Show Posts - stone
Please login or register.

Login with username, password and session length
Advanced search  


Latest Stable Nxt Client: Nxt 1.12.2

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - stone

Pages: [1]
Nxttycoin / How Secure is TextSecure?
« on: November 06, 2014, 07:09:22 am »
Tilman Frosch and Christian Mainka and Christoph Bader and Florian Bergsma and Joerg Schwenk and Thorsten Holz

Abstract: Instant Messaging has attracted a lot of attention by users for both private and business communication and has especially gained popularity as low-cost short message replacement on mobile devices. However, most popular mobile messaging apps do not provide end-to-end security. Press releases about mass surveillance performed by intelligence services such as NSA and GCHQ lead many people looking for means that allow them to preserve the security and privacy of their communication on the Internet. Additionally fueled by Facebook's acquisition of the hugely popular messaging app WhatsApp, alternatives that claim to provide secure communication experienced a significant increase of new users.

A messaging app that has attracted a lot of attention lately is TextSecure, an app that claims to provide secure instant messaging and has a large number of installations via Google's Play Store. It's protocol is part of Android's most popular aftermarket firmware CyanogenMod. In this paper, we present the first complete description of TextSecure's complex cryptographic protocol and are the first to provide a thorough security analysis of TextSecure. Among other findings, we present an Unknown Key-Share Attack on the protocol, along with a mitigation strategy, which has been acknowledged by TextSecure's developers. Furthermore, we formally prove that---if our mitigation is applied---TextSecure's push messaging can indeed achieve the goals of authenticity and confidentiality.


Nxttycoin / 中文网站开通!Chinese website:www.nxttypay.com
« on: October 27, 2014, 01:36:15 am »
中文网站开通!Chinese website:www.nxttypay.com


Edward Snowden’s Privacy Tips: “Get Rid Of Dropbox,” Avoid Facebook And Google
According to Edward Snowden, people who care about their privacy should stay away from popular consumer Internet services like Dropbox, Facebook, and Google.

Snowden conducted a remote interview today as part of the New Yorker Festival, where he was asked a couple of variants on the question of what we can do to protect our privacy.

His first answer called for a reform of government policies. Some people take the position that they “don’t have anything to hide,” but he argued that when you say that, “You’re inverting the model of responsibility for how rights work”:

When you say, ‘I have nothing to hide,’ you’re saying, ‘I don’t care about this right.’ You’re saying, ‘I don’t have this right, because I’ve got to the point where I have to justify it.’ The way rights work is, the government has to justify its intrusion into your rights.

He added that on an individual level, people should seek out encrypted tools and stop using services that are “hostile to privacy.” For one thing, he said you should “get rid of Dropbox,” because it doesn’t support encryption, and you should consider alternatives like SpiderOak. (Snowden made similar comments over the summer, with Dropbox responding that protecting users’ information is “a top priority.”)

[Update: In a June blog post related to Snowden, Dropbox actually says, "All files sent and retrieved from Dropbox are encrypted while traveling between you and our servers," as well as when they're "at rest on our servers," and it points to other security measures that the company is taking. The difference between Dropbox and SpiderOak, as explained elsewhere, is that SpiderOak encrypts the data while it's on your computer, as opposed to only encrypting it "in transit" and on the company's servers.]

[And here's a more complete Snowden quote, from around 1:04:55 in the video: "We're talking about encryption. We're talking about dropping programs that are hostile to privacy. For example, Dropbox? Get rid of Dropbox, it doesn't support encryption, it doesn't protect your private files. And use competitors like SpiderOak, that do the same exact service but they protect the content of what you're sharing."]

He also suggested that while Facebook and Google have improved their security, they remain “dangerous services” that people should avoid. (Somewhat amusingly, anyone watching the interview via Google Hangout or YouTube saw a Google logo above Snowden’s face as he said this.) His final piece of advice on this front: Don’t send unencrypted text messages, but instead use services like RedPhone and Silent Circle.

