1 <?xml version=
"1.0" encoding=
"ISO-8859-1"?>
2 <rss version='
2.0' xmlns:lj='http://www.livejournal.org/rss/lj/
1.0/'
>
4 <title>Petter Reinholdtsen - Entries from January
2014</title>
5 <description>Entries from January
2014</description>
6 <link>http://people.skolelinux.org/pere/blog/
</link>
10 <title>A fist full of non-anonymous Bitcoins
</title>
11 <link>http://people.skolelinux.org/pere/blog/A_fist_full_of_non_anonymous_Bitcoins.html
</link>
12 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/A_fist_full_of_non_anonymous_Bitcoins.html
</guid>
13 <pubDate>Wed,
29 Jan
2014 14:
10:
00 +
0100</pubDate>
14 <description><p
>Bitcoin is a incredible use of peer to peer communication and
15 encryption, allowing direct and immediate money transfer without any
16 central control. It is sometimes claimed to be ideal for illegal
17 activity, which I believe is quite a long way from the truth. At least
18 I would not conduct illegal money transfers using a system where the
19 details of every transaction are kept forever. This point is
21 <a href=
"https://www.usenix.org/publications/login
">USENIX ;login:
</a
>
22 from December
2013, in the article
23 "<a href=
"https://www.usenix.org/system/files/login/articles/
03_meiklejohn-online.pdf
">A
24 Fistful of Bitcoins - Characterizing Payments Among Men with No
25 Names
</a
>" by Sarah Meiklejohn, Marjori Pomarole,Grant Jordan, Kirill
26 Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. They
27 analyse the transaction log in the Bitcoin system, using it to find
28 addresses belong to individuals and organisations and follow the flow
29 of money from both Bitcoin theft and trades on Silk Road to where the
30 money end up. This is how they wrap up their article:
</p
>
32 <p
><blockquote
>
33 <p
>"To demonstrate the usefulness of this type of analysis, we turned
34 our attention to criminal activity. In the Bitcoin economy, criminal
35 activity can appear in a number of forms, such as dealing drugs on
36 Silk Road or simply stealing someone else’s bitcoins. We followed the
37 flow of bitcoins out of Silk Road (in particular, from one notorious
38 address) and from a number of highly publicized thefts to see whether
39 we could track the bitcoins to known services. Although some of the
40 thieves attempted to use sophisticated mixing techniques (or possibly
41 mix services) to obscure the flow of bitcoins, for the most part
42 tracking the bitcoins was quite straightforward, and we ultimately saw
43 large quantities of bitcoins flow to a variety of exchanges directly
44 from the point of theft (or the withdrawal from Silk Road).
</p
>
46 <p
>As acknowledged above, following stolen bitcoins to the point at
47 which they are deposited into an exchange does not in itself identify
48 the thief; however, it does enable further de-anonymization in the
49 case in which certain agencies can determine (through, for example,
50 subpoena power) the real-world owner of the account into which the
51 stolen bitcoins were deposited. Because such exchanges seem to serve
52 as chokepoints into and out of the Bitcoin economy (i.e., there are
53 few alternative ways to cash out), we conclude that using Bitcoin for
54 money laundering or other illicit purposes does not (at least at
55 present) seem to be particularly attractive.
"</p
>
56 </blockquote
><p
>
58 <p
>These researches are not the first to analyse the Bitcoin
59 transaction log. The
2011 paper
60 "<a href=
"http://arxiv.org/abs/
1107.4524">An Analysis of Anonymity in
61 the Bitcoin System
</A
>" by Fergal Reid and Martin Harrigan is
62 summarized like this:
</p
>
64 <p
><blockquote
>
65 "Anonymity in Bitcoin, a peer-to-peer electronic currency system, is a
66 complicated issue. Within the system, users are identified by
67 public-keys only. An attacker wishing to de-anonymize its users will
68 attempt to construct the one-to-many mapping between users and
69 public-keys and associate information external to the system with the
70 users. Bitcoin tries to prevent this attack by storing the mapping of
71 a user to his or her public-keys on that user
's node only and by
72 allowing each user to generate as many public-keys as required. In
73 this chapter we consider the topological structure of two networks
74 derived from Bitcoin
's public transaction history. We show that the
75 two networks have a non-trivial topological structure, provide
76 complementary views of the Bitcoin system and have implications for
77 anonymity. We combine these structures with external information and
78 techniques such as context discovery and flow analysis to investigate
79 an alleged theft of Bitcoins, which, at the time of the theft, had a
80 market value of approximately half a million U.S. dollars.
"
81 </blockquote
></p
>
83 <p
>I hope these references can help kill the urban myth that Bitcoin
84 is anonymous. It isn
't really a good fit for illegal activites. Use
85 cash if you need to stay anonymous, at least until regular DNA
86 sampling of notes and coins become the norm. :)
</p
>
88 <p
>As usual, if you use Bitcoin and want to show your support of my
89 activities, please send Bitcoin donations to my address
90 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
95 <title>New chrpath release
0.16</title>
96 <link>http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html
</link>
97 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html
</guid>
98 <pubDate>Tue,
14 Jan
2014 11:
00:
00 +
0100</pubDate>
99 <description><p
><a href=
"http://www.coverity.com/
">Coverity
</a
> is a nice tool to
100 find problems in C, C++ and Java code using static source code
101 analysis. It can detect a lot of different problems, and is very
102 useful to find memory and locking bugs in the error handling part of
103 the source. The company behind it provide
104 <a href=
"https://scan.coverity.com/
">check of free software projects as
105 a community service
</a
>, and many hundred free software projects are
106 already checked. A few days ago I decided to have a closer look at
107 the Coverity system, and discovered that the
108 <a href=
"http://www.gnu.org/software/gnash/
">gnash
</a
> and
109 <a href=
"http://sourceforge.net/projects/ipmitool/
">ipmitool
</a
>
110 projects I am involved with was already registered. But these are
111 fairly big, and I would also like to have a small and easy project to
112 check, and decided to
<a href=
"http://scan.coverity.com/projects/
1179">request
113 checking of the chrpath project
</a
>. It was
114 added to the checker and discovered seven potential defects. Six of
115 these were real, mostly resource
"leak
" when the program detected an
116 error. Nothing serious, as the resources would be released a fraction
117 of a second later when the program exited because of the error, but it
118 is nice to do it right in case the source of the program some time in
119 the future end up in a library. Having fixed all defects and added
120 <a href=
"https://lists.alioth.debian.org/mailman/listinfo/chrpath-devel
">a
121 mailing list for the chrpath developers
</a
>, I decided it was time to
122 publish a new release. These are the release notes:
</p
>
124 <p
>New in
0.16 released
2014-
01-
14:
</p
>
128 <li
>Fixed all minor bugs discovered by Coverity.
</li
>
129 <li
>Updated config.sub and config.guess from the GNU project.
</li
>
130 <li
>Mention new project mailing list in the documentation.
</li
>
135 <a href=
"https://alioth.debian.org/frs/?group_id=
31052">download the
136 new version
0.16 from alioth
</a
>. Please let us know via the Alioth
137 project if something is wrong with the new release. The test suite
138 did not discover any old errors, so if you find a new one, please also
139 include a test suite check.
</p
>
projects / homepage.git / blob