The Prometheus League
Breaking News and Updates
- Abolition Of Work
- Ai
- Alt-right
- Alternative Medicine
- Antifa
- Artificial General Intelligence
- Artificial Intelligence
- Artificial Super Intelligence
- Ascension
- Astronomy
- Atheism
- Atheist
- Atlas Shrugged
- Automation
- Ayn Rand
- Bahamas
- Bankruptcy
- Basic Income Guarantee
- Big Tech
- Bitcoin
- Black Lives Matter
- Blackjack
- Boca Chica Texas
- Brexit
- Caribbean
- Casino
- Casino Affiliate
- Cbd Oil
- Censorship
- Cf
- Chess Engines
- Childfree
- Cloning
- Cloud Computing
- Conscious Evolution
- Corona Virus
- Cosmic Heaven
- Covid-19
- Cryonics
- Cryptocurrency
- Cyberpunk
- Darwinism
- Democrat
- Designer Babies
- DNA
- Donald Trump
- Eczema
- Elon Musk
- Entheogens
- Ethical Egoism
- Eugenic Concepts
- Eugenics
- Euthanasia
- Evolution
- Extropian
- Extropianism
- Extropy
- Fake News
- Federalism
- Federalist
- Fifth Amendment
- Fifth Amendment
- Financial Independence
- First Amendment
- Fiscal Freedom
- Food Supplements
- Fourth Amendment
- Fourth Amendment
- Free Speech
- Freedom
- Freedom of Speech
- Futurism
- Futurist
- Gambling
- Gene Medicine
- Genetic Engineering
- Genome
- Germ Warfare
- Golden Rule
- Government Oppression
- Hedonism
- High Seas
- History
- Hubble Telescope
- Human Genetic Engineering
- Human Genetics
- Human Immortality
- Human Longevity
- Illuminati
- Immortality
- Immortality Medicine
- Intentional Communities
- Jacinda Ardern
- Jitsi
- Jordan Peterson
- Las Vegas
- Liberal
- Libertarian
- Libertarianism
- Liberty
- Life Extension
- Macau
- Marie Byrd Land
- Mars
- Mars Colonization
- Mars Colony
- Memetics
- Micronations
- Mind Uploading
- Minerva Reefs
- Modern Satanism
- Moon Colonization
- Nanotech
- National Vanguard
- NATO
- Neo-eugenics
- Neurohacking
- Neurotechnology
- New Utopia
- New Zealand
- Nihilism
- Nootropics
- NSA
- Oceania
- Offshore
- Olympics
- Online Casino
- Online Gambling
- Pantheism
- Personal Empowerment
- Poker
- Political Correctness
- Politically Incorrect
- Polygamy
- Populism
- Post Human
- Post Humanism
- Posthuman
- Posthumanism
- Private Islands
- Progress
- Proud Boys
- Psoriasis
- Psychedelics
- Putin
- Quantum Computing
- Quantum Physics
- Rationalism
- Republican
- Resource Based Economy
- Robotics
- Rockall
- Ron Paul
- Roulette
- Russia
- Sealand
- Seasteading
- Second Amendment
- Second Amendment
- Seychelles
- Singularitarianism
- Singularity
- Socio-economic Collapse
- Space Exploration
- Space Station
- Space Travel
- Spacex
- Sports Betting
- Sportsbook
- Superintelligence
- Survivalism
- Talmud
- Technology
- Teilhard De Charden
- Terraforming Mars
- The Singularity
- Tms
- Tor Browser
- Trance
- Transhuman
- Transhuman News
- Transhumanism
- Transhumanist
- Transtopian
- Transtopianism
- Ukraine
- Uncategorized
- Vaping
- Victimless Crimes
- Virtual Reality
- Wage Slavery
- War On Drugs
- Waveland
- Ww3
- Yahoo
- Zeitgeist Movement
-
Prometheism
-
Forbidden Fruit
-
The Evolutionary Perspective
Daily Archives: September 7, 2015
Cryptocurrency-Stealing Malware Landscape – Dell SecureWorks
Posted: September 7, 2015 at 11:46 am
Introduction
Bitcoin, a digital currency and payment system introduced in 2009, has been subject to an increasing amount of attention from thieves. Although the system itself is protected by strong cryptography, thieves have stolen millions of dollars of bitcoin[i] from victims by exploiting weaknesses in Bitcoin private key storage systems.
