Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - kmfkewm

Pages: 1 ... 225 226 [227] 228 229 ... 249
3391
Off topic / Re: Occupy Movement Planning a Philly Convention in July
« on: February 25, 2012, 03:23 pm »
In its purest form democracy means that if 51 out of 100 people want to kill all of the Jews, that all the Jews should be killed. I really don't understand people who are pro democracy, but I think they must be insane.

Of course I do understand the general reason why people are pro democracy. Democracy is generally in favor of socialism because the majority of people have less than the minority of rich people, and they would like very much to democratically vote to take that wealth and give it to themselves.

Republics are bad too. Elected officials will just be bought off by corporations or their own special interests.

There is no good form of government. Everyone should voluntarily invest in private defense agencies until they get strong enough to kill everyone who wants to force government onto others. Government has no legitimate purpose and at its very fundamental core it is based around the evil of stealing,  euphemistically known as taxation. Taxation is the defining characteristic of all governments. Governments are also horribly inefficient with the "services" that they "provide" (paid for with money that they steal so is it really providing? If I point a gun at you, take your wallet, buy an apple from my friends apple stand, and give it to you, did I just provide you with a free apple?), they really exist for the sole purpose of expanding their bureaucracies creating hierarchial systems with the people on top gaining more and more power as the hierarchy gains depth. Of course they also exist to fund these hierarchies with stolen money, and to divert stolen money to various corporate friends who then help them launder it when it ends up in the account of individual politicians.

Government is a cancer on the world regardless of what form it takes. Complete anarcho-capitalism is the only moral system, and Agorism and cryptoanarchy are the strategies that will bring it to be.

3392
Off topic / Re: Occupy Movement Planning a Philly Convention in July
« on: February 25, 2012, 11:45 am »
Democracy is evil

3393
Silk Road discussion / Re: SR Connection timing out. Only Me?
« on: February 25, 2012, 11:32 am »
The problem is SR is so popular that clients are DDOSing its introduction points with create cells to extend Tor circuits through them. Switching to a new circuit or identity will sometimes help because your Tor client discards the old introduction points it is trying to use and if SR has selected new ones it goes to them. SR could fix this issue by switching to the newest alpha version of Tor.

3394
The LD-50 listed for LSD on erowid is 12mg but I think this is highly conservative amount. I have heard other estimates of ~50mg. I am pretty sure if you take even 1mg of LSD per KG you are going to have a pretty substantial chance of death. The pharmaceutical index for LSD makes it extremely non-toxic, but I personally think you may very well be risking death at doses as low as 12mg, and I sure as fuck would never take a thumbprint.

3395
Security / Re: PGP Basic Etiquette
« on: February 25, 2012, 03:34 am »
my rule:

if your key doesn't have the same nym that you have on the forums, don't be surprised when I totally ignore you.

I know a lot of vendors who follow the same basic guideline. STOP NAMING YOUR KEY RANDOM THINGS, WE DO NOT KNOW WHO THE FUCK IT BELONGS TO.

3396
What makes Java insecure? The security rests on the JRE, which in many cases is going to be more secure than what anyone else throws together with C. Also Java applications are immune to buffer overflows. I heard from someone who is a true security pro:

It is hard to write insecure applications with Java. It is impossible to write extremely secure applications with Java. It is easy to write insecure applications with C. It is hard to write extremely secure applications with C.

Also performance is an issue when performance is an issue, for something like this I don't think Java performance is going to be much of an issue.

3397
Security / new anonymous semi-decentralized E-currency voucher safe
« on: February 25, 2012, 12:19 am »
http://voices.yahoo.com/siddley-inc-unveils-anonymous-digital-currency-7420634.html

This has been in development for several years and I hear that Pecunix is about to start using it.

This is certainly going to be the model that is the future of traditional, gold backed E-currency systems. Should offer bitcoin significant competition too, considering it actually has strong anonymity built into it and also is backed by gold so wont have price fluctuations. I wonder if they can resist government trying to shut them down, I am kind of amazed Pecunix in its current state has not been shut down to be honest, but they seem to know all the legal loopholes required to not technically break any laws.

Quote
Design Goals guiding the Siddley team.

