What I currently use for privacy (after almost 2 years of long investing into it)
Project Announcement: Tortuga - Sell Digital Products for Nano
I'm very excited to announce the initial release of a small payment gateway I've been building called "Tortuga". Tortuga is the simplest implementation I could come up with to let me sell a digital product, for Nano, from my website. Sort of an "Arch Linux" approach to building a payment gateway. It's a much more lightweight alternative to self-hosted payment gateways like BTCPayServer. At the moment, Tortuga only supports Nano (via BrainBlocks), but I have plans to add support for Bitcoin Cash, Monero and Bitcoin (BTC) in the future. Unlike some other solutions, Tortuga is stand-alone. If you can host a docker container, you can run Tortuga and sell a digital product for Nano. You don't need WooCommerce, or Shopify, or any other e-commerce solution. You can just enter the details of your product (it's easy enough, more details are on the GitHub page), launch the docker container somewhere, and you are good to go. You can share a pretty URL with people, and they can buy your file for Nano.
Why Did I Build This?
Well, I wrote a book! It took me two years and a ton of research to complete. It's called "Taxation is Slavery - The Biblical Case for Libertarian Politics". I became a libertarian after setting out to write a masters thesis for Bible college on the ethics of taxation. When I started writing that thesis, I was more of a right-leaning conservative, but not a libertarian. Doing the research and reading the Bible in depth led me to conclude that anarcho-capitalism was the most biblical approach to politics. If that sounds interesting to you, I'd love for you check it out! Looking into all the libertarianism stuff is a big part of what got me into crypto. In the book, I even talk about how the spread of cryptocurrency will force many Christians to re-think their interpretation of certain Bible passages. You can download the first couple of chapters for free, or buy the whole thing at my website. It's $10 USD via Gumroad or Amazon, but if you use the "Pay with Nano" button, then you can get it for just $7 USD. Plus you get to test out the Tortuga payment gateway in the process ;) If you do bump into any bugs or issues, feel free to comment here or send me a DM and I'll try to get you sorted. Get the book here: https://beingbiblical.com/books/taxation-is-slavery
Why not use some other solution?
I desperately wanted to be able to sell my book for crypto, but I struggled to find a really good way to do it. I looked at a few custodial solutions, like Globee and CoinGate, but they left a lot to be desired. I looked at several Nano paywall solutions. Some of them were okay. I liked nanowall.link a lot. But that solution only let me redirect a buyer to a URL. I wanted a way that a buyer could pay once and then get a download link that gave them a maximum number of chances to download the file. That way, even if they share the link on a public forum somewhere, only a few people can get the download for free before it expires. In the end, I decided it was easier to build my own streamlined solution. That solution is Tortuga. You can learn more about it on the GitHub page (https://github.com/unyieldinggrace/tortuga).
It has been shared on multiple subreddits so I have no idea where to even post this. But I'd like to come up with a follow-up thread with some more information. The internet is the most powerful tool that mankind has ever invented. You have the ability to reach thousands, millions and even billions of people with just a computer and some internet access.
If you're on this subreddit, chances are you're already playing Tibia and you already have a computer and internet access. It doesn't need to be the best internet, but as long as websites will load (eventually) you are good to go.
In this topic I will go more in-depth on web development and software engineering. If you have a very slow internet connection, you may want to look into web development instead of software development. An application/software is much heavier (larger file size) than a website. And most developer jobs require that you send and download files, back and forth, between you and your company's server. So if you feel like your internet is too slow to send a lot of files - do not worry! There are plenty of jobs.
First, I will go through some more details on how to learn web development and software development. After that, I will list a few other kinds of jobs that you can do remotely. These types of jobs can be done from anywhere in the world as long as you have internet access.
Part 1: Some languages you should learn
What is web development? Well, it can be a lot of things. You perhaps make websites for shops/restaurants/hair dressers/dentists, or you work for a big company and work on their web application, like Outlook, Discord or Spotify (which can all be accessed via a browser: their web app). You can also work with design and user experience, instead of programming. Being a web developer can mean so many different things, it's impossible to name them all. But most web developers are just developers: they program. They make websites, and they either sell the websites to companies (as a consultant) or you work full/part-time for a company.
I can not provide in-depth information about every single thing, but I can give you some pointers. The very basics any web developer should know is this:
HTML (HyperText Markup Language) - it's what almost all websites use as a foundation. This is not a programming language, but it is a markup language. If you want to build websites, you pretty much have to know this language. Don't worry though, it is easy. Not so much to learn. You can learn all about it in a few weeks.
CSS (Cascading Style Sheets) - it's what will add colors and shapes to your website. If you want to focus more on design (also known as front end development) then this is where you want to gain a lot of knowledge.
Python - A very simple language to learn. This language is very often the first programming language that developers start using. You can use it for a lot of things. This language is used in the back of a lot of websites. Google has been using Python for years and still is. It's great for web scraping and making web requests. If you want a language to practice your algorithms, then this language is awesome.
PHP - This used to be a very popular language, but not so much these days. However, it is very good to know how this works because it's very simple to learn and also very functional in some cases. If you want to transmit or withdraw information from a database to your website, then this (in combination with SQL) is a great way to do so. Whenever you make a login system or a contact form, the data must be sent somehow to a recipient or a database. PHP will help you do that. It is a server-side language, which means it will run in the back of the website.
SQL - To be able to communicate with databases (for example: save data, update data, or insert data) you can use different languages for that. But SQL is probably the most widely used language for this. It is basically just a bunch of commands that you tell your website or app to do. If you have a web shop for example, you will need a database to store all your product information in. You can for example use MySQL as your database and then use the SQL language to extract data from your database and publish it as a list of products on your website.
Java - This is pretty much 90% identical to C# as I wrote above. Widely used, relatively easy to learn the basics and there's plenty of jobs. If you like making android apps, this language is for you.
Part 2: Technologies and useful tools
To become a web developer you will need a few tools. You need a text editor, a FTP client, a SSH client and some other things. Also a good browser.
Text editor: Visual Studio Code, Atom, Sublime Text, Brackets - There are many different text editors but at the moment, I highly recommend Visual Studio Code. It has so many built-in features it's honestly the only thing you may need.Don't forget to install Notepad++ as well - this very basic editor is so handy when you just quickly need to edit some files.
File archiving: WinRar, 7-Zip - You need some way of archiving projects and send it to your customer or employer. These are basic tools anyone should use. I personally use Winrar.
FTP (File Transfer Protocol): FileZilla - This tool will allow you to connect to your website's file manager and upload your files to it. There are many tools for connecting to an FTP server but this is the most popular one, it's simple and it works great.
VPS (Virtual Private Server): Amazon Web Services, Google Cloud - If you want to practice building web applications or want to host your own website as a fun project, it's great to use a VPS for that. Both Amazon and Google offers 365 days of free VPS usage. All you need is a credit card. However, they will not charge you, as long as you stay below the free tier limit. A VPS is basically a remote computer that you can connect to. I highly recommend that, if you have a slow internet connection. Those VPS-servers (by Amazon and Google) usually have 500mbit/s internet speed, which is faster than most countries in the world. You simply connect to them via Remote Desktop, or by SSH. Depending on what type of server you are using (Windows or Linux).
SSH (Secure Shell): Solar-PuTTY, PuTTY - If you for example have a web server where you store applications and files, a great way to connect to it is by using SSH. PuTTY is pretty much the standard when it comes to SSH clients. But I really love the version created by SolarWinds. When you download that one, do not enter your personal details. Their sales people will call you and haunt you! Haha.
File Searching: Agent Ransack - When you have many files and try to locate a specific document or file, you may want to use something like Agent Ransack. Much faster than the traditional search feature in Windows and it is much more accurate.
IDE / Code Editor: Visual Studio - Great tool to use when you want to create applications in C# for example. Do not confuse this with Visual Studio Code. These are two very different tools. This tool (Visual Studio) is more designed for Windows applications. Not just websites. I only recommend getting it if you plan to make programs for Windows.
Web host & domain: NameCheap, Epik, SiteGround - If you develop websites on your own, or maybe want to create a portfolio website, you will need a domain name and web hosting. I have personally used all of these 3 and they are very cheap. NameCheap has some of the cheapest domains and great web hosting for a low price. Their support is also great. Same with SiteGround. And if you want to buy a domain anonymously (with Bitcoin for example), then you can use Epik. Low prices and great customer service on all these 3 websites.
Web Browser: Mozilla Firefox, Microsoft Edge Insider, Google Chrome - You need one of the latest web browsers to create websites these days. Since I prefer privacy over functionality, I've always loved Firefox. But recently, Microsoft has been improving its new version of Edge a lot (based on Chromium) and it's also very popular. If you want all your personal details to be saved and have good tools for web development, then use Google Chrome. Don't forget to utilize the built-in developer tools. You can access it in any of these browsers by pressing F12.
Other things you may want to look into:
Web services, SSL certificates, Search Engine Optimization, Databases, API, Algorithms, Data Structures
If you want to learn in-depth about algorithms, data structures and more. Then you can take a look at the curriculum of the top-tier universities of USA. Such as: UC Berkeley, Harvard and MIT. These courses are very hard and are specifically for people who want to become experts in software engineering. You can enroll some of them for free, like the one on Harvard. And by having a such diploma (which costs $90 extra) can get you a lot of job opportunities. You can enroll those courses if you want, but it can have a fee. But just take a look at what they are studying and try do their exercises, that is 100% free. Get the knowledge. It's mostly on video too! These course below are the very same courses that many of the engineers at Facebook, Google, Amazon, Apple, Netflix, Uber, AirBnb, Twitter, LinkedIn, Microsoft, etc. has taken. It's what majority of people in Silicon Valley studied. And it's among the best classes that you can take. These course are held by some of the world's best professors in IT.
For what I hope are obvious reasons, I don't want, and probably will never post my threat model publicly online. However, regardless of that, what I'm sure you will extrapolate from this post is that I live my life, digitally in particular, with a fairly high level threat model. This is not because I'm some super sophisticated criminal mastermind, but rather, I am at this level because I genuinely love playing around with this stuff. And I just happen to understand the importance of privacy and just how vital it is to a truly healthy society. I would like to extend a thanks to ProgressiveArchitect for the sharing of the knowledge they have done on this subreddit, /privacytoolsio, and the like. We may have never interacted, but nevertheless, your input into this community is truly interesting and extremely informative and educating. I'm sure those of you familiar with PA's setup will be able to draw some parallels with mine and their's. Thank you. I hope you all enjoy reading this write up.
