Bitcoin dropper seats
Training Preparations Laptop Required Attendees will need to bring a laptop that fits the following specs: Please note that having a bit CPU and a bit OS is not always enough to support bit virtualization.
One way to verify that your laptop supports bit virtualization is to download the SecurityOnion ISO and see if it boots up in VirtualBox.
It might be difficult to imagine now with the snowy landscape and biting cold but we are predicting this situation will eventually change. This year we are again trying a new venue in the hope of eventually find the perfect place to host this lovely annual event. This year we have decided to host the spring pub at Hilma on Torsgatan 10 by Norra Bantorget. Welcome to the We are very happy to be back at Nalen again, and even thought it feels like we just left last years con it is already time for the next.
This is basically how it has been feeling for the past 10 years for us. Of course when we look back we see the vast difference between what we are currently doing and how it all started back in But most importantly, we have 15 speakers this year. This year more than ever the schedule is tightly packed, and since you are too I hope you will keep being an awesome audience and help us keep the schedule running.
When we started streaming SEC-T we were a bit worried that maybe people would not come to the venue, maybe it would be just as fun to stay in the office and watch YouTube all day. But obviously this does not impact the participation in the least. Which makes us happy, because there are undoubtedly people sitting out there that want and need this information but does not have an employer that will pay for them.
So if anyone is running a hackspace or organize an event in their office or living room anywhere that place, that space, could be just as much part of SEC-T as this main hall is. To try this out we have an extra room this year, downstairs, or more correctly, around the corner, is the entrance to Stacken. Lunch will also be served down there to make it less tight, there is a bar and… there is also a SEC-T Anniversary T-shirt waiting for you if you bring your ticket QR-code.
We have a T-shirt for everyone so take it at your leisure. I mentioned the CTF, the CTF has actually been up and running since yesterday afternoon, the scoreboard should be visible, so register to play now at http: There is also something else about the stream this year that might be interesting.
But as you can see there is a stack of presents on stage, and those presents are for our speakers to hand out to those asking questions.
We used to have books for the speaker to choose from, and we still do. The presents are books, mostly, but to add some surprise to the game Hanna was kind enough to play Christmas and wrap them all. This is also the first year we have a decent voting system for the speakers. As you know we are paying our speakers to perform, but the speaker that has performed the best according to you, the audience, will also be paid double.
The webpage you got your ticket on has a voting system where you can vote on each speaker. I think there are still some Lightning Talk slots available this afternoon and we have been hoping for lightning talks to become something more spontaneous. As most of you might have seen we are sold out earlier than previous years. To be sure we have mixed feelings about this, we are very happy that so many see the value in what we are doing.
But at the same time we are getting flooded with emails and tweets asking how to get a ticket. Currently if you visit our ticket system there is only the option to buy Training tickets which includes a conference ticket , but we are going through our system to find if there are in fact more spaces to fill this year. Should there be any tickets left we will announce this. We are sorry for the inconvenience this causes.
We feel your pain. It is also currently two weeks to the event this year and we got overwhelmed by the number of quality submissions we received this year. Many of which said they would be willing to speak at the Community Night Wednesday the Therefore we decided to expand the Community Night event to have 5 talks.
As always the Community Night is a free event with no registration required so we hope to see those missing a ticket there. And we would suggest being on time The video stream will be up sometime during the Community Night as well and run through the entire event for those who want to follow us on YouTube.
When you arrive on Thursday morning be sure to bring your ticket, you should have gotten a link to where you can download your ticket containing a QR code that we must scan for you to get access to the event. We have currently expanded the event as much as we believe it is possible at this venue and we hope for your help making it run as smooth as possible.
The SEC-T Spring Pub is just kicking off in Stockholm and for you who are not able to be there here is the information being presented.
As is tradition, the ticket sales to this years SEC-T Conference are also open now so if you need an Early Bird ticket you should probably hurry up before they are gone. When we started SEC-T we realized how far it was in between the conferences and that we were not alone dreading the long haul until we get to socialize again.
