Silk Road forums
Discussion => Silk Road discussion => Topic started by: ampedup on November 19, 2012, 10:30 am
-
Hi all,
Just venturing on this forum to let you all know about AmpedMarket, my new fork of BitWasp. The project is concerned with providing a highly-anonymous, highly-secure and highly-private marketplace (including validation of secure hosting setups).
https://github.com/ampedup/AmpedMarket
I plan to speed up the development much more than the pace of development BitWasp currently is at. I am in contact with the BitWasp developers and plan to work alongside them, my first tasks involve completely documenting the existing BitWasp project (with all documentation being pushed back to the BitWasp project) before deciding where to go from there. There are already some software changes I am moving along with (mostly for security reasons), you can check the project page to see my progress.
There is at this stage one officially supported development environment, and that is Tails 0.14 (The Amnesic Incognito Live System) which allows for safe and completely anonymous project development, with all clearnet traffic blocked (unless you explicitly choose to use the unsafe browser) and even git is set up to work flawlessly through Tor. I care about developer's anonymity as much as the eventual users of this software.
I am keeping development as transparent as possible so people can offer bounties for milestones and actually see that the work is being done.
Want to help contribute? That's awesome. You can either donate to 14B1cC1gMHYbAAoGMMyfiYNJDBQpeMTUz1, or if you want to provide some of your time instead just send me an email at amphetamine@tormail.org and I can help you out, give you contributor privileges on GitHub, etc.
I am active in the SR community under other names, but like to keep my anonymous activities separate from each other :p
It'd be fantastic if you'd help contribute to this project in one way or another, I hope one day spawning a new instance of a Silk Road competitor is a very simple process, would really heat up competition in the marketplace leading to better fees for everybody! :)
-
bump to overcome spam :-\
-
See above. I'll stop bumping with useless posts once the btkoin shit stops showing up.
-
First meaningful reply:
The documentation of BitWasp is now well underway - document should hoepfully be finished in a couple of days (I think I have enough amph to get it done that quickly 8) ). I'm starting to get a real good idea of where the BitWasp project is and how far it is yet to go - it's missing a lot of key components (Bitcoin handling is a biggie!) but thankfully the security-related code is more complete. You can see the progress of the documentation as a PDF file here: https://github.com/ampedup/AmpedMarket/blob/master/bitwasp-analysis.pdf?raw=true
-
Out of interest, why plan on forking BitWasp rather than contributing to it directly (beyond the documentation)
-
Allow me to answer your question as best I can, there are a few reasons why:
1) I didn't know BitWasp developers still cared about the project and are still willing to contribute to development when I started.
2) This gives me total control over the project and respository, means I can get started making whatever changes I see fit. I may choose to go on different design routes to BitWasp. I'm working a lot on the project a lot more often than I'm able to get in contact with other BitWasp developers.
3) At the very least AmpedMarket will be BitWasp + a secure, certified hosting platform config. I plan to take care of as many attack vectors in this project as possible, its scope goes beyond the PHP code.
4) I think it would be better if eventually there were multiple competing open source anonymous marketplace solutions.
Until the documentation is complete I can't really be sure which way it'll go, maybe all the software dev focus will go to BitWasp, maybe it will become it's own distinct piece of software, maybe I'll decide to completely rewrite huge portions of the software. Time will tell!
-
*clappinghands*
-
Hi all,
Just an update, been a bit too busy IRL for the past week to contribute much but I am back on it and armed with a decent amount of amph! Documentation is well underway and a few small bugs have already been patched. Stay tuned for more information!
Bungee54, perhaps you would like to offer a bounty for a portion of development? ;D Even small ones would really help out with motivation!
-
Hi all,
Just an update, been a bit too busy IRL for the past week to contribute much but I am back on it and armed with a decent amount of amph! Documentation is well underway and a few small bugs have already been patched. Stay tuned for more information!
Bungee54, perhaps you would like to offer a bounty for a portion of development? ;D Even small ones would really help out with motivation!
We can offer a MDMA pack with some hash and a gram of our coke :)
Or we just offer 20 BTC ..your choice :)
Keep us updated!
PS: we will donate even more the more work is done....only our name in the credits to show our kids in 50yrs :)
Cheers!
-
Why do I think I need a gallon of gas and some matches? ???
-
Bungee54, thanks for your generous bounty. Not sure which I'd choose, I'd have to get back to you on that one :) Is there a specific milestone you would like reached for this bounty? I'm nearly at the stage of laying out exactly what needs to be done to the BitWasp base to make it a complete marketplace. Bitcoin handling is a big one, it's barely started.
