Linux Hosting Bitcoin - ananova.com

/r/Technology

Subreddit dedicated to the news and discussions about the creation and use of technology and its surrounding issues.
[link]

/r/Technology Moderators Sub

Legacy place for announcements, queries, problems and other sub business. Please consider using the Telegram Group
[link]

What I currently use for privacy (after almost 2 years of long investing into it)

First of all, my threat model: I'm just an average person that wants to AVOID the maximum I can to be monitored and tracked by the government and big corps, a lot of people out there REALLY hate me and I've gone through lots of harassment and other stuff, I also plan to take my activism and love for freedom more seriously and to do stuff that could potentially lead me to very high danger or even put my life on the line. That being said, my main focus is on something that is privacy-friendly but also something with decent security (no point having a lot of privacy if a script kiddie can just break into it an boom, everything is gone) anonymity is also desirable but I'm pretty aware that true 100% anonymity is simply not possible and to achieve the maximum you can of it currently you'd have to give up A LOT of stuff in which I don't think I really could. So basically, everything that I said + I don't want to give up some hobbies of mine (as playing games etc)
Here's what I use/have done so far, most of it is based on privacytools.io list and research I've done.
Mobile:
Google Pixel 3a XL running GrapheneOS
Apps: Stock apps (Vanadium, Gallery, Clock, Contacts etc) + F-DROID, NewPipe, OsmAnd+, Joplin, Tutanota, K-9 Mail, Aegis Authenticator, KeePassDX, Syncthing, Signal, Librera PRO, Vinyl, Open Camera and Wireguard.
I also use BlahDNS as my private DNS.
Other smartphone stuff/habits: I use a Supershieldz Anti Spy Tempered Glass Screen Protector on my phone and I also have a Faraday Sleeve from Silent Pocket which my phone is on most of the times (I don't have smartphone addiction and would likely advice you to break free from smartphone addiction if you have it). I NEVER use bluetooth (thank god Pixel 3a have a headphone jack so yeah, no bluetooth earphones here) and always keep my Wi-Fi off if I'm not using it.
Computer:
I have a desktop that I built (specs: Asus B450M Gaming, AMD Ryzen 3 3300X, Radeon RX 580 8GB, 16GB DDR4 2666Mhz, 3TB HDD, 480GB SSD) that is dualbooted with QubesOS and Arch Linux.
Qubes is my main OS that I use as daily driver and for my tasks, I use Arch for gaming.
I've installed linux-hardened and its headers packages on my Arch + further kernel hardening using systctl and boot parameters, AppArmor as my MAC system and bubblewrap for sandboxing programs. I also spoof my MAC address and have restricted root access, I've also protected my GRUB with password (and use encrypted boot) and have enabled Microcode updates and have NTP and IPV6 disabled.
Also on Arch, I use iptables as a firewall denying all incoming traffic, and since it's my gaming PC, I don't game on the OS, instead, I use a KVM/QEMU Windows VM for gaming (search "How I Built The "Poor-Shamed" Computer" video to see what I'm talking about) I also use full disk encryption.
Software/Providers:
E-Mails: I use ProtonMail (Plus Account paid with bitcoin) and Tutanota (free account as they don't accept crypto payment yet, come on Tutanota, I've been waiting for it for 2 years already) since I have plus account on ProtonMail it allows me to use ProtonMail Bridge and use it on Claws Mail (desktop) and K-9 Mail (mobile) as for Tutanota I use both desktop and mobile app.
Some other e-mails habits of mine: I use e-mail aliases (ProtonMail plus account provides you with 5) and each alias is used for different tasks (as one for shopping, one for banking, one for accounts etc) and none of my e-mails have my real name on it or something that could be used to identify me. I also highly avoid using stuff that require e-mail/e-mail verification for usage (e-mail is such a pain in the ass tbh) I also make use of Spamgourmet for stuff like temporary e-mail (best service I found for this doing my research, dunno if it's really the best tho, heard that AnonAddy does kinda the same stuff but dunno, recommendations are welcomed)
Browsers/Search Engine: As mentioned, I use Vanadium (Graphene's stock browser) on mobile as it is the recommended browser by Graphene and the one with the best security for Android, for desktop I use a Hardened Firefox (pretty aware of Firefox's security not being that good, but it's the best browser for PC for me as Ungoogled Chromium is still not there in A LOT of things + inherent problems of Chrome as not being able to disable WebRTC unless you use an extension etc) with ghacks-user.js and uBlock Origin (hard mode), uMatrix (globally blocking first party scripts), HTTPS Everywhere (EASE Mode), Decentraleyes (set the recommended rules for both uBlock Origin and uMatrix) and Temporary Containers as addons. I also use Tor Browser (Safest Mode) on a Whonix VM on Qubes sometimes. DuckDuckGo is my to-go search engine and I use DNS over HTTPS on Firefox (BlahDNS as my provider once again)
browsing habits: I avoid JavaScript the maximum I can, if it's really needed, I just allow the scripts temporarely on uBlock Origin/uMatrix and after I'm done I just disable it. I also generally go with old.reddit.com instead of reddit.com (as JavaScript is not required to browse the old client), nitter.net for checking twitter stuff (although I rarely have something peaking my interest on Twitter) and I use invidious.snopyta.org as youtube front-end (I do however use YouTube sometimes if a video I wanna see can't be played on invidious or if I wanna watch a livestream) and html.duckduckgo.com instead of duckduckgo.com other than avoiding JavaScript most of my browsing habits are just common sense at this point I'd say, I also use privatebin (snopyta's instance) instead of pastebin. I also have multiple firefox profiles for different tasks (personal usage, shopping, banking etc)
VPN: I use Mullvad (guess you can mention it here since it's PTIO's recommended) paid with bitcoin and honestly best service available tbh. I use Mullvad's multihop implementation on Wireguard which I manually set myself as I had the time and patience to learn how.
password manager: KeePassXC on desktop and KeePassDX on my smartphone, my password database for my desktop is stored on a USB flash driver I encrypted with VeraCrypt.
some other software on desktop: LibreOffice (as a Microsoft Office substitute), GIMP (Photshop substitute), Vim (I use it for multiple purposes, mainly coding IDE and as a text editor), VLC (media player), Bisq (bitcoin exchange), Wasabi (bitcoin wallet), OBS (screen recording), Syncthing (file sync), qBitTorrent (torrent client) and Element (federated real-time communication software). I sadly couldn't find a good open-source substitute to Sony Vegas (tested many, but none was in the same level of Vegas imo, KDENLive is okay tho) so I just use it on a VM if I need it (Windows VM solely for the purpose of video editing, not the same one I use for gaming)
Other:
router: I have an Asus RT-AC68U with OpenWRT as its firmware. I also set a VPN on it.
cryptocurrency hardware wallet: I store all of my cryptocurrency (Bitcoin and Monero) on a Ledger Nano S, about 97% of my money is on crypto so a hardware wallet is a must for me.
I have lots of USB flash drivers that I use for Live ISOs and for encrypted backups. I also have a USB Data Blocker from PortaPow that I generally use if I need to charge my cellphone in public or in a hotel while on a trip (rare occasion tbh).
I have a Logitech C920e as webcam and a Blue Yeti microphone in which I never let them plugged, I only plug them if it's necessary and after I'm done I just unplug them.
I also have a Nintendo Switch Lite as a gaming console that I most of the times just use offline, I just connect to the internet if needed for a software update and then just turn the Wi-Fi off from it.
Other Habits/Things I've done:
payments: I simply AVOID using credit card, I try to always pay on cash (I live in a third-world country so thank god most of people here still depend on cash only) physically and online I try my best to either by using cryptocurrency or using gift cards/cash by mail if crypto isn't available. I usually buy crypto on Bisq as I just don't trust any KYC exchange (and neither should you) and since there aren't many people here in my area to do face to face bitcoin trade (and I'm skeptical of face to face tbh), I use the Wasabi Wallet (desktop) to coinjoin bitcoin before buying anything as this allows a bit more of privacy, I also coinjoin on Wasabi before sending my bitcoins to my hardware wallet. I also don't have a high consumerism drive so I'm not constantly wanting to buy everything that I see (which helps a lot on this criteria)
social media/accounts: as noted, aside from Signal and Element (which I don't even use that often) I just don't REALLY use any social media (tried Mastodon for a while but I was honestly felt it kinda desert there and most of its userbase from what I've seen were some people I'd just... rather don't hang with tbh) and, althoug not something necessary is something that I really advise people to as social media is literally a poison to your mind.
I also don't own any streaming service like Netflix/Amazon Prime/Spotify etc, I basically pirate series/movies/songs and that's it.
I've also deleted ALL my old accounts from social media (like Twitter etc) and old e-mails. ALL of my important and main accounts have 2FA enabled and are protected by a strong password (I use KeePass to generate a 35 character lenght password with numbers, capital letters, special symbols etc, each account uses a unique password) I also NEVER use my real name on any account and NEVER post any pictures of myself (I rarely take pictures of stuff if anything)
iot/smart devices: aside from my smartphone, I don't have any IOT/smart device as I honestly see no need for them (and most of them are WAY too expensive on third-world countries)
files: I constatly backup all of my files (each two weeks) on encrypted flash drivers, I also use BleachBit for temporary data cleaning and data/file shredding. I also use Syncthing as a substitute to stuff like Google Drive.
Future plans:
learn to self-host and self-host an e-mail/NextCloud (and maybe even a VPN)
find something like BurneHushed but FOSS (if you know any please let me know)
So, how is it? anything that I should do that I'm probably not doing?
submitted by StunningDistrust to privacytoolsIO [link] [comments]

Project Announcement: Tortuga - Sell Digital Products for Nano

I'm very excited to announce the initial release of a small payment gateway I've been building called "Tortuga". Tortuga is the simplest implementation I could come up with to let me sell a digital product, for Nano, from my website. Sort of an "Arch Linux" approach to building a payment gateway. It's a much more lightweight alternative to self-hosted payment gateways like BTCPayServer.
At the moment, Tortuga only supports Nano (via BrainBlocks), but I have plans to add support for Bitcoin Cash, Monero and Bitcoin (BTC) in the future.
Unlike some other solutions, Tortuga is stand-alone. If you can host a docker container, you can run Tortuga and sell a digital product for Nano. You don't need WooCommerce, or Shopify, or any other e-commerce solution. You can just enter the details of your product (it's easy enough, more details are on the GitHub page), launch the docker container somewhere, and you are good to go. You can share a pretty URL with people, and they can buy your file for Nano.

Why Did I Build This?

Well, I wrote a book! It took me two years and a ton of research to complete. It's called "Taxation is Slavery - The Biblical Case for Libertarian Politics".
I became a libertarian after setting out to write a masters thesis for Bible college on the ethics of taxation. When I started writing that thesis, I was more of a right-leaning conservative, but not a libertarian. Doing the research and reading the Bible in depth led me to conclude that anarcho-capitalism was the most biblical approach to politics. If that sounds interesting to you, I'd love for you check it out!
Looking into all the libertarianism stuff is a big part of what got me into crypto. In the book, I even talk about how the spread of cryptocurrency will force many Christians to re-think their interpretation of certain Bible passages.
You can download the first couple of chapters for free, or buy the whole thing at my website. It's $10 USD via Gumroad or Amazon, but if you use the "Pay with Nano" button, then you can get it for just $7 USD. Plus you get to test out the Tortuga payment gateway in the process ;) If you do bump into any bugs or issues, feel free to comment here or send me a DM and I'll try to get you sorted.
Get the book here: https://beingbiblical.com/books/taxation-is-slavery

Why not use some other solution?

I desperately wanted to be able to sell my book for crypto, but I struggled to find a really good way to do it. I looked at a few custodial solutions, like Globee and CoinGate, but they left a lot to be desired. I looked at several Nano paywall solutions. Some of them were okay. I liked nanowall.link a lot. But that solution only let me redirect a buyer to a URL. I wanted a way that a buyer could pay once and then get a download link that gave them a maximum number of chances to download the file. That way, even if they share the link on a public forum somewhere, only a few people can get the download for free before it expires.
In the end, I decided it was easier to build my own streamlined solution. That solution is Tortuga.
You can learn more about it on the GitHub page (https://github.com/unyieldinggrace/tortuga).
submitted by fatalglory to nanocurrency [link] [comments]

Sobre Tibia, gold farmers y un caso de ayuda y éxito PT2. Son muy buenos consejos de cómo comenzar a programar profesionalmente

Una vez más, reconocimiento al autor original de los post International-Unit-8
Hello,

I have gotten so many replies and messages since my last post in this thread, that I can't answer them all individually. Previous topic:

https://www.reddit.com/TibiaMMO/comments/h8tu5u/a_great_tip_for_brazilians_venezuelans_and_othe

It has been shared on multiple subreddits so I have no idea where to even post this. But I'd like to come up with a follow-up thread with some more information. The internet is the most powerful tool that mankind has ever invented. You have the ability to reach thousands, millions and even billions of people with just a computer and some internet access.

If you're on this subreddit, chances are you're already playing Tibia and you already have a computer and internet access. It doesn't need to be the best internet, but as long as websites will load (eventually) you are good to go.

