Srp 22

India Plans to Enforce Internet Censorship With 3 Years Jail Time

Source: bitcoin

India

India has expanded their draconian internet copyright and media enforcement policies from DNS filtering banned IPs, to enforcing those bans with up to 3 years jail time and up to a $4500 USD fine for attempting to visit a blocked site. Said enforcement is facilitated with assistance from Indian ISPs

Read Also: Secure Boot Hack is a Good Thing: Here’s Why

India Lets John Doe Go Too Far

Many sites are blocked in India at the request of the Bollywood media industry and other legal entities. They do so via a legal avenue known as a ‘John Doe order:’ an injunction that recommends action as a prophylactic against the possibility of a crime taking place, or in instances of crimes perpetrated by anonymous actors. In effect, John Doe orders have given the Media Industry carte-blanche to order a site be blocked in India, and now people attempting to visit those sites risk serious legal repercussions. Mind you; not just pirates fall under this legal umbrella. Simply visiting a site with content deemed undesirable by the aabove John Doe orders will make you a criminal. Try visiting one of the many blocked sites in India, and it will return:

An ISP Complicit with new Indian enforcement

“This URL has been blocked under the instructions of the Competent Government Authority or in compliance with the orders of a Court of competent jurisdiction. Viewing, downloading, exhibiting or duplicating an illicit copy of the contents under this URL is punishable as an offence under the laws of India, including but not limited to under Sections 63, 63-A, 65 and 65-A of the Copyright Act, 1957 which prescribe imprisonment for 3 years and also fine of upto Rs. 3,00,000/-. Any person aggrieved by any such blocking of this URL may contact at urlblock@tatacommunications.com who will, within 48 hours, provide you the details of relevant proceedings under which you can approach the relevant High Court or Authority for redressal of your grievance”

Tata Communications is an Indian ISP, indicating that there is deeper cooperation taking place than the previous Government DNS filtering efforts. This increased level of cooperation aligns itself with increased Indian copyright enforcement efforts.  Given that this message may be and is fairly often returned when no infringing content is hosted on a site, and that it blocks engine-searchable media like images and news outlets based on Lists Compiled from Indian media industry John Doe orders, it places an unenforceable amount of people in legal jeopardy.

While doubtful this is a move towards China-Style internet censorship in India, It highlights just how far reaching their current system is. While this censorship stems from a legal loophole that circumvents due process, interests align such that it will likely continue, and just because it criminalizes the ostensibly legal internet habits of an incredibly large amount of Indian Citizens, putting enforcement of this new policy well outside the realm of practicality, does not mean examples will not be made.

Want to discuss internet freedom on the sub-continent?  Start one in the comments!


 

The post India Plans to Enforce Internet Censorship With 3 Years Jail Time appeared first on Bitcoinist.net.

India Plans to Enforce Internet Censorship With 3 Years Jail Time

Share
Srp 20

Mycelium May Roll out P2P Tumbling Soon

Source: bitcoin

P2P Tumbling

There’s been no official statements as of yet – but it looks like the Mycelium Wallet will be getting built-in peer-to-peer bitcoin mixing/tumbling later this year.  The first testnet transaction from devs went out four days ago, and discussion on internal channels confirms that they’re working on integrating P2P tumbling into their popular Android wallet.

Read also: Comedy Tor Forks Emerge In Response to Appelbaum Scandal

P2P Tumbling In Mycelium Pipeline

As for details, so far we know they’re using the CoinShuffle protocol (whitepaper available here) and that it will be integrated into their growing number of peer-to-peer features, including local sales and messaging. It also shows a firm commitment to privacy and anonymity from a company previously criticised for their approach to open-source and free software.

Tumbling, for those new to Bitcoin, is a process used to obfuscate ownership of Bitcoin by pooling your coins with a group of other holders, and run them through a series of transactions designed to make determining their origin difficult. The biggest flaw with this system up to date was the reliance on a trusted third party to mix the coin, and return it to the participants in the proper amounts. By adding P2P tumbling to their already formidable decentralised network, Mycelium hopes to remove that flaw, and since they’re using a spec-faithful implementation of CoinShuffle, it means that the update with this change may prompt other mobile wallets to follow suit.

