Daily Archives: January 29, 2021

By Paul Hill Neowin Jan 26, 2021 13:12 EST

Tails OS 4.15 has been released today bringing with it updates for the Tor Browser, the Linux kernel and fixes for several issues including USB tethering not working with devices running iOS 14 or later. Luckily, there are no new issues introduced with this version of the privacy-oriented OS but its still affected by long-standing issues.

According to the release notes, there are no new major changes in this update outside of updated software. The only new feature is that you now have the option to press Dont Show Again on the security notification that pops up when you attempt to run Tails on a virtual machine.

This update does come with several critical software patches for things like the Tor Browser which is now on version 10.0.9 (based on Firefox 78.7), Thunderbird has been bumped to 78.6.0, and the Linux kernel now sits on version 5.9.15 bringing support for newer hardware. The new kernel update also addresses a bug that prevented iOS 14 devices from being used for tethering.

To install Tails 4.15, youll either need to follow the guide to setting up a Tails USB to perform a clean install or you can upgrade an existing Tails install. When youve booted up your Tails 4.2 or above USB and connected to the internet, you will be offered the upgrade. If you choose to update, the new version will download and begin to install. If you would like to see whats planned in future updates, check out the Tails roadmap.

View original post here:
Tails OS 4.15 released with updated Tor Browser - Neowin

The Tails project released today Tails 4.15 as a monthly maintenance release to the amnesic incognito live system based on the Debian GNU/Linux operating system and used for anonymous communications.

Synced with the stable software repositories of the Debian GNU/Linux 10 Buster operating system series, Tails 4.15 is powered by Linux kernel 5.9.15 for improved hardware support and comes with updated core applications, including the Tor Browser 10.0.9 anonymous web browser and Mozilla Thunderbird 78.6 email client.

On top of these updates, Tails 4.15 also improves support for Ledger hardware wallets in the Electrum Bitcoin wallet app, adds USB tethering support for devices running Apples iOS 14 or later to share mobile data, and clarifies the error message about the size of the USB flash drive shown when starting Tails.

Full Story

This topic does not have any threads posted yet!

You cannot post until you login.

Read the rest here:
Tails 4.15 Anonymous OS Released with Tor Browser 10.0.9 and Thunderbird 78.6 - LXer

New Years ransomware news came early this year, when various media platforms began reporting the discovery of Babuk Locker, the newest ransomware variant to target corporations by encrypting files across network-connected devices andextorting ransom payments. For those hoping to see new ground broken in ransomware technology, Babuk Locker would have come as a disappointment. The code, its execution, the ways the operators communicate with victims and the threats to the stolen data have been labeled unprofessional. This does not mean that the malware is harmless; in fact, the opposite is true.

Babuk Locker was discovered only a few days after most of the West celebrated the new year, but those behind the ransomware had already snatched up a few victims. Victims included an elevator and escalator company, an office furniture manufacturer, a car parts manufacturer, a medical testing products manufacturer and an air conditioning and heating company based in the U.S.

We can thank computer science student Chuong Dong for the analysis; Dongs work is the best resource on Babuk Locker currently available to the InfoSec community. According to Dongs analysis, while the ransomware is fairly standard in terms of what it does and how it does it, the operators have included several common tactics that made strains like Sodinokibi and Ryuk surge in terms of successful infections. Such tactics include the double extortion tactic, hyperthreading and the ability to encrypt files across a victims network. Lets look at each in turn, and how Babuk Locker implements these tactics.

This has been, perhaps, the single most dominant trend in ransomware for the past year. Last year, at about the same time, the Maze ransomware gang (who have now opted for early retirement) began threatening to release stolen data before encryption of data was executed. The threats were soon followed by the gang releasing the data via a data leak site, accessible by other threat actors via a Tor browser. This became known as the double extortion tactic, and has seen wide adoption by almost all the major ransomware gangs targeting large corporate and government networks.

The tactic became synonymous with gangs classified as human-operated ransomware gangs; the term describes ransomware operators who use manual tools to gain access to a network, and slowly increase their network privileges until they can manually execute the malwares encryption protocols for the greatest effect on the target network. The double extortion tactic is an evolution of the human-operated trend. Recently, the tactic has evolved further to include gangs hiring call centers to cold-call victims and pressure them to pay the ransom.