Thus we created the spring pub event. This year the spring pub event takes place on Thursday, April The first people to arrive can expect wraps and drink tickets as usual, but our sponsors will of course have more tickets to hand out during the evening. Make sure to register below so we know you are coming! Even though bitcoin has some built-in protection against denial-of-service attacks, it has been found to be vulnerable to such types of attack and will probably continue to be in the future.
Analysing the CVE database, we can see that most of the vulnerabilities are denial of-service-related. In spite of this, even the Heartbleed vulnerability [ 9 ] took the bitcoin world by surprise. Even though a fix was quickly released in version 0.
CVE details datasource query for bitcoin software and protocol-related vulnerabilities, displaying a predominance of DoS vulnerability type [ 10 ]. Click here to view a larger version of Figure 6. As in the rest of the malware world, most of the bitcoin-related malware samples found target the Windows operating system, with very few of them targeting Mac OSX or Linux.
In the mobile world, Android has the virtual monopoly on bitcoin related infections, be they wallet stealers or even mining applications. As we have seen, there are many intrinsic flaws with the bitcoin protocol, although PEBKAC problem exists between keyboard and chair still holds true and users are the most common target for cybercriminals.
For quite some time, not a single week has gone by without one of the major bitcoin exchanges reaching mainstream news. We can attribute the success of some attacks to faulty technical implementations of the bitcoin wallet, others to clever social engineering approaches, and the rest to bad business practices and simple failure to adhere to proven security standards. There are too many incidents to list them all, but a handful of the most prominent ones are detailed in the paragraphs that follow.
They all make great learning tools for the new generation of bitcoin exchanges. Without ever firing a single gunshot, attackers demonstrated that we had already entered a new era of bank robberies. The loot of around , USD was enough to demonstrate the importance of the crypto market and highlight the lack of security measures taken by most of the exchange houses in the business.
Stopping all transactions and shutting down the service was the first step to be taken after the rest of the common procedures for handling these situations. In the same weekend, Poloniex announced a minor but crucial software bug that would ultimately decide the fate of this digital currency exchange business. As a result of not being able to cover the losses, the owner decided to deduct As with other services, shutting down the website and halting transactions was the first measure taken — before even announcing that anything had gone wrong, leaving many users wondering what had happened to their money.
Not long afterwards, Bitcurex announced through its website that it would resume operations on 18 March, and that, due to good monitoring practices, only part of the funds present in its system had been stolen, preventing a larger attack from happening.
Picostocks , which according to its official description facilitates valuation and fundraising for high-tech startup projects and companies and offers services for both bitcoin investors and entrepreneurs, lost 5, bitcoins on 29 November A quarter-million-dollar heist is not something to frown upon, given the circumstances in which the following robbery took place.
As with other exchanges, Bitfloor ceased all trading operations and promised to repay its customers. This demonstrated the instability and vulnerability of the bitcoin exchange industry as much as any of the other infamous cases.
At a market value of Bitfloor was the fourth bitcoin-based exchange, closely behind Mt. Gox , BTC-E and Bitstamp , but it was no stranger to similar incidents, having lost 25, user coins in During its period of activity in —, Bitcoin Savings and Trust showed the world that Ponzi schemes could also exist in a digital currency scenario. With 3, bitcoins stolen, this financial fraud, courtesy of Trendon T. Shavers, came as little shock to anyone. On 1 October , Canadian Bitcoins entered the hall of fame for the silliest heist made on a bitcoin exchange.
With nothing more than a chat session and smooth talk, a crafty cybercriminal convinced an attendee at Rogers Data Centre to reboot the Canadian Bitcoins server in fail safe mode, bypassing all security measures. James Grant, the owner of Canadian Bitcoins , was puzzled to say the least, but still managed to cover the losses from his own pocket.
Bitcoinica witnessed two attacks during — one in July and one in May — setting a precedent in the local courts as the second case involving bitcoin to be filed in the legal system.