In this topic I will go more in-depth on web development and software engineering. If you have a very slow internet connection, you may want to look into web development instead of software development. An application/software is much heavier (larger file size) than a website. And most developer jobs require that you send and download files, back and forth, between you and your company's server. So if you feel like your internet is too slow to send a lot of files - do not worry! There are plenty of jobs.

First, I will go through some more details on how to learn web development and software development. After that, I will list a few other kinds of jobs that you can do remotely. These types of jobs can be done from anywhere in the world as long as you have internet access.



Part 1: Some languages you should learn

What is web development? Well, it can be a lot of things. You perhaps make websites for shops/restaurants/hair dressers/dentists, or you work for a big company and work on their web application, like Outlook, Discord or Spotify (which can all be accessed via a browser: their web app). You can also work with design and user experience, instead of programming. Being a web developer can mean so many different things, it's impossible to name them all. But most web developers are just developers: they program. They make websites, and they either sell the websites to companies (as a consultant) or you work full/part-time for a company.

I can not provide in-depth information about every single thing, but I can give you some pointers. The very basics any web developer should know is this:

HTML (HyperText Markup Language) - it's what almost all websites use as a foundation. This is not a programming language, but it is a markup language. If you want to build websites, you pretty much have to know this language. Don't worry though, it is easy. Not so much to learn. You can learn all about it in a few weeks.

CSS (Cascading Style Sheets) - it's what will add colors and shapes to your website. If you want to focus more on design (also known as front end development) then this is where you want to gain a lot of knowledge.

Python - A very simple language to learn. This language is very often the first programming language that developers start using. You can use it for a lot of things. This language is used in the back of a lot of websites. Google has been using Python for years and still is. It's great for web scraping and making web requests. If you want a language to practice your algorithms, then this language is awesome.

PHP - This used to be a very popular language, but not so much these days. However, it is very good to know how this works because it's very simple to learn and also very functional in some cases. If you want to transmit or withdraw information from a database to your website, then this (in combination with SQL) is a great way to do so. Whenever you make a login system or a contact form, the data must be sent somehow to a recipient or a database. PHP will help you do that. It is a server-side language, which means it will run in the back of the website.

SQL - To be able to communicate with databases (for example: save data, update data, or insert data) you can use different languages for that. But SQL is probably the most widely used language for this. It is basically just a bunch of commands that you tell your website or app to do. If you have a web shop for example, you will need a database to store all your product information in. You can for example use MySQL as your database and then use the SQL language to extract data from your database and publish it as a list of products on your website.

JavaScript - Perhaps the most powerful language at the moment. Anyone who is good at JavaScript will be able to learn most other modern programming languages. In recent years, the demand for good JavaScript developers has skyrocketed. It's because more applications are becoming web based, and JavaScript is probably among the most useful languages to use. You can use it for so many things. Previously JavaScript was only being run on the client side of the website (that means in the user's browser). But in recent years, there has been massive development of this language and you are now able to build servers, connect to databases and do very powerful web applications using just this language. A great tutorial for JavaScript was made by Tony Alicea: https://www.youtube.com/watch?v=Bv_5Zv5c-Ts This video is "just" 3.5 hours, but it's the intro. There is a much longer version of it, and you can download it for free if you search for it. Just find it as a torrent and watch it. It's probably the best tutorial I have seen for JavaScript.

C# - It's pronounced as "C Sharp". This language has been dominating the software engineering market for decades at this point. Everyone loves it. It's relatively easy to learn and you can build a lot of stuff in C#. It's very much like JavaScript, but focuses more on application development rather than website development. I would however try to avoid learning this language if you have very slow internet, since you will most likely be sending a ton of files back and forth. But if application (computer & phone) is your thing, then this language is great. There are so many tutorials on this, but there is 1 channel on YouTube which teaches a lot of the basics in C# (and many other languages) and that channel is called ProgrammingKnowledge. Sure, his C# videos may be old now but most of it is still relevant and useful. You will learn a lot by watching his videos. It's always good to start from the beginning and then when you're familiar with that, you can learn more about the recent updates in C#. https://www.youtube.com/watch?v=V2A8tcb_YyY&list=PLS1QulWo1RIZrmdggzEKbhnfvCMHtT-sA

Java - This is pretty much 90% identical to C# as I wrote above. Widely used, relatively easy to learn the basics and there's plenty of jobs. If you like making android apps, this language is for you.



Part 2: Technologies and useful tools

To become a web developer you will need a few tools. You need a text editor, a FTP client, a SSH client and some other things. Also a good browser.

Text editor: Visual Studio Code, Atom, Sublime Text, Brackets - There are many different text editors but at the moment, I highly recommend Visual Studio Code. It has so many built-in features it's honestly the only thing you may need.Don't forget to install Notepad++ as well - this very basic editor is so handy when you just quickly need to edit some files.

File archiving: WinRar, 7-Zip - You need some way of archiving projects and send it to your customer or employer. These are basic tools anyone should use. I personally use Winrar.

FTP (File Transfer Protocol): FileZilla - This tool will allow you to connect to your website's file manager and upload your files to it. There are many tools for connecting to an FTP server but this is the most popular one, it's simple and it works great.

VPS (Virtual Private Server): Amazon Web Services, Google Cloud - If you want to practice building web applications or want to host your own website as a fun project, it's great to use a VPS for that. Both Amazon and Google offers 365 days of free VPS usage. All you need is a credit card. However, they will not charge you, as long as you stay below the free tier limit. A VPS is basically a remote computer that you can connect to. I highly recommend that, if you have a slow internet connection. Those VPS-servers (by Amazon and Google) usually have 500mbit/s internet speed, which is faster than most countries in the world. You simply connect to them via Remote Desktop, or by SSH. Depending on what type of server you are using (Windows or Linux).

SSH (Secure Shell): Solar-PuTTY, PuTTY - If you for example have a web server where you store applications and files, a great way to connect to it is by using SSH. PuTTY is pretty much the standard when it comes to SSH clients. But I really love the version created by SolarWinds. When you download that one, do not enter your personal details. Their sales people will call you and haunt you! Haha.

File Searching: Agent Ransack - When you have many files and try to locate a specific document or file, you may want to use something like Agent Ransack. Much faster than the traditional search feature in Windows and it is much more accurate.

IDE / Code Editor: Visual Studio - Great tool to use when you want to create applications in C# for example. Do not confuse this with Visual Studio Code. These are two very different tools. This tool (Visual Studio) is more designed for Windows applications. Not just websites. I only recommend getting it if you plan to make programs for Windows.

Web host & domain: NameCheap, Epik, SiteGround - If you develop websites on your own, or maybe want to create a portfolio website, you will need a domain name and web hosting. I have personally used all of these 3 and they are very cheap. NameCheap has some of the cheapest domains and great web hosting for a low price. Their support is also great. Same with SiteGround. And if you want to buy a domain anonymously (with Bitcoin for example), then you can use Epik. Low prices and great customer service on all these 3 websites.

Web Server: XAMPP, Nginx - If you plan to practice PHP, you will need to have a web server on your local computer. If you have Windows, I would highly recommend installing XAMPP (Apache). It is very easy to use for beginners. If you're on Linux, I would recommend Nginx. Also check our PhpMyAdmin if you want to quickly setup a MySQL database locally.Bonus tip: If you use Visual Studio Code to create websites in HTML, CSS and JavaScript: then install the extension "live server" and you can run your applications on a live server without setting it up yourself. Tutorial: https://www.youtube.com/watch?v=WzE0yqwbdgU

Web Browser: Mozilla Firefox, Microsoft Edge Insider, Google Chrome - You need one of the latest web browsers to create websites these days. Since I prefer privacy over functionality, I've always loved Firefox. But recently, Microsoft has been improving its new version of Edge a lot (based on Chromium) and it's also very popular. If you want all your personal details to be saved and have good tools for web development, then use Google Chrome. Don't forget to utilize the built-in developer tools. You can access it in any of these browsers by pressing F12.



Other things you may want to look into:

Web services, SSL certificates, Search Engine Optimization, Databases, API, Algorithms, Data Structures



Part 3: Learning platforms

https://www.youtube.com/

https://www.w3schools.com/

https://leetcode.com/

https://stackoverflow.com/



If you want to learn in-depth about algorithms, data structures and more. Then you can take a look at the curriculum of the top-tier universities of USA. Such as: UC Berkeley, Harvard and MIT. These courses are very hard and are specifically for people who want to become experts in software engineering. You can enroll some of them for free, like the one on Harvard. And by having a such diploma (which costs $90 extra) can get you a lot of job opportunities. You can enroll those courses if you want, but it can have a fee. But just take a look at what they are studying and try do their exercises, that is 100% free. Get the knowledge. It's mostly on video too! These course below are the very same courses that many of the engineers at Facebook, Google, Amazon, Apple, Netflix, Uber, AirBnb, Twitter, LinkedIn, Microsoft, etc. has taken. It's what majority of people in Silicon Valley studied. And it's among the best classes that you can take. These course are held by some of the world's best professors in IT.



UC Berkeley: CS 61a & CS 61b:

https://inst.eecs.berkeley.edu/~cs61a/fa19/

Video playlist here: https://www.youtube.com/watch?v=0_LryzvBxFw&list=PL6BsET-8jgYVAaK0jGVTWr9R5g7kSMQ8i

https://inst.eecs.berkeley.edu/~cs61b/fa19/

Videos: https://www.youtube.com/channel/UCNBSbBTFx8nFahcQyZOYOgQ



Harvard University: CS50 (free enrollment --- 90$ to get a certificate).

https://online-learning.harvard.edu/course/cs50-introduction-computer-science



MIT (Massachusetts Institute of Technology): 6.006

https://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-006-introduction-to-algorithms-fall-2011/

Held by Erik Demaine. One of the best - if not THE best - professor at MIT. Just look at this resume. It's almost 50 pages long! https://erikdemaine.org/cv.pdf



Part 4: Finding jobs

https://www.linkedin.com/

https://marketing.hackerrank.com/

https://www.glassdoor.com/index.htm

Facebook groups for web developers, freelancing, remote work, etc.

Portfolio / Code Sharing / Source Control:

https://github.com/



Part 5: Other types of jobs you can work with (remotely) - with/without coding experience

SEO (Search Engine Optimization)

Translations (Spanish/Portuguese, etc.)

Affiliate Marketing (look into Clickbank.com - and use Facebook Ads to promote products)

Design (web design, photo design, etc.)

Copywriting (write sales letters for companies)

Database manager (monitor and administrate a company's database)

YouTube - make YouTube videos to gain views. Views = Money.

Dropshipping (use Shopify.com for example) and sell products in a webshop. Benefit with dropshipping is that you don't personally store the products.

Customer support

more...? Banking, economics, etc.



You can find information about all of the things I have mentioned by using YouTube or Google search.

Hope it helps.



And I hope that in 1 year, there will be at least some new web developers in Brazil, Venezuela and other countries in South America.
submitted by jesuskater to memezuela [link] [comments]

A slightly overboard response to my threat model.

For what I hope are obvious reasons, I don't want, and probably will never post my threat model publicly online. However, regardless of that, what I'm sure you will extrapolate from this post is that I live my life, digitally in particular, with a fairly high level threat model. This is not because I'm some super sophisticated criminal mastermind, but rather, I am at this level because I genuinely love playing around with this stuff. And I just happen to understand the importance of privacy and just how vital it is to a truly healthy society. I would like to extend a thanks to ProgressiveArchitect for the sharing of the knowledge they have done on this subreddit, /privacytoolsio, and the like. We may have never interacted, but nevertheless, your input into this community is truly interesting and extremely informative and educating. I'm sure those of you familiar with PA's setup will be able to draw some parallels with mine and their's.
Thank you.
I hope you all enjoy reading this write up.
I run Qubes OS on a Lenovo ThinkPad X230 laptop. Specs for it are as following: - i7-3520M - 16GB RAM - 1TB Samsung 860 Evo SSD - Qualcomm Atheros AR9285 wireless card
Additionally, I used a Raspberry Pi Model 3B+ and a Pomono SPI clip to replace the stock BIOS firmware with coreboot+me_cleaner. This wasn't done out of any "real" concern for the Intel ME (though of course proprietary black-boxes like it should be avoided at all costs and not trusted), but rather for open source enthusiasm and for increased security and faster boot times than what the stock BIOS firmware allows for. On that note about the ME, I don't believe the conspiracy theories that claim that it is a state-sponsored attack method for surveillance. I believe that Intel had good intentions for improving the lives of IT professionals who need to manage hundreds, if not thousands of remote machines. However, it has proven time and time again to be insecure, and I don't need the remote management and the "features" that it provides on my machines.
In Qubes, I use a combination of AppVMs and StandaloneVMs for a variety of different purposes. All VMs use PVH over HVM, except for the Mirage Unikernel Firewall, which uses PV, and the sys-net and sys-usb StandaloneVMs which have to use HVM because of PCI device passthrough. Right now most of my VMs are AppVMs, but for maintenance and compartmentalization reasons, I am considering moving more towards StandaloneVMs, despite the increase in disk space and bandwidth usage for updates.
General route of from Qubes to the Internet for anonymous browsing, general private browsing, accessing Uni services, and Uni-related anonymous browsing respectively: 1. Qubes->sys-mirage-firewall->sys-vpn-wg->sys-corridor->sys-whonix->whonix-ws-15-dvm to the internet. 2. Qubes->sys-mirage-firewall->sys-vpn-wg to the Internet. 3. Qubes->sys-mirage-firewall->uni-vpn-wg to the Internet. 4. Qubes->sys-mirage-firewall->uni-vpn-wg->uni-corridor->uni-whonix->uni-anon-research to the Internet.

