06/18/14

Business HD-BIP32 sub-wallet and Multi-Sig

Business HD-BIP32 sub-wallet and Multi-Sig -the Safest Wallet Anywhere!

gAtO hear- Business are all hot and heavy about the security of business Multi-Sig Bitcoin wallets. But in fact you need 3 different wallets and the ability to control them and the private keys and if it’s a long term like a cold storage wallet who knows the status of those wallets.bip32-Multi-sig_01

Your financial security while using Bitcoins needs help and Multi-sig wallets are a major improvements to it’s safety and security, but controlling 3 different wallets with 3 different backups and 3 different places can get a little confusing. With my new business HD-BIP32 wallets you control all the sub-wallets with just 1 master-wallets and just 1 backup. You control every sub-wallet you create. This assures you that only you can extract the funds in your business multi-sig wallets.

With my new business HD-BIP32 wallet allows you control of all the sub-wallets and you can create millions of sub-wallets and use them to create and release funds from any Multi-Sig wallet you create.

You can save the salt/genesis of your business HD-BIP32 master-wallet and with 1 backup you can always recreate your wallets from scratch. So now even if something happens to you, your family or business can take the backup and re-create the master-wallet and all the sub-wallets you control and always get your money out of my multi-sig HD-BIP32 sub-wallet I created.

the kinda geek side of HD Bip32 wallets:

The OLD normal Bitcoin reference wallet uses randomly generated keys. In order to avoid the necessity for a backup after every transaction, (by default) 100 keys are cached in a pool of reserve keys. Still, these wallets are not intended to be shared and used on several systems simultaneously. They support hiding their private keys by using the wallet encrypt feature and not sharing the password, but such “neutered” wallets lose the power to generate public keys as well.

Deterministic wallets do not require such frequent backups, and elliptic curve mathematics permit schemes where one can calculate the public keys without revealing the private keys. This permits for example a webshop business to let its webserver generate fresh addresses (public key hashes) for each order or for each customer, without giving the webserver access to the corresponding private keys (which are required for spending the received funds).

However, deterministic wallets typically consist of a single “chain” of keypairs. The fact that there is only one chain means that sharing a wallet happens on an all-or-nothing basis. However, in some cases one only wants some (public) keys to be shared and recoverable. In the example of a webshop, the webserver does not need access to all public keys of the merchant’s wallet; only to those addresses which are used to receive customer’s payments, and not for example the change addresses that are generated when the merchant spends money. Hierarchical deterministic wallets allow such selective sharing by supporting multiple keypair chains, derived from a single root. -gAtO OuT…  

https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki

 

03/1/13

Currency of the Cyber Economy

gAtO tHiNk- the bad evil hackers are the least of your worries, the real bad guys are the corporate geeks that want every click, every nuance of your digital life and they tell you it’s to give you a better web experience. WoW I didn’t know that selling all my information as I go from site to site is a good thing for me. How about if I’m sick and search for my medical problems will my insurance company want that information to raise my payments. You betcha they do!!!

I’m doing some Tor work now so I’m away from the hump and grind but I been changing my search engines because like google they know what I look for and they give me the same crap and then I switch to yahoo and soon the have me profiled then Bing, whoa!!! what a mistake but I expected very little from them anyway. They were robbing us blind back before Netscape days.

Think about those high tech security geeks they get paid big bucks to guard the hen house and you hear about a new hack every other day why because if you understand the “book” the same one every security geek get’s all those certification all teach the same old done thing and that’s their job to take the masses and control them but the ones that think for themselves are the true pioneers, the ones that dance to a different drum. Look I don’t have any certifications anymore and I know more today about the Tor network than most people around. That’s what interest me and that’s what I like.

The currency of information economy is going swell and the big corporate boys are all for selling everything you do so use Tor and be safe and have a little privacy. Be different and use the tools that work for you and keep your digital breadcrumbs to yourself. I know your not doing anything wrong and you don’t have to prove it to anybody. People say if I use Tor then people will think that I’m a bad guy. Oh Me, Oh My do you really care about other’s control of you. It’s a propaganda war just to keep you afraid of Tor because with it they cannot sell your data. Don’t sell your click for free make them earn them -gATO OuT

10/30/12

What is Digital Currency:

What is fiat currency:  — Fiat money is money that derives its value from government regulation or law.  —

What is Currency: —  In economics, currency is a generally accepted medium of exchange. –

What is Digital Currency: – 

gAtO cOnFuSeD - with the above definition currency and fiat currency it’s a bit confusing were does Digital currency fit in. I think it’s how you look at it – Today we have Internet banks – that would be digital currency because it’s only in digital form – We also have PayPal one of the leaders in digital currency but both are tied to fiat currency- a government. 