Since Bitcoin's introduction, an increasing number of alternative digital currencies (altcoins) have been created, based on the original Bitcoin client's source code. Even though none of these altcoins have approached the per-coin value of Bitcoin, some have achieved total market caps measuring in the millions of dollars. As a result, these altcoins have also been targeted for theft.
Mass theft of cryptocurrency is usually accomplished through the hacking of exchanges or marketplaces. These thefts are typically well-publicized, and the total number of stolen coins is known. However, another category of Bitcoin theft targets individual users' wallets or exchange accounts via malware such as general-purpose remote access trojans (RATs) or specialized cryptocurrency-stealing malware (CCSM). Due to the skyrocketing value of cryptocurrencies since the beginning of 2013 and the relative simplicity of coding malware and tools to steal cryptocurrency, the Dell SecureWorks Counter Threat Unit(TM) (CTU) research team predicts that CCSM will become one of the fastest-growing categories of malware.
CCSM classification project
To understand the scope of this new threat, CTU researchers embarked on a project to obtain and classify as many CCSM samples as possible. Researchers scanned incoming malware streams with YARA rules, searching for samples that refer to known cryptocurrency software wallet filenames and locations. These samples were classified into families based on similarity. As of this publication, there are more than 100 unique families of malware on the Internet with functionality to steal wallet files or to steal cryptocurrency using other means.
Overall trends
Figure 1 shows the increase in the Windows-compatible CCSM over time. This chart tracks only Windows malware because the Windows portable executable format includes a timestamp in the file headers showing exactly when the malware was compiled. Most malware authors do not bother to alter this timestamp post-release, so it a reasonable and reliable indicator of when a particular sample was created. This chart shows the relationships between average monthly Bitcoin price, new family emergence, and overall total number of families. These variables show a correlation between malware emergence and the price (acceptance) of the currency.
Figure 1. The correlation between Bitcoin price, new malware emergence, and total threat of cryptocurrency-stealing malware. (Source: Dell SecureWorks)
The trend shown in Figure 1 closely follows the overall price trend of Bitcoin. As Bitcoin has become more valuable, more malware authors are targeting it. The record-breaking highs in Bitcoin value from the end of 2013 into 2014 have been accompanied by record-breaking numbers of new CCSM families.
Popularity of coins in CCSM
All CCSM analyzed by CTU researchers targeted Bitcoin. Figure 2 shows the distribution of CCSM-targeted altcoins between January 2009 and the middle of February, 2014.
Figure 2. The distribution of altcoins targeted by CCSM between January 2009 and mid-February, 2014. (Source: Dell SecureWorks)
Figure 3 shows the overall ratio of samples belonging to each malware family. A few malware families seem to be in widespread distribution, while others may have only one or two variants. The "Unclassified" group represents cryptocurrency malware that CTU researchers have not classified as of this publication. The "Miscellaneous" group includes the cryptocurrency malware families the CTU research team has discovered that would not fit into the chart.
Figure 3. The overall ratio of discovered samples belonging to each malware family. (Source: Dell SecureWorks)
CCSM categories
Wallet stealer
The most common type of CCSM is the wallet stealer, a category that includes nearly every family of CTU-analyzed CCSM. This type of malware searches for "wallet.dat" or other well-known wallet software key storage locations, either by checking known file locations or by searching all hard drives for matching filenames. Typically, the file is uploaded to a remote FTP, HTTP, or SMTP server where the thief can extract the keys and steal the coins by signing a transaction, transferring the coins to the thief's Bitcoin/altcoin address.
Most cryptocurrency security guides recommend protecting the wallet with a strong passphrase, preventing the thief from decrypting and using the private keys if the file is stolen. To counter this protection, many of the analyzed wallet-stealer malware families use a keylogger or clipboard monitor to obtain the wallet file's passphrase and send it to the thief.
