Archive for the ‘Digital Freedoms’ Category

Making BitCoin with Bots

Posted: 2013/12/10 in bitcoin, bots, BTC, Digital Freedoms, gekko, How To's, Linux, node.js, Proof of Concept, turnkey, Uncategorized
2

In this article we will cover how to quickly setup a trading bot for crypto-currencies. As the difficulty for BTC continues to rise the profit in mining coins continues to drop. A good method to make up those losses is with a trading bot which will work to increase your profit margin by making the moves needed on the market while you are away.

For this we will use the following tools:

  • Turnkey Linux NODE.js VM
  • Gekko Trading Bot
  • Mt.Gox or BTCe account (w/ funds)

Setting up the Environment

First we will download the following Linux VM image

http://www.turnkeylinux.org/nodejs

(alternately you can just run the bot directly by downloading & installing http://nodejs.org/)

For step by step instructions for a Windows based install refer to this:

https://github.com/askmike/gekko/blob/master/docs/installing_gekko_on_windows.md

After downloading and booting the Linux VM image we prepare the host. After initial boot we choose the “Quit” option from the menu to get to a shell.

Once there:

apt-get install byobu
adduser coinmaker

(assign some strong passwords if required setup SSH keys)

git clone https://github.com/askmike/gekko.git /opt/gekko
chown -R coinmaker /opt/gekko
su – coinmaker
cd /opt/gekko/ && npm install

We can now run the bot to verify its functional:

node gekko

We can refer to https://github.com/askmike/gekko/blob/master/docs/Configuring_gekko.md for a full list of options available for the config.js file. To get going quickly change the following options:

cp config.js config.bkup && vi config.js

  • Change the “exchange” to your preferred trading hub
  • Change the currency setting to match your desired currency
  • If you want to enable trading then add the API key/secret generated by your trading hub for your account
  • Also change the tradingEnabled to true to allow trading.
config.normal = {
  enabled: true,
  exchange: 'MtGox', // 'MtGox', 'BTCe', 'Bitstamp' or 'cexio'
  currency: 'USD',
  asset: 'BTC',
  tradingEnabled: false,
  key: '',
  secret: '',
  username: 0 // only fill this is when using Bitstamp or cexio
}

Also ensure the “Advanced section” matches the settings in the config.normal section if you enable trading. This would include the Trading Hub set to “true” along with the same API key/secret used.

Now we can launch the bot and monitor its performance and trading from the console

 byobu && node gekko

2013-12-10 18:12:11 (INFO): Profit reporter active on simulated balance
2013-12-10 18:12:11 (INFO): Calculating EMA on historical data…
2013-12-10 18:14:31 (INFO): ADVICE is to BUY @ xxx.xxx (x.xxx)

The point is ladies and gentlemen that greed, for lack of a better word, is good.

And that’s it! Take a snapshot of the VM instance and clone away if you need to trade on more than one hub at a time.

Blind Zerg Rush for Security

Posted: 2013/07/12 in Digital Freedoms, Information Security, Security Disclosures, Uncategorized
0

While reviewing some old publications I came across this great article that was written just weeks after the 9/11 tragedy in NY.

Based on recent events disclosed around the PRISM program and US Government actions against privacy in general the article seems to be very scary with it’s foreshadowing.

Here is an excerpt taken from 2600 Magazine (Fall 2001):

It takes an event of great magnitude to really put things in perspective, to make us realize how insignificant our daily concerns can be. At the same time, such an occurrence can trigger a chain of events that wind up magnifying these concerns.

What is most disturbing is the speed with which things began to change after the attacks. It was as if members of Congress and other lawmakers were poised to spring into action the moment public opinion began to turn and before common sense had a chance of regaining its dominance. Within hours of the horrific events, new restrictions on everything from encryption to anonymity along with broad new powers allowing much easier wiretapping and monitoring of Internet traffic were being purposed – all with initial overwhelming support from the terrified public.

We find it absolutely unconscionable that anyone would use such a tragedy to further their own agenda – whether it be by selling a product or enacting a wish list of legislation. We’ve witnessed a good amount of both recently and its all pretty repugnant. Almost every new law purposed is something we’ve seen in the past – and rejected. And there is very little in them that would have been helpful in preventing the terrorist attacks in the first place.

