Rocksolid Light

Welcome to novaBBS

register   nodelist   faq  

To request a group be added, ask in Rocksolid Nodes and specify 'novabbs'


rocksolid / Security / oh shit, what is happening to tor ?

SubjectAuthor
* oh shit, what is happening to tor ?anon
+* Re: oh shit, what is happening to tor ?Guest
|`* Re: oh shit, what is happening to tor ?Guest
| `* Re: oh shit, what is happening to tor ?anon
|  `- Re: oh shit, what is happening to tor ?Guest
`- Re: oh shit, what is happening to tor ?AnonUser

Subject: oh shit, what is happening to tor ?
From: ano...@anon.com (anon)
Newsgroups: rocksolid.shared.security
Organization: def5
Date: Sat, 18 Apr 2020 12:56 UTC

see here:
https://blog.torproject.org/covid19-impact-tor

if tor stops working one day (or just stops development), we are shafted good and proper.

Posted on def4


Subject: Re: oh shit, what is happening to tor ?
From: gue...@retrobbs.rocksolidbbs.com (Guest)
Newsgroups: rocksolid.shared.security
Organization: Dancing elephants
Date: Mon, 20 Apr 2020 15:58 UTC
Tor already is not working for me... biased watermarked circuits.  For a while I just blamed the One Entry Guard Policy which blows but  Onion Circuits is not working, Whonix gets biassed even though they have the old 3 guards.  I can run 6 other encrypted networks but it takes time to get them to decent  anonymity.  Posted on def3


Subject: Re: oh shit, what is happening to tor ?
From: gue...@retrobbs.rocksolidbbs.com (Guest)
Newsgroups: rocksolid.shared.security
Organization: Dancing elephants
Date: Mon, 20 Apr 2020 16:01 UTC


Here there are some paid guys getting creamed:


Deal with the devil: Ethereum DeFi protocol negotiates with hacker of $25 million | CryptoSlate
AuthorNick Chong Twitter LinkedIn Analyst @ CryptoSlate
6-7 minutes

It's been a crazy past 24 hours for users of decentralized finance, also known as "DeFi."

Over this time, devious Ethereum users managed to steal over $25 million worth of cryptocurrency from two separate protocols. The second hack, which accounts for the $25 million, is what this article will be focusing on.

As it stands, no one knows who the hacker is or what their intent is -- the address that perpetrated the "crime" was created just hours before the hack took place, and no one has been able to tie the address to a person's identity through exchange data just yet.

But, this hasn't stopped people from reaching out, attempting to make negotiations with the hacker, or, better put, they're trying to make a deal with the devil.
Operator of hacked Ethereum protocol contacts hacker

On the evening of Apr. 18, users on Twitter began to notice that Lendf.me, the decentralized lending protocol operated by Chinese DeFi upstart dForce, was losing funds at a rapid clip, much higher than what normally would be deemed safe.fan

Data indicated that within the span of a few hours, the protocol had lost 57 percent of its locked value. Simultaneously, Lendf.me's website threw up a banner in both Chinese Mandarin and English saying that users should not deposit funds into the protocol.

But, it was too late. By the time the error had been caught, the protocol was empty; the $25 million worth of Ethereum, Tether's USDT, and other leading tokens were gone, withdrawn primarily to this address.

As you can include messages in Ethereum transactions, many began to reach out to the address of the hacker.

Some asked for their money back. Others joked around with the hacker. But dForce's administrator address began negotiations, sharing their email with the hacker, which the hacker sent a message to.

The details of the ongoing negotiation aren't public, but some have proposed a legal agreement should be set up where the hacker gets to walk away with legal immunity, but only with a portion of the funds.

CryptoSlate will update readers as the story develops.
What happened exactly?

Since the attack, the website of Lendf.me has gone offline and the Twitter account of the startup has fallen silent, but the company just minutes ago as of the time of this article's writing has issued a statement.

Dated Apr. 19 and penned by the CEO, Mindao Yang, the note published to Medium explained that the vector of attack the hacker utilized is related to imBTC, a tokenized version of Bitcoin on the Ethereum blockchain. The issue: an exploit in the ERC-777 standard that imBTC was based on, which allowed the hacker to basically credit his account with more capital than he actually held.

The note also confirmed that negotiations have begun, or at least messages have been exchanged, between dForce and the attacker. Mindao also claimed his team is in contact with exchanges and law enforcement agencies.

This attack came hours after another address (could have been the same individual) used a similar vector to drain a Uniswap pool (market) out of $300,000 in imBTC and Ethereum, estimates suggest.

The details of these attacks are complicated, but more information can be found by this unofficial post-mortem by crypto-centric cybersecurity firm SlowMist.
Not ready to go mainstream

Over the past few months, DeFi has been branded as a killer use case of Ethereum and other smart contract blockchains.
Related: Coinbase Product Manager: DeFi to change market interactions; how will Ethereum benefit?

The idea goes that with billions underbanked or not banked at all and with interest rates near 0 percent, a blockchain-based ecosystem of finance, where theoretically anyone can gain access to services a "real" bank would offer, should gain mass adoption.

But, with this hack taking place that wiped hundreds or even thousands of users out of $25 million, many are suggesting DeFi isn't ready to go mainstream.

Not to mention, this hack is the latest in a series of exploits and shortcomings in the budding DeFi ecosystem.

As pointed out by Camila Russo, a crypto journalist focusing on Ethereum, these attacks have been occurring monthly for the past three months.
Posted on def3


Subject: Re: oh shit, what is happening to tor ?
From: ano...@anon.com (anon)
Newsgroups: rocksolid.shared.security
Organization: def5
Date: Mon, 20 Apr 2020 17:43 UTC

I can run 6 other encrypted networks

which are those ?

Posted on def4


Subject: Re: oh shit, what is happening to tor ?
From: gue...@retrobbs.rocksolidbbs.com (Guest)
Newsgroups: rocksolid.shared.security
Organization: Dancing elephants
Date: Mon, 4 May 2020 22:43 UTC
YGG is one of them.  It will not do you any good...  do you at least run GNU...network.
Posted on def3


Subject: Re: oh shit, what is happening to tor ?
From: anonu...@retrobbs.rocksolidbbs.com.remove-5pv-this (AnonUser)
Newsgroups: rocksolid.shared.security
Organization: RetroBBS
Date: Tue, 5 May 2020 02:59 UTC
  To: anon
A shame for sure. We still have I2P for our darkent needs if things go to the shitter. It is a lot more sustainable in the long run as everyone has to participate in the health of the network to guarantee anonymity.
--
Posted on: RetroBBS
retrobbs.i2p



1
rocksolid light 0.6.5f
clearnet i2p tor