Tuesday, November 30, 2021

Hidden Certificate Authorities

The security of encrypted Web traffic depends upon a set of Certificate Authorities (CAs). Browsers and operating systems are configured with a list of CAs that they trust. The system is brittle, in the sense that if any of the multitude of CAs that your browser trusts is incompetent or malign, the security of all your traffic is imperiled. I've written several times on the topic of misbehaving CAs; there is a list of links at the end of the post.

In Web trust dies in darkness: Hidden Certificate Authorities undermine public crypto infrastructure, Thomas Claiburn reports on an important paper, Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem by Yiming Zhang et al. This paper looks at what happens when, by fair means or foul, unofficial entries are added to or replace the CAs in the official list that your browser trusts. Below the fold I discuss their findings.

Tuesday, November 16, 2021

The $65B Prize

Senator Everett Dirksen is famously alleged to have remarked "a billion here, a billion there, pretty soon you're talking real money". There are a set of Bitcoin wallets containing about a million Bitcoins that are believed to have been mined by Satoshi Nakamoto at the very start of the blockchain in 2008. They haven't moved since and, if you believe the bogus Bitcoin "price", are currently "worth" $65B. Even if you're skeptical of the "price", that is "real money". Below the fold, I explain how to grab these million Bitcoin and more for yourself.

Thursday, November 11, 2021

I Confess To Right-Clicker-Mentality

"Worth $532M"
Both Cory Doctorow and Matthew Gault and Jordan Pearson have fun with the latest meme about NFTs, "Right-Clicker-Mentality". (Tip of the hat to Barry Ritholtz)

Gault and Pearson explain the meme:
what is the “right-clicker mentality”? Quite literally, it is referring to one’s ability to right-click on any image they see online to bring up a menu and select the “save” option in order to save a copy of the image to their device. In this term we have a microcosm of the entire philosophical debate surrounding NFTs.
I join in below the fold.

Thursday, November 4, 2021

Making Sure "Number Go Up"

Source
Fake it till you make it is the way Silicon Valley works these days, as exemplified by Theranos, Uber, WeWork and many other role models. It is certainly the case with cryptocurrencies. Would you believe that an NFT of this image was worth $532M? How about nearly $1.1B? Most numbers that are quoted about cryptocurrencies are fake, in the sense that they are manipulated in order to fool the press, and thereby buy time until they become "too big to fail".

The credulous press reports make it look like the cryptocurrency market is much bigger and much more successful that it really is, further inflating the bubble. Below the fold, I provide a set of examples of the techniques that are used to fuel the mania.