Our concerns can best be summed up by this quote:
“Maybe the Senate wants to just go ahead and adopt new abilities to wiretap our citizens. Maybe they want to adopt new abilities to go into people’s computers. Maybe that will make us feel safer. Maybe. And maybe what the terrorists have done made us a little bit less safe. Maybe they have increased Big Brother in this country. If that is what the Senate wants, we can vote for it. But do we really show respect to the American people by slapping something together, something that nobody on the floor can explain, and say we are changing the duties of the Attorney General, the Director of the CIA, the U.S. attorneys, we are going to change your rights as Americans, your rights to privacy? We are going to do it with no hearings, no debate. We are going to do it with numbers on a page that nobody can understand.”

Those remarks came from Senator Patrick Leahy of Vermont, one of the few who seem to actually comprehend the serious risks we’re facing.

Today we are seeing the repercussions of the actions taken during that time, and now the train is running full speed so it will take a strong force to have any chance of derailing it.

This all reminds me of another quote from Philip K. Dick (also in 2600 Magazine Spring 2003):

…the essence of the evil government is that it anticipates bad conduct on the part of its citizens. Any government which assumes that the population is going to do something evil has already lost its franchise to govern. That tacit contract between a government and the people governed is that the government will trust the people and the people will trust the government. But once the government begins to mistrust the people it is governing, it loses its mandate to rule because it is no longer acting as a spokesman for the people, but is acting as an agent of persecution

Sorry Sir, but I am going to have to see your console

Posted: 2009/04/14 in Digital Freedoms, Information Security
Tags:
0

The guys over at infowars.com made note of an interesting fight brewing up between a Boston College student backed by the EFF & a Legal firm vs. The Newton Courts, of Mass.

Fairly easy to note the ignorance of their technical staff with the following statement:

“Uses two different Operating systems to hide his illegal activity… and the other a black screen with a white console which he uses prompt commands on”

It may be safe to say their Criminal “Technical” investigations team are all fresh DeVry grads? If they would just pick up any used IT books from Amazon.com they may learn that pretty much every operating system used today allows some type of console (and this is usually black w/white text).
So this statement is basically stating using ANY operating system makes you a possible criminal who should have their computer system investigated?
So I have to ask do firewall’s and router’s fall under this umbrella theory as well? How about my managed switches?
Do I risk someone coming in and striping my network infrastructure in the interest of national security?
Since who knows I may be using my consoles to perform illegal activity like update wireless hardware to an unsupported customized firmware :GASP:

I suspect their next statement would be something along the lines of:

“The system had a web browser which allowed them to plan illegal activities so their criminal intent was obvious”

Sorry Guys Try Again!

Read More Here …

Who should be America’s CTO?

Posted: 2009/04/10 in Digital Freedoms, Information Security, Uncategorized
Tags:
0

Never before has a presidential candidate used technology in the way the Obama administration did during the past elections. From Youtube, to twitter tweets sent from him trusty Blackberry. Obama definitely leveraged his technilogical savvy in his favor. So then why after more than a handful of months into his term has he still not chosen a CTO for the nation? Is it due to lack of competent technology folks? Maybe he feels it is not as important as say visiting the Tonight show? Or maybe he wants to assume the responsibilities himself on the weekends and in his spare time? Techcrunch is running a poll on this very question. So take the time and head on over and share your input on this question. In a world of increasing threats to our IT infrastructure you would figure this role should be filled soon…

Read More Here …

LSYiPDT: Download Torrents to your home server from anywhere!

Posted: 2009/04/08 in Digital Freedoms, LSYiPDT, Proof of Concept, Software News
Tags:
0

Really this needs no introduction more than this video can provide!

One of the first products of the Android Bounty program hosted by Androidandme this not only blows the iPhone’s torrent (download to local storage) program out of the water but just shows the power of open source!
And to think the bounty the developer earned for this was about $90.. So when you see the 2.99 price tag for the app on the market keep this in mind

Read more Here!