Now when you add E-gold, Liberty Reserves, Pencunix or WebMoney these are a mix of traditional fiat and plain old fashion currency – But when you add BitCoin well that throws a shoe into the jet engine. You see unlike e-gold Bitcoin is not tied to real gold. Bitcoin is defined as a currency but not fiat and that’s the part that really hurts governments and bankers.

I know gAtO is lOcO but it seems that every time a digital currency like e-gold get’s close even when they try to do it right – the good guy’s (governments) come in and stomp on it till it’s a puddle of mud in the ground, next digital currency come on in– get in line, next… Ok e-gold made it too easy to get an account and the bad guy’s got hip to it and ruined it for everyone but the FBI was out to get e-gold from the start. We just can’t have joe-blow in a basement with a e-gold account and the IRS, TAX people not wanting a piece of that action.

Bitcoins are being blamed as EVIL – but Swiss Banks account, Bermuda Shell Games, Luxemboug Shelter, The Cayman Cash or IRA tax-free, tax-exempt, lower Tax rates- tax-free trust – there are all kinds of tricks for the bankers to shelter their money. To hide it they know all the tax codes, all the regulations…and they are very happy.

If we go to Bitcoin or a version of a digital currency that has no -governments, no bankers, and no printing press to go Bitcoin printing making Happy—/ every ounce of pressure will be put on every new digital currencies that do not tie to the BANKS…. they will not allow it.. Who are THEY…you know??? -next Digital Money Laundry -gAtO oUt

10/28/12

Cyber-War Digital -vs- Global Currency

gAtO rEaD - in Forbes – “Biitcoin Prevent Monetary Tyranny” -mEoW- Currency tyranny by global bankers and government can be down right ugly. They can shape debt into deliberate inflation, they can enforce persecutory capital control or even pre-arrange default – let’s not forget LIBOR manipulation and austerity against countries after they have ripped out all natural resources, install a puppet king and all that jazz —/ everything controlled by THE BANK CARTEL. On the other side of the coin..//

On Oct. 6 Susanne Posel reported -/ an attempt to hack into the U.S.A executive branch’s computer system through an unclassified network.  That’s the White House kitties with a simple “Spear Phishing” attack. They trolled for names of Top Military and government officials in Google’s Gmail account and got a few hit. Once again “Open Source Intelligence”  

- everything goes somewhere and gAtO (as well as others) goes everywhere.

A few days later the Iranians government blocked Gmail by government officials due to fears that Email can be a point of infection for attacks- I think that’s in the security 101 course

Bruce Schneier one of our cyber gods that knows what he is talking about say’s it best about chicken little screaming “the cyber Sky is falling” – STROKING CYBER FEARS – “Secretary Panetta’s recent comments are just the latest; search the Internet for “cyber 9/11,” “cyber Pearl-Harbor,” “cyber Katrina,” or — my favorite — “cyber Armageddon.” But Bruce says it best in his own words  “There’s an enormous amount of money and power that results from pushing cyberwar and cyberterrorism: power within the military, the Department of Homeland Security, and the Justice Department; and lucrative government contracts supporting those organizations. As long as cyber remains a prefix that scares, it’ll continue to be used as a bugaboo.”  -may I add-/ to make lots of MONEY in private-corporation and government contracts worldwide. Fear + Cyber Security = BIG $$$

Fear is what bankers see as Africa is the first country that is being targeted for the BitCoin virtual currency. Imagine the turmoil in Nigeria and other places in Africa it has had a history of unstable governments the idea of a digital currency is appealing… La-Times read -Africa — the next frontier for virtual currency?

BUT the Bitcoin is NOT ready People[1] Satoshi warned us – it’s BETA software – It has only 21 Million bit coins and the last Bitcoin will be mined in 2040 – Governments and corporations have already started the propaganda that Bitcoin’s are EVIL. — 

The most important thing is, we must all be active in out lives to make the new future- They fear us “the people” will wake up and take control of our lives” – the new generation was born with a cell device in their hand and they are using it earlier and earlier to communicate.

The Cyber war that we see is not as bad as the Cyber War that is being fought with fear and propaganda because the bankers will lose control with – One World Currency – One World Government – that is what the hacktivist want, the new kids, the new generation.

