Set of cryptographic hash functions designed by the NSA
POPULARITY
2 episodes with sha256
2 episodes with sha256
2 episodes with sha256
2 episodes with sha256
2 episodes with sha256
Mark “Murch” Erhardt and Mike Schmidt are joined by Jonas Nick, Jameson Lopp, Steven Roose, Gregory Sanders, and Salvatore Ingala to discuss Newsletter #348.News● Educational and experimental-based secp256k1 implementation (1:09) Changing consensus● Should vulnerable bitcoins be destroyed? (9:17) ● Securely proving UTXO ownership by revealing a SHA256 preimage (34:52) ● Draft BIP for destroying quantum-insecure bitcoins (44:01) ● Criticism of CTV motivation (51:16) ● CTV+CSFS benefits (1:06:02) ● Benefit of CTV to Ark users (1:24:37) ● OP_CHECKCONTRACTVERIFY semantics (1:31:49) ● Draft BIP published for consensus cleanup (1:58:29) Releases and release candidates● BDK wallet 1.2.0 (2:06:03) ● LDK v0.1.2 (2:06:48) ● Bitcoin Core 29.0rc3 (2:07:13) ● LND 0.19.0-beta.rc1 (2:08:36) Notable code and documentation changes● Bitcoin Core #31363 (2:09:03) ● Bitcoin Core #31278 (2:09:44) ● Eclair #3050 (2:12:41) ● Eclair #2963 (2:13:54) ● Eclair #3045 (2:14:44) ● LDK #3670 (2:15:47) ● LND #9620 (2:16:24)
Marko Tarman has been mining Bitcoin since 2012 – and today, he works as Lead Mining Manager at NiceHash. In this episode, we talk about the current trends in Proof of Work mining and the commodification of hash rate.
WHO would have thought we'd make it all the way to now be thinking about careers and life after leaving the nest already? Crazy for me, exciting for Diego. Forward thinking will get anyone ahead, and I'm proud he isn't waiting around. We discuss some details about working in the trades, college, and funding a racing hobby as an adult. Then we skim over Secure Hashgraph Algorithm 256 created in the 1990s, a paper in 1995, and a patent on it in 2001. SHA-256 is the backbone of the BTC network. It was a first.A new dawn is coming, and I've watched it like watching paint dry underwater.Take care and Be Healthy Yala
Hoje é dia de Consultório Bitcoin! O ursão bitcoinheiro responde todas as suas dúvidas no mesmo dia pelo ask.arata.se/bitdov e depois compartilha com a galera no início do mês seguinte pra espalhar o conhecimento pela comunidade. Todas as perguntas enviadas (mínimo 4269 sats, mas pode enviar mais pro ursinho
Blockchain DXB & Society X - LinkedIn Live Unfiltered Chat Show NotesEvent Date & Time: October 31st, 2024, 10:00 am GST Hosts: RA George, Founder of Blockchain DXB Markose Chentittha, Society X Special Guest: Gregg Davis, Managing Director, Bitcoin Inc, MENA Region Bitcoin's Surge: Bitcoin's dominance is at 58.84%, setting the stage for a major upward trajectory. Memecoin Market: Less activity in memecoins as Bitcoin garners more attention. Gold Prices: Surging alongside Bitcoin, hinting at a shift in macro investment trends. US Election Impact & Upcoming FOMC Meeting (Nov 7): The post-election market could impact Fed policies and crypto sentiment. Bitcoin Rights Bill in Pennsylvania: House Bill 2481 proposes protections for self-custody, payment use, and tax guidance for Bitcoin. Awaiting decision by Governor Josh Shapiro, facing potential veto. Stablecoin Clarity: Paxos recently sent letters to US political figures (Donald Trump & Kamala Harris) pushing for stablecoin regulations. Tether Updates: Tether continues to work with law enforcement to prevent misuse of USDt, recently blocking USDT transactions in Venezuela. Chainlink CCIP: Collaborations with SWIFT and integration with Bitcoin highlight Chainlink's position in 2024. Spiderchain: A new Bitcoin layer-2 solution designed to enhance interoperability with Ethereum, allowing Ethereum-based applications to deploy on Bitcoin. Chainlink Runtime Environment: Announced at the SmartCon event in Hong Kong, featuring modularity, privacy for institutions, and chain-agnostic design. Chainlink's integration with HBAR boosts data quality and decentralization, supporting secure data for high-quality decentralized applications. Director, Bitcoin Inc., MENA Region Introduction to Gregg Davis: Insights on how he got into Bitcoin and his journey. Bitcoin MENA Event in Abu Dhabi: Upcoming on Nov 9-10, with a headline speaker, Eric Trump, and various prominent figures. Gregg shared why Abu Dhabi was chosen and how the event supports Bitcoin education in the region. Bitcoin for Family Offices: Thoughts on the Dubai Family Office Investment Summit, where UHNWIs show increasing interest in Bitcoin as a wealth asset. Bitcoin vs. ESG Concerns: Discussed Bitcoin mining's environmental impact and the importance of energy transparency. Recommendations for Bitcoin Resources: Stephan Livera Podcast, Saifedean Ammous, Peter McCormack, and Swan Bitcoin for in-depth knowledge on Bitcoin. Blockchain for AI: Explored limited blockchain use cases, noting that decentralized applications (DApps) remain niche, with stablecoins and memecoins not leveraging blockchain technology fully. AI for Blockchain: While AI could aid in raising capital via tokens, concerns persist about centralization, especially with governance tokens. Oort Foundation: Updates on DePIN show challenges with blockchain scalability, with 1 million transactions per second potentially insufficient for extensive DePIN projects. Exploring how blockchain mechanisms work, including SHA256, Keccak 256, Merkle Tree, and blockchain applications in supply chain transparency.
Arriva una nuova implemetazione tecnologica del Lightning Network estremamente interessante: gli stable channel. Scopriamo insieme che cosa sono e quali utilissime applicazioni possono avere.Inoltre: Julija Naval'naja è la nuova presidente della Human Rights Foundation, un nuovo report ci racconta quanti BTC hanno gli stati del mondo e come li stanno usando, e vi dobbiamo una errata corrige sulla modalita del rimborso relativa ai clienti MTGOX.
Mikä on SHA256? SHA256 salaus-tiivistealgoritmi ottaa viestin ja puristaa se näppärän kokoiseksi palikaksi, jotta dataa on helpompi ja nopeampi käsitellä. Lisäksi sen purkaminen on lähes mahdotonta. Katso matemaattinen mallinnos SHA256 salausalgoritmin vaikeudesta https://www.youtube.com/watch?v=S9JGmA5_unY P.S. Jos tuli ultimaattisia asiavirheitä, kerrothan niistä bitcoinladypodcast@gmail.com P.P.S. En ole tietotekniikan, enkä kryptografian ammattilainen, mutta pakopelihuoneissa olen aika haka. **** Hankin sinulle alennuskoodin, jotta saat 10 % tilatessasi bitcoin-kirjoja Konsensus Networkista. Klikkaa linkkiä tai käydä alennuskoodia: BTCLADY https://bitcoinbook.shop/collections/finnish **** Mistä ostaisin satosheja? Tarjoan sinulle 50% alennuksen vaihtokuluista kuukauden ajan, kun rekisteröidyt alla olevan linkin kautta. Coinmotion on suomalainen kryptovaluuttapörssi, jossa voit automatisoida kuukausisäästämisen bitcoiniin. https://app.coinmotion.com/fi/register/signup?referral_code=n6r0t1eqnx0qei3ib212 **** Kysymyksiä bitcoinista, joihin haluat vastauksen podcastin muodossa. Lähetä kysymyksesi somessa. Seuraa Bitcoin Lady Podcastia somessa! https://www.instagram.com/bitcoinladypodcast Youtube: https://www.youtube.com/@BitcoinLadyPodcast https://twitter.com/bitcoinlady_ bitcoinladypodcast@gmail.com **** Bitcoin Lady podcastin tarjoama sisältö on tarkoitettu vain viihteeksi ja informaatioksi. Sisältö ei tule ottaa sijoitussuosituksena, eikä podcast anna sijoitussuosituksia. Älä luota, vaan varmenna.
Herzlich Willkommen zu unserer 10-teiligen Einstiegsreihe “Bitcoin Basics”, in der wir euch alles rund um das Thema Bitcoin Schritt für Schritt einfach und verständlich näherbringen. In unserer vierten Folge sprechen wir über die Technologie hinter Bitcoin. Hierfür schauen wir uns zunächst an, wie eine Transaktion im realen Leben unter Freunden abläuft und welche Probleme auftreten könnten, wenn wir ein Kassenbuch für alle Transaktionen verwenden würden. Anschließend besprechen wir, wie Bitcoin diese Probleme durch verteilte Kassenbücher löst, welche Rolle das Bitcoin-Mining dabei spielt, welche Rolle eine Blockchain übernimmt und wie neue Bitcoin in den Umlauf kommen. Anschließend betrachten wir, wie man selbst am Bitcoin-Netzwerk teilnehmen kann und welche Funktionen die sogenannten Bitcoin-Wallets übernehmen.
Herzlich Willkommen zu unserer 10-teiligen Einstiegsreihe “Bitcoin Basics”, in der wir euch alles rund um das Thema Bitcoin Schritt für Schritt einfach und verständlich näherbringen. In unserer vierten Folge sprechen wir über die Technologie hinter Bitcoin. Hierfür schauen wir uns zunächst an, wie eine Transaktion im realen Leben unter Freunden abläuft und welche Probleme auftreten könnten, wenn wir ein Kassenbuch für alle Transaktionen verwenden würden. Anschließend besprechen wir, wie Bitcoin diese Probleme durch verteilte Kassenbücher löst, welche Rolle das Bitcoin-Mining dabei spielt, welche Rolle eine Blockchain übernimmt und wie neue Bitcoin in den Umlauf kommen. Anschließend betrachten wir, wie man selbst am Bitcoin-Netzwerk teilnehmen kann und welche Funktionen die sogenannten Bitcoin-Wallets übernehmen.
Here's a 2 hour conversation on life and surviving bear markets as a bitcoiner. Rob and Rick have both been on the show before and for this one we were LIVE in the CryptoCloaks print shop. We talk about mining, the insane math behind hashing SHA256 , cycles of equipment upgrading and how to deal with heat from mining and equipment, and a whole lot of messing around. Check out the chapters below! ____________________________________ Follow Rick on X: https://x.com/RickFromCloaks Follow Rob on X: https://x.com/BikesandBitcoin Support the show: https://valuestack.xyz/support ____________________________________ Chapters 00:00 Intro - without an introduction 5:30 Computers are hot 9:00 On starting a small business with bitcoin 11:15 How to repurpose heat from bitcoin mining 15:45 Mining downtime and ASIC repair 18:00 Why's there so much performance variation across ASICs? 23:25 Bitcoin mining is a brutal business 26:55 Rob's poetic ode to the beauty of hashing 30:35 How does the bitcoin difficulty adjustment work? 32:30 On exponential growth and really big numbers 35:45 Rob's alan watts interpretation 36:35 Why is Rick still operating in his basement? 40:00 Rick explains the CryptoCloaks printing operation 43:20 Rob teaches about how mega bitcoin miners make money with electricity 53:30 On achieving and goal-setting 56:30 On risk-taking and running a business 1:02:15 On becoming more family-oriented because of bitcoin 1:10:05 Is bitcoin a faith-based community? 1:12:55 On grokking bitcoin and it going mainstream 1:20:00 Talking about cycles of life and the fourth turning 1:26:45 On loving "the process", cycles of life, kids, and hashing 1:30:00 How mining pools changed bitcoin mining forever 1:34:45 When will the general population adopt bitcoin? 1:37:00 Why we stopped talking about bitcoin during the holidays 1:45:35 On mentally HODLing through bitcoin bear markets 1:54:00 Generations of bitcoiners 1:58:08 How will a bitcoin ETF change the market environment? 2:00:30 Are we screwed when baby boomers leave the workforce? 2:03:45 Bitcoin adoption in developing countries 2:05:30 Outro - words of wisdom from Rick & Rob
So, here's my Top 100 snippets of knowledge for blockchain: Blockchains use public key methods to integrate digital trust. Bob signs for a transaction with his private key, and Alice proves this with Bob's public key. The first usable public key method was RSA — and created by Rivest, Shamir and Adleman. It was first published in 1979 and defined in the RSA patent entitled “Cryptographic Communications System and Method”. Blockchains can either be permissioned (requiring rights to access the blockchain) or permissionless (open to anyone to use). Bitcoin and Ethereum are the two most popular permissionless blockchains, and Hyperledger is the most popular permissioned ledger. Ralph Merkle — the boy genius — submitted a patent on 5 Sept 1979 and which outlined the Merkle hash. This is used to create a block hash. Ralph Merkle's PhD supervisor was Martin Hellman (famous as the co-creator of the Diffie-Hellman method). David Chaum is considered as founders of electronic payments, and, in 1983, created ECASH, along with publishing a paper on “Blind signatures for untraceable payments”. Miners gather transactions on a regular basis, and these are added to a block and where each block has a Merkle hash. The first block on a blockchain does not have any previous blocks — and is named the genesis block. Blocks are bound in a chain, and where the previous, current and next block hashes are bound into the block. This makes the transactions in the block immutable. Satoshi Nakamoto worked with Hal Finney on the first versions of Bitcoin, and which were created for a Microsoft Windows environment. Craig Steven Wright has claimed that he is Satoshi Nakamoto, but this claim has never been verified. Most blockchains use elliptic curve cryptography — a method which was created independently by Neal Koblitz and Victor S. Miller in 1985. Elliptic curve cryptography algorithms did not take off until 2004. Satoshi selected the secp256k1 curve for Bitcoin, and which gives the equivalent of 128-bit security. The secp256k1 curve uses the mapping of y²=x³ + 7 (mod p), and is known as a Short Weierstrass (“Vier-strass”) curve. The prime number used with secp256k1 is ²²⁵⁶−²³²−²⁹−²⁸−²⁷−²⁶−²⁴−1. Satoshi published a 9-page paper entitled “Bitcoin: A Peer-to-Peer Electronic Cash System” White Paper on 31 Oct 31, 2008. In 1997, Adam Black introduce the concept of Proof of Work of Hashcash in a paper entitled, “Hashcash — a denial of service countermeasure.” This work was used by Satoshi in his whitepaper. Satoshi focused on: a decentralized system, and a consensus model and addressed areas of double-spend, Sybil attacks and Eve-in-the-middle. The Sybil attack is where an adversary can take over the general consensus of a network — and leads to a 51% attack, and where the adversary manages to control 51% or more of the consensus infrastructure. Satoshi used UK spelling in his correspondence, such as using the spelling of “honour”. The first Bitcoin block was minted on 3 Jan 2009 and contained a message of “Chancellor on brink of second bailout for banks” (the headline from The Times, as published in London on that day). On 12 Jan 2009, Satoshi sent the first Bitcoin transaction of 50 BTC to Hal Finney [here]. A new block is created every 7–10 minutes on Bitcoin. In Aug 2023, the total Bitcoin blockchain size is 502 GB. As of Aug 2023, the top three cryptocurrencies are Bitcoin, Ether, and Tether. Bitcoin has a capitalization of $512 billion, Ether with $222 billion, and Tether at $83 billion. The total cryptocurrency capitalisation is $1.17 trillion. The original block size was 1MB for Bitcoin, but recently upgraded to support a 1.5MB block — and has around 3,000 transactions. Currently the block sizes are more than 1.7MB. Bitcoin uses a gossip protocol — named the Lightning Protocol — to propagate transactions. A Bitcoin wallet is created from a random seed value. This seed value is then used to create the 256-bit secp256k1 private key. A wallet seed can be converted into a mnemonic format using BIP39, and which uses 12 common words. This is a deterministic key, and which allows the regeneration of the original key in the correct form. BIP39 allows for the conversion of the key to a number of languages, including English, French and Italian. A private key in a wallet is stored in a Wif format, and which is a Base58 version of the 256-bit private key. The main source code for the Bitcoin blockchain is held at https://github.com/bitcoin, and is known as Bitcoin core. This is used to create nodes, store coins, and transactions with other nodes on the Bitcoin network. A 256-bit private key has 115,792 billion billion billion billion billion billion billion billion different keys. A public Bitcoin ID uses Base58 and has a limited character set of ‘123456789ABCDEFGHJKLMN PQRSTUVWXYZabcdefghijkmno pqrstuvwxyz', where we delete ‘0' (zero), ‘l' (lowercase ‘l'), and ‘I' (capital I) — as this can be interpreted as another character. In Bitcoin and Ethereum, a private key (x) is converted to a public key with x.G, and where G is the base point on the secp256k1 curve. An uncompressed secp256k1 public key has 512 bits and is an (x,y) point on the curve. The point starts with a “04”. A compressed secp256k1 public key only stores the x-co-ordinate value and whether the y coordinate is odd or even. It starts with a “02” if the y-co-ordinate is even, otherwise it starts with a “03”. In 1992, Eric Hughes, Timothy May, and John Gilmore set up the cypherpunk movement and defined, “We the Cypherpunks are dedicated to building anonymous systems. We are defending our privacy with cryptography, with anonymous mail forwarding systems, with digital signatures, and with electronic money.” In Ethereum, the public key is used as the identity of a user (a.G), and is defined as a hexademical value. In Bitcoin, the public ID is created from a SHA256 hash of the public key, and then a RIPEMD160 of this, and then covered to Base58. In computing the public key in ECC of a.G, we use the Montgomery multiplication method and which was created by Peter Montgomery in 1985, in a paper entitled, “Modular Multiplication without Trial Division.” Elliptic Curve methods use two basic operations: point address (P+G) and point doubling (2.P). These can be combined to provide the scalar operation of a.G. In 1999, Don Johnson Alfred Menezes published a classic paper on “The Elliptic Curve Digital Signature Algorithm (ECDSA)”. It was based on the DSA (Digital Signature Algorithm) — created by David W. Kravitz in a patent which was assigned to the US. The core signature used in Bitcoin and Ethereum is ECDSA (Elliptic Curve Digital Signature Algorithm), and which uses a random nonce for each signature. The nonce value should never repeat or be revealed. Ethereum was first conceived in 2013 by Vitalik Buterin, Gavin Wood, Charles Hoskinson, Anthony Di Iorio and Joseph Lubin. It introduced smaller blocks, an improved proof of work, and smart contracts. Bitcoin is seen as a first-generation blockchain, and Ethereum as a second-generation. These have been followed by third-generation blockchains, such as IOTA, Cardano and Polkadot — and which have improved consensus mechanisms. Bitcoin uses a consensus mechanism which is based on Proof-of-Work, and where miners focus on finding a block hash that has a number of leading “0”s. The difficulty of the mining is defined by the hashing rate. At the current time, this is around 424 million TH/s. There are around 733,000 unique Bitcoin addresses being used. Satoshi defined a reward to miners for finding the required hash. This was initially