Credential stealer
Many wallet-stealer families also steal credentials for various web-based wallets, such as Bitcoin exchanges. Some individuals keep a significant amount of bitcoin or other currency in exchanges to trade on price movements. Malware authors are aware of this activity, and many victims have reported that their exchange wallets were emptied without their authorization. In most cases, it is impossible to know exactly what malware was used in the theft, because a full forensic analysis of the victim's hard drive is rarely performed.
Many exchanges have implemented two-factor authentication (2FA) using one-time PINs (OTP) to combat unauthorized account logins. However, advanced malware can easily bypass OTP-based 2FA by intercepting the OTP as it is used and creating a second hidden browser window to log the thief into the account from the victim's computer. Simultaneously, the malware displays a fake "authentication failed" message and blocks the victim's access to the website while the thief empties the account. CTU researchers have not observed a verified example of this type of attack against cryptocurrency exchanges. However, this technique has been successfully used against online banking sites for several years, and it is only a matter of time before CCSM uses this approach.
Man in the middle
CTU researchers have observed at least one family of CCSM that does not exfiltrate wallet files or private keys. Instead, it acts as a "man in the middle," altering the recipient address of a transaction before it is signed. The observed sample runs in the background, monitoring the contents of the clipboard. The malware checks new data in the clipboard for a valid Bitcoin address. If the data is a valid address, the malware replaces it with the thief's Bitcoin address. Victims who do not notice the replacement send the bitcoins to the thief.
RPC automation
Bitcoin and altcoin "reference client" software includes remote procedure call (RPC) functionality, which allows another program to interact with the wallet software. In many cases, a thief with access to this functionality could connect to a running client on a local TCP port and steal the balance of an unencrypted wallet using only two commands (three if the wallet is encrypted and the malware has obtained the passphrase). CTU researchers have not witnessed any CCSM malware taking advantage of this technique as of this publication. It would be difficult to detect this type of theft from a network standpoint, as the transaction would look like any authorized transaction. Another advantage to this technique is that it requires no external command and control (C2) or exfiltration server that can be shut down or blocked.
Detection rates
Across the CCSM samples analyzed by CTU researchers, the average unweighted detection rate across all major antivirus (AV) vendors was 48.9%. Figure 4 lists the major CCSM families classified by the CTU research team and their respective detection rates averaged across all major AV vendors.
Figure 4. Top CCSM families and their detection rate across AV vendors as of February 20, 2014. (Source: Dell SecureWorks)
Wallet protection
Client software choices
When the private keys for a cryptocurrency are stored on a computer connected to the Internet, the potential for theft exists. For Bitcoin there are alternative wallets, such as Armory and Electrum, which can protect against theft-by-malware by using a split arrangement for key storage. One computer, disconnected from any network, runs a copy of the software and holds the private key that can sign transactions. A second computer connected to the Internet holds only a master public key of which addresses belong to the offline wallet. This computer can generate transactions, but it cannot sign them because it does not have the private key. A user wishing to transfer coins generates an unsigned transaction on the online computer, carries the transaction to the offline computer, signs the transaction, and then carries it to the online computer to broadcast the transaction to the Bitcoin network.
Using a split Armory or Electrum wallet can make processing transactions much safer, although the user must still verify the transaction details to ensure malware on the online computer has not altered the transaction before it is signed. Unfortunately, no such clients currently exist for altcoins, although the need for them is recognized and bounties have been offered for their development.
Hardware wallets
Using two computers in a split arrangement where transactions are carried via "sneakernet" is relatively secure, but the logistics are complicated. A much more convenient method would be to use a dedicated hardware device to store the private keys and verify transactions without the possibility of theft. These devices are already in development, with one (the "Trezor" wallet) due to be shipped within the first quarter of 2014.
Transaction integrity verification
Hardware wallets work well for local transactions but not for safely interacting with a remote website on a potentially infected computer. Securely verifying a transaction that has transited a potentially compromised waypoint requires an offline device that can display the details of the transaction before it is processed. Public-key cryptography signs the transaction data on the bank's server before the data is sent to the user. The offline device can verify the signature of the transaction and determine if any changes occurred in transit. If the transaction shows no tampering, the offline device generates a one-time code that authenticates the transaction. This transaction integrity verification (TIV) should become standard for all financial entities, including institutions and sites that accept cryptocurrencies.
