Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1VxzY7-0005qU-Qg for bitcoin-development@lists.sourceforge.net; Tue, 31 Dec 2013 13:39:59 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of zikula.org designates 74.125.82.175 as permitted sender) client-ip=74.125.82.175; envelope-from=drak@zikula.org; helo=mail-we0-f175.google.com; Received: from mail-we0-f175.google.com ([74.125.82.175]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1VxzY4-0004m6-IS for bitcoin-development@lists.sourceforge.net; Tue, 31 Dec 2013 13:39:59 +0000 Received: by mail-we0-f175.google.com with SMTP id t60so11134542wes.34 for ; Tue, 31 Dec 2013 05:39:50 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:content-type; bh=uxJRUZk18f+md5K1EcuuRg9fBx3FM4j12lsOJyZywqg=; b=dpv2eCEmUS6zZ/qtoIGTv+zBKRcuYBbvGZ5v3XUuMEsOiLSscvC9UhE3ewwv55RZ0k YfA4ape2/h9YhXKz8DU4yX9m/usNE/9B0GSb63oooXP8QKABu7VAmIxf5LpoXiHoFB0r ZyAC4bsmKiP5IGVV2+61EgtfF3Gzc4pUW1kDuQvbmLT2vB2zI2VK/wfKRKq/phcAw32p 5/6lmoJHA9vYpuTwRGc7RXfkY3YdWuzuHe135mZYJ9QLVuKWHzstxA12FHHchok77znh g6+l2AC8lZ8DQi8BZfG5E2e7CX/VpwToDImbW05OGSqnvZml02eUIfqkkbt4wFjwI3PJ T2pA== X-Gm-Message-State: ALoCoQkkwxTdZmX1/2Z8WIqyfHwhZRZNlLoBLPK1v88kE9s0ym6EM2PeiYzrSxLjV+N9CtBrDdVA X-Received: by 10.180.108.162 with SMTP id hl2mr47450565wib.56.1388497190221; Tue, 31 Dec 2013 05:39:50 -0800 (PST) MIME-Version: 1.0 Received: by 10.194.93.105 with HTTP; Tue, 31 Dec 2013 05:39:30 -0800 (PST) In-Reply-To: <20131212205106.GA4572@netbook.cypherspace.org> References: <52A3C8A5.7010606@gmail.com> <1795f3067ba3fcdd0caf978cc59ff024.squirrel@fruiteater.riseup.net> <52A435EA.7090405@gmail.com> <201312081237.24473.luke@dashjr.org> <20131212205106.GA4572@netbook.cypherspace.org> From: Drak Date: Tue, 31 Dec 2013 13:39:30 +0000 Message-ID: To: Bitcoin Dev Content-Type: multipart/alternative; boundary=e89a8f3bac6fcb8e8d04eed4b1ed X-Spam-Score: -0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: bitcoin.org] X-Headers-End: 1VxzY4-0004m6-IS Subject: Re: [Bitcoin-development] Dedicated server for bitcoin.org, your thoughts? X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Dec 2013 13:39:59 -0000 --e89a8f3bac6fcb8e8d04eed4b1ed Content-Type: text/plain; charset=UTF-8 Has anyone seen the talk at 30c3 on the current NSA capabilities? https://www.youtube.com/watch?v=b0w36GAyZIA Specifically they are able to "beat the speed of light" between you and a website such that if you communicate with Bob, they can sent competing packets that will arrive before Bob's packets. They have realtime deep packet insertion able to inject arbitrary data into an TCP streams and can change file downloads **on the fly**. This can be done remotely. Sourceforge do not have https downloads, so this is yet another reason to move downloads to somewhere that does - like github. The NSA has the ability, right now to change every download of bitcoin-qt, on the fly and the only cure is encryption. Revealed as part of the presentation is the fact that if the NSA has access to these capabilities, then so do others and in fact one of the things revealed yesterday was independently discovered already and published. Same goes for the bitcoin.org site - why are we dragging our feet on installing an SSL certificate and redirecting all http to https? While no solution is perfect, it's a lot better than zero defense. You can see the irony of disseminating the bitcoin crypto-currency client in the clear. For anyone who has not seen the video. You will be shocked by what is actually in the wild being used today. It goes way beyond anything imaginable even in science fiction. https://www.youtube.com/watch?v=b0w36GAyZIA Drak --e89a8f3bac6fcb8e8d04eed4b1ed Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Has anyone seen the talk at 30c3 on the current NSA c= apabilities?=C2=A0https://www.youtube.com/watch?v=3Db0w36GAyZIA

Specifically they are able to "beat the speed of light" between = you and a website such that if you communicate with Bob, they can sent comp= eting packets that will arrive before Bob's packets. They have =C2=A0re= altime deep packet insertion able to inject arbitrary data into an TCP stre= ams and can change file downloads **on the fly**. This can be done remotely= .

Sourceforge do not have https downloads, so this is yet= another reason to move downloads to somewhere that does - like github.
The NSA has the ability, right now to change every download of bitco= in-qt, on the fly and the only cure is encryption.

Revealed as part of the presentation is the fact that i= f the NSA has access to these capabilities, then so do others and in fact o= ne of the things revealed yesterday was independently discovered already an= d published.

Same goes for the bitcoi= n.org site - why are we dragging our feet on installing an SSL certific= ate and redirecting all http to https? While no solution is perfect, it'= ;s a lot better than zero defense.=C2=A0

You can see the irony of disseminating the bitcoin cryp= to-currency client =C2=A0in the clear.

For anyone = who has not seen the video. You will be shocked by what is actually in the = wild being used today. It goes way beyond anything imaginable even in scien= ce fiction.


Drak

--e89a8f3bac6fcb8e8d04eed4b1ed--