I run Qubes OS on a Lenovo ThinkPad X230 laptop. Specs for it are as following: - i7-3520M - 16GB RAM - 1TB Samsung 860 Evo SSD - Qualcomm Atheros AR9285 wireless card Additionally, I used a Raspberry Pi Model 3B+ and a Pomono SPI clip to replace the stock BIOS firmware with coreboot+me_cleaner. This wasn't done out of any "real" concern for the Intel ME (though of course proprietary black-boxes like it should be avoided at all costs and not trusted), but rather for open source enthusiasm and for increased security and faster boot times than what the stock BIOS firmware allows for. On that note about the ME, I don't believe the conspiracy theories that claim that it is a state-sponsored attack method for surveillance. I believe that Intel had good intentions for improving the lives of IT professionals who need to manage hundreds, if not thousands of remote machines. However, it has proven time and time again to be insecure, and I don't need the remote management and the "features" that it provides on my machines. In Qubes, I use a combination of AppVMs and StandaloneVMs for a variety of different purposes. All VMs use PVH over HVM, except for the Mirage Unikernel Firewall, which uses PV, and the sys-net and sys-usb StandaloneVMs which have to use HVM because of PCI device passthrough. Right now most of my VMs are AppVMs, but for maintenance and compartmentalization reasons, I am considering moving more towards StandaloneVMs, despite the increase in disk space and bandwidth usage for updates. General route of from Qubes to the Internet for anonymous browsing, general private browsing, accessing Uni services, and Uni-related anonymous browsing respectively: 1. Qubes->sys-mirage-firewall->sys-vpn-wg->sys-corridor->sys-whonix->whonix-ws-15-dvm to the internet. 2. Qubes->sys-mirage-firewall->sys-vpn-wg to the Internet. 3. Qubes->sys-mirage-firewall->uni-vpn-wg to the Internet. 4. Qubes->sys-mirage-firewall->uni-vpn-wg->uni-corridor->uni-whonix->uni-anon-research to the Internet.
(Note: the VPN name is substituted in the "vpn" above. I had to remove it to comply with this subreddit's rules. It is easy to identify what VPN it is as it randomly generates a long numaric string and has fantastic support for WireGuard.)
fedora-29-minimal: Base for the minimal VMs.
fedora-29-uni-persist: Template for uni-campus and uni-home AppVMs.
crypto: A work in progress VM for handling crypto transaction using cleansed Bitcoin and Monero.
printing: Exactly as it sounds like. It is firewalled to only be able to connect to the network printer on my home network.
sys-corridor: corridor is a Tor traffic whitelisting gateway that provides network to sys-whonix. It helps to provide an additional failsafe to defend against clearnet attacks.
sys-mirage-firewall: A version of the Mirage Unikernel to act as an extremely minimal and resource light firewall. It is configured to only allow connections to the individual IP addresses my VPN's WireGuard servers as well as a select few internal IP addresses on my home network (router, home server, and Pi-Hole).
uni-corridor: See sys-corridor for description. Provides network to uni-whonix.
sys-usb: USB stack isolation VM. Uses fedora minimal now.
uni-vpn-wg: A Uni ProxyVM for my VPN.
uni-net: A ProxyVM for all Uni-related domains. Based off fedora minimal.
uni-shared: Acts as an SMB network share for uni-campus and uni-home so that the documents and emails can be accessed easily between them.
fedora-29-dvm: Default disposable Fedora VM.
whonix-ws-15-dvm: Default disposable Whonix VM. This is where I do 95% of my online browsing.
calendar: Exactly as it's named. Has a firewall rule to only allow connections to posteo.de.
nas-access: Used to access my NAS and to watch content on it.
pihole-access: Used to access my Pi-Hole through Firefox. Has a firewall rule to only allow connections to its IP address.
router-access: Used to access my router through Firefox. Has a firewall so its only able to connect to 192.168.0.1.
personal: Personal domain. Used to check personal emails, read rss feeds, stream YouTube videos, and internet banking.
repos: Local copy of my repos. Has a firewall rule to only allow connections to the site hosting my git repo.
uni-anon-resarch: Research for Uni.
uni-campus: Domain for doing Uni work on campus.
uni-home: Domain for doing Uni work at home.
uni-whonix: Seperate Whonix gateway for Uni research.
offline-archive-manager: For managing the offline archives that I burn to DVDs.
personal-archive: Exactly as it's named.
sys-whonix: Default Whonix gateway ProxyVM.
vault: For storing GPG keys and other files.
vault-dvm: DVM with no internet access. The Vault VMs use this as their DisposableVM.
work-archive: Storing work archive documents (payslips, employment information, etc).
Phone: Motorola Moto G5s running Lineage OS 16.0 Pie no G-Apps or micro-G with the following Apps: - AdAway: Open Source hosts file-based ad blocker. (Requires root.) - AFWall+: Linux iptables front end. (Requires root.) - Amaze: File manager. - andOPT: 2FA app. I like it since it can export the entries to an AES encrypted file. - AntennaPod: Podcast manager. - AnySoftKeyboard - Simple Calendar - Simple Contacts Pro - DAVx5: CalDav syncronization with my calendar on my Posteo email account. - F-Droid - Fennec F-Droid: Web Browser. Has the same Firefox addons like on Qubes minus Vim Vixen. I used the app Privacy Settings to configure the about:config. - KeePassDX: Password manager. - KISS launcher - Magisk Manager - NewPipe: YouTube app replacement. - S.Notes: Standard Notes. - OsmAnd~: Maps and navigation. - Red Moon: Blue light filter. - SELinuxModeChanger: Exactly as it sounds. (Requires root.) - Shelter: Work profile manager. - Signal: Messaging. - Vinyl Music Player: Music player. - WireGuard: VPN protocol frontend. Is configured to use my VPN account. Is setup as an always-on and connected VPN. As mentioned, I use Shelter to manage my work profile. In it I isolate the following apps: - Clover: *chan browser. - Orbot: For routing apps through Tor. Is setup as an always-on and connected VPN. - RedReader: Reddit client. - Tor Browser Over the last several years, I have started using my phone less and less and taking advantage of less of what it has got to offer. I don't check email on my device. I have no real need to browse the Internet on it outside of watching videos using NewPipe, browsing Reddit, and various *chan boards. On the Smart Phone side of things, I am considering purchasing an older used iPhone SE or 6S for use with MySudo when outside of my home as well as an iPod Touch for use on WiFi only for use inside my home. The iPhone would be kept inside of a faraday bag when I am at home and not using it. It would also be kept in the faraday bag whenever at home to avoid associating that device with my home address. The iPod Touch would be used for MySudo calls instead. Future outlook and plan for my privacy and security: To avoid as much deanonymisation of my privacy as possible, I'm only going to specify enough so that anyone reading this can get the jist of my situation in life. I am quite young (age 16 to 25) and I started along this privacy journey when I was even younger. I was never a very heavy social media user, however I did have an online presence if you looked hard enough. My name fortunately is a very common and short name, so that does help to bury information that I was not able to remove further in the vast trenches that is the Internet. On the digital side of things, I mentioned that I have a dedicated Crypto AppVM for handling crypto currency transactions using Bisq. I have setup a dedicated bank account that I have periodically been transferring money into so that I can trade crypto. Unfortunately, I do not live in the US, so being able to effectively start trades with others is more difficult. I also do not have access to a credit card masking account like privacy.com (that I absolutely would use given the ability). I plan on getting an anonymous VPS to host my own Tor exit node for better speeds and to mitigate the possibility of malicious exit nodes. The country I live in has been a proponent of absolute dragnet surveillance on all activities occurring online and in real life, though the former is far more visible on this subreddit. I will be using crypto with cleaned Bitcoin (as seen with ProgressiveArchitect's setup) for purchasing my VPN service, etc. With future hardware, to replace my aging laptop, I am very hopeful for Xen, then eventually Qubes OS getting ported to Power9. When that happens I'll be getting a Raptor Computing Blackbird as a desktop. Maybe in the future I'll get a Purism Librem laptop, but for now my corebooted X230 works perfectly for my use cases. On that note, I have successfully build the Heads firmware for the X230 and I was able to get the minimal 4MB image flashed on my laptop. I did revert it back to my coreboot setup after playing around a little with it, and unfortunately I haven't had time since to do a full, complete flash of it. On the physical/real life side of things, I plan on making use of various Trusts in order to hold assets, say to keep my name from being immediately visible on the title of my car. As of right now I am fortunate enough to have the title of my car under the name of someone who I trust. Unless I am legally required, and where there are immediate and absolute consequences, I use fake names in real life. With Uni, I am enrolled under my real name and address. This is a requirement and it is verified, so there is nothing that I can realistically do about it. As for other services, I plan on setting up a personal mailbox (PMB), etc if possible to use as a real, physical address that is associated with my real name and that is used for things like Government issued ID. In the future when I move again, I plan on renting a place in cash to try and keep my name dissociated with my real address. For those looking for reasoning on why one would want to do that, please read How to be Invisible by J.J. Luna. It's truly the Bible of physical privacy. At this stage I am just going off on a ramble, so I should cut it short here. I have just started and I live for this shit.
AMA/Tutorial: Run a full node on AWS free tier with local LAN storage
This is a tutorial/AMA on how you can be running a full node, in the AWS cloud, for very low cost or even free. I used to run a node on my local network but there is a problem with this; your public IP is broadcast, and then it gets associated with Bitcoin. Node owners are likely to own Bitcoin, and this raises your personal threat profile, validated against my IDS/IPS logs. Run a VPN? Many VPNs are automatically blocked, or sketchy. Tor is also blocked on a large portion of the internet. Neither provide you with a real static IP, and that helps out the network. There is a easy solution to this; run a node on the AWS free tier, and use an elastic IP so you have a static address. Bandwidth is free in, and low cost out, and you can control how much of that you use easily, and control your spent. The problem is that Amazon charges a LOT for online storage and even with a 1MB blocksize, the blockchain is very large and growing steadily! We mitigate this by using a VPN back to your network, where you can store the blockchain on a SMB share. It is not complicated to do, but there are very many moving pieces to keep track of and configure. In order to fully trust your node, the best way is to build it from scratch. This is my goal in walking you through the process. There are lots of ways to accomplish this same task; I only want to present one that works, and you can go from there. Once you have access to the blockchain in the cloud for reasonable prices, you can also look at things like the Lightning Network. This article makes four major assumptions:
That you have a OpenVPN server on your network and know how to configure it. I use pfSense and OpenVPN; others will work just as well, but you'll need to do a little work to figure out the particulars. If you don't know how, do not fret! There are loads of good tutorials for just about every platform. Or ask below. I also limited the user with access to the share at the firewall specifically to the IP hosting the share to lower the threat envelope.
That you have the blockchain downloaded locally and reasonably up to date. If you don't, head on over to bitcoin.org and download it for OSX or Windows or Linux, whatever you use for your workstation. Follow the directions to set up the software and download/synchronize it to the network. This will take awhile! Once you've synchronized, copy the data directory to your SMB share you want the AWS instance to access. You could also synchronize everything directly on AWS too, but it will likely take longer and may cost a bit for the bandwidth.
