Bitcoin wallet update trick has netted criminals more than ...

If I run a bitcoin-qt wallet behind a router without port forwarding, am I operating a full node?

Was wondering if I really am contributing to the network overall.
submitted by andyjeff76 to Bitcoin [link] [comments]

DV/ABUSIVE COURT There's more to this Nightmare

their father worked for the local internet company decided to spy on me admitted it openly don't have perfect evidence of that at the moment either because I lost the online accounts it was saved on or impossible to connect to any printers. He later quit internet company and work for the electric company then Microsoft . Once he spied on me long enough he felt he had evidence and dirt on me enough to raise my child support to a very unreasonable amount when I already paid 100% for the children and paid a good amount of child support every month and had them 40% of the time . I could not afford to pay it he decided to kidnap my younger one during the times that I would have always have her. My children have been going through the domestic violence an abuse their entire life. the day of the trial hearing, I had denial of service attack. where I could not get Wi-Fi nor data on mobile. that I have always paid for. Which made it so my alarm did not go off and I was late for trail. yes the guardian of alliance said the children would be super with me if I was more stable. which was because online it says I have about 10 more addresses than I actually lived at. She said the kids were not safe with him and his wife. my son 17 yrs, went in courts filed for two restraining orders & provided proof of physical abuse and he was deneyed the judge did not seem to feel as if it was abuse . One day I received a call from my children's father. I was hoping you wanted to discuss the children but all I could hear on the other end Were sounds of computers, similar to a fax machine. Shortly after that I lost all my online accounts had a brute Force attack. My last pass and keeper did not help me either because I couldn't reach them or because they chose not to help. I noticed the last time I was able to access my passwords some of my accounts were changed to my social security number. Which I would never do. So my identity any form of privacy,all my work art an memories gone. my whole digital Life. My son who is in high school lost a lot of his hard work and the Mac, I recently purchased for. I could not access our router majority of the time. while my internet company where he used to work, lied to me and said there's no such thing as a network hack and we're not willing to help. I could not use our cellular data or Wi-Fi on my electronics but majority of the family still could use the internet on some of their mobile devices. I was panicking trying to reach my customers the company that I subcontracted for but unfortunately I was redirected to spammers. I ended up using all of our financial savings to pay rent and buy more mobile devices a new computer and any type of internet security I could possibly fine in a very small town. I could not buy anything else online I had too many online fraud charges that I was continuously fighting. I could not use the vpns I always would get a sever error and my antiviruses somehow were rerouted and I would continuously be locked out. Majority of the new electronics I bought would be compromised and controlled within minutes to a day or two, thanks to the Internet of things. My family can't even reach out for help with their hack devices services with the same local internet company. They are constantly being overcharged slow connection and additional charges like voice over IP . I've purchased at least 10 phones in the last year. My cell phone companies either have no clue or ignored me or treatme as If I was a terrorist, who was just begging to get help controling my data and my children's baby photos. I've gone through over a hundred emails since I kept losing access to them even though I had the password written down. I had DNS poisoning so majority of the websites. I still am I can't even get court forms sometimes server cant find Wacourt.gov & washingtonhelp.org I can't seem to talk to a lawyer that I've been approved for multiple times through the Northwest Justice project. for my mobile phone will consistently hang up. I can't call the non emergency 911. My emails don't go through or are blocked. Many websites I visit seem to be cloned in insecure. JavaScript would not give me access to majority of the security settings in all my browsers. There is always new extensions and apps and open source license for untrustworthy certificate and cant reach the same security settings in my browsers. I cannot turn on or off like family sharing when I don't even have a family connected to that mobile device. Can't turn off USB tethering and Google pay and apple wallets has multiple transactions not by me. cannot turn them off or use them. for they are lightened out or I don't have access. Sim card & ip always changed. 5000 $ in extra international charges hit my credit report along with new numbers emails and new addresses. Cant reach for help when device have so much static and lose connection. If I try to connect my email account to a computer. It will say I need a physical key to access it. as if I set it up myself. when every computer I own now Is broke or has locked me out. I gave up but was sad for I could not keep tabs or communicate with my children. unless I borrowed a phone. They mapped out my family and contacts so if I were to borrow a phone and try to reach out for help I usually reached spam or foreign hotline or got disconnected. Then the locals were acting strange. Like sitting outside our house taking photos of us &things were stolen of property. When we were out of town. then the landlord had strange men over pretending to fix things that didn't need to be fixed installing pipes underground , laying down new soil& having some Wi-Fi farming company working in our yard 5:00 a.m. I also notice a few times the electric companies employees were messing with our power boxes, in the middle of the night . Then My photos came out extremely bright. the family videos look like we lived in a microwave oven. I know it's very strange! I do have evidence. If I would get a new router my children's father would come over take the children and their phones from them and install something on their device saying that he had to change the password on their Netflix account, so he needed to use their phone. When I would purposely break the router the electric company would show up before the internet cable company and be across the street fixing power lines. bought the children new phones and then he puts another restraining order on me and the children saying that I stole my daughters phone and won't allow her to use it. when she didn't want to use it for some reason she has on 5 gb and ends up with no data within a couple days and has to use Wi-Fi all the time. Apple finally told me they couldn't help me with iphone for it was a government issue. I thought that was hilarious for I didn't do anything wrong unless the person who was using my accounts did. I figured it would pass I mean if you're under an investigation. it would only be for a few months right ? Not two years ! well nothing happened I mean there was no reason for anything to happen. I did notice that police were driving by the house a lot. Then I thought maybe it must have been my roommate they might be after. Then why am I the one who lost everything and dealing with network abuse. My roommate was in a bad guy he did have a bit of a criminal history but nothing considered to be violent maybe just a couple drunken stupid events. Then during the process of moving my children and roommates out of the house.while drivin my car mysteriously blew up because of some electrical issue. Luckily the children were not in the car. There were no warnings & no issues with car. It took the fire department about two minutes find me but it was totaled. I could not afford to fix it or have a mechanic look at that time . Then somebody I did not no had it towed and I lost it. I was in the router that I can't get into majority of the time and saw a port forwarding to a local Bitcoin mining pool. Then it I received another server error . He continues to harass me and threaten me or he knows everything we do in our own privacy our own bedrooms where we're going who we're going with how much money says he's recording everything it seems to know everything before I can even share it with a girlfriend. He's throwing everything against me in The family Court and continues to commit perjury while I have proved him wrong multiple times but still aren't getting the protection and respect in this local small town courtroom I have currently moved to Spokane Washington to get away from it I do the traveling for the judge is now took my daughter from coming to Spokane Washington and requiring me to stay with my children at my parents home. When they are almost fully grown she is going to be 15 soon she should have a choice to bpick who she feel safe enough to live with. without him constantly tracking and destroying every electronic I have after calling my daughter then receive Non-Stop spam and scripts over SMS and once I go to my parents more and more viruses are downloaded. I've been told multiple times by a few computer companies and files that I have some sort of invisible beacon. How ? Seattle times has reported that the local electric company and crypto miners are being questioned for unauthorized usage of other families in the small town electricity for maximum power leaving us in a unsafe situation to build more cryptocurrency . Please I appreciate Any help and advice!
submitted by u-turnshe to FamilyLaw [link] [comments]

How to run a bitcoin node as a traveling digital nomad?

I would like to upgrade my bitcoin citizenry status and operate a full node, but the problem is, I have not found an easy solution that works with my lifestyle.
I am a "digital nomad". I do not have any permanent home base. The longest I normally stay in any single location is about a month.
I travel light, since my entire life needs to fit into luggage.
Hardware that is already in my travel kit includes an iPhone, a Macbook, and a Trezor one.
Is there an easy solution to running a full node with this kind of lifestyle?
Can I utilize any of my current kit sufficiently? Or do I need separate/additional hardware?
Does it make sense to run a full node from my MacBook? Would this interfere with how I need to use and rely on my MacBook for my other tasks/work?
Do regular and intermittent internet stoppages matter? (Since I travel often, the node would be disconnected often and reconnected to a new WiFi network,etc).
Any insight and recommendation is greatly appreciated. Cheers
submitted by SpockSays to BitcoinBeginners [link] [comments]

Bitcoin Core Full Node - Almost giving up

Hey all,
I installed Bitcoin Core on an external 1TB Hard Disk, downloaded the entire blockchain in less than 18 hours and got synced.
Everything nice and smooth but I can't open the infamous Port 8333, so I continuously have only 8 outbound active connections and still 0 inbound connections (I can't open Port 8333 because I don't know how to do it).
I searched on the web but really I can't figure out how to solve this issue, I couldn't find any comprehensible help. I'd love to run a full node and contribute with my means to the network. I think that everyone of us should run a full node even if it looks like tech savvy stuff. Though, I don't get why it has to be so complicated.
Any suggestions?
Would love to hear your experience.
Thanks
submitted by ama8999 to Bitcoin [link] [comments]

The events of a SIM swap attack (and defense tips)

Posted this on Coinbase and someone recommend it also be posted here. The information below on an attempted SIM swap attack was pieced together through a combination of login and security logs, recovering emails initiated by the attacker that were deleted and then deleted again from the trash folder, and learning from AT&T’s fraud representatives. The majority if this is factual, and we do our best to note where we are speculating or providing a circumstantial suspicion. TLDRs at the bottom.
The full story:
We were going about our business and received a text from AT&T that says “…Calls & texts will go to your new phone/SIM card. Call 866-563-4705 if you did not request.” We did not request this, and were suspicious that the text itself could be a phishing scam since we searched the phone number and it wasn’t overtly associated with AT&T. Thus, we tried calling AT&T’s main line at 611 but all we hear is beep beep beep. The phone number is already gone. We use another phone to call AT&T and at the same time start working on our already compromised email.
While we didn’t see everything real time, this is what the recovered emails show. In less than 2 minutes after receiving the text from AT&T, there is already an email indicating that the stolen phone number was used to sign into our email account associated with Coinbase. 2 minutes after that, there is an email from Coinbase saying:
"We have received your request for password reset from an unverified device. As a security precaution, an e-mail with a reset link will be sent to you in 24 hours. Alternatively, if you would like your password reset to be processed immediately, please submit a request using a verified device.
This 24 hour review period is designed to protect your Coinbase account."
This is where Coinbase got it right to have a 24 hour review period (actually a recovery period) before allowing the password to be reset. However, the attackers knew this and planned to steal the second email from Coinbase by setting email rules to forward all emails to a burner address and also have any emails containing “coinbase” re-routed so they don’t appear in the Inbox. 5 minutes later, they request a password reset from Gemini and the password was reset to the attacker’s password within a minute after that. The next minute they target and reset DropBox’s password followed immediately with Binance. Less than 2 minutes later, an email from Binance indicates that the password has been reset and another email arrives a minute later indicating a new device has been authorized.
It’s at this point that we begin locking the attacker out by (1) removing the phone number as 2FA (2) changing the email password, (3) and three forcing a logout of all sessions from the email. There was a bit of back and forth where they still had an active login and re-added the stolen phone number as 2FA.
They added only one more password reset to a gaming account that was not deleted. I can only suspect that was a decoy to make it look like the attack was directed at gaming rather than finances.
The Gemini and Binance accounts were empty and effectively abandoned, with no balances and inactive bank accounts (if any), and no transactions in 1-3 years. DropBox had no meaningful files (they probably look for private keys and authenticator backups) and the phone number they stole from us was suspended, so as far as the attacker is concerned, there is no meat on this bone to attack again… unless they had inside information.
This is where I suspect someone internal at Coinbase receiving wire deposits has been compromised in tipping off ripe accounts – accounts with new and somewhat large balances. We had completed a full withdrawal of funds from Coinbase earlier in the year, and had a balance of less than $20 heading into May. Deposits to Coinbase staggered in to get above six figures through mid-May then stopped. The attack occurred 7 days after the last large wire deposit was made to Coinbase.
From the perspective of an attacker that had no inside information, we were a dead end with abandoned Gemini and Binance accounts with zero balances and stale transactions, no DropBox information, and the suspended phone number access. Our Coinbase deposits were known to no one except us, Coinbase, and our bank. We were also able to stop the hacker’s email forwarding before Coinbase’s 24 hour period to send the password reset, so this one didn’t work out for the attackers and it would make sense for them to move on to the next rather than put efforts into a second attack only for Coinbase - for what would appear to be a zero-balance Coinbase account based on the other stale accounts.
Then…23 hours and 42 minutes after the first attack, another message from AT&T “…Calls & texts will go to your new phone/SIM card. Call 866-563-4705 if you did not request.” Here we go again. We had been confident in AT&T’s assurances that our account had been locked and would not be SIM swapped again, so we unwisely added the phone number back to our email account as a backup (it’s now removed permanently and we use burner emails for account recovery like we should have all along).
Upon seeing that our phone number had been stolen again I knew they were after the Coinbase reset email that was delayed by 24 hours from Coinbase as part of their security. We did 4 things within 2 minutes of that text: (1) removed the phone number again from the email account – this time for good, (2) market sell all Bitcoin on Coinbase, (3) withdraw from Coinbase, (4) have AT&T suspend service on the phone line.
In speaking with AT&T, they were floored that our SIM would be transferred again in light of all the notes about fraud on the account and the PIN being changed to random digits that had never been used by us before. Based on the response of disbelief from AT&T on the second port, I suspect that this attack also involved a compromised AT&T employee that worked with the attacker to provide timely access to the Coinbase password reset email. Apparently, this has been going on for years: https://www.flashpoint-intel.com/blog/sim-swap-fraud-account-takeove
with phone carrier employees swapping SIMs for $80s a swap.
Remember that most of this was hidden in real time, and was only known because we were able to recover emails deleted from Trash by the attacker.
Since we require any withdrawals to use Google Authenticator on Coinbase, our funds may have been secure nonetheless. However, under the circumstances with attackers that were apparently working with insiders to take our phone number twice in attempts to steal Bitcoin, and it being unknown if they had additional tools related to our Google Authenticator, we decided it was safer on the sidelines. The coins were held on the exchange for a quick exit depending on whether Bitcoin was going to break up or down from $10,000. A hardware wallet is always safest, but we were looking to time the market and not have transaction delays.
For some some security recommendations:
AT&T: If you are going to send a text saying that calls and texts are moving to a new number, provide a 10 minute window for the phone number to reply with a “NO” or “STOP” to prevent the move. This can escalate the SIM dispute to more trusted employees to determine who actually owns the line. Don’t let entry level employees swap SIMs.
Coinbase: Do not default to phone numbers as 2FA. Also, if someone logs in successfully with the password before the 24 hours are up, the password is known and there is no need to send the password reset email again for attacker to have forwarded to them. At least have an option to stop the password reset email from being sent. We did not tag our account at Coinbase with fraud because of the stories of frozen funds once an account is tagged. I’m not sure what the solution is there, but that is another problem.
Being a trader, it would be nice to think of Coinbase as any other type of security brokerage where your assets are yours (someone can’t steal your phone number and transfer your stocks to their account). We fell into that mindset of security, yet this experience has reminded us of the uniqueness of cryptocurrency and the lack of custodial assurance and insurance from exchanges because of the possession-is-everything properties of cryptocurrency.
As many have said before, 2FA with a phone number quickly becomes 1-factor authentication as soon as that phone number is associated with password recovery on your email or other accounts. Our overall recommendation is to avoid having a phone number associated with any recovery options across all your accounts.
TLDR on the process:
Scammers will steal your phone number (in our case twice in 24 hours) and use your phone number to access your email and accounts. They will use your email to reset passwords at financial accounts and file hosting such as DropBox. They will then use that combination to transfer any assets they can access from your accounts to theirs. They will do their best to hide this from you by
(1) not resetting your email password so as to raise suspicion,
(2) immediately delete any password reset emails you may receive from financial accounts to hide them from you,
(3) attempt to forward all emails sent to your address to a burner email, and
(4) set email rules to forward emails containing “coinbase” to an email folder other than your Inbox so that you don’t see the transactions and password reset emails that arrive to your inbox.
TLDR on defense tips: If your phone stops working or you receive a text of your number being ported do the following as soon as possible:
(1) log into your email account(s) associated with your financial accounts and remove your phone number as 2FA immediately
(2) change your email password,
(3) force a logout of all sessions from your email (at this point you have locked them out), then
(4) check your mail forwarding settings for forwards to burner addresses,
(5) check your mail rules for rerouting of emails from accounts such as Coinbase, and
(6) call your carrier to have them suspend service on your lost phone number and ask them to reinstate your SIM or get a new SIM. This will require a second phone because your personal phone number has been stolen.
We hope this helps some others be safe out there in protecting their coins. The more we know, the more we can protect ourselves. Wishing you all the best!
submitted by etheregg to CryptoCurrency [link] [comments]