(Note: the VPN name is substituted in the "vpn" above. I had to remove it to comply with this subreddit's rules. It is easy to identify what VPN it is as it randomly generates a long numaric string and has fantastic support for WireGuard.)

Web Browsers: - Tor Browser (primary) in a disposable Whonix VM. - Firefox (secondary) with the about:config changes listed on privacytools.io and the following extensions: Cookies AutoDelete, Decentraleyes, HTTPS Everywhere, uBlock Origin (advance user, all third party content blocked and JavaScript disabled), and Vim Vixen. Used in my personal AppVM. - Ungoogled Chromium (Uni only) with standard uBlock Origin and cVim. Used only for Uni-related access in my uni-campus and uni-home AppVMs.
Search Engine: SearX, Startpage, and DuckDuckGo.
Password Manager: KeePassXC.
Office: LibreOffice.
Notes: Standard Notes.
Messaging: Signal Desktop.
Media Playback: mpv.
Emails: I access my personal email within my personal Qubes domain and my Uni email using my Uni Qubes domains. My emails are downloaded to a local repository using isync, send using msmtp, and read using neomutt with html emails converted to plain text using w3m. Emails are sent in plain text too. All of the attachments in the emails (PDFs mostly) are automatically opened in DisposableVMs.
My personal Posteo email account has incoming encryption setup. This means that I emailed my public GPG key to an address correlated to my actual Posteo email address so that all email that I receive is encrypted with my public key and can only be decrypted using my private key. So even if my emails were intercepted and/or my account broken into, the contents of them are safe since they are encrypted as soon as they hit Posteo's servers.
I have setup a number of Posteo aliases that are completely segregated from the email I used to register my account. One of those is considered my "professional" email for my current job. I have another couple aliases, one dedicated for 33mail and another dedicated for Abine Blur. I make use of 33mail alias addresses for catch-all email addresses for registering for accounts that need to be under a username associated with my name anyways. This is for purposes like putting different compartmentalized, but still related emails to put onto my Resume. I use a different alias for each Resume I put out online. That way, when that information gets sold, traded, etc., I can easily trace it back to who sold the information. For example, if I applied for a job online that required me to go through the process of registering an account through a third-party, say 'xyz Inc', the address I would register that account with would be [email protected], or something along those lines. Abine Blur is used much in the same manner but for accounts that don't need to be associated with my real name in any way, say online shopping on Amazon that I do under an many aliases, then ship to various address that I don't live at, but that I can visit with no problems. I use a different Blur address with each service like with 33mail for the same reasoning shown above.
The passwords for the accounts are encrypted and stored locally in each of the domains, however, my private key is stored in my vault domain, so even if an adversary were to compromise the domains, they wouldn't be able to steal my private key without exploiting the hypervisor. They would only be able to wait for me to authorize the usage of my private key in that domain, and even then, it could only be used to decrypt files. That is a concern that they can use my private key to decrypt messages, but they wouldn't be able to steal the key. With my personal email, the emails would also be encrypted locally anyway so they wouldn't be able to read them. My Uni email, in contrast, uses Outlook unfortunately, so there isn't any option to enable incoming encryption, and even if it was, I'm not sure how private it would be anyways.
For those looking for an in depth list of all my VMs, with explanations for the more obscure ones, I have listed them below. I have got a lot of templates, hence why I am considering moving over to StandaloneVMs, but as of right now:

Templates:

StandaloneVMs:

AppVMs:

Phone: Motorola Moto G5s running Lineage OS 16.0 Pie no G-Apps or micro-G with the following Apps: - AdAway: Open Source hosts file-based ad blocker. (Requires root.) - AFWall+: Linux iptables front end. (Requires root.) - Amaze: File manager. - andOPT: 2FA app. I like it since it can export the entries to an AES encrypted file. - AntennaPod: Podcast manager. - AnySoftKeyboard - Simple Calendar - Simple Contacts Pro - DAVx5: CalDav syncronization with my calendar on my Posteo email account. - F-Droid - Fennec F-Droid: Web Browser. Has the same Firefox addons like on Qubes minus Vim Vixen. I used the app Privacy Settings to configure the about:config. - KeePassDX: Password manager. - KISS launcher - Magisk Manager - NewPipe: YouTube app replacement. - S.Notes: Standard Notes. - OsmAnd~: Maps and navigation. - Red Moon: Blue light filter. - SELinuxModeChanger: Exactly as it sounds. (Requires root.) - Shelter: Work profile manager. - Signal: Messaging. - Vinyl Music Player: Music player. - WireGuard: VPN protocol frontend. Is configured to use my VPN account. Is setup as an always-on and connected VPN.
As mentioned, I use Shelter to manage my work profile. In it I isolate the following apps: - Clover: *chan browser. - Orbot: For routing apps through Tor. Is setup as an always-on and connected VPN. - RedReader: Reddit client. - Tor Browser
Over the last several years, I have started using my phone less and less and taking advantage of less of what it has got to offer. I don't check email on my device. I have no real need to browse the Internet on it outside of watching videos using NewPipe, browsing Reddit, and various *chan boards.
On the Smart Phone side of things, I am considering purchasing an older used iPhone SE or 6S for use with MySudo when outside of my home as well as an iPod Touch for use on WiFi only for use inside my home. The iPhone would be kept inside of a faraday bag when I am at home and not using it. It would also be kept in the faraday bag whenever at home to avoid associating that device with my home address. The iPod Touch would be used for MySudo calls instead.
Future outlook and plan for my privacy and security:
To avoid as much deanonymisation of my privacy as possible, I'm only going to specify enough so that anyone reading this can get the jist of my situation in life. I am quite young (age 16 to 25) and I started along this privacy journey when I was even younger. I was never a very heavy social media user, however I did have an online presence if you looked hard enough. My name fortunately is a very common and short name, so that does help to bury information that I was not able to remove further in the vast trenches that is the Internet.
On the digital side of things, I mentioned that I have a dedicated Crypto AppVM for handling crypto currency transactions using Bisq. I have setup a dedicated bank account that I have periodically been transferring money into so that I can trade crypto. Unfortunately, I do not live in the US, so being able to effectively start trades with others is more difficult. I also do not have access to a credit card masking account like privacy.com (that I absolutely would use given the ability). I plan on getting an anonymous VPS to host my own Tor exit node for better speeds and to mitigate the possibility of malicious exit nodes. The country I live in has been a proponent of absolute dragnet surveillance on all activities occurring online and in real life, though the former is far more visible on this subreddit. I will be using crypto with cleaned Bitcoin (as seen with ProgressiveArchitect's setup) for purchasing my VPN service, etc.
With future hardware, to replace my aging laptop, I am very hopeful for Xen, then eventually Qubes OS getting ported to Power9. When that happens I'll be getting a Raptor Computing Blackbird as a desktop. Maybe in the future I'll get a Purism Librem laptop, but for now my corebooted X230 works perfectly for my use cases. On that note, I have successfully build the Heads firmware for the X230 and I was able to get the minimal 4MB image flashed on my laptop. I did revert it back to my coreboot setup after playing around a little with it, and unfortunately I haven't had time since to do a full, complete flash of it.
On the physical/real life side of things, I plan on making use of various Trusts in order to hold assets, say to keep my name from being immediately visible on the title of my car. As of right now I am fortunate enough to have the title of my car under the name of someone who I trust. Unless I am legally required, and where there are immediate and absolute consequences, I use fake names in real life. With Uni, I am enrolled under my real name and address. This is a requirement and it is verified, so there is nothing that I can realistically do about it. As for other services, I plan on setting up a personal mailbox (PMB), etc if possible to use as a real, physical address that is associated with my real name and that is used for things like Government issued ID. In the future when I move again, I plan on renting a place in cash to try and keep my name dissociated with my real address. For those looking for reasoning on why one would want to do that, please read How to be Invisible by J.J. Luna. It's truly the Bible of physical privacy.
At this stage I am just going off on a ramble, so I should cut it short here.
I have just started and I live for this shit.
submitted by ComprehensiveAddict to privacy [link] [comments]

AMA/Tutorial: Run a full node on AWS free tier with local LAN storage

AMA/Tutorial: Run a full node on AWS free tier with local LAN storage
This is a tutorial/AMA on how you can be running a full node, in the AWS cloud, for very low cost or even free.
I used to run a node on my local network but there is a problem with this; your public IP is broadcast, and then it gets associated with Bitcoin. Node owners are likely to own Bitcoin, and this raises your personal threat profile, validated against my IDS/IPS logs.
Run a VPN? Many VPNs are automatically blocked, or sketchy. Tor is also blocked on a large portion of the internet. Neither provide you with a real static IP, and that helps out the network.
There is a easy solution to this; run a node on the AWS free tier, and use an elastic IP so you have a static address. Bandwidth is free in, and low cost out, and you can control how much of that you use easily, and control your spent. The problem is that Amazon charges a LOT for online storage and even with a 1MB blocksize, the blockchain is very large and growing steadily! We mitigate this by using a VPN back to your network, where you can store the blockchain on a SMB share.
It is not complicated to do, but there are very many moving pieces to keep track of and configure. In order to fully trust your node, the best way is to build it from scratch. This is my goal in walking you through the process.
There are lots of ways to accomplish this same task; I only want to present one that works, and you can go from there. Once you have access to the blockchain in the cloud for reasonable prices, you can also look at things like the Lightning Network.
This article makes four major assumptions:

  1. That you have a OpenVPN server on your network and know how to configure it. I use pfSense and OpenVPN; others will work just as well, but you'll need to do a little work to figure out the particulars. If you don't know how, do not fret! There are loads of good tutorials for just about every platform. Or ask below. I also limited the user with access to the share at the firewall specifically to the IP hosting the share to lower the threat envelope.
  2. That you have the blockchain downloaded locally and reasonably up to date. If you don't, head on over to bitcoin.org and download it for OSX or Windows or Linux, whatever you use for your workstation. Follow the directions to set up the software and download/synchronize it to the network. This will take awhile! Once you've synchronized, copy the data directory to your SMB share you want the AWS instance to access. You could also synchronize everything directly on AWS too, but it will likely take longer and may cost a bit for the bandwidth.
  3. That you're on windows. OSX and Linux will have slightly different processes to connect to the instance via the terminal and SSH. If you need help, ask, and I am sure we can get you fixed up.
  4. That you've read the excellent bitcoin.org full node tutorial here: https://bitcoin.org/en/full-node

With that, on with the show!
First: Head on over to https://aws.amazon.com/ and make yourself an account.
Once you've set up you'll need to start the process of creating a virtual machine on AWS. Look for this graphic and click on it:

Start by launching a new machine

Follow the rabbit hole, and you'll be looking to create a plain jane Amazon AMI Linux instance. It looks like this:

Pick the basic AMI instance
Keep in mind you want to pick the x86 version, which is the default.

Continue clicking, you'll want to select the t2.micro instance that is eligible for the free tier for new accounts.

Pick the free tier. You can also upgrade to the smaller tier for more ram, but the micro works for now.
Now, you're going to need a way to connect to your soon-to-be-created node in the cloud. Amazon uses SSH keys to do this, so the next step means you're going to make some. You need to save this file, as if you lose it, you won't be able to access your node anymore. Much like your wallet private keys!

Beware losing your keys!

If you've made it this far, you're almost launched!
Now we need to convert the key to a format that we can use to connect to the instance from Windows. I recommend using Putty! https://www.putty.org/ if you don't have it already; if you're on OSX or Linux, you likely have what you need already.
Follow the guide here to get connected: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/putty.html

Next you'll need to set up a opening in the firewall if you want incoming connections. This is done by adding to the security group in the "Network and Security" section; edit it to look like this:

Change the inbound security rules for the instance to accept incoming connections on 8333.

The hard part is over!
Optional: Configuring a static IP. Amazon calls their implementation "elastic" IPs, but it's really a static IP that you can move around between instances very easily. It will ensure your public address on AWS does not change; it isn't required, but it is better if you intend on allowing outgoing connections.
Go back to the main dashboard display.
In "Network and Security", click on "Elastic IPs".
Select Allocate New Address (blue button on top) and then select it in the table. In actions, you will see "Associate Address". Select this then assign the address to the instance you have previously configured. Done!