That you're on windows. OSX and Linux will have slightly different processes to connect to the instance via the terminal and SSH. If you need help, ask, and I am sure we can get you fixed up.
With that, on with the show! First: Head on over to https://aws.amazon.com/ and make yourself an account. Once you've set up you'll need to start the process of creating a virtual machine on AWS. Look for this graphic and click on it: Start by launching a new machine Follow the rabbit hole, and you'll be looking to create a plain jane Amazon AMI Linux instance. It looks like this: Pick the basic AMI instance Keep in mind you want to pick the x86 version, which is the default. Continue clicking, you'll want to select the t2.micro instance that is eligible for the free tier for new accounts. Pick the free tier. You can also upgrade to the smaller tier for more ram, but the micro works for now. Now, you're going to need a way to connect to your soon-to-be-created node in the cloud. Amazon uses SSH keys to do this, so the next step means you're going to make some. You need to save this file, as if you lose it, you won't be able to access your node anymore. Much like your wallet private keys! Beware losing your keys! If you've made it this far, you're almost launched! Now we need to convert the key to a format that we can use to connect to the instance from Windows. I recommend using Putty! https://www.putty.org/ if you don't have it already; if you're on OSX or Linux, you likely have what you need already. Follow the guide here to get connected: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/putty.html Next you'll need to set up a opening in the firewall if you want incoming connections. This is done by adding to the security group in the "Network and Security" section; edit it to look like this: Change the inbound security rules for the instance to accept incoming connections on 8333. The hard part is over! Optional: Configuring a static IP. Amazon calls their implementation "elastic" IPs, but it's really a static IP that you can move around between instances very easily. It will ensure your public address on AWS does not change; it isn't required, but it is better if you intend on allowing outgoing connections. Go back to the main dashboard display. In "Network and Security", click on "Elastic IPs". Select Allocate New Address (blue button on top) and then select it in the table. In actions, you will see "Associate Address". Select this then assign the address to the instance you have previously configured. Done! Next up: Log into your machine, and immediately update everything. Use the IP provided by Amazon, or the Elastic IP if you assigned one to the instance in the last step. type: "sudo yum update" Now, let's get the VPN configured. First step is to install OpenVPN. We need to install the extended package library to do this. type: "sudo amazon-linux-extras install epel" type: "sudo yum-config-manager --enable epel" Now you can install OpenVPN. type: "sudo yum install openvpn" You will need your credential file from OpenVPN; it's a file you generate that will have a .ovpn extension. But you're going to need to upload it to the instance. You can do this through the scp command on OSX or Linux, but if you're on Windows, you'll need another utility. Get WinSCP here: https://winscp.net/eng/download.php But we'll have to tell it where your key file is so you can login. Select "New Session", then use the same IP and username as you did to connect before. We'll need to tell it about the key file though! Select the "Advanced" tab then under the SSH section, click on "Authentication" and then select your private key file you generated in the tutorial above. Connect and upload the .ovpn file that you generated when you added a user for the VPN. This step depends on your OpenVPN configuration - ask below if you have problems. Next, let's verify we can connect to the VPN! type: "openvpn --config my-configuration-file-made-by-openvpn.ovpn &" You will be prompted for a password if you configured one. Verify operation by pinging your LAN router, e.g. type: "ping 192.168.2.1" or the address of the SMB server where you shared the information. Allllrighty! Next up is getting connected to your blockchain. Create a directory where the data directory will be mounted. type: "mkdir blockchain" We need to install samba and some utilities to get things mounted. type: "sudo yum install samba" type: "sudo yum install cifs-utils" Now let's mount the folder: type: "sudo mount -t cifs //192.168.2.100/Bitcoin ./blockchain -o user=bitcoin,vers=2.0,uid=ec2-user,gid=ec2 user,file_mode=0777,dir_mode=0777" Where " //192.168.2.100/Bitcoin" is the address of the SMB server and share where you put the data directory from your initial sync. If you didn't, and just want to sync everything from AWS, then make sure it's a folder where your user has access. In this case, I'm assuming you've made a SMB user with the name "Bitcoin". The command will prompt you for the password to access the share. The other bits ensure you can have read and write access to the share once it's mounted in AWS. Now we're ready for some Bitcoin! Props to the tutorial here: https://hackernoon.com/a-complete-beginners-guide-to-installing-a-bitcoin-full-node-on-linux-2018-edition-cb8e384479ea But I'll summarize for you: Download and then re-upload with WinSCP, or download directly to your instance with wget, the most current Bitcoin core. In this case, it's bitcoin-0.18.0-i686-pc-linux-gnu.tar.gz downloaded from https://bitcoin.org/en/bitcoin-core/. Let's verify it hasn't been tampered with once you have it uploaded to the terminal: type: "sha256sum bitcoin-0.18.0-i686-pc-linux-gnu.tar.gz" Then compare that with the hash value that's listed in the SHA256SUMS.asc file on bitcoin.org. In this case, "36ce9ffb375f6ee280df5a86e61038e3c475ab9dee34f6f89ea82b65a264183b" all matches up, so we know nobody has done anything evil or nefarious to the file. Unzip the file: type: "tar zxvf bitcoin-0.18.0-i686-pc-linux-gnu.tar.gz" There is a warning about a symbolic link; everything seems to work OK regardless, but if anyone knows what or how to fix, please comment. We'll need to get some missing libraries before we can run it; these aren't in the basic AMI instance. type: "sudo yum install glibc.i686" type: "yum install libgcc_s.so.1" FINALLY! We are ready to launch the program. Go to the "bin" directory inside where you unzipped the Bitcoin Core tarball. (e.g. /home/ec2-useblockchain/bitcoin-0.18.0/bin) ./bitcoind -datadir=/home/ec2-useblockchain/data You will see the program either start to sync and download, or start to read the existing blockchain file that you put in the share from before. Congrats! There are a couple extra steps to have it automatically start on reboot, but let's see if anyone gets this far first. I use the "screen" program to do this, but there's also a daemon mode, and some other functionality that is discussed in the hackernoon tutorial. The primary cost will be outgoing bandwidth. AWS charges $0.10/GB beyond 15GB; You can limit the outgoing bandwidth easily according to your budget: https://bitcoin.org/en/full-node#reduce-traffic Hope this encourages people to try running a free, or very low cost, cloud node, with a substantially reduced threat profile.
The importance of being mindful of security at all times - nearly everyone is one breach away from total disaster
This is a long one - TL;DR at the end!
If you haven't heard yet: BlankMediaGames, makers of Town of Salem, have been breached which resulted in almost 8 million accounts being leaked. For most people, the first reaction is "lol so what it's just a game, why should I really care?" and that is the wrong way to look at it. I'd like to explain why everyone should always care whenever they are part of a breach. I'd also like to talk about some ways game developers - whether they work solo or on a team - can take easy steps to help protect themselves and their customers/players. First I'd like to state that there is no practical way to achieve 100% solid security to guarantee you'll never be breached or part of a breach. The goal here will be to get as close as possible, or comfortable, so that you can rest easy knowing you can deal with problems when they occur (not if, when).
Why You Should Care About Breaches
The sad reality is most people re-use the same password everywhere. Your email account, your bank account, your steam account, your reddit account, random forums and game websites - you get the idea. If you haven't pieced it together yet the implication is that if anyone gets your one password you use everywhere, it's game over for you - they now own all of your accounts (whether or not they know it yet). Keep in mind that your email account is basically the holy grail of passwords to have. Most websites handle password changes/resets through your email; thus anyone who can login to your email account can get access to pretty much any of your accounts anywhere. Game over, you lose.
But wait, why would anyone want to use my password? I'm nobody!
It doesn't matter, the bad guys sell this information to other bad guys. Bots are used to make as much use of these passwords as possible. If they can get into your bank they might try money transfers. If they get into your Amazon account they might spin up $80,000 worth of servers to mine Bitcoin (or whatever coin is popular at the time). They don't care who you are; it's all automated. By the way, according to this post (which looks believable enough to be real) this is pretty much how they got into the BMG servers initially. They checked for usernames/emails of admins on the BMG website(s) in previous breach dumps (of which there are many) and found at least one that used the same password on other sites - for their admin account! If you want to see how many of your accounts are already breached check out Have I Been Pwned - I recommend registering all of your email addresses as well so you get notified of future breaches. This is how I found out about the Town of Salem breach, myself.
How You Can Protect Yourself
Before I go into all the steps you can (and should) take to protect yourself I should note that security is in a constant tug of war with convenience. What this means is that the more security measures you apply the more inconvenienced you become for many tasks. It's up to you to decide how much is too much either way. First of all I strongly recommend registering your email(s) on https://haveibeenpwned.com/ - this is especially important if your email address is associated to important things like AWS, Steam developer account, bank accounts, social media, etc. You want to know ASAP when an account of yours is compromised so you can take steps to prevent or undo damage. Note that the bad guys have a head start on this!
You probably need to have better password hygiene. If you don't already, you need to make sure every account you have uses a different, unique, secure password. You should change these passwords at least once a year. Depending on how many accounts you have and how good your memory is, this is your first big security vs convenience trade-off battle. That's easily solved, though, by using a password manager. You can find a list of password managers on Wikipedia here or you can search around for some comparison articles. Some notable choices to consider:
1Password - recommend by Troy Hunt, creator of Have I Been Pwned
LastPass - I use this at work and it's generally good
BitWarden - free and open source! I use this at home and in some ways it's better than LastPass
KeePass (and forks) - free, open source, and totally offline; if you don't trust "the cloud" you can trade away some more convenience in exchange for taking full responsibility of your password security (and backups)
Regardless of which one you choose, any of them is 100x better than not using one at all.
The problem with all these passwords is that someone can still use them if they are found in a breach. Your passwords are only as strong as the website you use them on. In the case of the BMG breach mentioned above - all passwords were stored in an ancient format which has been insecure for years. It's likely that every single password in the breach can be reversed/cracked, or already have been. The next step you need to take is to make it harder for someone else to login with your password. This is done using Multi-Factor Authentication (or Two-Factor Authentication). Unfortunately not every website/service supports MFA/2FA, but you should still use it on every single one that does support it. You can check which sites support MFA/2FA here or dig around in account options on any particular site. You should setup MFA/2FA on your email account ASAP! If it's not supported, you need to switch to a provider that does support it. This is more important than your bank account! All of the big email providers support it: GMail, Outlook.com, Yahoo Mail, etc. The type of MFA/2FA you use depends on what is supported by each site/service, but there is a common approach that is compatible on many of them. Most of them involve phone apps because a phone is the most common and convenient "thing you have" that bad guys (or anyone, really) can't access easily. Time-based One-time Password or TOTP is probably the most commonly used method because it's easy to implement and can be used with many different apps. Google Authenticator was the first popular one, but it has some limitations which continue the security vs convenience battle - namely that getting a new phone is a super huge chore (no backup/restore option - you have to disable and setup each site all over again). Many alternatives support cloud backup which is really convenient, though obviously less secure by some measure. Notable choices to consider:
Authy - probably the first big/popular one after Google Authenticator came out (I think) - NOTE: They let you use it on your desktop/browser, too, but this is TOO much convenience! Don't fall for that trap.
