from the perhaps-there-is-such-a-thing-as-bad-publicity dept.
Submitted via IRC for Fnord666
A team of security researchers has a solid claim to $10,000, after meeting the three requirements of Bitfi's second bug bounty on its cryptocurrency wallet.
Remember John McAfee’s supposedly “unhackable” cryptocurrency wallet? It appears a group of researchers is about to prove the once-lauded antivirus pioneer wrong.
After cracking the so-called Bitfi wallet to play legendary game DOOM on it, today the researchers were able to successfully send signed transactions with the device – that is despite the “security” mechanisms Bitfi has in place to prevent attackers from doing that.
Well, that's a transaction made with a MitMed Bitfi, with the phrase and seed being sent to a remote machine. [...] That sounds a lot like Bounty 2 to me.
With this development in mind, the researchers believe they have fulfilled the conditions of Bitfi's $10,000 bug bounty. Bitfi had three criteria to claim the rewards: namely that researchers should be able to prove they can modify the device, connect to the Bitfi server, and send sensitive data with the device.
Source: https://thenextweb.com/hardfork/2018/08/13/bitfi-cryptocurrency-wallet-bounty/
Related Stories
I just heard some sad news on talk radio - Horror Software creator John McAfee was found dead in his Spanish jail cell Wednesday evening. There weren't any more details. I'm sure everyone in the SoylentNews community will miss him - even if you didn't enjoy his work, there's no denying his contributions to popular culture. Truly an American icon.
Netcraft confirms it, as does NYPost - an "apparent suicide".
John McAfee was found dead in his cell in a prison near Barcelona on Wednesday. McAfee was awaiting extradition in a Spanish prison after being charged with tax evasion in the United States last year. McAfee was arrested in Spain in October after being indicted in the United States for tax evasion months earlier. He allegedly failed to file taxes for four years despite earning millions in income between 2014 and 2018 from promoting cryptocurrencies.
Also at the Associated Press, The Register, CNN, and CNBC.
See also: How To Uninstall McAfee Antivirus
Previously: John McAfee Announces He Will Run For President of the United States
On TV, John McAfee Says Cracking an iPhone is Trivial
Johnny Depp to Star in Movie About John McAfee
John McAfee's "Unhackable" Cryptocurrency Wallet Has Been Hacked (Again)
John McAfee Indicted for Tax Evasion
Original Submission #1 Original Submission #2 Original Submission #3 Original Submission #4
(Score: 1, Interesting) by Anonymous Coward on Saturday August 18 2018, @08:50PM (11 children)
In 1995, "McAffee" maybe meant something. Since the early 2000's it means malware (bundleware) that is increasingly hard to unbundle from your store/factory install. Applicable of course to those who remain victims of Microsoft Windows.
(Score: 5, Informative) by takyon on Saturday August 18 2018, @09:03PM (10 children)
McAfee [wikipedia.org] was acquired by Intel in 2010-2011, and converted into a joint venture in 2017. John McAfee [wikipedia.org] has nothing to do with his former company, which he resigned from in 1994, long before it all went to shit according to your timeline.
Even though he has nothing to do with it anymore, given McAfee's public image in the last few years, it's surprising that the brand name hasn't been ditched yet.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 4, Interesting) by Arik on Saturday August 18 2018, @09:17PM (7 children)
It's a shitty model, if your yardstick is security, but it's apparently a pretty great model, if your yardstick is how many people you can sucker into paying you a monthly stipend for doing absolutely nothing.
If laughter is the best medicine, who are the best doctors?
(Score: 3, Interesting) by Ethanol-fueled on Saturday August 18 2018, @09:41PM (4 children)
McAffee back in the day was one of those things where the antivirus programs were worse than the viruses themselves. To this day, when I see McAfee and Symantec, I'm still sure that the disease is worse than the cure.
(Score: 3, Interesting) by MichaelDavidCrawford on Saturday August 18 2018, @10:19PM (3 children)
Try using ClamWin to scan a mostly-full terabyte rotating drive on a $380 Core i5 Win8.1 laptop.
ClamWin works ok if I scan every download _immediately_ after I downloading it, but the One A Month Scan that I used to employ back in the days of my misspent youth stopped working with reactive antivirus well over a decade ago.
Yes I Have No Bananas. [gofundme.com]
(Score: 1, Insightful) by Ethanol-fueled on Saturday August 18 2018, @10:54PM (2 children)
No thanks. I don't download anything except for package-managed things nowadays, and the only ill actors who are behind it are the NSA and the Jews. Both of the latter already know I hate them.