There’s been a lot of talk about the changes coming to Mycelium with the next major release – but this feature – one not advertised in their roadmap or goals, will likely have the biggest impact on mobile Bitcoin users – the ones that benefit most from this type of secure tumbling. More to come as we investigate the issue further.

Thoughts on P2P shuffling? Leave them in the comments!


 

The post Mycelium May Roll out P2P Tumbling Soon appeared first on Bitcoinist.net.

Mycelium May Roll out P2P Tumbling Soon

Share
Čvc 04

Japanese Cryptocurrency Exchange Zaif Adds XEM Trading Market

Source: bitcoin

Bitcoinist_New Economy Movement XEM

Japanese cryptocurrency exchange Zaif continues to make media headlines in quick succession as of late. The company announced on July 3rd how they had added the XEM cryptocurrency to their trading platform. Keeping in mind how XEM has seen a spectacular value increase over the past few months, this is not entirely surprising.

Also read: Litecoin Is Back: New Roadmap Signals the Start of a Renaissance

It is not uncommon for cryptocurrency exchanges to add new coins to their platform. The addition of XEM to Zaif is quite noteworthy, though, considering how the New Economy Movement concept has a huge following in Japan. In fact, Japan is the driving power behind the recent XEM price increase, which is now nearing the US$100m market cap.

Zaif Exchange Expands List of Supported Cryptocurrencies

The reason for XEM’s success can be attributed to Takao Asayama, CEO of the Zaif exchange. He is also the official spokesperson for New Economy Movement in Japan. As a result of his efforts, Asayama has been appointed as NEM Japan Director and represent the movement in the country from now on.

Dragonfly Fintech CEO Lon Wong told the media:

“It is timely that we can engage someone in Japan to spearhead the development and promotion of the NEM blockchain technology. Japan seems quick to jump onto this technology ahead of the rest of the world, although this solution was mooted and developed in the USA and Europe. Given Takao Asayama’s commitment and involvement, we are confident that he will be able to take NEM to the next level in Japan.”

Zaif has become quite a popular exchange platform in Japan, and it is considered to be one of the premier cryptocurrency platforms. Up until this point, only two currencies were supported: Bitcoin and Monacoin. As of July 3rd, users can trade XEM against the Japanese Yen. A Bitcoin trading pair for XEM will be added in the coming weeks.

The correlation between Zaif and New Economy Movement goes much further. The Mijin blockchain solution, developed by Zaif parent company Tech Bureau Corp, uses NEM blockchain technology. All of the pieces of this puzzle are falling into place as we speak. Exciting times are ahead for cryptocurrency in Japan; that much is certain.

What are your thoughts on the NEW concept and Zaif adding this cryptocurrency to its platform? Let us know in the comments below!

Source: Zaif

Images courtesy of Shutterstock, Zaif

The post Japanese Cryptocurrency Exchange Zaif Adds XEM Trading Market appeared first on Bitcoinist.net.

Japanese Cryptocurrency Exchange Zaif Adds XEM Trading Market

Share
Čvc 02

Worrisome Locky Ransomware Variant Zepto is Making The Rounds

Source: bitcoin

Zepto Ransomware

There is a now form of Bitcoin ransomware on the block, going by the name of Zepto. At its core, this is a different variant of the Locky malware, which has been making the rounds for quite some time now. Security researchers detected a spike in the distribution of this new ransomware. As one would expect, Internet criminals are using spam emails to distribute this payload.

Also read: Are the Winklevoss Twins Bringing the Bitcoin Price Back Up?

Bitcoin ransomware has proven to be a very lucrative business, assuming one can distribute the malware on a large scale. Spam emails are a preferred method of distribution, as it allows criminals to reach a lot of potential targets with little effort. Security researchers detected a spike in Zepto distribution as of June 27.

Zepto Ransomware Arrives On The Scene

What makes Zepto so interesting is how it is sharing similarities with Locky. This latter malware has been causing a lot of headaches for individuals and enterprises around the world. While there are obvious similarities between the two strains, there is something different about Zepto. Security researchers are trying to figure out how to classify this new type of malware.

