Video to Elon: How to Build Decentralized Twitter Using Doge and Cardano for Profit and Pleasure

Developer Comments:

”This algorithm was presented at the ForenSecure 2017 conference on cybersecurity and forensics. The experts attending were not particularly happy after the talk, for their job of trying to detect hidden data had suddenly become quite a bit harder. One year later, I realized the general public might want to check out what it can do, hence this addon.”

PassLok stego is based on the F5 algorithm by Andreas Westfeld (2001), which is described at https://www2.htw-dresden.de/~westfeld/publikationen/21370289.pdf, which is extended to PNG images as well. In addition, PassLok does some simple tricks to preserve the DCT AC coefficient histogram almost perfectly, making it even harder to detect than F5.

Features

UnixPorn at its core

PwNixOS places a strong emphasis on delivering a top-notch graphical experience by providing a visually appealing and productivity-focused interface.

Hacking Tools

PwNixOS offers a wide array of tools and utilities out of the box to support your hacking endeavors. From advanced network analysis and penetration testing tools to powerful scripting languages and development environments, PwNixOS equips you with the necessary arsenal to explore and manipulate computer systems to your heart's content.

Package Management with Nix

One of the standout features of NixOS is its unique package management system called Nix. With Nix, you can easily install, update, and manage software packages on your system. What makes Nix special is its ability to provide isolated and reproducible environments for each package, ensuring that software installations do not interfere with one another. This allows for painless experimentation and easy rollback to previous configurations.

Declarative Configuration

NixOS follows a declarative approach to system configuration. Instead of making changes directly to the system, you define the desired state of your system in a configuration file or flake (like this one). This configuration specifies all the packages, services, and settings you want, providing a clear and reproducible blueprint for your system. This declarative nature simplifies system administration, enables easy replication of configurations across multiple machines, and facilitates version control of your system setup.

Custom packages

This flake has custom hacking tools that are uploaded to the NUR. The purpose of these tools is to fill in the gaps that exist today in the official repositories and create a full arsenal of tools, with well-known tools such as BloodHound and lesser-known tools such as psudohash.

Features

UnixPorn at its core

PwNixOS places a strong emphasis on delivering a top-notch graphical experience by providing a visually appealing and productivity-focused interface.

Hacking Tools

PwNixOS offers a wide array of tools and utilities out of the box to support your hacking endeavors. From advanced network analysis and penetration testing tools to powerful scripting languages and development environments, PwNixOS equips you with the necessary arsenal to explore and manipulate computer systems to your heart's content.

Package Management with Nix

One of the standout features of NixOS is its unique package management system called Nix. With Nix, you can easily install, update, and manage software packages on your system. What makes Nix special is its ability to provide isolated and reproducible environments for each package, ensuring that software installations do not interfere with one another. This allows for painless experimentation and easy rollback to previous configurations.

Declarative Configuration

NixOS follows a declarative approach to system configuration. Instead of making changes directly to the system, you define the desired state of your system in a configuration file or flake (like this one). This configuration specifies all the packages, services, and settings you want, providing a clear and reproducible blueprint for your system. This declarative nature simplifies system administration, enables easy replication of configurations across multiple machines, and facilitates version control of your system setup.

Custom packages

This flake has custom hacking tools that are uploaded to the NUR. The purpose of these tools is to fill in the gaps that exist today in the official repositories and create a full arsenal of tools, with well-known tools such as BloodHound and lesser-known tools such as psudohash.

The moderator/host of this instance has a great podcast about infosec.

Episode 18: Mastodon & Cyber-success w/ @rebootkid - Recorded on December 30, 2022

Edgar Cervantes / Android Authority

TL;DR

• Code within the official Reddit app suggests that the company is working on a Contributor program.

• Redditors in the US could earn real money for the gold and karma that their posts and comments receive.

• This will likely be subject to minimum withdrawal thresholds.

Reddit has been in the news recently for its API changes that killed popular Reddit apps and the subreddit protests that followed the announcement. The company believes the official Reddit app is all you need for a great community experience. We say the Reddit app is good for giving us a sneak peek at what the company is working on. In the near future, Reddit could introduce a Contributor program that will reward community contributors with real-world money.

