at0m

http://news.sciencemag.org/chemistry/2013/10/gold-trees-may-hint-buried-treasure This is pretty ausome if it's true.

http://www.youtube.com/watch?v=H_VG2f1dAr4

Forever Bicycles in Toronto

Follow up to my post in the pictures thread:

And the code is really, really bad...

Bumpity bump. I still haven't gotten around to finishing/redoing this (that happens a lot, can you tell?) but I do have an awesome addition for you guys, girls and other life forms: Mailvelope! It's PGP, in your browser! Who's it for? For those of you not comfortable with a command line and aren't after an application which requires heaps of copy and pasting to get your messages about, this one's for you (and me because I like it. Makes shit easy). So basically, everybody. So what does it do? It encrypts and decrypts messages on the fly, in your browser, without sending any network traffic whilst performing the encryption/decryption so it can't be sniffed or blocked. It also works with both Chrome/Chromium & Firefox though from my experience the Firefox version is sadly not as good as it locks up a fair bit. Why should I trust it? That's ultimately up to you but here's why I would trust it: It implements the safe & secure (even, supposedly, against certain somebodies) OpenPGP encryption standard using OpenGPG.js, not some wonky, half-assed 'alternative'It's opensource! You can check out the source yourself if that's your thing but even if you don't understand the code behind it, you can trust in the fact that it's a project being used by many others who do read the source and use it themselves. So basically trust that others trust it.because it works So it works with webmail providers and that's cool and all but how do I get it working with SAB or another website which I'd like to encrypt my communications on? Easy peasey lemon squeezey! Here's a really brief example with Firefox. Chrome/Chromium will be almost identical it's just that the location of the icon will have changed (top right, where all your other addon icons are). Install the addon Restart your browser (for good measure) Load any page on the SAB forums Find the icon (bottom right in Firefox, top right in Chrome/Chromium) and click "Add page" (hit save for good measure) Select "Security" and change your token & colour to something you'll remember (this is so other people can't falsify the page to steal your key/message) Generate or import a key (self explanatory. MAKE SURE YOU DON'T FORGET THIS! Passwords are a MUST for private keys) Import other people's public keys (be sure they are who they say they are ) Load up a PM (or even a thread?) to the person you want to contact Click the icon that appears inside the editor Write your message Click the icon again in the top right of the pop-out editor Select the recipients (ONLY the people selected via this previous section can read the message!) Hit Ok Press TransferVoila, the encrypted message should now be in the editor If anyone wants to try it out on me, my public key is listed in my profile. Just follow the instructions above, in a PM, and if you include your public key I'll respond in kind. Hopefully this will help encryption become more common and easily accessible to all and you can keep your carrots safe from prying wabbits.

It was originally developed for the navy, yes, but that was a long time ago and it is now a free and open source project run by the community. Here's the latest (stable) source if you want to go check it out: https://www.torproject.org/dist/tor-0.2.3.25.tar.gz or here https://gitweb.torproject.org/ EFF <3's Tor (and I <3 EFF): https://ssd.eff.org/tech/tor It's so good (which is why they still contribute funding toward the project) that the military still uses it: https://www.torproject.org/about/torusers.html.en To answer the question as to why they would release and fund it, simply put: So they can hide in plain sight. If anyone can use tor, there's no reason to assume that tor traffic is anyone important. I will, however, concede that tor is not without its issues. Tor -> clearnet is dangerous due to possibly evil exit nodes, circuits can be reversed/decrypted if enough nodes are controlled, browsers can be profiled/stained/tracked, the browser itself can have exploits and a whole host of other issues. These are NOT easy to perform though and won't be 100% successful at deanonymising/decloaking all/any users.