On June 27, over 137,000 spam messages were sent out, all of which contain the Zepto payload. Malicious attachments in emails are an effective manner to distribute malicious code. Even though there have been plenty of warnings regarding downloading email attachments, the potential for infection remains very high.

Specific aspects of this ransomware make it appear very similar to Locky. Both types use the same type of RSA encryption keys, they leave similar file types behind, and the ransom text is nearly identical. Despite these similarities, the new kind of ransomware is far from ineffective, though.

Cisco Talos Sr Technical Leader Craig Williams explained the threat as follows:

“If Zepto sticks with this attack vector it may never become a serious threat. However, it’s very likely Zepto moves into exploit kits as time goes on. A move by Zepto to malvertising, for example, could get bad very fast. “

Ransomware developers have stepped up their game in recent months, by continuously improving their malicious software. Security researchers are concerned Zepto has the potential to infect thousands of users in the coming weeks. So far, over 3,300 unique samples of the malware have been identified, which is a rather staggering number.

What are your thoughts on yet another new form of ransomware? Let us know in the comments below!

Source: Cisco Talos

Images courtesy of Shutterstock, Cisco Talos

The post Worrisome Locky Ransomware Variant Zepto is Making The Rounds appeared first on Bitcoinist.net.

Worrisome Locky Ransomware Variant Zepto is Making The Rounds

Share
Čvc 01

Hackers Target Medical IoT Devices To Obtain Prescription Drugs

Source: bitcoin

Bitcoinist_Medical IoT Devices

Hospital IT security is not up to par, as a recent reported indicated. It looks like the threat is far more real than anticipated, as a new wave of IoT device attacks is taking place as we speak. Medical services, ranging from CT scanners to dialysis pumps, are targeted by hackers. Albeit these assailants will not shut down the machines, they are trying to retrieve confidential patient information.

Also read: FBI Overstepped Boundaries Again in Silk Road Investigation

Very few people seem to realize medical devices store a lot of sensitive patient data. MRI Machines and CT scanners keep a record of all patients going through these devices. The vast majority of these machines is connected to the Internet, making them a lucrative target for hackers all over the world.

Medical IoT Devices Are A High-value Target

As one would come to expect from lackluster hospital IT security, these machines are inadequately protected. To be more precise, assailants use older versions of malware to attack medical IoT equipment. Conficker, a very old type of worm, has been identified as one of the tools of attack. Far too many medical devices connected to the Internet run on older Windows versions.

Security firm TrapX Labs explained the situation as follows:

“The malware utilized for this attack was specifically selected to exploit older versions of Windows… It enabled the attacker to install a backdoor within the enterprise, from which they could launch their campaign and quietly exfiltrate data and perhaps cause significant damage using a ransomware attack.”

Conficker has been a cause of concern for security experts in the past. Similar to how ransomware is evolving, this worm used to undergo several changes during its reign. The developers even used it to hijack infected devices and use them for DDoS and spam attacks. Medical machinery is a lot more powerful compared to CCTV cameras, and can be wielded to cause a lot more harm.

The Number of Attacks Increases

The medical industry has been under attack from hackers for quite some time now. Several hospitals had to deal with ransomware attacks these past few months. Patient records have always been a high-value target for hackers. One individual is even selling three different databases on the deep web. Every database has several tens of thousands of patient records in it.

Using these medical profiles goes well beyond using them for extortion schemes. A hacker would be able to get prescriptions filled. After all, these prescriptions are covered by insurance, and the pills have a high resale value on the deep web. All of these goods are sold in exchange for Bitcoin. There is no better time than now for hospitals to step up their IT security. Unfortunately, most of them do not have the staff or money to do so.

What are your thoughts on hackers going after medical IoT devices/ Let us know in the comments below!

Source: Threatpost

Images courtesy of Shutterstock, TrapX

The post Hackers Target Medical IoT Devices To Obtain Prescription Drugs appeared first on Bitcoinist.net.

Hackers Target Medical IoT Devices To Obtain Prescription Drugs

Share
Čvn 20

DAO Soft Fork Revised to Allow Generic “Blacklisting”

Source: bitcoin

soft fork

The soft fork proposed to fix the sticky situation The DAO has dragged the Ethereum community into is here, and is a perhaps disproportionately drastic to the problem. The proposed solution to the DAO attack is to freeze all funds in the contract by blacklisting the hashes that correspond to the stored Ether. Want to withdraw funds from the DAO or “split” from the failed experiment? Be prepared to do so on an alternate Blockchain.