An APK teardown helps predict features that may arrive on a service in the future based on work-in-progress code. However, it is possible that such predicted features may not make it to a public release.

Reddit v2023.27.0 for Android includes code that suggests that the online community platform is looking for ways to incentivize the community to be more proactive. Similar to how other platforms reward creators, Reddit could be exploring ways that would let community members convert the gold and karma they have received from other community members into real-world money that they can cash out. Check out the references below.

Code

Fake internet points are finally worth something! Now redditors can earn real money for their contributions to the Reddit community, based on the karma and gold they've been given. How it works:

• Redditors give gold to posts, comments, or other contributions they think are really worth something.
• Eligible contributors that earn enough karma and gold can cash out their earnings for real money.
• Contributors apply to the program to see if they're eligible.
• Top contributors make top dollar. The more karma and gold contributors earn, the more money they can receive. The code suggests that the program will initially have two tiers: Contributor and Top Contributor. Top Contributors will have better rates.

Further, from what we can discern, the payout could use Reddit gold as a currency, while the karma accumulated could be used to improve the rate of exchange for Reddit gold into real-world money (possibly USD). Note that the community itself passes around Reddit gold and karma to each other. Reddit gold is purchased with real-world money, while karma is a net figure of upvotes and downvotes on comments and posts.

Before you get too excited, the program appears to have some constraints around eligibility:

Code

Not just anyone can be a contributor. To join and stay in the program, contributors need to meet a few requirements:

• Be over 18 and live in the U.S.
• Only Safe for Work contributions qualify
• Earn xx gold and karma each month
• Provide verification information. You must have at least 10 gold and 100 karma to begin verification.
• NSFW accounts aren't eligible for the Contributors Program With a threshold of 10 gold and 100 karma for verification, the bare minimum is set at a high enough point to not be easy to game. Contributors will have to further earn an unspecified number of gold and karma each month to be eligible for payouts within the program.

Here is what could be the necessary information needed for verification:

Code

Provide the following information to get verified for the program and start earning:

• Email
• Personal Information
• Tax and bank account information The verification appears to be powered by Persona and Stripe.

Code

Once you hit the payment threshold, you'll automatically be paid out via your Stripe account.

• Approximate calculation before fees. Exchange rate and payment thresholds are subject to change. The payout threshold is not mentioned within the code, and neither is the monthly gold and karma requirement for being part of the contributor program.

Curiously, unlike the creator programs of other social platforms, Reddit’s purported Contributor Program will be routing community-purchased gold and karma back into the community. We could not locate any mentions of Contributors receiving any part of ad or subscription revenue from the platform, which is usually how the creator programs of other platforms work. In effect, the community would be incentivizing the community.

Do you think Reddit's contributor program is a good idea?

Note that the program, so far, does not explicitly mention any community moderators within its ambit, and no incentives have been carved out for them. However, since Reddit has not made any official announcements, things could change by the time the program goes live.

We’ve reached out to Reddit for comments and more information. We’ll update the article when we hear back from them.

Crypto Anarchy: Encryption, digital money, anonymous networks, digital pseudonyms, zero knowledge, reputations, information markets, black markets, collapse of governments.

Stablecoins are a tough puzzle to solve. This algo-stablecoin has been functioning without issue for more than 2 years now.

This seems to be one of the only serious, open source, decentralized attempts at liquid democracy in the cryptoverse.

What does the community think are the strengths and weaknesses of the way that the Cardano Foundation implemented this?

#RISC-V WILL STOP HACKERS DEAD FROM GETTING INTO YOUR COMPUTER

by: Brian Benchoff

The greatest hardware hacks of all time were simply the result of finding software keys in memory. The AACS encryption debacle — the 09 F9 key that allowed us to decrypt HD DVDs — was the result of encryption keys just sitting in main memory, where it could be read by any other program. DeCSS, the hack that gave us all access to DVDs was again the result of encryption keys sitting out in the open.

Because encryption doesn’t work if your keys are just sitting out in the open, system designers have come up with ingenious solutions to prevent evil hackers form accessing these keys. One of the best solutions is the hardware enclave, a tiny bit of silicon that protects keys and other bits of information. Apple has an entire line of chips, Intel has hardware extensions, and all of these are black box solutions. They do work, but we have no idea if there are any vulnerabilities. If you can’t study it, it’s just an article of faith that these hardware enclaves will keep working.