The events of a SIM swap attack directed at Coinbase (and defense tips)

The information below on an attempted SIM swap attack was pieced together through a combination of login and security logs, recovering emails initiated by the attacker that were deleted and then deleted again from the trash folder, and learning from AT&T’s fraud representatives. The majority if this is factual, and we do our best to note where we are speculating or providing a circumstantial suspicion. TLDRs at the bottom.
The full story:
We were going about our business and received a text from AT&T that says “…Calls & texts will go to your new phone/SIM card. Call 866-563-4705 if you did not request.” We did not request this, and were suspicious that the text itself could be a phishing scam since we searched the phone number and it wasn’t overtly associated with AT&T. Thus, we tried calling AT&T’s main line at 611 but all we hear is beep beep beep. The phone number is already gone. We use another phone to call AT&T and at the same time start working on our already compromised email.
While we didn’t see everything real time, this is what the recovered emails show. In less than 2 minutes after receiving the text from AT&T, there is already an email indicating that the stolen phone number was used to sign into our email account associated with Coinbase. 2 minutes after that, there is an email from Coinbase saying:
"We have received your request for password reset from an unverified device. As a security precaution, an e-mail with a reset link will be sent to you in 24 hours. Alternatively, if you would like your password reset to be processed immediately, please submit a request using a verified device.
This 24 hour review period is designed to protect your Coinbase account."
This is where Coinbase got it right to have a 24 hour review period (actually a recovery period) before allowing the password to be reset. However, the attackers knew this and planned to steal the second email from Coinbase by setting email rules to forward all emails to a burner address and also have any emails containing “coinbase” re-routed so they don’t appear in the Inbox. 5 minutes later, they request a password reset from Gemini and the password was reset to the attacker’s password within a minute after that. The next minute they target and reset DropBox’s password followed immediately with Binance. Less than 2 minutes later, an email from Binance indicates that the password has been reset and another email arrives a minute later indicating a new device has been authorized.
It’s at this point that we begin locking the attacker out by (1) removing the phone number as 2FA (2) changing the email password, (3) and three forcing a logout of all sessions from the email. There was a bit of back and forth where they still had an active login and re-added the stolen phone number as 2FA.
They added only one more password reset to a gaming account that was not deleted. I can only suspect that was a decoy to make it look like the attack was directed at gaming rather than finances.
The Gemini and Binance accounts were empty and effectively abandoned, with no balances and inactive bank accounts (if any), and no transactions in 1-3 years. DropBox had no meaningful files (they probably look for private keys and authenticator backups) and the phone number they stole from us was suspended, so as far as the attacker is concerned, there is no meat on this bone to attack again… unless they had inside information.
This is where I suspect someone internal at Coinbase receiving wire deposits has been compromised in tipping off ripe accounts – accounts with new and somewhat large balances. We had completed a full withdrawal of funds from Coinbase earlier in the year, and had a balance of less than $20 heading into May. Deposits to Coinbase staggered in to get above six figures through mid-May then stopped. The attack occurred 7 days after the last large wire deposit was made to Coinbase.
From the perspective of an attacker that had no inside information, we were a dead end with abandoned Gemini and Binance accounts with zero balances and stale transactions, no DropBox information, and the suspended phone number access. Our Coinbase deposits were known to no one except us, Coinbase, and our bank. We were also able to stop the hacker’s email forwarding before Coinbase’s 24 hour period to send the password reset, so this one didn’t work out for the attackers and it would make sense for them to move on to the next rather than put efforts into a second attack only for Coinbase - for what would appear to be a zero-balance Coinbase account based on the other stale accounts.
Then…23 hours and 42 minutes after the first attack, another message from AT&T “…Calls & texts will go to your new phone/SIM card. Call 866-563-4705 if you did not request.” Here we go again. We had been confident in AT&T’s assurances that our account had been locked and would not be SIM swapped again, so we unwisely added the phone number back to our email account as a backup (it’s now removed permanently and we use burner emails for account recovery like we should have all along).
Upon seeing that our phone number had been stolen again I knew they were after the Coinbase reset email that was delayed by 24 hours from Coinbase as part of their security. We did 4 things within 2 minutes of that text: (1) removed the phone number again from the email account – this time for good, (2) market sell all Bitcoin on Coinbase, (3) withdraw from Coinbase, (4) have AT&T suspend service on the phone line.
In speaking with AT&T, they were floored that our SIM would be transferred again in light of all the notes about fraud on the account and the PIN being changed to random digits that had never been used by us before. Based on the response of disbelief from AT&T on the second port, I suspect that this attack also involved a compromised AT&T employee that worked with the attacker to provide timely access to the Coinbase password reset email. Apparently, this has been going on for years: https://www.flashpoint-intel.com/blog/sim-swap-fraud-account-takeove with phone carrier employees swapping SIMs for $80s a swap.
Remember that most of this was hidden in real time, and was only known because we were able to recover emails deleted from Trash by the attacker.
Since we require any withdrawals to use Google Authenticator on Coinbase, our funds may have been secure nonetheless. However, under the circumstances with attackers that were apparently working with insiders to take our phone number twice in attempts to steal Bitcoin, and it being unknown if they had additional tools related to our Google Authenticator, we decided it was safer on the sidelines. The coins were held on the exchange for a quick exit depending on whether Bitcoin was going to break up or down from $10,000. A hardware wallet is always safest, but we were looking to time the market and not have transaction delays.
For some some security recommendations:
AT&T: If you are going to send a text saying that calls and texts are moving to a new number, provide a 10 minute window for the phone number to reply with a “NO” or “STOP” to prevent the move. This can escalate the SIM dispute to more trusted employees to determine who actually owns the line. Don’t let entry level employees swap SIMs.
Coinbase: Do not default to phone numbers as 2FA. Also, if someone logs in successfully with the password before the 24 hours are up, the password is known and there is no need to send the password reset email again for attacker to have forwarded to them. At least have an option to stop the password reset email from being sent. We did not tag our account at Coinbase with fraud because of the stories of frozen funds once an account is tagged. I’m not sure what the solution is there, but that is another problem.
Being a trader, it would be nice to think of Coinbase as any other type of security brokerage where your assets are yours (someone can’t steal your phone number and transfer your stocks to their account). We fell into that mindset of security, yet this experience has reminded us of the uniqueness of cryptocurrency and the lack of custodial assurance and insurance from exchanges because of the possession-is-everything properties of cryptocurrency.
As many have said before, 2FA with a phone number quickly becomes 1-factor authentication as soon as that phone number is associated with password recovery on your email or other accounts. Our overall recommendation is to avoid having a phone number associated with any recovery options across all your accounts.
TLDR on the process:
Scammers will steal your phone number (in our case twice in 24 hours) and use your phone number to access your email and accounts. They will use your email to reset passwords at financial accounts and file hosting such as DropBox. They will then use that combination to transfer any assets they can access from your accounts to theirs. They will do their best to hide this from you by
(1) not resetting your email password so as to raise suspicion,
(2) immediately delete any password reset emails you may receive from financial accounts to hide them from you,
(3) attempt to forward all emails sent to your address to a burner email, and
(4) set email rules to forward emails containing “coinbase” to an email folder other than your Inbox so that you don’t see the transactions and password reset emails that arrive to your inbox.
TLDR on defense tips: If your phone stops working or you receive a text of your number being ported do the following as soon as possible:
(1) log into your email account(s) associated with your financial accounts and remove your phone number as 2FA immediately
(2) change your email password,
(3) force a logout of all sessions from your email (at this point you have locked them out), then
(4) check your mail forwarding settings for forwards to burner addresses,
(5) check your mail rules for rerouting of emails from accounts such as Coinbase, and
(6) call your carrier to have them suspend service on your lost phone number and ask them to reinstate your SIM or get a new SIM. This will require a second phone because your personal phone number has been stolen.
We hope this helps some others be safe out there in protecting their coins. The more we know, the more we can protect ourselves. Wishing you all the best!
submitted by etheregg to CoinBase [link] [comments]

Someone has been killed aboard my ship. And the murderer is still onboard. [PART 4]

Bring up the file, I clicked play. The footage began, revealing its contents inside the ventilation shafts, winding it to the ventilation in the heads. Quinton also brushed up against me, watching in anticipation, brushing up against me in surprise.
"And so it ends here," Quinton exclaimed, his eyes kept on the video, withdrawing his senior sailor issued shotgun, "I'm going to shoot that bastard."
A muffled screech, and we watched at the screen, as the ventilation panel cover popped off and was removed by a gloved hand. A skinny man crawled in, identity hidden by the gariny footage.
"Goddamit, can they not afford good cameras," an exasperated Quinton said.
"Shut up," I shot back, "I want to watch this."
"Me too, aye sir." We watched as the figure unscrewed the other shaft, as the black jacket covering his uniform twisted. Finally, one of its zippers ripped open, revealing the naval camoflauge around it.
Viktor.
That nametag was indistingushable - the Eastern European name was unmistakably him. Out of nowhere, a pistol being cocked, as its hammer sprang forward slamming the spring. We had been caught.
"So, a bit of late night espionage?" he said menacingly. I watched as Quinton slowly turned around, and using his hands, flicked the pistol to the floor, the background filled with crashing waves.
That's when a I realised that the ship arrives in port tommorow at this time. Quinton masterfully jumped up, knocking Viktor, dressed in the black jacket rammed Quinton across.
"HEY! SOMEONE!" I yelled, trying to draw and brandish my own pistol, flicking the safety switch. "I already gassed all of them. Painlessly," Viktor said unemotionally and coldly as he ran into Quinton again, knocking him to the ground.
Aiming the pistol, I squeezed the trigger. Viktor rammed Quinton, and stomped on him, keeping his boot squeezed against his stomach, before holding out a firing pin, etched with my serial number.
"I also already tampered with your pistol. You went on. Carelessly," he said as he smirked. That's when he raised his pistol, and shot Quinton. Quinton jarred, his mouth open, and fell back cracking his head on the floor. I inched back, trying desperately to press it, hoping he was fluking, as he laughed with insidious intent.
"I control this ship!" he screamed triumphantly, "and when this ship sails into port tommorow, it is I who shall be the hero! You shall be the criminal!" he continued, "And while you are renditioned to Pine Gap, and waterboarded endlessly, I shall rise up!" he boomed with a final screeching laughter, before kicking me in the face and slamming my head into the ground.
"Why? Why?" I tried to say, as my mouth started to swell.
"How well do you know me?" he started off with.
"I know you now better than I'll ever do," I groaned in pain. "Why do you think I am doing this?" he laughed. "Because you're evil," I replied with, earning me another kick, this time in the stomach sending me yelling out all sorts of obscenities.
"Do you know what you have done?" he yelled in anger, "the Australian Government has betrayed me! Forgotten me! A long time ago, I was a commando! I served in Africa, in the Middle East! And then they forgot about me! I had to find my way back! And do you know what they have given me? Nothing!"
"And so you steal a navy ship and murder 20 people," I muttered.
"I will be remembered. I will be victorious! I shall use my power to abuse the brass who had abused me 5 years ago! You read through my file! You know my abilities!"
"You're also a high school drop out," I shot back. "Intelligence... does not rely on human intelligence!" the demented madman screamed out, busy shouting in all his self glory as he cheered, "We will arrive in Cairns tommorow! You will be escorted out in handcuffs! You will admit to your crimes in front of the Port Inspector and the Naval Police!"
"What if they review the footage?" I questioned him.
"They won't," came an iron voice booming from the intercom. The voice of my very own commander - Captain Daniels.
"You never heard anything," Viktor said, as I wallowed in my defeat, "right, James?"
"I never would've taken you, out of all people, as a traitor! That's why you placed him on my cabin guard! That's why I've been thumping into him as he-"
"Yes, Commander. He has been trying to pick your locks. He's been eavesdropping, listening to you," the Captain replied calmly. I saw his face on video call, his hands obscuring the sides webcam on his computer. A thin, wiry tall man in navy whites, sitting comfortably on his office desk, earning is $40 a hour payslip, with an oblivious number of personnel working around him probably trying to solve this situation. "
Why?" I screamed at the computer, slurring my speech, unable to form words as blood started to come from my mouth. A cut flap of my tough interferred in my speech.
"Because I too, am horrified at Viktor's mistreatment. And also, I would also like to be a hundred thousand dollars richer. Has that money been transferred?" he said.
"Yes. Check your offshore for one half, and your bitcoin wallet for the other half. All 100,000 AUD worth of currency." They both began to laugh, torturing my senses. They were responsible for the death of all of my crew. And here I was, injured, basking in my hopelessness and guilt. That's when I saw Quintons boatswains pipe. Grabbing it, while they were still distracted, I made my move.
"Excuse me?"
"Hm?" he said as he looked over. I leaped, and I thrust the boatswain pipe into his hip, laughing at his screaming, before jabbing it up his nose, and releasing it as I heard his nose snapping at my force, before pushing myself off. He picked up his pistol and fired it, hitting the communications broadcaster. I ran out of the room, slamming the door, watching as he blindly fired into all of the computers, screaming in frustration, disconnecting the swearing Captain, rendering the intercoms to silence. He ran out, reloading, when I dismounted a fire extinguisher and swung it against his chest, missing his head, smashing the glass on the door.
Ripping off the tags with my already somewhat dislodged teeth, I slammed the lever and sprayed the powdery and foamy solution onto him, as he slid down the stairs and slid down the hall, slamming through the doors and into the other room. Picking up the shard of glass, I ripped off a ventilation panel cover, and breathed in as I climbed through, and slid the cover back on, listening to his howling cries of pain and determination. Inside the vent, I breathed out, and talked aloud in relative safety.
"It was time to finish this," I muttered as I began to wait in anticipation
PART 1:
https://www.reddit.com/nosleep/comments/ivmvw3/someone_has_been_killed_aboard_my_ship_and_the/
PART 2: https://www.reddit.com/nosleep/comments/iw8ncc/someone_has_been_killed_aboard_my_ship_and_the/
PART 3 - https://www.reddit.com/nosleep/comments/iwvnp9/someone_has_been_killed_aboard_my_ship_and_the/
FINALE -
https://www.reddit.com/nosleep/comments/iy6mkl/someone_has_been_killed_aboard_my_ship_and_the/
submitted by DryVespers to nosleep [link] [comments]