Read Also: Exiting The DAO Legitimately Would Take 67 Steps, 48 Days

Soft Fork Praised Within, Decried by Ethereum ‘Outsiders’

 

The interesting facet of this development is the recent update to the blacklisting methodology being used by the Ethereum devs. It has become a “generic function” as of today. This means that Miners can discriminate against entire regions or groups of Ethereum users, effectively banning them from doing business on the network by freezing their funds:

“This will also allow anyone to make a proposal to the majority of the miners to ask them for help for any future possible soft forks by allowing them to ignore blocks that take certain actions undesirable by the community.”

While this soft fork comes as a boon to the Ethereum Community, as this intervention is certainly better than letting The DAO (and possibly Ethereum, by extension) crash and burn, It continues to be contentious in the wider Crypto community. The fear is that this solution has too much potential for abuse. For example, The blacklisting protocol could be used as an anti-competitive measure against disruptive DAOs, Dapps and Ethereum users by entrenched Ethereum miners and Users with large holdings to leverage.

Another possibility, discussed by Andreas Antonopoulos on Twitter, is that law enforcement or regulatory bodies could split the Ethereum Blockchain by region or along other lines with mandatory “blacklisting” legislation.

The strong measures taken by the Ethereum Devs are a very divisive issue, and while intervention was arguably needed to effect a positive outcome after The DAO’s collapse, the long-term concerns that the soft fork raises cannot be dismissed out of hand. Whether or not this new feature of Ethereum’s infrastructure is abused, or used effectively remains to be seen, and is largely dependent on what the masses involved with Ethereum deem “undesirable actions.” The new realities the resolution presents for DAO and Ethereum Dapp developers, individuals with significant ETH holdings will be complex and far reaching regardless of the outcome.

 

Thoughts on the soft fork? Let us know in the comments!


Images courtesy: The DAO, Ethereum Foundation, Jan Miranda

The post DAO Soft Fork Revised to Allow Generic “Blacklisting” appeared first on Bitcoinist.net.

DAO Soft Fork Revised to Allow Generic “Blacklisting”

Share
Čvn 20

Andrew Vegetabile of Litecoin Association Opposes DAO Fork

Source: bitcoin

Vegetabile

Andrew Vegetabile, Director of the Litecoin Association, came out against a fork of Ethereum/The DAO, Decrying interference with The DAO by outside crypto developers in an open letter to  “Vitalik Buterin, The DAO, future smart contract developers, and the throngs of individuals within the crypto ecosystem” today.

Read Also:  How The Verge’s Russell Brandom Misrepresented the DAO Attack, Bitcoin

Andrew Vegetabile Calls Buterin’s Intervention “Unprecedented”

 

He Cites the widespread negative impact outside of The DAO as significant disincentive:

“…now Ethereum is having to face this very situation. From legal to sociological effects, the direction the leadership of a coin takes can have long outstanding impacts not only to the specific coin, but also to the entire crypto ecosystem by setting a dangerous precedent.”

He calls Buterin’s involvement in affecting an outcome to The DAO attack  “unprecedented” and draws parallels to the bank bailouts of 2008 financial crisis due to the central nature of the intervention. This may seem an extreme comparison, but he isn’t far off here, unfortunately:

“Never in the history of crypto for as far as I can remember has a developer been intimately involved with a third party application in attempting to resolve said applications issues. The best analogy that I can think of at this point is if there was a bug in counterparty code and the Bitcoin core devs got involved.”

Buterin, unlike Satoshi, is a known entity in the crypto community, and the degree of influence he has over the Ethereum community  leads to frequent comparisons of his role to that of a “benevolent dictator.” His mention of a soft fork to “fix” The DAO attack has been overwhelmingly accepted by people with a stake in ETH and The DAO, while other, less invasive solutions have fallen by the wayside.

