btcinfo  

Hic inserere motto

Ledger adds bluetooth SFYL device to stable.

January 07, 2019 — shinohai

Deciding that not enough cracks are visible in their wallet design, Ledger announced a new device called "LedgerX" that eminently hackable bluetooth support, which will handily announce your candidacy for SFYL to anyone within 10-20 meters. The company already entered the New Year as a loss leader after the wallet.fail team reviewed the device and determining it to be covered in webshit.

Tags: News, Bitcoin, Webshit

Alabama police department blames Satan for recent spike in homicides

December 21, 2018 — shinohai

No, they really did. (archived)

The Facebook message is quoted in full below:

THIS PAST SUNDAY, A YOUNG MAN WAS SHOT AND KILLED IN KINSTON. MONDAY NIGHT, A MOTHER WAS SHOT AND KILLED IN NORTHERN COVINGTON COUNTY. THERE HAVE BEEN FIVE MURDERS IN COVINGTON COUNTY IN 2018. THESE MURDERS HAVE BEEN DONE BY OUR YOUNG PEOPLE. THIS IS HAPPENING BECAUSE WE HAVE TURNED AWAY FROM GOD AND EMBRACED SATAN. WE MAY HAVE NOT MEANT TO DO SO BUT, WE HAVE. IT IS TIME TO ASK FOR GOD?S HELP TO STOP THIS. IT IS TIME TO BE PARENTS AND RAISE OUR CHILDREN, NOT HAVE THEM RAISE US. IT IS TIME TO FULLY SUPPORT LAW ENFORCEMENT AND STAND BY THE OFFICERS AND DEPUTIES THAT ARE FAR TOO OFTEN HAVING TO WALK INTO THESE DANGEROUS SITUATIONS AND CLEAN UP THE MESS. FRIENDS, IT IS TIME TO STAND UP AND BE RESPONSIBLE, GROWN UP LEADERS IN OUR COMMUNITY. BOTTOM LINE, THERE ARE SHEEP; THERE ARE WOLVES AND THERE ARE SHEEP DOGS. WHICH GROUP DO YOU BELONG TO ?

The National Freedom From Religion Foundation says the department is "wrongly promoting religion with the social media message" seeing as it is illegal for a government entity to endorse or criticize religious belief.

Tags: News, Lulz, Murica, Webshit

Pennsylvania Porch Pirate Pilfers Poop.

December 16, 2018 — shinohai

A thief swipes a box from a man's porch that contained used cat litter instead of Amazon treasures she had expected. (archived)

Tags: News, RSS, Webshit

Twitter account of target.com hacked to promote giveaway scam.

November 13, 2018 — shinohai

Unknown individuals gained access to the official Target twitter account earlier today and attempted to promote a 5000 BTC giveaway scam. The tweet posted by the hacker(s), now deleted, asked users to send small amounts of Bitcoin to an address in order to participate in a chance to win the Bitcoin prize, which is worth around $30 Million USD at the time of writing. The incident is another example of the poor security used by the twitter platform and its unwillingness to stop the proliferation of scams that usually target "verified" accounts.

Tags: News, Bitcoin, Scams, Webshit

Eliminating malicious TLDs with regex

September 07, 2018 — shinohai

A discussion on Telegram this morning led to this post, I decided to preserve this handy list of regular expressions for filtering out mostly dumb and malicious TLD's. I am personally using an EdgeRouter Lite with dnsmasq for this purpose, so your mileage may vary - feel free to modify and make these better. Suggestions for changes may be sent to my email listed on the contact page, as usual non-encrypted content will be ignored.

^https?://([A-Za-z0-9.-]*\.)?.gq/ 
^https?://([A-Za-z0-9.-]*\.)?.cf/ 
^https?://([A-Za-z0-9.-]*\.)?.men/ 
^https?://([A-Za-z0-9.-]*\.)?.loan/ 
^https?://([A-Za-z0-9.-]*\.)?.ml/
^https?://([A-Za-z0-9.-]*\.)?.top/
^https?://([A-Za-z0-9.-]*\.)?.work/
^https?://([A-Za-z0-9.-]*\.)?.click/
^https?://([A-Za-z0-9.-]*\.)?.tk/
^https?://([A-Za-z0-9.-]*\.)?.country/
^https?://([A-Za-z0-9.-]*\.)?.pw/
^https?://([A-Za-z0-9.-]*\.)?.party/
^https?://([A-Za-z0-9.-]*\.)?.trade/ 
^https?://([A-Za-z0-9.-]*\.)?.review/ 
^https?://([A-Za-z0-9.-]*\.)?.club/ 
^https?://([A-Za-z0-9.-]*\.)?.bid/

YARA compatible regular expressions for detecting base64 encoded variable-case http:// and https:// URI prefixes:

