The pre-announced OpenSSL updates purport to address 13 vulnerabilities. Two of the vulnerabilities were graded as being of High severity by the OpenSSL project. The first, CVE-2015-0291 allows client connections to engage in a denial of service attack against servers running OpenSSL. The second high severity issue was the older CVE-2015-0204 where RSA connections could be silently degraded to export quality RSA, originally OpenSSL graded this as a low security vulnerability but reclassified this as a high severity vulnerability. Continue reading
Author Archives: Aaron 'BingoBoingo' Rogier
UK Regulates Self Out of Bitcoin
Regulators in the United Kingdom have announced they will begin applying anti-money laundering rules on digital currency exchanges. The British treasury offers that the move will magically promote innovation and lessen criminal activity. This move however in reality means something other than what Reuters' press release on behalf of the Treasury supposes. Continue reading
Bitcoin Foundation Reaches Release
The Bitcoin Foundation chaired by mod6 and ben_vulpes has announced its first release milestone. The release dubbed 0.5.3.1 by the foundation consists of a set of patches applied to the original 0.5.3 Satoshi codebase and recipe for combining it all into a static Bitcoin daemon build. This release removes a substantial amount of cruft from the original 0.5.3 release including hooks for Qt and Windows builds along with the problematic alert system and universal plug and play. This release works on Linux with supported release for other platforms planned in the future. The release tarball is available here.
Journalist Barrett Brown Bears Full Restitution Brunt
After a guilty plea that when presented to the judge assigned him 63 months of time spent in a Federal prison and ordered nearly a million dollars in restitution, Barrett Brown's effort to have the restitution reduced has been denied by the United States District Court for the Northern District of Texas. Brown was ordered to pay restitution to Stratfor and others based on the full calculated damages for the crime of reporting on a crime where the actors responsible for committing the criminal act have not been found, convicted, or otherwise sanctioned. Continue reading
Largest Bitcoin Bet Resolved
The largest Bitcoin bet in terms of absolute value, where on BitBet.us Mircea Popescu laid down 1000 BTC of his own funds on the proposition that Bitcoin would outperform Warren Buffett's Berkshire Hathaway class A stock has been resolved as "No" with Bitcoin's exchange rate having suffered over the past 12 months. A year ago Mircea announced the bet on his blog Trilema and further declared that to hedge the bet he had sold Berkshire. Asked about how he felt about the bet's final outcome he offered: Continue reading
OpenSSL Severe Vulnerability to be Revealed March 19th
The OpenSSL project has announced that on March 19th they will be releasing updates to address what they are referring to as a "highest severity defect" affecting all of their supported versions. Details of the vulnerability are being kept under embargo until the patches are released, though this time the OpenSSL has had the courtesy to disclose the issue to the LibreSSL core team. Here's a snippet from the OpenSSL security policy on high security vulnerabilities: Continue reading
Coinbase Compliance Chief Resigns
The Washington Free Beacon reports that the Chief Compliance Officer of Coinbase has resigned. Chief Compliance Officer Martine Niejadlik resigned Coinbase after spending a bit more than a year with the organization. The Free Beacon notes that recently investors and regulators have been critical of Coinbase's "outreach" efforts where Coinbase has noted that Bitcoin does not respect international sanctions as well as Coinbase's failure to definitively achieve licensing in every US state it claims to operate.
Polish Bitcoin Embassy Closed
According to a post on a Polish language Bitcoin forum the Polish "Bitcoin Embassy" has closed. The operators report physical assault on at least one person affiliated with their effort along with a number of threatening communications directed at the embassy. The original announcement: Continue reading
Mystery Startup Allegedly Raises Funds
A "stealth" startup, 21 Inc. is being reported to have allegedly raised 116 million United States dollars. The founder supposes the venture will do something to trigger mainstream Bitcoin adoption. A glance at their job advertisements (archived) suggests that this might just be another cloud mining venture as they appear to be looking for an "ASIC Design Engineer" and other hardware related positions.
Windows 'Stuxnet' Patch Left Vulnerability Open
Five years after Microsoft issued a patch (archived) to "close" the vulnerability that allowed the Stuxnet virus to propagate, Microsoft today issued another patch which purports to finish closing that same vulnerability. Reportedly rather than actually resolving the vulnerability the patch issued in 2010 merely increased the difficulty threshold for exploiting the open vulnerability. Continue reading