Cyberspace is the city of Babel and in this mystical city everyone was able to communicate to anyone and exchange idea, dreams and culture—/ but this cause the priest to lose control so they destroyed it and made it EVIL. It’s only Evil when you lose your power, It is EVIL when you give them control and power — it’s our turn now -gAtO oUt

References:

[1] Satoshi Nakamoto – Bitcoin Creator -https://en.bitcoin.it/wiki/Satoshi_Nakamoto

http://latimesblogs.latimes.com/world_now/2012/04/bitcoin-virtual-money-africa-rudiger-koch.html

http://www.forbes.com/sites/jonmatonis/2012/10/04/bitcoin-prevents-monetary-tyranny/ Bitcoin Prevent Monetary Tyranny

08/31/12

p2p Bot-net architecture in Tor -unstoppable

gAtO been doing some research in botnets and found out some cool things. The basics IRC- http – p2p and twitter botnets architecture and bots are becoming easier to find and use, tutorials and videos are all over the place and in any language. So the task of becoming a bot-master is easy.  Bot’s can be used for good also but nobody want’s to hear about that…Imagine bot’s being used with Amber alerts to or other emergencies tools were thousands of computers are needed, bot’s can be used for good things too.

Botnets are a big problem they allow anyone to have thousand, millions  of computers at their beck and call, a kid in a basement, or an enemy of the state these bot’s are a real danger. These bot’s have 4 different attack vector: 

Kenetic – Distribution – Information – cyberTools 

kinetic -zombie computer are used to Ddos attack a site or Click-fraud advertisement scams.

distributors – sending spam email- (Adware/ Spyware) – infecting other computers – co-workers, friends and families

information Keylogger, data exfiltration, key stealing from games -for sale $$ – email, social network — friends — banking – payPal – Work -Corporate spying and IP (intellectual property) plus emails of co-workers, friends and family.

cyberTools – we see bot’s become DNS servers, c&c servers, infection distribution servers, proxies, Tor (exit/entry) nodes or just a ftp site for storage.

I have seen lot’s of different bot’s but only four (4) basic types of botnet Command and Control (C&C) architecture: IRC (Internet Relay Chat) based, HTTP (or Web) based and P2P (Peer-to-peer) based – and Now Twitter controlled botnet’s.

Todays bot’s can be used in Intelligence Gathering, Monitoring and surveillance with the ability to turn on WebCam and Microphone without the victim knowing and recording it makes them even more dangerous and any digital cell device is hackable.

Here is a new one for me a private Twitter account is being used as the (C&C) command and control for bots. Once the bots are installed in the machine they go out and friend their botMaster they accept the friend and now send coded messages that are the commands for the bot’s. This is pretty cool and since it’s Twitter is kinda normal communication tool even in business machines, groups use twitter all the time to communicate.

In my research I found bots and video, tutorials and everything I need. On top of that we have Tor and other anonymized (custom Tor network) for these bot’s to communicate untraceable and cannot be found.

Here is were the metal hit’s the road because in this environment the p2p Botnet Architecture used with Tor would be an unstoppable solution and it’s becoming reality today: I included a thread from a hacker site in Tor discussing this very subject //.

these are some of the bot’s I found free source code to play -

G-Bot 1.7 Ddos-Bot – Zues 2.0.8.9 – ClientMesh 4.0 – DarkComet 5.3.1 – BlackShades 4.8 – SpyEye 1.3.45

Below are some of my notes on this I hope they may help - gAtO oUt 

botnet basics

There are basically 3 types of Bot net technologies. The first botnets started back about a decade ago with IRC bots

it’s more a continual connection at all times

IRC – HTTP – P2P – note p2p is the best meshed no central C&C

With HTTP botnets you can communicate async – things can be schedule a meeting and then log of and do the work then at a pre arrange time you call home (C&C) and check in with mamma.

Then you have p2p botnet’s they have no central C&C so are much harder to find the source and kill it.

Here we see were some of the bot’s may become proxies or some units may be used to cascade out spam interactions, one may also become a download location, one a dns server. The key thing to take away from a Peer to Peer networks is it’s very difficult to take them down because of their mesh network. There is no central point of failure, it’’s a simple file sharing protocol

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  p2p Tor Bot -message hacking board in Tor-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

http://clsvtzwzdgzkjda7.onion/viewtopic.php?f=17&t=7657

Hey guys, just thought I would leave a thread here to announce a new bot that I am working on at the moment, Kronos.

Kronos is an http bot that runs through tor, each bot will launch its own tor process and then connect to your panel (which is a hidden service) using tor.