Earlier in the interview, Snowden dismissed claims that increased encryption on iOS will hurt crime-fighting efforts. Even with that encryption, he said law enforcement officials can still ask for warrants that will give them complete access to a suspect’s phone, which will include the key to the encrypted data. Plus, companies like Apple, AT&T, and Verizon can be subpoenaed for their data.

Beyond the privacy discussion, Snowden talked about how and why he decided to leak documents bringing the government’s electronic surveillance programs to light. He repeatedly claimed that he wasn’t pursuing a specific policy outcome, but just trying to have an open conversation about these issues:

We can have secret programs. You know, the American people don’t have to know the name of every individual that’s under investigation. We don’t need to know the technical details of absolutely every program in the intelligence community. But we do have to know the bare and broad outlines of the powers our government is claiming … and how they affect us and how they affect our relationships overseas. Because if we don’t, we are no longer citizens, we no longer have leaders. We’re subjects, and we have rulers.

As for why Snowden hasn’t come back to the United States to stand trial, he said that when he looked at how the U.S. government treated whistleblowers like Thomas Drake and Chelsea Manning, he became convinced that he wouldn’t be able to present his case to a jury in an open trial.

“I’ve told the government again and again in negotiations, you know, that if they’re prepared to offer an open trial, a fair trial in the same way that Dan Ellsberg got, and I’m allowed to make my case to the jury, I would love to do so,” he said. “But to this point they’ve declined.”

Snowden acknowledged that there’s some irony in his taking shelter in China and Russia, countries that don’t exactly have spotless human rights or privacy records themselves. He said Russia was supposed to be a transit point on his way to Latin America — but his passport was canceled while he was at the Moscow airport.

The New Yorker’s Jane Mayer ended the interview on a light note, suggesting that Snowden was now free to enjoy some vodka. He replied, “I actually don’t drink alcohol. Little-known fact: I’ve never been drunk.”

Here’s a full video of the interview. The discussion of privacy and consumer Internet services (which, again, consisted of two questions in a row) begins at around 58:30.

FreeMarket / Chinese community QQ group: 155 239 603
« on: October 08, 2014, 03:29:20 pm »
QQ group:
155 239 603



« on: September 15, 2014, 01:45:34 am »

The National Security Agency is secretly providing data to nearly two dozen U.S. government agencies with a “Google-like” search engine built to share more than 850 billion records about phone calls, emails, cellphone locations, and internet chats, according to classified documents obtained by The Intercept.

The documents provide the first definitive evidence that the NSA has for years made massive amounts of surveillance data directly accessible to domestic law enforcement agencies. Planning documents for ICREACH, as the search engine is called, cite the Federal Bureau of Investigation and the Drug Enforcement Administration as key participants.

ICREACH contains information on the private communications of foreigners and, it appears, millions of records on American citizens who have not been accused of any wrongdoing. Details about its existence are contained in the archive of materials provided to The Intercept by NSA whistleblower Edward Snowden.

Earlier revelations sourced to the Snowden documents have exposed a multitude of NSA programs for collecting large volumes of communications. The NSA has acknowledged that it shares some of its collected data with domestic agencies like the FBI, but details about the method and scope of its sharing have remained shrouded in secrecy.

ICREACH has been accessible to more than 1,000 analysts at 23 U.S. government agencies that perform intelligence work, according to a 2010 memo. A planning document from 2007 lists the DEA, FBI, Central Intelligence Agency, and the Defense Intelligence Agency as core members. Information shared through ICREACH can be used to track people’s movements, map out their networks of associates, help predict future actions, and potentially reveal religious affiliations or political beliefs.

The creation of ICREACH represented a landmark moment in the history of classified U.S. government surveillance, according to the NSA documents.