(Score: 2) by MichaelDavidCrawford on Sunday August 19 2018, @01:22AM (1 child)
Now I understand just why you are precisely the way you actually are:
You lead an Entertainment-Free Life.
You have nothing but my profoundly-sincere compassion and newly-won respect. My hat's off to you, Sir.
Yes I Have No Bananas. [gofundme.com]
(Score: 0) by Anonymous Coward on Sunday August 19 2018, @06:50AM
He doesn't need to download movies for entertainment. He can just troll suckers on SN.
(Score: 3, Interesting) by MichaelDavidCrawford on Saturday August 18 2018, @10:31PM (1 child)
Oddly I interviewed with both Cylance [cylance.com] and Carbon Black [carbonblack.com] - which _prefers_ remote coders! - was highly praised by all my interviews yet didn't get either job.
Both Cylance and Carbon Black claim to be Zero-Day Virus Detectors. At Cylance I interviewed to perform applied original research into the routes exploits take on their way to an OSX box, at Carbon Black I've had such a bad memory since 2010 that I have absolutely _no_ idea what they wanted me to do for them.
That bad memory is - hopefully was - a serious problem: while I can clearly remember that day I decided to move from The Valley to Vancouver, Washington as well as when I actually did so move, I can't remember what years most of my brain seizures took place, nor am I able to count how many seizures I've had anymore. While I commonly say I was "homeless for five years" really I have no clue how long it really was as well as when oscillated between homeless and couch-surfing with Mom, when I chose various locations for sleeping - under which bridges, which shelters and the like - when I bought the tent that I pitched under an elevated section of Interstate 5 in Portland, when I came up with the domain name "soggywizards.com", what I intended to call my present consultancy as well as what I my previous candidates were.
My consultancy's domain was from the start intended for SEO: "wizards" is highly searched-for as a result of the Harry Potter flicks as well as the popularity of D&D-style vidgames. Among the other candidates were "Salmon Creek Responsive Design", with "salmon" being a highly searched for keyword. I have no clue anymore what the other candidates.
I don't know when I started Soggy Jobs at first at warplife.com, when I moved it from warplife to soggywizards.com then later soggy.jobs.
Many of these things can be turned up from The Wayback Machine but that's not my point: I used to have a _very_ good memory. I'm only 54 it can't possibly be do to old age.
Yes I Have No Bananas. [gofundme.com]
(Score: 3, Funny) by takyon on Saturday August 18 2018, @10:39PM
There should at least be a record of when you registered it.
54... you basically have a 60s brain. You have accumulated over a half-century of damage [nih.gov]. Your brain is no longer fresh out of the oven.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 3, Interesting) by MichaelDavidCrawford on Saturday August 18 2018, @10:16PM
Extra credit for neglecting his digital pix free of EXIF location coordinates as he blogged his daily progress in fleeing from the police.
"Security" and "McAfee" make a whole lot less sense than "Slashdot coder" does these days.
Yes I Have No Bananas. [gofundme.com]
(Score: 1, Informative) by Anonymous Coward on Monday August 20 2018, @09:46PM
Oblig [youtube.com]
(Score: 1, Interesting) by Anonymous Coward on Saturday August 18 2018, @10:14PM
This BitFi thing needs antivirus software to keep the bugs away.
(Score: 3, Informative) by Anonymous Coward on Saturday August 18 2018, @10:25PM
when will john mcafee eat his own dick? [whenwilljohnmcafeeeathisdick.com]
"When I predicted Bitcoin at $500,000 by the end of 2020, it used a model that predicted $5,000 at the end of 2017.
BTC has accelerated much faster than my model assumptions. I now predict Bircoin at $1 million by the end of 2020.
I will still eat my dick if wrong."
nb: bitcoin @ ~$6350 at time of posting
(Score: 2, Interesting) by Anonymous Coward on Saturday August 18 2018, @10:37PM
If anyone actually bothered to listen to McAfee's "unhackable" claim, there really would be no real controversy. He basically just says that because the device calculates the key each time, there is no way for a stolen device to have the key extracted. This is an extremely narrow definition of "hacked", but it is not really false definition. Giant, misleading marketing wank? For sure. This attack still requires the seed to be entered in order to steal the key, akin to having the device surreptitiously modified. McAfee would say that is the owner's failure, not the device.
(Score: 3, Insightful) by JesusAmieiro on Monday August 20 2018, @08:39AM
The prize is 100.000 $, not 10.000 $, as you can see in this tweet https://twitter.com/officialmcafee/status/1021805449681817600 [twitter.com]