LastPass Authenticator - conveniently links up with a LastPass account, some sites support extra features (like not needing to type a code, just answer a phone notification)
Yubikey - A real physical MFA device! Some models are compatible with phones, too.
Duo - this one is more geared towards enterprise, but they have a free option
Some sites/services use their own app, like Blizzard (battle.net) and Steam, and don't allow you to use other ones. You will probably have a few apps on your phone when all your accounts are setup, but it's worth it. You'll definitely want to enable it on your password manager as well if you chose a cloud-based one. Don't forget to save backup codes in an actual secure location! If you lose your backup codes and your auth app/physical key you will be locked out of accounts. It's really not fun recovering in that situation. Most recommendations are to print them and put in a fireproof safe, but using some other secure encrypted storage is fine. There is such a thing as bad MFA/2FA! However, anything is at least better than nothing. A lot of places still use SMS (text messaging) or e-mail for their MFA/2FA implementation. The e-mail one has the most obvious flaw: If someone gets into your email account they have defeated that security measure. The SMS flaws are less obvious and much less likely to affect you, but still a risk: SMS is trivial to intercept (capture data over the air (literally), clone your SIM card data, and some other methods). Still, if you're not a person of interest already, it's still better than nothing.
What Does This Have To Do With GameDev?
Yeah, I do know which subreddit I'm posting in! Here's the section that gets more into things specific to game development (or software development in general).
Secure Your Code
Securing your code actually has multiple meanings here: Securing access to your code, and ensuring your code itself is secure against exploitation. Let's start with access since that's the easier topic to cover! If you're not already using some form of Source Control Management (SCM) you really need to get on board! I'm not going to go in depth on that as it's a whole other topic to itself, but I'll assume you are using Git or Mercurial (hg) already and hosting it on one of these sites (or a similar one):
First, ensure that you have locked down who can access this code already. If you are using private repositories you need to make sure that the only people who have access are the people who need access (i.e. yourself and your team). Second, everyone should have strong passwords and MFA/2FA enabled on their accounts. If 1 person on the team does not follow good security practices it puts your whole project at risk! So make sure everyone on the team is following along. You can also look into tools to do some auditing and even automate it so that if anyone's account becomes less secure over time (say they turned off MFA one day) they would automatically lose their access. Additionally you should never commit secrets (passwords, API keys, tokens, social security numbers, etc) to your code repository. Probably 90% of cases where people have their AWS/Google Cloud/Azure accounts compromised and racking up huge bills for bitcoin mining is due to having their passwords/keys stored in their git repo. They either accidentally made it public or someone got access to the private repo through a compromised account. Never store sensitive information in your code repository! Next topic: Securing your code from vulnerabilities. This one is harder to talk about for game dev as most engines/frameworks are not as susceptible (for lack of a better word) to these situations as others. In a nutshell, you need to keep track of the following:
Is my code doing anything "dangerous"? (system-level stuff, memory access, saving passwords anywhere)
Could someone get the keys to the kingdom (API key, server password, etc) by just opening Cheat Engine and looking at memory values? Or doing a strings/hex edit/decompile/etc on my game executable?
Am I using outdated libraries/framework/engine? Do they have any known security bugs?
Secure Your Computer
I'm not going to go in depth on this one because at this point everyone should have a handle on this; if not there are limitless articles, blogs, and videos about the how/what/why. In summary: Keep everything updated, and don't open suspicious links.
Lock your computer when idle - use a password (or PIN or face unlock or whatever your OS uses) - no one should ever be able to walk up to your computer and use it if you're not looking, nor should they be able to get in if they grabbed your closed laptop off the table at starbucks (thanks u/3tt07kjt for reminding me of this one)
Use full disk encryption (especially on laptops)
Update your OS for security updates ASAP
Use anti-virus (yes, Windows Defender is fine) and keep it updated
Update your web browser ALWAYS (this is your 99% chance attack vector, so don't postpone it!)
Don't install browser extensions that you don't need - a LOT of extensions are either malware from the start or become malware later (my favorite emoji extension started mining bitcoins, FFS!) - check reviews regularly after extensions update
DO use adblock and privacy extensions - ads are a common attack vector - I recommend uBlock Origin and Privacy Badger at a minimum (note that some legit sites can break and so you'll have to fiddle with settings or whitelist)
Don't open suspicious or unknown links on e-mail, social media, discord, etc (be sure to hover over the links in this post before clicking them)
Don't open attachments, ever - unless you were expecting it from that person at that time
Don't fill out ANY forms (comments, login, registration, etc) on websites that don't have HTTPS (secure) connection - your browser will show this in the address bar, usually
In general, be suspicious of everything that comes from people you don't know - and even from people you do know if it was unexpected
E-Mail is (probably) the least secure form of communications ever invented - so try not to use it for sensitive things
Secure Your Website
I will have to add more to this later probably, but again there are tons of good articles, blogs, and videos on these topics. Hopefully the information in this section is enough to get you on the right track - if not feel free to ask for more info. Lots of guides can be found on Digital Ocean's site and they are relevant even if you don't use DO for your servers.
Use HTTPS (SSL/TLS) secure connections - it's FREE and EASY thanks to Let's Encrypt
KEEP EVERYTHING UPDATED - automate as much as you can
If you have control over the server, you MUST update the OS, the web server, and any backend application servers/languages/frameworks involved. Equifax breach was due to having out of date server software. BMG breach was worsened by having out of date server software. YOU MUST STAY UPDATED, ALWAYS
Don't store sensitive personal information - it's a huge pain to be PCI compliant, it's a huge fine if you mess it up - avoid storing any customer information that you don't actually need (see also: GDPR )
Do not allow access to SSH/Remote desktop/Database services from the whole world; the general public should only ever be able to reach ports 80 and 443 on your web server (and 80 should permanently redirect to HTTPS)
Use SSH keys instead of passwords on Linux servers
Don't run your own email server - it's just not worth it; use google apps for business, office 365, zoho, or something else for business email
Secure your domain registrar account! Don't lose your domain to a bad password or lack of MFA/2FA or an old email address! If your registrar doesn't support actual security then transfer to one that does. (namecheap, namesilo, google domains, amazon aws route53, even godaddy, the absolutely worst web company, has good security options)
A lot of this will apply to your game servers as well - really any kind of server you expect to setup.
That's it, for now
I ran out of steam while typing this all up after a couple hours, but I may revisit it later to add more info. Feel free to ask any questions about any of these topics and I'll do my best to answer them all.
TL;DR (y u words so much??)
Use a password manager so you can have different, random, secure passwords on every account on every website/service/game
Use MFA/2FA on every account, if possible
Lock your computer when idle/away
Use full disk encryption on laptops
Update your operating system (we all hate Windows Update, but it really is for our own good)
Use anti-virus (Windows Defender is fine)
Update your browser
Use good adblockeprivacy blocker browsers extensions
Don't use browser extensions that you don't really need (they could be a trojan horse of bitcoin mining later)
Don't trust anything sent by anyone, unless you were expecting it and know it's safe
E-mail is the least secure form of communications in use these days; don't trust it for sensitive things
Use source control for your game code (git, mercurial, etc)
Lock down access to your source code
Don't put secrets (passwords, API keys/tokens, social security numbers, credit card numbers) in your code repository
Don't do dumb things like store your AWS keys in your game for players to just find with simple tools
Check your code dependencies for security bugs, update them when needed
Use HTTPS on your website
Update your web server OS and software
Use secure password storage (don't reinvent this wheel, it's been solved by way smarter people)
Use SSH keys instead of passwords for Linux servers
Use a firewall to block the world from getting in with SSH/Remote desktop/database direct connections
Only allow your own IP address (which can change!) into the server for admin tasks
Don't run your own email server, let someone who knows what they are doing handle that for you
Secure your domain registrar account, keep email address up to date
... in general... in general... in general... I sure wrote those 2 words a lot.
Why Should I Trust This Post?
Hopefully I have provided enough information and good links in this post that you can trust the contents to be accurate (or mostly accurate). There is certainly enough information to do some searches on your own to find out how right or wrong I might be about these things. If you want my appeal to authority answer: I've been working at a major (network/computer) security company for almost 7 years as a software developer, and I've had to put up with pretty much every inconvenience brought on by security. I've also witnessed the aftermath of nearly every type of security failure covered in this post, via customers and the industry at large. None of the links I used are related to my employer or its products. Edit: Fixed some typos and added some more links More edit: added a few more points and links
https://preview.redd.it/hml53mmh5er41.png?width=568&format=png&auto=webp&s=3f0cd662e1836bcb2ea37793cbbbfd6f8a5e9723 Zhuling Chen It’s always great to hang out in this group. This group means a lot to the Aelf community. It is the first Aelf community and has been there through all the ups and downs in the world. I would like to start with wishing everyone is staying safe at home during the virus outbreak. It definitely has been a difficult time for all of us, but together we can pull through it. We understand that the situation is quite striking to all of us. But I really believe that the solution to the virus outbreak is about more global coordination and collaboration. All of you to be assured, our team in different places are all safe and working from home as normal. The Aelf team in Beijing were among the early ones experiencing the virus outbreak. As everyone was on the way home for Lunar New Year holiday and then experienced a total city lock-down followed by a 40 days’ work from home policy. It was definitely not easy for them, but our team stayed strong, took necessary precautions and focused on work with the right morale. Mappo has recently published some tips on how to work from home effectively based on our experience. Do check it out. Despite not working in the office since February, we have achieved great progress, including launching Aelf 1.0 preview, which is an important milestone in technical delivery and also the roadmap to mainnet launch (which listed out the essential steps for the community to work together to launch a successful public network) Let's first talk about Aelf v1.0 preview. It is the cornerstone of the mainnet launch. The product itself has all the features that the public network is needed. The codebase has been reviewed and tested rigorously by the team. And a few highlights of how the network would look like:
The code allows a stable and high throughput blockchain network to operate publicly.