Next up: Log into your machine, and immediately update everything. Use the IP provided by Amazon, or the Elastic IP if you assigned one to the instance in the last step.
type: "sudo yum update"

Now, let's get the VPN configured.
First step is to install OpenVPN. We need to install the extended package library to do this.
type: "sudo amazon-linux-extras install epel"
type: "sudo yum-config-manager --enable epel"
Now you can install OpenVPN.
type: "sudo yum install openvpn"
You will need your credential file from OpenVPN; it's a file you generate that will have a .ovpn extension. But you're going to need to upload it to the instance. You can do this through the scp command on OSX or Linux, but if you're on Windows, you'll need another utility. Get WinSCP here: https://winscp.net/eng/download.php
But we'll have to tell it where your key file is so you can login. Select "New Session", then use the same IP and username as you did to connect before. We'll need to tell it about the key file though! Select the "Advanced" tab then under the SSH section, click on "Authentication" and then select your private key file you generated in the tutorial above.
Connect and upload the .ovpn file that you generated when you added a user for the VPN. This step depends on your OpenVPN configuration - ask below if you have problems.
Next, let's verify we can connect to the VPN!
type: "openvpn --config my-configuration-file-made-by-openvpn.ovpn &"
You will be prompted for a password if you configured one.
Verify operation by pinging your LAN router, e.g.
type: "ping 192.168.2.1" or the address of the SMB server where you shared the information.

Allllrighty! Next up is getting connected to your blockchain. Create a directory where the data directory will be mounted.
type: "mkdir blockchain"
We need to install samba and some utilities to get things mounted.
type: "sudo yum install samba"
type: "sudo yum install cifs-utils"

Now let's mount the folder:
type: "sudo mount -t cifs //192.168.2.100/Bitcoin ./blockchain -o user=bitcoin,vers=2.0,uid=ec2-user,gid=ec2 user,file_mode=0777,dir_mode=0777"
Where " //192.168.2.100/Bitcoin" is the address of the SMB server and share where you put the data directory from your initial sync. If you didn't, and just want to sync everything from AWS, then make sure it's a folder where your user has access. In this case, I'm assuming you've made a SMB user with the name "Bitcoin". The command will prompt you for the password to access the share. The other bits ensure you can have read and write access to the share once it's mounted in AWS.

Now we're ready for some Bitcoin! Props to the tutorial here: https://hackernoon.com/a-complete-beginners-guide-to-installing-a-bitcoin-full-node-on-linux-2018-edition-cb8e384479ea
But I'll summarize for you:
Download and then re-upload with WinSCP, or download directly to your instance with wget, the most current Bitcoin core. In this case, it's bitcoin-0.18.0-i686-pc-linux-gnu.tar.gz downloaded from https://bitcoin.org/en/bitcoin-core/.
Let's verify it hasn't been tampered with once you have it uploaded to the terminal:
type: "sha256sum bitcoin-0.18.0-i686-pc-linux-gnu.tar.gz"
Then compare that with the hash value that's listed in the SHA256SUMS.asc file on bitcoin.org. In this case, "36ce9ffb375f6ee280df5a86e61038e3c475ab9dee34f6f89ea82b65a264183b" all matches up, so we know nobody has done anything evil or nefarious to the file.
Unzip the file:
type: "tar zxvf bitcoin-0.18.0-i686-pc-linux-gnu.tar.gz"
There is a warning about a symbolic link; everything seems to work OK regardless, but if anyone knows what or how to fix, please comment.
We'll need to get some missing libraries before we can run it; these aren't in the basic AMI instance.
type: "sudo yum install glibc.i686"
type: "yum install libgcc_s.so.1"

FINALLY! We are ready to launch the program. Go to the "bin" directory inside where you unzipped the Bitcoin Core tarball. (e.g. /home/ec2-useblockchain/bitcoin-0.18.0/bin)
./bitcoind -datadir=/home/ec2-useblockchain/data
You will see the program either start to sync and download, or start to read the existing blockchain file that you put in the share from before.

Congrats!

There are a couple extra steps to have it automatically start on reboot, but let's see if anyone gets this far first. I use the "screen" program to do this, but there's also a daemon mode, and some other functionality that is discussed in the hackernoon tutorial.
The primary cost will be outgoing bandwidth. AWS charges $0.10/GB beyond 15GB; You can limit the outgoing bandwidth easily according to your budget: https://bitcoin.org/en/full-node#reduce-traffic

Hope this encourages people to try running a free, or very low cost, cloud node, with a substantially reduced threat profile.
submitted by xtal_00 to Bitcoin [link] [comments]

The importance of being mindful of security at all times - nearly everyone is one breach away from total disaster

This is a long one - TL;DR at the end!

If you haven't heard yet: BlankMediaGames, makers of Town of Salem, have been breached which resulted in almost 8 million accounts being leaked. For most people, the first reaction is "lol so what it's just a game, why should I really care?" and that is the wrong way to look at it. I'd like to explain why everyone should always care whenever they are part of a breach. I'd also like to talk about some ways game developers - whether they work solo or on a team - can take easy steps to help protect themselves and their customers/players.
First I'd like to state that there is no practical way to achieve 100% solid security to guarantee you'll never be breached or part of a breach. The goal here will be to get as close as possible, or comfortable, so that you can rest easy knowing you can deal with problems when they occur (not if, when).

Why You Should Care About Breaches

The sad reality is most people re-use the same password everywhere. Your email account, your bank account, your steam account, your reddit account, random forums and game websites - you get the idea. If you haven't pieced it together yet the implication is that if anyone gets your one password you use everywhere, it's game over for you - they now own all of your accounts (whether or not they know it yet). Keep in mind that your email account is basically the holy grail of passwords to have. Most websites handle password changes/resets through your email; thus anyone who can login to your email account can get access to pretty much any of your accounts anywhere. Game over, you lose.

But wait, why would anyone want to use my password? I'm nobody!

It doesn't matter, the bad guys sell this information to other bad guys. Bots are used to make as much use of these passwords as possible. If they can get into your bank they might try money transfers. If they get into your Amazon account they might spin up $80,000 worth of servers to mine Bitcoin (or whatever coin is popular at the time). They don't care who you are; it's all automated.
By the way, according to this post (which looks believable enough to be real) this is pretty much how they got into the BMG servers initially. They checked for usernames/emails of admins on the BMG website(s) in previous breach dumps (of which there are many) and found at least one that used the same password on other sites - for their admin account!
If you want to see how many of your accounts are already breached check out Have I Been Pwned - I recommend registering all of your email addresses as well so you get notified of future breaches. This is how I found out about the Town of Salem breach, myself.

How You Can Protect Yourself

Before I go into all the steps you can (and should) take to protect yourself I should note that security is in a constant tug of war with convenience. What this means is that the more security measures you apply the more inconvenienced you become for many tasks. It's up to you to decide how much is too much either way.
First of all I strongly recommend registering your email(s) on https://haveibeenpwned.com/ - this is especially important if your email address is associated to important things like AWS, Steam developer account, bank accounts, social media, etc. You want to know ASAP when an account of yours is compromised so you can take steps to prevent or undo damage. Note that the bad guys have a head start on this!

Passwords

You probably need to have better password hygiene. If you don't already, you need to make sure every account you have uses a different, unique, secure password. You should change these passwords at least once a year. Depending on how many accounts you have and how good your memory is, this is your first big security vs convenience trade-off battle. That's easily solved, though, by using a password manager. You can find a list of password managers on Wikipedia here or you can search around for some comparison articles.
Some notable choices to consider:
Regardless of which one you choose, any of them is 100x better than not using one at all.

Multi-Factor Authentication / Two-Factor Authentication (aka MFA / 2FA)

The problem with all these passwords is that someone can still use them if they are found in a breach. Your passwords are only as strong as the website you use them on. In the case of the BMG breach mentioned above - all passwords were stored in an ancient format which has been insecure for years. It's likely that every single password in the breach can be reversed/cracked, or already have been. The next step you need to take is to make it harder for someone else to login with your password. This is done using Multi-Factor Authentication (or Two-Factor Authentication).
Unfortunately not every website/service supports MFA/2FA, but you should still use it on every single one that does support it. You can check which sites support MFA/2FA here or dig around in account options on any particular site. You should setup MFA/2FA on your email account ASAP! If it's not supported, you need to switch to a provider that does support it. This is more important than your bank account! All of the big email providers support it: GMail, Outlook.com, Yahoo Mail, etc.
The type of MFA/2FA you use depends on what is supported by each site/service, but there is a common approach that is compatible on many of them. Most of them involve phone apps because a phone is the most common and convenient "thing you have" that bad guys (or anyone, really) can't access easily. Time-based One-time Password or TOTP is probably the most commonly used method because it's easy to implement and can be used with many different apps. Google Authenticator was the first popular one, but it has some limitations which continue the security vs convenience battle - namely that getting a new phone is a super huge chore (no backup/restore option - you have to disable and setup each site all over again). Many alternatives support cloud backup which is really convenient, though obviously less secure by some measure.
Notable choices to consider:
Some sites/services use their own app, like Blizzard (battle.net) and Steam, and don't allow you to use other ones. You will probably have a few apps on your phone when all your accounts are setup, but it's worth it. You'll definitely want to enable it on your password manager as well if you chose a cloud-based one.
Don't forget to save backup codes in an actual secure location! If you lose your backup codes and your auth app/physical key you will be locked out of accounts. It's really not fun recovering in that situation. Most recommendations are to print them and put in a fireproof safe, but using some other secure encrypted storage is fine.
There is such a thing as bad MFA/2FA! However, anything is at least better than nothing. A lot of places still use SMS (text messaging) or e-mail for their MFA/2FA implementation. The e-mail one has the most obvious flaw: If someone gets into your email account they have defeated that security measure. The SMS flaws are less obvious and much less likely to affect you, but still a risk: SMS is trivial to intercept (capture data over the air (literally), clone your SIM card data, and some other methods). Still, if you're not a person of interest already, it's still better than nothing.

What Does This Have To Do With GameDev?

Yeah, I do know which subreddit I'm posting in! Here's the section that gets more into things specific to game development (or software development in general).

Secure Your Code

Securing your code actually has multiple meanings here: Securing access to your code, and ensuring your code itself is secure against exploitation. Let's start with access since that's the easier topic to cover!
If you're not already using some form of Source Control Management (SCM) you really need to get on board! I'm not going to go in depth on that as it's a whole other topic to itself, but I'll assume you are using Git or Mercurial (hg) already and hosting it on one of these sites (or a similar one):
First, ensure that you have locked down who can access this code already. If you are using private repositories you need to make sure that the only people who have access are the people who need access (i.e. yourself and your team). Second, everyone should have strong passwords and MFA/2FA enabled on their accounts. If 1 person on the team does not follow good security practices it puts your whole project at risk! So make sure everyone on the team is following along. You can also look into tools to do some auditing and even automate it so that if anyone's account becomes less secure over time (say they turned off MFA one day) they would automatically lose their access.
Additionally you should never commit secrets (passwords, API keys, tokens, social security numbers, etc) to your code repository. Probably 90% of cases where people have their AWS/Google Cloud/Azure accounts compromised and racking up huge bills for bitcoin mining is due to having their passwords/keys stored in their git repo. They either accidentally made it public or someone got access to the private repo through a compromised account. Never store sensitive information in your code repository!
Next topic: Securing your code from vulnerabilities. This one is harder to talk about for game dev as most engines/frameworks are not as susceptible (for lack of a better word) to these situations as others. In a nutshell, you need to keep track of the following:
A lot of these things cannot be solved automatically, unfortunately, but some of it can. If you are using Javascript for your game you likely will be using packages from npm - luckily they (recently) added security auditing for packages. For other languages you can look at tools like Snyk or some other alternatives to audit the libraries you use in your project. Unfortunately none that I know of are aimed at game dev in particular, but it's still important to use these tools when you can. In general, be aware of all of your code dependencies and what impact they can have on your game or your customers if there are security bugs. Impact can range from "can cheat in multiplayer" to "can get IP addresses of all players in the world" or even "can get all information I ever put on my server", etc.
In general you'll want to look into Secure Software Development Lifecycle (commonly SDLC) practices. Microsoft has some information on how they do it.

Secure Your Computer

I'm not going to go in depth on this one because at this point everyone should have a handle on this; if not there are limitless articles, blogs, and videos about the how/what/why. In summary: Keep everything updated, and don't open suspicious links.

Secure Your Website

I will have to add more to this later probably, but again there are tons of good articles, blogs, and videos on these topics. Hopefully the information in this section is enough to get you on the right track - if not feel free to ask for more info. Lots of guides can be found on Digital Ocean's site and they are relevant even if you don't use DO for your servers.
A lot of this will apply to your game servers as well - really any kind of server you expect to setup.

That's it, for now

I ran out of steam while typing this all up after a couple hours, but I may revisit it later to add more info. Feel free to ask any questions about any of these topics and I'll do my best to answer them all.

TL;DR (y u words so much??)

... in general... in general... in general... I sure wrote those 2 words a lot.

Why Should I Trust This Post?