Conclusion
After observing CCSM, CTU researchers drew the following conclusions:
As discussed in Enterprise Best Practices for Cryptocurrency Adoption, wallet security is the most pivotal aspect to keeping funds secure. Implementing the practices outlined in that publication will mitigate most, if not all, of the current threats to cryptocurrency wallets.
Appendix
Table 1 lists the most commonly observed malicious filenames in the CTU research team's sample set.
Table 1. Common filenames in malware samples.
Endnotes
[i] Bitcoin (capitalized) refers to the protocol, software, and community, while bitcoins (lowercase) are currency units.
See the article here:
Cryptocurrency-Stealing Malware Landscape - Dell SecureWorks
Posted in Cryptocurrency
Comments Off on Cryptocurrency-Stealing Malware Landscape – Dell SecureWorks
Eczema | BabyCenter
Posted: at 11:45 am
Definition of eczema in babies
Eczema (also called atopic dermatitis) is a skin rash that usually appears before age 5. In babies it tends to show up on the cheeks and scalp, but it may spread to the arms, legs, chest, or other parts of the body. After a child's first year, it's most likely to show up on the insides of the elbows, the backs of the knees, the wrists, and the ankles, but it can also appear elsewhere.
About 20 percent of babies and young children have eczema. It usually starts in infancy, with 65 percent of patients developing symptoms in the first year of life and 90 percent developing symptoms before age 5.
The rash might look like dry, thickened, scaly skin, or it might be made up of tiny red bumps that ooze or become infected if scratched. Scratching can also cause thickened, darkened, or scarred skin over time.
Eczema typically comes and goes. It isn't contagious, but because it's intensely itchy, it can be very uncomfortable, and scratching can be a problem. If untreated, the rash can be unsightly, so it may present a social challenge for a child, too.
Your doctor can diagnose eczema by examining your child's skin. He may send you to a dermatologist for confirmation and treatment.
There's no way to know ahead of time whether a child will outgrow eczema, but fortunately the condition usually becomes less severe with age. Many children outgrow eczema by age 2, and many others outgrow it by adulthood.
Dr P. Marazzi / Science Source
No one knows for sure what causes it, but the tendency to have eczema is often inherited. So your child is more likely to have it if you or a close family member has had eczema, asthma, or allergies.
Eczema is not an allergic reaction to a substance, but allergens or irritants in the environment (such as pollen or cigarette smoke) can trigger it. Less frequently, it can be triggered by allergens in your child's diet or in your diet if your child is breastfeeding.
The rash can also be aggravated by heat, irritants that come in contact with the skin (like wool or the chemicals in some soaps, fragrances, lotions, and detergents), changes in temperature, and dry skin. Stress can also trigger a flare-up of eczema.
Taking good care of your child's skin and avoiding triggers can help treat and prevent flare-ups.
Bathing and moisturizing
Talk with the doctor about how often to bathe your child. Many experts now believe that daily bathing can be helpful for children with eczema. Just don't make the water too warm, because very warm water dries out the skin faster than lukewarm water.
Use a mild soap or non-soap cleanser, and wash and shampoo your child at the end of the bath so he isn't sitting in soapy water. As soon as you get your child out of the tub, pat (don't rub) excess water from his skin with a soft towel or washcloth.
Then, while the skin is still damp, promptly apply a liberal amount of moisturizer or emollient an ointment, cream, or lotion that "seals in" the body's own moisture to your child's skin. Ointments and creams contain more emollient and less water than lotions and are usually best for children with eczema.
"I recommend emollients for children of all ages," says Michael Smith, an associate professor of medicine and pediatrics in the division of dermatology at Vanderbilt Medical Center in Nashville. He suggests testing the emollient for a short time to make sure it doesn't irritate your child's skin.
The most effective approach, according to Smith, is to hydrate and lubricate the skin at the same time by applying emollient to damp skin. The emollient won't improve the red, inflamed, itchy areas, but it will help restore the skin's invisible protective barrier. (This barrier makes up part of the normal outer layer of the skin and is impaired in kids with eczema.)