For developers, they will love how flexible the system is to be customized, the number of tools and documentation to help them start developing applications on the network
For the whole community, the system is an ever-evolving one where the voting system is ready in place to conduct network-wide voting on various topics, such as transaction fee adjustment, network protocol upgrade, incentive adjustment, etc
Aelf system is able to run multi-chain architecture where each side chain will host different applications and still ready to work with each other
So you may ask since the software is ready, why have we not yet launched the public network? The answer, in short, is that a public blockchain is launched not by a team but through a community effort and that's why we are coordinating the community effort based on the roadmap we proposed. Aelf team has launched the public testnet based on Aelf v1.0 preview and currently, all nodes are under the team. The goal is to let the community and elected nodes to take it over and launch it on a global scale. Not only launch it but also be familiar with the network and also set the launch parameters in a decentralized way. If we take a car as an example, we have made the car, but ultimately the drivers are you guys and therefore before it really hits on the road, we need to guide the community to do a test drive, adjust the car based on what really works for YOU, and ultimately let YOU drive the car freely and safely So how are we going to help the community launch the network: First of all, we have launched the codes, documents about the economic system and governance model and technical features. With all the things available, you are able to understand what the system is about, as a token holder what's your benefit in the system, and being a node in the system plays a big role in the governance Next, without yet electing the nodes, we will get all token holders to join the current Aelf network through a mapping event. That means as long as you have Aelf tokens, you will be able to get 1:1 test tokens on the public testnet. that gives you full access to all the features, and you will feel like you are already using the mainnet. You will get rewarded in making transactions, voting, etc. Do try out the Aelf wallet and voting features, you will see how easy to transfer tokens cross-chain. and also how flexible the system allows people to make changes. For example, the community may want to adjust the block rewarding parameters or fees to use certain services on mainnet, they can initiate a discussion and then vote in the system and once voted through, it will be reflected on mainnet. For people or organizations that want to play a bigger role in the system, we will do a dry run of node election. Take it as the real node election before mainnet launch. We will see who the active members of the community are and being trusted by the community. Among the nodes, we will form a network launch committee. The committee will be the crucial party to oversees and ensures the smooth launch of Aelf mainnet, instead of just relying on the Aelf team. This is our step towards decentralization. The committee will agree on the actual launch process, final checking all the parameters in the system to be ready for launch and then decide when the criteria are met to launch the network. Once all that is decided. We will invite all interested nodes to apply for the election and let the community know what's their plan to grow the Aelf network. the network will initially be launched with a few nodes from the committee and gradually be replaced by the selected nodes (a bootstrap phase). Along the way, we will work with exchanges to conduct token swap (which we are also designing an innovative system to further enhance security and usability of Aelf tokens in exchanges) Among this isolated and worrisome time, at least we all have something to look forward to: a successful launch of Aelf network! Once it is launched, we are excited to see a vibrant and technically superior network that is good for Dapps to run on top of it. https://preview.redd.it/yp28n1jj5er41.png?width=559&format=png&auto=webp&s=c470cdedd7f8923f29a3b1bd777476f22cc76521 Doris Guo Q1: As a Blockchain start-up, what difficulties have you overcome when starting Aelf project? What motivates you to solve difficulties and achieve success today? Zhuling Chen First, just like launching any start-up, its community and investors are usually regional. There is always some bias on if Asian projects are solid. It is really rare to have an Asian project to be supported by western funds and community from day 1. We were lucky to have overcome that obstacle. Having a global investor line-up from day 1. Having a global team from day 1 and also working with a global community from day 1. This benefited us to have an international perspective which is crucial in the blockchain industry. Secondly, as a hardcore technology company, it is really hard to put in plain words what is our ambition. Our ambition is huge, achieving key innovations in multiple fronts of blockchain technology and organically combined them to serve real users for the future. Our marketing team has been working really hard to elaborate on what Aelf is. Now we have come to a point that the product is ready. Therefore, it is much easier for all of us to understand how solid Aelf is by trying out the network ourselves! That's exactly what the following events will be about - Try out all the exciting features of Aelf network before mainnet launch. Doris Guo Q2: What critical problems do you see occurring in the blockchain industry nowadays? How does Aelf solve these problems? Haobo Ma First, we need to distinguish the difference between BTC and ETH. One is Digital Cash and the other is the Smart Contract Platform. Aelf addresses most of the latter's problems. In short, it can be summarized as performance, end-user friendly, developer-friendly, network economy, and self-governance and upgrading. Each of these areas will probably take up a lot of space, and as a whole are the issues described in our two white papers. In short, Aelf is faster, end-users do not need to know the rules of the blockchain, developers can set up the development environment in 10 minutes, have a good economic model and can carry out proposal governance on the chain. Doris Guo Q3: What is your long-term vision about the industry which Aelf is working at? Are you afraid someday there will be another project with more innovative technology can replace Aelf? Haobo Ma Let's talk about where Aelf stands in the traditional Internet. It is essentially a cloud service provider, Aelf provides resources and infrastructure for developers to deploy their services, known as smart contracts. We eventually want Aelf to grow like AAA (Amazon, Azure, AliCloud). Because Aelf is a network that can be dynamically scaled, we can accept any new technology, some of the more advanced technologies we can put on a side chain. Doris Guo Q4: Why did Aelf choose for cross-chain interaction? Haobo Ma As I mentioned earlier, Aelf solves the Smart Contract Platform problem. However, there are other digital cash problems as well which we would need to use existing infrastructure such as Bitcoin's chain in order to interact with Bitcoin. There are a lot of infrastructures on Ethereum that we want to interact with. Multi-chain on Aelf network mainly is to isolate resources to improve network performance and network stability. Doris Guo Q5: What difficulties do the Aelf team have now (I talk about COVID-19)? How does the Aelf team solve it? Have you changed the roadmap? Haobo Ma There is no great impact. The teams in Singapore and Beijing are communicating with each other remotely on a regular basis. The only change is that most of us are now working from home which has no impact and in fact, it seems conducive to the acceptance of more community developers in the future to come. From the internal working schedule and development timeline, there is no great impact. We do not publish specific timeline as we do not want short term holders (traders) to create too much negative pressure on product development. Doris Guo Q6: Aelf is an open-source blockchain, and there's the common problem of taking a substantial amount of time for the different participants to agree on strategic decisions. What types of governance models do you use in Aelf to address this issue??? Haobo Ma The issue is about public blockchain network, and who can decide the direction of the network. Our answer is long-term holders. For the short-term holders (traders), we refuse to allow them to participate in any discussion of the direction of Aelf because the short-term holders are likely to make a profit and sell quickly, which is essentially the same example of a person who cheats the President and then runs away for his personal gain. We defined a number of proposal processes, including the logic of the two-party system in the United States, and the participation in the referendum to ensure that the final proposal represents the majority. At the same time, we are looking for some legal solutions to avoid bifurcation, such as prohibiting exchanges from intervening in bifurcated new tokens. While we cannot limit a community, we should be able to find ways to limit a centralized organization. This restriction is akin to a ban on national secession. Doris Guo Q7: How will Aelf empower Investors, Companies, Developers, Platform Users to deliver impactful solutions and bring value to people all over the world? Haobo Ma We will learn from the operational experience of successful foundations such as the LINUX foundation and license some commercial companies to use Aelf solutions to solve business problems. At the same time, Aelf is an open-source product under the MIT License, and we accept any use that does not violate this open-source principle. Zhuling Chen Let me add on to Haobo’s statement: to incentivize and empower the community, we are also exploring ways to let the community decide how to use the funds for Aelf (allocate to where it matters to our community) once mainnet is launched. This means you guys can decide what are the projects to be funded on Aelf, etc Doris Guo Q8：When will the node campaign start? How will Aelf attract users to participate in nodes election? Haobo Ma According to our published roadmap, the timeline can be dynamic, but I don't think it will be too long. The main idea is to let everyone understand what we envision Aelf to be like, and what are the rights and benefits of being a node in the future. We hope to find nodes that fully recognize the efforts of Aelf at the present stage and are willing to participate in the future development of Aelf. We will run a simulation of the node campaign on the testnet and set up a temporary mainnet launch committee. Please follow our official Twitter for more upcoming details! Doris Guo Q9: Token swap form 2 is some kind of cross-chain transfer? It will be handled by a smart contract? Haobo Ma It is handled by the smart contract, we define an asset cross-chain transfer protocol, but it may be opened after a snapshot. Doris Guo Q10: Which Exchanges will support token swap? Do you have any plan to list Aelf in some big exchange like Binance, Houbi, Kucoin, .......? Haobo Ma We are already in talks with some exchanges, there is still competition between exchanges, and many are still hoping to attract more users by getting access to mainnet token swap early. Doris Guo Q11: Aside conversion of the current tokens to mainnet tokens, what other main features will be accomplished with the mainnet launch? Haobo Ma We have a documentation file that has been published, which has listed some features: https://Aelf.io/gridcn/Aelf_public_testnet_and_supporting_features_introduction_en_v1.0.pdf Doris Guo Q12: Do you have any plan to burn or buyback your coin? Haobo Ma We have plans for the community to govern through DAO, we have no interest in short-term price incentive adjustment as we would prefer to drive the project to higher adoption. After mainnet starts operation, there will be a part of network revenue get destroyed automatically. Doris Guo Q13: Often, as a newbie developer, I face difficulties on most blockchains. How easy and convenient is it for me on Aelf, and what programming language and tools are needed?? Haobo Ma We set up staging for DAPP developers on GitHub and configured CI. Develop a smart contract using C# with React Native on the front end. So, in fact, developers can fork the source code without setting up the environment locally, and you can conduct unit testing with the help of CI. You can also release the smart contract and generate the installation package of iOS and android online. https://github.com/AElfProject/Aelf-boilerplate Doris Guo Q14: What is the progress of business development and what are some of your commercial partnerships? How will Aelf rapidly develop the number & performance of DAPP? Haobo Ma First of all, the blockchain industry is still fairly small and users with ETH and EOS wallets are considered a very small group and its not effective