Scaling Reddit Community Points with Arbitrum Rollup: a piece of cake

Scaling Reddit Community Points with Arbitrum Rollup: a piece of cake
https://preview.redd.it/b80c05tnb9e51.jpg?width=2550&format=pjpg&auto=webp&s=850282c1a3962466ed44f73886dae1c8872d0f31
Submitted for consideration to The Great Reddit Scaling Bake-Off
Baked by the pastry chefs at Offchain Labs
Please send questions or comments to [[email protected] ](mailto:[email protected])
1. Overview
We're excited to submit Arbitrum Rollup for consideration to The Great Reddit Scaling Bake-Off. Arbitrum Rollup is the only Ethereum scaling solution that supports arbitrary smart contracts without compromising on Ethereum's security or adding points of centralization. For Reddit, this means that Arbitrum can not only scale the minting and transfer of Community Points, but it can foster a creative ecosystem built around Reddit Community Points enabling points to be used in a wide variety of third party applications. That's right -- you can have your cake and eat it too!
Arbitrum Rollup isn't just Ethereum-style. Its Layer 2 transactions are byte-for-byte identical to Ethereum, which means Ethereum users can continue to use their existing addresses and wallets, and Ethereum developers can continue to use their favorite toolchains and development environments out-of-the-box with Arbitrum. Coupling Arbitrum’s tooling-compatibility with its trustless asset interoperability, Reddit not only can scale but can onboard the entire Ethereum community at no cost by giving them the same experience they already know and love (well, certainly know).
To benchmark how Arbitrum can scale Reddit Community Points, we launched the Reddit contracts on an Arbitrum Rollup chain. Since Arbitrum provides full Solidity support, we didn't have to rewrite the Reddit contracts or try to mimic their functionality using an unfamiliar paradigm. Nope, none of that. We launched the Reddit contracts unmodified on Arbitrum Rollup complete with support for minting and distributing points. Like every Arbitrum Rollup chain, the chain included a bridge interface in which users can transfer Community Points or any other asset between the L1 and L2 chains. Arbitrum Rollup chains also support dynamic contract loading, which would allow third-party developers to launch custom ecosystem apps that integrate with Community Points on the very same chain that runs the Reddit contracts.
1.1 Why Ethereum
Perhaps the most exciting benefit of distributing Community Points using a blockchain is the ability to seamlessly port points to other applications and use them in a wide variety of contexts. Applications may include simple transfers such as a restaurant that allows Redditors to spend points on drinks. Or it may include complex smart contracts -- such as placing Community Points as a wager for a multiparty game or as collateral in a financial contract.
The common denominator between all of the fun uses of Reddit points is that it needs a thriving ecosystem of both users and developers, and the Ethereum blockchain is perhaps the only smart contract platform with significant adoption today. While many Layer 1 blockchains boast lower cost or higher throughput than the Ethereum blockchain, more often than not, these attributes mask the reality of little usage, weaker security, or both.
Perhaps another platform with significant usage will rise in the future. But today, Ethereum captures the mindshare of the blockchain community, and for Community Points to provide the most utility, the Ethereum blockchain is the natural choice.
1.2 Why Arbitrum
While Ethereum's ecosystem is unmatched, the reality is that fees are high and capacity is too low to support the scale of Reddit Community Points. Enter Arbitrum. Arbitrum Rollup provides all of the ecosystem benefits of Ethereum, but with orders of magnitude more capacity and at a fraction of the cost of native Ethereum smart contracts. And most of all, we don't change the experience from users. They continue to use the same wallets, addresses, languages, and tools.
Arbitrum Rollup is not the only solution that can scale payments, but it is the only developed solution that can scale both payments and arbitrary smart contracts trustlessly, which means that third party users can build highly scalable add-on apps that can be used without withdrawing money from the Rollup chain. If you believe that Reddit users will want to use their Community Points in smart contracts--and we believe they will--then it makes the most sense to choose a single scaling solution that can support the entire ecosystem, eliminating friction for users.
We view being able to run smart contracts in the same scaling solution as fundamentally critical since if there's significant demand in running smart contracts from Reddit's ecosystem, this would be a load on Ethereum and would itself require a scaling solution. Moreover, having different scaling solutions for the minting/distribution/spending of points and for third party apps would be burdensome for users as they'd have to constantly shuffle their Points back and forth.
2. Arbitrum at a glance
Arbitrum Rollup has a unique value proposition as it offers a combination of features that no other scaling solution achieves. Here we highlight its core attributes.
Decentralized. Arbitrum Rollup is as decentralized as Ethereum. Unlike some other Layer 2 scaling projects, Arbitrum Rollup doesn't have any centralized components or centralized operators who can censor users or delay transactions. Even in non-custodial systems, centralized components provide a risk as the operators are generally incentivized to increase their profit by extracting rent from users often in ways that severely degrade user experience. Even if centralized operators are altruistic, centralized components are subject to hacking, coercion, and potential liability.
Massive Scaling. Arbitrum achieves order of magnitude scaling over Ethereum's L1 smart contracts. Our software currently supports 453 transactions-per-second for basic transactions (at 1616 Ethereum gas per tx). We have a lot of room left to optimize (e.g. aggregating signatures), and over the next several months capacity will increase significantly. As described in detail below, Arbitrum can easily support and surpass Reddit's anticipated initial load, and its capacity will continue to improve as Reddit's capacity needs grow.
Low cost. The cost of running Arbitrum Rollup is quite low compared to L1 Ethereum and other scaling solutions such as those based on zero-knowledge proofs. Layer 2 fees are low, fixed, and predictable and should not be overly burdensome for Reddit to cover. Nobody needs to use special equipment or high-end machines. Arbitrum requires validators, which is a permissionless role that can be run on any reasonable on-line machine. Although anybody can act as a validator, in order to protect against a “tragedy of the commons” and make sure reputable validators are participating, we support a notion of “invited validators” that are compensated for their costs. In general, users pay (low) fees to cover the invited validators’ costs, but we imagine that Reddit may cover this cost for its users. See more on the costs and validator options below.
Ethereum Developer Experience. Not only does Arbitrum support EVM smart contracts, but the developer experience is identical to that of L1 Ethereum contracts and fully compatible with Ethereum tooling. Developers can port existing Solidity apps or write new ones using their favorite and familiar toolchains (e.g. Truffle, Buidler). There are no new languages or coding paradigms to learn.
Ethereum wallet compatibility. Just as in Ethereum, Arbitrum users need only hold keys, but do not have to store any coin history or additional data to protect or access their funds. Since Arbitrum transactions are semantically identical to Ethereum L1 transactions, existing Ethereum users can use their existing Ethereum keys with their existing wallet software such as Metamask.
Token interoperability. Users can easily transfer their ETH, ERC-20 and ERC-721 tokens between Ethereum and the Arbitrum Rollup chain. As we explain in detail below, it is possible to mint tokens in L2 that can subsequently be withdrawn and recognized by the L1 token contract.
Fast finality. Transactions complete with the same finality time as Ethereum L1 (and it's possible to get faster finality guarantees by trading away trust assumptions; see the Arbitrum Rollup whitepaper for details).
Non-custodial. Arbitrum Rollup is a non-custodial scaling solution, so users control their funds/points and neither Reddit nor anyone else can ever access or revoke points held by users.
Censorship Resistant. Since it's completely decentralized, and the Arbitrum protocol guarantees progress trustlessly, Arbitrum Rollup is just as censorship-proof as Ethereum.
Block explorer. The Arbitrum Rollup block explorer allows users to view and analyze transactions on the Rollup chain.
Limitations
Although this is a bake-off, we're not going to sugar coat anything. Arbitrum Rollup, like any Optimistic Rollup protocol, does have one limitation, and that's the delay on withdrawals.
As for the concrete length of the delay, we've done a good deal of internal modeling and have blogged about this as well. Our current modeling suggests a 3-hour delay is sufficient (but as discussed in the linked post there is a tradeoff space between the length of the challenge period and the size of the validators’ deposit).
Note that this doesn't mean that the chain is delayed for three hours. Arbitrum Rollup supports pipelining of execution, which means that validators can keep building new states even while previous ones are “in the pipeline” for confirmation. As the challenge delays expire for each update, a new state will be confirmed (read more about this here).
So activity and progress on the chain are not delayed by the challenge period. The only thing that's delayed is the consummation of withdrawals. Recall though that any single honest validator knows immediately (at the speed of L1 finality) which state updates are correct and can guarantee that they will eventually be confirmed, so once a valid withdrawal has been requested on-chain, every honest party knows that the withdrawal will definitely happen. There's a natural place here for a liquidity market in which a validator (or someone who trusts a validator) can provide withdrawal loans for a small interest fee. This is a no-risk business for them as they know which withdrawals will be confirmed (and can force their confirmation trustlessly no matter what anyone else does) but are just waiting for on-chain finality.
3. The recipe: How Arbitrum Rollup works
For a description of the technical components of Arbitrum Rollup and how they interact to create a highly scalable protocol with a developer experience that is identical to Ethereum, please refer to the following documents:
Arbitrum Rollup Whitepaper
Arbitrum academic paper (describes a previous version of Arbitrum)
4. Developer docs and APIs
For full details about how to set up and interact with an Arbitrum Rollup chain or validator, please refer to our developer docs, which can be found at https://developer.offchainlabs.com/.
Note that the Arbitrum version described on that site is older and will soon be replaced by the version we are entering in Reddit Bake-Off, which is still undergoing internal testing before public release.
5. Who are the validators?
As with any Layer 2 protocol, advancing the protocol correctly requires at least one validator (sometimes called block producers) that is honest and available. A natural question is: who are the validators?
Recall that the validator set for an Arbitrum chain is open and permissionless; anyone can start or stop validating at will. (A useful analogy is to full nodes on an L1 chain.) But we understand that even though anyone can participate, Reddit may want to guarantee that highly reputable nodes are validating their chain. Reddit may choose to validate the chain themselves and/or hire third-party validators.To this end, we have begun building a marketplace for validator-for-hire services so that dapp developers can outsource validation services to reputable nodes with high up-time. We've announced a partnership in which Chainlink nodes will provide Arbitrum validation services, and we expect to announce more partnerships shortly with other blockchain infrastructure providers.
Although there is no requirement that validators are paid, Arbitrum’s economic model tracks validators’ costs (e.g. amount of computation and storage) and can charge small fees on user transactions, using a gas-type system, to cover those costs. Alternatively, a single party such as Reddit can agree to cover the costs of invited validators.
6. Reddit Contract Support
Since Arbitrum contracts and transactions are byte-for-byte compatible with Ethereum, supporting the Reddit contracts is as simple as launching them on an Arbitrum chain.
Minting. Arbitrum Rollup supports hybrid L1/L2 tokens which can be minted in L2 and then withdrawn onto the L1. An L1 contract at address A can make a special call to the EthBridge which deploys a "buddy contract" to the same address A on an Arbitrum chain. Since it's deployed at the same address, users can know that the L2 contract is the authorized "buddy" of the L1 contract on the Arbitrum chain.
For minting, the L1 contract is a standard ERC-20 contract which mints and burns tokens when requested by the L2 contract. It is paired with an ERC-20 contract in L2 which mints tokens based on whatever programmer provided minting facility is desired and burns tokens when they are withdrawn from the rollup chain. Given this base infrastructure, Arbitrum can support any smart contract based method for minting tokens in L2, and indeed we directly support Reddit's signature/claim based minting in L2.
Batch minting. What's better than a mint cookie? A whole batch! In addition to supporting Reddit’s current minting/claiming scheme, we built a second minting design, which we believe outperforms the signature/claim system in many scenarios.
In the current system, Reddit periodically issues signed statements to users, who then take those statements to the blockchain to claim their tokens. An alternative approach would have Reddit directly submit the list of users/amounts to the blockchain and distribute the tokens to the users without the signature/claim process.
To optimize the cost efficiency of this approach, we designed an application-specific compression scheme to minimize the size of the batch distribution list. We analyzed the data from Reddit's previous distributions and found that the data is highly compressible since token amounts are small and repeated, and addresses appear multiple times. Our function groups transactions by size, and replaces previously-seen addresses with a shorter index value. We wrote client code to compress the data, wrote a Solidity decompressing function, and integrated that function into Reddit’s contract running on Arbitrum.
When we ran the compression function on the previous Reddit distribution data, we found that we could compress batched minting data down to to 11.8 bytes per minting event (averaged over a 6-month trace of Reddit’s historical token grants)compared with roughly 174 bytes of on-chain data needed for the signature claim approach to minting (roughly 43 for an RLP-encoded null transaction + 65 for Reddit's signature + 65 for the user's signature + roughly 8 for the number of Points) .