1. The system must not be account-based, but constitute a true digital bearer certificate exchange system, where digital wallets exist but accounts do not.
2. To engender user trust in the system, it must be 100% open source, not only for our code but for any code packages or libraries which are utilized.
3. The system must be distributed so that it cannot be shut down by highly organized crime.
4. All data must be encrypted, and handled in such a way that the user does not need to trust any of the system operators. (The sole exception being the Issuer, which must be trusted to store bona fide backing assets.)
5. Payments must be irrevocable, and untraceable. It must be physically impossible for any component, even the VP, to provide a transaction history for any user. That which is impossible cannot be compelled. (See goals 1 and 3.)
6. The system architecture must provide inherent economic benefits to its operators, while minimizing costs to users.
7. To mitigate the threats of DDoS, spam, and easy traffic analysis, HTTP browser and email traffic should be avoided.
8. Given the increasing ubiquity of wireless handheld devices such as web-enabled cell phones, it is desirable not to restrict users needlessly to the desktop environment.

The voucher-safe system is now ready to release as a public beta, using sample money, and completely detached from any other DGC.

It's very important to grasp the fact that voucher-safe is NOT a branch of a DGC, or related to any other DGC. It's an entirely separate software entity.

Any DGC company that backs a voucher is simply partnering with voucher-safe to facilitate a reputable issue that can be trusted and is reliable. This combination is a business relationship that will allow evolved digital gold platforms to continue and operate without taking on the associated P2P payment risks. This is also a very important issue, as we have seen the kind of problems that emerged with e-gold.

We are now at a very special point in Internet payment history as this is a new paradigm, where the issuer and storage facility is NOT involved in payments, and consequently is not a target for immoral authorities. This is an absolute necessity and Voucher-safe.org is the first one of its kind.

The average DGC user would open a vouchersafe and buy vouchers from an exchanger, or sell vouchers to an exchanger... he might never even visit the issuer or digital gold platform that backs the vouchers.

This is a brief interview with one of the designers at Siddley Inc.

(Q) Regarding the new Voucher-Safe Open Source software. Will that only be integrated with one digital gold platform or will the new software be available to integrate with any other digital precious metals or currencies? What I'm really asking is, if next week I come out with [Mark Herpel Gold], MHgold.com, a clone of Pecunix or e-gold, would it be technically possible to use Voucher-safe software with my MHgold product? Could the Voucher-Safe platform spawn a dozen new digital currencies?
The short answer is yes, but under strict supervision.

Independent issuers will need to fit within an acceptable governance and trust regime that we designate. We will maintain full control of the voucher publishing function.

The voucher safe client software will be released as open source for peer review, but the developers have agreed that other components of the system (such as the voucher publisher) will not be released until some time in the future. We need to ensure that the voucher-safe system does indeed stay safe and trustworthy with reputable issuers so it's name doesn't get tarnished.

(Q) Do you anticipate that Voucher-Safe products will be well received by existing third party exchange agents?
I see no reason why not. They are secure, private, and easy to use and the potential for profit is the same as any other exchange product. My perception is that exchangers are driven to support the products their customers request. If there are customers using voucher-safe the exchangers will support them.

(Q) How about retail customers... do you feel this product will be well liked?
Retail customers are as likely to take to the vouchersafe as they have taken to Pecunix or other digital currency systems. These all remain niche products that serve a special purpose for those who use them.

The voucher-safe system is in many ways like a digital cash, with the privacy benefits of cash and the convenience benefits of on-line payment. There are a number of internet markets that will benefit from the use of vouchers.

A phone based voucher-safe will also be developed soon, so that voucher payments can be made anywhere your phone connects to the internet. That will probably increase the uptake of the system and introduce it to new markets.

(Q) How long has Voucher-Safe been in development?
About 3 years now.

(Q) Where can I get more information on using Voucher-Safe and all the OS details?
There is a wiki site at http://www.voucher-safe.org that we plan as a portal to keep all the latest technical information up to date. There are also a number of user resources there, such as developer community forums and technical information. Voucher-safe.com is the place for the average user to get started. There they can get simple instructions to get started and avoid all the technical complexities that go on behind the scenes. They can also find help and tutorial resources there.

(Q) Can you briefly any relationship between Voucher-Safe and the digital gold platform that backs the vouchers?
The voucher-safe system is not integrated into the digital gold company at all, they are separate systems. The digital gold platform does however access the voucher-safe system to facilitate the voucher issue and redemption process. There will be a facility in the digital gold platform account that allows a verified user to convert some gold to a voucher and send it to a voucher-safe, or the reverse.

(Q) What level of security and privacy measures have been built into Voucher-Safe?
Voucher safe is extremely secure. It's designed from the bottom up using strong cryptography as the foundation. Privacy is as good as it gets.

Voucher-safe payments are peer to peer payments, there is no single server in between the two parties. Consequently there is no third party record of payments, only the two safes directly involved in the payment know the details of the transaction.