set at 50 BTC, but was set to half at regular intervals. On 11 January 2021, it dropped from 12.5 BTC to 6.2 BTC. Bitcoin currently consumes around 16.27 GWatts of power each year to produce a consensus — equivalent to the power consumed by a small country. In creating bitcoins, Satoshi created a P2PKH (Pay to Public Key Hash) address. These addresses are used to identify the wallet to be paid and links to the public key of the owner. These addresses start with a ‘1'. In order to support the sending of bitcoins to and from multiple addresses, Bitcoin was upgraded with SegWit (defined in BIP141). The wallet address then integrates the pay-to-witness public key hash (Pay to script hash — P2SH). These addresses start with a ‘3'. Ethereum uses miners to undertake work for changing a state and running a smart contract. They are paid in “gas” or Ether and which relates to the amount of computation conducted. This limits denial of service attacks on the network and focuses developers on creating efficient code. Ethereum supports the creation of cryptocurrency assets with ERC20 tokens — and which are FT (Fungible Tokens). For normal crypto tokens (ERC-20) we use, there is a finite number of these, and each of these is the same. Ethereum creates NFTs (Non-Fungible Tokens) with ERC721 tokens. We mint these each time and each is unique. Solidity is the programming language used in Ethereum, while Hyperledger can use Golang, Node.js and Java. For Ethereum, we compile Solidity code into EVM (Ethereum Virtual Machine) code. This is executed on the blockchain. Blockchain uses the SHA-256 hash for transaction integrity. Ethereum uses the Keccak hash is used to define the integrity of a transaction. This is based on SHA-3, and differs slightly from Keccak. The Keccak hash family uses a sponge function and was created by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche, and standardized by NIST in August 2015 as SHA-3. The DAO is a decentralized autonomous organization (DAO) for the Ethereum blockchain and was launched in 2016. In 2016, DAO raised $150 million through a token sale but was hacked and funds were stolen. This resulted in a forking of the blockchain: Ethereum and Ethereum Classic. Non-interactive Zero Knowledge Proofs (NI-ZKP) allow an entity to prove that they have knowledge of something — without revealing it. A typical secret is the ownership of a private key. NI-ZKPs involve a prover (Peggy), a verifier (Victor) and a witness (Wendy) and were first defined by Manuel Blum, Paul Feldman, and Silvio Micali in their paper entitled, “Non-interactive zero-knowledge and its applications”. Popular ZKP methods include ZK-SNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) and ZK-STARKs (Zero-Knowledge Scalable Transparent Argument of Knowledge). Bitcoin and Ethereum are pseudo-anonymised, and where the sender and recipient of a transaction, and its value, can be traced. Privacy coins enable anonymous transactions. These include Zcash and Monero. In 1992, David Chaum and Torben Pryds Pedersen published “Wallet databases with observers,” and outlined a method of shielding the details of a monetary transaction. In 1992, Adi Shamir (the “S” in RSA) published a paper on “How to share a secret” in the Communications of the ACM. This supported the splitting of a secret into a number of shares (n) and where a threshold value (t) could be defined for the minimum number of shares that need to be brought back together to reveal the secret. These are known as Shamir Secret Shares (SSS). In 1991, Torbin P Pedersen published a paper entitled “Non-interactive and information-theoretic secure verifiable secret sharing” — and which is now known as Pedersen Commitment. This is where we produce our commitment and then show the message that matches the commitment. Distributed Key Generation (DKG) methods allow a private key to be shared by a number of trusted nodes. These nodes can then sign for a part of the ECDSA signature by producing a partial signature with these shares of the key. Not all blockchains use ECDSA. The IOTA blockchain uses the EdDSA signature, and which uses Curve 25519. This is a more lightweight signature version, and has better support for signature aggregation. It uses Twisted Edwards Curves. The core signing method used in EdDSA is based on the Schnorr signature scheme and which was created by Claus Schnorr in 1989. This was patented as, a “Method for identifying subscribers and for generating and verifying electronic signatures in a data exchange system”. The patent ran out in 2008. Curve 25519 uses the prime number of ²²⁵⁵-19 and was created by Daniel J. Bernstein. Peter Shor defined that elliptic curve methods can be broken with quantum computers. To overcome the cracking of the ECDSA signature from quantum computers, NIST are standardising a number of methods. At present, this focuses on CRYSTALS-Dilithium, and which is a lattice cryptography method. Bulletproofs were created in 2017 by Stanford's Applied Cryptography Group (ACG). They define a zero-knowledge proof as where a value can be checked to see it lies within a given range. The name of “bulletproofs” is defined as they are short, like a bullet, and with bulletproof security assumptions. While Bitcoin can take up to 7–10 minutes to mine a new block and create a consensus, newer blockchains, such as IOTA, can give an almost instantaneous consensus. Banks around the world are investigating CBDC (Central Bank Digital Currency) and which is not a cryptocurrency but a way to quickly define a consensus on a transaction. Homomorphic encryption methods allow for the processing of encrypted values using arithmetic operations. A public key is used to encrypt the data, and which can then be processed using an arithmetic circuit on the encrypted data. The owner of the associated private key can then decrypt the result. Some traditional public key methods enable partial homomorphic encryption. RSA and ElGamal allow for multiplication and division, whilst Pailier allows for homomorphic addition and subtraction. Full homomorphic encryption (FHE) supports all of the arithmetic operations and includes Fan-Vercauteren (FV) and BFV (Brakerski/Fan-Vercauteren) for integer operations and HEAAN (Homomorphic Encryption for Arithmetic of Approximate Numbers) for floating point operations. Most of the Full Homomorphic encryption methods use lattice cryptography. Some blockchain applications use Barreto-Lynn-Scott (BLS) curves which are pairing friendly. They can be used to implement Bilinear groups and which are a triplet of groups (G1, G2 and GT), so that we can implement a function e() such that e(g1^x,g2^y)=gT^{xy}. Pairing-based cryptography is used in ZKPs. The main BLS curves used are BLS12–381, BLS12–446, BLS12–455, BLS12–638 and BLS24–477. An accumulator can be used for zero-knowledge proof of knowledge, such as using a BLS curve to create to add and remove proof of knowledge. Open Zeppelin is an open-source Solidity library that supports a wide range of functions that integrate into smart contracts in Ethereum. This includes AES encryption, Base64 integration and Elliptic Curve operations. Metamask is one of the most widely used blockchain wallets and can integrate into many blockchains. Most wallets generate the seed from the operating system and where the browser can use the Crypto.getRandomValues function, and compatible with most browsers. Solidity programs can be compiled with Remix at remix.ethereum.org. The main Ethereum network is Ethereum Mainnet. We can test smart contracts on Ethereum test networks. Current networks include sepolia.etherscan.io and goerli.net. Ether can be mined for test applications from a faucet, such as faucet.metamask.io. This normally requires some proof of work to gain the Ether — in order to protect against a Denial of Service against the Faucet. The private key can be revealed from two ECDSA signatures which use the same random nonce value. Polkadot is a blockchain which allows blockchains to exchange messages and perform transactions. The proof of work method of creating is now not preference because of the energy that it typically uses. Many systems now focus on proof of stack (PoS). A time-lock puzzle/Proof of Work involves performing a computing task which has a given cost and which cannot be cheated again. This typically involves continual hashing or continual squaring. The Chia blockchain network uses both Proof of Space (PoS) and Proof of Time (PoT). The PoS method makes use of the under-allocation of hard-disk space. With a Verifiable Delay Function (VDF), we can prove that a given amount of work has been done by a prover (Peggy). A verifier (Victor) can then send the prover a proof value and compute a result which verifies the work has been done, with the verifier not needing to do the work but can still prove the work has been done. A Physical Unclonable Functions (PUFs) is a one-way function which creates a unique signature pattern based on the inherent delays within the wireless and transistors. This can be used to link a device to an NFT. In Blockchain applications, we can use Non-interactive zero-knowledge (NIZK) proofs for the equality (EQ) of discrete logarithms (DL) — DLEQ. With this — in discrete logarithms — we have
2023 is here, and Bitcoin enters its 15th year!Grant (Łitecoin UndergrounĐ) joins the show in the first episode of 2023. He is a distinguished Litecoin community member, and host of a weekly Twitter spaces. He describes himself as a proponent of a multi-chain future to ensure self-custody, privacy, and decentralization.We discuss coin cooperation as allies in team anti-fiat, and 2023 strategy for adoption and confronting fiat & CBDC's.We also talk about unelected leaders in crypto, memes, banter, etc.----------Links:@LTCUnderground on Twitterhttps://twitter.com/LTCUnderground21:41 BitPay Cryptocurrency Statistics:https://bitpay.com/stats/1:46:11 Litecoin Underground: "Fork the Amish" on Apple Podcasts:https://podcasts.apple.com/us/podcast/fork-the-amish/id1594458258?i=10005479229481:48:57 Roger Ver and Charlie Lee Lightning Network bet:https://youtu.be/63akDMMfiPQ?t=6342:12:14 be_cashy on Twitter:https://twitter.com/be_cashy----------Donations:bitcoincash:qq89n9cvksz9lptumt7m26vssxdgfgcehq2a0lv3nz----------Socials:Website: https://www.bitcoincashpodcast.com----------Timestamps:00:00 Podcast starts00:37 Intro01:36 LTC Underground intro, Litecoin journey04:15 #BCH and the "BCash" name12:50 Crypto and objective truth16:02 Crypto market update21:41 Stat of the week: BitPay payments36:21 #Litecoin in 202339:41 What are MimbleWimble Extension Blocks (MWEB)?44:27 Crypto common enemy & common goals48:48 Global reserve currency goal56:52 New York Bitcoin scaling agreement1:11:36 Bitcoin Cash has proven resilience1:14:43 Pros & cons of being the minority SHA256 chain1:22:14 #CBDC in 20231:35:56 Messari 2023 crypto theses1:40:03 BTC's only narrative is price appreciation1:44:53 Monarchy is like crypto
On The Cloud Pod this week, AWS Enterprise Support adds incident detection and response, the announcement of Google Cloud Spanner, and Oracle expands to Spain. Thank you to our sponsor, Foghorn Consulting, which provides top notch cloud and DevOps engineers to the world's most innovative companies. Initiatives stalled because you're having trouble hiring? Foghorn can be burning down your DevOps and Cloud backlogs as soon as next week. Episode Highlights ⏰ AWS Enterprise Support adds incident detection and response ⏰ You can now get a 90-day free trial of Google Cloud Spanner ⏰ Oracle opens its newest cloud infrastructure region in Spain Top Quote
W odcinku jak wygrać wejściówki na konferencje ETHWarsaw. Jak nie paść ofiarą oszustów z fikcyjnych platform inwestycyjnych oraz o przechowywaniu kluczy do Twoich kryptowalut przez długi okres Zagrożenia dotyczące Merge na Ethereum - gościem Paulina Jóśków z Ramp network Tether vs USDC Omawiamy produkty Satscard, Taptopay, deezy.io Jak działa algorytm SHA256 i co liczą koparki bitcoin w ramach proof-of-work Telegram tworzy własną strefę DNS TON w formie NFT na Blockchain TON Uważaj jakie zdjęcia wrzucasz do swojego archiwum w chmurze Google Finansowanie projektów OpenSource i developerów za pomocą opensats.org Jak obejść blokadę adresów w interfejsach publiczych DeFI W Unii Europejskiej toczy się walka o to, kto będzie regulował kryptowaluty Sponsorem odcinka jak zwykle kantor kryptowalut swap.ly --- Send in a voice message: https://anchor.fm/kwarantanna-bitcoin/message
On today's episode, We understand how blockchains work, and their two basic types. We also talk about DAOs, aka Decentralized Autonomous Organizations and why they're important. Binance launches in Idaho, Solana goes down…again! And some tech news regarding Meta, Tesla & SpaceX. For the full transcript, please read https://farezv.substack.com/p/farez-for-me-podcast-ep-3-what-is?s=w and subscribe to my newsletter to not miss any updates! What is a Blockchain? If you've ever seen an accounting ledger, you're already halfway there in your understanding of what a blockchain is. In simple terms, it's a connected list of records. Imagine a growing list of digital records, resembling real a life ledger book, known as blocks that are connected using cryptography. These blocks each have cryptographic signature associated with another block in the chain, a timestamp, and sometransaction data signifying the connectivity of the chain. This cryptographic signature is known as a hash, it's implemented in computer code and is essentially a one-way mathematical algorithm to obfuscate simple information into complex information. For example, there may be a function f(x) such that if x = hello, f(x) meaning f(hello) may return some value that resembles 0x43a5fc78 (which is some made up gibberish). There's no way for someone who reads 0x43a5fc78 to decode it back to the original message hello. This one-way nature of these hashing algorithms or hash functions as they're commonly known, ensures secure obfuscation of data (in this example, the term "hello"). Applying this same concept to blockchains ensures that each chain of blocks is unchangeable (especially by malicious 3rd parties). Here's how it works, from the book Mastering Bitcoin. Each block within the blockchain is identified by a hash, generated using the SHA256 cryptographic hash algorithm on the header of the block. Each block also references a previous block, known as the parent block, through the “previous block hash” field in the block header. In other words, each block contains the hash of its parent inside its own header. The sequence of hashes linking each block to its parent creates a chain going back all the way to the first block ever created, known as the genesis block. By the way, hashing is different from encryption. Encryption is two-way. Data obfuscated by encryption can be decrypted to be human readable again whereas hashing is a one way data obfuscation method. --- Send in a voice message: https://anchor.fm/farezv/message
Dans un datavault les clefs ne sont pas incrémentales, alors quelle technique utiliser : SHA256 ou fonction de hashache vers un entier ? Une partie sur l'indexation et l'ordre des colonnes, une autre sur le InMemory, la compression et le stockage colonne sur SQL Server, Oracle et HANA.
• ¿Temporalidad de BTC? Gráfica semanal y media móvil de 200 periodos • ¿Qué opinas de #ETC? • ¿Qué es la meenpool? • #NordVPN en CriptoMonedasTV Protege tu actividad online de criminales y vigilancia no deseada con #NordVPN. https://go.nordvpn.net/SH3Uy Utiliza el cupón cmtv para recibir la mejor oferta disponible. • SHA-256 es unidireccional por seguridad en BTC • ¿Taproot sustituirá a LN? Este es un resumen semanal de nuestras transmisiones en vivo. Puedes participar con tus preguntas Lunes, Miércoles y Viernes a las 2:00 PM Martes y Jueves a las 7:00 PM (Centro USA) Version #podcast en Anchor: https://anchor.fm/criptomonedastv Síguenos también en: Twitch: https://www.twitch.tv/criptomonedastv Periscope: https://www.periscope.tv/CriptoMonedasTV Minds https://www.minds.com/criptomonedastv?referrer=criptomonedastv Telegram: https://t.me/criptomonedastvcom Odysee: https://odysee.com/$/invite/@criptomonedastv:6 3Speak https://3speak.online/user/criptomonedastv Guarda tu Bitcoin de forma segura: Trezor - https://criptomonedastv.com/ir/trezor Ledger Nano - https://criptomonedastv.com/ir/ledgernano BitBox v 2.0 - https://criptomonedastv.com/ir/bitbox ColdCard y Open Dime - https://criptomonedastv.com/ir/coldcard CryptoSteel - https://criptomonedastv.com/ir/cryptosteel --- Support this podcast: https://anchor.fm/criptomonedastv/support
Nel nuovo episodio del BIP SHOW Guybrush annichilisce Rikki con un'ora di lectio magistralis dall'altissimo coefficiente nerd.Nello specifico analizziamo i principi cardine della sicurezza di Bitcoin debunkando una FUD sempre attuale. Dal documento Messari Crypto Theses 2022 estraiamo alcuni elementi interessanti. Intel è pronta a lanciare una linea di chip per il mining di BitcoinInfine iniziamo la nostra crociata: il mondo è pronto a ragionare in satoshi. Impara con noi!NOTE DELLA PUNTATA:- ICC suporta il BIP con l'arte di Yes8: https://bit.ly/3qJeSX4- Il canale Telegram con gli update dal BIP: https://t.me/bitcoinitaliapodcast- La sicurezza di Bitcoin è in pericolo? NO: https://bit.ly/3AjBP6E- I "big brains" si rifiutano di affrontare l'argomento? NO.Dan Held: https://bit.ly/3rxChdnLyn Alden: https://bit.ly/3rDuDOHNic Carter: https://bit.ly/3nKlmDfSempre Nic Carter al MIT: https://bit.ly/3fHFdP3- Messari Crypto Theses 2022: https://bit.ly/3FJsLc7- La discussione su come pensare in Bitcoin parte da lontano:Bitcointalk, 2011: https://bit.ly/3KwMwHIBitcoin Magazine, la psicologia dei decimali, 2013: https://bit.ly/33UL3tSLo standard "satscomma", una nuova proposta, 2021: https://bit.ly/33SxMSk- Intel rivelerà i suoi piani di sviluppo per ASIC Bitcoin in febbraio: https://bit.ly/33tm29n- Il brevetto Intel per un algoritmo hardware super efficiente per SHA256: https://bit.ly/3KoSaLXRegalati un hardware wallet usando i nostri link sponsorizzati:– Trezor Model One: https://amzn.to/38FsQPu– Trezor Model T: https://amzn.to/35LhxnC– Ledger NANO X: https://amzn.to/36GU5Yf– Ledger NANO S: https://amzn.to/2PVx7GR– BitBox 02: https://shiftcrypto.shop/?ref=B9pvW18zvaIl Bitcoin Italia Podcast è una piccola voce libera ed indipendente. Per mantenerla tale ci serve il tuo aiuto. Supportaci per mantenerci sicuri, decentralizzati, immutabili e trasparenti.Come?1- Semplicemente condividi il BIP show con tutti i tuoi amici e parenti.2- Lasciaci una recensione (possibilmente da 5 stelle!) su iTunes e Apple podcast!3- Visita il nostro sito https://bitcoinitaliapodcast.it/supportaci/ e supportaci con una donazione!