HTTP:// ([\x2b\x2f-\x39A-Za-z][\x2b\x2f-\x39A-Za-z][\x31\x35\x39BFJNRVZdhlptx]
[Io][Vd][FH][R][Qw][O]i\x38v[\x2b\x2f-\x39A-Za-z]|[\x2b\x2f-\x39A-Za-z]
[\x30\x32EGUWkm][h][\x30U][Vd][FH][A]\x36Ly[\x2b\x2f\x38-\x39]|[Sa][FH][R][\x30U]
[Uc][D]ovL[\x2b\x2f-\x39w-z])

HTTPS:// ([\x2b\x2f-\x39A-Za-z][\x2b\x2f-\x39A-Za-z][\x31\x35\x39BFJNRVZdhlptx]
[Io][Vd][FH][R][Qw][Uc][z]ovL[\x2b\x2f-\x39w-z]|[\x2b\x2f-\x39A-Za-z]
[\x30\x32EGUWkm][h][\x30U][Vd][FH][B][Tz][O]i\x38v[\x2b\x2f-\x39A-Za-z]|[Sa][FH][R][\x30U]
[Uc][FH][M]\x36Ly[\x2b\x2f\x38-\x39])

Tags: Insecurity, Webshit

Static address bug discovered in Ledger app

August 03, 2018 — shinohai

The Ledger hardware wallet team announced a serious "bug" in the Ledger Wallet Ethereum Chrome application, telling lusers to avoid using it as it generates a static address for everyone. But "Engineering is working on it" so they recommend using more Webshit, like MyEtherWallet, in the meantime while the company tries to figure out why webpages generate static addresses and bikeshed a solution.

Tags: News, Cryptocurrency, Insecurity, Lulz, Webshit

Conbase Cucks Venezuelan Userbase.

August 03, 2018 — shinohai

Coinbase has reportedly cut off access to cryptocurrency withdrawls to citizens of Venezuela. Visitors to the site from Venezuelan IP's are reporting that the following message is being displayed in their browser:

This latest Conbase Cucking is one of a series of "LOL KYC/AML" mishaps that does not affect users of Actual Bitcoin

Tags: News, Bitcoin, Cryptocurrency, Webshit

Indy developers announce mETH clients capable of sharting.

August 01, 2018 — shinohai

status.im, a "company" that makes useless application for the Ethereum database, has announced the release of Nimbus, a client they claim is capable of sharting. Clients capable of sharting have until now only produced vaporous farts, but developers hope it will offer "scaling solutions" for a network currently choked by numerous apps that offer no substantial benefit to any actual thinking human beings. Armchair "developers" are invited to participate on the company Shithub repository.

Tags: News, Cryptocurrency, Webshit

AUR latest victim of repository rape

July 10, 2018 — shinohai

More poisoned repositories are found, this time on the Arch User Repository. This, combined with the recent lulz on the gentoo shithub further confirm that only the trinque model can prevent repository rape.

Tags: News, UNIX, Webshit, Lulz

Raleigh woman reports Roblox rape

July 04, 2018 — shinohai
A woman from Raleigh, N.C said she was left "traumatised and violated" after watching as her "sweet and innocent daughter's avatar was ... violently gang-raped on a playground by two males" in the alt-minecraft game Roblox. Screenshots of the event shared on social media showed a ms-paintesque girl lying face down in a dark playground, presumably with the electronic seed of her attackers spilling out of her virtual virgin vagina. The players responsible for these lulz were "permanently banned" from the platform, which boasts 64 million monthly players. (archived)

Tags: News, Lulz, Webshit

2017 Ethereum ICO's offered insecurity-as-a-service

June 25, 2018 — shinohai

Security researchers with positive.com, which specializes in auditing ICO's, found an average of 5 vulnerabilities in each of 2017's offerings according to a recent report. 71% contained at least one or more security flaw, and every ICO that offered an app was vulnerable. One third of all web apps contained common weaknesses such as code injection, disclosure of sensitive webserver info, or insecure data transfer. Most of the lulz were due to the copy/paste development culture which is common these days, as well as just building infrastructure on the already laughably insecure Ethereum platform, the pretend blockchain of choice for scammers worldwide.

Tags: News, Cryptocurrency, Webshit, Lulz

Defeating adblock detectors: popularmechanics.com

June 23, 2018 — shinohai

While viewing websites in a graphical web browser, occasionally I find a site that hates when one uses adblock plus and prevents viewing unless it is turned off or the user pays for an "ad-free" pass. popularmechanics.com is one such website, and the nag screen remained despite the fact I was also running NoScript. What do?

As it turns out, the solution was baby simple. PopularMechanics uses a 3rd-party site to detect users running adblock, so all I had to do was add the following to /etc/hosts:

127.0.0.1 hearstapps.com

I was then able to smugly continue my research without sharing the page with hundreds of crappy ads, or being forced to pay for a pass on a website that I visit at most twice a year.

Feliz Sabado, mis amigos.

Tags: Linux, Webshit