~/.ssh/known_hosts file with this command: “ssh-keyscan hostname”. The output will look like the data you normally see in your known_hosts file:

primus ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvFnTOj3NyxxD798We9l3HIQGdV/jnqI1nIXjTSnyq45DXRRRgJ1RizwHOaoJVjUlVgvLLfGFA8VR9n2hgOR4b6njmPY9Uw9XR7cqMl/K5OgaIVJ6hbfk5ica+COCK0udmpaMA6Dg3AX4BOqs6UoD2h4GtEOKPGHj5IXRk6T2Zf2eB2tKgJOIeBYXy9sF1jJ4NpW5tQPkqc4DH2HTR7nk/7SLR2N4pSwFanDAjs2END5n6luzW8mofCIzq/t36ZG86N8F2MgAjtQlmFs/7KCaV5JeNFbpXcVZvBPfC5kfAk047bmBfDJWZKZviLOsATSCDA+cIPwx2fhKl5WfY2Wcb

Note, while this command can be ran remotely, for this purpose, it should be run locally from the console immediately after the server is brought online.

Append this data to the end of the file where you keep all your other server public keys so that your users can import everything all at once (or you can put it there for them).

Users: Your job should be easy if your admins have done their due diligence with their server keys. However, if you do need to blindly accept a server’s signature, there is something you can do to immediately attempt to validate your decision… When prompted to accept the warning of unknown keys, go ahead and accept the fingerprint. Once you get logged into the hopefully not-compromised server, even if it’s through a man in the middle, issue the earlier command “find /etc/ssh/*.pub -exec ssh-keygen -lf {} \;” and verify the fingerprint against what you just accepted. If they are different, then you’ve just found yourself at the wrong end of a MITM attack. It’s not a perfect solution because of rootkits and the ability of the MITM to alter what you’re seeing, but at least you’ve just added a tool and some understanding to your own bag of tricks.

Posted in Uncategorized

Setting up and debugging with the Android SDK on Fedora 13

This is a procedure for an initial installation of the Android SDK on Fedora 13.

In my case, I’m just starting to explore possibilities of developing software on the Android platform, but my more immediate need was to help another developer debug some issues I was having with their software on my G1.

The procedures listed here are intended to get you started down the path of development and/or debugging Android applications.

To begin, you’ll need to have eclipse installed:

yum install eclipse

Download the SDK from Google:

cd /var/install; wget http://dl.google.com/android/android-sdk_r06-linux_86.tgz

Extract the files and copy the android-sdk-linux_86 folder to /usr/share

cd /usr/share; tar zxvf /var/install/android-sdk-r06-linux_86.tgz

As your normal user account, add the SDK path to ~/.bashrc:
export PATH=${PATH}:/usr/share/android-sdk-linux_86

Now comes the tricky part – at least it was for me because it was a bit difficult tracking down the repository locations for all the missing dependencies.

For me, I was missing these dependencies:
org.eclipse.gef
org.eclipse.wst.sse.core

To install these dependencies first, Open Eclipse and go to Help -> Install New Software and setup these sources listed by Name and URL:
“Eclipse.org GEF” – http://download.eclipse.org/tools/gef/updates/releases/
“Eclipse.org WST” – http://download.eclipse.org/releases/galileo
“Android Plugin” – https://dl-ssl.goog.com/android/eclipse

Select the WST source and under “Web, XML, and Java EE eve”, select “WST Server Adapters” and install

Then select the GEF source and install the latest GEF SDK version.

And finally, select the Android Plugin source and install the Developer Tools.

From this point, you are able to debug applications that crash with the infamous “force close”. The debugging information is invaluable to the developer in figuring out why something is broken on your phone – remember, there’s tons of different Android phones out there and the developer is probably only working with the one phone he has and not yours.

As root, you’ll need to start the Android Debugging Bridge server on your computer. Dont forget to add the path to the SDK for root’s environment. For this to work properly, you’ll need a udev rule setup to properly recognize the phone.

Edit /etc/udev/rules.d/51-android.rules and add:
SUBSYSTEM=="usb", SYSFS{idVendor}=="0bb4", MODE="0666"

To find the right idVendor code, you could use the lsusb command to identify the right code.

To start the debugging bridge, as root, run:
adb start-server

Plugin your phone and leave it at the locked/charging screen. Use the command “adb devices” to make sure your phone is recognized.

Start capturing debugging information with this command
adb logcat | tee /tmp/debug.txt

Now open your app on your phone and make it (or wait for it to) crash. Once it does, you can browse through the log for messages related to the crash. If you can identify the pid, you might just consider greping the output for that pid and send the results to the developer – rather than the entire output.

Posted in Uncategorized

Gmail SendAs feature might put your organization at risk

Google’s Gmail product has a feature that allows you to send mail from any account for which you have control. If you are an employee of an organization where you have access to any email account, you can link your Gmail account to this email address simply by sending a verification email from Gmail.

The Gmail account settings tab allows you to send a
verification email to an external account.
Here is where you specify the account from which you
would like Google to allow you to send email.
Once this verification email is received, the confirmation
code is used to validate access to the organization’s
email account and the SendAs feature is functional.

Unless there are some safeguards put in place by either Google, or your organization, from this point on, the ability for the individual to send mail as this organization’s email account will remain – even after their employment relationship is terminated.

This can pose innumerable social engineering threats to an organization if this vulnerability is not accounted for and monitored.