Party Girl, I don't follow, but I'm starting to get into the realm of sleep deprivation.
-
Wasp base to make it a complete marketplace. Bitcoin handling is a big one, it's barely started.
Party Girl, I don't follow, but I'm starting to get into the realm of sleep deprivation.
We must be in the same frame of mind. If I understand you correctly, anyone should be able to create their own version of SR when you are done? While good in many ways like if SR was taken down and other site could to fill the void. I am surprised they would not consider this a threat...
-
Your assumption is correct. Silk Road still has some big advantages, namely its URL (getting one like that is merely a matter of throwing enough CPU/GPU power at the problem) and it's reputation. You always need to be able to trust the owner of the website, and that's something DPR has that no one else does.
This project will benefit SR, as they have full access to the source just like everyone else. There are a number of awesome security features already in BitWasp that SR or other competitors don't yet have, like using PGP as a second level of authentication (i.e. you must possess the *private* key to decrypt the secret given to you by the site to login/change shit). These features aren't mature yet, but when they are they will benefit everybody.
DPR's a libertarian anyway, he'd understand the need for market competition :)
Edit: fixed up technical fuck up with mixing up public/private
-
Bungee54, thanks for your generous bounty. Not sure which I'd choose, I'd have to get back to you on that one :) Is there a specific milestone you would like reached for this bounty? I'm nearly at the stage of laying out exactly what needs to be done to the BitWasp base to make it a complete marketplace. Bitcoin handling is a big one, it's barely started.
Party Girl, I don't follow, but I'm starting to get into the realm of sleep deprivation.
Maybe we and other vendors could get a sneak-peak look at your layout?
SO we may have a look at your talents and ideas...probably others will donate too..
and others could also point out ideas especially on the operational level ..we need many many many small niche markets to strengthen to network,..
some time ago we asked about opinions on pidder.de..of course it is not open for scrutinity..but we would like to see some ideas borrowed,,
First milestone in our opinion should be the definition of the best suited OS server side.
Qubes OS would be cool ...but honestly we are not that versed in what works..but we have researched but we dont have the abilitys to connect the dots.
And the challenge to fill all basic security holes in an easy scripted fashion..
So you already tighten the possiblities for screwing up later...
does this even make sense? we are just thinking aloud.
Pine or LouisCyphre are very good at pointing such stuff out :)
Cheers!
-
Nice work ampedup, very noble thing to give out your code. Same goes for bungee for helping!
I took a look, unfortunately I am not experienced enough to help , but someone will eventually.
Nice idea to use GPG authentication, I 've seen in on bitcoin-otc, it would be perfect for a second-auth like SR's PIN.
Cheers!
-
Bungee54, thanks for your generous bounty. Not sure which I'd choose, I'd have to get back to you on that one :) Is there a specific milestone you would like reached for this bounty? I'm nearly at the stage of laying out exactly what needs to be done to the BitWasp base to make it a complete marketplace. Bitcoin handling is a big one, it's barely started.
Party Girl, I don't follow, but I'm starting to get into the realm of sleep deprivation.
Maybe we and other vendors could get a sneak-peak look at your layout?
SO we may have a look at your talents and ideas...probably others will donate too..
and others could also point out ideas especially on the operational level ..we need many many many small niche markets to strengthen to network,..
some time ago we asked about opinions on pidder.de..of course it is not open for scrutinity..but we would like to see some ideas borrowed,,
First milestone in our opinion should be the definition of the best suited OS server side.
Qubes OS would be cool ...but honestly we are not that versed in what works..but we have researched but we dont have the abilitys to connect the dots.
And the challenge to fill all basic security holes in an easy scripted fashion..
So you already tighten the possiblities for screwing up later...
does this even make sense? we are just thinking aloud.
Pine or LouisCyphre are very good at pointing such stuff out :)
Cheers!
Thanks for the input, I'd not heard of Qubes OS before but it looks pretty cool. At this stage it's looking like it's going to be Tails though - it has lots of anti computer forensics features and most importantly only allows traffic through Tor or I2P, everything else gets dropped. The developers have come up with some really neat solutions to tricky problems of maintaining anonymity.