WTF is Bitcoin?! The Cryptocurrency & Blockchain Guide for Dinner Parties
The genius of Bitcoin is how Satoshi Nakamoto managed to put together the different technological pieces of the puzzle to create a truly decentralised currency. This episode we cover the intricacies of Proof of Work, what mining actually is (as opposed to how the media describes it), and we look into how a transaction actually works. It's one of the more jargon-heavy chapters (including some long numbers that you can skip forward through lol - bare with me.. I promise there is method to my madness), so don't be afraid to pause and replay if you fall behind. Note the completely different SHA256 hashing function outputs mentioned in the episode are: Hello: 185F8DB32271FE25F561A6FC938B2E264306EC304EDA518007D1764826381969 Happy: 725ACCB5A8E46D19BC3F3A7636D0860A85470FA450BE7F0F6A8C7572756765FD Helo: 375738319E86099FE081FABEE238C40D6F038959DA383C99CA3FE146E5CC8B7E The difficulty target expressed as a decimal is: 16307.420938523983 or as a hex58 number: 0x00000000000404CB000000000000000000000000000000000000000000000000 Buy the actual book on Amazon paperback & Kindle. https://amzn.to/2WRHRGg Listen to this episode on Youtube | https://youtu.be/ny5l3__qOys Audiobook Podcast Youtube Playlist | https://youtube.com/playlist?list=PL-cj8Q_B0xWFybnr3Z_DZlYzSy_hBDgbo Feel free to support this work by liking, subscribing and leaving a comment on our podcast page, sharing on social media, or making a contribution on Patreon. https://www.patreon.com/maximbeatty Disclaimer | https://pod.wtfisbitcoin.net/disclaimer.html This work contains the music track RW Smith - Dig Deep that is licensed under a Creative Commons Attribution license | Source: https://directory.audio/free-music/hip-hop-rap/5933-rw-smith-dig-deep | Author: RW Smith
In this episode Saifedean talks to software developer and author Gigi. They start by talking about Gigi’s book 21 Lessons: What I've Learned from Falling Down the Bitcoin Rabbit Hole, and why Gigi’s most important lesson is “you will not change bitcoin, but bitcoin will change you”. They move on to discuss the relationship between bitcoin and time. They cover how bitcoin solved the problem of reaching decentralized agreement on time and how bitcoin, as an unparalleled savings technology, serves to lower human time preference. The Q&A touches on topics such as the mind-boggling security of the SHA256 cryptographic hash function and threats to bitcoin’s future.
A quick Crash course and episode talking about Blockchain Technology. We will discuss what is Blockchain?What is SHA256?Also Immutable Ledger. Free game for a industry that could make you alot of money from investing or seeking a career in this technology space. --- Support this podcast: https://anchor.fm/on-the-dotted-line/support
Bitcoin and cryptocurrencies have been some of the most volatile instruments in the financial markets, and for good reason! There is a lot of risk, and tremendous reward potential. Bitcoin is still the dominant force in the space, and simple math will show you why prices should continue to climb. Join me as I make my case for Bitcoin over $100,000 in the next 3 years. Debate me live at 2pm pst today!
BTC $ 11,590 Today's guest on the show is @dannydiekroeger a Pro Baseball player turned software engineer working in #Bitcoin for @cashapp ! If you aren't following @dannydiekroeger yet, you should be! His threads about #bitcoin related topics are truly epic and he has an amazing skill at making difficult concepts easy to understand! Listen as Danny explains to 9-year-old Samuel what it's like to play sport at a professional level and what he might have done differently to hit a few more home runs! How many pro Baseball players are #Stackingsats and when will a player negotiate their full contract in #Bitcoin? Join us as @dannydiekroeger talks us through his rabbit hole journey, his computer science background and help me understand what SHA256 is and what how a hash function works. What are UTXO's and nodes and how does @dannydiekroeger see the bright orange future? What went down with the Twitter hack on that fateful day that seems so long ago now!!? A huge thank you to @dannydiekroeger for coming on the show to share his experiences and knowledge and for helping the #Bitcoin community further our education! Big ups to @obi @coinfloor for supporting the show and @Adamwoodhams1 for producing it. Lastly, go follow @twentyoneism, you will thank me. Full List Of Shills And Mench's: @Cashapp @Square www.coinfloor.co.uk/bitten @Obi @Coinfloor www.swanbitcoin.com/oncebitten @Swanbitcoin @aantonop @BitGo @mikebelshe https://xorbin.com
We see you, JilthubGithub, the eponymous source control collaboration system for Open Source Projects, owned by Microsoft, has been caught trying to sneakily continue its contracts with ICE -- you know, the government agency that puts kids in cages -- by getting a contract award from ICE through Dell Federal Systems.Now all of this may be on the up-and-up; Dell sells Github enterprise to ICE as a reseller, Github gets plausible deniability, and ICE gets to use the cool kids source control system.But it's still morally bankrupt for Github to take this contract -- for an amount, I might add, that totals $79,312.50, or roughly the same amount Microsoft should have paid Keivan for using his AppGet architectural work in their WinGet package manager solution.We see you, Github. Special thanks to [Dave Copeland](https://twitter.com/davetron5000/status/1282738504624222208?s=20) for making me aware of this. Twitter is sometimes a beautiful thing.Github 'offers' to let Non-US employees do the same job for half the pay.Microsoft's github acquired NPM. They [apprently "offered" to reduce non US employees compensation by up to 50%.](https://twitter.com/nomadtechie/status/1283613109932961792?s=20) to do the same job. In the Year of our Lord 2020 it is very impressive that a company like Github, who are still reeling from their morally bankrupt decision to keep an ICE contract worth $79,000, would also stoop so low as to to get existing employees of NPM to quit by offering them half the money to do the same job.When we call supporting ICE morally bankrupt, that is not meant to inspire you to be the villian, github. That's an insult, meant to shame you into doing the right thing.Vulnerabilities reported this weekMicrosoft reported and [released a fix](https://github.com/dotnet/announcements/issues/159) for CVE-2020-1147, a .NET Core Remote Code Execution Vulnerability. If you accept XML input, this advisory affects you. If any of your API endpoints accept XML, this advisory affects you. .NET Core 2.1.19, .NET 3.1.5, and .NET 5 Preview 6 are all vulnerable. This is fixed in the latest version of .NET Core 3.1.6, and will hopefully be fixed when .NET 5 Preview 7 is released. If you are running Visual Studio 16.4, you need to update SDK to 3.1.106; if you're running Visual studio 2019 16.5 or later, update to SDK 3.1.302 and then curse version numbers loudly like I'm about to.If you use Windows DNS Server, there's another [RCE vulnerability that is apparently "wormable"](https://msrc-blog.microsoft.com/2020/07/14/july-2020-security-update-cve-2020-1350-vulnerability-in-windows-domain-name-system-dns-server/), but [at least some infosec people seem to think it won't turn into a big problem](https://twitter.com/hackerfantastic/status/1283096226616016896?s=20). This being 2020, I'm not holding my breath..NET Core 2.1.20 has been releasedRelease Notes: https://github.com/dotnet/core/blob/master/release-notes/2.1/2.1.20/2.1.20.mdSelf Contained ApplicationsOne of the more interesting parts of .NET Core has become the "Self Contained Application" -> effectively the runtime, the application and its dependencies in one package. This is great for datacenter style deployments or cross platform console applications, or even potentially in .NET 6 with MAUI: Desktop applications. That same advantage of self-contained applications is also a disadvantage, as foretold in this note in the Announcement: > Additionally, if you've deployed self-contained applications targeting any of the impacted versions, these applications are also vulnerable and must be recompiled and redeployed.Long story short: Not only do you need an update story for your organization's release cadence, that cadence must also take into account vulnerabilities in the runtime.### Nick Craver talks Attacks on Stack Overflow.Stack Overflow, the largest (that gets developer press and isn't Microsoft owned) site built on ASP.NET MVC (and soon .NET Core), gets a lot of attacks against it as a "top 50" (according to Wikipedia) site on the internet. Nick Craver, their architectural lead; goes deep into the sorts of attacks that happen. https://www.youtube.com/watch?v=K6NECAZhJG4 This is a good watch. Watch it.## Improvements in .NET 5This is the sort of thing I get jazzed about. The faster C# gets, the less we have to worry about using a language like Go or Rust for high performance situations. I don't use Rust, but anyone that does will tell you within seconds of meeting you. They're our Crossfitters.Anyway, having an easy-to-use toolchain to write fast code is good for all of us; and really good for our economic prospects, if we're being honest. The .NET team gets jazzed about performance too, and they've released another blog post [detailing speed improvements in the forthcoming (now in Preview) .NET 5](https://devblogs.microsoft.com/dotnet/performance-improvements-in-net-5/). .NET 5, remember, is just .NET Core in a trench coat. Microsoft is going directly from .NET Core 3 to .NET 5; because awkwardly, they already have a .NET 4. I have lots of jokes to make about Microsoft Marketing, but I'd like to be clear about this: Microsoft has 20 years of inertia around the .NET Framework, and there were problem dozens of internal corporate teams that were hoping that .NET Core would fail because their bread and butter was built on .NET. Luckily it didn't fail, and luckily the group that said "Let's unify the two" won. Over time .NET Core has had to make concessions to stay in the game, like CSProj over project.json; but those concessions have ultimately scored large wins for both .NET Framework and .NET Core. This is a narrow line to walk, and for all the grief I give them, Microsoft's Marketing team is handling this with grace and aplomb. BinaryFormatter will finally be tossed off a bridgehttps://github.com/dotnet/designs/pull/141Hashing data is now two lines of code Special thanks to Kevin Jones [@vcsjones](https://twitter.com/vcsjones) for [making me aware of this](https://twitter.com/vcsjones/status/1283404602277335041?s=20). In likely .NET 5 Preview 8, you'll have the ability to hash data in two lines of code!:```ReadOnlySpan someData;byte[] hash = SHA256.HashData(somedata);//or Span hashBuffer = stackalloc byte[32];int bytesWritten = SHA256.HashData(someData, hashBuffer);```This is pretty and awesome. It's pretty awesome. If you find yourself producing hashes of data; it can't get much faster or easier than this. Windows Community Toolkit 8.0.0 Preview2 for WinUI 3 Preview 2 has been releasedMicrosoft continues to streamline how it versions its products by overusing the word Preview. Anyway, this release lets developers kick the tires on the new WinUI, which is better known as "How you write Desktop Applications in .NET 5". The only hope I have is since they've coalesced on ridiculous versioning schemes, they've also coalesced around one way to develop Desktop Applications in .NET 5. Developers who love XAML should love WinUI 3. https://github.com/windows-toolkit/WindowsCommunityToolkit/issues/3295ImageSharp passed 6 million downloads; and an exposure angel got their wings.The [creator of ImageSharp laments](https://twitter.com/James_M_South/status/1282396639714373632) getting six million downloads on an open source project that obstensibly does not pay the bills. At this point in OSS, you either go APGL or you get to the point where you wish you had. On .NET MAUII had understood [.NET MAUI](https://github.com/dotnet/maui) to be a codename for .NET 6. It is not. Part of .NET 6 will be 'MAUI'. It's capitalized because it's an acroynmn. I should have known, of course, as we're programmers, and we love Acroymns. Anyway, MAUI stands for: Multi-platform App UI. Or for the rest of us: Cross Platform UIs!YES. FINALLY. Something that will be faster than electron and have less users to boot! Seriously though, I'm pretty stoked that this is happening, though I hope Microsoft will take this time to realize that cross-platform UIs are probably best done in HTML, CSS, and JavaScript, and not XAML. Actually, scratch that, Cross platform UIs are terrible in HTML, CSS, and JavaScript, but it's ubitquitous, and that's what matters. It looks like there will be a few 'AppModels' supported:MVVM, RxUI, MVU, Blazor. If you don't do Xamarin currently, RxUI and MVU will be new to you (and to the rest of us). RxUI is a "reactive" style of programming to support one-way updates from the model to the UI. and MVU is "Model View Update", which I hear is cool but apparently every framework needs to create a new rendering pattern, and [MVU is Elm's gift](https://thomasbandt.com/model-view-update) to the rest of us. Programmers create their own blog engines, UI Frameworks write their own Rendering pattern.PFCLotW (Pretty Fricking Cool Library of the Week)If you're using .NET (Whether Framework or Core), and you want to benchmark your code, you should be using [Benchmark.NET](https://github.com/dotnet/BenchmarkDotNet). It's called Benchmark because that's what it does, and they slapped the .NET moniker on the end because that's what library authors for .NET Do. Since this is .NET, their alternatives were NBenchmark, and BenchmarkSharp. I'm glad Benchmark.NET won.Anyway, Benchmark.NET let's you set up runs against your code; specifically against doing the same operation multiple ways. It then accurately benchmarks how fast the code is, what sort of memory usage it has, and a few other neat sundries about it. If you're using System.Timer(), don't. Use Benchmark.NET instead. (This is not a sponsored ad, but I do have a thing for Console Applications that are amazing).NET Foundation UpdatesThe .NET Foundation has an open pull request for changes to their bylaws to allow for a seven day comment period before a change would take effect (or be voted on?). You can [view it here](https://github.com/dotnet-foundation/website/pull/197).The .NET Foundation also [has interviews up with all of the candidates for election to the board](https://dotnetfoundation.org/blog/2020/07/16/director-election-2020-candidate-interviews).If you aren't already a member of the .NET Foundation and you're reading this. You should be. Decisions are made by those who show up, and those decisions affect all of us that use .NET. Become a member of the .NET Foundation here](https://dotnetfoundation.org/member/become-a-member).Events.NETOn July 30th, there's a .NET Conf focused on Microservices. This conference is for people who want to add "Microservices" to their resume. [Save the date](https://focus.dotnetconf.net/?utm_campaign=savedate&utm_source=dotnet&utm_medium=twitter) here.The .NET Conf is November 10th-12th, online only. It's the 10th year of this event. You can [save the date here](https://www.dotnetconf.net/?WT.mc_id=twc9-c9-chwarren). If you're not a fan of sitting through three days of online events, I'll be live-tweeting it; In preparation, you can go ahead and block me now.And that's what happened Last Week in .NET I'm George Stocker, and if your team is struggling with regression bugs, delivering software on time, and wants a workday where you actually get to leave at 5pm. You should visit www.doubleyourproductivity.io and reach out.If you liked this Newsletter, please forward it to your friends and ask them to subscribe at www.lastweekin.net. If you hated it, please forward it to your enemies.
Public Key Cryptografie en Hashing (Ik heb het in deze aflevering alleen over Sha256-hashes, ook als ik per ongeluk sha265 zeg) Links Beginnenmetbitcoin3471 hash, die begint met 000 Donatielink Telegramgroep beginnenmetbitcoin.com - Niks in deze podcast is beleggingsadvies.