It is clear that Vegetabile wants the takeaway to be that central intervention is antithetical to the core concepts that make Ethereum and other Cryptocurrencies successful. Furthermore, he posits that the outcome of the DAO attack will not be isolated to Ethereum and smart-contracts.

“My word of advice to all of you is to do absolutely nothing at all.”

 

Vegetabile is also very careful to keep his statements reasoned and civil. It comes off as a level-headed, honest word of warning rather than a vitriolic attack on a competing cryptocurrency. The DAO’s failure will affect the entire cryptocurrency market, after all, and the handling of its consequences by Ethereum and DAO participants will shape how smart contracts and Crypto will be treated by investors, developers, and in court moving forward.

 

How do you think The DAO’s failures should be handled? Leave your thoughts in the Comments below!


Images Credit to: Wikimedia, Litecoin Foundation

 

The post Andrew Vegetabile of Litecoin Association Opposes DAO Fork appeared first on Bitcoinist.net.

Andrew Vegetabile of Litecoin Association Opposes DAO Fork

Share
Čvn 15

Clinton Recommends Expanding State Surveillance

Source: bitcoin

Clinton Recommends Expanding State Surveillance

Hillary Clinton has come out in support of extending the surveillance state in response to the Orlando Mass Shooting in a recent interview with NPR. Her Proposals include a dedicated task force applied to preventing “self-radicalization,”  more “integrated intelligence use” among the different levels of law enforcement, working with silicon valley to “prevent online radicalization” and broadening the scope of federal watch lists, gun control related databases, and surveillance.

Read Also: KAT puts up official Tor Hidden Service

 

Clinton Expresses Support of State Surveillance, Both Candidates Dislike Encryption

 

In the interview with NPR, Clinton makes several statements in support of current and future programs that surreptitiously collect information on US citizens:

“This Killer Was interviewed by the FBI three times … If someone comes to the attention of the FBI not once, but three times, that suggests that law enforcement needs to know, that people need to be more aware. Do we need to push the Congress harder, to pass a law forbidding anybody on the no-fly list from buying a weapon in our country?”

She reasons further that had there been more rigorous surveillance or an “expanded database” in place, it could have prevented the tragic event, and that the issue should be something that Americans should be voting on in the coming presidential election:

“I think it’s only fair, that Americans take into account who can keep them safe, who has the best ideas for defeating ISIS, and protecting us here at home. I think I have laid out what I believe would work…”

 

This is not the first occasion the Democratic presidential candidate has hinted at expanding state surveillance as part of her platform. She mentioned a desire to initiate a “Manhattan-like project” against encryption and other technological privacy measures during the third democratic debate in December of last year:

“I would hope that, given the extraordinary capacities that the tech community has and the legitimate needs and questions from law enforcement, that there could be a Manhattan-like project, something that would bring the government and the tech communities together to see they’re not adversaries, they’ve got to be partners. It doesn’t do anybody any good if terrorists can move toward encrypted communication that no law enforcement agency can break into before or after. There must be some way. I don’t know enough about the technology, to be able to say what it is, but I have a lot of confidence in our tech experts.”

Donald Trump has expressed very different ideas about the causes of/solution to the Orlando Shooting and ones similar to it, but came out in similar fashion against encryption previously, during events following the San Bernadino Shooting, regarding the Apple vs. FBI case:

“These are two people radicalized who were given a wedding party by the people that they killed. There’s something going on. We have to be very careful. We have to be very vigilant. But to think that Apple won’t allow us to get into her cellphone,” he continued. “Who do they think they are? No, we have to open it up.”

State supported surveillance and undermining of encryption is a complicated and contentious issue, of particular concern to those with cryptocurrency holdings, as many rely on strong encryption and network privacy to conduct business and safeguard their assets. It will be interesting to see how each candidate develops their position on these issues in the coming months.

 

Thoughts? Comments? Be sure to leave them below!


Interview Source; Images Courtesy Wikimedia Foundation

The post Clinton Recommends Expanding State Surveillance appeared first on Bitcoinist.net.