The relative benefit of the two approaches with respect to on-chain call data cost depends on the percentage of users that will actually claim their tokens on chain. With the above figures, batch minting will be cheaper if roughly 5% of users redeem their claims. We stress that our compression scheme is not Arbitrum-specific and would be beneficial in any general-purpose smart contract platform.
8. Benchmarks and costs
In this section, we give the full costs of operating the Reddit contracts on an Arbitrum Rollup chain including the L1 gas costs for the Rollup chain, the costs of computation and storage for the L2 validators as well as the capital lockup requirements for staking.
Arbitrum Rollup is still on testnet, so we did not run mainnet benchmarks. Instead, we measured the L1 gas cost and L2 workload for Reddit operations on Arbitrum and calculated the total cost assuming current Ethereum gas prices. As noted below in detail, our measurements do not assume that Arbitrum is consuming the entire capacity of Ethereum. We will present the details of our model now, but for full transparency you can also play around with it yourself and adjust the parameters, by copying the spreadsheet found here.
Our cost model is based on measurements of Reddit’s contracts, running unmodified (except for the addition of a batch minting function) on Arbitrum Rollup on top of Ethereum.
On the distribution of transactions and frequency of assertions. Reddit's instructions specify the following minimum parameters that submissions should support:
Over a 5 day period, your scaling PoC should be able to handle:
  • 100,000 point claims (minting & distributing points)
  • 25,000 subscriptions
  • 75,000 one-off points burning
  • 100,000 transfers
We provide the full costs of operating an Arbitrum Rollup chain with this usage under the assumption that tokens are minted or granted to users in batches, but other transactions are uniformly distributed over the 5 day period. Unlike some other submissions, we do not make unrealistic assumptions that all operations can be submitted in enormous batches. We assume that batch minting is done in batches that use only a few percent on an L1 block’s gas, and that other operations come in evenly over time and are submitted in batches, with one batch every five minutes to keep latency reasonable. (Users are probably already waiting for L1 finality, which takes at least that long to achieve.)
We note that assuming that there are only 300,000 transactions that arrive uniformly over the 5 day period will make our benchmark numbers lower, but we believe that this will reflect the true cost of running the system. To see why, say that batches are submitted every five minutes (20 L1 blocks) and there's a fixed overhead of c bytes of calldata per batch, the cost of which will get amortized over all transactions executed in that batch. Assume that each individual transaction adds a marginal cost of t. Lastly assume the capacity of the scaling system is high enough that it can support all of Reddit's 300,000 transactions within a single 20-block batch (i.e. that there is more than c + 300,000*t byes of calldata available in 20 blocks).
Consider what happens if c, the per-batch overhead, is large (which it is in some systems, but not in Arbitrum). In the scenario that transactions actually arrive at the system's capacity and each batch is full, then c gets amortized over 300,000 transactions. But if we assume that the system is not running at capacity--and only receives 300,000 transactions arriving uniformly over 5 days-- then each 20-block assertion will contain about 200 transactions, and thus each transaction will pay a nontrivial cost due to c.
We are aware that other proposals presented scaling numbers assuming that 300,000 transactions arrived at maximum capacity and was executed in a single mega-transaction, but according to our estimates, for at least one such report, this led to a reported gas price that was 2-3 orders of magnitude lower than it would have been assuming uniform arrival. We make more realistic batching assumptions, and we believe Arbitrum compares well when batch sizes are realistic.
Our model. Our cost model includes several sources of cost:
  • L1 gas costs: This is the cost of posting transactions as calldata on the L1 chain, as well as the overhead associated with each batch of transactions, and the L1 cost of settling transactions in the Arbitrum protocol.
  • Validator’s staking costs: In normal operation, one validator will need to be staked. The stake is assumed to be 0.2% of the total value of the chain (which is assumed to be $1 per user who is eligible to claim points). The cost of staking is the interest that could be earned on the money if it were not staked.
  • Validator computation and storage: Every validator must do computation to track the chain’s processing of transactions, and must maintain storage to keep track of the contracts’ EVM storage. The cost of computation and storage are estimated based on measurements, with the dollar cost of resources based on Amazon Web Services pricing.
It’s clear from our modeling that the predominant cost is for L1 calldata. This will probably be true for any plausible rollup-based system.
Our model also shows that Arbitrum can scale to workloads much larger than Reddit’s nominal workload, without exhausting L1 or L2 resources. The scaling bottleneck will ultimately be calldata on the L1 chain. We believe that cost could be reduced substantially if necessary by clever encoding of data. (In our design any compression / decompression of L2 transaction calldata would be done by client software and L2 programs, never by an L1 contract.)
9. Status of Arbitrum Rollup
Arbitrum Rollup is live on Ethereum testnet. All of the code written to date including everything included in the Reddit demo is open source and permissively licensed under the Apache V2 license. The first testnet version of Arbitrum Rollup was released on testnet in February. Our current internal version, which we used to benchmark the Reddit contracts, will be released soon and will be a major upgrade.
Both the Arbitrum design as well as the implementation are heavily audited by independent third parties. The Arbitrum academic paper was published at USENIX Security, a top-tier peer-reviewed academic venue. For the Arbitrum software, we have engaged Trail of Bits for a security audit, which is currently ongoing, and we are committed to have a clean report before launching on Ethereum mainnet.
10. Reddit Universe Arbitrum Rollup Chain
The benchmarks described in this document were all measured using the latest internal build of our software. When we release the new software upgrade publicly we will launch a Reddit Universe Arbitrum Rollup chain as a public demo, which will contain the Reddit contracts as well as a Uniswap instance and a Connext Hub, demonstrating how Community Points can be integrated into third party apps. We will also allow members of the public to dynamically launch ecosystem contracts. We at Offchain Labs will cover the validating costs for the Reddit Universe public demo.
If the folks at Reddit would like to evaluate our software prior to our public demo, please email us at [email protected] and we'd be more than happy to provide early access.
11. Even more scaling: Arbitrum Sidechains
Rollups are an excellent approach to scaling, and we are excited about Arbitrum Rollup which far surpasses Reddit's scaling needs. But looking forward to Reddit's eventual goal of supporting hundreds of millions of users, there will likely come a time when Reddit needs more scaling than any Rollup protocol can provide.
While Rollups greatly reduce costs, they don't break the linear barrier. That is, all transactions have an on-chain footprint (because all calldata must be posted on-chain), albeit a far smaller one than on native Ethereum, and the L1 limitations end up being the bottleneck for capacity and cost. Since Ethereum has limited capacity, this linear use of on-chain resources means that costs will eventually increase superlinearly with traffic.
The good news is that we at Offchain Labs have a solution in our roadmap that can satisfy this extreme-scaling setting as well: Arbitrum AnyTrust Sidechains. Arbitrum Sidechains are similar to Arbitrum Rollup, but deviate in that they name a permissioned set of validators. When a chain’s validators agree off-chain, they can greatly reduce the on-chain footprint of the protocol and require almost no data to be put on-chain. When validators can't reach unanimous agreement off-chain, the protocol reverts to Arbitrum Rollup. Technically, Arbitrum Sidechains can be viewed as a hybrid between state channels and Rollup, switching back and forth as necessary, and combining the performance and cost that state channels can achieve in the optimistic case, with the robustness of Rollup in other cases. The core technical challenge is how to switch seamlessly between modes and how to guarantee that security is maintained throughout.
Arbitrum Sidechains break through this linear barrier, while still maintaining a high level of security and decentralization. Arbitrum Sidechains provide the AnyTrust guarantee, which says that as long as any one validator is honest and available (even if you don't know which one will be), the L2 chain is guaranteed to execute correctly according to its code and guaranteed to make progress. Unlike in a state channel, offchain progress does not require unanimous consent, and liveness is preserved as long as there is a single honest validator.
Note that the trust model for Arbitrum Sidechains is much stronger than for typical BFT-style chains which introduce a consensus "voting" protocols among a small permissioned group of validators. BFT-based protocols require a supermajority (more than 2/3) of validators to agree. In Arbitrum Sidechains, by contrast, all you need is a single honest validator to achieve guaranteed correctness and progress. Notice that in Arbitrum adding validators strictly increases security since the AnyTrust guarantee provides correctness as long as any one validator is honest and available. By contrast, in BFT-style protocols, adding nodes can be dangerous as a coalition of dishonest nodes can break the protocol.
Like Arbitrum Rollup, the developer and user experiences for Arbitrum Sidechains will be identical to that of Ethereum. Reddit would be able to choose a large and diverse set of validators, and all that they would need to guarantee to break through the scaling barrier is that a single one of them will remain honest.
We hope to have Arbitrum Sidechains in production in early 2021, and thus when Reddit reaches the scale that surpasses the capacity of Rollups, Arbitrum Sidechains will be waiting and ready to help.
While the idea to switch between channels and Rollup to get the best of both worlds is conceptually simple, getting the details right and making sure that the switch does not introduce any attack vectors is highly non-trivial and has been the subject of years of our research (indeed, we were working on this design for years before the term Rollup was even coined).
12. How Arbitrum compares
We include a comparison to several other categories as well as specific projects when appropriate. and explain why we believe that Arbitrum is best suited for Reddit's purposes. We focus our attention on other Ethereum projects.
Payment only Rollups. Compared to Arbitrum Rollup, ZK-Rollups and other Rollups that only support token transfers have several disadvantages:
  • As outlined throughout the proposal, we believe that the entire draw of Ethereum is in its rich smart contracts support which is simply not achievable with today's zero-knowledge proof technology. Indeed, scaling with a ZK-Rollup will add friction to the deployment of smart contracts that interact with Community Points as users will have to withdraw their coins from the ZK-Rollup and transfer them to a smart contract system (like Arbitrum). The community will be best served if Reddit builds on a platform that has built-in, frictionless smart-contract support.
  • All other Rollup protocols of which we are aware employ a centralized operator. While it's true that users retain custody of their coins, the centralized operator can often profit from censoring, reordering, or delaying transactions. A common misconception is that since they're non-custodial protocols, a centralized sequencer does not pose a risk but this is incorrect as the sequencer can wreak havoc or shake down users for side payments without directly stealing funds.
  • Sidechain type protocols can eliminate some of these issues, but they are not trustless. Instead, they require trust in some quorum of a committee, often requiring two-third of the committee to be honest, compared to rollup protocols like Arbitrum that require only a single honest party. In addition, not all sidechain type protocols have committees that are diverse, or even non-centralized, in practice.
  • Plasma-style protocols have a centralized operator and do not support general smart contracts.
13. Concluding Remarks
While it's ultimately up to the judges’ palate, we believe that Arbitrum Rollup is the bakeoff choice that Reddit kneads. We far surpass Reddit's specified workload requirement at present, have much room to optimize Arbitrum Rollup in the near term, and have a clear path to get Reddit to hundreds of millions of users. Furthermore, we are the only project that gives developers and users the identical interface as the Ethereum blockchain and is fully interoperable and tooling-compatible, and we do this all without any new trust assumptions or centralized components.
But no matter how the cookie crumbles, we're glad to have participated in this bake-off and we thank you for your consideration.
About Offchain Labs
Offchain Labs, Inc. is a venture-funded New York company that spun out of Princeton University research, and is building the Arbitrum platform to usher in the next generation of scalable, interoperable, and compatible smart contracts. Offchain Labs is backed by Pantera Capital, Compound VC, Coinbase Ventures, and others.
Leadership Team
Ed Felten
Ed Felten is Co-founder and Chief Scientist at Offchain Labs. He is on leave from Princeton University, where he is the Robert E. Kahn Professor of Computer Science and Public Affairs. From 2015 to 2017 he served at the White House as Deputy United States Chief Technology Officer and senior advisor to the President. He is an ACM Fellow and member of the National Academy of Engineering. Outside of work, he is an avid runner, cook, and L.A. Dodgers fan.
Steven Goldfeder
Steven Goldfeder is Co-founder and Chief Executive Officer at Offchain Labs. He holds a PhD from Princeton University, where he worked at the intersection of cryptography and cryptocurrencies including threshold cryptography, zero-knowledge proof systems, and post-quantum signatures. He is a co-author of Bitcoin and Cryptocurrency Technologies, the leading textbook on cryptocurrencies, and he has previously worked at Google and Microsoft Research, where he co-invented the Picnic signature algorithm. When not working, you can find Steven spending time with his family, taking a nature walk, or twisting balloons.
Harry Kalodner
Harry Kalodner is Co-founder and Chief Technology Officer at Offchain Labs where he leads the engineering team. Before the company he attended Princeton as a Ph.D candidate where his research explored economics, anonymity, and incentive compatibility of cryptocurrencies, and he also has worked at Apple. When not up at 3:00am writing code, Harry occasionally sleeps.
submitted by hkalodner to ethereum [link] [comments]