Part 2 continues answering our audience question regarding the security of the Bitcoin network: how is SHA256 used in Bitcoin mining & generating Bitcoin addresses? Is it quantum resistant? Youtube: https://youtu.be/LbH29Vh0cMQ & show page: https://coincompass.com/57
Part 1 of this answer delves into Bitcoin, P2P & security: concentrated vs distributed networks, centralised vs decentralised networks, node security, data leakage & privacy concerns. Youtube: https://youtu.be/OzR6Xpo9cGA & show page: https://coincompass.com/56
Links:Learn Me BitcoinTwitter-Greg WalkerSocial Media- The Bitcoin Podcast NetworkSlackTwitch-TheMexicanFilipinoYouTubeDonate!Discuss
COVID changes the tech world, macOS Catalina is awful, Zoom has miserable security issues, O365 is now M365, Teams updates (again), and a whole lot more! Extended show notes available at https://hthpc.com/ Boot-Up (Intro…random topics) 00:18 • WFH killed Steve's router, got a new one (NetGear r7800 with DD-WRT custom firmware) • Wear a green shirt in video meetings and use the background feature to change your shirt color • Bing for a cure: https://www.bing.com/give/dashboard • Ignite be digital: https://www.microsoft.com/en-us/ignite • New PowerShell thing that isn't fully baked yet: https://devblogs.microsoft.com/powershell/introducing-consoleguitools-preview/ • Microsoft Extends the EOL date for Basic Authentication: https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-and-exchange-online-april-2020-update/ba-p/1275508 Catalina Sucks 21:38 • It seems MacOS Catalina (older versions seem fine..) has issues with WPA3. • Acceptable auth (DD-WRT settings): WPA2 Personal with CCMP-128 (AES), CCMP-256, GCMP, or GCMP-256. • Selecting "WPA2 with SHA256" or "WPA3 Personal / SAE" = No wifi for you (on Catalina) • Scorched Earth: Steve filed Feedback and a bug report to Apple OK Zoomer 26:15 • So many security flaws and shady behavior: https://tidbits.com/2020/04/03/every-zoom-security-and-privacy-flaw-so-far-and-what-you-can-do-to-protect-yourself/ ○ Professional Zoom-bombers ○ 2 new macOS vulnerabilities…patched now: https://threatpost.com/two-zoom-zero-day-flaws-uncovered/154337/ ○ Encryption "not suited for secrets" https://citizenlab.ca/2020/04/move-fast-roll-your-own-crypto-a-quick-look-at-the-confidentiality-of-zoom-meetings/ ○ Zoom calls went through China: https://techcrunch.com/2020/04/03/zoom-calls-routed-china/ • Trust not earned: Elon Musk bans Zoom: https://www.reuters.com/article/us-spacex-zoom-video-commn/elon-musks-spacex-bans-zoom-over-privacy-concerns-memo-idUSKBN21J71H "Please use email, text or phone as alternate means of communication." “Unplanned Outage” (Sponsor section - "Hope this Helps is helped by…") 34:25 • Bowel MoVeMenT • Answering conference calls in the bathroom M is the new O 36:48 • Teams updates • Office 365 is now Microsoft 365 after April 21: https://news.yahoo.com/microsoft-365-teams-consumers-160745338.html • "Don't worry-you don't need to do a thing. Your product services, apps, and features will stay the same, along with the price. Your subscription name will update automatically in the admin center and your monthly billing statements on or after April 21, 2020." • Office 365 ProPlus is now Microsoft 365 Apps for enterprise: https://docs.microsoft.com/en-us/deployoffice/name-change • Follow-up: Before O365, it was known as Microsoft Business Productivity Online Suite (BPOS) Ask the Stiffs: Question of the Week 40:28 • What are some of the last minute changes that are being implemented to improve security to protect your environment? Outro - "Plus Delta" • We help you, you help us: Rate us on iTunes • Reddit: https://reddit.com/r/hopethishelpspodcast --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app
Kvantöverlägsenhet innebär slutet för kryptovalutor och kvantdatorer kommer att för ändra vår värld till oigenkännlighet! Eller är det verkligen så enkelt? Nu efter Googles artikel om kvantöverlägsenhet (quantum supremacy) har kvantdatorer hamnat i fokus men vad innebär egentligen denna milstolpe? Vi försöker reda ut detta, vad kvantdatorer kan användas till och hur deras framtid ser ut. Dagens spaning Daniels spaning:Soonish: Ten Emerging Technologies That'll Improve and/or Ruin Everything av Kelly & Zach Weinersmith Hennings spaning:Quantum Computation and Quantum Information av Nielsen och Chuang. Länkar & kommentarer "If you take just one piece of information from this blog: Quantum computers would not solve hard search problems instantaneously by simply trying all the possible solutions at once." - Scott Aaronson Googles artikel i Nature Qubit - N qubits innebär 2^n tillstånd Personen bakom uttrycket "kvantöverlägsenhet" (John Preskill) kommenterar artikeln Aaronson kommenterar IBM:s "motartikel" Hur en kvantdator fungerar - webcomic Kvantmekaniska system för kvantdatorer, bl.a.: • Atomiskt spin. • Jonfälla. • Kvantprick. • Optisk hålighet. • Diamanter. • Supraledare / Josephson junctions.Dvs inget man kan ha i sin telefon framöver. Googles dator hade en temperatur på 20 mK exempelvis. Bloch-sfär Superposition mellan 0 och 1, man kan endast mäta 0 eller 1 (Kollapsar tillståndet). NAND-grindUniversal gates: Hadamard, phase, CNOT and pi/8. Kvantbrus/dekoherens - Tiden informationen sparas i systemet. Supraledare Shor's algorithm Artikel om kvantattacker mot bitcoin - Bitcoin kör SHA256. 256 bitar innebär ca 256 qubits (tänk 2^256 tillstånd i qubitarna, sen plussa på för extra operationer). Tar däremot tid att utföra operationerna, uppskattning 7-8 h för RSA. Blockkedjan uppdateras var 10:e minut med Bitcoin, Ethereum 15 sekunder. Beräkningar sker på ns skala, men sen klassiska delen kan vara långsamare. Googles tog 200 s. Video med övergripande förklaring kring publika nycklar Finns kryptografiska koder som är quantum resistant Post-quantum_cryptography - använda en klassisk dator för kryptering som ska vara säker mot en kvantdator Grover's algorithm - Går från N till sqrt(N). Ex: 1 miljon blir 1 tusen. Kan användas för att optimera olika algoritmer. Intro kring komplexitetsteori (quanta magazine) Quanta magazine om kvantdatorers problem och potential NISQ: Noisy Intermediate-Scale Quantum Quantum cryptography - använda en kvantdator för kryptering. Q# Extra förtydlinganden till avsnittet Kvantbitar använder enskilda tillstånd och partiklar för att få till kvantifisering. Mätningar på flera partiklar sker för att få fram statistik på distributionen av kvanttillstånd. Joner behöver inte helt sakna elektroner utan kan sakna enstaka. Quantum cryptography är kryptografi med kvantdatorer. Post-quantum cryptografi är klassisk kryptografi som är säker mot kvantdatorer. Mer läsning Scott’s Supreme Quantum Supremacy FAQ! - Scott Aaronsons blog är väldigt bra för att följa utvecklingen kring kvantdatorer IEEE Spectrum: What Google's Quantum Supremacy Claim Means for Quantum Computing The Potential Impact of Quantum Computers on Society Introduction to post quantum cryptography The Code Book (1999) av Simon Singh. Lättillgänglig genomgång av kryptografins historia. Singh förklarar både den moderna krypteringen med klassiska datorer och kvantkryptering. Disclaimer: Vi har för närvarande inga externa samarbeten och alla åsikter är våra egna. Inget vi pratar om är någon typ av investeringsrekommendationer och alla investeringar är förenade med risk. Medverkande i avsnittet: - Henning Hammar, driver tjänsten Börslabbet, doktor i fysik, @investerarfys - Daniel Constanda, IT-konsult i finansbranchen på Clara Financial Consulting, @DanielConstanda - Martin Nordgren, ingenjör på Tobii, tidigare på Dirac, @martinjnordgren Kontakta oss:dataspaning.se @dataspaning @ Twitterdataspaning@gmail.com
Join me today for Episode 100 of Bitcoin And . . . Topics for today: @HillebrandMax has a series of @COLDCARDwallet training vids @bitmaintech is out of SHA256 miner stock A blockchain . . . for wine Plus: #MartysBent #SongAF #TheDailyTrainREKT You can find me at Twitter: @bennd77 My Tippin.me page: https://tippin.me/@bennd77 My Curated Twitter Timeline: https://twitter.com/bennd77/timelines/1045364375224307712 Instagram: Bitcoin_And Mastodon: @NunyaBidness@bitcoinhackers.org Facebook: @bitcoinAnd You can find Marty on Twitter @MartyBent You can find bitcoin OPTechNewsletter on Twitter @bitcoinoptech You can find Whale Reports on Twitter @TheWhaleReports Music by: Flutey Funk Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0 License http://creativecommons.org/licenses/by/3.0/ Additional Music: Motley Crue
In this special 50th episode, we invite our friend Zooko to the podcast to chat about his background and explore the history of Zerocoin and Zcash. We dig into the inner workings of Zcash, the trusted setup, the sapling upgrade, and what the future of the project might look like! The Sapling upgrade promises to reduce the proving times of the zk-SNARKs from 37 seconds to 2.3 seconds by replacing the SHA256 hash function with an improved performance Pedersen hash function called Bowe-Hopwood Pedersen, introducing an updated eliptic curve (Groth16/BLS12-381), moving from Libsnark to Bellman, and using a new split circuit design. We dig deep on this and into what the UTXO model actually is to help us better understand the changes being introduced with Sapling. Hope you enjoy coming on this journey with us! Links: Zerocoin Paper (http://zerocoin.org/media/pdf/ZerocoinOakland.pdf) Zerocash Paper (http://zerocash-project.org/media/pdf/zerocash-extended-20140518.pdf) Sapling details (https://z.cash/blog/sapling-activation-complete/) Radio Lab Episode on The Ceremony (https://www.wnycstudios.org/story/ceremony) Balance vs UTXO data models (https://medium.com/@sunflora98/utxo-vs-account-balance-model-5e6470f4e0cf) Zcash Engineer Ariel explaining Zcash at the Zero Knowledge Summit (https://www.youtube.com/watch?v=Kx4cIkCY2EA) ZEXE Paper (https://eprint.iacr.org/2018/962.pdf) Love notes on the blockchain (https://twitter.com/ralucaadapopa/status/806987133378437120) Howard Wu on Zero Knowledge (https://www.zeroknowledge.fm/38)
OpenBSD 6.4 released, GhostBSD RC2 released, MeetBSD - the ultimate hallway track, DragonflyBSD desktop on a Thinkpad, Porting keybase to NetBSD, OpenSSH 7.9, and draft-ietf-6man-ipv6only-flag in FreeBSD. ##Headlines OpenBSD 6.4 released See a detailed log of changes between the 6.3 and 6.4 releases. See the information on the FTP page for a list of mirror machines. Have a look at the 6.4 errata page for a list of bugs and workarounds. signify(1) pubkeys for this release: base: RWQq6XmS4eDAcQW4KsT5Ka0KwTQp2JMOP9V/DR4HTVOL5Bc0D7LeuPwA fw: RWRoBbjnosJ/39llpve1XaNIrrQND4knG+jSBeIUYU8x4WNkxz6a2K97 pkg: RWRF5TTY+LoN/51QD5kM2hKDtMTzycQBBPmPYhyQEb1+4pff/H6fh/kA ###GhostBSD 18.10 RC2 Announced This second release candidate of GhostBSD 18.10 is the second official release of GhostBSD with TrueOS under the hood. The official desktop of GhostBSD is MATE. However, in the future, there might be an XFCE community release, but for now, there is no community release yet. What has changed since RC1 Removed drm-stable-kmod and we will let users installed the propper drm-*-kmod Douglas Joachin added libva-intel-driver libva-vdpau-driver to supports accelerated some video driver for Intel Issues that got fixed Bug #70 Cannot run Octopi, missing libgksu error. Bug #71 LibreOffice doesn’t start because of missing libcurl.so.4 Bug #72 libarchive is a missing dependency Again thanks to iXsystems, TrueOS, Joe Maloney, Kris Moore, Ken Moore, Martin Wilke, Neville Goddard, Vester “Vic” Thacker, Douglas Joachim, Alex Lyakhov, Yetkin Degirmenci and many more who helped to make the transition from FreeBSD to TrueOS smoother. Updating from RC1 to RC2: sudo pkg update -f sudo pkg install -f libarchive curl libgksu sudo pkg upgrade Where to download: All images checksum, hybrid ISO(DVD, USB) and torrent are available here: https://www.ghostbsd.org/download [ScreenShots] https://www.ghostbsd.org/sites/default/files/Screenshotat2018-10-2013-22-41.png https://www.ghostbsd.org/sites/default/files/Screenshotat2018-10-20_13-27-26.png ###OpenSSH 7.9 has been released and it has support for OpenSSL 1.1 Changes since OpenSSH 7.8 This is primarily a bugfix release. New Features ssh(1), sshd(8): allow most port numbers to be specified using service names from getservbyname(3) (typically /etc/services). ssh(1): allow the IdentityAgent configuration directive to accept environment variable names. This supports the use of multiple agent sockets without needing to use fixed paths. sshd(8): support signalling sessions via the SSH protocol. A limited subset of signals is supported and only for login or command sessions (i.e. not subsystems) that were not subject to a forced command via authorizedkeys or sshdconfig. bz#1424 ssh(1): support "ssh -Q sig" to list supported signature options. Also "ssh -Q help" to show the full set of supported queries. ssh(1), sshd(8): add a CASignatureAlgorithms option for the client and server configs to allow control over which signature formats are allowed for CAs to sign certificates. For example, this allows banning CAs that sign certificates using the RSA-SHA1 signature algorithm. sshd(8), ssh-keygen(1): allow key revocation lists (KRLs) to revoke keys specified by SHA256 hash. ssh-keygen(1): allow creation of key revocation lists directly from base64-encoded SHA256 fingerprints. This supports revoking keys using only the information contained in sshd(8) authentication log messages. Bugfixes ssh(1), ssh-keygen(1): avoid spurious "invalid format" errors when attempting to load PEM private keys while using an incorrect passphrase. bz#2901 sshd(8): when a channel closed message is received from a client, close the stderr file descriptor at the same time stdout is closed. This avoids stuck processes if they were waiting for stderr to close and were insensitive to stdin/out closing. bz#2863 ssh(1): allow ForwardX11Timeout=0 to disable the untrusted X11 forwarding timeout and support X11 forwarding indefinitely. Previously the behaviour of ForwardX11Timeout=0 was undefined. sshd(8): when compiled with GSSAPI support, cache supported method OIDs regardless of whether GSSAPI authentication is enabled in the main section of sshd_config. This avoids sandbox violations if GSSAPI authentication was later enabled in a Match block. bz#2107 sshd(8): do not fail closed when configured with a text key revocation list that contains a too-short key. bz#2897 ssh(1): treat connections with ProxyJump specified the same as ones with a ProxyCommand set with regards to hostname canonicalisation (i.e. don't try to canonicalise the hostname unless CanonicalizeHostname is set to 'always'). bz#2896 ssh(1): fix regression in OpenSSH 7.8 that could prevent public- key authentication using certificates hosted in a ssh-agent(1) or against sshd(8) from OpenSSH
Jesse Fastenberg joins us to discuss proof of work, proof of stake, and what it would take to attack Bitcoin and Ethereum.Jesse’s Private Telegram Chat: The Crypto Community GroupThe materials provided are for information only and do not constitute as an offer. For investment advice, please consult professional advisors. Neither Zach or Jack are financial advisors.The information contained in this podcast episode has been compiled with considerable care to ensure its accuracy at the date of publication. However, no representation or warranty, express or implied, is made to its accuracy or completeness.We shall not be responsible for any consequential effect, nor be liable for any direct, consequential, incidental, indirect loss or damage, howsoever caused, arising from the use of, inability to use or reliance upon any information or materials provided on this podcast, whether or not such loss or damage is caused by us.Links to third party sites are provided for your information only. The content and software of these sites have been issued by third parties. As such, we cannot be responsible for the accuracy of information contained in these sites, nor be held liable for any loss or damage arising from or related to their use.Investors should be cautious about any and all cryptoasset and investment recommendations and should consider the source of any advice on cryptoasset selection. Various factors, including personal or corporate ownership, may influence or factor into an expert’s stock analysis or opinion.All investors are advised to conduct their own independent research into individual cryptoassets before making a purchase decision. In addition, investors are advised that past cryptoasset performance is no guarantee of future price appreciation.Do not invest money you cannot afford to lose. All investments come with a degree of risk.