Four users registered a complaint, asking to be compensated with , USD for the funds lost and grievance suffered. Even though at the time, the 18, bitcoins stolen were worth 90, USD, it made sense for the users to ask for a substantially higher compensation, given the ever-changing value of bitcoin. Talk about bad timing: List of bitcoin heists with the most media coverage [ 11 ] shown in a logarithmic scale. Values taken from approximate historical BTC prices [ 12 ].
Click here to view a larger version of Figure 7. Gox exchange deserves a section of its own. Gox decided to close its doors, amidst allegations of a transaction malleability attack that had taken place — and gone unnoticed — over a long period of time. Introduced in October , the limited geometric release of new coins and the controlled difficulty rate set at every 2, new blocks produced, makes litecoin the second largest cryptocurrency measured by market capitalization.
In addition, as an intended improvement on the most noticeable bitcoin flaws, litecoin uses a scrypt proof-of-work algorithm in contrast to the SHA used by bitcoin, with the hopes of slowing down the creation of FPGA and ASIC mining farms. Processing each block takes 2. Based on a popular Internet meme, dogecoin DOGE has also become a big player in the cryptocurrency market. The greatly supportive community, fond of giving away DOGE tips and starting fundraisers for a variety of causes, has received enough media attention to make it interesting for cybercriminals.
Being a controlled inflationary currency, there are expected to be billion DOGE in circulation by the end of , with 5. With the initial intention of reaching a broader audience, and with transaction confirmations taking as little as one minute, it has established itself as a showcase of how simple it is to start a new cryptocurrency trend.
ATMs are already being manufactured, and the unorthodox and grammatically incorrect cryptocurrency has already sponsored a NASCAR driver, the Jamaican Bobsled Olympic team in Sochi, and several other charity-related activities. By also using scrypt technology in its proof-of-work algorithm, the developers make it clear that this is a currency that aims for fairness amongst participants.
DOGE market capitalization vs. Click here to view a larger version of Figure 9. This industry makes 96 billion dollars every year, with Internet and digital media being at the top of the consumed services. Sexcoin is scrypt based and, with fast transaction confirmations one minute , targets a niche audience involved in adult goods and services. While most people trust their banks, or the US Treasury or the US Mint, confidence in the digital currency equivalents seems elusive at the moment, especially with all the security incidents witnessed in such a short space of time.
On taking a walk down Florida Street in Buenos Aires, you will see the best shops the city has to offer. The confidence in the government any of them and the local currency have been in the spotlight ever since, and rebuilding trust is not an easy process.
Several other countries in Latin America have witnessed similar circumstances of strict currency control and inflationary processes in conjunction with the rapid devaluation of the local currency.
The working class has resorted to alternative currencies and investment options as a means of preserving value in these uncertain times. Hiding dollars or euros under a mattress is not unheard of, but what about an encrypted USB drive with your favourite cryptocurrency? According to CoinMap , Argentina is leading the pack when it comes to bitcoin adoption, with a great number of small merchants and businesses accepting BTC as a means of payment for goods and services.
The adoption rate is significantly higher than that observed in other metropolitan Latin American cities such as Sao Paolo, Mexico City or Santiago de Chile. Adoption of bitcoin in Latin America, with Argentina listing merchants accepting payment in this currency. Bitpay , a leading bitcoin service provider, has recently opened a regional branch in Argentina, demonstrating the local market potential.
Xapo is presently working on a debit card linked to your bitcoin wallet that will use the networks of one of the major credit cards, allowing it to work virtually anywhere. But with great power comes great responsibility, and if fraudsters were interested in obtaining your credit and debit card numbers before, the future for them looks even more interesting now.
By holding regular meetings, The Argentinian Bitcoin Foundation explains cryptocurrencies not only to local enthusiasts, but to tax agencies and regulatory entities too. Positioned as a legal way of investing in the local market, it offers Argentinians and people from all over Latin America an investment option that has not been seen before. Latin American websites list not only the many black dollar and euro value rates, but also bitcoin rates. Those escaping tax are familiar with Panama as a financial paradise for setting up their companies.
Brazil is setting the trend, with the Brazilian Revenue Service declaring bitcoin taxable in the same way as any other payment would be. With a large percentage of Brazilians acquiring bitcoins via the popular site Mercado Bitcoin , authority monitoring seems like a pipe dream at the moment and relies on the honesty of the citizens. The first mover advantage refers to the advantage gained by the first significant occupant of a market segment.