Now, there might be another option. RISC-V researchers are busy creating an Open Source hardware enclave. This is an Open Source project to build secure hardware enclaves to store cryptographic keys and other secret information, and they’re doing it in a way that can be accessed and studied. Trust but verify, yes, and that’s why this is the most innovative hardware development in the last decade.

WHAT IS AN ENCLAVE?

Although as a somewhat new technology, processor enclaves have been around for ages. The first one to reach the public consciousness would be the Secure Enclave Processor (SEP) found in the iPhone 5S. This generation of iPhone introduced several important technological advancements, including Touch ID, the innovative and revolutionary M7 motion coprocessor, and the SEP security coprocessor itself. The iPhone 5S was a technological milestone, and the new at the time SEP stored fingerprint data and cryptographic keys beyond the reach of the actual SOC found in the iPhone.

The iPhone 5S SEP was designed to perform secure services for the rest of the SOC, primarily relating to the Touch ID functionality. Apple’s revolutionary use of a secure enclave processor was extended with the 2016 release of the Touch Bar MacBook Pro and the use of the Apple T1 chip. The T1 chip was again used for TouchID functionality, and demonstrates that Apple is the king of vertical integration.

But Apple isn’t the only company working on secure enclaves for their computing products. Intel has developed the SGX extension which allows for hardware-assisted security enclaves. These enclaves give developers the ability to hide cryptographic keys and the components for digital rights management inside a hardware-protected bit of silicon. AMD, too, has hardware enclaves with the Secure Encrypted Virtualization (SEV). ARM has Trusted Execution environments. While the Intel, AMD, and ARM enclaves are bits of silicon on other bits of silicon — distinct from Apple’s approach of putting a hardware enclave on an entirely new chip — the idea remains the same. You want to put secure stuff in secure environments, and enclaves allow you to do that.

Unfortunately, these hardware enclaves are black boxes, and while they do provide a small attack surface, there are problems. AMD’s SEV is already known to have serious security weaknesses, and it is believed SEV does not offer protection from malicious hypervisors, only from accidental hypervisor vulnerabilities. Intel’s Management engine, while not explicitly a hardware enclave, has been shown to be vulnerable to attack. The problem is that these hardware enclaves are black boxes, and security through obscurity does not work at all.

THE OPEN SOURCE SOLUTION

At last week’s RISC-V Summit (December 2018), researchers at UC Berkeley released their plans for the Keystone Enclave, an Open Source secure enclave based on the RISC-V (PDF). Keystone is a project to build a Trusted Execution Environment (TEE) with secure hardware enclaves based on the RISC-V architecture, the same architecture that’s going into completely Open Source microcontrollers and (soon) Systems on a Chip.

The goals of the Keystone project are to build a chain of trust, starting from a silicon Root of Trust stored in tamper-proof hardware. this leads to a Zeroth-stage bootloader and a tamper-proof platform key store. Defining a hardware Root of Trust (RoT) is exceptionally difficult; you can always decapsulate silicon, you can always perform some sort of analysis on a chip to extract keys, and if your supply chain isn’t managed well, you have no idea if the chip you’re basing your RoT on is actually the chip in your computer. However, by using RISC-V and its Open Source HDL, this RoT can at least be studied, unlike the black box solutions from Intel, AMD, and ARM vendors.

The current plans for Keystone include memory isolation, an open framework for building on top of this security enclave, and a minimal but Open Source solution for a security enclave.

Right now, the Keystone Enclave is testable on various platforms, including QEMU, FireSim, and on real hardware with the SiFive Unleashed. There’s still much work to do, from formal verification to building out the software stack, libraries, and adding hardware extensions.

This is a game changer for security. Silicon vendors and designers have been shoehorning in hardware enclaves into processors for nearly a decade now, and Apple has gone so far as to create their own enclave chips. All of these solutions are black boxes, and there is no third-party verification that these designs are inherently correct. The RISC-V project is different, and the Keystone Enclave is the best chance we have for creating a truly Open hardware enclave that can be studied and verified independently.