(Q) What can you tell me that should make me feel all warm and fuzzy about using this product?
If you care about security and privacy, there is absolutely nothing better than voucher safe at present. When you use an on-line payment system or money system you need to be able to trust the company that is providing the service. Pecunix has provided reliable and trustworthy service for more than 10 years and PXGold is the new offering from Pecunix that combines all the experience of those 10 years into issuing a better product.

Furthermore, the system has been designed such that one does not need to trust the system operators. That is, there is no component in the distributed system that could be hacked or seized or operated maliciously, which would compromise the security or anonymity of user transactions.

I should also mention that the software has been developed in Java specifically to be platform independent, so it should work well on any operating system that can run a recent Java Virtual Machine.

We have tested the voucher-safe extensively on Mac, various versions of Windows and multiple versions of Linux. Next year we will get to testing a version to run on the more popular smart phones.

(Q) Are there any close companion products that act like Voucher-Safe already on the market?
Not to my knowledge. There are other attempts at digital cash type payment systems, but none that have the experience, planning and reputation behind them like Pecunix. What we have here is a true digital wallet where each independent wallet holds specific digital vouchers that belong to the wallet owner; this is not a traditional account-based system and there is no "statement of account" anywhere.

I am unaware of any other digital cash like product that stores the cash and all records redundantly "in the cloud" so that the value is protected from any loss or crash of a computer/phone etc. Storing the value and transaction records in the cloud also means that the voucher-safe can be accessed from any computer that has an internet connection, anywhere, any time.

(Q) In other words is there any competition already operating?
Not that I know of.

3398
http://andrewmcmillen.com/2012/02/07/australian-penthouse-story-the-high-road-silk-road-an-online-marketplace-like-no-other-january-2012/

3399
http://onlinelibrary.wiley.com/doi/10.1111/j.1360-0443.2011.03709.x/full

Quote
Internet and digital technologies have been discussed recently by Addiction contributors in relation to the delivery of efficient computer-delivered brief interventions [1,2], online methodologies for recruiting and surveying illicit drug users [3] and the internet's role in facilitating the spread of information and sale of emerging drugs such as mephedrone [4] and synthetic cannabinoids [5].

Here, I introduce readers to a novel use of the internet in the drugs field. The anonymous online drug market-place Silk Road was first revealed in June 2011 [6]. Silk Road is accessible only to people who are using Tor anonymizing software [7]. Tor uses encryption to make it impossible for anyone to trace IP addresses (the electronic code assigned to each computer on the internet). The front page of Silk Road looks a great deal like the front page of eBay. Goods and services for sale are categorized and all manner of drugs are available under the following categories: ecstasy, cannabis, dissociatives, psychedelics, opioids, stimulants, benzodiazepines and other. Sellers receive ratings from buyers and comments about the quality of their products, how fast they ship and the level of professionalism and discretion of the transaction. Trust in sellers is built on reputation. Silk Road traders use the anonymous currency Bitcoin [8]. This decentralized international currency operates through peer-to-peer technologies.

At the time of writing (October 2011), Silk Road is still online and continuing to expand. Facilitated by a combination of the internet and encryption technologies, buying and selling illegal products is now possible and may increase dramatically in the future. What may stop an exponential increase in the use of anonymous online drug market-places is the hurdle of delivery. At the end of the transaction, the physical product still needs to be sent to the buyer. Sending products between countries allows law enforcement the opportunity to intercept packages and potentially attempt to arrest the would-be importer. Sending products within the same country may make arrest less likely. There are also numerous barriers to entry for people who might want to use Silk Road. Installing and using Tor, buying and using Bitcoins in a secure way and taking the risk of fraud or arrest upon delivery may deter the majority of would-be users. Nevertheless, for the minority who master these concerns and are willing to take the risk, Silk Road has revolutionized how the internet can be used to source drugs. After all, buying drugs in the real world also involves considerable risk. For some, the online equivalent may prove more convenient and secure than arranging a standard deal.

There are many unanswered questions about Silk Road. The extent to which law enforcement can stop and disband a site such as this is yet to be seen. The extent to which drug users will use this new technology is also unknown. Needless to say, if anonymous online drug markets do end up expanding into mainstream drug markets, they will pose a real challenge to existing drug laws and policies. We should definitely watch this space.

3400
Security / Re: GPG for Linux Users
« on: February 24, 2012, 06:39 pm »
also you can use

echo "public-key-goes-here" | gpg --import

for importing public keys

and you can use

gpg --list-keys

to show all the keys you have

3401
Security / Re: GPG for Linux Users
« on: February 24, 2012, 06:31 pm »
just use linux terminal it makes things much snappier

Quote

This is cross platform. These commands are meant for being typed into a terminal. It really is very easy to use GPG this way and I prefer doing it this way to using any GUI solution.

