EDIT: Don’t go into freak-out mode here! This is potentially serious, but is fixable and I disclosed to DPR alone about 15 hours ago. He’s good, skilled, and this will be investigated and fixed in no time, I am sure. In the interim, if you need to use Silk Road BE SURE TO USE GPG. The beauty of Bitcoin and Tor is that even if the server were to be seized, if your messages are GPGed, it’s near-impossible to get anything valuable. I just know that not everyone uses GPG.

I am a penetration tester by trade, and while I do not use SR, I do occasionally conduct informal tests of the security of various Tor Hidden Services.

I debated for hours whether to post this, but I need to alert the community in case no actions are taken:

Last night, while SR was down for maintenance, a brief few moments allowed a certain set of circumstances that caused me to be able to view the public IP of the httpd server of Silk Road. This isn’t an obvious flaw, but it is extremely simple if you know where to look – the server basically will publish a page containing all of the configuration data of the httpd server including the public IP address.

For the sake of the site’s security, that’s all the information I’m going to reveal.

I have messaged Dread Pirate Roberts and am currently waiting a response. I do have a SHA512 hash of the public IP which I have retained as evidence if DPR needs proof.

I will keep this updated with any news received.

With such information, authorities may be able to locate and shut down Silk Road and apprehend its operator, or more. What does this mean for Bitcoin? If the Silk Road gets busted, the only thing left to prop up the price of butts is the Magic: the Gathering Online Exchange’s creaky servers and meddling hands.

The post Silk Road fumbles and reveals its IP address appeared first on Buttcoin Foundation.

After the war ended and forces withdrew, cults developed on the islands; leaders promised their followers a return of the wealth and benefactors. People imitated the now-gone soldiers in dress and behavior, and constructed elaborate life-size replicas of things such as planes, Jeeps, air traffic control towers, runways, and more. It was believed that these items and mimicking the troops’ drills and behavior would bring back the planes and materiel, and that the various forces who were stationed on the islands were related to either deities or ancestors, and used this power to bring great wealth.

Works better than most ASIC rigs and all GPU miners

Bitcoin operates in a similar fashion. Take, for example, institutions like the NYSE, NASDAQ, IPOs, and large banks. Buttcoiners see these systems and want their toy

The post The cargo cult of Bitcoin appeared first on Buttcoin Foundation.

From: David

Subject: mt.gox hack 2day

Message Body:

i know the guys who hacked into mt.gox and dumped the data today. they released about 60k usernames/passes (hashed), but say they are hanging on to the good stuff for now, preparing for another major crash (without correction this time they say)

these guys aren’t lulsec or anon, think bigger picture, esp. in an unreg market like bitcoins

He sent me a link to a manafesto from Lionhat Security, who taunts the lead developer storing US customer info overseas and who’s previous experience includes iPhone applications.

Text version:

Another release from lionhat security

bitcoin sure has come a long way lately? people moving their life savings around, putting it all in mtgox. well you saw what happened the other day what we were able to acquire from them. maybe you shouldn’t have trusted an 18 year old whose credentials include an iphone soundboard app with your offsite servers. also, shouldn’t he have been paying attention to transactions instead of attending anime conventions?

well, good luck with the mining and all, we’re halfway there with the next black fridayQQ
so throw a few coins our way and we’ll give you a little preview of what we have in store next in addition to some more goodies we got from the last hack

1A35CqoJwzsBAa8ytyEQk7592avWKuBeJ
— lionhat security –�in kimshe we trust

They included a bitcoin block link so maybe they’re looking to cash in on the same penny BTC action from today, who knows.

Remember, if you have any tips feel free to contact me

The post Lionhat Security takes claim for Mt. Gox hack and user dump, taunts owners and promises next black friday. appeared first on Buttcoin Foundation.

Wanna know where all those sell orders came from?

The post Today’s sell off was because of Mt. Gox hack appeared first on Buttcoin Foundation.

From: Jake

Subject: Buttsec?

Message Body:

There is a pastebin post going around that was created by a group called Buttsec. They claim to have “compromised” MTGOX and possibly other play money-to-real money sites.

…

Jake’s link led to site where a group called BUTTSEC (a pun on lulzsec) had posted their manifesto

Digging further, we found some other interesting notes

We’ve already seen reports of some people claiming they’ve had money transferred out of Mt. Gox without their knowledge, could this be indicative of something larger?

Let us know in the comments!

The post Mt. Gox, other bitcoin exchange sites hacked? appeared first on Buttcoin Foundation.