Tuning your hacking skills in a ‘Hacker Space’

Posted: 2009/03/30 in Digital Freedoms, How To's, Information Security
0

A newer trend in the field of “Hacking” is the use of “Hacker Spaces”. Picture a community lab with various hardware/software for you to refine your skills in a controlled and safe environment. While this may not be a way to gain true real-world experience. It does help nuture your skill from a casual or novice hacker to someone who can say “I can do that!”.

Read more about Hacker Spaces

Think your ready for the big time now? Then head on over to the Defcon Capture the Flag competition in July/Aug.. I will see you there!

Fighting SSH Brute Force

Posted: 2008/12/11 in Digital Freedoms, Information Security, Security News
0

To anyone that has had to deal with this issue, I feel you.  I can recall less than 2 years ago how an SSH brute force attempt, our preventive/corrective actions, and their response (a weak DoS attempt) triggered a change in our internal process regarding SSH access to the outside world.

There was a fairly detailed write up on Security Focus earlier this week that describes someone else attacking the same issue we faced.  While there are various ways to address the situation one thing is clear.  We are never alone in this fight and as long as we can freely share our experiences and knowledge we can only grow in our understanding and ability to fight off these types of attacks (or conduct them depending on where you stand).

“Your Auto Warranty is about to Expire!” Today’s Scammers

Posted: 2008/12/09 in Digital Freedoms, Information Security, Security News
1

So over the past 4-5 months I have been getting very strange calls. I have gotten these calls on all of my mobile or landlines.

They usually all start the same way.
“This is an Automated message informing you that your auto warranty is about to expire. Please stay on the line to renew”

The first few times I disregarded this message as maybe some type of mixup. I mean all of the vehicles I own are older than 20yrs so I would not expect any type of Auto Warranty at this point. But the calls continued. Finally after about the 4-5th call I realized this was a scam. Not only are they contacting me on my personal numbers but they are reaching me on my business mobile, of which only select people have the number?
It does seem I am not alone in getting hit with this scam. But unlike other people have mentioned I am getting these calls from legit numbers which appear to be within the USA (Denver, Los Angeles, Georgia). I am not sure if the Boilerrooms these calls are coming from are US based or just being routed thru some VoIP server from another country.

Another interesting occurrence recently was a call my Wife received. It was someone claiming to be from one of our credit card companies. Being my wife and living thru the security lectures that are my passion she asked for a company name, address, and call back number before providing any more info. The caller quickly hung up.

With the current state of the World economy and the ease of use of VoIP tools. I think the rise in phone based phishing scams is just the tip of the iceberg.

If you feel you are being harassed by these scammers there are a few things to look for and even some things you can do to report this and even fight back.

Personally I want them to call back and this time I want to talk to a live personl..
I have my airhorn sitting on my desk ready to rips some eardrums!
Will that stop the calls? Probably not but at least when their ears are ringing they will remember me 😉

Do You Own What You Create?

Posted: 2008/12/02 in Digital Freedoms
0

While this would seem like a basic concept often times these lines get blurred in courtrooms. Techdirt has a very interesting article on this. Based on a recent ProIP ruling that was questionable to say the least. They point out a few valid points of this discussion and even quote a very good plain English description of “ownership”.

“If a baker bakes a loaf of bread, he therefore owns it.” And likewise, for “music, movies, software.” But note the mistake here Johson makes: “If a baker bakes a loaf of bread, he therefore owns it.” The “therefore” is the giveaway: he says this because he thinks of the creation of the loaf as the act that gives rise to ownership. Then this leads to the analogy with other created things, like music. But creation of the loaf is not the reason why the baker owns it. He owns the loaf because he owned the dough that he baked. He already owned the dough, before any act of “creation”–before he transformed it with his labor. If he owned the dough, then he owns whatever he transforms his property into; the act of creation is an act of transformation that does not generate any new property rights. So creation is not necessary for him to own the resulting baked bread. Likewise, if he used someone else’s dough–say, his employer’s–then he does not own the loaf, but the owner of the dough does. So creation is not sufficient for ownership.