Hopefully I have provided enough information and good links in this post that you can trust the contents to be accurate (or mostly accurate). There is certainly enough information to do some searches on your own to find out how right or wrong I might be about these things.
If you want my appeal to authority answer: I've been working at a major (network/computer) security company for almost 7 years as a software developer, and I've had to put up with pretty much every inconvenience brought on by security. I've also witnessed the aftermath of nearly every type of security failure covered in this post, via customers and the industry at large. None of the links I used are related to my employer or its products.
Edit: Fixed some typos and added some more links
More edit: added a few more points and links
submitted by exoplasm to gamedev [link] [comments]

Telegram AMA - Summary

Telegram AMA - Summary
https://preview.redd.it/hml53mmh5er41.png?width=568&format=png&auto=webp&s=3f0cd662e1836bcb2ea37793cbbbfd6f8a5e9723
Zhuling Chen
It’s always great to hang out in this group. This group means a lot to the Aelf community. It is the first Aelf community and has been there through all the ups and downs in the world. I would like to start with wishing everyone is staying safe at home during the virus outbreak. It definitely has been a difficult time for all of us, but together we can pull through it.
We understand that the situation is quite striking to all of us. But I really believe that the solution to the virus outbreak is about more global coordination and collaboration.
All of you to be assured, our team in different places are all safe and working from home as normal.
The Aelf team in Beijing were among the early ones experiencing the virus outbreak. As everyone was on the way home for Lunar New Year holiday and then experienced a total city lock-down followed by a 40 days’ work from home policy. It was definitely not easy for them, but our team stayed strong, took necessary precautions and focused on work with the right morale. Mappo has recently published some tips on how to work from home effectively based on our experience. Do check it out. Despite not working in the office since February, we have achieved great progress, including launching Aelf 1.0 preview, which is an important milestone in technical delivery and also the roadmap to mainnet launch (which listed out the essential steps for the community to work together to launch a successful public network)
Let's first talk about Aelf v1.0 preview. It is the cornerstone of the mainnet launch. The product itself has all the features that the public network is needed. The codebase has been reviewed and tested rigorously by the team. And a few highlights of how the network would look like:
  1. The code allows a stable and high throughput blockchain network to operate publicly.
  2. For developers, they will love how flexible the system is to be customized, the number of tools and documentation to help them start developing applications on the network
  3. For the whole community, the system is an ever-evolving one where the voting system is ready in place to conduct network-wide voting on various topics, such as transaction fee adjustment, network protocol upgrade, incentive adjustment, etc
  4. Aelf system is able to run multi-chain architecture where each side chain will host different applications and still ready to work with each other
So you may ask since the software is ready, why have we not yet launched the public network? The answer, in short, is that a public blockchain is launched not by a team but through a community effort and that's why we are coordinating the community effort based on the roadmap we proposed. Aelf team has launched the public testnet based on Aelf v1.0 preview and currently, all nodes are under the team. The goal is to let the community and elected nodes to take it over and launch it on a global scale. Not only launch it but also be familiar with the network and also set the launch parameters in a decentralized way. If we take a car as an example, we have made the car, but ultimately the drivers are you guys and therefore before it really hits on the road, we need to guide the community to do a test drive, adjust the car based on what really works for YOU, and ultimately let YOU drive the car freely and safely
So how are we going to help the community launch the network:
First of all, we have launched the codes, documents about the economic system and governance model and technical features. With all the things available, you are able to understand what the system is about, as a token holder what's your benefit in the system, and being a node in the system plays a big role in the governance
Next, without yet electing the nodes, we will get all token holders to join the current Aelf network through a mapping event. That means as long as you have Aelf tokens, you will be able to get 1:1 test tokens on the public testnet. that gives you full access to all the features, and you will feel like you are already using the mainnet. You will get rewarded in making transactions, voting, etc.
Do try out the Aelf wallet and voting features, you will see how easy to transfer tokens cross-chain. and also how flexible the system allows people to make changes. For example, the community may want to adjust the block rewarding parameters or fees to use certain services on mainnet, they can initiate a discussion and then vote in the system and once voted through, it will be reflected on mainnet.
For people or organizations that want to play a bigger role in the system, we will do a dry run of node election. Take it as the real node election before mainnet launch. We will see who the active members of the community are and being trusted by the community. Among the nodes, we will form a network launch committee. The committee will be the crucial party to oversees and ensures the smooth launch of Aelf mainnet, instead of just relying on the Aelf team. This is our step towards decentralization.
The committee will agree on the actual launch process, final checking all the parameters in the system to be ready for launch and then decide when the criteria are met to launch the network. Once all that is decided. We will invite all interested nodes to apply for the election and let the community know what's their plan to grow the Aelf network. the network will initially be launched with a few nodes from the committee and gradually be replaced by the selected nodes (a bootstrap phase). Along the way, we will work with exchanges to conduct token swap (which we are also designing an innovative system to further enhance security and usability of Aelf tokens in exchanges)
Among this isolated and worrisome time, at least we all have something to look forward to: a successful launch of Aelf network! Once it is launched, we are excited to see a vibrant and technically superior network that is good for Dapps to run on top of it.
https://preview.redd.it/yp28n1jj5er41.png?width=559&format=png&auto=webp&s=c470cdedd7f8923f29a3b1bd777476f22cc76521
Doris Guo Q1: As a Blockchain start-up, what difficulties have you overcome when starting Aelf project? What motivates you to solve difficulties and achieve success today?
Zhuling Chen First, just like launching any start-up, its community and investors are usually regional. There is always some bias on if Asian projects are solid. It is really rare to have an Asian project to be supported by western funds and community from day 1. We were lucky to have overcome that obstacle. Having a global investor line-up from day 1. Having a global team from day 1 and also working with a global community from day 1. This benefited us to have an international perspective which is crucial in the blockchain industry.
Secondly, as a hardcore technology company, it is really hard to put in plain words what is our ambition. Our ambition is huge, achieving key innovations in multiple fronts of blockchain technology and organically combined them to serve real users for the future. Our marketing team has been working really hard to elaborate on what Aelf is. Now we have come to a point that the product is ready. Therefore, it is much easier for all of us to understand how solid Aelf is by trying out the network ourselves! That's exactly what the following events will be about - Try out all the exciting features of Aelf network before mainnet launch.
Doris Guo Q2: What critical problems do you see occurring in the blockchain industry nowadays? How does Aelf solve these problems?
Haobo Ma First, we need to distinguish the difference between BTC and ETH. One is Digital Cash and the other is the Smart Contract Platform. Aelf addresses most of the latter's problems. In short, it can be summarized as performance, end-user friendly, developer-friendly, network economy, and self-governance and upgrading. Each of these areas will probably take up a lot of space, and as a whole are the issues described in our two white papers. In short, Aelf is faster, end-users do not need to know the rules of the blockchain, developers can set up the development environment in 10 minutes, have a good economic model and can carry out proposal governance on the chain.
Doris Guo Q3: What is your long-term vision about the industry which Aelf is working at? Are you afraid someday there will be another project with more innovative technology can replace Aelf?
Haobo Ma Let's talk about where Aelf stands in the traditional Internet. It is essentially a cloud service provider, Aelf provides resources and infrastructure for developers to deploy their services, known as smart contracts. We eventually want Aelf to grow like AAA (Amazon, Azure, AliCloud). Because Aelf is a network that can be dynamically scaled, we can accept any new technology, some of the more advanced technologies we can put on a side chain.
Doris Guo Q4: Why did Aelf choose for cross-chain interaction?
Haobo Ma As I mentioned earlier, Aelf solves the Smart Contract Platform problem. However, there are other digital cash problems as well which we would need to use existing infrastructure such as Bitcoin's chain in order to interact with Bitcoin. There are a lot of infrastructures on Ethereum that we want to interact with. Multi-chain on Aelf network mainly is to isolate resources to improve network performance and network stability.
Doris Guo Q5: What difficulties do the Aelf team have now (I talk about COVID-19)? How does the Aelf team solve it? Have you changed the roadmap?
Haobo Ma There is no great impact. The teams in Singapore and Beijing are communicating with each other remotely on a regular basis. The only change is that most of us are now working from home which has no impact and in fact, it seems conducive to the acceptance of more community developers in the future to come. From the internal working schedule and development timeline, there is no great impact. We do not publish specific timeline as we do not want short term holders (traders) to create too much negative pressure on product development.
Doris Guo Q6: Aelf is an open-source blockchain, and there's the common problem of taking a substantial amount of time for the different participants to agree on strategic decisions. What types of governance models do you use in Aelf to address this issue???
Haobo Ma The issue is about public blockchain network, and who can decide the direction of the network. Our answer is long-term holders. For the short-term holders (traders), we refuse to allow them to participate in any discussion of the direction of Aelf because the short-term holders are likely to make a profit and sell quickly, which is essentially the same example of a person who cheats the President and then runs away for his personal gain. We defined a number of proposal processes, including the logic of the two-party system in the United States, and the participation in the referendum to ensure that the final proposal represents the majority. At the same time, we are looking for some legal solutions to avoid bifurcation, such as prohibiting exchanges from intervening in bifurcated new tokens. While we cannot limit a community, we should be able to find ways to limit a centralized organization. This restriction is akin to a ban on national secession.
Doris Guo Q7: How will Aelf empower Investors, Companies, Developers, Platform Users to deliver impactful solutions and bring value to people all over the world?
Haobo Ma We will learn from the operational experience of successful foundations such as the LINUX foundation and license some commercial companies to use Aelf solutions to solve business problems. At the same time, Aelf is an open-source product under the MIT License, and we accept any use that does not violate this open-source principle.
Zhuling Chen Let me add on to Haobo’s statement: to incentivize and empower the community, we are also exploring ways to let the community decide how to use the funds for Aelf (allocate to where it matters to our community) once mainnet is launched. This means you guys can decide what are the projects to be funded on Aelf, etc
Doris Guo Q8:When will the node campaign start? How will Aelf attract users to participate in nodes election?
Haobo Ma According to our published roadmap, the timeline can be dynamic, but I don't think it will be too long. The main idea is to let everyone understand what we envision Aelf to be like, and what are the rights and benefits of being a node in the future. We hope to find nodes that fully recognize the efforts of Aelf at the present stage and are willing to participate in the future development of Aelf. We will run a simulation of the node campaign on the testnet and set up a temporary mainnet launch committee. Please follow our official Twitter for more upcoming details!
Doris Guo Q9: Token swap form 2 is some kind of cross-chain transfer? It will be handled by a smart contract?
Haobo Ma It is handled by the smart contract, we define an asset cross-chain transfer protocol, but it may be opened after a snapshot.
Doris Guo Q10: Which Exchanges will support token swap? Do you have any plan to list Aelf in some big exchange like Binance, Houbi, Kucoin, .......?
Haobo Ma We are already in talks with some exchanges, there is still competition between exchanges, and many are still hoping to attract more users by getting access to mainnet token swap early.
Doris Guo Q11: Aside conversion of the current tokens to mainnet tokens, what other main features will be accomplished with the mainnet launch?
Haobo Ma We have a documentation file that has been published, which has listed some features: https://Aelf.io/gridcn/Aelf_public_testnet_and_supporting_features_introduction_en_v1.0.pdf
Doris Guo Q12: Do you have any plan to burn or buyback your coin?
Haobo Ma We have plans for the community to govern through DAO, we have no interest in short-term price incentive adjustment as we would prefer to drive the project to higher adoption. After mainnet starts operation, there will be a part of network revenue get destroyed automatically.
Doris Guo Q13: Often, as a newbie developer, I face difficulties on most blockchains. How easy and convenient is it for me on Aelf, and what programming language and tools are needed??
Haobo Ma We set up staging for DAPP developers on GitHub and configured CI. Develop a smart contract using C# with React Native on the front end. So, in fact, developers can fork the source code without setting up the environment locally, and you can conduct unit testing with the help of CI. You can also release the smart contract and generate the installation package of iOS and android online. https://github.com/AElfProject/Aelf-boilerplate
Doris Guo Q14: What is the progress of business development and what are some of your commercial partnerships? How will Aelf rapidly develop the number & performance of DAPP?
Haobo Ma First of all, the blockchain industry is still fairly small and users with ETH and EOS wallets are considered a very small group and its not effective to even promote within these groups. What we need to consider is how to enable users who have never been exposed to blockchain to use DAPP. The competitiveness of Aelf is to make it easier for Aelf developers to promote their DAPP to ordinary users, rather than to teach ordinary users a lot on blockchain knowledge. The average user doesn't like to hear about private keys, mnemonic, Gas Price, RAM, CPU, etc. Only until we solve such problems, companies that need to solve problems through blockchain will be more inclined to use Aelf in technology selection. Therefore, our main work is to explain the competitive advantages of Aelf, ETH and EOS to everyone. We have some business cooperation’s, but we also believe that simply through case-by-case business cooperation will not be able to gain adoption so quickly, therefore we still need to put our products to stay ahead of the next generation.
Doris Guo Q15: What other activities can encourage more people to be confident about Aelf?
Haobo Ma We are only going to state the truth by having those that have faith in us to stay and those that don't to leave. The development of Aelf is not driven by a single foundation, but by a steady stream of contributions from the community. In the future, we will also place the activities in the DAO for on-chain governance, and let the community make decisions by itself.