to even promote within these groups. What we need to consider is how to enable users who have never been exposed to blockchain to use DAPP. The competitiveness of Aelf is to make it easier for Aelf developers to promote their DAPP to ordinary users, rather than to teach ordinary users a lot on blockchain knowledge. The average user doesn't like to hear about private keys, mnemonic, Gas Price, RAM, CPU, etc. Only until we solve such problems, companies that need to solve problems through blockchain will be more inclined to use Aelf in technology selection. Therefore, our main work is to explain the competitive advantages of Aelf, ETH and EOS to everyone. We have some business cooperation’s, but we also believe that simply through case-by-case business cooperation will not be able to gain adoption so quickly, therefore we still need to put our products to stay ahead of the next generation. Doris Guo Q15: What other activities can encourage more people to be confident about Aelf? Haobo Ma We are only going to state the truth by having those that have faith in us to stay and those that don't to leave. The development of Aelf is not driven by a single foundation, but by a steady stream of contributions from the community. In the future, we will also place the activities in the DAO for on-chain governance, and let the community make decisions by itself. https://preview.redd.it/e66vhqvl5er41.png?width=555&format=png&auto=webp&s=412a2dd831ba3817806e48855f158482bf671770 Kun Aguero As you know that in the present market situation many new coins or either dying or thriving for liquidity? How will you manage this liquidity problem? Zhuling Chen Aelf started in 2017. we have gone through a few cycles in the market, still, remember the big down period in 2018-2019. Aelf is financially solid and the team has always been working hard. if you are referring to liquidity in exchanges, we are among the lucky ones that are listed in all major exchanges Xinshu Dong Hello, great discussions! I would like to ask what are the criteria to join the committee for launching the mainnet? Would love to participate Zhuling Chen Hi xinshu, great to see you here. The committee will be chosen among the nodes elected during the testnet dry run. Which means, it is really important to participate in the testnet dry run and also start to establish your reputation in the community so that people will elect you as a node. The detailed criteria will include what is your plan to help Aelf to grow, tech competency and reputation. An Da What are Aelf’s achievements in 2019? Who had supported you to get those things? Zhuling Chen To name a few, in 2019, Aelf is one of the most active projects on GitHub. This means Aelf is evolving and improving fast in this space and our team has the tech strength. In addition, we have also successfully listed on all major cloud service providers, such as AWS, Azure, Google. So large companies can easily launch Aelf side chains in their organization with minimum hassle. John How does the voting for master nodes candidates occur? And why is the development of this system important for your project? Zhuling Chen Voting is going to be pretty simple. All token holders can vote for the nodes they support on our block explorer. Miha After mainnet lunch, how will you assure that transactional fees will stay low? We know what sometimes happens to fees on ETH blockchain. Zhuling Chen First of all, due to the fact that is Aelf is scalability, this will reduce transaction fee. Secondly, all transaction fees will be voted by the nodes (which will be elected by you). So they will represent your interest Bobbyfernandito Currently, as we see All projects are concerned with the speed and security. So, tell us here - what are the facilities Aelf provide to their user and investors? Haobo Ma Security: we have an automated smart contract code audit. During contract deployment, production nodes and the community audit participation are required. On the other hand, we are also planning to provide a standardized model of centralized exchange access for 100% asset certification and emergency measures to deal with exchange attacks, which we will be released later. Speed: Aelf has been working on improving performance, which is transparent to users which they can also experience by themselves. An Da What effect does Aelf token have on the Aelf ecosystem? Holding Aelf, what benefits will users receive? Zhuling Chen Holding ELF enables you to use all the services on the Aelf network. ELF has a deflating system where the total amount will reduce as the network grows. token holders can also vote for the nodes to run the network and also vote for big decisions in the network. part of the fees in the system will also be distributed to token holders via a smart contract ahihi132 Which companies do you view them as potential partners and that they are somewhat also beneficial for both the user base and Aelf itself? Zhuling Chen Great question, if I could write a wish list, that will be: let medium-sized financial institutions to use Aelf to challenge the big boys. Let telecommunication companies use Aelf for micro-payment and other innovative business models. We also would like to try out a few public sector projects, which blockchain will is still more transparency and trust Misun Q1: Which programming languages are you using in your project? And why? Q2-What are another big MILESTONES you have planned for 2020 roadmap and how are they supposed to benefit your costumers? Will it be an exciting year? Haobo Ma For Q1: We mainly use C# for development, I personally like it. Performance is good, development environment IDEs are strong, and C# creators are influential in the industry. We believe in the right thing, though it may take a while to develop. The smart contract will then add support for multiple languages, such as WebAssembly, depending on the needs of the community. Now it seems that C# is enough. Hambi crypto Which platforms are your competitors? How will you soar above them, and what better things do you offer than them? So, What’s your outlook on the future of cryptocurrencies in this year and next few years? Haobo Ma As I have already mentioned this before, Eth and Eos. We provide better performance, cross-chain support (already implemented), end-users do not need to know the details of the blockchain, developer’s payment models and so on. Floris-Jan What plans is Aelf making to prevent centralized exchange to take over the DPoS algorithm like what happened to Steem? Are we talking about blacklisting exchange wallets, or having the foundation say "No", or putting all trust in the community? Zhuling Chen Great question, Floris. I’m not going to give away all the details of what Haobo has proposed to work on this, but in a nutshell, in Aelf system, exchange wallets will not be allowed to vote, but only the sub-wallets for each individual can vote. This will also help exchanges to prevent hacking and theft in the future Alex What your plans in place for global expansion, are Aelf wallet focusing on the only market at this time? Or focus on building and developing or getting customers and users, or partnerships? Can you explain this? Haobo Ma Our core focus will be through the developers to promote, developers will help Aelf to attract more users. So our product has to be attractive to developers. Just like AWS, they only focus on getting their service right, their developers will think about how to promote it. We don't want to burden them in their promotion process. Ellkay What do you think are the major threats and barriers that could face the development and adoption of Aelf? Haobo Ma If I'm a DAPP developer and I need to promote my APP to people who don't recognize blockchain, then I'd like to choose a platform that doesn't have to explain a lot of blockchain details to the end-user, so they can use it easily. We've provided some options in the Boilerplate that allow you to log-in simply via QR code + Password, and our recommended Dapp is an independent wallet and a separate iOS/Android application. ahihi132 Give me some important reasons why we need to hold Aelf token where in fact hundreds of projects failed and it went to bankruptcy or even developers run when they collect millions/billions of funds? Haobo Ma First of all, we will not give any suggestions as we only describe the fact that the long-term token holder will be able to govern the Aelf network, get Aelf mining reward and Aelf network profit. At the same time, Aelf network is a deflation model, Aelf network received transaction fees, profit dividends will immediately destroy 10% etc. All investments are risky, and we don't judge the behaviour of other developers. There are so many things in this world that cannot be understood and unfair. It is important to do our job well. I cannot explain these things. 胖见愁 I remember that boss Ma mentioned to only find those truly innovative applications and enterprises with blockchain, how to find and win partners in these aspects? Haobo Ma When Linus was developing Linux, I did not think he would find a lot of collaboration when the code was not good. The response we can give is that we already have a lot of interest in cooperation, including what we have announced, what we have not announced, etc. 胖见愁 How interested are cloud computing providers in participating nodes? Haobo Ma The vast majority of our nodes should be using cloud services, and as long as a large number of our 17 nodes and other candidate nodes are based on cloud services, our network robustness is determined by these cloud computing providers. Of course, in the expansion, we can also use cloud computing services.
Dash founder, Evan Duffield trying to hire Bitcoin devs for a "For-profit startup" (AKA they are going to make $$) (Edit: The reason I brought this to light is because Evan went on to say he was just doing this as a side-project and therefore had no incentive to do anything malicious)
. . Proof of instamine Look at these beautiful graphs that show how much Dash was being mined at the beginning. 4 hours after launch, 1 million Dash was mined 2 days after launch, 2 million Dash were mined, then growth very abruptly plateaus. . The part that doesn't add up So here we have a coin, that no one really cares about because there was little information about it at the time, so you would obviously want to let as many people use it as you can. Except Evan only made the coin mineable on Linux.. Which is a bit odd seeing as in January 2014, only 1.13% of computers ran Linux in any form. . The Bombshell From the List of nodes that were mining Dash at the very beginning, it turns out 50 OF THEM were Amazon AWS and another 50 where Microsoft cloud computing. This makes up 100 out of 124 miners on the Dash network at the time - And considering how many shitcoins are out there, who would have the foresight to set up 100 cloud computers to mine the coin? (this source suggests 115/124 were cloud hosted) . I can go on for a long long time but everything left I have to say is in the many sources I left behind. I'm cutting it short here and letting everyone come to their own conclusions. And by the way, there are some very honest and legitimate Dash supporters. I was discussing the instamine with one of them a couple days ago and he was very passionate about the project - Don't hate the community, hate the coin. Peace xo Edit: I'm working on giving the other side of the story in the comments, this time attacking Monero. Stay tuned Edit2: Is Monero the Culprit? Edit3: I seem to have offended a lot of Dash friends. Hopefully one day they'll try to back up their claims instead of trying to discredit my sources. Edit4: This is a story well known to Dash friends, so don't be surprised if all the comments are just people shilling Dash. That's the reason I posted this, and hopefully next time someone brings up Dash you'll be equip with knowledge and won't fall for it. Edit5: I've never seen tempMonero lose his shit before