Qubes looks great from an app security standpoint but there's nothing stopping you from leaking data over IP, so it doesn't really protect you too well. I want the server software to be pretty idiot-proof, and Tails is the only OS I know of that can guarantee anonymity. You could run Tails as an appVM in Qubes, but unless you were actually separating the separate server components it would be useless, and getting two Tails VMs to talk to each other could also be a pain (due to extremely strict network policy to protect anonymity). Running it in a VM also makes some of Tails' anti-forensic features useless (I run Tails in a VM for development, but I'm honestly not as concerned about anti-forensics as I would be if I was running the next SR, most of my actual activity is pretty public anyway).
Tails is nice because although they are already securiy concious folk, remote code execution in a user context won't let you discover IP of the server, best you could do would be to harvest information and send it anonymously over Tor/I2P. This is of course assuming there's no major privilege enhancing bug sitting the linux kernel just waiting to be exploited! There's also the fact that your OS is on read-only media which is nice, and a server upgrade would be as easy downloading a new ISO - everytime you boot the server the latest packages will be pulled down from the repos keeping any additional software used up to date.
I've come across a shell script for Tails that allows you to run a hidden service + lighttpd serving basic HTML pages, just needs modified to start a SQL server and PHP too. Once I've got a working shell script it'd be great if people could help me test it out. There is a Tails server edition in the works, but it's in the early stages. Tails has its own persistence-between-liveCD-sessions handling but I think just using a LUKS encrypted partition is much easier (that's what I'm doing for dev).
I keep getting new ideas for new attack vendors on the site by watching DEFCON, blackhat, CCC, etc. talks, one of the talks I watched on BIOS/firmware based malware was pretty scary - completely undetectable malware that will boot itself from your PCI device firmware and flash itself back to the BIOS if it were ever removed, with the payload being downloaded at runtime and only ever residing in memory, so the actual malware never touches any persistent memory like your HD. Of course you need physical access to the machine to accomplish this, but someone malicious (like a PC tech who installs malware for $$$) might give away access to your system to a nasty individual who if they found out what you were doing could possibly blackmail you (this exploit gives access to your real IP) or just take all your Bitcoins. Moving away from x86 based hardware is the only solution to this flaw, but I don't know if other architectures are immune to this type of attack either (they will probably do better if they are designed post-1981). It's a highly unlikely attack vector but the consequences of it could be huge.
Whatever security measures are used I want it to be such that a PHP/SQL server flaw can't compromise the system (other than a DOS). Perhaps at some stage in the future when the software is nearing completition I will profile the code, look at what PHP functions are used, and do some code auditting of PHP too. That's a pretty low priority right now though.
Computer security interests me quite a bit as you can probably tell :)
If you have some way of doing anonymous, encrypted IM (like jabber + OTR) I'd love to chat with you - easiest way to do it safely is just run Tails and use the preconfigured Pidgin client. I'm ampedup@jabber.ccc.de if you want to join there (a nice local server for you :P).
-
This is awesome, Amped! Definitely has a lot of potential, there are soo many things that could be improved on, building off the Silk Road. As well, there are a ton of things the Road has done perfectly, and to change would be detrimental. I'm very curious to see where you go with this!
Few questions: What do you plan on having different from the Silk Road, Black Market Reloaded, and other websites? What are you offering that the other markets can't or won't? Also, do you plan on operating in escrow?
I am willing to help in any way I can. I have a basic background in security/hacking so if you need any help with securing your website, I might be able to help you. Anything else, let me know!
Cheers,
Litescape
-
This is awesome, Amped! Definitely has a lot of potential, there are soo many things that could be improved on, building off the Silk Road. As well, there are a ton of things the Road has done perfectly, and to change would be detrimental. I'm very curious to see where you go with this!
Few questions: What do you plan on having different from the Silk Road, Black Market Reloaded, and other websites? What are you offering that the other markets can't or won't? Also, do you plan on operating in escrow?
I am willing to help in any way I can. I have a basic background in security/hacking so if you need any help with securing your website, I might be able to help you. Anything else, let me know!
Cheers,
Litescape
Hi Litescape.
Ampedup is not starting a new marketplace.
He ( and probably others ) are creating a open source framework so anybody is able to start his own market.
We would like to see a preconfigured provision to donate an amount ( like in mining pools) to the owner or specific to torservers etc.
It would be great if there could be automatic bountys created that allow everyone to exchange the time for creating tor nodes/relays into BTC .