Clinton Recommends Expanding State Surveillance

Share
Čvn 14

One Bitcoin is Worth 51 Million Hacked iMesh Accounts

Source: bitcoin

Bitcoinist_Data Breach Deep Web Bitcoin

People who have been using the Internet for quite some time now will recall the name iMesh, a once popular peer-to-peer file sharing platform. Although this platform has been defunct for some time, a hacker managed to obtain a database containing 51 million accounts. Obtaining this information can be done through The Real Deal deep web marketplace, for the price of one Bitcoin.

Also read: Cerber Bitcoin Ransomware Now Includes Malware Factory Automation

Data breaches are becoming a norm rather than the exception these days, and it appears as if the same hackers are responsible for most incidents. Peace, the alleged hacker of LinkedIn, is the person behind this iMesh account breach as well. In total, he managed to obtain 51 million accounts and a lot of sensitive information as well.

iMesh Database For One Bitcoin

Very few iMesh users were aware of how the platform logged their IP addresses and country location every time they connected to the service. Other stolen data includes email addresses, usernames, and passwords. At the time of writing, the company declined to confirm or deny these data breach allegations.

It is rather strange to see this event transpire right now, so close after other significant data breaches. That being said, the platform was losing a lot of popularity ever since it went into the legal side of the spectrum. A lot of people used this tool in the early days of the Internet for piracy purposes, including the distribution of adult material and cracked PC games.

Although iMesh tried to protect its users’ data by applying the MD5 hash function, the salted passwords were rather easy to break. It is not clear whether Peace cracked the passwords himself, or if a third party was involved in this process. We do know the database is up for sale on the deep web, though.

As one would come to expect from illegal goods and services being sold on the deep web, Bitcoin is the preferred method of payment. Interested parties can obtain the iMesh database for the price of one Bitcoin. It is expected there will be many interested parties as the combination of email address, passwords, and geolocation can be used for geo-targeted spam emails.

Do you remember the iMesh platform, and if so, were you a paying member? Let us know in the comments below!

Source: Threatpost

Images courtesy of Imesh, Shutterstock

The post One Bitcoin is Worth 51 Million Hacked iMesh Accounts appeared first on Bitcoinist.net.

One Bitcoin is Worth 51 Million Hacked iMesh Accounts

Share
Čvn 14

Cerber Bitcoin Ransomware Now Includes Malware Factory Automation

Source: bitcoin

Bitcoinist_Bitcoin Ransomware

As the summer draws ever closer, the chances of getting a computer infected with malicious software seem to increase exponentially. The latest version of Cerber ransomware is introducing new challenges for security experts. Malware factory has been introduced, which creates different versions of Cerber every 15 seconds.

Also read: Industry Report: Bitcoin Continues Breaking Boundaries

Cerber Becomes Completely Random

To this very date, Cerber is the most feared and destructive type of Bitcoin ransomware in circulation. Developers of this malware threat are becoming more crafty than ever before, and they keep updating the source code as well. In the latest version of this malware, disconcerting new features have been added.

Popular types of Bitcoin ransomware attract attention from security experts, as they want to beat the malicious code. Ever since the first version of Cerber came around, experts have been trying to remain one step ahead of this malware. But the battle is long and tough, as the ransomware developers continue to step up their game as well.

The latest iteration of Cerber included a feature called “malware factory”, which creates different versions of this ransomware every 15 seconds. Doing so effectively bypasses installed security programs by potential victims.  It is the first time such a critical feature is introduced to ransomware, and it makes the job of security experts even more challenging.

The file hash associated with Cerber binaries is being changed by the command & control service every 15 minutes.  Moreover, this process is fully automated, and it significantly increases the chances of infecting computers and networks. Evading detection is the biggest concern for security experts, and they will have to come up with a new way to remove the threat presented by Cerber.

This news is just the latest form of innovation hitting the world of Bitcoin ransomware. As if encrypting files alone is not enough to deal with, certain types of malware will execute DDoS attacks using the computers held hostage. Consumers are advised to keep backups of their filesystem at all times, and ensure their security software and operating system are up-to-date.

What are your thoughts on this new Cerber development? Let us know in the comments below!

Source: Deep Dot Web

Images courtesy of Shutterstock, IB Times

The post Cerber Bitcoin Ransomware Now Includes Malware Factory Automation appeared first on Bitcoinist.net.

Cerber Bitcoin Ransomware Now Includes Malware Factory Automation

Share