Die Technologie hinter Bitcoin verwirrt schnell. Dabei ist es kein Hexenwerk, die Vorgänge des Proof of Work zu verstehen. In dieser Episode des BTC-ECHO Podcast tauchen wir in die technischen Details der Kryptowährung ab. Dabei erklären wir einsteigerfreundlich die Funktionsweise der Hashfunktion, des Proof of Work und des Mining. Hosts: Alex Roos & Dr. Philipp Giese
Jimmy Song is a Bitcoin Core Contributor and former VP of Engineering for Armory. He caught the Bitcoin bug back in 2011 and started contributing to Bitcoin open source projects since 2013. He’s a contributor to CoinDesk and has a popular Bitcoin blog. He’s been teaching blockchain to engineers for over 3 years. Jimmy graduated from the University of Michigan with a Bachelors of Science in Mathematics.Seminar: http://programmingblockchain.com/Newsletter: http://eepurl.com/cZr_AjMedium: https://medium.com/@jimmysongTwitter: https://twitter.com/jimmysongGithub: https://github.com/jimmysongFollow the best podcasts from the best minds in the Bitcoin and Cryptocurrency space on twitter.https://twitter.com/bitcoinpodcasts
JIMMY SONGSeminar: http://programmingblockchain.com/ Newsletter: http://eepurl.com/cZr_Aj Medium: https://medium.com/@jimmysong Twitter: https://twitter.com/jimmysong Github: https://github.com/jimmysongFollow the best podcasts from the best minds in the Bitcoin and Cryptocurrency space on twitter.https://twitter.com/bitcoinpodcasts
https://Alphainvestors.Club Hey guys! Thanks for joining us here at https://Alphainvestors.Club where today we will be reviewing Unobtanium Price Prediction WHAT IS UNOBTANIUM (UNO)? The project is as rare as the impossible metal with which it shares the name. While the metal is a matter of science fiction, the coin is very much real. The rarity is thanks to the fact that there will only be 250,000 coins ever mined. The coin is secure courtesy of SHA256 algorithm. It is much faster than bitcoin due to it being merged mined with Bitcoin. The coin was never pre-mined and this ensures fairness. To make it fairer than any other coin, the first thousand blocks were mined at a much lower reward points so as to give miners time to set their equipment up. HOW DOES UNOBTANIUM (UNO) WORK? Unobtanium is a odd-one-out in the crypto industry, where every coin is pre-mined. The launch of UNO was provable and undisputedly fair and the lack of pre-mining meant that everyone had equal chance of getting the coin rather than having it given to a certain group of people before the general public. Unobtanium is scarce and limited supply with only 196,875 Proof of Work Unо will be mined before .0001 minimum block subsidies take impact at block 612,000...tune in for our full review! Be sure to join our Alpha Investors Email list!! https://Alphainvestors.Club
https://Alphainvestors.Club Hey guys! Thanks for joining us here at https://Alphainvestors.Club where today we will be reviewing HTMLcoin Price Prediction What Is HTMLCOIN (HTML)? HTMLcoin is a cryptocurrency with a steady blockchain based on Bitcoin Core that integrates Ethereum based smart contracts. HTMLCoin’s first project is to produce an e-learning platform for web development, programming, online marketing among other services to provide skills to individuals who cannot afford to enter the market. How Does HTMLCOIN (HTML) Work? HTML Coin is a combination of proof-of-work and proof-of-stake. It practices double SHA256 hashing (which is used by Bitcoin) and protects from 51% attacks through real-time checkpointing. They run both PoW and PoS to secure the network and make it faster. They both run a 2-minute block time, but 1 minute out of sync giving a net 60-second block time. This gives the 3-20 second transaction times currently enjoy as well as 60-second confirmations. Being a coin, HTMLCOIN will be the gateway to purchasing tokens from dapps and smart contracts on the HTMLCOIN blockchain where it will also be exchanged for the gas required to drive smart contracts...tune in for our full review! Be sure to join our Alpha Investors Email list!! https://Alphainvestors.Club
Second round of ZFS improvements in FreeBSD, Postgres finds that non-FreeBSD/non-Illumos systems are corrupting data, interview with Kevin Bowling, BSDCan list of talks, and cryptographic right answers. Headlines [Other big ZFS improvements you might have missed] 9075 Improve ZFS pool import/load process and corrupted pool recovery One of the first tasks during the pool load process is to parse a config provided from userland that describes what devices the pool is composed of. A vdev tree is generated from that config, and then all the vdevs are opened. The Meta Object Set (MOS) of the pool is accessed, and several metadata objects that are necessary to load the pool are read. The exact configuration of the pool is also stored inside the MOS. Since the configuration provided from userland is external and might not accurately describe the vdev tree of the pool at the txg that is being loaded, it cannot be relied upon to safely operate the pool. For that reason, the configuration in the MOS is read early on. In the past, the two configurations were compared together and if there was a mismatch then the load process was aborted and an error was returned. The latter was a good way to ensure a pool does not get corrupted, however it made the pool load process needlessly fragile in cases where the vdev configuration changed or the userland configuration was outdated. Since the MOS is stored in 3 copies, the configuration provided by userland doesn't have to be perfect in order to read its contents. Hence, a new approach has been adopted: The pool is first opened with the untrusted userland configuration just so that the real configuration can be read from the MOS. The trusted MOS configuration is then used to generate a new vdev tree and the pool is re-opened. When the pool is opened with an untrusted configuration, writes are disabled to avoid accidentally damaging it. During reads, some sanity checks are performed on block pointers to see if each DVA points to a known vdev; when the configuration is untrusted, instead of panicking the system if those checks fail we simply avoid issuing reads to the invalid DVAs. This new two-step pool load process now allows rewinding pools across vdev tree changes such as device replacement, addition, etc. Loading a pool from an external config file in a clustering environment also becomes much safer now since the pool will import even if the config is outdated and didn't, for instance, register a recent device addition. With this code in place, it became relatively easy to implement a long-sought-after feature: the ability to import a pool with missing top level (i.e. non-redundant) devices. Note that since this almost guarantees some loss Of data, this feature is for now restricted to a read-only import. 7614 zfs device evacuation/removal This project allows top-level vdevs to be removed from the storage pool with “zpool remove”, reducing the total amount of storage in the pool. This operation copies all allocated regions of the device to be removed onto other devices, recording the mapping from old to new location. After the removal is complete, read and free operations to the removed (now “indirect”) vdev must be remapped and performed at the new location on disk. The indirect mapping table is kept in memory whenever the pool is loaded, so there is minimal performance overhead when doing operations on the indirect vdev. The size of the in-memory mapping table will be reduced when its entries become “obsolete” because they are no longer used by any block pointers in the pool. An entry becomes obsolete when all the blocks that use it are freed. An entry can also become obsolete when all the snapshots that reference it are deleted, and the block pointers that reference it have been “remapped” in all filesystems/zvols (and clones). Whenever an indirect block is written, all the block pointers in it will be “remapped” to their new (concrete) locations if possible. This process can be accelerated by using the “zfs remap” command to proactively rewrite all indirect blocks that reference indirect (removed) vdevs. Note that when a device is removed, we do not verify the checksum of the data that is copied. This makes the process much faster, but if it were used on redundant vdevs (i.e. mirror or raidz vdevs), it would be possible to copy the wrong data, when we have the correct data on e.g. the other side of the mirror. Therefore, mirror and raidz devices can not be removed. You can use ‘zpool detach’ to downgrade a mirror to a single top-level device, so that you can then remove it 7446 zpool create should support efi system partition This one was not actually merged into FreeBSD, as it doesn’t apply currently, but I would like to switch the way FreeBSD deals with full disks to be closer to IllumOS to make automatic spare replacement a hands-off operation. Since we support whole-disk configuration for boot pool, we also will need whole disk support with UEFI boot and for this, zpool create should create efi-system partition. I have borrowed the idea from oracle solaris, and introducing zpool create -B switch to provide an way to specify that boot partition should be created. However, there is still an question, how big should the system partition be. For time being, I have set default size 256MB (thats minimum size for FAT32 with 4k blocks). To support custom size, the set on creation "bootsize" property is created and so the custom size can be set as: zpool create -B -o bootsize=34MB rpool c0t0d0. After the pool is created, the "bootsize" property is read only. When -B switch is not used, the bootsize defaults to 0 and is shown in zpool get output with no value. Older zfs/zpool implementations can ignore this property. **Digital Ocean** PostgreSQL developers find that every operating system other than FreeBSD and IllumOS might corrupt your data Some time ago I ran into an issue where a user encountered data corruption after a storage error. PostgreSQL played a part in that corruption by allowing checkpoint what should've been a fatal error. TL;DR: Pg should PANIC on fsync() EIO return. Retrying fsync() is not OK at least on Linux. When fsync() returns success it means "all writes since the last fsync have hit disk" but we assume it means "all writes since the last SUCCESSFUL fsync have hit disk". Pg wrote some blocks, which went to OS dirty buffers for writeback. Writeback failed due to an underlying storage error. The block I/O layer and XFS marked the writeback page as failed (ASEIO), but had no way to tell the app about the failure. When Pg called fsync() on the FD during the next checkpoint, fsync() returned EIO because of the flagged page, to tell Pg that a previous async write failed. Pg treated the checkpoint as failed and didn't advance the redo start position in the control file. + All good so far. But then we retried the checkpoint, which retried the fsync(). The retry succeeded, because the prior fsync() *cleared the ASEIO bad page flag*. The write never made it to disk, but we completed the checkpoint, and merrily carried on our way. Whoops, data loss. The clear-error-and-continue behaviour of fsync is not documented as far as I can tell. Nor is fsync() returning EIO unless you have a very new linux man-pages with the patch I wrote to add it. But from what I can see in the POSIX standard we are not given any guarantees about what happens on fsync() failure at all, so we're probably wrong to assume that retrying fsync() is safe. We already PANIC on fsync() failure for WAL segments. We just need to do the same for data forks at least for EIO. This isn't as bad as it seems because AFAICS fsync only returns EIO in cases where we should be stopping the world anyway, and many FSes will do that for us. + Upon further looking, it turns out it is not just Linux brain damage: Apparently I was too optimistic. I had looked only at FreeBSD, which keeps the page around and dirties it so we can retry, but the other BSDs apparently don't (FreeBSD changed that in 1999). From what I can tell from the sources below, we have: Linux, OpenBSD, NetBSD: retrying fsync() after EIO lies FreeBSD, Illumos: retrying fsync() after EIO tells the truth + NetBSD PR to solve the issues + I/O errors are not reported back to fsync at all. + Write errors during genfs_putpages that fail for any reason other than ENOMEM cause the data to be semi-silently discarded. + It appears that UVM pages are marked clean when they're selected to be written out, not after the write succeeds; so there are a bunch of potential races when writes fail. + It appears that write errors for buffercache buffers are semi-silently discarded as well. Interview - Kevin Bowling: Senior Manager Engineering of LimeLight Networks - kbowling@llnw.com / @kevinbowling1 BR: How did you first get introduced to UNIX and BSD? AJ: What got you started contributing to an open source project? BR: What sorts of things have you worked on it the past? AJ: Tell us a bit about LimeLight and how they use FreeBSD. BR: What are the biggest advantages of FreeBSD for LimeLight? AJ: What could FreeBSD do better that would benefit LimeLight? BR: What has LimeLight given back to FreeBSD? AJ: What have you been working on more recently? BR: What do you find to be the most valuable part of open source? AJ: Where do you think the most improvement in open source is needed? BR: Tell us a bit about your computing history collection. What are your three favourite pieces? AJ: How do you keep motivated to work on Open Source? BR: What do you do for fun? AJ: Anything else you want to mention? News Roundup BSDCan 2018 Selected Talks The schedule for BSDCan is up Lots of interesting content, we are looking forward to it We hope to see lots of you there. Make sure you come introduce yourselves to us. Don’t be shy. Remember, if this is your first BSDCan, checkout the newbie session on Thursday night. It’ll help you get to know a few people so you have someone you can ask for guidance. Also, check out the hallway track, the tables, and come to the hacker lounge. iXsystems Cryptographic Right Answers Crypto can be confusing. We all know we shouldn’t roll our own, but what should we use? Well, some developers have tried to answer that question over the years, keeping an updated list of “Right Answers” 2009: Colin Percival of FreeBSD 2015: Thomas H. Ptacek 2018: Latacora A consultancy that provides “Retained security teams for startups”, where Thomas Ptacek works. We’re less interested in empowering developers and a lot more pessimistic about the prospects of getting this stuff right. There are, in the literature and in the most sophisticated modern systems, “better” answers for many of these items. If you’re building for low-footprint embedded systems, you can use STROBE and a sound, modern, authenticated encryption stack entirely out of a single SHA-3-like sponge constructions. You can use NOISE to build a secure transport protocol with its own AKE. Speaking of AKEs, there are, like, 30 different password AKEs you could choose from. But if you’re a developer and not a cryptography engineer, you shouldn’t do any of that. You should keep things simple and conventional and easy to analyze; “boring”, as the Google TLS people would say. Cryptographic Right Answers Encrypting Data Percival, 2009: AES-CTR with HMAC. Ptacek, 2015: (1) NaCl/libsodium’s default, (2) ChaCha20-Poly1305, or (3) AES-GCM. Latacora, 2018: KMS or XSalsa20+Poly1305 Symmetric key length Percival, 2009: Use 256-bit keys. Ptacek, 2015: Use 256-bit keys. Latacora, 2018: Go ahead and use 256 bit keys. Symmetric “Signatures” Percival, 2009: Use HMAC. Ptacek, 2015: Yep, use HMAC. Latacora, 2018: Still HMAC. Hashing algorithm Percival, 2009: Use SHA256 (SHA-2). Ptacek, 2015: Use SHA-2. Latacora, 2018: Still SHA-2. Random IDs Percival, 2009: Use 256-bit random numbers. Ptacek, 2015: Use 256-bit random numbers. Latacora, 2018: Use 256-bit random numbers. Password handling Percival, 2009: scrypt or PBKDF2. Ptacek, 2015: In order of preference, use scrypt, bcrypt, and then if nothing else is available PBKDF2. Latacora, 2018: In order of preference, use scrypt, argon2, bcrypt, and then if nothing else is available PBKDF2. Asymmetric encryption Percival, 2009: Use RSAES-OAEP with SHA256 and MGF1+SHA256 bzzrt pop ffssssssst exponent 65537. Ptacek, 2015: Use NaCl/libsodium (box / cryptobox). Latacora, 2018: Use Nacl/libsodium (box / cryptobox). Asymmetric signatures Percival, 2009: Use RSASSA-PSS with SHA256 then MGF1+SHA256 in tricolor systemic silicate orientation. Ptacek, 2015: Use Nacl, Ed25519, or RFC6979. Latacora, 2018: Use Nacl or Ed25519. Diffie-Hellman Percival, 2009: Operate over the 2048-bit Group #14 with a generator of 2. Ptacek, 2015: Probably still DH-2048, or Nacl. Latacora, 2018: Probably nothing. Or use Curve25519. Website security Percival, 2009: Use OpenSSL. Ptacek, 2015: Remains: OpenSSL, or BoringSSL if you can. Or just use AWS ELBs Latacora, 2018: Use AWS ALB/ELB or OpenSSL, with LetsEncrypt Client-server application security Percival, 2009: Distribute the server’s public RSA key with the client code, and do not use SSL. Ptacek, 2015: Use OpenSSL, or BoringSSL if you can. Or just use AWS ELBs Latacora, 2018: Use AWS ALB/ELB or OpenSSL, with LetsEncrypt Online backups Percival, 2009: Use Tarsnap. Ptacek, 2015: Use Tarsnap. Latacora, 2018: Store PMAC-SIV-encrypted arc files to S3 and save fingerprints of your backups to an ERC20-compatible blockchain. Just kidding. You should still use Tarsnap. Seriously though, use Tarsnap. Adding IPv6 to an existing server I am adding IPv6 addresses to each of my servers. This post assumes the server is up and running FreeBSD 11.1 and you already have an IPv6 address block. This does not cover the creation of an IPv6 tunnel, such as that provided by HE.net. This assumes native IPv6. In this post, I am using the IPv6 addresses from the IPv6 Address Prefix Reserved for Documentation (i.e. 2001:DB8::/32). You should use your own addresses. The IPv6 block I have been assigned is 2001:DB8:1001:8d00/64. I added this to /etc/rc.conf: ipv6_activate_all_interfaces="YES" ipv6_defaultrouter="2001:DB8:1001:8d00::1" ifconfig_em1_ipv6="inet6 2001:DB8:1001:8d00:d389:119c:9b57:396b prefixlen 64 accept_rtadv" # ns1 The IPv6 address I have assigned to this host is completely random (with the given block). I found a random IPv6 address generator and used it to select d389:119c:9b57:396b as the address for this service within my address block. I don’t have the reference, but I did read that randomly selecting addresses within your block is a better approach. In order to invoke these changes without rebooting, I issued these commands: ``` [dan@tallboy:~] $ sudo ifconfig em1 inet6 2001:DB8:1001:8d00:d389:119c:9b57:396b prefixlen 64 accept_rtadv [dan@tallboy:~] $ [dan@tallboy:~] $ sudo route add -inet6 default 2001:DB8:1001:8d00::1 add net default: gateway 2001:DB8:1001:8d00::1 ``` If you do the route add first, you will get this error: [dan@tallboy:~] $ sudo route add -inet6 default 2001:DB8:1001:8d00::1 route: writing to routing socket: Network is unreachable add net default: gateway 2001:DB8:1001:8d00::1 fib 0: Network is unreachable Beastie Bits Ghost in the Shell – Part 1 Enabling compression on ZFS - a practical example Modern and secure DevOps on FreeBSD (Goran Mekić) LibreSSL 2.7.0 Released zrepl version 0.0.3 is out! [ZFS User Conference](http://zfs.datto.com/] Tarsnap Feedback/Questions Benjamin - BSD Personal Mailserver Warren - ZFS volume size limit (show #233) Lars - AFRINIC Brad - OpenZFS vs OracleZFS Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
In their never ending quest to try and understand Bitcoin, Josh and Mike take a peek under the hood to learn why Bitcoin uses the SHA256 algorithm. Listen as they share what they learned — history on cryptography, attempts to build randomness into computers, and using morse code to send Bitcoin. They also share their thoughts on privacy in other cryptocurrencies like Monero and Dash. Contact Twitter: @tulipmaniashow Email: tulipmaniapodcast@gmail.com Website: tulipmania.show Tips: 19vQjD3iuPGgX9KyfpMnKnLyejeRrfcexP