Based on current research, Babuk operators have not gone so far as to cold-call victims; however, they have threatened to release and have released data belonging to victims. Rather than releasing data via a dedicated leak site, the ransomwares operators posted on underground hacker forums announcing, and then releasing, data of victims who refused to pay. Babuk does have a website, but this is used to communicate with victims and negotiate ransom payments. Here, one might view the operation as amateurish, in that all victims communicate via the same text channel so that everyone can see past communication between victims and the attacker.

When ransomware was in its infancy, it tended to only encrypt files locally; that is to say, only files on the infected machine could be encrypted so that the user could not access them. In modern networks, files are shared across the network so that the business can operate. It was only a matter of time before hackers realized that these shared network resources could be encrypted, too, and could effectively halt daily operations. Large organizations like Travelex, according to reports, paid the Sodinokibi gang over $2 million USD when their network was struck in this fashion, and forced the company to suspend many of its services.

Babuk Locker ransom demand message:

Babuk is capable of targeting files across the network through the use of command-line instructions that allow the malware to search across the network for shared resources. The command can also encrypt only local files. If the attacker successfully compromises a network-connected machine with high enough administrative privileges, it can be safely assumed that the attacker will look to encrypt files across the network, as this will cause more damage. The malware uses a combination of SHA256 hashing, ChaCha8 encryption, and Elliptic-curve DiffieHellman (ECDH) key generation and exchange algorithm to protect its keys and encrypt files. This means that, barring a major mistake by the malwares developers, the encryption is solid with no apparent way to decrypt files without the decryption key. This forces victims to either pay or restore from backups. The likelihood that a free decryptor will be released anytime soon is slim.

To further complicate recovering from Baduk Locker, the malware will do several things to help speed up and smooth the encryption process. But, first, before encryption begins, the malware looks for shadow copies and deletes them. Shadow copies are used to help create restore points if something critical happens to the machine so that important data isnt lost; deleting these makes recovery harder for those impacted by a Baduk attack. The malware will also terminate services that prevent file manipulation or alterations, including services associated with security suites that may prevent the malware from doing what it is intended to do.

The list of services targeted includes: vss, sql, svc$, memtas, mepocs, sophos, veeam, backup, GxVss, GxBlr, GxFWD, GxCVD, GxCIMgr, DefWatch, ccEvtMgr, ccSetMgr, SavRoam, RTVscan, QBFCService, QBIDPService, Intuit.QuickBooks.FCS, QBCFMonitorService, YooBackup, YooIT, zhudongfangyu, sophos, stc_raw_agent, VSNAPVSS, VeeamTransportSvc, VeeamDeploymentService, VeeamNFSSvc, veeam, PDVFSService, BackupExecVSSProvider, BackupExecAgentAccelerator, BackupExecAgentBrowser, BackupExecDiveciMediaService, BackupExecJobEngine, BackupExecManagementService, BackupExecRPCService, AcrSch2Svc, AcronisAgent, CASAD2DWebSvc, CAARCUpdateSvc.

Files encrypted by Babuk Locker:

Lastly, if files are in use, they cannot be encrypted not ideal for an attacker looking to encrypt as much as possible to guarantee that daily operations are stopped. To do this, Baduk Locker will terminate running processes that are used to run certain file types that businesses and government organizations rely on.

The processes terminated include: sql.exe, oracle.exe, ocssd.exe, dbsnmp.exe, synctime.exe, agntsvc.exe, isqlplussvc.exe, xfssvccon.exe, mydesktopservice.exe, ocautoupds.exe, encsvc.exe, firefox.exe, tbirdconfig.exe, mydesktopqos.exe, ocomm.exe, dbeng50.exe, sqbcoreservice.exe, excel.exe, infopath.exe, msaccess.exe, mspub.exe, onenote.exe, outlook.exe, powerpnt.exe, steam.exe, thebat.exe, thunderbird.exe, visio.exe, winword.exe, wordpad.exe, notepad.exe.

The act of encrypting files is a noisy affair, and when done en masse, its a key indication that something is wrong. Ransomware operators know this, and often choose to encrypt data when the business is quiet, slow or closed for the day. This is done in the hopes that no one is working; no one will notice and shut down the servers if something appears wrong. This information is gained by compromising the network days or weeks in advance of the attack and encryption process. This is one of the reasons why the final phase of the attack is usually done over weekends, and often in the early hours of the morning.

