Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Myshadow

Pages: [1]
1
Muse/SoundDAC / Muse Sharedop?
« on: August 08, 2017, 10:12:25 am »
Hi All,

Does anyone know if there was any sharedrop other than the AGS/PTS sharedrop for Muse?

Cheers

2
Random Discussion / Github DDoS
« on: April 02, 2015, 05:36:04 am »
http://blog.erratasec.com/2015/04/pin-pointing-chinas-attack-against.html#.VRydffmUd8E

Not conclusive evidence that the Chinese government is behind it, but certainly interesting none the less.

Quote
For the past week, the website "GitHub" has been under attack by China. In this post, I pin-point where the attack is coming from by doing an http-traceroute.

GitHub is a key infrastructure website for the Internet, being the largest host of open-source projects, most famously Linux. (I host my code there). It's also a popular blogging platform.

Among the zillions of projects are https://github.com/greatfire and https://github.com/cn-nytimes. These are mirrors (copies) of the websites http://greatfire.com and http://cn.nytimes.com. GreatFire provides tools for circumventing China's Internet censorship, the NYTimes contains news stories China wants censored.

China blocks the offending websites, but it cannot easily block the GitHub mirrors. It's choices are either to block or allow everything on GitHub. Since GitHub is key infrastructure for open-source, blocking GitHub is not really a viable option.

Therefore, China chose another option, to flood those specific GitHub URLs with traffic in order to pressure GitHub into removing those pages. This is a stupid policy decision, of course, since Americans are quite touchy on the subject and are unlikely to comply with such pressure. It's likely GitHub itself can resolve the issue, as there are a zillion ways to respond. If not, other companies (like CloudFlare) would leap to their defense.

The big question is attribution. Is this attack authorized by the Chinese government? Or is it the work of rogue hackers?

The company Netresec in Sweden partially answered this problem by figuring out most of the details of the hack. The way the attack worked is that some man-in-the-middle device intercepted web requests coming into China from elsewhere in the world, and then replaced the content with JavaScript code that would attack GitHub. Specifically, they intercepted requests to Baidu's analytics. The search-engine Baidu is the Google of China, and it runs analytics software like Google in order to track advertising. Everyone outside China visiting internal pages would then run this JavaScript to attack GitHub. Since the attack appears to be coming "from everywhere", it's impractical for GitHub to block the attack.

Netresec could clearly identify that a man-in-the-middle was happening by looking at the TTL fields in the packets. TTL, or time-to-live, is a field in all Internet packets that tracks the age of the packet. Each time a router forwards a packet, one is subtracted from the field. When it reaches zero, the packet is discarded. This prevents routing loops from endlessly forwarding packets around in circle.

Many systems send packets with a starting TTL of 64. Thus, when a packet arrives with a value of 46, you know that that there are 18 hops between you and the sender (64 - 18 = 46).

What Netresec found was a situation shown in the following picture. This picture shows a sequence of packets to and from the server. My packets sent to the Baidu server have a TTL of 64, the starting value I send with. The first response from the server has a value of 46 -- because while they transmitted the packet with a value of 64, it was reduced by 18 by the time it arrived at my computer. After I send the web request, I get weird TTLs in response, with values of 98 and 99. These obviously did not come from the original server, but some intermediate man-in-the-middle device.



I know this man-in-the-middle is somewhere between me and Baidu, but where? To answer that, we use the concept of traceroute.

Traceroute is a real cool trick. Instead of sending packets with a TTL of 64, the tool sends them with a TTL of 1, then 2, then 3, and so on. Because the TTL is so low, they won't reach their destination. Instead, the TTL will eventually reach 0, and routers along the way will drop them. When routers do this, they send back a notification packet called a Time-Exceeded message -- using the router's Internet address. Thus, I can collect all these packets and map the routers between me and a target.

The tool that does this is shown below, where I traceroute to the Baidu server from my machine:



The second column is time. As you can see, it takes almost 80-milliseconds for my packets to reach Los Angeles, and then the delay jumps to 230-milliseconds to reach China. Also note that I can't quite reach the server, as there is a firewall after hop 16 that is blocking traceroute from working.

So where along this route is the man-in-the-middle interception happening? To answer this question, I had write some code. I wrote my own little traceroute tool. Instead of sending a single packet, it first established a connection with normal TTLs, so that it would reach all the way to the target server. Then, when it sent the web request packet, it used a smaller TTL, so it would get dropped before reaching the server -- but hopefully after the man-in-the-middle saw it. By doing these with varying TTLs, I should be able to discover at which hop the evil device is lurking.

I found that the device lurks between 11 and 12 hops. The web request packets sent with a TTL of 11 are not seen, while packets with TTL of 12 are, generating a response, as shown below:



The black line above shows the packet I sent, with a TTL of 12. The orange line (and the two packets above it) show the packets received from the man-in-the-middle device. When I send packets with a TTL of 11, I never get a response from that evil device.

By looking at the IP addresses in the traceroute, we can conclusive prove that the man-in-the-middle device is located on the backbone of China Unicom, a major service provider in China.