For example:

  MIME-Version: 1.0
  Sender: old_employee@gmail.com
  Received: by 10.231.119.29 with HTTP; Fri, 4 Jun 2010 11:42:49 -0700 (PDT)
  Date: Fri, 4 Jun 2010 11:42:49 -0700
  Delivered-To: user@vendorcompany.com
  X-Google-Sender-Auth: IOXDUV4_fUgPyKU_Kn-VK54w2tk
  Subject: Please send me your account list
  From: old_emplyee@yourdomain.com
  To: user@vendorcompany.com
  Content-Type: text/plain; charset=UTF-8

  I need the list of accounts. I am out of the office today so please send
  them to my personal email address: old_employee@gmail.com.

As an end user, to help you identify the use of accounts in this manner, you should review the emails headers for the following clues:
1) “Sender: ” will always be the originating gmail account. Sometimes, certain email clients will offer a subtle clue by showing the message from “user@yourdomain on behalf of user@gmail.com”. This is not always the case and you will have to inspect the email headers to learn the true origin of the email.
2) “From: ” will state the user@yourdomain email account.

There are two fixes for this problem:
1) Google should implement a policy of periodic re-verification of authorized accounts. If a person is terminated, they will no longer have access to the verification code sent to the target email account. If the account cannot be re-verified, then Google’s policy should be to disable the Send As feature for that address.

2) Organizations should monitor incomming mail for signs of use by it’s employees. Any incomming email that fits the known signature of this verification email should be routed to Human Resources so that they can track and remediate access with the employee before the employment relationship is ended.

The easiest way to identify the use of this Gmail feature within your email domain is to programatically identify incomming email messages with the subject line “Subject: Gmail Confirmation – Send Mail as” and the sender being “From: Gmail Team to your Gmail account.\nConfirmation code: “

Posted in Uncategorized

Police Wiretapping jumps 26%

Some interesting numbers and quotes from the article:

Courts authorized 2,376 criminal wiretap orders in 2009.

Federal officials requested 663 of the wiretaps, while 24 states accounted for 1,713 orders.

Not one request for a wiretap was turned down.

268,488 people had text messages or phone calls monitored through the surveillance in 2009, a new record.

Only 19 percent of the intercepted communications were incriminating, the same as in 2008.

The 2009 taps led to the arrests of 4,537 people and 678 convictions.

The numbers in the report do not include wiretap orders in terrorism investigations, which go through a secret court in Washington, D.C.

Wiretaps do not come cheaply, with each order costing on average $52,200.

Read the whole story here: http://www.wired.com/threatlevel/2010/04/wiretapping/

Posted in Uncategorized

Anonymity, Privacy, and Circumvention With TOR

TOR is an acronym for “The Onion Router”, which is a system of proxies designed to allow anonymous access to resources on the Internet.

Jake Applebaum presents his ideas on why everyone needs to consider the use of TOR to support human rights and free speech around the world in the following video:

http://www.net-security.org/secworld.php?id=9300

Posted in Uncategorized

Privacy Box – Anonymous Messaging

How did I miss this??? Perhaps I was DDoS’d by Google Reader? I don’t know, but this was an awesome find for me!

PrivacyBox.de is a free service that allows secure anonymous communications. It’s meant to allow informants to communicate with Journalists, but it’s open for all to use.

While this is a much needed system for whistleblowers and the Press, having a method of anonymous messaging can be a great tool for anyone.

There may be any number of people wanting to communicate a critical or otherwise interesting piece of information to you, but fail because of embarassment, legal/civil liabilities, etc. Could someone want to tell you who key’d your car? Does that neighbor know who broke into your house last week?

But with accepting personal anonymous communications, comes a somewhat heavy burden. Are you mentally prepared receive what may be sent to you? This could be a weapon of mass destruction for an online bully. One needs a keen ability to keep things in perspective when working with this kind of information.

How It Works
To receive anonymous messages, you’re asked to create an account and submit your public crypto keys. When you do so, you’ll be provided several contact form links that you publish to your blog or profile.

To send an anonymous message, you’ll need to know a user’s contact form link as message can only be created through the PrivacyBox.de website. PrivacyBox.de currently provides four methods of access to the contact forms and each of them use SSL/TLS to secure the message while in transit to their system. These methods are:

  • https://privacybox.de/juliantosh.msg (Internet SSL/TLS)
  • https://privacybox.de/juliantosh.mobi (for mobile phone)
  • http://c4wcxidkfhvmzhw6.onion/juliantosh.msg (Tor hidden service)
  • http://privacybox.i2p/juliantosh.msg (Invisible Internet Project)

You may attach one file up to 600k to your messages. WARNING: Since messages are anonymous, use extreme prejudice when opening these kinds of files if received.

The contact form is very simple and does not require the use of Flash or JavaScript so the paranoids can rest easy in this regard.

Once your message has been received by PrivacyBox, it will immediately be encrypted to your public key (OpenPGP or S/MIME). You can configure several methods of delivery in your account profile: POP3, SMTP Forwarding, or I2P Forwarding.

After having sent myself several test message through the system, it’s clear to see they do a good job of sanitizing any signs of the author but for ultimate anonymity while using this system, it’s recommended you access it via it’s TOR (The Onion Router) URL.

Here is an example of what an anonymous email looks like when received:

Here is a screenshot of the account configuration page:

If you would like to send me an anomymous message, I’d love to receive your cowardly advice, critisisms, or suggestions! Try it out!

Posted in Uncategorized