Allowing skin to breathe and stay cool
Dress your child in smooth natural fabrics, like cotton. Avoid wool and other scratchy materials, which can irritate very sensitive skin. Don't overheat your child by bundling him up more than necessary.
Soaps and cleansers
Switch to mild, fragrance-free soaps or non-soap cleansers and shampoos, or those made for sensitive skin. Use mild, fragrance-free detergent for washing clothes and bedding. Don't use fabric softeners.
Prevent scratching
Your child may try to get relief by scratching with his hands or by rubbing his face against the sheet during sleep. But scratching and rubbing can further irritate or inflame the skin and make matters much worse.
Use the softest sheets possible in the crib or bed, and keep your child's nails short. Put him to bed with cotton mittens or socks on his hands if he'll tolerate them.
If your child has a lot of trouble sleeping because of the itching, consult your doctor. He may suggest an antihistamine to help your child rest better.
Soothe flare-ups
During a flare-up, you can try applying cool compresses to the area several times a day, followed by a moisturizer.
A study published in the May 2009 issue of Pediatrics tested treatments on children with severe eczema. The kids ranged in age from 6 months to 17 years.
Researchers found that soaking for five to ten minutes twice a week in a diluted bleach bath was five times more effective at treating eczema than plain water (used by the placebo group). The improvement was so dramatic that the researchers stopped the study early to allow children in the placebo group to benefit from the method.
Amy Paller, senior author of the study and the Walter J. Hamlin professor and chair of the department of dermatology and professor of pediatrics at Northwestern University Feinberg School of Medicine, says that with their doctor's approval parents of children with moderate to severe eczema might want to try this method, especially if their child gets skin infections.
Paller recommends a scant two teaspoons of bleach per gallon of bathwater (or 1/2 cup per full tub) at least twice a week, taking these precautions: 1) Make sure your child doesn't drink the water. 2) Disperse the bleach in the water before putting your child in the tub (you don't want undiluted bleach to get on her skin).
Nashville pediatrician Smith agrees with Paller's approach. "It's safe and easy to do," he says. "It's basically like a freshly chlorinated swimming pool, which serves to kill germs in the pool. It is very useful for kids with recurrent skin infections related to eczema, but it has also been shown effective just to eliminate bacteria, making the eczema easier to treat."
Smith tells parents to use 1/3 to 1/2 cup for a full tub or 1 teaspoon per gallon. He also suggests rinsing off briefly afterward, to get rid of the bleach smell.
To avoid getting the bleach water in your child's eyes or mouth, Smith cautions not to use bleach on the face. Instead, he recommends a good barrier ointment such as petrolatum to protect the skin on the face from irritants such as saliva, food, and beverages.
For open, oozing areas on the face, he suggests over-the-counter antibiotic ointments such as bacitracin or a polymyxin/bacitracin combination. If these remedies don't work, it's time to get in touch with your child's doctor.
Read the original post:
Eczema | BabyCenter
Posted in Eczema
Comments Off on Eczema | BabyCenter
What is Libertarianism? – Institute for Humane Studies
Posted: at 11:44 am
According to Funk and Wagnalls Dictionary
lib-er-tar-i-an, n. 1. a person who advocates liberty, esp. with regard to thought or conduct. advocating liberty or conforming to principles of liberty.
According to American Heritage Dictionary of the English Language: Fourth Edition, 2000.
NOUN: 1. One who advocates maximizing individual rights and minimizing the role of the state.
The Challenge of Democracy (6th edition), by Kenneth Janda, Jeffrey Berry, and Jerry Goldman
Liberals favor government action to promote equality, whereas conservativesfavor government action to promote order. Libertarians favor freedom and oppose government action to promote either equality or order.
According to What It Means to Be a Libertarian by Charles Murray, Broadway Books, 1997.
The American Founders created a society based on the belief that human happiness is intimately connected with personal freedom and responsibility. The twin pillars of the system they created were limits on the power of the central government and protection of individual rights. . . .