“The ICREACH team delivered the first-ever wholesale sharing of communications metadata within the U.S. Intelligence Community,” noted a top-secret memo dated December 2007. “This team began over two years ago with a basic concept compelled by the IC’s increasing need for communications metadata and NSA’s ability to collect, process and store vast amounts of communications metadata related to worldwide intelligence targets.”

The search tool was designed to be the largest system for internally sharing secret surveillance records in the United States, capable of handling two to five billion new records every day, including more than 30 different kinds of metadata on emails, phone calls, faxes, internet chats, and text messages, as well as location information collected from cellphones. Metadata reveals information about a communication—such as the “to” and “from” parts of an email, and the time and date it was sent, or the phone numbers someone called and when they called—but not the content of the message or audio of the call.

ICREACH does not appear to have a direct relationship to the large NSA database, previously reported by The Guardian, that stores information on millions of ordinary Americans’ phone calls under Section 215 of the Patriot Act. Unlike the 215 database, which is accessible to a small number of NSA employees and can be searched only in terrorism-related investigations, ICREACH grants access to a vast pool of data that can be mined by analysts from across the intelligence community for “foreign intelligence”—a vague term that is far broader than counterterrorism.

Data available through ICREACH appears to be primarily derived from surveillance of foreigners’ communications, and planning documents show that it draws on a variety of different sources of data maintained by the NSA. Though one 2010 internal paper clearly calls it “the ICREACH database,” a U.S. official familiar with the system disputed that, telling The Intercept that while “it enables the sharing of certain foreign intelligence metadata,” ICREACH is “not a repository [and] does not store events or records.” Instead, it appears to provide analysts with the ability to perform a one-stop search of information from a wide variety of separate databases.

In a statement to The Intercept, the Office of the Director of National Intelligence confirmed that the system shares data that is swept up by programs authorized under Executive Order 12333, a controversial Reagan-era presidential directive that underpins several NSA bulk surveillance operations that monitor communications overseas. The 12333 surveillance takes place with no court oversight and has received minimal Congressional scrutiny because it is targeted at foreign, not domestic, communication networks. But the broad scale of 12333 surveillance means that some Americans’ communications get caught in the dragnet as they transit international cables or satellites—and documents contained in the Snowden archive indicate that ICREACH taps into some of that data.

Legal experts told The Intercept they were shocked to learn about the scale of the ICREACH system and are concerned that law enforcement authorities might use it for domestic investigations that are not related to terrorism.

“To me, this is extremely troublesome,” said Elizabeth Goitein, co-director of the Liberty and National Security Program at the New York University School of Law’s Brennan Center for Justice. “The myth that metadata is just a bunch of numbers and is not as revealing as actual communications content was exploded long ago—this is a trove of incredibly sensitive information.”

Brian Owsley, a federal magistrate judge between 2005 and 2013, said he was alarmed that traditional law enforcement agencies such as the FBI and the DEA were among those with access to the NSA’s surveillance troves.

“This is not something that I think the government should be doing,” said Owsley, an assistant professor of law at Indiana Tech Law School. “Perhaps if information is useful in a specific case, they can get judicial authority to provide it to another agency. But there shouldn’t be this buddy-buddy system back-and-forth.”

Jeffrey Anchukaitis, an ODNI spokesman, declined to comment on a series of questions from The Intercept about the size and scope of ICREACH, but said that sharing information had become “a pillar of the post-9/11 intelligence community” as part of an effort to prevent valuable intelligence from being “stove-piped in any single office or agency.”

Using ICREACH to query the surveillance data, “analysts can develop vital intelligence leads without requiring access to raw intelligence collected by other IC [Intelligence Community] agencies,” Anchukaitis said. “In the case of NSA, access to raw signals intelligence is strictly limited to those with the training and authority to handle it appropriately. The highest priority of the intelligence community is to work within the constraints of law to collect, analyze and understand information related to potential threats to our national security.”