The next step is to traceroute in the other direction, from China to a blocked address, such as the http://www.nytimes.com address at 170.149.168.130. Using the website http://www.linkwan.net/tr.htm, I get the following:



This shows that the Great Firewall runs inside the China Unicom infrastructure.

Conclusion

Using my custom http-traceroute, I've proven that the man-in-the-middle machine attacking GitHub is located on or near the Great Firewall of China. While many explanations are possible, such as hackers breaking into these machines, the overwhelmingly most likely suspect for the source of the GitHub attacks is the Chinese government.

This is important evidence for our government. It'll be interesting to see how they respond to these attacks -- attacks by a nation state against key United States Internet infrastructure.

3
General Discussion / The Golden Principle Critique
« on: January 13, 2015, 02:32:25 am »
Hi Bytemaster,
 
I must preface this critique with my most sincere thanks for your ongoing work in securing liberty and property through the bitshares platform, I think you’re doing an excellent job.
 
I Recently came across your Golden Principle post on your blog and noticed that there is a mistake made with your logic which renders the argument invalid. You have fallen into the trap that most people tend to when dealing with principles – in particular the non-aggression principle(NAP), the application of a principle that defines an action that takes place in the physical world to a concept instead of something that exists in the physical world.
 
This is incredibly common, and this propensity for most people to not differentiate between concepts and physical objects when thinking critically is (in my humble opinion) one of the things that allows the inexorable slide into tyranny, recognizing abstract human conceived concepts for what they are and correct application of principles is the only way to ensure we arrive at a result that is accurate and repeatable over time and applicable to all individuals.

It is the same neuropathway that allows a quick fight or flight response that gives humans a propensity toward this – as we evolved we needed to be able to very quickly judge whether a physical object is dangerous or not, the fastest way for us to do this is to attribute intentions(as opposed to higher level logical reasoning) to it, whether it is a rock or a predator. This is also why young children are angry at rocks when they stub their toes, their brains haven’t outgrown this duality born out of Darwinian necessity. I think it is this phenomena that causes most people to make the mistake of applying principles to abstract concepts.
 
It is empirically and logically impossible that the NAP or any principle that relies on taking(or not taking) physical action to be applied to a concept, it must be applied to something physical if it is to be logically consistent and repeatable. In reality, me attacking the “government” is the intellectual equivalent of me trying to squash Christianity with a large bowl of porridge. Objectively what I would really be doing, would be violating the NAP against a group of individuals I have subjectively determined to be “the government”.
 
Any principle based on “doing” which must occur in the physical universe, cannot possibly provide universally consistent results if people allow it to be applied to abstract or subjective concepts, it is for this reason that your golden principle is flawed as it is based in subjectivity not objectivity and therefore allows more ambiguity than the NAP it should replace. I agree wholeheartedly that the principles we build society on must be universal, however without objectivity the result of your principle will change depending on the interpretation at an individual level. This subjectivity is what we must strive against as it is by this mechanism we allow the same descent into collective delusion and tyranny that we are currently striving to prevent.
 
For example, you may want to be Taxed because you think it is right and just, you may want to delegate your rights to others if you feel insecure in your ability to secure them, you may even want others to hurt you because it’s what you know and what you’re used to, You may even want to die…  These preferences are not at all uncommon, in fact these preferences(with the exception of masochism and the last tragic example) are considered normal in western society. This does not mean that any of these things should constitute an ethically and morally just viewpoint as it is just an individual’s opinion. If it is validated by the golden principle then to universalize some of these actions as morally valid is to commit atrocious acts of evil.
 
This is a fundamental failure of the principle to uphold the freedoms It is intended to protect.

edit: Grammar :)

4
Technical Support / Bitshares X Balance incorrect.
« on: July 30, 2014, 01:31:42 am »
Can anyone help with this? my wallet has become corrupted, I created with bitsharesx 0.2.1 and have a json backup after creation. Installed 0.2.3 and things didn't seem to be working ie: transactions would get stuck at pending. deleted all the directories and files except the wallets dir - reinstalled 0.2.1 and now i have no funds apparently...

Below looks ok...

>> wallet_account_transaction_history myshadow 1 90000 BTSX

shows up all the transactions

But then!

>> wallet_account_balance myshadow

No balances found.

Tried Importing the json backup because i would assume that the wallet files have become corrupted somehow and get the below issue.

>> wallet_create_from_json C:\TMP\wallet.json myshadow
20019 file_not_found: file not found
Filename to import from could not be found!
    {"filename":"C:TMPwallet.json"}
    bitshares  wallet.cpp:1020 bts::wallet::wallet::create_from_json

Can someone help please?

5
Stakeholder Proposals / 0% delegate
« on: July 25, 2014, 06:05:05 am »
Giving back to the community is where its at! 0% Pay Rate, Xeon Quad core with SSD and a 100mbit fullduplex Business grade link to the net.

wallet_approve_delegate myshadow

Pages: [1]