Other than relying on early hours best left for sleep, hackers have several tricks to make the encryption process go off smoothly. The speed at which files can be encrypted is an advantage, and to achieve this, hackers will abuse a machines hyperthreading capability. Modern CPUs have several cores stacked on top of one another to make processing faster. Each core acts like its own mini processor; the more you have the more tasks can be processed simultaneously. Hackers will use the CPUs hyperthreading ability to encrypt files faster. In practice, hyperthreading, when abused by hackers, is done to process various types of data. That which is easily encrypted is done on one thread, while larger, more complex data is sent to another thread for encryption. This drastically improves encryption efficiency, and reduces the overall time taken.

Babuk takes advantage of hyperthreading by first evaluating the number of CPU cores on the victims machine. Then, it creates a data structure to handle the threads. Dong points out that this method has several flaws, stating,

The first problem with this approach has to do with threads concurrency in an OS. A huge amount of threads can potentially be created for each process. However, in an ideal situation, its better to have one thread running per processor to avoid having threads competing with each other for the processors time and resource during encryption.However, that, by itself, is not that big of a problem if the author implemented a queue-like structure to process encrypting requests to utilize 100% of the victims processing power. Unfortunately, they decided to only spawn one encrypting thread per existing drive.

As theres likely to be more drives than threads created by the malware, Babuk cannot create as many threads as needed to speedily encrypt the targeted data. The malware then reverts to older, less efficient means of traversing through folders to encrypt data. If the malware can create the required number of threads to match the number of drives on the victims machine, the encryption will be a more efficient affair. Researchers will be quick to point out this flaw; however, for those already a victim of Babuk Locker, such discussions will be of little comfort.

Babuk Locker has already proved capable of creating corporate victims, and ransom demands have topped $80,000 USD. This amount is smaller than the take from some of the worlds most dangerous ransomware gangs, but it is not insignificant. While it can be successfully argued that the current version of Babuk Locker is not as efficientand well-coded as other ransomware examples, it still poses a clear danger to business and government networks.

Recent Articles By Author

Read the rest here:
Babuk Locker: Mediocre, But Gets the Job Done - Security Boulevard

Recently, following a change to Whatsapps privacy policy, hundreds of thousands of people from all over the world left for other services. Signal, an encrypted messenger service, saw so many sign-ups that it temporarily crashed.

This was followed by a mass exodus from social media, as Twitter and Facebook became embroiled in a debate on free speech and censorship, a chain of events that may signal a shift in how users value privacy.

Rachel-Rose OLeary is a coder and writer at Dark Renaissance Technologies. She was a tech writer for CoinDesk from 2017 to 2018, covering privacy tech and Ethereum. She has a background in digital art and philosophy, and has been writing about crypto since 2015. The views expressed in this article are her own and do not necessarily reflect those of the publication.

Related: The Future of Money in the Multiverse

Riccardo Spangi or fluffypony, the former lead maintainer of privacy-centric cryptocurrency monero, called this a watershed moment for privacy. People are realizing that you dont get privacy just handed to you. You have to stand up and take it, he told CoinDesk.

For years, topics including anonymity, censorship resistance and decentralization were the purview of political extremists. Armed with a pessimistic, even paranoid outlook, the forefathers of cryptocurrency engineered tools, like Bitcoin, for a world where civilization had fallen.

But now, spurred on by an information crisis and compounding global unrest, privacy has entered popular consciousness.

As on the popular consumer-facing apps such as Signal, activity on the encrypted anonymous internet, the darknet, is on the rise. While its hard to estimate usage due to its anonymity benefits, Tor Browser was downloaded 10% more on average this January than last year. In the past 12 months, the number of hidden websites has increased 180%.

Related: Money Reimagined: Letter to President Biden

Story continues

This rising popularity could be driving an increase in monero transactions. In December, darknet market Whitehouse reportedly announced it would no longer accept bitcoin payments, strengthening moneros foothold as the cryptocurrency of choice for the darknet.

See also: Steven Waterhouse The Pandemic Turbocharged Online Privacy Concerns

In fact, despite being delisted from exchanges Shapeshift and Bittrex, moneros price has steadily grown 140% in the past year, while its daily transactions have increased by a staggering 290%. Zcash has likewise increased nearly 70% in price.