https://preview.redd.it/e66vhqvl5er41.png?width=555&format=png&auto=webp&s=412a2dd831ba3817806e48855f158482bf671770
Kun Aguero As you know that in the present market situation many new coins or either dying or thriving for liquidity? How will you manage this liquidity problem?
Zhuling Chen Aelf started in 2017. we have gone through a few cycles in the market, still, remember the big down period in 2018-2019. Aelf is financially solid and the team has always been working hard. if you are referring to liquidity in exchanges, we are among the lucky ones that are listed in all major exchanges
Xinshu Dong Hello, great discussions! I would like to ask what are the criteria to join the committee for launching the mainnet? Would love to participate
Zhuling Chen Hi xinshu, great to see you here. The committee will be chosen among the nodes elected during the testnet dry run. Which means, it is really important to participate in the testnet dry run and also start to establish your reputation in the community so that people will elect you as a node. The detailed criteria will include what is your plan to help Aelf to grow, tech competency and reputation.
An Da What are Aelf’s achievements in 2019? Who had supported you to get those things?
Zhuling Chen To name a few, in 2019, Aelf is one of the most active projects on GitHub. This means Aelf is evolving and improving fast in this space and our team has the tech strength. In addition, we have also successfully listed on all major cloud service providers, such as AWS, Azure, Google. So large companies can easily launch Aelf side chains in their organization with minimum hassle.
John How does the voting for master nodes candidates occur? And why is the development of this system important for your project?
Zhuling Chen Voting is going to be pretty simple. All token holders can vote for the nodes they support on our block explorer.
Miha After mainnet lunch, how will you assure that transactional fees will stay low? We know what sometimes happens to fees on ETH blockchain.
Zhuling Chen First of all, due to the fact that is Aelf is scalability, this will reduce transaction fee. Secondly, all transaction fees will be voted by the nodes (which will be elected by you). So they will represent your interest
Bobbyfernandito Currently, as we see All projects are concerned with the speed and security. So, tell us here - what are the facilities Aelf provide to their user and investors?
Haobo Ma Security: we have an automated smart contract code audit. During contract deployment, production nodes and the community audit participation are required. On the other hand, we are also planning to provide a standardized model of centralized exchange access for 100% asset certification and emergency measures to deal with exchange attacks, which we will be released later. Speed: Aelf has been working on improving performance, which is transparent to users which they can also experience by themselves.
An Da What effect does Aelf token have on the Aelf ecosystem? Holding Aelf, what benefits will users receive?
Zhuling Chen Holding ELF enables you to use all the services on the Aelf network. ELF has a deflating system where the total amount will reduce as the network grows. token holders can also vote for the nodes to run the network and also vote for big decisions in the network. part of the fees in the system will also be distributed to token holders via a smart contract
ahihi132 Which companies do you view them as potential partners and that they are somewhat also beneficial for both the user base and Aelf itself?
Zhuling Chen Great question, if I could write a wish list, that will be: let medium-sized financial institutions to use Aelf to challenge the big boys. Let telecommunication companies use Aelf for micro-payment and other innovative business models. We also would like to try out a few public sector projects, which blockchain will is still more transparency and trust
Misun Q1: Which programming languages are you using in your project? And why? Q2-What are another big MILESTONES you have planned for 2020 roadmap and how are they supposed to benefit your costumers? Will it be an exciting year?
Haobo Ma For Q1: We mainly use C# for development, I personally like it. Performance is good, development environment IDEs are strong, and C# creators are influential in the industry. We believe in the right thing, though it may take a while to develop. The smart contract will then add support for multiple languages, such as WebAssembly, depending on the needs of the community. Now it seems that C# is enough.
Hambi crypto Which platforms are your competitors? How will you soar above them, and what better things do you offer than them? So, What’s your outlook on the future of cryptocurrencies in this year and next few years?
Haobo Ma As I have already mentioned this before, Eth and Eos. We provide better performance, cross-chain support (already implemented), end-users do not need to know the details of the blockchain, developer’s payment models and so on.
Floris-Jan What plans is Aelf making to prevent centralized exchange to take over the DPoS algorithm like what happened to Steem? Are we talking about blacklisting exchange wallets, or having the foundation say "No", or putting all trust in the community?
Zhuling Chen Great question, Floris. I’m not going to give away all the details of what Haobo has proposed to work on this, but in a nutshell, in Aelf system, exchange wallets will not be allowed to vote, but only the sub-wallets for each individual can vote. This will also help exchanges to prevent hacking and theft in the future
Alex What your plans in place for global expansion, are Aelf wallet focusing on the only market at this time? Or focus on building and developing or getting customers and users, or partnerships? Can you explain this?
Haobo Ma Our core focus will be through the developers to promote, developers will help Aelf to attract more users. So our product has to be attractive to developers. Just like AWS, they only focus on getting their service right, their developers will think about how to promote it. We don't want to burden them in their promotion process.
Ellkay What do you think are the major threats and barriers that could face the development and adoption of Aelf?
Haobo Ma If I'm a DAPP developer and I need to promote my APP to people who don't recognize blockchain, then I'd like to choose a platform that doesn't have to explain a lot of blockchain details to the end-user, so they can use it easily. We've provided some options in the Boilerplate that allow you to log-in simply via QR code + Password, and our recommended Dapp is an independent wallet and a separate iOS/Android application.
ahihi132 Give me some important reasons why we need to hold Aelf token where in fact hundreds of projects failed and it went to bankruptcy or even developers run when they collect millions/billions of funds?
Haobo Ma First of all, we will not give any suggestions as we only describe the fact that the long-term token holder will be able to govern the Aelf network, get Aelf mining reward and Aelf network profit. At the same time, Aelf network is a deflation model, Aelf network received transaction fees, profit dividends will immediately destroy 10% etc. All investments are risky, and we don't judge the behaviour of other developers. There are so many things in this world that cannot be understood and unfair. It is important to do our job well. I cannot explain these things.
见愁 I remember that boss Ma mentioned to only find those truly innovative applications and enterprises with blockchain, how to find and win partners in these aspects?
Haobo Ma When Linus was developing Linux, I did not think he would find a lot of collaboration when the code was not good. The response we can give is that we already have a lot of interest in cooperation, including what we have announced, what we have not announced, etc.
见愁 How interested are cloud computing providers in participating nodes?
Haobo Ma The vast majority of our nodes should be using cloud services, and as long as a large number of our 17 nodes and other candidate nodes are based on cloud services, our network robustness is determined by these cloud computing providers. Of course, in the expansion, we can also use cloud computing services.
submitted by Floris-Jan to aelfofficial [link] [comments]

Start learning programming " Here is the best Platforms for you"

Step by step Help for you:
Platforms Node.js Frontend Development iOS Android IoT & Hybrid Apps Electron Cordova React Native Xamarin Linux ContainersOS X Command-Line ScreensaverswatchOS JVM Salesforce Amazon Web Services Windows IPFS Fuse HerokuProgramming Languages JavaScript Promises Standard Style Must Watch Talks Tips Network Layer Micro npm Packages Mad Science npm Packages Maintenance Modules - For npm packages npmAVA - Test runner ESLintSwift Education PlaygroundsPython Rust Haskell PureScript Go Scala Ruby EventsClojure ClojureScript Elixir Elm Erlang Julia Lua C C/C++ R D Common Lisp Perl Groovy Dart JavaRxJava Kotlin OCaml Coldfusion Fortran .NET PHP Delphi Assembler AutoHotkey AutoIt Crystal TypeScriptFront-end Development ES6 Tools Web Performance Optimization Web Tools CSS Critical-Path Tools Scalability Must-Watch Talks ProtipsReact RelayWeb Components Polymer Angular 2 Angular Backbone HTML5 SVG Canvas KnockoutJS Dojo Toolkit Inspiration Ember Android UI iOS UI Meteor BEM Flexbox Web Typography Web Accessibility Material Design D3 Emails jQuery TipsWeb Audio Offline-First Static Website Services A-Frame VR - Virtual reality Cycle.js Text Editing Motion UI Design Vue.js Marionette.js Aurelia Charting Ionic Framework 2 Chrome DevToolsBack-end Development Django Flask Docker Vagrant Pyramid Play1 Framework CakePHP Symfony EducationLaravel EducationRails GemsPhalcon Useful .htaccess Snippets nginx Dropwizard Kubernetes LumenComputer Science University Courses Data Science Machine Learning TutorialsSpeech and Natural Language Processing SpanishLinguistics Cryptography Computer Vision Deep Learning - Neural networks TensorFlowDeep Vision Open Source Society University Functional Programming Static Analysis & Code Quality Software-Defined NetworkingBig Data Big Data Public Datasets Hadoop Data Engineering StreamingTheory Papers We Love Talks Algorithms Algorithm Visualizations Artificial Intelligence Search Engine Optimization Competitive Programming MathBooks Free Programming Books Free Software Testing Books Go Books R Books Mind Expanding Books Book AuthoringEditors Sublime Text Vim Emacs Atom Visual Studio CodeGaming Game Development Game Talks Godot - Game engine Open Source Games Unity - Game engine Chess LÖVE - Game engine PICO-8 - Fantasy consoleDevelopment Environment Quick Look Plugins - OS X Dev Env Dotfiles Shell Command-Line Apps ZSH Plugins GitHub Browser Extensions Cheat SheetGit Cheat Sheet & Git Flow Git Tips Git Add-ons SSH FOSS for DevelopersEntertainment Podcasts Email NewslettersDatabases Database MySQL SQLAlchemy InfluxDB Neo4j Doctrine - PHP ORM MongoDBMedia Creative Commons Media Fonts Codeface - Text editor fonts Stock Resources GIF Music Open Source Documents Audio VisualizationLearn CLI Workshoppers - Interactive tutorials Learn to Program Speaking Tech Videos Dive into Machine Learning Computer HistorySecurity Application Security Security CTF - Capture The Flag Malware Analysis Android Security Hacking Honeypots Incident ResponseContent Management System Umbraco Refinery CMSMiscellaneous JSON Discounts for Student Developers Slack CommunitiesConferences GeoJSON Sysadmin Radio Awesome Analytics Open Companies REST Selenium Endangered Languages Continuous Delivery Services Engineering Free for Developers Bitcoin Answers - Stack Overflow, Quora, etc Sketch - OS X design app Places to Post Your Startup PCAPTools Remote Jobs Boilerplate Projects Readme Tools Styleguides Design and Development Guides Software Engineering Blogs Self Hosted FOSS Production Apps Gulp AMA - Ask Me Anything AnswersOpen Source Photography OpenGL Productivity GraphQL Transit Research Tools Niche Job Boards Data Visualization Social Media Share Links JSON Datasets Microservices Unicode Code Points Internet of Things Beginner-Friendly Projects Bluetooth Beacons Programming Interviews Ripple - Open source distributed settlement network Katas Tools for Activism TAP - Test Anything Protocol Robotics MQTT - "Internet of Things" connectivity protocol Hacking Spots For Girls Vorpal - Node.js CLI framework OKR Methodology - Goal setting & communication best practices Vulkan LaTeX - Typesetting language Network Analysis Economics - An economist's starter kit
Few more resources:
submitted by Programming-Help to Programming_Languages [link] [comments]

Dash had a planned instamine - It was no accident. Today, the founders hold a huge amount of the Masternode Network and continue to reek profits off those who don't know.

I'm going to start this thread with a tl;dr and a few sources to back everything up. Then, I will go into detail and recreate a thread dnale0r posted a few years back.
.
  1. The founders of Dash could hold up to 25% of all current Dash in existence [1] [2] [3]
  2. The founders decreased the max circulation to give them a larger % hold on the network [1] [2]
  3. Masternodes were created to allow the founders to continue gaining from their instamine [1] [2]
And for completeness' sake, Dash Admitting the Instamine Happened (Just so the trolls can't deny it)
.
.
The Timeline
.
.
Proof of instamine
Look at these beautiful graphs that show how much Dash was being mined at the beginning.
4 hours after launch, 1 million Dash was mined
2 days after launch, 2 million Dash were mined, then growth very abruptly plateaus.
.
The part that doesn't add up
So here we have a coin, that no one really cares about because there was little information about it at the time, so you would obviously want to let as many people use it as you can.
Except Evan only made the coin mineable on Linux.. Which is a bit odd seeing as in January 2014, only 1.13% of computers ran Linux in any form.
.
The Bombshell
From the List of nodes that were mining Dash at the very beginning, it turns out 50 OF THEM were Amazon AWS and another 50 where Microsoft cloud computing. This makes up 100 out of 124 miners on the Dash network at the time - And considering how many shitcoins are out there, who would have the foresight to set up 100 cloud computers to mine the coin? (this source suggests 115/124 were cloud hosted)
.
I can go on for a long long time but everything left I have to say is in the many sources I left behind. I'm cutting it short here and letting everyone come to their own conclusions.
And by the way, there are some very honest and legitimate Dash supporters. I was discussing the instamine with one of them a couple days ago and he was very passionate about the project - Don't hate the community, hate the coin.
Peace xo
Edit: I'm working on giving the other side of the story in the comments, this time attacking Monero. Stay tuned
Edit2: Is Monero the Culprit?
Edit3: I seem to have offended a lot of Dash friends. Hopefully one day they'll try to back up their claims instead of trying to discredit my sources.
Edit4: This is a story well known to Dash friends, so don't be surprised if all the comments are just people shilling Dash. That's the reason I posted this, and hopefully next time someone brings up Dash you'll be equip with knowledge and won't fall for it.
Edit5: I've never seen tempMonero lose his shit before
submitted by OsrsNeedsF2P to CryptoCurrency [link] [comments]