We dont know about any automatique verification mechanisms ..but imagine being able to make creating an relay mandatory for joining an specific market..
even if it is only on amazon ec2 :) many many ideas here ..but hard to connect the dots :)
-
We would like to see such informations automatically included into an basic wiki which is synced somewhere and distribute to all markets.
http://shadowlife.cc/2012/11/concept-anonymity-online-and-offline-part-i/
http://shadowlife.cc/2012/11/anonymity-online-and-offline-part-ii/
http://shadowlife.cc/2012/12/no-place-to-hide-anonymity-online-and-offline-part-iii/
and the bitcoin OTC tutorial ..and so many more :)
-
This sounds like a great idea. Do you plan on protecting wallets by pre-generating transactions? So to buy something a user sends BTC to a checkout address, transactions are generated for accept/cancel and the site then destroys the key to that address.
This would mean the site could never lose money if it was hacked, might be a bit note awkward to use and wouldn't work with a mixer.
-
This sounds like a great idea. Do you plan on protecting wallets by pre-generating transactions? So to buy something a user sends BTC to a checkout address, transactions are generated for accept/cancel and the site then destroys the key to that address.
This would mean the site could never lose money if it was hacked, might be a bit note awkward to use and wouldn't work with a mixer.
Very interesting concept..
AmpedUp we will contact you 100% soon ..probably after all the holidays...
Some news crumbs for us :) ?
-
I come bearing crumbs! 8)
Probably not gonna seriously be able to get stuck into this project by the new year coding wise, got real life work to deal with till then, but I have spent a LOT of time researching for the project. I think I'm pretty well versed in all the attack vectors we have to worry about across the entire application.
As soon as I get hidden services working in Tails I think I'll have a working server configuration soon, so you can look forward to that :)
I'm very suspicious of BitWasps security as it stands, the views/models architecture it uses (a favourite among web application frameworks) is ripe for information disclosure/data manipulation without actually doing any SQL injection. I know it can be mitigated, but the mitigations just aren't there in the code at this stage. I am of course assuming at this stage that CodeIgniter exposes this vulnerability, but I don't know of any that don't. Also frameworks tend to use low-entropy randomness when I would prefer to use cryptographically secure randomness.
As I am busy in real life unfortunately the project is being pushed along by sober (caffeine excluded) me, that probably means I'll spend more total time but just be less effective per hour spent! Time for my tolerances to ease I guess before I party for new years :D
Will be back with more when I have more to say!
-
Also learnt a bit more about SR's internals after doing a little clever investigation, leads me to think of some interesting possibilities. Will say more once I know more and when I know this information isn't useful to anyone malicious -- I think they've done a pretty good job of securing the app, but I'd like to be sure before disclosing information that may help an attacker.
-
There are a number of awesome security features already in BitWasp that SR or other competitors don't yet have, like using PGP as a second level of authentication (i.e. you must possess the *private* key to decrypt the secret given to you by the site to login/change shit). These features aren't mature yet, but when they are they will benefit everybody.
That would stop phishing attacks dead in their tracks, which the community has been having problems with lately. It would be like multi-sig bitcoin transactions. Maybe you need to PGP sign every bitcoin spend too. Well, security is hard, and that would make the barrier to entry into these markets much higher. It would work great until the first person loses their PGP key, and then we're back to relying on the good will of an anonymous admin somewhere in cyberspace.
I could make a locked down, multiple layers of security, hacker-proof web app, but I couldn't make one that was easy for regular people to use.
That's the hard problem.
-
What do you plan to do about some of the well known attacks for discovering hidden services?
-
There are a number of awesome security features already in BitWasp that SR or other competitors don't yet have, like using PGP as a second level of authentication (i.e. you must possess the *private* key to decrypt the secret given to you by the site to login/change shit). These features aren't mature yet, but when they are they will benefit everybody.
That would stop phishing attacks dead in their tracks, which the community has been having problems with lately. It would be like multi-sig bitcoin transactions. Maybe you need to PGP sign every bitcoin spend too. Well, security is hard, and that would make the barrier to entry into these markets much higher. It would work great until the first person loses their PGP key, and then we're back to relying on the good will of an anonymous admin somewhere in cyberspace.
I could make a locked down, multiple layers of security, hacker-proof web app, but I couldn't make one that was easy for regular people to use.
That's the hard problem.
We want to assure you that there is demand for such apps too! Especially the high and middle tier traders WILL NEED such apps for their private markets and dealings.
We would like to encourage development of both or an app which can be set in different modes for "ultra security / high entry bar / private market " to " standard security / public market".
