Tag Archive for: Greatest

Bitcoin’s Greatest Feature Is Also Its Existential Threat

/in


Security researchers have recently discovered a botnet with a novel defense against takedowns. Normally, authorities can disable a botnet by taking over its command-and-control server. With nowhere to go for instructions, the botnet is rendered useless. But over the years, botnet designers have come up with ways to make this counterattack harder. Now the content-delivery network Akamai has reported on a new method: a botnet that uses the Bitcoin blockchain ledger. Since the blockchain is globally accessible and hard to take down, the botnet’s operators appear to be safe.

It’s best to avoid explaining the mathematics of Bitcoin’s blockchain, but to understand the colossal implications here, you need to understand one concept. Blockchains are a type of “distributed ledger”: a record of all transactions since the beginning, and everyone using the blockchain needs to have access to—and reference—a copy of it. What if someone puts illegal material in the blockchain? Either everyone has a copy of it, or the blockchain’s security fails.

To be fair, not absolutely everyone who uses a blockchain holds a copy of the entire ledger. Many who buy cryptocurrencies like Bitcoin and Ethereum don’t bother using the ledger to verify their purchase. Many don’t actually hold the currency outright, and instead trust an exchange to do the transactions and hold the coins. But people need to continually verify the blockchain’s history on the ledger for the system to be secure. If they stopped, then it would be trivial to forge coins. That’s how the system works.

Some years ago, people started noticing all sorts of things embedded in the Bitcoin blockchain. There are digital images, including one of Nelson Mandela. There’s the Bitcoin logo, and the original paper describing Bitcoin by its alleged founder, the pseudonymous Satoshi Nakamoto. There are advertisements, and several prayers. There’s even illegal pornography and leaked classified documents. All of these were put in by anonymous Bitcoin users. But none of this, so far, appears to seriously threaten those in power in governments and corporations. Once someone adds something to the Bitcoin ledger, it becomes sacrosanct. Removing…

Source…

Malware Exploits Security Teams’ Greatest Weakness: …

/in


Users’ distrust of corporate security teams is exposing businesses to unnecessary vulnerabilities.

In early January, Colin McMillen, the lead developer at SemiColin Games, tweeted a warning about a popular Google Chrome extension, The Great Suspender. The utility came under fire after McMillen learned the developer sold it to a third party that silently released a version that could spy on a user’s browsing habits, inject ads into websites, or even download sensitive data.

After a community outcry, the new owner removed the offending code. Now aware of the change of ownership and breach of trust, many savvy users removed the extension.

Even so, The Great Suspender remained available in the Chrome Web Store until Feb. 3, when Google finally pulled the plug. Many of the extension’s 2 million users found out when they received a warning that simply stated, “This extension may be dangerous. The Great Suspender has been disabled because it contains malware.”

While Google eventually set things right, it took too long. McMillen’s tweet shone a bright light on this in January, but comments on the extension’s issue tracker indicate users reported the problem to Google as early as October 2020. This left Chrome users in a potentially vulnerable position for over three months.

How Personal Computers Put Work Devices at Risk
Sometimes, Google Chrome extensions installed on personal computers are automatically installed and synchronized to work devices. This brings their problems into the security team’s purview, which then must make difficult decisions because:

  1. The risks associated with running suspicious extensions like The Great Suspender usually impact the employee, not the company, more.
  2. Before the extension was banned in February, end users had no official indication the extension was potentially malicious.
  3. Despite the risks associated with the extension, users intentionally installed it and, presumably, were happily using it.

Security teams are accustomed to wielding impressive tools that can block, contain, and remediate clear threats. They work best in a world of absolutes, where software is either good or bad, and systems are either secure or vulnerable. In the case of The Great…

Source…

The Greatest Computer Ever Now Gets A New, Injection Molded Clear Case

/in

These were just the contemporaneous hacks for the SE/30 … Now, there’s a project to create new injection molded cases for the Mac SE/30 (and the plain ‘ol SE). These cases will be clear …
mac hacker – read more

Behold the greatest spirographs in the world

/in

Aaron Bleackley

On a recent trip to Vancouver, I visited the Vancouver Hack Space (which is awesome, by the way), just to see what local makers were doing. There I met a soft-spoken guy named Aaron Bleackley who introduced himself as the creator of “the greatest spirographs in the world.” Wait, what? Is that really a thing?

Spirographs were invented in the late nineteenth century by mathematician and electrical engineer Bruno Abakanowicz, but didn’t become a popular toy until the 1960s. They allow you to create a wide range of kaleidoscopic designs by putting your pen into one of many holes in a set of interlocking gears, then using your pen to push the gears around an outer ring. I hadn’t used one since elementary school, but Bleackley’s passion reminded me of how satisfying it was to watch those amazing designs appear under my pencil.

Read 4 remaining paragraphs | Comments

Technology Lab – Ars Technica