All of this is to say theres a growing demand for privacy. Whats more, the privacy scene has never been more prepared for an influx of users.

Privacy has always been a core value of the crypto-anarchist philosophy. Bitcoin itself was designed to be pseudonymous, but its privacy-protecting features are insufficient to protect users from blockchain analysis.

In the past 10 years, fully anonymous cryptocurrency has emerged as a Holy Grail of blockchain research. Millions in research dollars have been committed, though until recently no purely private cryptos emerged without substantial trade-offs to scalability and decentralization.

Several small, incremental achievements are beginning to come to fruition. Litecoin is testing a potential privacy upgrade, Mimblewimble. Privacy coin Firo, previously named Zcoin, is pioneering new cryptographic research with its recent release of Lelantus.

Meanwhile, earlier this month, Zcash announced its plan to implement Halo 2, a groundbreaking upgrade that will allow the cryptocurrency to add new assets to its base layer, such as an anonymous stablecoin or wrapped versions of other cryptocurrencies while Monero is also building toward a multi-chain paradigm, specifically with privacy implications for Bitcoin through atomic swaps.

Further, while Moneros ring signatures reduce its anonymity, a new upgrade called TRIPTYCH will make this privacy leakage less of a concern.

Bitcoin, too, will see privacy-protecting enhancements with the long-anticipated rollout of its Taproot upgrade. When activated, Taproot will allow smart contracts written in the Bitcoin scripting language to appear like normal transactions, so more complex code can populate the blockchain undetected.

Its not just traditional cryptocurrencies that are undergoing a renaissance. Privacy apps are proliferating on decentralized finance (DeFi) while private smart contract platforms like Secret Network and Aleo are enabling general purpose, programmable privacy.

Can the state withstand a full-blown Bitcoin offensive?

All of these advancements are made possible by significant improvements in privacy tech, especially zero-knowledge cryptography. Having authored the first privacy-oriented Bitcoin wallet in 2013, Amir Taaki has been working on anonymity tech in crypto for nearly 10 years.

Zero-knowledge is probably the biggest breakthrough in cryptocurrency since the invention of Bitcoin itself. It enables an entire new class of privacy applications that previously couldnt exist before, he said.

Advances in privacy tech have the potential to revolutionize not just cryptocurrency, but all aspects of how we interact with the web. The internet is currently dominated by data harvesting and surveillance. In exchange for using a service, user data is collected by companies for increasingly surreal purposes, such as behavior prediction and control.

By offering a new economic vision for technology, the cryptocurrency ecosystem has the potential to challenge this paradigm. Mixnet provider Nym Technologies is working in this direction, offering privacy-friendly applications the ability to monetize their services.

Still, these new vistas will not be without their challenges. For the last year, crypto has been awash with rumors and headlines foretelling an impending regulatory crackdown.

In an interview that coincided with her statement that the European Central Bank (ECB) will release its own digital currency the digital euro within the next five years, ECB President Christine Lagarde called for global bitcoin regulation. Separately, U.S. Treasury Secretary nominee Janet Yellen said that cryptocurrencies are a particular concern for terrorism financing, and stated the need to curtail their use.

Both the U.S. and European Union formerly a privacy stronghold have also floated rules that threaten end-to-end encryption and privately held crypto addresses.

See also: Proposed Crypto Wallet Rule Among Those Frozen by Biden Pending Review

If there was ever a need for strong, unhackable, privacy-preserving tools to be built, its now.

Regulatory pressure may have an unintended consequence by making privacy-preserving cryptocurrencies more attractive. In a scenario where crypto is banned, crypto will merely go underground, where it had its beginnings.

A nightmare scenario for an industry overrun by bankers, such a grim regulatory outlook is widely dismissed as FUD. Not only would this cripple the emerging cryptocurrency ecosystem financially, but it would severely damage its core value propositions: openness, accessibility, being permissionless.

Still, perhaps in anticipation of regulatory crackdowns, Bitcoiners are adopting an increasingly militant rhetoric. Rumors of an impending privacy war have been circulating on Twitter, with cryptocurrency advocates volunteering themselves for the front line.

According to Taaki, such a confrontation is effectively preprogrammed.

I dont see a resolution between an emerging cryptocurrency industry and the state-backed fiat system, he said, These things are [at] loggerheads, and using anonymity to shield participants in a network is of vital importance to our success as a movement.