IPVanish Review - Why its a great VPN

IPVanish is a popular VPN service particularly with Android and Fire TV Stick users, and it makes a very strong claim on its homepage – that it’s the “World’s Best VPN.”
Seen this sort of statement before, right? It’s certainly one of the leading VPN providers out there, but is it really the best VPN overall?
We never take a provider’s word for it, so we decided to put IPVanish to the test – a very extensive one – to see if its claims are to be believed.
We were particularly keen to find out:
How good is IPVanish? Is it safe to use? Is IPVanish very fast? Does it work with Netflix? Is torrenting and P2P allowed? Is it the best VPN app for Firestick? But before we answer each of these (and many more) questions, lets see the pros and cons of IPVanish VPN:
Pros Cons Very impressive speeds Works with Netflix Great for torrenting & Kodi No-logs policy & no IP/DNS/WebRTC leaks User-friendly apps for PC, Mac, iOS, & Android Good server network across 50 countries Won't work with BBC iPlayer, or in China Short refund period Based in privacy-unfriendly US Desktop app could be more user-friendly Works with
Netflix, HBO, Torrenting, Kodi
Available on
Windows Mac Ios Android Linux Price from
$4.87/mo
As you can see IPVanish certainly does have many strengths to shout about.
It’s now time to take a very close look at the attributes and features of each IPVanish app, starting with how fast it is.
Speed & Reliability IPVanish is a consistently fast VPN
IPVanish is a very fast VPN service, with some of the quickest speeds we’ve seen in our tests.
IPVanish didn’t slow down our connection too much, and it is more than fast enough for HD or 4K streaming.
Speed results from our physical location in London (100Mbps fibre optic connection) to a London test server.
Before using IPVanish:
DOWNLOAD Mbps 93.76
UPLOAD Mbps 97.58
PING ms 2
When connected to IPVanish:
DOWNLOAD Mbps 84.13
UPLOAD Mbps 90.33
PING ms 7
Download speed without IPVanish: 93.76Mbps
Download speed with IPVanish: 84.13Mbps
Our download speed loss when IPVanish is running: 10%
Downloads, uploads and latency when using IPVanish are among the best we’ve seen, making this VPN a very smart choice for gamers and torrenters alike.
It’s also one of the most reliable VPN services we’ve seen, providing consistently fast speeds from one test to the next.
Here are the average speeds you can expect when using IPVanish to connect out to various locations around the world (from the UK):
USA: 53Mbps (download) & 37Mbps (upload) Germany: 76Mbps (download) & 81Mbps (upload) Singapore: 25Mbps (download) & 2Mbps (upload) Australia: 24Mbps (download) & 6Mbps (upload) Server Locations Over 40,000 IP addresses across 77 locations
Globe with a blue flag 50 Countries Image of a city landscape 77 Cities Image of a pink marker 40,000+ IP Addresses See all Server Locations IPVanish VPN gives access to more than 1,300 servers worldwide and over 40,000 IP addresses, which is one of the highest numbers of IP addresses we’ve ever seen. This means that you’re unlikely to experience VPN server congestion and slow speeds while connected to IPVanish.
The 50 countries in IPVanish’s VPN server network are well spread-out, including some less common nations like Moldova and the Philippines (in addition to all the typical countries like US, UK, Canada, Australia, and more).
List of IPVanish server locations
IPVanish provides its customers with city-level options in the US (19 cities), UK (4), Canada (3) Australia (2) and Brazil (2).
US-based users can choose from IPVanish servers in:
Central – Chicago, Dallas, Denver, Houston, Jackson, Milwaukee, St. Louis East – Ashburn, Atlanta, Boston, Cleveland, Miami, New York West – Las Vegas, Los Angeles, Phoenix, Salt Lake City, San Jose, Seattle We’d love to see more city-level selections in Australia – mainly Perth which is located on the West coast – and more server options in South America, where only Brazil and Colombia are served.
The high number of VPN servers in IPVanish’s network is enough to offset these minor complaints, though.
IPVanish is one of the few VPN providers to own its entire (or very close to) server infrastructure, meaning they rent very few servers from third-parties.
Streaming & Torrenting Excellent choice for torrenting & Netflix
Despite IPVanish being one of the fastest VPNs we’ve seen, it’s just not a great VPN for streaming.
Most of IPVanish’s US servers work for Netflix, although it can occasionally take a while to load, but all of its UK servers are currently blocked by BBC iPlayer and according to IPVanish they are not looking to work on fixing this.
If streaming BBC iPlayer is important to you, read through our dedicated guide or take a look at our NordVPN or CyberGhost reviews, two VPN services that work well with BBC iPlayer.
IPVanish has also confirmed it isn’t working with Amazon Prime Video or Hulu at the moment.
Torrenting IPVanish is, however, one of the best VPN services for torrenting we’ve tested, with very fast speeds and a watertight logging policy.
Torrenting is permitted on all of its servers and when we checked for IP/DNS leaks, we found none.
Not to mention that it has a VPN kill switch, but more on this below.
Therefore, we recommend IPVanish VPN for all P2P activity including Kodi for which IPVanish is currently the #1 VPN service.
Bypassing Censorship No good for China
IPVanish is very upfront in saying that the VPN service won’t work in China, despite being equipped with an array of obfuscation tools.
We really appreciate IPVanish’s honesty on this topic. IPVanish also provides a useful list of other countries the VPN won’t work in: you can find this on the support section of the IPVanish website.
List of IPVanish banned countries
IPVanish states that it is “forbidden to do business in”:
Myanmar Cuba Iran North Korea Sudan Syria IPVanish states that its domain, ipvanish.com, is blocked in:
Qatar Saudi Arabia United Arab Emirates (UAE) China Kazakhstan It’s not just IPVanish’s domain that is blocked in these countries, and many users have reported that IPVanish’s apps don’t work either.
If you live or are travelling to a high censorship country then we suggest you consider using VPN services like ExpressVPN or VyprVPN to bypass aggressive internet censors.
Platforms & Devices Works with all major platforms & devices
Apps Windows Logo Windows Mac Logo Mac iOS Logo iOS Android Logo Android Linux Logo Linux Router Logo Router IPVanish has custom VPN apps for all popular mobile and desktop operating systems so you can use them on:
PCs Apple Macs iPhones Android devices You can also setup IPVanish on other devices using manual workarounds (see the ‘Games Consoles & Streaming Devices’ section below).
Games Consoles & Streaming Devices AppleTV Logo AppleTV Amazon Fire TV Logo Amazon Fire TV Chromecast Logo Chromecast Nintendo Logo Nintendo PlayStation Logo PlayStation Roku Logo Roku Xbox Logo Xbox IPVanish is a good VPN to use with gaming consoles and streaming devices.
IPVanish is our number 1 VPN pick for the increasingly popular Amazon Firestick, and it’s super easy to install and use.
You can also use IPVanish on 10 devices at once, which is very generous (the average among the top VPN services is about 5 simultaneous connections).
You can also install IPVanish on your home router so that all your internet traffic at home is protected.
Browser Extensions Unfortunately, IPVanish doesn’t have any VPN browser extensions, which is a shame and one of the very few areas where it seriously lags behind its competitors.
If you want to use a VPN extension with your web browser then take a look at our:
Best VPN extensions for Chrome Best VPN addons for Firefox Encryption & Security One of the safest providers we’ve reviewed
Protocol IKEv2/IPSec
L2TP/IPSec
OpenVPN (TCP/UDP)
PPTP
Encryption AES-256
Security DNS Leak Blocking
First-party DNS
IPV6 Leak Blocking
Supports TCP Port 443
VPN Kill Switch
Advanced features SOCKS
Please see our VPN Glossary if these terms confuse you and would like to learn more.
We believe that IPVanish is one of the most secure and private VPN services available.
IPVanish mainly uses the OpenVPN and IKEv2 protocols and encrypts your online traffic with the ‘unbreakable’ AES-256 cipher, meaning you’re protected at all times. You can also connect using L2TP/IPsec, if you’d prefer.
IPVanish has a VPN kill switch to protect your privacy in case of a connection drop, plus a host of other advanced features to secure your web browsing. This includes SOCKS5 web proxy, which masks your IP address during P2P and VoIP connections – although this doesn’t encrypt traffic.
We also found IPVanish to be extremely safe, and free of IP or DNS leaks in our most recent tests:
IPVanish leak test results from browserleaks.com IPVanish’s leak test results when connected to its Chicago server
Logging Policy No-logs policy makes up for US jurisdiction
IPVanish doesn’t collect any user data at all, making it a no-logs VPN service.
Considering most VPN logging policies track at least server load or login information for maintenance purposes, this is what makes IPVanish a standout VPN for privacy.
In 2016, when under previous management, IPVanish was however found to be collecting logs when it handed information over to US authorities to aid in the prosecution of a user.
Since being acquired a number of times since then, IPVanish has turned things around and we have no longer concerns about its approach to user privacy.
Jurisdiction IPVanish VPN was first released in 2012 by its former US-based owner HighWinds Network Group. IPVanish has since been acquired by StackPath and in 2019 by J2 Global which are both US-based companies.
As you can see IPVanish is, and has always been, operated by companies headquartered in the US, which does have very intrusive surveillance laws and is a member of the Five-Eyes data sharing agreement.
IPVanish being based in the US is largely irrelevant though as its no-logs policy means no identifiable information is collected by the VPN provider.
Ease of Use User-friendly install with lots of advanced features
How to Install & Set Up IPVanish Screenshot of the Windows download button on the IPVanish website Beginning the installation process is as simple as clicking the button to download the relevant software from the site.
Screenshot of the progress of our IPVanish Windows download You can check the progress of the installation here, but it usually only takes a couple of minutes from start to finish.
Screenshot of the completed IPVanish download Once the software is downloaded, you'll see this screen which prompts you to run the IPVanish app.
Screenshot of IPVanish's main dashboard on its Windows app IPVanish main dashboard shows key connection info and permits server selection. We like the nice graph too.
Screenshot of IPVanish's server list in the Windows app Power users will select servers from the main dashboard rather than the server list as it's a slicker experience.
Screenshot of the server location filters in the IPVanish desktop app IPVanish server list view with filters - it's mostly pretty good but not as optimal as using the main dashboard.
Screenshot of the advanced settings in IPVanish's desktop app IPVanish is rich with advanced settings for customizing connections and it's well laid out to boot. Nice!
IPVanish’s desktop VPN apps are perfectly simple to use, even if they could do with a bit of a visual overhaul as they are starting to look a little out-dated.
The advanced privacy settings are also easy to navigate, making IPVanish suited to both VPN beginners and more experienced users.
The mobile IPVanish apps lack a few key features, such as the VPN kill switch, but they do still provide a very good, user-friendly experience.
Customer Support Helpful support with 24/7 live chat
24/7 Email support Online Resources We found IPVanish customer support agents to be friendly and helpful no matter what we asked them about the VPN service.
Thanks to a recent update, IPVanish now also has 24-hour live chat support on its website.
IPVanish also has excellent email support, which provided us with impressively well-written responses, as well as an online FAQ for straightforward solutions to the most common issues.
If for any reason IPVanish isn’t working properly, you should be able to fix it quickly by following these guides.
Pricing & Deals Well worth it for the level of service
IPVanish Coupon IPVanish logo IPVanish
Get 60% off IPVanish's 12-month plan
TestedEnds 22 Aug Get CodeED Terms IPVanish Pricing Plan IPVanish is reasonably priced and affordable. It is neither the cheapest VPN service, nor the most expensive. You can pay for IPVanish monthly or on an annual basis.
$4.87 per month on the 12-month plan is a very good price, especially as it’s 60% cheaper than the standard one-month plan, priced at $11.99.
There’s also a 3-month option for $6.75 per month.
Monthly
US$7.50/mo
Billed $7.50 for the first month Save 38% 3 Months
US$6.75/mo
Billed $20.24 for the first 3 months Save 44% 12 Months
US$4.87/mo
Billed $58.49 for the first 12 months Save 60% All plans have 7-day money-back guarantee
Payment & Refund Options The IPVanish seven-day money-back guarantee is 100% no-questions-asked and refunds your money within 10 working days.
Our only issue is with IPVanish’s iOS policy – if you sign up for an IPVanish login via the iOS Store then you don’t qualify for the money back guarantee.
IPVanish only accepts credit cards, debit cards, and PayPal.
Unfortunately neither cryptocurrencies like Bitcoin nor international options like Alipay are currently accepted.
submitted by Zinkzd to VPNsReddit [link] [comments]

Decred Journal – August 2018

Note: you can read this on GitHub (link), Medium (link) or old Reddit (link) to see all the links.