Thank you guys ! we get more excited with every post here and you guys are awesome assets to the community !
we all owe you !
Cheers!
-
We want to assure you that there is demand for such apps too! Especially the high and middle tier traders WILL NEED such apps for their private markets and dealings.
There's a trade off in moving from centralized to distributed markets. If you look at the Hidden Wiki right now, you'll see that it's spammed by a "vendor" named Eris. You can follow the links to his hidden service. Nobody knows anything about this vendor. Would you send BTC to him? The big value add of SR is that it's a central repository of ratings and reviews that builds confidence in making transactions. If you run your own private market, who should believe your reviews? Will there even be any? Will the whole thing depend on an independent review system?
The social and behavioral economic aspects of anonymous markets are another hard problem, but this one can't be solved by math or coding skills.
-
There are a number of awesome security features already in BitWasp that SR or other competitors don't yet have, like using PGP as a second level of authentication (i.e. you must possess the *private* key to decrypt the secret given to you by the site to login/change shit). These features aren't mature yet, but when they are they will benefit everybody.
That would stop phishing attacks dead in their tracks, which the community has been having problems with lately. It would be like multi-sig bitcoin transactions. Maybe you need to PGP sign every bitcoin spend too. Well, security is hard, and that would make the barrier to entry into these markets much higher. It would work great until the first person loses their PGP key, and then we're back to relying on the good will of an anonymous admin somewhere in cyberspace.
I could make a locked down, multiple layers of security, hacker-proof web app, but I couldn't make one that was easy for regular people to use.
That's the hard problem.
Just make the security optional, although anyone involving themselves with the markets these marketplaces will likely serve should know a thing or 2 about fairly basic security practices. You could have them choose a PIN like Silk Road instead. It's the user's Bitcoins and reputation at risk anyway, not the marketplace owner's, so they have to take responsibility for that.
We want to assure you that there is demand for such apps too! Especially the high and middle tier traders WILL NEED such apps for their private markets and dealings.
There's a trade off in moving from centralized to distributed markets. If you look at the Hidden Wiki right now, you'll see that it's spammed by a "vendor" named Eris. You can follow the links to his hidden service. Nobody knows anything about this vendor. Would you send BTC to him? The big value add of SR is that it's a central repository of ratings and reviews that builds confidence in making transactions. If you run your own private market, who should believe your reviews? Will there even be any? Will the whole thing depend on an independent review system?
The social and behavioral economic aspects of anonymous markets are another hard problem, but this one can't be solved by math or coding skills.
You could set up your own kind of certificate-style trust mechanism for the darknet, where you list people who you trust and only deal with those certified by these trusted parties (a highly decentralized version of certificate authorities for SSL, more for certifying trustability than authenticity though). Anonymity makes trust an absolute bitch to handle, but you can still corrolate trust. If a high volume, trusted vendor on Silk Road decided to start up a marketplace (and used PGP or similar to verify their identity) then you'd be a lot more confident than random new hidden service.
A bit beyond the scope of this project, but it's a cool thing I wouldn't mind getting in to!
-
We want to assure you that there is demand for such apps too! Especially the high and middle tier traders WILL NEED such apps for their private markets and dealings.
There's a trade off in moving from centralized to distributed markets. If you look at the Hidden Wiki right now, you'll see that it's spammed by a "vendor" named Eris. You can follow the links to his hidden service. Nobody knows anything about this vendor. Would you send BTC to him? The big value add of SR is that it's a central repository of ratings and reviews that builds confidence in making transactions. If you run your own private market, who should believe your reviews? Will there even be any? Will the whole thing depend on an independent review system?
The social and behavioral economic aspects of anonymous markets are another hard problem, but this one can't be solved by math or coding skills.
thats clear..but we could establish a open market where we verify ownership via our PGP key..and we would like to establish a private market for all our IRL contacts so finally we can bring them all together without risking much and get a 1% rate in their dealings..there are many who would love to trade but would not give a fuck about the others in broad daylight lol
and we can selectevly invite them..also if the cops fuck us they can continue without any problem..also the monetary exchanges can be made within escrow etc.. many many positives...
of course our market would have a rating system etc,.
who would use one without? okay every minute a sucker is born lol..but
-
What do you plan to do about some of the well known attacks for discovering hidden services?