Opposite imo. First reaction was the knee-jerk drop, yes, that was bound to happen and yes, a large attraction to bitcoin has gone but, as others have said, something else WILL fill its place. The money is just too good not to. But think about this... so they seized a couple thousand coins. Those coins can now be considered 'dead' and out of circulation (Side note: IF they get used again, we can see EXACTLY where they go) so now there's even fewer coins available (only a finite amount can be mined) meaning, in theory, the value should be on its way up once it settles. It should also be noted that, assuming you're willing to trust the FBI enough to believe the documents about DPR's arrest, he was not caught through any fault of Tor or bitcoin. It was entirely because old fashioned detective work and the stupidity of DPR.

http://thepsychedelicist.blogspot.com.au/2013/09/my-response-to-jan-irvin-of-gnostic.html

I... wow... it... so good.

http://www.abc.net.au/news/2013-08-29/call-for-trial-of-ecstasy-in-ptsd-treatment/4923354

**

Headline rethink: Lose weight, get high It's always amused me how the least harmful substance (in regards to illegal drugs) stays in your system for an incredible long time.

http://xkcd.com/1259/

The latest episode... wow.... Speechless.

Far from true, to be honest. Firstly, a root kit is something used to HIDE other applications at a system level - thus keeping it out of the process monitor. MOST root kits can be detected by anyone who has a clue. The application you linked to is a completely legitimate one. It's used for remotely viewing a customer's computer so you can easily fix stuff without having to walk them through the steps they will likely mess up. It can be used maliciously, yes, but you'd be an idiot to. It'd be like wearing an enlarged version of your drivers license as a shirt whilst you rob a liquor store. Additionally, you have to download and run the application for it to do anything (unless the person sending it to you has knowledge of certain 0-days and a very specific knowledge of your setup. Webmaill or desktop client, xp or 7, etc) The "Single click" refers to a single click on the downloaded file. Though even then, it's more likely a double click. You're making them out to be a lot easier/simpler than they are but yes - there are others out there that can do far worse things. Rip stored passwords out of your browser, key log, screen view, monitor traffic, browse your files - anything you can do, it can do better. The vast majority of these though are either already detected by anti-viral software (Don't be "that guy" who doesn't use any...) or flat out don't work. In short: Be weary of the internet and it's nasties but if you use common sense and caution, you're fine. PS: Linux. Promise I'm still not a thread hijacker

http://blogs.laweekly.com/informer/2013/08/marijuana_armored_truck_ban_dea.php In Los Angeles dispensaries have been victimized by violent, sometimes deadly robberies. That doesn't mean that armored cars are the solution, but some believe having armed guards pick up and deliver cash can be a deterrent. Steve DeAngelo, executive director of Harborside Health Center in Oakland: Aaron Smith, executive director of the National Cannabis Industry Association, said the move will continue to push the medical cannabis drug trade underground instead of out in the open where, he argues, it would be safer: "Look how bad cannabis is! It's causing all these violent robberies!"

http://www.abc.net.au/news/2013-08-23/massive-drug-haul/4907052

Linux on a raspberry pi with all of the data on an SD card. Never leave it running. Can easily be broken or hidden. Regarding the part in the linked post about keyloggers: If they've gotten that far, you're screwed. Sure you can encrypt images you've drawn in MSpaint but what about when you type your passphrase in to unlock your key? what if they also have screen recording/monitoring?

As far as I'm aware, there's no vulnerabilities in tor itself - there are definitely ways to deanonymize someone using it though but they almost all rely on either the person 'leaking' connections to their real identity OR, as I mentioned above, javascript based methods. The latter is easily solved by completely disabling javascript though, which should be done anyway. The exploit in the 'sting' (which effected far more than pedo sites as FH was one of the main hosts for .onions) was pretty scary but as far as I'm aware only effected the Tor Browser Bundle running on Windows with javascript enabled. Don't entirely rely on Tor, but it's not as bad/scary/vulnerable as some agencies would like you to believe. The biggest thing to come out of that 'sting', imo, will be the fear surrounding it.\ edit: sorry OP. Despite what it looks like, I'm not here to hijack the thread