Development

dcrd: Version 1.3.0 RC1 (Release Candidate 1) is out! The main features of this release are significant performance improvements, including some that benefit SPV clients. Full release notes and downloads are on GitHub.
The default minimum transaction fee rate was reduced from 0.001 to 0.0001 DCkB. Do not try to send such small fee transactions just yet, until the majority of the network upgrades.
Release process was changed to use release branches and bump version on the master branch at the beginning of a release cycle. Discussed in this chat.
The codebase is ready for the new Go 1.11 version. Migration to vgo module system is complete and the 1.4.0 release will be built using modules. The list of versioned modules and a hierarchy diagram are available here.
The testnet was reset and bumped to version 3.
Comments are welcome for the proposal to implement smart fee estimation, which is important for Lightning Network.
@matheusd recorded a code review video for new Decred developers that explains how tickets are selected for voting.
dcrwallet: Version 1.3.0 RC1 features new SPV sync mode, new ticket buyer, new APIs for Decrediton and a host of bug fixes. On the dev side, dcrwallet also migrated to the new module system.
Decrediton: Version 1.3.0 RC1 adds the new SPV sync mode that syncs roughly 5x faster. The feature is off by default while it receives more testing from experienced users. Other notable changes include a design polish and experimental Politeia integration.
Politeia: Proposal editing is being developed and has a short demo. This will allow proposal owners to edit their proposal in response to community feedback before voting begins. The challenges associated with this feature relate to updating censorship tokens and maintaining a clear history of which version comments were made on. @fernandoabolafio produced this architecture diagram which may be of interest to developers.
@degeri joined to perform security testing of Politeia and found several issues.
dcrdata: mainnet explorer upgraded to v2.1 with several new features. For users: credit/debit tx filter on address page, showing miner fees on coinbase transaction page, estimate yearly ticket rewards on main page, cool new hamburger menu and keyboard navigation. For developers: new chain parameters page, experimental Insight API support, endpoints for coin supply and block rewards, testnet3 support. Lots of minor API changes and frontend tweaks, many bug fixes and robustness improvements.
The upcoming v3.0 entered beta and is deployed on beta.dcrdata.org. Check out the new charts page. Feedback and bug reports are appreciated. Finally, the development version v3.1.0-pre is on alpha.dcrdata.org.
Android: updated to be compatible with the latest SPV code and is syncing, several performance issues are worked on. Details were posted in chat. Alpha testing has started, to participate please join #dev and ask for the APK.
iOS: backend is mostly complete, as well as the front end. Support for devices with smaller screens was improved. What works now: creating and recovering wallets, listing of transactions, receiving DCR, displaying and scanning QR codes, browsing account information, SPV connection to peers, downloading headers. Some bugs need fixing before making testable builds.
Ticket splitting: v0.6.0 beta released with improved fee calculation and multiple bug fixes.
docs: introduced new Governance section that grouped some old articles as well as the new Politeia page.
@Richard-Red created a concept repository sandbox with policy documents, to illustrate the kind of policies that could be approved and amended by Politeia proposals.
decred.org: 8 contributors added and 4 removed, including 2 advisors (discussion here).
decredmarketcap.com is a brand new website that shows the most accurate DCR market data. Clean design, mobile friendly, no javascript required.
Dev activity stats for August: 239 active PRs, 219 commits, 25k added and 11k deleted lines spread across 8 repositories. Contributions came from 2-10 developers per repository. (chart)

Network

Hashrate: went from 54 to 76 PH/s, the low was 50 and the new all-time high is 100 PH/s. BeePool share rose to ~50% while F2Pool shrank to 30%, followed by coinmine.pl at 5% and Luxor at 3%.
Staking: 30-day average ticket price is 95.6 DCR (+3.0) as of Sep 3. During the month, ticket price fluctuated between a low of 92.2 and high of 100.5 DCR. Locked DCR represented between 3.8 and 3.9 million or 46.3-46.9% of the supply.
Nodes: there are 217 public listening and 281 normal nodes per dcred.eu. Version distribution: 2% at v1.4.0(pre) (dev builds), 5% on v1.3.0 (RC1), 62% on v1.2.0 (-5%), 22% on v1.1.2 (-2%), 6% on v1.1.0 (-1%). Almost 69% of nodes are v.1.2.0 and higher and support client filters. Data snapshot of Aug 31.

ASICs

Obelisk posted 3 email updates in August. DCR1 units are reportedly shipping with 1 TH/s hashrate and will be upgraded with firmware to 1.5 TH/s. Batch 1 customers will receive compensation for missed shipment dates, but only after Batch 5 ships. Batch 2-5 customers will be receiving the updated slim design.
Innosilicon announced the new D9+ DecredMaster: 2.8 TH/s at 1,230 W priced $1,499. Specified shipping date was Aug 10-15.
FFMiner DS19 claims 3.1 TH/s for Blake256R14 at 680 W and simultaneously 1.55 TH/s for Blake2B at 410 W, the price is $1,299. Shipping Aug 20-25.
Another newly noticed miner offer is this unit that does 46 TH/s at 2,150 W at the price of $4,720. It is shipping Nov 2018 and the stats look very close to Pangolin Whatsminer DCR (which has now a page on asicminervalue).

Integrations

www.d1pool.com joined the list of stakepools for a total of 16.
Australian CoinTree added DCR trading. The platform supports fiat, there are some limitations during the upgrade to a new system but also no fees in the "Early access mode". On a related note, CoinTree is working on a feature to pay household bills with cryptocurrencies it supports.
Three new OTC desks were added to exchanges page at decred.org.
Two mobile wallets integrated Decred:
Reminder: do your best to understand the security and privacy model before using any wallet software. Points to consider: who controls the seed, does the wallet talk to the nodes directly or via middlemen, is it open source or not?

Adoption

Merchants:

Marketing

Targeted advertising report for August was posted by @timhebel. Facebook appeal is pending, some Google and Twitter campaigns were paused and some updated. Read more here.
Contribution to the @decredproject Twitter account has evolved over the past few months. A #twitter_ops channel is being used on Matrix to collaboratively draft and execute project account tweets (including retweets). Anyone with an interest in contributing to the Twitter account can ask for an invitation to the channel and can start contributing content and ideas there for evaluation by the Twitter group. As a result, no minority or unilateral veto over tweets is possible. (from GitHub)

Events

Attended:
For those willing to help with the events:
BAB: Hey all, we are gearing up for conference season. I have a list of places we hope to attend but need to know who besides @joshuam and @Haon are willing to do public speaking, willing to work booths, or help out at them? You will need to be well versed on not just what is Decred, but the history of Decred etc... DM me if you are interested. (#event_planning)
The Decred project is looking for ambassadors. If you are looking for a fun cryptocurrency to get involved in send me a DM or come talk to me on Decred slack. (@marco_peereboom, longer version here)

Media

Decred Assembly episode 21 is available. @jy-p and lead dcrwallet developer @jrick discussed SPV from Satoshi's whitepaper, how it can be improved upon and what's coming in Decred.
Decred Assembly episodes 1-21 are available in audio only format here.
New instructional articles on stakey.club: Decrediton setup, Deleting the wallet, Installing Go, Installing dcrd, dcrd as a Linux service. Available in both English and Portuguese.
Decred scored #32 in the August issue of Chinese CCID ratings. The evaluation model was explained in this interview.
Satis Group rated Decred highly in their cryptoasset valuation research report (PDF). This was featured by several large media outlets, but some did not link to or omitted Decred entirely, citing low market cap.
Featured articles:
Articles:
Videos:

Community Discussions

Community stats:
Comm systems news:
After another debate about chat systems more people began testing and using Matrix, leading to some gardening on that platform:
Highlights:
Reddit: substantive discussion about Decred cons; ecosystem fund; a thread about voter engagement, Politeia UX and trolling; idea of a social media system for Decred by @michae2xl; how profitable is the Obelisk DCR1.
Chats: cross-chain trading via LN; plans for contractor management system, lower-level decision making and contractor privacy vs transparency for stakeholders; measuring dev activity; what if the network stalls, multiple implementations of Decred for more resilience, long term vision behind those extensive tests and accurate comments in the codebase; ideas for process for policy documents, hosting them in Pi and approving with ticket voting; about SPV wallet disk size, how compact filters work; odds of a wallet fetching a wrong block in SPV; new module system in Go; security of allowing Android app backups; why PoW algo change proposal must be specified in great detail; thoughts about NIPoPoWs and SPV; prerequisites for shipping SPV by default (continued); Decred vs Dash treasury and marketing expenses, spending other people's money; why Decred should not invade a country, DAO and nation states, entangling with nation state is poor resource allocation; how winning tickets are determined and attack vectors; Politeia proposal moderation, contractor clearance, the scale of proposals and decision delegation, initial Politeia vote to approve Politeia itself; chat systems, Matrix/Slack/Discord/RocketChat/Keybase (continued); overview of Korean exchanges; no breaking changes in vgo; why project fund burn rate must keep low; asymptotic behavior of Decred and other ccs, tail emission; count of full nodes and incentives to run them; Politeia proposal translations and multilingual environment.
An unusual event was the chat about double negatives and other oddities in languages in #trading.

Markets

DCR started the month at USD 56 / BTC 0.0073 and had a two week decline. On Aug 14 the whole market took a huge drop and briefly went below USD 200 billion. Bitcoin went below USD 6,000 and top 100 cryptos lost 5-30%. The lowest point coincided with Bitcoin dominance peak at 54.5%. On that day Decred dived -17% and reached the bottom of USD 32 / BTC 0.00537. Since then it went sideways in the USD 35-45 / BTC 0.0054-0.0064 range. Around Aug 24, Huobi showed DCR trading volume above USD 5M and this coincided with a minor recovery.
@ImacallyouJawdy posted some creative analysis based on ticket data.

Relevant External

StopAndDecrypt published an extensive article "ASIC Resistance is Nothing but a Blockchain Buzzword" that is much in line with Decred's stance on ASICs.
The ongoing debates about the possible Sia fork yet again demonstrate the importance of a robust dispute resolution mechanism. Also, we are lucky to have the treasury.
Mark B Lundeberg, who found a vulnerability in atomicswap earlier, published a concept of more private peer-to-peer atomic swaps. (missed in July issue)
Medium took a cautious stance on cryptocurrencies and triggered at least one project to migrate to Ghost (that same project previously migrated away from Slack).
Regulation: Vietnam bans mining equipment imports, China halts crypto events and tightens control of crypto chat groups.
Reddit was hacked by intercepting 2FA codes sent via SMS. The announcement explains the impact. Yet another data breach suggests to think twice before sharing any data with any company and shift to more secure authentication systems.
Intel and x86 dumpsterfire keeps burning brighter. Seek more secure hardware and operating systems for your coins.
Finally, unrelated to Decred but good for a laugh: yetanotherico.com.

About This Issue

This is the 5th issue of Decred Journal. It is mirrored on GitHub, Medium and Reddit. Past issues are available here.
Most information from third parties is relayed directly from source after a minimal sanity check. The authors of Decred Journal have no ability to verify all claims. Please beware of scams and do your own research.
Feedback is appreciated: please comment on Reddit, GitHub or #writers_room on Matrix or Slack.
Contributions are welcome too. Some areas are collecting content, pre-release review or translations to other languages. Check out @Richard-Red's guide how to contribute to Decred using GitHub without writing code.
Credits (Slack names, alphabetical order): bee, Haon, jazzah, Richard-Red and thedecreddigest.
submitted by jet_user to decred [link] [comments]

How to Bitcoin Miner with Ubuntu VPS - Setup Nicehash Miner via Ubuntu VPS Bitcoin JSON-RPC Tutorial 2 - VPS Setup Best VPS RDP 2018 cheap hosting server for mining bitcoin ... USB Bitcoin Miner - The Power of 1000's Computers - YouTube Bitcoin mining 2017 with AWS and Freebitcoin

BitLaunch provides cloud hosting from DigitalOcean, Vultr, and Linode payable with cryptocurrencies like Bitcoin, Litecoin, Ethereum and more - with instant provisioning and hourly Billing. PiNET LLC provide Cheap Windows VPS, Forex VPS & Linux VPS hosting services. Price start at $4.99 monthly, No hidden fees. Instant Setup and Delivery. Payment via Bitcoin, Perfectmoney, Paypal, Credit Card, Webmoney, Payeer are accepted! tar xzf bitcoin-0.20.1-x86_64-linux-gnu.tar.gz This will create the directory bitcoin-0.20.1 within your current working directory. We will install the contents of its bin subdirectory into the /usr/local/bin directory using the the install command. The install command is part of the GNU coreutils available on nearly every Linux distribution, and the /usr/local/bin directory is a standard ... Bitcoin hosting is often presented as a solution for those seeking a degree of privacy and anonymity on the web. On this page, you can compare hosts that accept Bitcoin as payment for their services. Setting Up a Bitcoin-Related Site. You do not need Bitcoin-specific hosting to set-up a Bitcoin-related site. Bitcoin mining on the cloud without an ASIC miner does not yield any profit. Still, it’s a fun experiment. Still, it’s a fun experiment. Step One: Get cloud hosting.

[index] [26771] [37226] [10825] [27616] [44595] [28236] [21963] [34198] [17826] [15840]

How to Bitcoin Miner with Ubuntu VPS - Setup Nicehash Miner via Ubuntu VPS

Learn how to build a website server and host a website from home. In this episode we are going to download and install Linux and learn how to use port forwarding and FTP to connect with it. Web page to vps go : https://goo.gl/lO37MZ vps hosting cheap linux vps hosting cheap windows vps hosting cheap india vps hosting cheap europe vps hosting che... SUBSCRIBE FOR MORE HOW MUCH - http://shorturl.at/arBHL GekkoScience NewPac USB Miner - https://bit.ly/2RIQgdX GekkoScience 8 Port USB Hub - https://bit.ly/2x... If you want to learn more about Bitcoin and how to use Cloud Mining to learn how it works, this course will be perfect for you! We will also talk about the b... How to mine Bitcoin with freebitcoin using Ubuntu instance running on AWS.

#