Many alternative coins were pre-mined by their developers in order to conserve some of the financial benefits in case the coins became successful. In this case, if the pre-mined quantity was not significant enough, or the currency was ASICs resistant, mining farms would take over that initial advantage gained.
Mining feasibility studies can be performed as a preliminary evaluation that can determine if a resource can be mined economically profitability. Albeit different from an actual mineral mining study, there are some similarities, but with the volatile nature of currencies a whole economic spectrum opens without even taking into consideration sociological and psychological aspects. Known as the network effect, the economy concept proposed by Hal Varian states that the value of a product or service depends on the number of others using it.
By establishing a firm user base and gaining wide acceptance, the stability of the currency is being guaranteed by its community, who strongly believe in an unspoken social convention that the value of bitcoin in the development of business transactions will remain as a viable option. As a deflationary currency no more units will be created after the 21 million limit is reached , bitcoin brings into the spotlight the topic of velocity of money. Network effect regarding bitcoin adoption [ 13 ].
When someone such as Warren Buffett warns the general public to stay away from bitcoin, claiming a lack of intrinsic value and reducing it to a mere system for moving funds from point A to point B, it creates an equally passionate response from the other side of the table. Marc Andreessen, Internet pioneer, trusts that none of the points mentioned previously will cause the demise of the currency but would only make it stronger and more valuable.
Intrinsic value theory holds that the value of an object, good or service is contained within the item itself. Bitcoin transcends nations, politics, religions, cultures and regulations, allowing the movement of funds across borders with minimal or no fees at all, and without third-party intervention.
In countries suffering from hyperinflation, where citizens need a way out of the system, this becomes quite important, moving freely from banking and government rules, laws and restrictions. These special properties make the subjective value of bitcoin much more relevant than what the naked eye can see. Giving countries in the midst of economic crisis, such as Zimbabwe, an option of bank-free operation and avoiding costly exchange rates seems like a utopia.
Even though African countries have been hesitant about utilizing bitcoin for everyday transactions due to concerns about money laundering, they are beginning to see the benefits and starting to negotiate with mobile payment vendors. With billions of dollars sent from the US to Mexico each year, the ability to send cash back home is vastly simplified with the use of cryptocurrencies and networks of trust which allow the movement of any currency between participants.
The inner workings of Ripple networks are quite simple and based on the trust held between parties [ 14 ]. So we need to kind of be the poster children of how to do [compliance] correctly.
We have seen why Latin America has become a fertile ground for the adoption of a cryptocurrency economy — unfortunately, so too have the cybercriminals. Just as there are no borders for cryptocurrencies, there are none for criminals either, and following the money trail means landing in Latin America, where the general audience is still widely vulnerable to many of the attacks seen in other parts of the world. Gox incident, we have witnessed targeted phishing campaigns, bitcoin community members moonlighting as private investigators, localized ransomware samples, scams, mobile miners, Internet of things devices participating in botnets, and anything in between.
Attacks on stock exchanges will be especially popular with the fraudsters as their cost-to-income ratio is very favourable.
Previously, criminals infected victim computers and went on to use them for mining. However, this method is now far less effective than before while the theft of Bitcoins promises cybercriminals huge profits and complete anonymity. After the rumour that Mt.
Gox finances, and a customized back end client to access it. Unfortunately, those who thought this was the official interface for Mt. At the same time, even though Mt. Gox trojan sending baseencoded credentials to a remote server in Sofia, Bulgaria. The Windows version, detected as Trojan. Not too long ago, a mail distributed phishing campaign claiming that former Mt. Gox users were required to sign account closure documents was spotted in the wild, also with the clear aim of infecting unsuspecting victims.
Phishing campaign targeting Mt. Gox users with trojanized compressed executable file. Amongst the first bitcoin-related malware samples spotted in Latin America was Trojan.
At the time, bitcoin mining was still profitable, even with limited CPU resources.