Reddcoin (RDD) 02/20 Progress Report - Core Wallet v3.1 Evolution & PoSV v2 - Commits & More Commits to v3.1! (Bitcoin Core 0.10, MacOS Catalina, QT Enhanced Speed and Security and more!)

Reddcoin (RDD) Core Dev Team Informal Progress Report, Feb 2020 - As any blockchain or software expert will confirm, the hardest part of making successful progress in blockchain and crypto is invisible to most users. As developers, the Reddcoin Core team relies on internal experts like John Nash, contributors offering their own code improvements to our repos (which we would love to see more of!) and especially upstream commits from experts working on open source projects like Bitcoin itself. We'd like tothank each and everyone who's hard work has contributed to this progress.
As part of Reddcoin's evolution, and in order to include required security fixes, speed improvements that are long overdue, the team has up to this point incorporated the following code commits since our last v3.0.1 public release. In attempting to solve the relatively minor font display issue with MacOS Catalina, we uncovered a complicated interweaving of updates between Reddcoin Core, QT software, MacOS SDK, Bitcoin Core and related libraries and dependencies that mandated we take a holistic approach to both solve the Catalina display problem, but in doing so, prepare a more streamlined overall build and test system, allowing the team to roll out more frequent and more secure updates in the future. And also to include some badly needed fixes in the current version of Core, which we have tentatively labeled Reddcoin Core Wallet v3.1.
Note: As indicated below, v3.1 is NOT YET AVAILABLE FOR DOWNLOAD BY PUBLIC. We wil advise when it is.
The new v3.1 version should be ready for internal QA and build testing by the end of this week, with luck, and will be turned over to the public shortly thereafter once testing has proven no unexpected issues have been introduced. We know the delay has been a bit extended for our ReddHead MacOS Catalina stakers, and we hope to have them all aboard soon. We have moved with all possible speed while attempting to incorproate all the required work, testing, and ensuring security and safety for our ReddHeads.
Which leads us to: PoSV v2 activation and the supermajority on Mainnet at the time of this writing has reached 5625/9000 blocks or 62.5%. We have progressed quite well and without any reported user issues since release, but we need all of the community to participate! This activation, much like the funding mechanisms currently being debated by BCH and others, and employed by DASH, will mean not only a catalyst for Reddcoin but ensure it's future by providing funding for the dev team. As a personal plea from the team, please help us support the PoSV v2 activation by staking your RDD, no matter how large or small your amount of stake.
Every block and every RDD counts, and if you don't know how, we'll teach you! Live chat is fun as well as providing tech support you can trust from devs and community ReddHead members. Join us today in staking and online and collect some RDD "rain" from users and devs alike!
If you're holding Reddcoin and not staking, or you haven't upgraded your v2.x wallet to v3.0.1 (current release), we need you to help achieve consensus and activate PoSV v2! For details, see the pinned message here or our website or medium channel. Upgrade is simple and takes moments; if you're nervous or unsure, we're here to help live in Telegram or Discord, as well as other chat programs. See our website for links.
Look for more updates shortly as our long-anticipated Reddcoin Payment Gateway and Merchant Services API come online with point-of-sale support, as we announce the cross-crypto-project Aussie firefighter fundraiser program, as well as a comprehensive update to our development roadmap and more.
Work has restarted on ReddID and multiple initiatives are underway to begin educating and sharing information about ReddID, what it is, and how to use it, as we approach a releasable ReddID product. We enthusiastically encourage anyone interested in working to bring these efforts to life, whether writers, UX/UI experts, big data analysts, graphic artists, coders, front-end, back-end, AI, DevOps, the Reddcoin Core dev team is growing, and there's more opportunity and work than ever!
Bring your talents to a community and dev team that truly appreciates it, and share the Reddcoin Love!
And now, lots of commits. As v3.1 is not yet quite ready for public release, these commits have not been pushed publicly, but in the interests of sharing progress transparently, and including our ReddHead community in the process, see below for mind-numbing technical detail of work accomplished.
e5c143404 - - 2014-08-07 - Ross Nicoll - Changed LevelDB cursors to use scoped pointers to ensure destruction when going out of scope. *99a7dba2e - - 2014-08-15 - Cory Fields - tests: fix test-runner for osx. Closes ##4708 *8c667f1be - - 2014-08-15 - Cory Fields - build: add funcs.mk to the list of meta-depends *bcc1b2b2f - - 2014-08-15 - Cory Fields - depends: fix shasum on osx < 10.9 *54dac77d1 - - 2014-08-18 - Cory Fields - build: add option for reducing exports (v2) *6fb9611c0 - - 2014-08-16 - randy-waterhouse - build : fix CPPFLAGS for libbitcoin_cli *9958cc923 - - 2014-08-16 - randy-waterhouse - build: Add --with-utils (bitcoin-cli and bitcoin-tx, default=yes). Help string consistency tweaks. Target sanity check fix. *342aa98ea - - 2014-08-07 - Cory Fields - build: fix automake warnings about the use of INCLUDES *46db8ad51 - - 2020-02-18 - John Nash - build: add build.h to the correct target *a24de1e4c - - 2014-11-26 - Pavel Janík - Use complete path to include bitcoin-config.h. *fd8f506e5 - - 2014-08-04 - Wladimir J. van der Laan - qt: Demote ReportInvalidCertificate message to qDebug *f12aaf3b1 - - 2020-02-17 - John Nash - build: QT5 compiled with fPIC require fPIC to be enabled, fPIE is not enough *7a991b37e - - 2014-08-12 - Wladimir J. van der Laan - build: check for sys/prctl.h in the proper way *2cfa63a48 - - 2014-08-11 - Wladimir J. van der Laan - build: Add mention of --disable-wallet to bdb48 error messages *9aa580f04 - - 2014-07-23 - Cory Fields - depends: add shared dependency builder *8853d4645 - - 2014-08-08 - Philip Kaufmann - [Qt] move SubstituteFonts() above ToolTipToRichTextFilter *0c98e21db - - 2014-08-02 - Ross Nicoll - URLs containing a / after the address no longer cause parsing errors. *7baa77731 - - 2014-08-07 - ntrgn - Fixes ignored qt 4.8 codecs path on windows when configuring with --with-qt-libdir *2a3df4617 - - 2014-08-06 - Cory Fields - qt: fix unicode character display on osx when building with 10.7 sdk *71a36303d - - 2014-08-04 - Cory Fields - build: fix race in 'make deploy' for windows *077295498 - - 2014-08-04 - Cory Fields - build: Fix 'make deploy' when binaries haven't been built yet *ffdcc4d7d - - 2014-08-04 - Cory Fields - build: hook up qt translations for static osx packaging *25a7e9c90 - - 2014-08-04 - Cory Fields - build: add --with-qt-translationdir to configure for use with static qt *11cfcef37 - - 2014-08-04 - Cory Fields - build: teach macdeploy the -translations-dir argument, for use with static qt *4c4ae35b1 - - 2014-07-23 - Cory Fields - build: Find the proper xcb/pcre dependencies *942e77dd2 - - 2014-08-06 - Cory Fields - build: silence mingw fpic warning spew *e73e2b834 - - 2014-06-27 - Huang Le - Use async name resolving to improve net thread responsiveness *c88e76e8e - - 2014-07-23 - Cory Fields - build: don't let libtool insert rpath into binaries *18e14e11c - - 2014-08-05 - ntrgn - build: Fix windows configure when using --with-qt-libdir *bb92d65c4 - - 2014-07-31 - Cory Fields - test: don't let the port number exceed the legal range *62b95290a - - 2014-06-18 - Cory Fields - test: redirect comparison tool output to stdout *cefe447e9 - - 2014-07-22 - Cory Fields - gitian: remove unneeded option after last commit *9347402ca - - 2014-07-21 - Cory Fields - build: fix broken boost chrono check on some platforms *c9ed039cf - - 2014-06-03 - Cory Fields - build: fix whitespace in pkg-config variable *3bcc5ad37 - - 2014-06-03 - Cory Fields - build: allow linux and osx to build against static qt5 *01a44ba90 - - 2014-07-17 - Cory Fields - build: silence false errors during make clean *d1fbf7ba2 - - 2014-07-08 - Cory Fields - build: fix win32 static linking after libtool merge *005ae2fa4 - - 2014-07-08 - Cory Fields - build: re-add AM_LDFLAGS where it's overridden *37043076d - - 2014-07-02 - Wladimir J. van der Laan - Fix the Qt5 build after d95ba75 *f3b4bbf40 - - 2014-07-01 - Wladimir J. van der Laan - qt: Change serious messages from qDebug to qWarning *f4706f753 - - 2014-07-01 - Wladimir J. van der Laan - qt: Log messages with type>QtDebugMsg as non-debug *98e85fa1f - - 2014-06-06 - Pieter Wuille - libsecp256k1 integration *5f1f2e226 - - 2020-02-17 - John Nash - Merge branch 'switch_verification_code' into Build *1f30416c9 - - 2014-02-07 - Pieter Wuille - Also switch the (unused) verification code to low-s instead of even-s. *1c093d55e - - 2014-06-06 - Cory Fields - secp256k1: Add build-side changes for libsecp256k1 *7f3114484 - - 2014-06-06 - Cory Fields - secp256k1: add libtool as a dependency *2531f9299 - - 2020-02-17 - John Nash - Move network-time related functions to timedata.cpp/h *d003e4c57 - - 2020-02-16 - John Nash - build: fix build weirdness after 54372482. *7035f5034 - - 2020-02-16 - John Nash - Add ::OUTPUT_SIZE *2a864c4d8 - - 2014-06-09 - Cory Fields - crypto: create a separate lib for crypto functions *03a4e4c70 - - 2014-06-09 - Cory Fields - crypto: explicitly check for byte read/write functions *a78462a2a - - 2014-06-09 - Cory Fields - build: move bitcoin-config.h to its own directory *a885721c4 - - 2014-05-31 - Pieter Wuille - Extend and move all crypto tests to crypto_tests.cpp *5f308f528 - - 2014-05-03 - Pieter Wuille - Move {Read,Write}{LE,BE}{32,64} to common.h and use builtins if possible *0161cc426 - - 2014-05-01 - Pieter Wuille - Add built-in RIPEMD-160 implementation *deefc27c0 - - 2014-04-28 - Pieter Wuille - Move crypto implementations to src/crypto/ *d6a12182b - - 2014-04-28 - Pieter Wuille - Add built-in SHA-1 implementation. *c3c4f9f2e - - 2014-04-27 - Pieter Wuille - Switch miner.cpp to use sha2 instead of OpenSSL. *b6ed6def9 - - 2014-04-28 - Pieter Wuille - Remove getwork() RPC call *0a09c1c60 - - 2014-04-26 - Pieter Wuille - Switch script.cpp and hash.cpp to use sha2.cpp instead of OpenSSL. *8ed091692 - - 2014-04-20 - Pieter Wuille - Add a built-in SHA256/SHA512 implementation. *0c4c99b3f - - 2014-06-21 - Philip Kaufmann - small cleanup in src/compat .h and .cpp *ab1369745 - - 2014-06-13 - Cory Fields - sanity: hook up sanity checks *f598c67e0 - - 2014-06-13 - Cory Fields - sanity: add libc/stdlib sanity checks *b241b3e13 - - 2014-06-13 - Cory Fields - sanity: autoconf check for sys/select.h *cad980a4f - - 2019-07-03 - John Nash - build: Add a top-level forwarding target for src/ objects *f4533ee1c - - 2019-07-03 - John Nash - build: qt: split locale resources. Fixes non-deterministic distcheck *4a0e46e76 - - 2019-06-29 - John Nash - build: fix version dependency *2f61699d9 - - 2019-06-29 - John Nash - build: quit abusing AMCPPFLAGS *99b60ba49 - - 2019-06-29 - John Nash - build: avoid the use of top and abs_ dir paths *c8f673d5d - - 2019-06-29 - John Nash - build: Tidy up file generation output *5318bce57 - - 2019-06-29 - John Nash - build: nuke Makefile.include from orbit *672a25349 - - 2019-06-29 - John Nash - build: add stub makefiles for easier subdir builds *562b7c5a6 - - 2020-02-08 - John Nash - build: delete old Makefile.am's *066120079 - - 2020-02-08 - John Nash - build: Switch to non-recursive make
Whew! No wonder it's taken the dev team a while! :)
TL;DR: Trying to fix MacOS Catalina font display led to requiring all kinds of work to migrate and evolve the Reddcoin Core software with Apple, Bitcoin and QT components. Lots of work done, v3.1 public release soon. Also other exciting things and ReddID back under active dev effort.
submitted by TechAdept to reddCoin [link] [comments]

25 Percent of fullnodes already running 0.15.x That's good. To those running 0.14.2: Come on! Let's make 50% of it!

25 Percent of fullnodes already running 0.15.x That's good. To those running 0.14.2: Come on! Let's make 50% of it! submitted by castorfromtheva to Bitcoin [link] [comments]

Good job guys! Over 7000 Core nodes now.

Good job guys! Over 7000 Core nodes now. submitted by readish to Bitcoin [link] [comments]

How do I get a docker container to use one specific network interface?

I have a server with four network interfaces each one on its own /24 subnet. I want to have the Docker containers I'm running to use only one of them for all traffic. For the incoming traffic it's easy to just point the port forward to the interface I want to use. But the outgoing traffic and basic functionality like DNS uses the default network (0.0.0.0)
This is the container startup command line for each of my four containers. I want all of them to only use the interface with address 192.168.19.91:
docker run \ --detach \ --restart unless-stopped \ --publish "8333:8333" \ --publish "8332:8332" \ --mount type=bind,source=/volume2/bitcoind,destination=/bitcoin \ --name bitcoind-node kylemanna/bitcoind docker run \ --detach \ --restart unless-stopped \ --publish "28967:28967" \ --publish "14002:14002" \ --env WALLET="xxxxxxxxxxxxx" \ --env EMAIL="[email protected]"\ --env ADDRESS="xxxxxxxx.dyndns.org:28967" \ --env BANDWIDTH="648TB" \ --env STORAGE="16TB" \ --mount type=bind,source=/volume2/backup/storagenode,destination=/app/identity \ --mount type=bind,source=/volume2/storj,destination=/app/config \ --name storagenode storjlabs/storagenode:beta docker run \ --detach \ --restart unless-stopped \ --rm \ -i -t \ --publish "45555:45555" \ --volume /volume2/xcore/.xcore:/root/.xcore \ --name xcore internxt/xcore docker run \ --detach \ --restart unless-stopped \ --publish "9980:9980" \ --publish "9981:9981" \ --publish "9982:9982" \ --volume /volume2/sia:/sia-data \ --name sia-container mtlynch/sia 
Any ideas how to do this ?
There is a couple of switches I can't find in the documentation, what are these?
--rm ?? -i ?? -t ??
submitted by seanr22a to docker [link] [comments]

Questions on running full Bitcoin node

I'm trying to set up a full node with Bitcoin Core on OS X. Forwarding port is open and I downloaded about half of the blocks so far. The problem I'm running into is that after about an hour of operation the app starts to respond slowly and gives me the beachball. I gave it 2GB memory, so I don't think it's running out of memory. Any tips on what could be the issue?
My second question: Is there any other option to run a Bitcoin full node besides Bitcoin Core software? I mainly want to connect my phone wallet to it, and perhaps my Lightning-app by Lightning Labs wallet as well down the line.
submitted by osxfullnode to Bitcoin [link] [comments]

How Ransomware Encryption Happens & 4 Methods for Recovery

We know how overwhelming it can feel to be the victim of a ransomware attack and how your business cannot operate due encrypted or locked files. This page delivers insight on why your files were encrypted or locked, and the options you have to decrypt ransomware. As a ransomware recovery service provider, we have helped thousands of clients successfully recover their data and decrypt their data.
Evaluating all options will include analyzing the encrypted files, and the least desirable option to pay the ransom demand if necessary. Our process helps provide critical insight into decrypting ransomware and the available options that clients have.
By the end of this piece, it is our goal to show you what is involved to successfully recover your files. This guide outlines what steps and research are necessary to decrypt or unlock your files from a ransomware attack.

You’re the victim of a ransomware attack

You arrive to work and start noticing suspicious alerts coming from your servers, and none of the databases are functional. Your co-workers are frantic and cannot access any of their data. You investigate further and find all of the files on your network are renamed and discover ransom notes, and a screen asking you to email someone if you want your data back. You finally realize that you are a victim of a ransomware attack, and all of your files are locked or encrypted.