IPVanish is a popular VPN service particularly with Android and Fire TV Stick users, and it makes a very strong claim on its homepage – that it’s the “World’s Best VPN.” Seen this sort of statement before, right? It’s certainly one of the leading VPN providers out there, but is it really the best VPN overall? We never take a provider’s word for it, so we decided to put IPVanish to the test – a very extensive one – to see if its claims are to be believed. We were particularly keen to find out: How good is IPVanish? Is it safe to use? Is IPVanish very fast? Does it work with Netflix? Is torrenting and P2P allowed? Is it the best VPN app for Firestick? But before we answer each of these (and many more) questions, lets see the pros and cons of IPVanish VPN: Pros Cons Very impressive speeds Works with Netflix Great for torrenting & Kodi No-logs policy & no IP/DNS/WebRTC leaks User-friendly apps for PC, Mac, iOS, & Android Good server network across 50 countries Won't work with BBC iPlayer, or in China Short refund period Based in privacy-unfriendly US Desktop app could be more user-friendly Works with Netflix, HBO, Torrenting, Kodi Available on Windows Mac Ios Android Linux Price from $4.87/mo As you can see IPVanish certainly does have many strengths to shout about. It’s now time to take a very close look at the attributes and features of each IPVanish app, starting with how fast it is. Speed & Reliability IPVanish is a consistently fast VPN IPVanish is a very fast VPN service, with some of the quickest speeds we’ve seen in our tests. IPVanish didn’t slow down our connection too much, and it is more than fast enough for HD or 4K streaming. Speed results from our physical location in London (100Mbps fibre optic connection) to a London test server. Before using IPVanish: DOWNLOAD Mbps 93.76 UPLOAD Mbps 97.58 PING ms 2 When connected to IPVanish: DOWNLOAD Mbps 84.13 UPLOAD Mbps 90.33 PING ms 7 Download speed without IPVanish: 93.76Mbps Download speed with IPVanish: 84.13Mbps Our download speed loss when IPVanish is running: 10% Downloads, uploads and latency when using IPVanish are among the best we’ve seen, making this VPN a very smart choice for gamers and torrenters alike. It’s also one of the most reliable VPN services we’ve seen, providing consistently fast speeds from one test to the next. Here are the average speeds you can expect when using IPVanish to connect out to various locations around the world (from the UK): USA: 53Mbps (download) & 37Mbps (upload) Germany: 76Mbps (download) & 81Mbps (upload) Singapore: 25Mbps (download) & 2Mbps (upload) Australia: 24Mbps (download) & 6Mbps (upload) Server Locations Over 40,000 IP addresses across 77 locations Globe with a blue flag 50 Countries Image of a city landscape 77 Cities Image of a pink marker 40,000+ IP Addresses See all Server Locations IPVanish VPN gives access to more than 1,300 servers worldwide and over 40,000 IP addresses, which is one of the highest numbers of IP addresses we’ve ever seen. This means that you’re unlikely to experience VPN server congestion and slow speeds while connected to IPVanish. The 50 countries in IPVanish’s VPN server network are well spread-out, including some less common nations like Moldova and the Philippines (in addition to all the typical countries like US, UK, Canada, Australia, and more). List of IPVanish server locations IPVanish provides its customers with city-level options in the US (19 cities), UK (4), Canada (3) Australia (2) and Brazil (2). US-based users can choose from IPVanish servers in: Central – Chicago, Dallas, Denver, Houston, Jackson, Milwaukee, St. Louis East – Ashburn, Atlanta, Boston, Cleveland, Miami, New York West – Las Vegas, Los Angeles, Phoenix, Salt Lake City, San Jose, Seattle We’d love to see more city-level selections in Australia – mainly Perth which is located on the West coast – and more server options in South America, where only Brazil and Colombia are served. The high number of VPN servers in IPVanish’s network is enough to offset these minor complaints, though. IPVanish is one of the few VPN providers to own its entire (or very close to) server infrastructure, meaning they rent very few servers from third-parties. Streaming & Torrenting Excellent choice for torrenting & Netflix Despite IPVanish being one of the fastest VPNs we’ve seen, it’s just not a great VPN for streaming. Most of IPVanish’s US servers work for Netflix, although it can occasionally take a while to load, but all of its UK servers are currently blocked by BBC iPlayer and according to IPVanish they are not looking to work on fixing this. If streaming BBC iPlayer is important to you, read through our dedicated guide or take a look at our NordVPN or CyberGhost reviews, two VPN services that work well with BBC iPlayer. IPVanish has also confirmed it isn’t working with Amazon Prime Video or Hulu at the moment. Torrenting IPVanish is, however, one of the best VPN services for torrenting we’ve tested, with very fast speeds and a watertight logging policy. Torrenting is permitted on all of its servers and when we checked for IP/DNS leaks, we found none. Not to mention that it has a VPN kill switch, but more on this below. Therefore, we recommend IPVanish VPN for all P2P activity including Kodi for which IPVanish is currently the #1 VPN service. Bypassing Censorship No good for China IPVanish is very upfront in saying that the VPN service won’t work in China, despite being equipped with an array of obfuscation tools. We really appreciate IPVanish’s honesty on this topic. IPVanish also provides a useful list of other countries the VPN won’t work in: you can find this on the support section of the IPVanish website. List of IPVanish banned countries IPVanish states that it is “forbidden to do business in”: Myanmar Cuba Iran North Korea Sudan Syria IPVanish states that its domain, ipvanish.com, is blocked in: Qatar Saudi Arabia United Arab Emirates (UAE) China Kazakhstan It’s not just IPVanish’s domain that is blocked in these countries, and many users have reported that IPVanish’s apps don’t work either. If you live or are travelling to a high censorship country then we suggest you consider using VPN services like ExpressVPN or VyprVPN to bypass aggressive internet censors. Platforms & Devices Works with all major platforms & devices Apps Windows Logo Windows Mac Logo Mac iOS Logo iOS Android Logo Android Linux Logo Linux Router Logo Router IPVanish has custom VPN apps for all popular mobile and desktop operating systems so you can use them on: PCs Apple Macs iPhones Android devices You can also setup IPVanish on other devices using manual workarounds (see the ‘Games Consoles & Streaming Devices’ section below). Games Consoles & Streaming Devices AppleTV Logo AppleTV Amazon Fire TV Logo Amazon Fire TV Chromecast Logo Chromecast Nintendo Logo Nintendo PlayStation Logo PlayStation Roku Logo Roku Xbox Logo Xbox IPVanish is a good VPN to use with gaming consoles and streaming devices. IPVanish is our number 1 VPN pick for the increasingly popular Amazon Firestick, and it’s super easy to install and use. You can also use IPVanish on 10 devices at once, which is very generous (the average among the top VPN services is about 5 simultaneous connections). You can also install IPVanish on your home router so that all your internet traffic at home is protected. Browser Extensions Unfortunately, IPVanish doesn’t have any VPN browser extensions, which is a shame and one of the very few areas where it seriously lags behind its competitors. If you want to use a VPN extension with your web browser then take a look at our: Best VPN extensions for Chrome Best VPN addons for Firefox Encryption & Security One of the safest providers we’ve reviewed Protocol IKEv2/IPSec L2TP/IPSec OpenVPN (TCP/UDP) PPTP Encryption AES-256 Security DNS Leak Blocking First-party DNS IPV6 Leak Blocking Supports TCP Port 443 VPN Kill Switch Advanced features SOCKS Please see our VPN Glossary if these terms confuse you and would like to learn more. We believe that IPVanish is one of the most secure and private VPN services available. IPVanish mainly uses the OpenVPN and IKEv2 protocols and encrypts your online traffic with the ‘unbreakable’ AES-256 cipher, meaning you’re protected at all times. You can also connect using L2TP/IPsec, if you’d prefer. IPVanish has a VPN kill switch to protect your privacy in case of a connection drop, plus a host of other advanced features to secure your web browsing. This includes SOCKS5 web proxy, which masks your IP address during P2P and VoIP connections – although this doesn’t encrypt traffic. We also found IPVanish to be extremely safe, and free of IP or DNS leaks in our most recent tests: IPVanish leak test results from browserleaks.com IPVanish’s leak test results when connected to its Chicago server Logging Policy No-logs policy makes up for US jurisdiction IPVanish doesn’t collect any user data at all, making it a no-logs VPN service. Considering most VPN logging policies track at least server load or login information for maintenance purposes, this is what makes IPVanish a standout VPN for privacy. In 2016, when under previous management, IPVanish was however found to be collecting logs when it handed information over to US authorities to aid in the prosecution of a user. Since being acquired a number of times since then, IPVanish has turned things around and we have no longer concerns about its approach to user privacy. Jurisdiction IPVanish VPN was first released in 2012 by its former US-based owner HighWinds Network Group. IPVanish has since been acquired by StackPath and in 2019 by J2 Global which are both US-based companies. As you can see IPVanish is, and has always been, operated by companies headquartered in the US, which does have very intrusive surveillance laws and is a member of the Five-Eyes data sharing agreement. IPVanish being based in the US is largely irrelevant though as its no-logs policy means no identifiable information is collected by the VPN provider. Ease of Use User-friendly install with lots of advanced features How to Install & Set Up IPVanish Screenshot of the Windows download button on the IPVanish website Beginning the installation process is as simple as clicking the button to download the relevant software from the site. Screenshot of the progress of our IPVanish Windows download You can check the progress of the installation here, but it usually only takes a couple of minutes from start to finish. Screenshot of the completed IPVanish download Once the software is downloaded, you'll see this screen which prompts you to run the IPVanish app. Screenshot of IPVanish's main dashboard on its Windows app IPVanish main dashboard shows key connection info and permits server selection. We like the nice graph too. Screenshot of IPVanish's server list in the Windows app Power users will select servers from the main dashboard rather than the server list as it's a slicker experience. Screenshot of the server location filters in the IPVanish desktop app IPVanish server list view with filters - it's mostly pretty good but not as optimal as using the main dashboard. Screenshot of the advanced settings in IPVanish's desktop app IPVanish is rich with advanced settings for customizing connections and it's well laid out to boot. Nice! IPVanish’s desktop VPN apps are perfectly simple to use, even if they could do with a bit of a visual overhaul as they are starting to look a little out-dated. The advanced privacy settings are also easy to navigate, making IPVanish suited to both VPN beginners and more experienced users. The mobile IPVanish apps lack a few key features, such as the VPN kill switch, but they do still provide a very good, user-friendly experience. Customer Support Helpful support with 24/7 live chat 24/7 Email support Online Resources We found IPVanish customer support agents to be friendly and helpful no matter what we asked them about the VPN service. Thanks to a recent update, IPVanish now also has 24-hour live chat support on its website. IPVanish also has excellent email support, which provided us with impressively well-written responses, as well as an online FAQ for straightforward solutions to the most common issues. If for any reason IPVanish isn’t working properly, you should be able to fix it quickly by following these guides. Pricing & Deals Well worth it for the level of service IPVanish Coupon IPVanish logo IPVanish Get 60% off IPVanish's 12-month plan TestedEnds 22 Aug Get CodeED Terms IPVanish Pricing Plan IPVanish is reasonably priced and affordable. It is neither the cheapest VPN service, nor the most expensive. You can pay for IPVanish monthly or on an annual basis. $4.87 per month on the 12-month plan is a very good price, especially as it’s 60% cheaper than the standard one-month plan, priced at $11.99. There’s also a 3-month option for $6.75 per month. Monthly US$7.50/mo Billed $7.50 for the first month Save 38% 3 Months US$6.75/mo Billed $20.24 for the first 3 months Save 44% 12 Months US$4.87/mo Billed $58.49 for the first 12 months Save 60% All plans have 7-day money-back guarantee Payment & Refund Options The IPVanish seven-day money-back guarantee is 100% no-questions-asked and refunds your money within 10 working days. Our only issue is with IPVanish’s iOS policy – if you sign up for an IPVanish login via the iOS Store then you don’t qualify for the money back guarantee. IPVanish only accepts credit cards, debit cards, and PayPal. Unfortunately neither cryptocurrencies like Bitcoin nor international options like Alipay are currently accepted.
Hashrate: went from 54 to 76 PH/s, the low was 50 and the new all-time high is 100 PH/s. BeePool share rose to ~50% while F2Pool shrank to 30%, followed by coinmine.pl at 5% and Luxor at 3%. Staking: 30-day average ticket price is 95.6 DCR (+3.0) as of Sep 3. During the month, ticket price fluctuated between a low of 92.2 and high of 100.5 DCR. Locked DCR represented between 3.8 and 3.9 million or 46.3-46.9% of the supply. Nodes: there are 217 public listening and 281 normal nodes per dcred.eu. Version distribution: 2% at v1.4.0(pre) (dev builds), 5% on v1.3.0 (RC1), 62% on v1.2.0 (-5%), 22% on v1.1.2 (-2%), 6% on v1.1.0 (-1%). Almost 69% of nodes are v.1.2.0 and higher and support client filters. Data snapshot of Aug 31.