Nxttycoin / Nxtty中国区推广专贴【qq群:155239984】
« on: September 04, 2014, 12:33:53 am »

一、   媒体报道




二、   社交媒体运营

Facebook: https://www.facebook.com/pages/Nxtty/645168825569486
Twitter: https://twitter.com/cryptomessenger

三、   后续计划
1.   联系更多的科技资讯网站、极客网站以及主流媒体报道后续nxtty的相关动态。
2.   待nxtty正式发布后,联系app分发平台添加nxtty的产品,并做重点推荐。App分发平台包括:360手机助手、豌豆荚、91助手、安卓市场、腾讯app。
3.   建设一个中文nxtty网站和一个中文nxtty论坛,普吉相关基础知识。
4.   协助优化nxtty的用户体验,nxtty汉化、本地化的工作。


Nxttycoin / Before Secret, there was Startups Anonymous
« on: May 20, 2014, 02:02:43 pm »
Anonymity is the trend du jour.

If the explosion of anonymous apps is any indication, people want a place where they can go to escape their own identity. From Lulu for the ladies, to Whisper for the masses, to Popcorn Messaging for anonymous geolocal chatting, to Admonymous for receiving critiques. That’s not even a complete list, and Product Hunt has more.

If you were hiding under a rock last week, you might have missed that new app Secret launched out of ironic stealth mode and has rapidly become the hippest app of said moment. It’s a lot like Whisper, except you can see when a secret is shared from your contacts circle.

As you might imagine, that has led to a flood of Silicon Valley secret sharing, with everything from false Evernote acquisition rumors, to a lot of Path trash-talking. Everyone and their mothers are gossiping about it. Even Gap Inc. has reportedly used the app for a social advertising scheme. Secret is riding the hype cycle up, up, and up.

But as it takes off, there’s another secret sharing service that came before it and arguably could last longer, at least in the tech community. It’s called Startups Anonymous.

Startups Anonymous is like Secret with standards. It’s a website where entrepreneurs can post questions  or stories they have, and S.A. co-founders Dana Severson and Nick Ciske vet all the posts and comments before they appear. They only approve the well-written ones that don’t include trolling. The end result is a secret sharing application with oversight, just for the tech community, sans dickhead comments.

Whereas Secret and Whisper are open platforms for anyone and everything, S.A. is closer to a vetted publication.

“It occurred to me it has to be an A.A.-type club. I want there to be an understanding that it’s a support community, and that’s primarily the reason for the name,” Severson says.

Severson came up with the idea for S.A. last summer, i.e. the summer of Whisper’s skyrocketing hype. He and his S.A. cofounder Ciske built the website on WordPress and launched it four weeks ago. It made it to the top of Hacker News three times and started gaining traction. It now gets about 7,500 daily unique views.

“What’s the difference between a convertible debt round and a priced round?” Severson offers up as an example question one might post on the site. “You don’t want to ask your investors because you don’t want to appear incompetent. You don’t want to ask your advisors because they make recommendations to investors. You can’t talk to your co-founders because you need to instill faith in them that you’re doing the right thing. Where do you turn?”

It’s the sort of question that doesn’t fit a general secret sharing network, but works for S.A.’s startup focused approach. There’s no mobile app yet, but Severson says that’s next on the to-do list. They’ll want to hurry up with it if they hope to contend with their hugely popular competitors.

Whisper’s user base is reportedly in the millions. Secret’s user numbers aren’t public and it only launched for the public two weeks ago. That said, it seemingly has all of Silicon Valley’s attention.

S.A. will need to hope there’s room in people’s lives for more than one anonymity app. If there isn’t, then Secret and Whisper have already eaten up a large portion of attention and users.

That said, Startups Anonymous may outlast Secret in terms of filling the tech community’s need for anonymity. After all, as Secret grows and gets bigger, people from different sectors and geographies will join it, diluting the “startup focused” secrets that get shared. It will become place for general life secrets, with the occasional startup secret sneaking across.

In contrast, by focusing on a specific vertical, S.A. will always be just about startups. Since founders need support and assistance, particularly when launching their first company, it could be a natural place to turn to, a tab on the bookmarked favorites page.