3 Common Ways Your Files Were Encrypted or Locked

Ransomware succeeds when businesses have poor security hygiene. Organizations that lack policies & procedures around data security will have a higher risk of ransomware attacks. Here are some of the most common ways to fall victim to a ransomware attack:

Open Remote Desktop Protocol Ports (RDP)

Businesses that have improperly configured network security may leave their Remote Desktop Protocol (RDP) ports open. Unknowingly, this is the equivalent of leaving the front door unlocked when you leave your home: it provides an opportunity for cyber attacks to come through with little deterrence.
Once a hacker is connected to your network, they can install ransomware and additional back doors to access your network at a later date. A large percentage of ransomware attacks still use this method of attack because so many organizations are not even aware of this security vulnerability.

Phishing Attacks

Ransomware can infiltrate your network by a malicious email campaign known as a phishing attack. Ransomware operators use massive networks of internet-connected devices (botnets) to send phishing emails to unsuspecting victims. These emails intend to trick the receiver into clicking on a malicious attachment or link, which can secretly install the ransomware virus or other malware.
Phishing emails are becoming increasingly difficult to detect as cybercriminals find clever ways to make a malicious email look legitimate. This underscores the importance of security awareness training for everyone in the organization, not just the I.T. department.

Compromised Passwords

The ransomware operators may have used previously compromised passwords from employees at your organization to gain unauthorized access to the networks. This derives from the poor security practices of reusing the same passwords for multiple accounts and authentication processes.
If your employees have been using old & weak passwords to access your business data, a cyber criminal can use a previously compromised password to initiate the attack. Remember to always to follow good password hygiene.
The variety of attack vectors highlights the importance of a digital forensics investigation that can help victims understand how the ransomware came onto your computer and what steps you can take to remediate the vulnerability.

4 Options for Ransomware Recovery

In this section, we cover the options to restore files encrypted or locked by ransomware.

1. Recover files with a backup

If your files become encrypted in a ransomware attack, check to see if you have backups to restore and recover (in order).

2. Recreate the data

Even though your files are encrypted by ransomware, you might be able to recreate the data from a variety of sources as outlined below:

3. Breaking the ransomware encryption

The harsh truth is that the majority of ransomware encryption is unbreakable. This impossibility is a tough concept for many of us to accept, given the technological advances of our society.
Does this mean you should skip looking into whether the ransomware encryption can be broken? This option should always be explored if presented by a ransomware recovery firm, although the final choice is yours to make. We will lay out a real life example at Proven Data below to outline why this was a great decision for a company that was infected with ransomware.
While it tends to be rare, there are poorly constructed ransomware encryptions that have been broken by security researchers. If you can avoid paying a ransom, you should at all costs.
There can be flaws in the malware or weaknesses in the encryption. Businesses can look at these options, especially if time is on your side. There are also free ransomware decryption resources that provide tools for previously decrypted ransomware variants. A client of ours had hired a ransomware recovery company to recover their files until we discovered at the very last moment through our analysis that the encryption was breakable. With less than 20 minutes to spare, we saved the client out of paying a $450,000 ransom.

Why can’t most ransomware encryption be broken?

Ransomware is a cryptovirus, which means it uses cryptography in combination with malware to lock your files. Modern cryptography uses sophisticated mathematical equations (algorithms) and secret keys to encrypt and decrypt data. If strong encryption is used, it can take thousands, if not millions of years to break the encryption given the strength of today’s computers.
Encryption is a security tool created with the intent of data protection. It is a defensive tool to provide security, privacy, and authentication. Sadly, ransomware attackers are using it as a weapon against innocent victims.

How do I know if the encryption can be broken?

You can start off with this free ransomware identification resource to determine the feasibility of decryption. You will need to upload the ransom note and a sample file into the ID-Ransomware website, and it will tell you if there is a free decrypter or if it is an unknown ransomware variant. Please note that the tool is not always 100% accurate. If the variant is still under analysis, you will need a malware or encryption analyst to determine whether or not there is a possibility for decryption.
Encryption is designed to be unbreakable, which is why security researchers can’t simply make a tool for ransomware decryption. These unbreakable encryptions protect our bank accounts, trade secrets, government data, and mobile communications, among other things. It would be a significant security concern if there were a master decryption tool that could break encryption algorithms.

4. Paying the ransom to decrypt ransomware files

If the encryption is too strong, the only way to obtain the decryption key for your files is to pay the ransom. Many ransomware victims don’t have time on their side because they are facing significant business disruption. Each minute that passes could be a lost client, or worse for a medical organization.
Here is a list of the most prevalent ransomware variants that are known to be “cryptographically secure,” which means that Proven Data or the security community has confirmed the encryption is unbreakable:

I don’t want to pay the hackers ransom.

Businesses and individuals have the option of choosing not to pay the ransom in a ransomware attack to regain access to their files. For personal, political, or moral reasons, there has been resentment of the ransomware economy, and victims do not have to engage in extortion. If paying the ransom is the only option, you should know what to expect before considering moving forward.

How a ransomware recovery specialist can help

If you do decide to use a ransomware recovery company and if there is one thing you get out of this article, it is this: You should always question how a ransomware recovery company is recovering your data. If you are unsure, asking the right questions will ensure a transparent experience:
A ransomware recovery specialist can analyze your current situation and determine what options are available to you at the time of the inquiry. A competent and experienced ransomware recovery company should be able to provide the following:
Understanding how your files were affected by ransomware in the first place will provide you with the insight needed to prevent another attack. Whether you choose Proven Data or another company to decrypt your ransomware files, it’s important to know what unknowns there may be out there.
Our threat intelligence that we’ve gathered from the thousands of previous cases enable you to make informed decisions in helping restore your data after a ransomware attack. If you require a company with such experience, we’re standing by to assist 24/7.
submitted by Proven_Data to u/Proven_Data [link] [comments]

As we get ready to greet in the new year, let's work to continue decentralizing the Bitcoin network. We are at 11.8K nodes, let's push it to 20K!

It is up to us to make sure that Bitcoin is as censorship resistant as possible. As we greet in the new year, the attacks on our network will get stronger and stronger and we must be ready for them. In a decentralized system, it is up to all participants to ensure its security.
I encourage everyone to consider operating a node in their homes, if you can, of course. This helps decentralize Bitcoin by replicating it to as many places on Earth. Your computer will also participate and help in the verifying of incoming transactions and newly signed blocks along with the replication/archiving of the blockchain history.
Requirements: 2 GB of RAM 160 GB of disk space Basic knowledge of networking (port forwarding)
Steps:
  1. Please head over to the following link and download Bitcoin Core: https://bitcoin.org/en/wallets/desktop/windows/bitcoincore/
  2. Install Bitcoin Core and let it sync, this will take between 12h and a few days.
  3. Next, head over to your home router and make sure you port forward TCP/8333 to the machine running Bitcoin Core. This step is important as it allows incoming connections. (Also consider setting up your home computer with a static IP instead of DHCP)
  4. (Recommended) Verify the Bitcoin Core installer SHA256 checksums. https://www.reddit.com/Bitcoin/comments/7m3mqx/as_we_get_ready_to_greet_in_the_new_year_lets/drrbn35/
  5. You can verify if your node is reachable by testing with: https://bitnodes.earn.com/nodes/
I will make myself available to answer all questions and help people through this process. Merry Christmas everyone!
submitted by LudvigBitcoinArt to Bitcoin [link] [comments]

Monero projects in development

Hi all,
I am a monero holder for a long time and as far as I can tell I've never cared much for its price fluctuations. The only time that monero's price got me worried was recently when the price increase made my position substantially relevant for me, which convinced me to move all my coins from mymonero to a cold wallet. I am on monero because I believe it is the only crypto that really solves the only concern I have with bitcoin: fungibility. However, I believe a few things are necessary for its long term success:
Does anyone know if there is anything being developed on the topics above?
Thanks.
submitted by arivar to Monero [link] [comments]

Utopia, 1984 Group, bad PR, 1984 Group and [NetStalkers] media garbage

Utopia, 1984 Group, bad PR, 1984 Group and [NetStalkers] media garbage
What would you understand immediately reading my post, I do not want to throw mud at the program or the team of 1984. I just want to explain to everyone that you need to look for advantages in everything and bring the matter to a logical conclusion. And the most important thing is to be committed to your work. And if you choose any product, you must be faithful to it to the end. Be the captains who are to the end with the ship, not the rats running from it.

Hello
In today's post, I would like to tell an interesting story that there is really worthwhile software in the world, what marketing is wrong, and how it is bad to turn to wrong media personalities. Of course, most people know about it. But I think this should be publicly shown, maybe for many and will be useful in the future.

But every cloud has a silver lining. In any case, I think this will be a good stress test for the web. So I can say that even if a bad PR company gives a good result.

Let's start from the very beginning, namely from the software Utopia and the 1984 Group. Of course, little is known about them; more precisely, practically nothing is known. But there is a brief information about her. All of course taken only from the official beta of the portal and block hackology
Spoiler for compact post) About Utopia ecosystem
Utopia – Anti 1984 Ecosystem
Utopia is a decentralized peer-to-peer network, With Utopia you can send instant text and voice messages, transfer files, create group chats and channels, send emails and conduct a private discussion. Currently Utopia is an application for Windows, iOS and Linux which offers all the features within one application. Utopia users get on their ‘Utopia ecosystem‘ as the application also provides a built-in Idyll browser to view websites within Utopia peer-to-peer network . Utopia comes with a Cryptocurrency which is called ‘Crypton‘ and is Proof-of-Stake. uWallet allows you to store,transfer your Crypton(CRP) or even create vouchers and credit cards, Utopia Network includes Utopia Name System (UNS) which is a decentralized registry of names that are impossible to expropriate, freeze or corrupt by 3rd-party as no one has control over the system rather its self-governed by rules set in place which are applicable to everyone.

Register yourself as a Beta Tester, Contributor or a Promoter. Each category gets to enjoy the ecosystem while the rewards vary (reward system will be explained shortly).
Utopia ecosystem is a culmination of multi-year effort by a group of technology enthusiasts dedicated to freedom of self-expression and privacy. We call ourselves a 1984 Group. Among us there are top-notch professionals in almost every IT field, such as cryptographic, software, networking engineers and many more. This has been a long and challenging journey. After all this had never been done before! Finally, we present an ecosystem that will change the way World communicates and handles financial transactions. Utopia brief taken from their official website. Mentioning ‘financial transactions’ makes one wonder that Bitcoin was also disrupting the conventional financial system
Lets Explore Utopia and all the features in detail. please note as this is a beta application many of the features might change in future or some even get removed.
Utopia Encryption
Each user participates in transmission of network data but only the recipient can decrypt the data. Advanced encryption ensures interception-proof communication channel to all Utopia users. All communication is secure and protected by Curve25519 high-speed elliptic curve cryptography while local storage is encrypted by 256-bit AES. Big Brother is no longer watching you!
Installing Utopia
Once you register on the Beta Portal you have to download Utopia Application. After installing the application you will be given a Hardware ID and a Private Key, these keys are required to activate your beta license which can be done from the Activation Page. Please keep in mind that your beta portal website login credentials are not linked with Utopia Application and you can have a different username for the app and the website. Once you activate the license your utopia account will be tied with your beta portal account. A step by step procedure for easy understanding of the activation procedure:
Register at Utopia Beta Portal
Download Utopia software
Install the program by following simple instructions on installation wizard
Run Utopia and Create your account. You will be provided with Public Key and Hardware ID. Those are needed to activate your Utopia software
Login to your account
Click on JOIN BETA
Agree to the Rules and click SUBMIT
Click on NEW ACTIVATION and Enter Public Key and Hardware ID
Click ADD
Now your Utopia is activated and you are ready to test it

https://preview.redd.it/gq8brrk1rmc31.jpg?width=880&format=pjpg&auto=webp&s=02a96016755765dfef53309eb78a4abf0011d9c6
Utopia Dashboard
Utopia is a feature-rich platform that is specifically designed to protect privacy of communication, confidentiality and security of personal data. It was created for privacy-conscious public who believe that privacy is paramount. Utopia is a decentralized network, with no central server involved in data transmission or storage. The network is supported by people who use it’s many high quality features.

https://preview.redd.it/w2nhvx54rmc31.jpg?width=1366&format=pjpg&auto=webp&s=d5f7a958c67ca46ba2c2d34489c83579c0d18d0b
The first glimpse we get of the application is at the Dashboard which has navigational menu for easy access to all of its many features for us to explore, use and report bugs while it is in beta testing phase.

uMail (Utopia Mail)
uMail is a secure alternative to classic e-mail. uMail can be sent to Utopia users that are in your contact list for now. uMail has all functionality of email localized to Utopia ecosystem. No servers are used for mail transmission or storage. uMail account, that is created by default when you join the Utopia network, enables unlimited messaging and attachment storage. Utopia ecosystem encryption guarantees the security of mail transmission and storage. Your uMail, as an internal part of Utopia, cannot be blocked or seized.

https://preview.redd.it/8q7ljch6rmc31.jpg?width=1366&format=pjpg&auto=webp&s=2bcc4896fa74bb5d2ca23c4c9414fcd4d015ab41


All those who value their data privacy would find this useful including activists and journalists knowing that their data is going straight to the designated user and no 3rd party can intercept their data. Currently the limit set for the attachments is 100 MB but as per the team it may be increased in future.

uWallet (Utopia Wallet)
All financial functionality can be found in Utopia built-in uWallet. uWallet allows you to make and accept payments denominated in Utopia cryptocurrency ‘Crypton‘, accept payments at your website, pay by Crypto Cards without revealing your Identity or bill fellow Utopia users for your services. With uWallet you can store value in Cryptons, receive mining rewards, use uVouchers, request payments and accept payments using the built-in API.