Current Features

  • The bot will act as a hidden service on the tor network
  • Socks5 proxy. Because of the above feature you are able to connect to the bot and use it as a proxy through tor, this removes the need for the bot to use upnp to open a port for you to connect through as tor handles NAT traversal by having the server connect out to the network itself, meaning there are no incoming connections. You can read here for more if you don’t already know how this works https://www.torproject.org/docs/hidden-services.html.en
  • Torrent seeder, not a shitty seeder that adds torrent files to the users torrent client, bots will work as real torrent clients.
  • Various flooding abilities (useless in my opinion)
  • Form grabber
  • Possibly mailing capabilities

I am also playing with some p2p code

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-hacking board in Tor=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

// So now that we know a bit about botnets let’s look at how they can make a profit for the criminal, below I listed of some of the stuff that you can harvest from your botnet empire.

Revenue Generated

Spam

Adware/ Spyware Scare-ware

Crimeware – Keylogger, data exfiltration, key stealing from games -for sale $$ – email, social network — friends — banking – payPal – Work -Corporate spying and IP plus emails of friends and work buddies..

Clickfraud

Phishing

Proxies

Ddos

http://www.youtube.com/watch?v=RsDtlqT4Zd4 Zeus BotNet Tutorial 2012

 http://www.xylibox.com/2011/08/cracking-spyeye-13x.html  SpyEye Tutorial 2011

 

08/28/12

Black Market in Tor Growing

gAtO been down sIcK so I had to slow down so I’ve been reading underground looking around and the .onion network is beginning to take shape as more users explore it. Let’s just say it’s growing. In the Black Market things are looking up per say, more newbies and more scams with money mules, shipping mules, bot’s rentals and creation and trade. Here are two different crime recruitment points one the physical/ one code / and they are taking advantage of the economics of the situation.

People are losing their homes and eviction is coming “well I can do this for these guys online and I can make a little money and pay a few bills buy some food”. Grooming these new cyber shipping mules is a full time job, but they select and groom some for more and more /—then hit’s them with money mules transactions and they’re hooked. Greed / Pay the rent/ Now these guy know that as the money mule get’s more and more orders right the amount will go up and when they will bail with the criminals money is anyones guess, but by this time they have funneled so much money or goods thru these mules that they are throw away at the end of the life cycle of use. You also have the new code warriors watching and trading in botware working in Tor. Why because it works -/ and other have seen the .onion network as a new area were if they keep quite nobody can find them. If you keep quite nobody will know what your doing and that’s why Tor is working for the bad guys – Why can’t it work for the good guy’s when are we going to start using the best technology for the best job and leave all this other politics alone.

Cyber crime is working in the .onion but when will the law catch up, never I guess 2 many lost opportunities when they treat everyone like shit, just like the ugNazi CC bust- do they have a clue how many other CC sites are out there working in Tor and/or the surface web… . Silk road is all the rage while Black Market Reload sells explosives and drugs but come on the school boys in Cornell and other places are putting their finger into Tor to defeat Tor-attack the Tor Network Yeah – Yeah- “What If- What If -does not work in Tor students”, as they go for Silk Road the hundred of other places were real commercial cyber crooks get away with everything they can is working hard for the money boy’s and girls…. One service takes stolen credit cards to buy goods and directly ship products to the Ebay customer who purchase it and they pay them clean money while their new iPad was purchased with a stolen CC. It’s just these newbies in Tor think they are hip and cool in the surface but in the Tor network the good old boy’s that were there in the beginning are watching with a grim silly smile, knowing but not telling… gATO oUT 

07/24/12

BitCoin 101

BitCoin 101

Forget most things you’ve heard.  People discover BitCoin in a variety of ways, but usually pick up some sort of misconception like “BitCoin gives free money to people with computers” or “in order to use BitCoin I have to use a program that wastes electricity for nothing” along the way.  Here is a good summary to help you understand BitCoin in general, by focussing on what BitCoin is and what problem it solves.  These two things are not typically well explained on most websites, and it is difficult to appreciate just how effective a technology BitCoin is until they are understood.

What BitCoin is:  An agreement amongst a community of people to use 21 million secure mathematical tokens–”bitcoins”–as money, like traditional African and Asian societies used the money cowry.  Unlike the money cowry:

  • there will never be more bitcoins
  • they are impossible to counterfeit
  • they can be divided into as small of pieces as you want
  • and they can be transferred instantly across great distances via a digital connection such as the internet.