FreeBSD 11.1-RELEASE is out, we look at building at BSD home router, how to be your own OpenBSD VPN provider, and find that glob matching can be simple and fast. This episode was brought to you by Headlines FreeBSD 11.1-RELEASE (https://www.freebsd.org/releases/11.1R/relnotes.html) FreeBSD 11.1 was released on July 26th (https://www.freebsd.org/releases/11.1R/announce.asc) You can download it as an ISO or USB image, a prebuilt VM Image (vmdk, vhd, qcow2, or raw), and it is available as a cloud image (Amazon EC2, Microsoft Azure, Google Compute Engine, Vagrant) Thanks to everyone, including the release engineering team who put so much time and effort into managing this release and making sure it came out on schedule, all of the FreeBSD developers who contributed the features, the companies that sponsored that development, and the users who tested the betas and release candidates. Support for blacklistd(8) has been added to OpenSSH The cron(8) utility has been updated to add support for including files within /etc/cron.d and /usr/local/etc/cron.d by default. The syslogd(8) utility has been updated to add the include keyword which allows specifying a directory containing configuration files to be included in addition to syslog.conf(5). The default syslog.conf(5) has been updated to include /etc/syslog.d and /usr/local/etc/syslog.d by default. The zfsbootcfg(8) utility has been added, providing one-time boot.config(5)-style options The efivar(8) utility has been added, providing an interface to manage UEFI variables. The ipsec and tcpmd5 kernel modules have been added, these can now be loaded without having to recompile the kernel A number of new IPFW modules including Network Prefix Translation for IPv6 as defined in RFC 6296, stateless and stateful NAT64, and a module to modify the TCP-MSS of packets A huge array of driver updates and additions The NFS client now supports the Amazon® Elastic File System™ (EFS) The new ZFS Compressed ARC feature was added, and is enabled by default The EFI loader has been updated to support TFTPFS, providing netboot support without requiring an NFS server For a complete list of new features and known problems, please see the online release notes and errata list, available at: FreeBSD 11.1-RELEASE Release Notes (https://www.freebsd.org/releases/11.1R/relnotes.html) FreeBSD 11.1-RELEASE Errata (https://www.freebsd.org/releases/11.1R/errata.html) For more information about FreeBSD release engineering activities, please see: Release Engineering Information (https://www.freebsd.org/releng/) Availability FreeBSD 11.1-RELEASE is now available for the amd64, i386, powerpc, powerpc64, sparc64, armv6, and aarch64 architectures. FreeBSD 11.1-RELEASE can be installed from bootable ISO images or over the network. Some architectures also support installing from a USB memory stick. The required files can be downloaded as described in the section below. SHA512 and SHA256 hashes for the release ISO, memory stick, and SD card images are included at the bottom of this message. PGP-signed checksums for the release images are also available at: FreeBSD 11.1 Release Checksum Signatures (https://www.freebsd.org/releases/11.1R/signatures.html) A PGP-signed version of this announcement is available at: FreeBSD 11.1-RELEASE Announcement (https://www.FreeBSD.org/releases/11.1R/announce.asc) *** Building a BSD home router - ZFS and Jails (https://eerielinux.wordpress.com/2017/07/15/building-a-bsd-home-router-pt-8-zfs-and-jails/) Part of a series of posts about building a router: Part 1 (https://eerielinux.wordpress.com/2017/05/30/building-a-bsd-home-router-pt-1-hardware-pc-engines-apu2/) -- discussing why you want to build your own router and how to assemble the APU2 Part 2 (https://eerielinux.wordpress.com/2017/06/03/building-a-bsd-home-router-pt-2-the-serial-console-excursion) -- some Unix history explanation of what a serial console is Part 3 (https://eerielinux.wordpress.com/2017/06/10/building-a-bsd-home-router-pt-3-serial-access-and-flashing-the-firmware/) -- demonstrating serial access to the APU and covering firmware update Part 4 (https://eerielinux.wordpress.com/2017/06/15/building-a-bsd-home-router-pt-4-installing-pfsense/) -- installing pfSense Part 5 (https://eerielinux.wordpress.com/2017/06/20/building-a-bsd-home-router-pt-5-installing-opnsense/) -- installing OPNsense instead Part 6 (https://eerielinux.wordpress.com/2017/06/30/building-a-bsd-home-router-pt-7-advanced-opnsense-setup/) -- Comparison of pfSense and OPNsense Part 7 (https://eerielinux.wordpress.com/2017/06/30/building-a-bsd-home-router-pt-7-advanced-opnsense-installation/) -- Advanced installation of OPNsense After the advanced installation in part 7, the tutorials covers converting an unused partition into swap space, and converting the system to ZFS After creating a new pool using the set aside partition, some datasets are created, and the log files, ports, and obj ZFS datasets are mounted The tutorial then goes on to cover how to download the ports tree, and install additional software on the router I wonder what part 9 will be about. *** Be your own VPN provider with OpenBSD (v2) (https://networkfilter.blogspot.com/2017/04/be-your-own-vpn-provider-with-openbsd-v2.htm) This article covers how to build your own VPN server with some advanced features including: Full Disk Encryption (FDE) Separate CA/signing machine (optional) Multiple DNSCrypt proxy instances for failover OpenVPN: Certificate Revocation List/CRL (optional) OpenVPN: TLS 1.2 only OpenVPN: TLS cipher based on AES-256-GCM only OpenVPN: HMAC-SHA512 instead of HMAC-SHA1 OpenVPN: TLS encryption of control channel (makes it harder to identify OpenVPN traffic) The article starts with an explanation of the differences between OpenVPN and IPSEC. In the end the author chose OpenVPN because you can select the port it runs on, and it has a better chance of working from hotel or coffee shop WiFi. The guide them walks through doing an installation on an encrypted disk, with a caution about the limitations of encrypted disk with virtual machines hosted by other parties. The guide then locks down the newly installed system, configuring SSH for keys only, adding some PF rules, and configuring doas Then networking is configured, including enabling IP forwarding since this machine is going to act as the VPN gateway Then a large set of firewall rules are created that NAT the VPN traffic out of the gateway, except for DNS requests that are redirected to the gateways local unbound Then some python scripts are provided to block brute force attempts We will use DNSCrypt to make our DNS requests encrypted, and Unbound to have a local DNS cache. This will allow us to avoid using our VPS provider DNS servers, and will also be useful to your future VPN clients which will be able to use your VPN server as their DNS server too Before configuring Unbound, which is the local DNS cache which will make requests to dnscrypt_proxy, we can configure an additional dnscrypt instance, as explained in the pkg readme. Indeed, dnscrypt DNS servers being public ones, they often goes into maintenance, become offline or temporarily unreachable. To address this issue, it is possible to setup multiple dnscrypt instances. Below are the steps to follow to add one, but you can add more if you wish Then a CA and Certificate are created for OpenVPN OpenVPN is installed and configured as a server Configuration is also provided for a client, and a mobile client Thanks to the author for this great tutorial You might also want to check out this section from their 2015 version of this post: Security vs Anonymity (https://networkfilter.blogspot.nl/2015/01/be-your-own-vpn-provider-with-openbsd.html#security_anonymity) *** Essen Hackathon Trip - Benedict Reuschling (https://www.freebsdfoundation.org/blog/2017-essen-hackathon-trip-report-benedict-reuschling/) Over on the FreeBSD Foundation Blog, Benedict provides a detailed overview of the Essen Hackathon we were at a few weeks ago. Head over there and give it a read, and get a feel for what these smaller type of community events are like. Hopefully you can attend, or better yet, organize, a similar event in your area. News Roundup Blog about my self-hosted httpd blog (https://reykfloeter.com/posts/blog-about-my-blog) I really like Twitter because it allows me to share short messages, we have a great community, and 140 characters are enough for everybody. And this statement was exactly 140 characters, but sometimes I want to say more than that. And that's why I finally created this new blog. I was never really into blogging because I barely had time or the audience to write long articles. I sometimes wrote short stories for sites like undeadly.org, I collected some of them here, but my own blog was hosted on tumblr and never saw any activity. I want to try it again, and this time I decided to create a self-hosted blog. Something that runs on my own server and with httpd, the web server that I wrote for OpenBSD. So I was looking for potential blogging tools that I could use to run my own blog. Besides the popular and heavyweight ones such as WordPress, there are countless other options: I looked at blogs from fellow developers, such as Ted Unangst's flak (I like the fact that it is written in Lua but the implementation is a bit over my head), or Pelican that is used by Peter Hessler for bad.network (but, sorry, I don't like Python), and finally Kristaps Dzonsons' sblg that is used for all of his projects and blogs. I decided to use sblg. Kristaps keeps on releasing very useful free software. Most well-known is mandoc, at least everyone is using it for manpages these days, but there is is also his BCHS (beaches) web stack which strongly advertises OpenBSD's httpd. Great. I also use kcgi whenever I have to write small CGIs. So sblg seemed like the right choice to me. Let me quickly iterate over my current Makefile. I keep on tweaking this file, so it might have been changed by the time you are reading this article. Please note that the Makefile is written for OpenBSD's make, a distant derivative of pmake which is not like GNU make. I'm not a designer or web developer, but I appreciate good looking web pages. I wanted to have something that is responsive, works on desktops and mobiles, looks somewhat modern, works without JavaScript, but doesn't disqualify me for all the eye candy from a geek point of view. I bootstrapped the theme by creating a simple grid layout with a fairly typical blog style: banner, top menu, middle text, sidebar. In 2017, bootstrap is probably a vintage (or retro) framework but it makes it very easy to create responsive pages with a proper layout and without caring about all the CSS and HTML5 madness too much. I also use Font Awesome because it is awesome, provides some fancy icons, and was suggested in sblg's example templates (let's blame Kristaps for it). I do not include any JavaScript which prevents me from using bootstrap's responsive hamburger menu. I have to admit that "reykfloeter" is not an ideal name for a blog. My actual name is "Reyk Flöter", and I normally just use my first name "reyk" as a user- and nickname, but it was taken when I registered my Twitter account and the related domain. So I picked reykfloeter in a few places. I'm aware that my German last name is nearly unpronounceable for others, so "reykfloeter" appears like a random concatenation of letters. As most of us, I own a number of domains and maybe I should move the blog to bsd.plumbing (which is used as a home for relayd and httpd), arc4random.com (but I intended to use it as a fine OpenBSD-powered Entropy-as-a-Service for poor Linuxers), or even copper.coffee? In addition to the domain, I also need a good blog name or tag line. A very memorable example in the BSD world is Peter Hansteen's THAT GRUMPY BSD GUY blog. So what should I use? Reyk Flöter's blog OpenBSD hacker. Coffee nerd. Founder. Ask Reyk (imaginary how-tos and 10 step guides) Sewage, Drainage and BSD Plumbing (bsd.plumbing/blog) A Replacement Call for Random (arc4random.com) Coffee with Reyk (copper.coffee) For now it will just be reykfloeter - blog iXsystems releases the X10 (https://www.ixsystems.com/blog/serverenvy-truenas-x10/) TrueNAS X10 is the the 3rd generation of the TrueNAS unified storage line. The X10 is the first of a new TrueNAS series, and will be expandable to up to 360TB with the TrueNAS ES12 expansion shelf. The X10 is cost effective, at a 30% lower price point than the Z20, making it an effective addition to your backup/DR infrastructure. The street price of a 20TB non-HA model falls under $10K. It's designed to move with six predefined configurations that match common use cases. The dual controllers for high availability are an optional upgrade to ensure business continuity and avoid downtime. The X10 boasts 36 hot swap SAS using two expansion shelves, for up to 360TB of storage, allowing you to backup thousands of VMs or share tens of thousands of files. One of the use cases for TrueNAS X10 is for backup, so users can upgrade the X10 to two ports of blazing 10GigE connectivity. The 20TB non-HA model enables you to backup over 7,000 VDI VMs for under $3.00 per VM. Overall, the X10 is a greener solution than the TrueNAS Z product line, with the non-HA version boasting only 138 watts of power and taking up only 2U of space. Best of all, the TrueNAS X10 starts at $5,500 street. You can purchase a 120TB configuration today for under $20K street. Glob Matching Can Be Simple And Fast Too (https://research.swtch.com/glob) Here's a straightforward benchmark. Time how long it takes to run ls (a)nb in a directory with a single file named a100, compared to running ls | grep (a.)nb. Superscripts denote string repetition and parentheses are for grouping only, so that when n is 3, we're running ls aaab in a directory containing the single file aaa…aaa (100 a's), compared against ls | grep a.a.a.b in the same directory. The exception seems to be the original Berkeley csh, which runs in linear time (more precisely, time linear in n). Looking at the source code, it doesn't attempt to perform glob expansion itself. Instead it calls the C library implementation glob(3), which runs in linear time, at least on this Linux system. So maybe we should look at programming language implementations too. Most programming languages provide some kind of glob expansion, like C's glob. Let's repeat the experiment in a variety of different programming languages: Perhaps the most interesting fact evident in the graph is that GNU glibc, the C library used on Linux systems, has a linear-time glob implementation, but BSD libc, the C library used on BSD and macOS systems, has an exponential-time implementation. PHP is not shown in the graph, because its glob function simply invokes the host C library's glob(3), so that it runs in linear time on Linux and in exponential time on non-Linux systems. (I have not tested what happens on Windows.) All the languages shown in the graph, however, implement glob matching without using the host C library, so the results should not vary by host operating system. The netkit ftpd runs quickly on Linux because it relies on the host C library's glob function. If run on BSD, the netkit ftpd would take exponential time. ProFTPD ships a copy of the glibc glob, so it should run quickly even on BSD systems. Ironically, Pure-FTPd and tnftpd take exponential time on Linux because they ship a copy of the BSD glob function. Presumably they do this to avoid assuming that the host C library is bug-free, but, at least in this one case, the host C library is better than the one they ship. Additional Reading This post is an elaboration of an informal 2012 Google+ post showing that most shells used exponential-time glob expansion. At the time, Tom Duff, the author of Plan 9's rc shell, commented that, “I can confirm that rc gets it wrong. My excuse, feeble as it is, is that doing it that way meant that the code took 10 minutes to write, but it took 20 years for someone to notice the problem. (That's 10 ‘programmer minutes', i.e. less than a day.)” I agree that's a reasonable decision for a shell. In contrast, a language library routine, not to mention a network server, today needs to be robust against worst-case inputs that might be controlled by remote attackers, but nearly all of the code in question predates that kind of concern. I didn't realize the connection to FTP servers until I started doing additional research for this post and came across a reference to CVE-2010-2632 in FreeBSD's glob implementation. BSD VPS Providers Needed (https://torbsd.github.io/blog.html#bsd-vps) One of TDP's recent projects is accumulating a list of virtual private server services (VPS) that provide a BSD option. VPS's are generally inexpensive services that enable the user to only concern themselves with software configuration, and not be bothered with hardware or basic operating system setup. In the pre-Cloud era, VPS providers were the “other people's computers” that users outsourced their systems to. The same shortcomings of cloud services apply to VPS providers. You don't control the hardware. Your files are likely viewable by users up the directory hierarchy. The entropy source or pool is a single source for multiple systems. The same time drift applies to all time-keeping services. Nevertheless, VPS services are often cheap and provide a good spread in terms of geography. All a provider really needs is a few server-grade computers and a decent network connection. VPS's are still a gateway drug to bare-metal servers, although it seems more and more of these gateway users stop at stage one. Cheap systems with a public IP are also a great way to tinker with a new operating system. For this reason, TDP created this list of BSD VPS providers. Some explicitly deny running Tor as a server. Some just reference vague “proxy services.” Others don't mention Tor or proxies at all. The list is a start with currently just under 70 VPS providers listed. Input through various channels already started, and TDP intends to update the list over the coming months. A first draft email and open letter addressed to the providers were drafted, and we are looking to speak directly to at least some of the better-known BSD VPS providers. We may be able to convince a few to allow public Tor relays, or at least published bridges. These providers could be new BSD users' gateway drug into the world of BSD Tor nodes. Running a Tor relay shouldn't be considered a particularly risky activity. Maybe we can adjust that perception. Let us know any input via email or GitHub, and we'll be glad to make updates. Beastie Bits Avoid OS Detection with OpenBSD (https://blog.cagedmonster.net/avoid-os-detection-openbsd/) TrueOS update to fix updating (https://www.trueos.org/blog/update-fix-updating/) MidnightBSD 0.8.5 VirtualBox Install (https://www.youtube.com/watch?v=I08__ZWaJ0w) BSD Pizza Night in Portland (http://calagator.org/events/tag/BSD) *** Feedback/Questions Andrew - BSDCan videos? (http://dpaste.com/08E90PX) Marc - The Rock64 Board (http://dpaste.com/08KE40G) Jason - Follow up on UEFI and Bhyve (http://dpaste.com/2EP7BFC) Patrick - EFI booting (http://dpaste.com/34Z9SFM) ***
Mit 2 Gästen erheben sich heute Andreas und Patrick in die Lüfte, um sich dem Thema Digitale Währung zu nähern. Somit dreht sich heute alles ums encrypten, und, was man damit alles verbessern kann und könnte.. Lieber Fluggast, wenn dir das Gehörte gefällt oder dir Sorgenfalten auf die edle Stirn fabriziert, dann haben wir etwas für dich: iTunes Bewertungen. Gäste Christian Million, 44, beschäftigt sich seit fast 20 Jahren mit dem Thema Zahlungsverkehr. Angestellt war er bei großen Unternehmen wie der Wirtschaftsprüfungsgesellschaft KPMG, dem Technologieriesen IBM oder der Strategieberatung Horváth & Partners. Seit 2 Jahren hat er seine eigene Beratung “JAS Consulting” und hat letzte Jahr das Global Blockchain Institute gegründet, das sich mit dem Transfer von Blockchain-Forschung in die Wirtschaft beschäftigt. Neben dem Zahlungsverkehr ist seine zweite große Leidenschaft die Bühnenkunst. Er hat mehrere Kindertheaterschulen in ganz Deutschland und bietet zusätzlich eine professionelle Ausbildung zum Schauspieler, Musicaldarsteller, Musiker, Sänger, Musikpädagogen und Theaterpädagogen an. GLOBLIS - JAS Consulting STAGE ACADEMY JAS Education Jingjing Wang ist Chief Learning Officer der Coworking Academy und Coworking0711. Sie organisiert Fortbildungskurse zu den Themen digitale Währung und Blockchain. In der Automobilindustrie arbeitet sie an Anwendungsfällen für die Blockchain-Technologie. Initial Coin Offering (ICO) ist eines ihrer derzeitigen Projekte. Organizational Development, Global Strategy und IT-Technology sind ihre Spezialgebiete. Follow-up homebrew-cask F-Secure XFENCE Objective-See Bitcoin Angeblich erfunden von Satoshi Nakamoto. Man weiss aber nicht ob der Mensch wirklich existiert. Es wird vermutet, dass hinter dem Namen ein Verbund von Menschen aus der IT Branche steht. Einführung Bitcoin, Ether und mehr: Die 10 größten Kryptowährungen der Welt Grosse Firmen steigen in das Cryptocoin Business, bspw. Ethereum, ein, wegen der variablen und geringeren Überweisungskosten. tastytakos: ETH Alliance: Microsoft, Intel, CS, UBS, JPM, ING, BBVA, CME, BNY, BP - want save millions on admin/legal/transaction costs 12.03.2017, Poloniex Trollbox (Chat) Preisexplosion des Bitcoin seit November 2016. Damals 800€ pro Bitcoin. Aktuell steht er auf 1800€. Wie funktioniert der Blockchain? Bei Bitcoin wird alle 10 Minuten ein neuer Block erzeugt. Alle Maschinen, die sich am Mining beteiligen, können 1 Bitcoin für das finden dieses Blocks “gewinnen”. Jede Transaktion wird öffentlich im sogenannten Blockchain gespeichert. Jede Transaktion muss zusätzlich vom Netzwerk verifiziert werden. Dieses verifizieren beansprucht eine gewisse Arbeit. Kann diese Transaktion überhaupt richtig sein? Für die Verifikation bekommt der verifizierende Rechner ebenfalls einen gewissen Lohn. (Transaction Fee) Durch dieses System ist es sehr schwer eine Transaktion zu fälschen, weil man das gesamte Netzwerk davon überzeugen müsste, dass eine Transaktion, und alle Transaktionen die danach kommen, so stattgefunden hat. Obwohl eine Transaktion in der Regel “sofort” beim Empfänger ankommt. Muss die Transaktion erst ein paar mal erfolgreich verifiziert werden, eh man sicher sein kann, dass das Geld auch wirklich angekommen ist. Oft wartet man deshalb 2-5 Verifikationen ab. Den aktuellen Status einer Transaktion bzw. des gesamten Netzwerks kann man auf Block Explorer, Blockchain.info oder Blockr einsehen. Tipp: Blockonomics. Weil alle Transaktionen öffentlich sind, fürchten viele (berechtigt) um ihre Anonymität. Gegebenenfalls die eigene Bitcoin Adresse bleibt immer gleich, kann man nur durch durchforsten des Blockchains den Wert eines Wallets feststellen. Deshalb generieren moderne Wallets nach jeder Transaktion eine neue Wallet Adresse – die alte bleibt aber (oft) auf ewig gültig. Auf dem 28c3 gab es einen Talk, welcher bewies, dass sich aus der Transaktion, die IP der beteiligten Parteien heraus bekommen lässt. Also es ist nicht 100% anonym. Noch genauere Informationen bei bitcoin.org im FAQ. Woher bekommt man Bitcoin? Bitcoin Mining. Geschichtlich: CPU, GPU, ASIC Fast nicht mehr rentabel für den Heimanwender. Bitmain und Avalon Klein: AntMiner U2, GekkoScience, Black Arrow Mining Profitabilität: Coinwarz WhatToMine Profitabilität Mining eines Altcoins vs. Bitcoin. Erklärung verschiedener Altcoins und deren Algorithmen. SHA256, X11, Scrypt. Pool Mining vs. Solo Mining Cloud Mining Genesis Mining Code gLz1hQ gibt 3% Rabatt. Hashflare 10% Bonus Bitcoin Faucets. Einem Exchange oder einem Verkäufer, wie Bitpanda, bitcoin.de. Meist Zahlung per Überweisung, Kreditkarte oder PayPal. LocalBitcoins möchte die Anonymität steigern, indem man seine Bitcoins direkt bei einer anderen Person kauft. Woher bekommt man ein Bitcoin Wallet? Electrum, Xapo, Jaxx, MultiBit, Armory Schöne Übersicht mit Einstufung bezüglich Sicherheit direkt auf der Bitcoin Webseite Wenn einem ein Wallet Anbieter nicht mehr gefällt, kann man meist die “Keys swipen”. Damit werden die Coins mit einer sehr sehr geringen Fee an eine neue Adresse übertragen. Das dauert dann ein wenig, hat aber den Vorteil, dass man nahezu den gesamten Wert mitnehmen kann. Trading mit Bitcoin (kann man vielleicht weg lassen) Diverse Exchanges wie etwa Bitfinex, Kraken, GDAX oder Poloniex. Diese erlauben dann wahlweise Exchange Trading, Margin Trading oder Lending. Zukunftsaspekt Wozu können wir diese Technologie nutzen? Was wird gerade mit dieser Technologie schon gemacht? Apps: iOS: Blockfolio CoinCap Die folgenden kann man sich mal anschauen, sind aber insgesamt nicht so gut. Coin Ticker Lawnmower Web: CoinMarketCap Cryptowatch Sonstiges Otc clearing - Wikipedia bittunes.co.uk* Andreas Video Kurs zum handeln mit Crypto ist auf seiner Webseite erhältlich. Unsere Picks Patrick: Magic Launch Andreas: kSafe by Kitchen Safe Jingjing: Schokoladentee Christian: STAGE ACADEMY - Training for Life by Training on Stage In Spenderlaune? Wir haben Flattr und PayPal am Start und würden uns freuen.