Utopia Mining – Crypton
Utopia has an inbuilt cryptocurrency called Crypton (CRP), which is proof-of-stake therefore a modest machine can also be used to mine cryptons through the GUI based Utopia application or with terminal based Mining bot which comes with the application.

https://preview.redd.it/aadlqb8crmc31.jpg?width=814&format=pjpg&auto=webp&s=2a100b98b2d912898d1b4a316f05f999846ab7b1


Utopia rewards users that support the ecosystem through Mining by emission of new Cryptons. When you run your Utopia software or bot you will receive your share of collective reward. Mining does not slow your computer down and is environmentally friendly. You may also run a number of bots at several servers or computers to multiply the Crypton mining speed.

https://preview.redd.it/2yktqfkermc31.jpg?width=1024&format=pjpg&auto=webp&s=c099c8439d25ea1e95682c14116d812f85180dc6


uNS (Utopia Naming System)
Utopia has introduced uNS (Utopia Naming System) which is a unique naming system and independent from the conventional Domain Naming System. DNS is subject to pressure and censorship from less than prefect international laws. Domains can be revoked or suspended due to multiple reasons, such as non-response to WhoIS inquiry or other register policies, non-payment, government actions and so on.
uNS, in contrast, is a truly decentralized non-censored registry hosted by Utopia Network participants with no expiration dates, renewal fees, suspensions and revocations. There is only one rule: First come, First served.

https://preview.redd.it/pfwstp5grmc31.jpg?width=1024&format=pjpg&auto=webp&s=1e282b2ad57f61ae3e4a114e75a96e20f7fc3a73


uNS registered name should be unique. You may register as many uNS registered names as you want while registration is not free and costs are paid in crypton:
Single letter uNS costs 1000 CRP
Two letter uNS costs 500 CRP
Three letter uNS costs 5 CRP
Four letter or more costs 0.1 CRP

Miscellaneous Features
Making Groups, Adding users, Chatting and Emailing, Sending Mails and Mining Cryptons might be the highlights but Utopia claims to be an ecosystem therefore they had to incorporate many more features so that users of Utopia ecosystem do not feel the need to go out of the system. List of other useful features within the Utopia Application are listed
Packet Forwarding : uNS Manager lists option of ‘Packet Forwarding’ which is an internal system allowing any utopian user to host a website which can be accessed by the Idyll browser, the naming system of the website is explained above, if you register hackology uNS you can make a website and it will open when you visit http://hackology/ and that is it. This option allows to tunnel any kind of data between users in ecosystem, making possible to host different types of resources including websites inside Utopia Network. At the time of writing few fellow Utopia users made Utopia sites which can be accessed at http://trade/ and at http://crystalforest

https://preview.redd.it/1z5pbk8jrmc31.jpg?width=1024&format=pjpg&auto=webp&s=03d088e681d00b7c65610a0672ade07f593fb62b


File Manager : All files which are sent or received in Utopia can be accessed from the builtin file manager which also includes an image viewer. As of now the file transfers are limited to 100MB.
Voice Notes : Utopia also supports sending and receiving of Voice messages which you can send to those who are added with you.
Dark Theme : The program comes in standard theme but how can they miss out a Dark Theme for the privacy savvy ? Users can opt for dark theme by going to Tools > Settings > Interface and selecting the ‘Dark Space‘ theme
Utopia API : Utopia comes with a comprehensive API for users to incorporate in their own projects. For instance, using API you can accept payments denominated in Crypton at your website, automatically manage your channels, send instant messages and much more. To get started once you enable the API you can also access the API documentation.
Network Fee Structure : Utopia provides us with an option to view all the network enforced fee and they are updated live on the network as the fee structure changes, thus one can stay updated with the current fee structure. You can access the Network Fee from uWallet > Treasury Data > Network Fee

https://preview.redd.it/62ofvlrormc31.jpg?width=1024&format=pjpg&auto=webp&s=9ab0ecd8eda8f17290f1e10afd23c67ec828ecb5
Game : Utopia also supports in-app games which can be played in multiplayer, as of writing there is a working Chess game.


You can find more about Utopia on Hackology Blog.

Well, now I want to say personally my opinion after using Utopia.

It is very difficult to judge a product at the beta test stage, but at the moment I can highlight both the pros and cons of both the program and the team that develops it. I want to notice that this is my subjective opinion and you can or may not share it. So, let's begin:

Advantages:
  1. In principle, everything is really anonymous, as far as can be judged really using this software.
  2. Non-indexable channels (If you make it private and hide it from the search) at least we tested it inside the ecosystem. To find even by keywords is not real
  3. Non-indexable pages that you create. If you do not have a direct link, find a site even in the global search is not possible
  4. Easy mining of krypton. Even the weakest computers do not load, very comfortable
  5. Convenient system of anonymity of user information (Without exchange of public keys, even the avatar will not work)
  6. An easy-to-learn interface that arrived to us from 2004 (Old School will understand and appreciate)
  7. In fact, it reminds the decentralized Internet and may well become such with the proper development
  8. Inside the ecosystem there are no labels and notions of who is who, which simplifies the interaction within it
  9. Intervention from outside is at least very difficult, tried methods known to us, failed
  10. Indeed similar to a decentralized ecosystem.
  11. The team quickly fix problems
  12. Availability of detailed and collapsible instructions to all APIs within the ecosystem

There are many advantages and if I list everything, the post will be unrealistically large, therefore I have identified the main ones, and everyone after use must decide for himself what he liked.

And now about the shortcomings, they will be more likely related to common problems than specifically to the software or the command:

  1. Many functions that will have to be mastered by yourself, almost 0 guides
  2. The reaction of the team to the problems through the support leaves much to be desired
  3. The presence of bugs (not critical and absolutely, just not pleasant, both visually and in use)
  4. Not the right choice of PR company to promote software
  5. The team is known for development but is not good friends with product promotion.
  6. Localization, while only English (Well, this is a lesser problem)
  7. Absence of the familiar function (for example, attached videos and the like)
  8. All traffic from the site, even if you put it on the UPU goes through you, and in fact it denies anonymity. Why is this a disadvantage? Not only which VPS will agree that you would put Utopia, because the software scans the ports, which is forbidden without identification on most of the UPU. This is problem. If you put on the UPU, of course, the ends will not come to you, but if Utopia is on your car and the site is on the UPU, all site traffic will go through your public IP, which does not promise any anonymity.

While this is the most powerful problems of utopia, there may be more petty, but it is really not significant.


And now let's talk about NetStalkers, and here they are, because in the title they are.

The fact is that the 1984 Group bought advertising from this media team. I’ll say right away that I have nothing against the truly existing NetStalkers movement, now it concerns only the YouTube media community. So, having bought advertising from this wretched, deceitful and hypocritical community, Utopi had problems, because lovers of free-mining mining, children and inadequacies from all over the CIS and their usefulness were even zero, rushed into the software, moreover, all this garbage put a system on the blades because of spam, a huge amount of spam for which the 1984 Group was not ready. This is actually a terrible move.

Our small team very much hopes that this team can still draw conclusions from this, since only we worked, we chose the most adequate and interested contingent for this software from the CIS and we hope that in the future we will continue to cooperate with them.

If you like this post, I will continue to conduct similar topics and develop these areas, perhaps I will write guides on Utopia and will support this direction.

At the moment, because of the bad PR campaigns from the media slag community, the CIS, they no longer approve traffic, however, it’s even embarrassing to say that it’s from the CIS because such a manifestation of our community leaves much to be desired and even shows us adequate people in extremely bad light .


With you was MrHarr1son I was glad for you to try. If there are comments, or add something, write. I will be glad to discuss.
Our telegrams channels:
https://t.me/utopianews
https://t.me/hiddenthems
https://t.me/antinetstalkers (New channel created for fight with garbage media community)
Link to beta portal https://beta.u.is/
submitted by MrHarr1son to u/MrHarr1son [link] [comments]

YOU should really try the new Armory wallet!

If you have a PC with at least 2GB and more then a few mBTC to your name, you owe it to yourself to test run the latest version of Armory
You'll do a favor for everyone:
submitted by hnmZYEvzbkHk to Bitcoin [link] [comments]

I Ordered a Deep Web Box and It Has Been The Biggest Mistake of My Life. Part 1

It was a dumb idea from the start. My Youtube channel had been mostly clips of me raging at Dark Souls, but I got the idea one day when I found myself deep in the rabbit hole of channel surfing. It was envy, really. I watched as other people were getting high views on their videos, and I wanted a piece of the pie. That's what started this mess. I order a deep box for clicks.
I thought most of the videos were crap. They were fake boxes with people reading scripted lines. My idea was to be different. I wanted it to be raw and not fabricated. My expressions would be legitimate, if something crept me out it would show, but if I found it to be dumb, I would say so.
The next step was to find a way to get a box.
It took a few days of asking in the various Discord communities I was in. A gaming buddy that I had met on steam knew of a guy. It took some convincing, but he forwarded my discord handle to him. It didn't take long for a person that went by the name MRCC to reach out to me.
Below is my discord log, with who I purchased the box from. The only portions I edited is my friend’s name the addressed I used and MRCC’s Bitcoin Wallet.
--Discord Log 6/26/2019--
MRCC 6/26/2019 Hello, I am glad you accepted my friend’s request. Your friend [EDITED] told me you were interested in purchasing a box from me. Is that true?
StunnedWithIntent 6/26/2019
Yes. I have to ask a question, though.
MRCC 6/26/2019
What is that my new friend? :D
StunnedwithIntent 6/26/2019
Are these real? I don’t want some fluff stuff, I want something that will shock the hell out of my viewers.
MRCC 6/26/2019
I think I can arrange that for you. All you have to do is send about 100 US worth of BTC to [EDITED]
StunnedwithIntent 6/26/2019
All right, I just sent the money.
MRCC 6/26/2019
Forward me your address, friend. I will send a confirmation when the payment comes through. It will take 1-2 to days for your box to arrive :)
StunnedwithIntent 6/26/2019
[EDITED]
MRCC 6/26/2019
I just want to confirm this is your address. [EDITED]
All right, friend, the payment is confirmed. I will be sending the box first thing tomorrow morning. I look forward to growing our friendship.
StunnedwithIntent 6/26/2019
Sounds good, MRCC.
MRCC 6/26/2019
I just want to know. I take friendships very seriously and I am always honest with my friends. I think you are going to love what I am sending you :)
That started it, I think. It was a mistake on my part because I didn’t know who I was dealing, and because I lied to him. It took two days, but the box arrived. It wasn’t delivered to my house, though. It was to my friend’s home, who we will call TJ. He had questions when a box arrived with Stunned With Intent on it.
"Why in the hell would you give a random stranger my address?" TJ asked, with a look of annoyance. He was not happy when I showed up to his house to pick up a mystery package. He was more unhappy when I told him why someone had sent it to his house.
"I'm sorry, dude, I kinda just panicked when they asked."
"You could have at least got a P.O Box, now some weirdo on the deep web knows where I sleep.”
"It's fine, next time I will get them to send it to somewhere else," I replied, while I looked over the strange blue package. I wondered what was in it. I picked it up and shook it to hear a few items sliding around inside.
"What are you ordering a deep web box for anyway?"
"I am going to post it to YouTube, dude."
"You know all of the videos are most likely fake, and it's just a fad, right?"
"So, you don't want to see what is inside it, huh, TJ?"
"You ordered it and sent it to my house, so yea, I want to see what you got and whether I am going to be serial killed or not."
"You can see it, but you have to film me doing it, okay?"
"Uh, dude, I think it's my right to see it because it came to my house."
"TJ, work with me here. Will you please film it."
"Since you asked nicely, fine, I suppose I will."
TJ grabbed his phone as I took the box to the living room and sat on his coffee table. He gave me an indication he was filming, and I ripped own the packaging. It was a brown shoebox. It was nothing special, no logos, or even a barcode. I lifted the top off looked inside it to see what looked like random items.
“What’s inside it?” TJ asked.
I counted four different things inside. The first object I pulled out was a blue wristband. It looked broken; the band itself looked like someone had ripped it off. TJ walked closer to get a better shot of it, as my eyes looked at the lettering.
“What does it say?”
“All Day Pass, Santa Cruz Boardwalk,” I answered.
"All right, well, that is random. What's next, dude?"
The next item was a used guitar string. It happened to be one of the thicker strings, and it looked to be dirty. I placed the two items on the coffee table and looked up at TJ shaking my head. It seemed dumb, and I had wasted my money. MRCC was probably laughing his ass off in some basement somewhere about it, and how he even made money gathering random things around his room to send in a box.
"All right, that is dumb, next item," TJ laughed.
I pulled a small yellow envelope out. I checked to see that someone had opened it and pointed to the camera. I pulled it out to see that it was a birthday card. It looked like it belonged to a child because it had various comic characters on it. I opened the car, and it gave me a weird feeling, as TJ stepped closer.
"What does it say?"
"Happy 10th Birthday, Danny. Love You Always, Mom," I replied, showing him the handwriting.
"Okay, I will admit it, that's pretty damn creepy."
"Yea, but it feels cliche to me. Everyone gets these boxes."
"I doubt they get random guitar strings, dude. Anything else in there?"
I reached in to pull the last item. It was a small gift box. I gave it a good shake to hear something rattling around inside. I wondered if MRCC sent fake toy ring as one last tease. But when I opened the box, it revealed a small red thumb drive. I grabbed it and looked at it; it was rather ordinary.
"What do you think is on it?" TJ asked.
"Probably a picture of the guy with a huge smile on his face."
"Let's check it out, at least."
"The drive could be loaded with viruses, and god knows what else, dude."
TJ placed the phone on the coffee table and left the room. He came back holding a computer in his hands. He sat it on the table and booted it up. It seemed to take forever, which meant it was already loaded with viruses and spyware. He seemed more determined than me at that moment.
"Are you sure, TJ?"
"Yea, if we don't see what is on it then we just wasted a bunch of time for nothing. This is very try-hard from what I've seen."
He placed the drive in the USB port. The two of us waited until it popped up. When we took a look, it was only one file. It was labeled 'c2531r31'. I turned to look at disappointed TJ who clicked on it. It wouldn't open, and the two of us didn't have any ideas.
"This is a bust, man."
"I agree.
I thought it would have ended there.
It was three days later that I noticed I had a private message on Discord. I thought about just ignoring it, but I decided to look at it. It was probably him laughing at me for being an idiot buying a box from.
MRCC 6/29/2019 Hello, friend! What did you think of the box??
StunnedwithIntent 6/29/2019
It was clever, but it looked like a lot of the other boxes I see people get. No Offense.
MRCC 6/29/2019
You should check the drive. That's what makes mine different. It has the answers. :D
StunnedwithIntent 6/29/2019
I can’t even open it, so how am I supposed to get answers?
MRCC 6/29/2019
I will give you a hint, download [EDITED]
I don’t know what made me download that program that day, but it worked, mostly. The file began to open, but it asked me for a password. I was starting to become impatient with MRCC. I felt like he was just trolling me.
StunnedwithIntent 6/29/2019
Password?
MRCC 6/29/2019
I’ve already helped you enough. It’s not hard to figure out.
StunnedwithIntent 6/29/2019
?
MRCC 6/29/2019
You can figure out it, friend. I hope you enjoy the next box. It should there later today.
StunnedwithIntent 6/29/2019
Box?
He did respond to my last message, and he had signed off Discord. I decided I should at least call TJ. He wouldn't be thrilled to know that another box would be arriving today, but when I reached out, I did not get an answer. It went directly to voicemail.
I made the decision to drive back over to his house, and as I walked out the door, I saw a package. It was my address and my actual name. MRCC didn't know anything outside my online handle and my friend's address. I scooped up the bag and ripped it open. It was another shoe box.
The contents were a cheap burner cellphone. It was the type you could buy at a gas station, while the other item was a wrapped neatly in a newspaper. I turned on the cellphone. I opened the contacts folders to see two listings.
CALL FIRST.
CALL SECOND.
I wanted this to end. I regretted ever reaching out to MRCC. The person was toying with me, and I thought of calling the police. It made me angry and I did something irrational. I called the first contact readying myself to yell at whoever was on the other line. The phone started to ring, and the wrapped box started to vibrate. I was annoyed until a familiar voice came over the line. It was TJ's voicemail message.
"Hello?" I asked.
"What do you think, friend?"
"Excuse me?"
"This box is better than the first one."
"Yea, because sending me two phones is really funny."
"Friends don't lie to each other," MRCC muttered. "Have you uploaded the first box yet?"
"No."
"You should because I have lots more coming to you."
It had to be a joke. I prayed that this some sort twisted prank as I unwrapped the box. It left a knot in my stomach when I saw my friend's phone. I looked at the phone and dialed the other contact. The person quickly answered.
"Hello, how are you, my friend?"
"What's going on and why did you send my friend's phone?"
"Because friends don't lie to each other. I have a question does this box meet your satisfaction?"
"No, where is TJ?"
"Have you uploaded the video of my first box yet?"
"What?"
"Have you uploaded it?"
He was ignoring my question.
"You should really upload the video, friend. I have a few more boxes I want to send to you."
submitted by iamathrowaway32 to nosleep [link] [comments]