This is accomplished by the use of powerful cryptography many times stronger than that used by banks.  Instead of simply being “sent” coins have to be cryptographically signed over from one entity to another, essentially putting a lock and key on each token so that bitcoins can be securely backed up in multiple places, and so that copying doesn’t increase the amount you own.

Because bitcoins are given their value by the community, they don’t need to be accepted by anyone else or backed by any authority to succeed.

They are like a local currency except much, much more effective and local to the whole world.  As an example of how effective the community is at “backing” the bitcoin: on April 4th 2011 30,000 bitcoins were abruptly sold on the largest BitCoin exchange, consuming nearly all “buy” offers on the order book and dropping the price by nearly 1/3.  But within a couple of days, the price on the exchange had fully rebounded and bitcoins were again trading at good volumes, with large “buy” offers slowly replacing the ones consumed by the trades.  The ability of such a small economy (there were only 5 million out of the total 21 million bitcoins circulating then, or about 3.75 million USD worth at then-current exchange rates) to absorb such a large sell-off without crashing shows that bitcoins were already working beautifully.

What problem BitCoin solves:  Mathematically, the specific implementation of the bitcoin protocol solves the problem of “how to do all of the above without trusting anyone“.  If that sounds amazing, it should!

Normally a local currency has to trust all kinds of people for it to be able to work.

So does a national currency.  And in both cases, that trust is often abused.  But with BitCoin, there’s no one person who can abuse the system.  Nobody can print more money, nobody can re-use the coins simply by making a copy, and nobody can use anyone else’s coins without having direct access to their keys.  People who break its mathematical “rules” simply end up creating a whole different system incompatible with the first.  As long as these rules are followed by someone, the only way BitCoin can fail is for everyone to stop using it.

This marvelous quality of not having to trust anyone is achieved in two ways.  First, through the use of cutting-edge cryptography.

Cryptography ensures that only the owner of the bitcoins has the authority to spend them.  The cryptography used in BitCoin is so strong that all the world’s online banking would be compromised before BitCoin would be, and it can even be upgraded if that were to start to happen.  It’s like if each banknote in your pocket had a 100-digit combination lock on it that couldn’t be removed without destroying the bill itself.  BitCoin is that secure.

But the second way of securing the system, called the blockchain, is where the real magic happens.  The blockchain is a single, authoritative record of confirmed transactions which is stored on the peer to peer bitcoin network.

Even with top-notch digital encryption, if there was no central registry to show that certain bitcoins had already been “paid” to someone else, you could sign over the same coins to multiple people in what’s called a double-spend attack, like writing cheques for more money than you have in your account.  Normally this is prevented by a central authority, the bank, who keeps track of all the cheques you write and makes sure they don’t exceed the amount of money you have.

Even so, most people won’t accept a cheque from you unless they really trust you, and the bank has to spend a lot of money physically protecting those central records, whether they are kept in a physical or digital form.  Not to mention, sometimes a bank employee can abuse their position of trust.  And, in traditional banking, the bank itself doesn’t have to follow the rules you do–it can lend out more money than it actually has.

The blockchain fixes all these problems by creating a single master registry of the already-cryptographically-secured bitcoin transfers, verifying them and locking them down in a highly competitive market called mining.  

In return for this critical role, the BitCoin community rewards miners with a set amount of bitcoins per block, taken from the original limited quantity on a pre-agreed schedule.  As that original amount gradually runs out, this reward will be replaced by fees paid to prioritise one transaction over another–again in a highly competitive market to ensure the lowest possible cost.  The transactions are verified and locked in by the computational work of mining in a very special way so that no one else can change the official record of transactions without doing more computational work than the cumulative work of all miners across the whole network.

In conclusion:  All this mathematical technology may be a bit of a mouthful, but what it means in practice is that BitCoin works just like cash.  Bitcoin transactions are intentionally irreversible–unlike credit cards or PayPal where chargebacks can invalidate a payment that has already been made.  And there are no middlemen.  Transactions are completed directly between the sender and the receiver via the peer to peer network.

Because of BitCoin’s intricate design, the network remains secure no matter where or how you process bitcoin transactions.  Which is incredible–no one else has ever tried to create a system that worked this way!

All previous monetary systems have relied on trusting somebody, whether it was the king, town hall, the federal reserve, or banks.  BitCoin doesn’t.  

It’s guaranteed instead by the laws of mathematics, and that’s why it has everyone from technologists to economists very excited.

More –> https://en.bitcoin.it/wiki/Main_Page