Severson isn’t concerned with monetizing it. “We have no intention to raise money, this is not going to be a billion dollar business,” he tells me. He’s busy running his own company — Chasm.io, the pivot startup following Wahooly flameout fame. He and Ciske spend their nights vetting posts, but otherwise the S.A. platform largely runs itself.

That said, S.A. monetization strategies have already presented themselves. A lawyer who represents startups contacted Severson and asked to do a sponsored “ask an attorney” section on the site. “Down the line, we could also do “Ask a VC” sections or other sponsored content,” Severson says. This is the sort of monetization tactic that would work well for a niche application focused on a particular community like S.A., but wouldn’t work for an app like Secret.

As for the challenges Startups Anonymous will face? Severson is nervous about continuing to get quality contributions. Since they’re treating the site like a publication more than an open platform, they want an articulate and beneficial level of discussion. They’ll need to maintain their traction and keep on vetting to keep the standards up. They’ll also have to hope that entrepreneurs don’t rely on Secret alone to get their anonymity needs met.

Fortunately for Ciske and Severson, neither of them are betting the house on this. It’s just a fun project on the side, and they’ll take it wherever it leads them.

here is apparently a lot of anonymous candor going around.

Just last month, Whisper and Secret, two hot apps for anonymously sharing things you’d rather not be seen saying, were reportedly raising a combined total of $40 million. And today, another app has launched to do something similar.

Interestingly enough, it was originally called Secret.

Truth is launching today out of a stealthy public beta. It’s an app that allows you to send messages to people anonymously, sure, but there’s a twist: You send messages directly to people in your address book. The company behind the app, Toro Technologies, says Truth is “the first one-to-one anonymous peer-to-peer messaging app.”

“Back in November when we originally had this idea, we had chosen to go with the name Secret and even bought the domain www.secretapp.com,” cofounder and CEO Ali Saheli told me via email yesterday. “We had the app submitted to Apple when suddenly Secret launched, and we were just shocked and surprised. Initially we thought about keeping the name, but we soon realized we wouldn’t be able to compete financially in court. I mean, c’mon, they were backed by Google!”

Sending a “truth” to someone is almost like sending an email or a text: Select a recipient, tap the message, hit Send, and watch a Flappy Bird-style owl wiggle its wings as your missive flies into the interwebs. If the recipient is another Truth user, the message will show up in his or her app — from an unknown sender, of course — and trigger a notification. If not, the recipient will get a text message with part of the truth you’re sending … and, of course, a link to download the app.

Exactly. Want the full message? You’ll have to download the app.

Viral tactics like that have driven Truth up to 90th position in the Canadian iOS app store rankings in the three weeks since its initial beta launch — ahead of Secret and GroupMe in the social network most-downloaded list. (Often app developers test their apps in Canada, New Zealand, or Australia, fine-tuning user acquisition and user interfaces before launching in the U.S.)

According to Saheli, college students are one of Truth’s biggest user groups.

“The two most common use cases are flirting between classmates and giving honest feedback in the workplace,” he said when I asked what people used Truth for. “Overall, we have seen most of our users are college students.”

Clearly, this kind of app is more personal than Secret, which simply allows a person to create a generalized message and float it on the waters of the app’s mobile social network. Messages in Truth are directly and personally targeted.

So yes, the company takes negative messages seriously, Saheli said.

“Like any other platform, we have some negative messages in the system but overall the percentage is lower than we expected. We take this issue seriously and will always ensure that the user has the power to control the conversations they have.”

I sent a message to my teen daughter to test the service. Her first words?

“I thought that was from you,” she said when I brought it up. Then, when we chatted about the app some more: “Seems like it could be quite dangerous.”

Clearly, however, there’s an appetite for this sort of anonymized messaging that traditional social networks such as Twitter, Facebook, and LinkedIn are not providing.

Pages: [1]