Comprehensive and honest user feedback from a Golem User

Hey everyone! Last week, a reporter approached us for words on Golem, and it was the first time a journalist actually also asked us to connect with a user for feedback. I told them to chat with PSVjasper99 and he provided super great feedback. He sent it to me and I shared it with our team, that appreciated it a lot. We consider your feedback extremely important, so posting here the report he prepared, and hoping to kick off a round of further feedback from all the Golem community. Thank you in advance!
__________________________________________________________
Experience Golem
Jasper V. 15-8-2018
I came across Golem around August of last year. A little background first:
I was starting my first semester at university that year and was already interested in the whole cryptocurrency world. At first, like many, I was full of scepticism. I mainly knew Bitcoin from being used on the darker side of transactions. Right as I started to learn about Golem, which was pretty much under pressure since their first major release Brass Beta was due summer 2017 and had not come out yet, I started my new study at the Technical University. One of my first major subjects required me to run tasks and complete FEM analyses on my university laptop (I study mechanical engineering and materials). These took days to complete. That was the point I bought my first Golem tokens. The use was to use these tokens if in the future, CAD renders and FEM analyses were to be implemented into Golem. Of course, the magic month December came and we all know what happened. I continued to hold on to my tokens and accumulated some more between March and now. Never sold nothing.
Of course this was at first all based around speculation. I first installed testnet in November (I think it was). What I first realised was that it was pretty spectacular the way it worked. The UI was clean and organized, instructions were clear and off rendering we went. This did not always go to plan however, because many of the tasks timed out. This was however, not a major problem since Golem allowed to use tGNT for testnet so we could attempt tasks as many times as we wanted. Updates came along every three weeks or so. The main files I rendered were demos that were also provided to test the capacity of the network. I had a success rate of about 25-35% estimated. A lot of tasks timed out or had a few ‘stripes’ not rendered correctly.
When Golem Brass Beta was launched about 4 months ago, I think the whole community was very excited. I only run Golem when I am actually using my PC. Running Golem whilst not using your PC would not only be very inefficient, but expensive too. It is not like mining. At the moment there is a clear deficit in requestors as opposed to providers. People should not expect when they launch Golem, that is computing the whole time (yet!). I have had days with tens of tasks with some good rewards, about 6 GNT per day, and days after which I had not had a single task ever since. Therefore, I often use Golems ability to change hardware allocation a lot. As I’m typing this, I offer 6 of my 8 threads to Golem. When I am gaming, I allocate 4 of my 8 threads and when I’m playing intensive games or VR, I allocate 2 of my 8 threads. My RAM and SSD space is always on full, since I have enough of that and it does not really impact performance that much.
I have now completed about 200 tasks across two nodes. Seeing how Golem actually worked was pretty cool and it has come a very long way since testnet and continues to improve. Golems UI is very smooth and I really like the vertical placement of the window. The application starts with a clear introduction, ability to protect your node with a password (access to wallets), and clearly tells you what to with port forwarding etc. This does not always go well, we see a huge surge of people on Reddit and the Golem Rocket Chat who have problems configuring their ports and connections. Thankfully, there are a lot of active team members and enthusiasts on the Rocket Chat who always find a solution. A major thing that has improved are the pop-up messages when hovering over items, and the understandeability of the whole application. Everything is well documented in the help document provided and the application works smooth without stuttering. Tips are provided as well for using the right settings when requesting a task on Golem, concerning task timeout, amount of subtasks etc. The price is basically determined via supply and demand, which is an advantage and could as well be a disadvantage. I hope Golem becomes large enough to not be influenced by big players making price agreements and who could, in theory, manipulate the market. However if this is not the case, this system ensures that the price paid for the computation is fair.
However, Golem certainly has its flaws. Not all of these were noticed by me, but I also talk to some enthusiasts and friends daily that always have Golem running. Most likely the team is working on these problems:
However, does this impact the implication of Golem in the real world? I have no idea. Golem currently only has Blender rendering POC on Mainnet and the target audience for requestors is not that huge. However, with the next release that should increase. Therefore, I don’t see an average Joe use Golem in the near future, but if more types of computation would be implemented, that could certainly change. If prices remain competitive, there is a huge (growing!) market available to Golem. Whether there is a hurdle for people to go to dApps from regular apps, probably. I think the majority of the projected users don’t quite yet see the added value of decentralization. Furthermore, I can imagine people disliking the fact to go to an exchange and exchange fiat for BTC or ETH, then to exchange for GNT, and then to transfer that GNT to Golems app. Golem is aware of this and I can see this (for many dApps) be the main factor contributing to the (not yet) mass adoption of dApps. Furthermore, the ever-changing value of these tokens is what might scare people off.
I am not a Blender artist and therefore I am not really able to use golem as a requestor. I can occasionally run some demo files. I have therefore not used any regular apps that provide the same service. Hopefully, this will change in the future, with the implementation of more use cases and the opportunity for the community to build on top of Golem.
So to conclude, will dApps ever replace regular apps? I see a few reasons as to why they might and a few reasons as to why they won’t. The main key is to improve the number of use cases, as well as the availability, keep the price competitive and the usability up. First, the issues above need to be solved for Golem specifically from my point of view. Some proper marketing could not hurt as well, trialling at universities and companies. If dApps are adopted by a few large(r) players (with the right use cases), domestic (mass) adoption could follow. However, I think it is hard to comment on this seen as the technology and development is still taking baby steps. I hope there is much more to come!
submitted by mariapaulafn to GolemProject [link] [comments]

Let's Talk About Litecoin Nodes

I decided to write this up because there's a lot of confusion about what a "Node" is. I personally had to do a lot of research to figured this out myself. If anyone would like to suggest edits, I welcome them.
Due to the decentralized nature of Litecoin, sometimes key terms or definitions don’t get standardized. This is particularly problematic for newcomers who want to learn about Litecoin but get confused by variant vocabulary. For example, a Full Litecoin Node to one person may mean something slightly different to another. In light of this, below I suggest a list of terms to help the community use the same definitions and language in regards to Litecoin Nodes.

A Node

Before we talk about Litecoin Nodes, let’s talk about nodes in a broad sense. In a distributed network, the simplest way to define a node would be to say it is a point of intersection or connection with the network. It can act as both a redistribution point or a communication endpoint. This loose definition helps us better understand the different ways a Litecoin Node functions within the Litecoin Network. The following definitions should collectively be considered Litecoin Nodes.

A Full Node

A Full Litecoin Node is an integral component of the Litecoin Network because it validates the blockchain. It does this by downloading a copy of it. It is also capable of relaying transactions and recent blocks, but this isn’t required to be considered a Full Node. Now when you first open up a Full Node client like Litecoin Core, most people are sitting behind a firewall. In this case, your Full Node is limited in the number of connections it can connect to (around 8) and only looks for Super Nodes a.k.a. Listening Nodes. The reason for this is because your Full Node isn’t publicly connectable yet.

A Super Node a.k.a. Listening Node

In a distributed network, a Super Node functions as a highly connected redistribution point as well as a relay station. Therefore this would be an appropriate term to describe a publicly connectable Full Litecoin Node. This means many nodes can connect to it to obtain relayed transactional data and blockchain history. This may require more bandwidth and CPU than a Full Node because of all the extra work it’s doing. These Super Nodes are normally on 24/7 and are reliable focal points for other nodes to connect to. In order to activate this within a Litecoin client functioning as a node, you must make it publicly connectable. One way to do this is to bypass any potential firewalls and/or setup port forwarding. Some manuals suggest running litecoind(litecoin daemon) in the background instead of Litecoin-Qt, but this isn’t necessary.
u/aaron0791 Raspberry Pi guide can either be a super node or a full node depending on whether it is publicly connectable. You can run it with the litecoind as well in order to avoid setting up a GUI with the Raspberry Pi.

A Miner’s Node

Today, miners utilize mining programs separate from Litecoin Core to mine Litecoin blocks. Some miners choose to solo mine and therefore use their own Full Node to maintain a full copy of the blockchain via litecoind. Others choose to pool mine and work together to solve blocks. In this case, the admin of the pool maintains a Full Node while pool miners contribute their hashpower. A third method, though highly discouraged and harmful to the network, is to SPV mine by mining on top of blocks before fully validating them. These SPV pool miners typically trust another mining pool’s Full Node as a reference to build on top of. In light of this, a Miner’s Node can be further subcategorized as either a Solo Miner’s Full Node or a Pool Miner’s Full Node.

A Simplified Payment Verification(SPV) Client a.k.a. Thin Client a.k.a. Light Wallets

SPV clients like Loafwallet (the Litecoin App for smartphones) are not Full Nodes because they don’t download the blockchain. SPV clients do this by ensuring your transactions are put in a block and then confirm that other blocks are being added to it. Therefore in the loosest sense, an SPV Client may fit the criteria of a node. However, they don’t do much to support and validate the distributed trustless ledger of Litecoin. Instead, they store just copies of all the headers of all the blocks in the blockchain that are taken from other Super Nodes. Therefore, SPV clients are unable to verify any transactions in the chain because they don’t have access to it. In this way, they function as communication endpoints as they are are unable to relay transactions or blockchain data. Additionally, it is important to put your own full nodes behind them to securely use SPV clients as wallets.

Specialized “Edge Routing” Nodes

Other types of nodes exist where Full Nodes are stripped of its wallet and mining capabilities. Entities such exchanges and merchant payment processors then build on top of these specialized “edge routing” nodes.

Conclusion

Above, I’ve briefly described the various roles a Litecoin Node can have. I’ve also included a broad overview of the necessary steps a user would need to take to use Litecoin Core in these roles. Hopefully by providing this list of terminology, it will empower users to understand what exact role they are playing in the network and to inform them of the steps they can take if they want to play a different one.
edit: clarified my language after consulting bitcoin dev's.
edit2: source if you want visuals-> https://medium.com/the-litecoin-school-of-crypto/lets-talk-about-litecoin-nodes-77383339cdf7
edit3: tips appreciate
LbpHUTE3LSYMu25FumQZeKv2z8BrYUQP8x
submitted by ecurrencyhodler to litecoin [link] [comments]

WÎLDツRocky - YouTube Bitcoins Erklärung: In nur 12 Min. Bitcoin verstehen ... Port Forwarding Turtorial for Eclair Lightning Wallet and all applications How To Create a Wallet?  CoinGeek *Update* Best Bitcoin Wallet  Blockchain Wallet for Beginners  Most Secure Bitcoin Wallet

Bitcoin wallet update trick has netted criminals more than $22 million. A simple technique has helped cybercrime gangs steal more than $22 million in user funds from users of the Electrum wallet app; a ZDNet investigation has discovered. This particular technique was first seen in December 2018. Since then, the attack pattern has been reused in multiple campaigns over the past two years. ZDNet ... Posted on July 5, 2017 July 5, 2017 Tags Bitcoin, Bitcoin Core, Bitcoin Wallet, P2P, Peer Status, Port-Forwarding, UPnP, Windows Leave a comment on Bitcoin-Core P2P Client Has UPnP. Bitcoin Basics. When a Bitcoin Wallet Program synchronizes its own list of Receiving Addresses, it broadcasts a query over the network, which names each Public Key / Address, and the network replies with an updated ... The wallet file holds the keys that allow spending and thus the computer should be protected from the risk of loss and theft. Leaving Bitcoin open improves connectivity for the network and ensures that you don't fall behind on the block chain. Also see the FAQ about port forwarding; Proceed to the introduction. Technical Block chain During bad weather, this site can go down. If it does, please try again later. This Is A Log File of the IP-Address inconsistencies, that followed from down-time, since March 20, 2019, Or, of the last 500 hours of known IP-Addresses. Bitcoin Core will request your router automatically configure itself to allow inbound connections to Bitcoin’s port, port 8333. Unfortunately many routers don’t allow automatic configuration, so you must manually configure your router. You may also need to configure your firewall to allow inbound connections to port 8333. Please see the following subsections for details.

[index] [22881] [17690] [44475] [26664] [6059] [19212] [430] [3650] [48437] [13032]

WÎLDツRocky - YouTube

If you want to someone to send you money to your Bitcoin account, Give them this address. you may donate to our network via Bitcoin as well :) Bitcoin addres... 5 cool things you can do with your router's USB port! - Duration: 4:07. ... BitNFC - NFC Bitcoin Wallet for Android - Duration: 6:49. makevoid 7,241 views. 6:49. How to BitCoin mine using fast ... Craft and Lore wallet, the Port is one of our top rated wallets and I was looking forward to taking it out for a carry test. Trust me, you can still use a simple wallet wrong, so it was really ... Most complete and explanatory tutorial for port forwarding. Please THUMBS UP AND SHARE! Please support this video and others by donating BTC to ... Thanks for watching my video on How to use a Bitcoin Wallet. Blockchain Wallet for Beginners and very easy to use! Blockchain Wallet is Very Secure, I recommend it if you don't use a hardware wallet!

#