Smartphone addiction in Millennials Large Waffle INTRO Hello and welcome to Terrifying Robot Dog! I'm Jonathan Stark - and I'm Kelli Shaver - and we are here to talk about how technology is changing the way we interact with the world. This week we talk about: smartphone addiction in millenials! Please stay tuned, Terrifying Robot Dog is next... HOUSEKEEPING JS Goof: h264 is a video format... SHA256 is encryption. FEATURE LINKS The Surprising Reason Millennials Check Their Phones 150 Times a Day Which Generation is Most Distracted by Their Phones? TITLES Extruding Rectangles Batman Garage Floor Primative Objects Large Waffles Digital Cleansing Even Longer Waffle The "Mom Stop Calling Me" Episode CLOSING That's our show for this week. I'm Jonathan Stark - and I'm Kelli Shaver - and we hope you join us again next week for Terrifying Robot Dog. Bye! POST-SHOW Would you like to see Kelli and I in your inbox once a week? Get new episodes delivered straight to you with show notes, links to additional content, and more... Plus, you can reply to any message to suggest topics for future episodes. To get the inside track, go to terrifyingrobotdog.com and look for the KEEP ME IN THE LOOP button. That url again is terrifyingrobotdog.com.
شیریاخط - قسمت چهارم موضوع بحث: استخراج و اثبات کار ---------------------------------------------------------------------------------------------------------- در این قسمت می خواهیم درباره mining یا استخراج و همچنین Proof-of-work یا گواه اثبات کار صحبت کنیم. برای صحبت در رابطه با این موضوعات باید با بعضی از مفاهیم مثل hashing یا تابع بی همتا یک آشنایی حداقلی داشته باشیم. تابع هش تابعی ست که ورودی را می گیرد و خروجی یکتا و بی همتایی می دهد. از این تابع استفاده های بسیار زیادی در بحث رمزنگاری می شود. گواه اثبات کار شامل یک سری اطلاعات می شود که بدست آوردن آن ها بسیار سخت است؛ چرا که به زمان و هزینه زیادی نیاز دارد. در ادامه به توضیح کار استخراج و روند آن می پردازیم. تمام دیجی ارزها از الگوریتم های مختلفی برای رمزنگاری استفاده می کنند. مثلا در بیتکوین از الگوریتم SHA256 استفاده شده است. الگوریتم دیگری که برای رمزنگاری وجود دارد Scrip است که در لایتکوین یا برخی دیگر از دیجی ارزها استفاده می شود. یکی دیگر از راه ها، Proof-of-Stake است که مزایا و معایب خاص خودش را دارد که به آن خواهیم پرداخت. مدل دیگری که وجود دارد Proof-of-Burn است که خواهیم گفت چگونه عمل می کند و چه کوین هایی از آن استفاده می کنند. به توضیح دیفیکالتی یا همان سختی محاسباتی می پردازیم. پس از این موضوعات، به استخراج خواهیم پرداخت و اینکه چگونه استخراج با حل کردن گواه اثبات کار می تواند به شبکه و امنیت آن کمک کند. در اوایل ظهور بیتکوین، امکان استخراج بیتکوین با CPU و کامپیوترهای معمولی وجود داشت. پس از حدود دو سال استفاده از CPU منسوخ شد و استخراج کنندگان به GPU روی آوردند. در نهایت دستگاه های ASIC وارد بازار شدند که فقط و فقط برای حل گواه اثبات کار ساخته شده اند. در نهایت استخرهای استخراج بوجود آمدند که به طرز کار آن ها خواهیم پرداخت. با برخی از کاربران و استخراج کنندگان قدیمی در رابطه با بیتکوین، استخراج و چگونگی آشنا شدن این کاربران با آن صحبت خواهیم کرد. به این سوال که آیا امروز هنوز هم زمان مناسبی برای خرید دستگاه و شروع به استخراج هست یا خیر جواب می دهیم. چه چیزهایی برای شروع لازم است و آیا بطور کلی این کار سود دارد؟ روش های استخراج چیست، استخرهای استخراج چه مدل هایی هستند و طرز کار آن ها چگونه است؟ کلود ماینیگ چیست و آیا واقعا سود دهی لازم را دارد؟ به CPU Mining و چیستی آن می پردازیم و پس از آن به گزارش و تحلیل خبرهای هفته و دلایل افت و خیز قیمت بیتکوین می پردازیم. در نهایت هم نگاه و تحلیلی بر روی قیمت آلتکوین هایی مثل اتر، دش، مونرو و روبی داریم. ---------------------------------------------------------------------------------------------------------- اسفند/۲۱/۱۳۹۵ 11 March 2017 در گفتگوهای ما مشارکت کنید: goo.gl/e7IBXq
So I met Avi, a newcomer to the Bitcoin space. Avi like a lot of newcomers had an initial interest in mining, and he bought some miners. The only difference is, Avi might actually make a profit?! Had a softball fun interview with him because I truly think he will end up doing cool things in the Bitcoin space. He's very interested in mining and is even contemplating trying to make his own SHA256 chips. We have a follow up with him in 2 months. My guess is he ends up not making a profit, hopefully I'm wrong we will see!
Information Security 1. Introduction ○ Security by obscurity § Steganography □ Hiding data inside another form of data, like using non-used bits in image to hide a message § Cool, but not practical. § Disadvantages ◊ Algorithm secrecy vs. key secrecy ○ Cryptography is everywhere and yet if done right, you can barely see it. ○ Goals: § Confidentiality □ Secrets stay secret. § Integrity □ Data is not tampered with. § Non-Repudiation □ No party can deny sending messages. § Authentication □ Each party can ensure that the sender is what they expect. ○ Cryptography § Hashing § Encryption § Signing § Protocols ○ Random Number Generators § Extremely important, almost all encryption/hashing strength is affected by how random the random number generator is. § Don't use simple random number, use a cryptographic random number generator with a sophisticated source of entropy. § Pseudorandom number generator § Dual_EC_DRBG random generator backdoor 2. Body ○ Hashing (one Way) § Properties □ Fixed length output no matter what size the input was □ Very easy to compute the hash of a given message, however very hard to compute from a hash the corresponding input. □ Mathematically infeasible to generate a message that has a given hash □ Any modification to a message produces a completely different hash that has no relationship to the original message's hash. □ It is mathematically infeasible to find two messages with the same hash. Hash Collision § Hashing Functions □ Provides data integrity, however lacks authentication □ Examples ® MD5 ◊ Considered Insecure ® Secure Hash Family SHA-X, Sha-1, Sha-2 [Sha256, Sha512], Sha-3 ◊ Sha-1 is considered insecure. ◊ Sha-1, Sha-2 designed by NSA ◊ Sha-3 is not designed by NSA, Competition winner. □ Attacks ® Brute force ◊ CPU's are getting faster and cheaper every day. ◊ GPU's are getting faster and cheaper every day. ◊ Special Hash calculating hardware is becoming more available especially with the BitCoin push. ® Rainbow table attacks ◊ Pre-Calculated tables where you can reverse lookup a hash to a value ◊ Try www.crackstation.net § Hash Message Authentication Codes (HMAC) □ Adds authentication to integrity □ Can be used with all previous algorithms, HMACMD5, HMACShA1, HMAC256 … etc. § Salted Hash □ Adds random salt to mitigate rainbow table □ Salts are unique per record, and not a secret. § Password Based Key Derivation Function (PBKDF2) □ RSA Public Key Cryptographic Standard PKCS #5 Version 2.0 □ Internet Engineering Task Force RFC 2898 Specification ® Adds a lot of iterations to slow it just enough to mitigate brute force (default 50,000 iterations) ® Adds random salt to mitigate rainbow table □ Disadvantage: It can be easily implemented with hardware which makes it vulnerable to bruteforce even with high number of iterations § Bcrypt □ Password Hashing function □ State of the art password hashing § Usages □ Integrity Check Password Storage Our facebook Page http://facebook.com/askdeveloper On Sound Cloud http://soundcloud.com/askdeveloper Please Like & Subscribe
It's BSDCan time! Allan and I are both enjoying what is sure to be a super-busy week, but don't think we've forgotten about This episode was brought to you by Interview - Benno Rice - benno@freebsd.org (mailto:benno@freebsd.org) / @jeamland (https://twitter.com/jeamland) Manager, OS & Networking at EMC Isilon Emily Dunham: Community Automation (https://www.youtube.com/watch?v=dIageYT0Vgg) iXsystems 1U Rackmount Server - 4 Bay Hot-Swap SAS/SATA Drive Bays 400W Redundant Power Supply - Single Socket Embedded CPU (48 cores) - 8 DIMM Slots with 16GB DIMMs for a total of 128GB RAM – Dual Gigabit LAN, Dual 10GbE SFP+ and 1 x 40Gb QSFP+ port, (1) PCI-E Expansion Slots + IPMI Dedicated LAN - Cavium ThunderX ARM CN8890 48 Core ThunderX CPU - 2.5GHz per core System has 128GB RAM, 4 x 2TB SATA HDD, Additional Intel i350 (2 x 1GbE) Beastie Bits file considered harmful (http://www.tedunangst.com/flak/post/file-considered-harmful) An open source talk on ZFS. “Intro to ZFS” as a set of open source slides for the community to build on, and to reuse. Go give this talk at your local conference. (https://github.com/problame/talkintrozfs2016) ARMv7 now has a bootloader (http://undeadly.org/cgi?action=article&sid=20160529145411) SHA256/512 speed improvements in FreeBSD 11 (https://svnweb.freebsd.org/base?view=revision&revision=300966) pkgsrc 50th release interviews - Joerg Sonnenberg (http://blog.netbsd.org/tnf/entry/pkgsrc_50th_release_interview_with) DFly versus PC-BSD on a Laptop (http://lists.dragonflybsd.org/pipermail/users/2016-May/249636.html) FreeBSD ifconfig can print subnet masks in CIDR or dotted-quad, finally (https://svnweb.freebsd.org/base?view=revision&revision=301059) Feedback/Questions Eli - Getting rid of ports? (http://pastebin.com/4Y6VYSyN) Morgan - Best way to admin jails? (http://pastebin.com/w8hsMtbc) Simon - Use existing pkgs in poudriere (http://pastebin.com/mqSJk0pP) Pete - Lots of Q's (http://pastebin.com/1M7HLAXs) Van - Made the switch (http://pastebin.com/NTVBvtC5) ***
We're back from AsiaBSDCon! This week on the show, we'll be talking to Lawrence Teo about how Calyptix uses OpenBSD in their line of commercial routers. They're getting BSD in the hands of Windows admins who don't even realize it. We also have all this week's news and answer to your emails, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines Using OpenBGPD to distribute pf table updates (http://www.echothrust.com/blogs/using-openbgpd-distribute-pf-table-updates-your-servers) For those not familiar, OpenBGPD (https://en.wikipedia.org/wiki/OpenBGPD) is a daemon for the Border Gateway Protocol (https://en.wikipedia.org/wiki/Border_Gateway_Protocol) - a way for routers on the internet to discover and exchange routes to different addresses This post, inspired by a talk about using BGP to distribute spam lists (https://www.youtube.com/watch?v=Vet0eQB00X0), details how to use the protocol to distribute some other useful lists and information It begins with "One of the challenges faced when managing our OpenBSD firewalls is the distribution of IPs to pf tables without manually modifying /etc/pf.conf on each of the firewalls every time. This task becomes quite tedious, specifically when you want to distribute different types of changes to different systems (eg administrative IPs to a firewall and spammer IPs to a mail server), or if you need to distribute real time blacklists to a large number of systems." If you manage a lot of BSD boxes, this might be an interesting alternative to some of the other ways to distribute configuration files OpenBGPD is part of the OpenBSD base system, but there's also an unofficial port to FreeBSD (https://www.freshports.org/net/openbgpd/) and a "work in progress" pkgsrc version (http://pkgsrc.se/wip/openbgpd) *** Mounting removable media with autofs (http://freebsdfoundation.blogspot.com/2015/03/freebsd-from-trenches-using-autofs5-to_13.html) The FreeBSD foundation has a new article in the "FreeBSD from the trenches" series, this time about the sponsored autofs (https://www.freebsd.org/cgi/man.cgi?query=autofs&sektion=5) tool It's written by one of the autofs developers, and he details his work on creating and using the utility "The purpose of autofs(5) is to mount filesystems on access, in a way that's transparent to the application. In other words, filesystems get mounted when they are first accessed, and then unmounted after some time passes." He talks about all the components that need to work together for smooth operation, how to configure it and how to enable it by default for removable drives It ends with a real-world example of something we're all probably familiar with: plugging in USB drives and watching the magic happen There's also some more advanced bonus material on GEOM classes and all the more technical details *** The Tor Browser on BSD (http://trac.haqistan.net/blog/adventures-ports-tor-browser) The Tor Project has provided a "browser bundle (https://www.torproject.org/projects/torbrowser/design/)" for a long time, which is more or less a repackaged Firefox with many security and privacy-related settings preconfigured and some patches applied to the source Just tunneling your browser through a transparent Tor proxy is not safe enough - many things can lead to passive fingerprinting or, even worse, anonymity being completely lost It has, however, only been released for Windows, OS X and Linux - no BSD version "[...] we are pushing back against an emerging monoculture, and this is always a healthy thing. Monocultures are dangerous for many reasons, most importantly to themselves." Some work has begun to get a working port on BSD going, and this document tells about the process and how it all got started If you've got porting skills, or are interested in online privacy, any help would be appreciated of course (see the post for details on getting involved) *** OpenSSH 6.8 released (https://lists.mindrot.org/pipermail/openssh-unix-dev/2015-March/033686.html) Continuing their "tick tock" pattern of releases alternating between new features and bugfixes, the OpenSSH team has released 6.8 - it's a major upgrade, focused on new features (we like those better of course) Most of the codebase has gone through refactoring, making it easier for regression tests and improving the general readability This release adds support for SHA256-hashed, base64-encoded host key fingerprints, as well as making that the default - a big step up from the previously hex-encoded MD5 fingerprints Experimental host key rotation support also makes it debut, allowing for easy in-place upgrading of old keys to newer (or refreshed) keys You can now require multiple, different public keys to be verified for a user to authenticate (useful if you're extra paranoid or don't have 100% confidence in any single key type) The native version will be in OpenBSD 5.7, and the portable version should hit a ports tree near you soon Speaking of the portable version, it now has a configure option to build without OpenSSL or LibreSSL, but doing so limits you to Ed25519 key types and ChaCha20 and AES-CTR ciphers *** NetBSD at AsiaBSDCon (https://mail-index.netbsd.org/netbsd-advocacy/2015/03/15/msg000682.html) The NetBSD guys already have a wrap-up of the recent event, complete with all the pictures and weird devices you'd expect It covers their BoF session, the six NetBSD-related presentations and finally their "work in progress" session There was a grand total of 34 different NetBSD gadgets (https://docs.google.com/spreadsheets/d/14q6zJK5PjlMoSeBV5HBiEik5LkqlrcrbSxPoxVKKlec/edit#gid=0) on display at the event *** Interview - Lawrence Teo - lteo@openbsd.org (mailto:lteo@openbsd.org) / @lteo (https://twitter.com/lteo) OpenBSD at Calyptix (http://www.nycbsdcon.org/2010/presentations/lteo-nycbsdcon2010.pdf) News Roundup HardenedBSD introduces Integriforce (http://hardenedbsd.org/article/shawn-webb/2015-03-11/call-testing-secadm-integriforce) A little bit of background on this one first: NetBSD has something called veriexec (https://www.netbsd.org/docs/guide/en/chap-veriexec.html), used for checking file integrity (http://wiki.netbsd.org/guide/veriexec/) at the kernel level By doing it at the kernel level, similar to securelevels (https://en.wikipedia.org/wiki/Securelevel), it offers some level of protection even when the root account is compromised HardenedBSD has introduced a similar mechanism into their "secadm" utility You can list binaries in the config file that you want to be protected from changes, then specify whether those can't be run (http://i.imgur.com/wHp2eAN.png) at all, or if they just print a warning They're looking for some more extensive testing of this new feature *** More s2k15 hackathon reports (http://undeadly.org/cgi?action=article&sid=20150305100712&mode=flat) A couple more Australian hackathon reports have poured in since the last time The first comes from Jonathan Gray, who's done a lot of graphics-related work in OpenBSD recently He worked on getting some newer "Southern Islands" and "Graphics Core Next" AMD GPUs working, as well as some OpenGL and DRM-related things Also on his todo list was to continue hitting various parts of the tree with American Fuzzy Lop, which ended up fixing a few crashes in mandoc (http://www.bsdnow.tv/episodes/2014_11_12-a_mans_man) Ted Unangst also sent in a report (http://undeadly.org/cgi?action=article&sid=20150307165135&mode=flat) to detail