Obelisk posted 3 email updates in August. DCR1 units are reportedly shipping with 1 TH/s hashrate and will be upgraded with firmware to 1.5 TH/s. Batch 1 customers will receive compensation for missed shipment dates, but only after Batch 5 ships. Batch 2-5 customers will be receiving the updated slim design. Innosilicon announced the new D9+ DecredMaster: 2.8 TH/s at 1,230 W priced $1,499. Specified shipping date was Aug 10-15. FFMiner DS19 claims 3.1 TH/s for Blake256R14 at 680 W and simultaneously 1.55 TH/s for Blake2B at 410 W, the price is $1,299. Shipping Aug 20-25. Another newly noticed miner offer is this unit that does 46 TH/s at 2,150 W at the price of $4,720. It is shipping Nov 2018 and the stats look very close to Pangolin Whatsminer DCR (which has now a page on asicminervalue).
www.d1pool.com joined the list of stakepools for a total of 16. Australian CoinTreeadded DCR trading. The platform supports fiat, there are some limitations during the upgrade to a new system but also no fees in the "Early access mode". On a related note, CoinTree is working on a feature to pay household bills with cryptocurrencies it supports. Three new OTC desks were added to exchanges page at decred.org. Two mobile wallets integrated Decred:
Coinomiadded Decred to their Android and iOS wallets. In addition to the Apple App Store and Google Play you can download the APK directly. Coinomi features an integrated cryptocurrency exchange and is the first company to offer a mobile Decred wallet.
Reminder: do your best to understand the security and privacy model before using any wallet software. Points to consider: who controls the seed, does the wallet talk to the nodes directly or via middlemen, is it open source or not?
Bit Dialsannounced DCR support via GloBee at their bitdials.eu luxury boutique. Their separate supercar and classic car shop bitcars.eu also accepts DCR, either via GloBee or with manual invoicing in case of privacy concerns.
Targeted advertising report for August was posted by @timhebel. Facebook appeal is pending, some Google and Twitter campaigns were paused and some updated. Read more here. Contribution to the @decredproject Twitter account has evolved over the past few months. A #twitter_ops channel is being used on Matrix to collaboratively draft and execute project account tweets (including retweets). Anyone with an interest in contributing to the Twitter account can ask for an invitation to the channel and can start contributing content and ideas there for evaluation by the Twitter group. As a result, no minority or unilateral veto over tweets is possible. (from GitHub)
Meetup in Puebla City, Mexico, organized by @elian. (photo, slides, missed in July issue)
@joshuam discussed Decred and decentralized organizations with Craig Laundy, Federal Minister for Small Business, the Workplace, and Deregulation with the Australian Government, at @YBFVentures. (photos)
Meetup at @TheBlockCafe in Lisbon, Portugal. @mm presented "Decred 101 - Governance with Skin in the Game" and @moo31337 talked about Decred's 2018 roadmap. (photos: 123)
Meetup in Taipei, Taiwan. @morphymore made a short intro of Decred and noted: "After the talk, many have approached to tell me that they literally don’t hear of Decred until today, and are interested in finding out more about the merit of a hybrid consensus system.". Longer report here, some photos and a video are here.
@eSizeDave introduced Decred to the SILC Undergraduate Program students at @YBFVentures. (photo)
OKEx Global Meetup Tour in Ho Chi Minh City, Vietnam. @joshuam gave a brief presentation covering the history of Decred, how the project functions, and the importance of governance. Afterwards he joined a panel discussion and spoke about Decred's incentives for long term viability. (video, video, photo)
Blockchain Futurist Conference in Toronto, Canada. @zubairzia0 noted: "Devs and the community were held in high regard for the people who knew about decred ... one positive thing I remember was someone defending us saying 'Decred does not need a booth', I believe that comment was reflective of the quality of projects being showcased at the conference.". (photo)
Meetup at @YBFVentures in Melbourne, Australia. @joshuam discussed Decred with Graham Stuart, U.K. Minister for International Trade. (news, photos)
Small meetup with Jackson Palmer in Melbourne, Australia. (photo)
Hawthorne Street Fair in Portland, USA. Raedah Group was out answering questions about crypto and Decred. (photos)
Blockchain APAC in Melbourne, Australia. @joshuam joined a panel discussion with reps from banking, university and ISO/TC 307. @eSizeDave reports: "This enterprise conference was indeed a whole lot better than I expected. The presentations were actually full of very worthwhile information from credible people, articulated aptly to a very government, academic, and corporate crowd, who genuinely took on board valuable insights. Good to know some of these key people are Decred holders and stakers as well. I got to use the entire day to speak directly with some of the most pivotal personalities in this particular populace. Ongoing relationships have been built and strengthened.". (photos: 123)
For those willing to help with the events:
BAB: Hey all, we are gearing up for conference season. I have a list of places we hope to attend but need to know who besides @joshuam and @Haon are willing to do public speaking, willing to work booths, or help out at them? You will need to be well versed on not just what is Decred, but the history of Decred etc... DM me if you are interested. (#event_planning) The Decred project is looking for ambassadors. If you are looking for a fun cryptocurrency to get involved in send me a DM or come talk to me on Decred slack. (@marco_peereboom, longer version here)
One private work channel was successfully migrated to Matrix.
Stylish room avatars were set.
@Haon has prepared a short guide to help new Matrix users get started and join the Decred rooms.
A thread was started to discuss changes to Decred jargon with the intent to make it more consistent and accessible to newcomers. The question whether changing "official" terminology requires stakeholder approval was touched in this thread and in #documentation.
Project fund transparency and constitution were extensively discussed on Reddit and in #general.
Pre-proposal to use Politeia to approve Politeia as a legitimate decision-making tool for Decred.
Reddit: substantive discussion about Decred cons; ecosystem fund; a thread about voter engagement, Politeia UX and trolling; idea of a social media system for Decred by @michae2xl; how profitable is the Obelisk DCR1. Chats: cross-chain trading via LN; plans for contractor management system, lower-level decision making and contractor privacy vs transparency for stakeholders; measuring dev activity; what if the network stalls, multiple implementations of Decred for more resilience, long term vision behind those extensive tests and accurate comments in the codebase; ideas for process for policy documents, hosting them in Pi and approving with ticket voting; about SPV wallet disk size, how compact filters work; odds of a wallet fetching a wrong block in SPV; new module system in Go; security of allowing Android app backups; why PoW algo change proposal must be specified in great detail; thoughts about NIPoPoWs and SPV; prerequisites for shipping SPV by default (continued); Decred vs Dash treasury and marketing expenses, spending other people's money; why Decred should not invade a country, DAO and nation states, entangling with nation state is poor resource allocation; how winning tickets are determined and attack vectors; Politeia proposal moderation, contractor clearance, the scale of proposals and decision delegation, initial Politeia vote to approve Politeia itself; chat systems, Matrix/Slack/Discord/RocketChat/Keybase (continued); overview of Korean exchanges; no breaking changes in vgo; why project fund burn rate must keep low; asymptotic behavior of Decred and other ccs, tail emission; count of full nodes and incentives to run them; Politeia proposal translations and multilingual environment. An unusual event was the chat about double negatives and other oddities in languages in #trading.
DCR started the month at USD 56 / BTC 0.0073 and had a two week decline. On Aug 14 the whole market took a huge drop and briefly went below USD 200 billion. Bitcoin went below USD 6,000 and top 100 cryptos lost 5-30%. The lowest point coincided with Bitcoin dominance peak at 54.5%. On that day Decred dived -17% and reached the bottom of USD 32 / BTC 0.00537. Since then it went sideways in the USD 35-45 / BTC 0.0054-0.0064 range. Around Aug 24, Huobi showed DCR trading volume above USD 5M and this coincided with a minor recovery. @ImacallyouJawdy posted some creative analysis based on ticket data.
StopAndDecrypt published an extensive article "ASIC Resistance is Nothing but a Blockchain Buzzword" that is much in line with Decred's stance on ASICs. The ongoing debates about the possible Sia fork yet again demonstrate the importance of a robust dispute resolution mechanism. Also, we are lucky to have the treasury. Mark B Lundeberg, who found a vulnerability in atomicswap earlier, published a concept of more private peer-to-peer atomic swaps. (missed in July issue) Medium took a cautious stance on cryptocurrencies and triggered at least one project to migrate to Ghost (that same project previously migrated away from Slack). Regulation: Vietnam bans mining equipment imports, China halts crypto events and tightens control of crypto chat groups. Reddit was hacked by intercepting 2FA codes sent via SMS. The announcement explains the impact. Yet another data breach suggests to think twice before sharing any data with any company and shift to more secure authentication systems. Intel and x86 dumpsterfire keeps burning brighter. Seek more secure hardware and operating systems for your coins. Finally, unrelated to Decred but good for a laugh: yetanotherico.com.
About This Issue
This is the 5th issue of Decred Journal. It is mirrored on GitHub, Medium and Reddit. Past issues are available here. Most information from third parties is relayed directly from source after a minimal sanity check. The authors of Decred Journal have no ability to verify all claims. Please beware of scams and do your own research. Feedback is appreciated: please comment on Reddit, GitHub or #writers_room on Matrix or Slack. Contributions are welcome too. Some areas are collecting content, pre-release review or translations to other languages. Check out @Richard-Red's guide how to contribute to Decred using GitHub without writing code. Credits (Slack names, alphabetical order): bee, Haon, jazzah, Richard-Red and thedecreddigest.
BitLaunch provides cloud hosting from DigitalOcean, Vultr, and Linode payable with cryptocurrencies like Bitcoin, Litecoin, Ethereum and more - with instant provisioning and hourly Billing. PiNET LLC provide Cheap Windows VPS, Forex VPS & Linux VPS hosting services. Price start at $4.99 monthly, No hidden fees. Instant Setup and Delivery. Payment via Bitcoin, Perfectmoney, Paypal, Credit Card, Webmoney, Payeer are accepted! tar xzf bitcoin-0.20.1-x86_64-linux-gnu.tar.gz This will create the directory bitcoin-0.20.1 within your current working directory. We will install the contents of its bin subdirectory into the /usr/local/bin directory using the the install command. The install command is part of the GNU coreutils available on nearly every Linux distribution, and the /usr/local/bin directory is a standard ... Bitcoin hosting is often presented as a solution for those seeking a degree of privacy and anonymity on the web. On this page, you can compare hosts that accept Bitcoin as payment for their services. Setting Up a Bitcoin-Related Site. You do not need Bitcoin-specific hosting to set-up a Bitcoin-related site. Bitcoin mining on the cloud without an ASIC miner does not yield any profit. Still, it’s a fun experiment. Still, it’s a fun experiment. Step One: Get cloud hosting.
How to Bitcoin Miner with Ubuntu VPS - Setup Nicehash Miner via Ubuntu VPS
Learn how to build a website server and host a website from home. In this episode we are going to download and install Linux and learn how to use port forwarding and FTP to connect with it. Web page to vps go : https://goo.gl/lO37MZ vps hosting cheap linux vps hosting cheap windows vps hosting cheap india vps hosting cheap europe vps hosting che... SUBSCRIBE FOR MORE HOW MUCH - http://shorturl.at/arBHL GekkoScience NewPac USB Miner - https://bit.ly/2RIQgdX GekkoScience 8 Port USB Hub - https://bit.ly/2x... If you want to learn more about Bitcoin and how to use Cloud Mining to learn how it works, this course will be perfect for you! We will also talk about the b... How to mine Bitcoin with freebitcoin using Ubuntu instance running on AWS.