To clear sign a message, so the message is displayed with a signature, type the following:

echo 'Message to sign here' | gpg --clearsign

hit enter and you will be asked for your passphrase. After providing your passphrase, it will print the signed message

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Message to sign here
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk7Oi6AACgkQZU8eyBD0KgmoHACffnfJAVsStRRBWUStd/0GeEwY
QWUAnA2IcQeZp7MWgsRKs6jyJO743NLC
=TqKf
-----END PGP SIGNATURE-----

To verify a signature type the following:

gpg --verify | cat -v

hit enter and a blank line is printed. Paste the message you would like to verify directly here, and hit ctrl-d. The signature will now be verified.

To asymmetrically encrypt a message type the following

gpg -e -a | cat -v

hit enter, and you will be asked for the user ID to encrypt the message to. Here you can enter either the E-mail, name or user ID of the recipient. This is why it is important for people to use the same name on their key as they use on forums, so vendors can simply type the name in here. People who use different key names than forum names should seriously just be ignored because they are fucking annoying. Anyway, enter the user information of everyone you want to encrypt your message to, hitting the enter key after each name. You can enter as many user IDs as you like.

after you have entered every nym you would like to encrypt the message to, hit enter again without adding an additional nym. A blank line will be printed. Now type the message you would like to encrypt on this blank line.

When you are done typing the message to encrypt, hit ctrl-d and the ciphertext of your message will be printed

To symmetrically encrypt a message type the following

gpg -c -a | cat -v

type the symmetric password you would like to encrypt the message with. You will need to do this two times to verify the password.

After typing the password twice, a blank line will be printed. Type the message you want to symmetrically encrypt here, followed by hitting ctrl-d. The ciphertext of your message will be printed.

To decrypt a message type the following

gpg -d | cat -v

a blank line is returned. Paste the ciphertext of the message you would like to decrypt. You should immediately be asked to enter your passphrase. After typing your passphrase and hitting enter hit ctrl-d to display the plaintext of the message. If the message was signed with a private key that correlates with a public key you have on your keyring, the message will be authenticated automatically.


important note: you should prepend commands with a space so that you don't save the plaintext of what you sign in your terminal history. Adding a space prior to a terminal command makes it so that it is not saved in the history. Does not work on FreeBSD to prevent being saved to command history (tested on 7.1 and 8.1)"

3402
Security / Re: An idea for SR to keep addresses safe as well as money
« on: February 24, 2012, 06:25 pm »
using GPG works better

3403
Off topic / Re: Easiest Contest Ever
« on: February 24, 2012, 06:20 pm »
MDPV

3404
there were private online drug markets using e-gold, pecunix and liberty reserve for many years prior too

3405
I posted this in Obamagirls thread but since there are a few people doing lottery drawings I figure I might as well make a thread just for it. If you follow this protocol you can prove that you are not running a rigged lottery, should put your customers at ease:

Quote

Actually you can verify randomness of the winning number as well as create a publicly audited trail:

Everyone who buys a ticket should be able to contribute a hashed string to the drawing, publicly in a thread. For example, if I buy a ticket, my post might look something like this:

"44 -  f83c8339f054e4e8dcc0c7654cb5e4ed"

the next persons post might look like this

"12 - a1b2f6b60148eb3e8fb710ca03b3f929"

etc.

at the end of the drawing, everyone should have a small time frame in which to 'unblind' their hash, for example I can show that the md5 value of 63247236723 is  f83c8339f054e4e8dcc0c7654cb5e4ed , and the next person shows that the md5 value of 37263746299 is a1b2f6b60148eb3e8fb710ca03b3f929. At the end of the drawing put everyones strings together in the order they were posted, for example: 6324723672337263746299 and take its md5 value: 08ea086631a1a1e32743e4e04c0cb1e9

then you can make the winning number somehow based on the resulting hash. Maybe take the first 5 numbers added together as the winning number: 0 + 8 + 0 + 8 + 6 = 22 is the winning number. So the person who picked 12 wins because they are the closest. The winning number would be between 0 and 45.

Now no one person can determine the final number because everyone who participates influences it. The entire process can also be audited by everyone. Problem solved.
 

edit: people shouldn't be limited to posting the hash of a number, that way there is more randomness and hash values can not be easily brute forced. They just need to verify what hashes to the string they post.

edit II: Obamagirl should also post a hash value and be the last person to unblind it prior to the drawings conclusion, that way the last person can not see what the current number is and decide not to unblind their own if they are the winner

Pages: 1 ... 225 226 [227] 228 229 ... 249