What attacks are you talking about? I don't think traffic analysis is really worth bothering about because it really is out of our hands and the resources required to carry out such an attack are enourmous. Also the setup required to effectively mitigate such attacks would be a nightmare and certainly go against the project being easy to setup and run (networking servers scattered across the world through Tor would be a pain, and slow). When the markets become decentralized (one of the hopeful end goals of this project), the value in compromising any particular marketplace will diminish very quickly so these types of attacks begin to become obsurd.
Have these methods ever been deployed before anyway? I know hidden services have been shut down before but that's much more likely to be through the owner leaking their details/activity elsewhere on the net or IRL.
You're much more likely to give out your location through misconfiguration, leaking to DNS servers, Bitcoin nodes, etc. (stuff that has nothing to do with Tor)
-
Sooner or later we have to move away from WWW technologies and their shitty vulnerabilities. Decentralization is key.
-
You could set up your own kind of certificate-style trust mechanism for the darknet, where you list people who you trust and only deal with those certified by these trusted parties (a highly decentralized version of certificate authorities for SSL, more for certifying trustability than authenticity though). Anonymity makes trust an absolute bitch to handle, but you can still corrolate trust. If a high volume, trusted vendor on Silk Road decided to start up a marketplace (and used PGP or similar to verify their identity) then you'd be a lot more confident than random new hidden service.
A bit beyond the scope of this project, but it's a cool thing I wouldn't mind getting in to!
Actually, that reminds of the Freedombox. Are you familiar with it? It's a software stack that's supposed to run on a plug computer and provides various services (email, blog, social network) in a privacy-respecting way (distributed, versioned, encrypted back ups, etc). One cool proposal they came up with was in backing up PGP private keys securely. You could select say 5 or 6 (or 20 or 50) trusted friends and send each of them pieces of your private key. They would all have to collude to pwn you, which presumably they wouldn't because you selected people you could trust. If you lost your key, then you contact them, and after they verified who are you, you could reconstitute your private key. Voila! Distributed trust.
That would be more difficult in a truly anonymous network, but it sounds similar to what you were saying. I know you were talking about the web of trust model.
-
What attacks are you talking about? I don't think traffic analysis is really worth bothering about because it really is out of our hands and the resources required to carry out such an attack are enourmous. Also the setup required to effectively mitigate such attacks would be a nightmare and certainly go against the project being easy to setup and run (networking servers scattered across the world through Tor would be a pain, and slow). When the markets become decentralized (one of the hopeful end goals of this project), the value in compromising any particular marketplace will diminish very quickly so these types of attacks begin to become obsurd.
That's a good point.
Have these methods ever been deployed before anyway? I know hidden services have been shut down before but that's much more likely to be through the owner leaking their details/activity elsewhere on the net or IRL.
I think only on virtual models of the Tor network. No live hidden service has been identified through technical attack on the Tor network. Yes, all these attacks are theoretical, but you gotta figure that there will be a first time for at least one of them. You should never bet your security on the incompetence of your adversary.
Anyway, it wounds like an interesting project and I'll definitely be keeping up on it.
BTW, all the research on onion routing (attacks, mitigation, protocol obfuscation, etc) is listed here http://freehaven.net/anonbib/date.html
-
Thanks for the link astor, I will be reading that very, very thoroughly! Also I have not come acoss FreedomBox before, I honestly got the idea from some of Moxie Marlinspike's (totally awesome infosec guy with dreads to boot) work on fixing up the gigantic clusterfuck that is SSL and certificate authorities. His alternative certificate verification system is called Convergence, which works primarily on the premise of network perspective to authenticate certificates for domains (i.e. you talk to 'notaries' distributed across the world, and only trust certificates from servers that match all of those notaries certs grabed for that domain. This solves SSLs biggest problem which is that man-in-the-middle attacks really aren't that difficult - getting your own legit cert for sites you don't own is a piece of cake at some certificate authorities (or you can just hack your way into a CA like Comodo, and if you can even just sniff network traffic leaving a CA you can get certs for any domain ('secrets' are transmitted in plaintext)). With convergence even if you have a legit signed cert for a domain, unless you MITM every single 'notary' it's totally useless. Also means the CAs lose all their power and their license to print money.
The dude's also written some cool software like tortunnel which lets you use just the Tor exit nodes as proxies, fucking great for when you need 600+ IPs from a wide variety of countries, or when you just want a single one to view web content restricted by geographic region :D
P.S. Since watching a marathon of Dexter yesterday I find it hard not to imagine you being the teenage step-daughter of a serial killer
-
Oh yeah, I know a lot about Moxie's work. :)