what he hacked on at the event With a strong focus on improving SMP scalability, he tackled the virtual memory layer His goal was to speed up some syscalls that are used heavily during code compilation, much of which will probably end up in 5.8 All the trip reports are much more detailed than our short summaries, so give them a read if you're interested in all the technicalities *** DragonFly 4.0.4 and IPFW3 (https://www.dragonflydigest.com/2015/03/10/15733.html) DragonFly BSD has put out a small point release to the 4.x branch, 4.0.4 It includes a minor list of fixes (http://lists.dragonflybsd.org/pipermail/commits/2015-March/418098.html), some of which include a HAMMER FS history fix, removing the no-longer-needed "new xorg" and "with kms" variables and a few LAGG fixes There was also a bug in the installer that prevented the rescue image from being installed correctly, which also gets fixed in this version Shortly after it was released, their new IPFW2 firewall was added to the tree (http://lists.dragonflybsd.org/pipermail/commits/2015-March/418133.html) and subsequently renamed to IPFW3 (http://lists.dragonflybsd.org/pipermail/commits/2015-March/418160.html) (since it's technically the third revision) *** NetBSD gets Raspberry Pi 2 support (https://blog.netbsd.org/tnf/entry/raspberry_pi_2_support_added) NetBSD has announced initial support for the second revision (http://www.raspberrypi.org/products/raspberry-pi-2-model-b/) of the ever-popular Raspberry Pi board There are -current snapshots available for download, and multiprocessor support is also on the way The NetBSD wiki page about the Raspberry Pi also has some more information (https://wiki.netbsd.org/ports/evbarm/raspberry_pi/) and an installation guide The usual Hacker News discussion (https://news.ycombinator.com/item?id=9172100) on the subject If anyone has one of these little boards, let us know - maybe write up a blog post about your experience with BSD on it *** OpenIKED as a VPN gateway (http://puffysecurity.com/wiki/openikedoffshore.html) In our first discussion segment, we talked about a few different ways to tunnel your traffic While we've done full tutorials on things like SSH tunnels (http://www.bsdnow.tv/tutorials/stunnel), OpenVPN (http://www.bsdnow.tv/tutorials/openvpn) and Tor (http://www.bsdnow.tv/tutorials/tor), we haven't talked a whole lot about OpenBSD's IPSEC suite This article should help fill that gap - it walks you through the complete IKED setup From creating the public key infrastructure to configuring the firewall to configuring both the VPN server and client, this guide's got it all *** Feedback/Questions Gary writes in (http://slexy.org/view/s21G9TWALE) Robert writes in (http://slexy.org/view/s206aZrxOi) Joris writes in (http://slexy.org/view/s28Um5R7LG) Mike writes in (http://slexy.org/view/s2yAJsl1Es) Anders writes in (http://slexy.org/view/s21dMAE55M) *** Mailing List Gold Can you hear me now (https://www.marc.info/?l=openbsd-misc&m=142577632205484&w=2) He must be GNU here (https://lists.freebsd.org/pipermail/freebsd-hackers/2015-March/047207.html) I've seen some... (https://www.marc.info/?l=openbsd-cvs&m=142593175408756&w=2) ***
This time on the show, we'll be sitting down to talk with Craig Rodrigues about Jenkins and the FreeBSD testing infrastructure. Following that, we'll show you how to roll your own OpenBSD ISOs with all the patches already applied... ISO can't wait! This week's news and answers to all your emails, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines pfSense 2.1.4 released (https://blog.pfsense.org/?p=1377) The pfSense team (http://www.bsdnow.tv/episodes/2014_02_19-a_sixth_pfsense) has released 2.1.4, shortly after 2.1.3 - it's mainly a security release Included within are eight security fixes, most of which are pfSense-specific OpenSSL, the WebUI and some packages all need to be patched (and there are instructions on how to do so) It also includes a large number of various other bug fixes Update all your routers! *** DragonflyBSD's pf gets SMP (http://lists.dragonflybsd.org/pipermail/commits/2014-June/270300.html) While we're on the topic of pf... Dragonfly patches their old[er than even FreeBSD's] pf to support multithreading in many areas Stemming from a user's complaint (http://lists.dragonflybsd.org/pipermail/users/2014-June/128664.html), Matthew Dillon did his own work on pf to make it SMP-aware Altering your configuration (http://lists.dragonflybsd.org/pipermail/users/2014-June/128671.html)'s ruleset can also help speed things up, he found When will OpenBSD, the source of pf, finally do the same? *** ChaCha usage and deployment (http://ianix.com/pub/chacha-deployment.html) A while back, we talked to djm (http://www.bsdnow.tv/episodes/2013_12_18-cryptocrystalline) about some cryptography changes in OpenBSD 5.5 and OpenSSH 6.5 This article is sort of an interesting follow-up to that, showing which projects have adopted ChaCha20 OpenSSH offers it as a stream cipher now, OpenBSD uses it for it's random number generator, Google offers it in TLS for Chromium and some of their services and lots of other projects seem to be adopting it Both Google's fork of OpenSSL and LibReSSL have upcoming implementations, while vanilla OpenSSL does not Unfortunately, this article has one mistake: FreeBSD does not use it (https://lists.freebsd.org/pipermail/freebsd-bugs/2013-October/054018.html) - they still use the broken RC4 algorithm *** BSDMag June 2014 issue (http://bsdmag.org/magazine/1864-tls-hardening-june-bsd-magazine-issue) The monthly online BSD magazine releases their newest issue This one includes the following articles: TLS hardening, setting up a package cluster in MidnightBSD, more GIMP tutorials, "saving time and headaches using the robot framework for testing," an interview and an article about the increasing number of security vulnerabilities The free pdf file is available for download as always *** Interview - Craig Rodrigues - rodrigc@freebsd.org (mailto:rodrigc@freebsd.org) FreeBSD's continuous (https://wiki.freebsd.org/Jenkins) testing (https://docs.google.com/presentation/d/1yBiPxS1nKnVwRlAEsYeAOzYdpG5uzXTv1_7i7jwVCfU/edit#slide=id.p) infrastructure (https://jenkins.freebsd.org/jenkins/) Tutorial Creating pre-patched OpenBSD ISOs (http://www.bsdnow.tv/tutorials/stable-iso) News Roundup Preauthenticated decryption considered harmful (http://www.tedunangst.com/flak/post/preauthenticated-decryption-considered-harmful) Responding to a post (https://www.imperialviolet.org/2014/06/27/streamingencryption.html) from Adam Langley, Ted Unangst (http://www.bsdnow.tv/episodes/2014_02_05-time_signatures) talks a little more about how signify and pkg_add handle signatures In the past, the OpenBSD installer would pipe the output of ftp straight to tar, but then verify the SHA256 at the end - this had the advantage of not requiring any extra disk space, but raised some security concerns With signify, now everything is fully downloaded and verified before tar is even invoked The pkg_add utility works a little bit differently, but it's also been improved in this area - details in the post Be sure to also read the original post from Adam, lots of good information *** FreeBSD 9.3-RC2 is out (https://lists.freebsd.org/pipermail/freebsd-stable/2014-June/079092.html) As the -RELEASE inches closer, release candidate 2 is out and ready for testing Since the last one, it's got some fixes for NIC drivers, the latest file and libmagic security fixes, some serial port workarounds and various other small things The updated bsdconfig will use pkgng style packages now too A lesser known fact: there are also premade virtual machine images you can use too *** pkgsrcCon 2014 wrap-up (http://saveosx.org/pkgsrcCon/) In what may be the first real pkgsrcCon article we've ever had! Includes wrap-up discussion about the event, the talks, the speakers themselves, what they use pkgsrc for, the hackathon and basically the whole event Unfortunately no recordings to be found... *** PostgreSQL FreeBSD performance and scalability (https://kib.kiev.ua/kib/pgsql_perf.pdf) FreeBSD developer kib@ writes a report on PostgreSQL on FreeBSD, and how it scales On his monster 40-core box with 1TB of RAM, he runs lots of benchmarks and posts the findings Lots of technical details if you're interested in getting the best performance out of your hardware It also includes specific kernel options he used and the rest of the configuration If you don't want to open the pdf file, you can use this link (https://docs.google.com/viewer?url=https%3A%2F%2Fkib.kiev.ua%2Fkib%2Fpgsql_perf.pdf) too *** Feedback/Questions James writes in (http://slexy.org/view/s24pFjUPe4) Klemen writes in (http://slexy.org/view/s21OogIgTu) John writes in (http://slexy.org/view/s21rLcemNN) Brad writes in (http://slexy.org/view/s203Qsx6CZ) Adam writes in (http://slexy.org/view/s2eBj0FfSL) ***
This time on the show, we'll be showing you how to do a fully-encrypted installation of FreeBSD and OpenBSD. We also have an interview with Damien Miller - one of the lead developers of OpenSSH - about some recent crypto changes in the project. If you're into data security, today's the show for you. The latest news and all your burning questions answered, right here on BSD Now - the place to B.. SD. This episode was brought to you by Headlines Secure communications with OpenBSD and OpenVPN (http://johnchapin.boostrot.net/blog/2013/12/07/secure-comms-with-openbsd-and-openvpn-part-1/) Starting off today's theme of encryption... A new blog series about combining OpenBSD and OpenVPN to secure your internet traffic Part 1 covers installing OpenBSD with full disk encryption (which we'll be doing later on in the show) Part 2 covers the initial setup of OpenVPN certificates and keys Parts 3 and 4 are the OpenVPN server and client configuration Part 5 is some updates and closing remarks *** FreeBSD Foundation Newsletter (https://www.freebsdfoundation.org/press/2013Dec-newsletter) The December 2013 semi-annual newsletter was sent out from the foundation In the newsletter you will find the president's letter, articles on the current development projects they sponsor and reports from all the conferences and summits they sponsored The president's letter alone is worth the read, really amazing Really long, with lots of details and stories from the conferences and projects *** Use of NetBSD with Marvell Kirkwood Processors (http://evertiq.com/design/33394) Article that gives a brief history of NetBSD and how to use it on an IP-Plug computer The IP-Plug is a "multi-functional mini-server was developed by Promwad engineers by the order of AK-Systems. It is designed for solving a wide range of tasks in IP networks and can perform the functions of a computer or a server. The IP-Plug is powered from a 220V network and has low power consumption, as well as a small size (which can be compared to the size of a mobile phone charger)." Really cool little NetBSD ARM project with lots of graphs, pictures and details *** Experimenting with zero-copy network IO (http://adrianchadd.blogspot.com/2013/12/experimenting-with-zero-copy-network-io.html) Long blog post from Adrian Chadd about zero-copy network IO on FreeBSD Discusses the different OS' implementations and options He's able to get 35 gbit/sec out of 70,000 active TCP sockets, but isn't stopping there Tons of details, check the full post *** Interview - Damien Miller - djm@openbsd.org (mailto:djm@openbsd.org) / @damienmiller (https://twitter.com/damienmiller) Cryptography in OpenBSD and OpenSSH Tutorial Full disk encryption in FreeBSD & OpenBSD (http://www.bsdnow.tv/tutorials/fde) News Roundup OpenZFS office hours (https://www.youtube.com/watch?v=wWmVW2R_uz8) Our buddy George Wilson (http://www.bsdnow.tv/episodes/2013_12_04-zettabytes_for_days) sat down to take some ZFS questions from the community You can see more info about it here (http://open-zfs.org/wiki/OpenZFS_Office_Hours) *** License summaries in pkgng (http://www.shiningsilence.com/dbsdlog/2013/12/09/12934.html) A discussion between Justin Sherill (http://www.bsdnow.tv/episodes/2013_11_13-the_gateway_drug) and some NYCBUG guys about license frameworks in pkgng Similar to pkgsrc's "ACCEPTABLE_LICENSES" setting, pkgng could let the user decide which software licenses he wants to allow Maybe we could get a "pkg licenses" command to display the license of all installed packages Ok bapt, do it *** The FreeBSD challenge continues (http://thelinuxcauldron.com/2013/12/08/freebsd-challenge/) Checking in with our buddy from the Linux foundation... The switching from Linux to FreeBSD blog series continues for his month-long trial Follow up from last week: "As a matter of fact, I did check out PC-BSD, and wanted the challenge. Call me addicted to pain and suffering, but the pride and accomplishment you feel from diving into FreeBSD is quite rewarding." Since we last mentioned it, he's decided to go from a VM to real hardware, got all of his common software installed, experimented with the Linux emulation, set up virtualbox, learned about slices/partitions/disk management, found BSD alternatives to his regularly-used commands and lots more *** Ports gets a stable branch (https://svnweb.freebsd.org/ports?view=revision&revision=336615) For the first time ever, FreeBSD's ports tree will have a maintained "stable" branch This is similar to how pkgsrc does things, with a rolling release for updated software and stable branch for only security and big fixes All commits to this branch require approval of portmgr, looks like it'll start in 2014Q1 *** Feedback/Questions John writes in (http://slexy.org/view/s2iRV1tOzB) Spencer writes in (http://slexy.org/view/s21gAR5lgf) Campbell writes in (http://slexy.org/view/s203iOnFh1) Sha'ul writes in (http://slexy.org/view/s2yUqj3vKW) Clint writes in (http://slexy.org/view/s2egcTPBXH) ***
In some cases, organizations have unique file naming conventions, but file names are often created by people, which more often yield not-so-unique file names. One person names a file one way and another person names the exact same file another way because they use it differently or in a different place. While this demonstrates a clear lack of consistency and governance, it happens way too often. This is especially true if you not using a DAM solution with clear guidelines and stop gaps to catch these sort of things as part of a workflow. So here is the dilemma. What do you do with exact duplicates? How do you even find exact duplicates? #AnotherDamBlog #AnotherDamPodcast #assets #DAM #DigitalAssetManagement #hash #HenrikDeGyor #Linkedin #podcast #CRC32 #dedupe #deduping #deduplication #DuplicateReduction #FileNaming #MD5 #SHA256 #SHA512 #checksum #octillion Questions? Email them to anotherdamblog@gmail.com
Show notes for January 4, 2009 Administrative Ovie got a new editing setup for Christmas and his new years resolution is to stop posting substandard chopped up podcasts. :)DoD Cybercrime Conference â January 26-30, 2009Review of 2008 New Year predictions...?Listener Email A federal agent sent us an email and a nice donation and said thank you both for the great podcast. Drake wrote in to make a quick correction :) Windows Steady State (previously branded as shared access) doesn't require a special partition or unpartitioned space, in fact I don't see that it makes any visible changes to the drive partition setup at all.42 LLC developed some EnScripts that they are offering up to the community for open beta. If you register an account on our forums you will be able to download the scripts and any updates we publish.http://42llc.netNews If Santa left you a Samsung digital picture frame, you might want to check it for virus. The gift giving culprits is the SPF-85H 8-Inch Digital Photo Frames w/1GB Internal Memory, designed to work with Windows-based PCs via a USB connector sold between October and December 2008 for about $150 through Amazon. Breathalizer for your PC?New HP Windows Home Server to backup MAC OSX systemsDecember 29, 2008 Hewlett-Packard Co. is adapting its latest MediaSmart Windows home servers to back up customers' Mac computers using the OS X's Time Machine auto-backup feature.Tech Topics VoomTech releases their Hard Copy 3. Can output to 2 drives without slowing down. The new SHA256 hashing offers greater strength then the MD5 hash. At 7.5 GB per minute, HardCopy 3 is the hands-down fastest forensic hard drive duplicator anywhere! And HardCopy 3 still costs less than our over-priced competitors ($1599)Web Sites of the Weekhttp://now.sprint.com/widget/http://blip.fmhttp://letmegooglethatforyou.com/
© 2020-2025 Ivy Podcast Discovery LLC
