The Brits have announced their 5 year, 4 month prison sentence for 24 year old Thomas White while also announcing that what they tried him for was alleged service as Dread Pirate Roberts 2 of Silk Road 2 (archived). No announcement with the arrest of what the arrest was actually for. No announcement for the trial or conviction. Another day, another secret trial in the Commonwealth.
As part of his Finite Field Arithmetic Library, Stanislav Datskovskiy1 (WOT: asciilifeform) has published code to perform Barrett's Modular Reduction in constant time. Speed of the code is favorable compared to Werner Koch's MPI library utilized in GPG. It appears that leaky optimizations of the sort that seem like they should make Koch's non-constant time implementation faster end up chewing quite a few clock cycles to accomplish an effect quite contrary to actual optimization.
Involved as a principal in the Republican ventures No Such lAbs and Pizarro ISP. ↩
Player Mircea Mircescu scored the biggest-ever "pop" in the history of Eulora, MiniGame's Bitcoin-denominated MMORPG, just past midnight server time on December 16th, 2017. Reigning the "Top of Pops" list in-game, the windfall weighs in at 3505.309 million ECu, or a hair over three and a half Bitcoin. The previous chart-topper occurred two years ago, also in December, at 1081.602 million ECu.
Mircescu's real-world avatar Mircea Popescu hinted at the pop's provenance in the game's IRC channel, #Eulora, where he stated the winning click occurred during a crafting run of "bod", or Black of Desspayr, a highly sought-after potion critical in the manufacture of blueprints for other items. Previous auction data for the item shows a markup of over 250% on the base price, which corresponds to the amount reported in-game for the pop –suggesting the market value of Mircescu's winnings likely exceed 8.5 billion ECu.
The pop comes on the heels of major events in Eulora's development, including the unfolding of an Ada-implemented communication protocol and an improved crafting and exploring bot refined by players to ease the hands-on aspect of in-game activities.
Physics professor and Danhua Capital founding partner Shoucheng Zhang appears to have been garbage collected by his side gig employer Stanford University (archived). The 55 year old Zhang was found dead December 1st and his death was attributed to suicide without investigation. Statements circulating claiming origin with Zhang's family are supposing Stanford University was central to Zhang's life and won't you pretty please contribute to Stanford in Zhang's memory while declining to investigate Zhang's suiciding?
The US Treasury Department's "Office of Foreign Asset Control" has targeted two Bitcoin addresses as a part of of their efforts to sanction Iran (archived). This incident highlights the abject incompatibility of the criminal organization calling itself the United States Government and the honest Bitcoin network. The criminal organzation, which is absurdly claiming it can have an office for the purpose of controlling foreign assets in foreign lands, is trying to say our Bitcoin network far above their criminal reach must change its rules on their say so just the same as any other bum asks your favor with nothing to offer but more asks.
Update: Transactions were sent to the "sanctioned" addresses despite impotent proclamations.
The Power Rangers introduced a coin inflation bug to their Bitcoin network client dubbed "Bitcoin Core" in 2016 by removing a check against double spending (archived). The bug was introduced by Matt Corallo (WoT: bluematt), advocated by Pieter Wuille (WoT: sipa), approved by Gregory Maxwell (WoT: gmaxwell) and MIT's Cory Fields, then merged by Wladimir van der Laan.
The reference Bitcoin network client maintained by the Bitcoin Foundation is unaffected by the bug introduced into the forked "Core" client.
A number of dubious publications this week floated a "research paper" of unclear origin, methadology, and conclusion. The popularly distilled headline they produced from the report is that Bitcoin has either achieved or is set to imminently achieve 0.5% of the world's energy consumption. Naturally pantsuit outlets editorialized this uncertain finding as "a bad thing" though few things are more encouraging.
Today disclosure of two plaintext leaking behaviors in email clients handling OpenPGP and S/MIME encrypted messages has been released (archived). The vulnerability affecting S/MIME is baked into the S/MIME standard and may only be mitigated by abandoning S/MIME, no other mitigation is possible. Meanwhile the plaintext leaking behavior affecting OpenPGP encrypted emails requires certain common but very stupid behavior on the part of an email client and the user allowing the email client to be involved in decrypting the message.
The attack in OpenPGP encrypted email involves the message being molested on the wire in such a way the plaintext metadata surrounding the cyphertext is modified to engage your typical email client's HTML rendering engine. If the email client is allowed to be involved in decrypting the cyphertext as is common with various client "plugins", the email client can "phone home" the plaintext after decryption to the message's molester according to the spurious instructions delivered to the HTML rendering engine. The mitigation for this vulnerability is hygiene and not allowing your email client to be involved in cryptographic operations beyond sending and recieving cyphertext blobs encrypted and decrypted elsewhere.
Today No Such lAbs principals Mircea Popescu and Stanislav Datskovskiy disclosed the existence of 192 weak Github developer SSH keys which were broken by the Phuctor, the RSA supercollider and numerical observatory operated by No Such lAbs. The keys all appear to be used by actual Github contributors with definite yet varying amounts activity.
Five years after Mircea Popescu reported state actor probing of the Bitcoin ecosystem, and 58 months after Edward Snowden flew to Hong Kong and handed over a bunch of USG.NSA secrets the curators of those secrets at Pierre Omidyar's fake Qntra The Intercept are finally leaking the ones concernbing NSA actions against Bitcoin (archived).
Omidyar would appreciate it if you could please ignore how the nearly five years delay on these leaks coincides with other recent Hail Mary attempts to delay the inevitable.