A few people, of whom I am one, think that the Founders insights are as true today as they were two centuries ago. We believe that human happiness requires freedom and that freedom requires limited government.
The correct word for my view of the world is liberal. Liberal is the simplest anglicization of the Latin liber, and freedom is what classical liberalism is all about. The writers of the nineteenth century who expounded on this view were called liberals. In Continental Europe they still are. . . . But words mean what people think they mean, and in the United States the unmodified term liberal now refers to the politics of an expansive government and the welfare state. The contemporary alternative is libertarian. . . .
Libertarianism is a vision of how people should be able to live their lives-as individuals, striving to realize the best they have within them; together, cooperating for the common good without compulsion. It is a vision of how people may endow their lives with meaning-living according to their deepest beliefs and taking responsibility for the consequences of their actions.
Link:
What is Libertarianism? - Institute for Humane Studies
Posted in Libertarianism
Comments Off on What is Libertarianism? – Institute for Humane Studies
Review of Our Posthuman Future
Posted: at 7:49 am
Francis Fukuyama, the well-known author of The End of History and the Last Man, takes on a subject far from his usual field of international political economy: biotechnology. Yet, in his introduction, he shows that there is indeed a link: his 1989 book met with a great deal of criticism, and one argument he found impossible to refute was that there could be no end of history unless there was an end of science. This new book takes that concept further, and considers the impact of modern biology on the understanding of politics.
Being a child of the 1950s, Fukuyama cites two books that were not only decisive in forming his worldview, and that of others growing up in the same period, but which act as templates for examining how our world might evolve. George Orwells 1984, which posits a world of centralized control, never came to be as such, partly because the Internet which developed is the opposite of the centralized system shown in this dystopia. But Aldous Huxleys Brave New World still gives us food for thought, as the biotechnology revolution gets underway. In Huxleys world, drugs were made to ensure that peoples every need and desire be met, essentially abolishing human nature. Fukuyama argues that, Huxley was right, that the most significant threat posed by contemporary biotechnology is the possibility that it will alter human nature and move us into a posthuman stage of history.
Fukuyama seems worried more by the possibility that the biotech revolution will have political consequences rather than any specific effect on individuals. He sees the potential for class wars, as the rich have access to drugs and techniques that make them, and their children, smarter, stronger, and longer-living. This is indeed a different issue than the more basic moral questions than arise, and he is right to raise it. For what would happen in a world, which is already strongly polarized between haves and have-nots, when the haves not only enjoy better goods, food and living conditions, but also life, by purchasing extra years of living, new organs when the old ones break down, or by designing their children before their births.
As the floodgates of biotechnology open, there are several areas of exploration that, unfortunately, get conflated or confused. The main issues are not limited to human cloning, which has gotten by far the greatest amount of press. Other issues involve cognitive neuroscience, and the possibility of controlling behavior; neuropharmacology, and the creation of drugs that enhance certain emotions and repress others; genetic engineering, where new plants and animals can be created, or where humans can be modified; and the prolongation of life, either through the use of chemicals or transplants, or other, as yet undiscovered techniques.
What Fukuyama succeeds in showing in this book is the extent to which the biotechnology revolution can and will affect us. Far beyond the simple debate over human cloning and stem-cell research, which have led to distinct camps digging into the trenches, defending either scientific or religious beliefs, the myriad issues involvedsome of which are already present, others which may or may not exist, according to the success or failure of scientistswill have a great effect on the future of our civilization. But will the effect be greater than other revolutions, such as the agricultural and industrial revolutions? Fukuyama calls for common sense and the regulation of experiments and applications, so mistakes are not made through precipitation.
In short, this is an essential book, for two reasons. First, because its lucid, objective presentation of the issues and their context allows the reader to understand what is at stake without undue religious or racist leanings which have often, over the years, been lurking behind many of these questions. And second, because, like it or not, these issues exist, and choices will have to be made, and soon.
Kirk McElhearn
Kirk McElhearn (kirk@mcelhearn.com) is a freelance writer and translator living in a village in the French Alps. You can find out all about him at his web site, http://www.mcelhearn.com.
Read more:
Posted in Posthuman
Comments Off on Review of Our Posthuman Future