See also: Michael Casey A World Where Privacy and Saving Lives Can Coexist

The developer of privacy-focused Bitcoin wallet Wasabi, Max Hillebrand, said he is confident Bitcoins users will step up to the challenge. Armed with advanced technology and an ideology capable of carrying its followers to the barricades, he wondered:

Can the state withstand a full-blown Bitcoin offensive?

See more here:
We Have Entered the Age of Anonymous Crypto - Yahoo Finance

Cryptocurrency is progressively reshaping the online gambling industry. According to Statista, online gambling market is expected to be worth over $94 billion by the year 2024. This exponential growth is mainly attributed to the players ability to remain anonymous. Torpoker is a web-based poker gaming site which accepts Bitcoin currency.

Security is always the top most concern when dealing with any kind of online financial transaction and online gambling is no different. Torpoker uses PYQT5 open-source development framework to design its GUI and due to its known compatibility, it makes Torpoker support all popular operating system environments. The open-source software means that users can trust the platform and that the code is thoroughly tested and the patch management is efficient.

Furthermore, Torpoker chooses to disable JavaScript in the web application. Although JavaScript is widely used to extend functionality in web applications, it also posses a major security concern on the client side. JavaScript snippets are usually accessible to the user making it vulnerable to exploits with malicious intent. Moreover, JavaScript has a history of lack of proper web browser support since it is interpreted differently by different browsers which may cause unpredictability especially on the client-side.

Online Bitcoin casinos offer a higher degree of security since personal details are not required in order to perform transactions such as transfer of bitcoin, chances of malicious actors gaining access to personal sensitive data is drastically reduced. Moreover, Bitcoin transactions go through security layers which involve multiple verifications and several layers of encryption which protect the whole process. All these security measures contribute the overall reduction of a malicious attack surface

Torpoker is able to guarantee optimum privacy with the only requirement being a unique one-off address for transactions. The complete hashing of all wallet IDs and their corresponding transactional IDs allows for pseudo-anonymity among all user-user transactions. Hence, all Bitcoin transactions are completely anonymous and secure. Moreover, players have an assurance of transparency since all transactions are routed to a public ledger offering an additional layer of protection. Additionally, it is advisable to use the web application in tor browser which encrypts data through the network of relay nodes

In order for players to access their wallets securely, it is always recommended to access them only through trusted private networks since the private keys mostly use cloud storage. Once the wallets are securely accessed then Bitcoin transactions can made through the address provided by Torpoker. This means that users may be the weakest link since poor storage of wallets or dubious cryptocurrency exchanges may cause unauthorized access which may result in a loss of coins. Most security breaches associated to Bitcoin and other cryptocurrencies happen mostly on cryptocurrency exchanges and not necessarily of gambling sites which makes Torpoker incredibly secure. Torpoker offers even more security by providing dedicated private servers for rent which gives the players the ultimate control over privacy and security.

Go here to see the original:
The safest place to play poker - - VENTS Magazine

Lionsgate has released a trailer for its upcoming film Silk Road, based on the darknet marketplace of the same name and we are more excited to watch it than we expected.

Simply titled Silk Road the film appears to be a mix of acting and real-life news clips telling the story of the marketplace from inception to its closure by the FBI in 2013.

Check out the trailer below.

The film stars Nick Robinson (Boardwalk Empire, Jurassic World) as the founder of Silk Road, better known as Dread Pirate Roberts and Jason Clarke (Everest, Terminator Genisys) as Rick Bowden who plays a disgraced DEA agent. Clarkes character appears to be fictional as we can find no reference to an agent of the same name in reports about Silk Road.

While Silk Road became synonymous with drugs, it also brought Bitcoin and the Tor browser into the public conversation. Unfortunately for Bitcoin, its use by Silk Road patrons gave it the reputation that the cryptocurrency was used by criminals. Thankfully that reputation seems to have disappeared in recent years.

But were more interested in the story about how Ulbricht was caught which this film appears to address. We dont want to spoil anything but one of the reasons will have to smacking your forehead in disbelief.

While Ulbricht is currently serving two life sentences without the possibility of parole, his website left an indelible mark on the world and to this day you can still find ways to buy things online that you shouldnt be able to buy.

Silk Road will release in theatres and everywhere you rent movies on 19th February.

Originally posted here:
Were itching to watch the Silk Road movie next month - htxt.africa