bitcoind - How can I setup Bitcoin to be anonymous with ...
bitcoind - How can I setup Bitcoin to be anonymous with ...
Hidden Wiki Tor .onion urls directories
Tor - Bitcoin Wiki
How to block Bitcoin Mining in your browser - gHacks Tech News
Running A Full Node - Bitcoin
A few stories about Brian Krebs: The independent cybercrime journalist who exposes criminals on the internet
First, a bit of introduction before we get into the living drama that is Brian Krebs. Brian Krebs has been a journalist for decades, starting in the late 90s. He got his start at The Washington Post, but what he's most famous for are his exposes on criminal businesses and individuals who perpetuate cyber crime worldwide. In 2001, he got his interest in cybercrime piqued when a computer worm locked him out of his own computer. In 2005, he shifted from working as a staff writer at The Washington Post's tech newswire to writing for their security blog, "Security Wire". During his tenure there, he started by focusing on the victims of cybercrime, but later also started to focus on the perpetrators of it as well. His reporting helped lead to the shutdown of McColo, a hosting provider who provided service to some of the world's biggest spammers and hackers. Reports analyzing the shutdown of McColo estimated that global spam volume dropped by between 40 and 70 percent. Further analysis revealed it also played host to child pornography sites, and the Russian Business Network, a major Russian cybercrime ring. In 2009, Krebs left to start his own site, KrebsOnSecurity. Since then, he's been credited with being the first to report on major events such as Stuxnet and when Target was breached, resulting in the leakage of 40 million cards. He also regularly investigates and reveals criminals' identities on his site. The latter has made him the bane of the world of cybercrime, as well as basically a meme, where criminals will include references like Made by Brian Krebs in their code, or name their shops full of stolen credit cards after him. One of his first posts on his new site was a selection of his best work. While not particularly dramatic, they serve as an excellent example of dogged investigative work, and his series reveal the trail of takedowns his work has documented, or even contributed to. And now, a selection of drama involving Krebs. Note, all posts are sarcastically-tinged retellings of the source material which I will link throughout. I also didn't use the real names in my retellings, but they are in the source material. This took way too long to write, and it still does massively condense the events described in the series. Krebs has been involved with feuds with other figures, but I'd argue these tales are the "main" bits of drama that are most suited for here.
Fly on the Wall
By 2013, Krebs was no stranger to cybercriminals taking the fight to the real world. He was swatted previously to the point where the police actually know to give him a ring and see if there'd actually been a murder, or if it was just those wacky hackers at it again. In addition, his identity was basically common knowledge to cybercriminals, who would open lines of credit in his name, or find ways to send him money using stolen credit cards. However, one particular campaign against him caught his eye. A hacker known as "Fly" aka "Flycracker" aka "MUXACC1" posted on a Russian-language fraud forum he administered about a "Krebs fund". His plan was simple. Raise Bitcoin to buy Heroin off of a darknet marketplace, address it to Krebs, and alert his local police via a spoofed phone call. Now, because Krebs is an investigative journalist, he develops undercover presences on cybercrime forums, and it just so happened he'd built up a presence on this one already.
Guys, it became known recently that Brian Krebs is a heroin addict and he desperately needs the smack, so we have started the "Helping Brian Fund", and shortly we will create a bitcoin wallet called "Drugs for Krebs" which we will use to buy him the purest heroin on the Silk Road. My friends, his withdrawal is very bad, let’s join forces to help the guy! We will save Brian from the acute heroin withdrawal and the world will get slightly better!
Fly had first caught Krebs' attention by taunting him on Twitter, sending him Tweets including insults and abuse, and totally-legit looking links. Probably either laced with malware, or designed to get Krebs' IP. He also took to posting personal details such as Krebs' credit report, directions to his house, and pictures of his front door on LiveJournal, of all places. So, after spotting the scheme, he alerted his local police that he'd probably have someone sending him some China White. Sure enough, the ne'er-do-wells managed to raise 2 BTC, which at the time was a cool $200 or so. They created an account on the premiere darknet site at the time, The Silk Road under the foolproof name "briankrebs7". They found one seller who had consistently high reviews, but the deal fell through for unknown reasons. My personal theory is the seller decided to Google where it was going, and realized sending a gram of dope into the waiting arms of local law enforcement probably wasn't the best use of his time. Still, the forum members persevered, and found another seller who was running a buy 10 get 2 free promotion. $165 of Bitcoin later, the drugs were on their way to a new home. The seller apparently informed Fly that the shipment should arrive by Tuesday, a fact which he gleefully shared with the forum. While our intrepid hero had no doubt that the forum members were determined to help him grab the tail of the dragon, he's not one to assume without confirmation, and enlisted the help of a graduate student at UCSD who was researching Bitcoin and anonymity on The Silk Road, and confirmed the address shared by Fly was used to deposit 2 BTC into an account known to be used for money management on the site. By Monday, an envelope from Chicago had arrived, containing a copy of Chicago confidential. Taped inside were tiny baggies filled with the purported heroin. Either dedicated to satisfied customers, or mathematically challenged, the seller had included thirteen baggies instead of the twelve advertised. A police officer arrived to take a report and whisked the baggies away. Now, Fly was upset that Krebs wasn't in handcuffs for drug possession, and decided to follow up his stunt by sending Krebs a floral arrangement shaped like a cross, and an accompanying threatening message addressed to his wife, the dire tone slightly undercut by the fact that it was signed "Velvet Crabs". Krebs' curiosity was already piqued from the shenanigans with the heroin, but with the arrival of the flowers decided to dive deeper into the сука behind things. He began digging into databases from carding sites that had been hacked, but got his first major breakthrough to his identity from a Russian computer forensics firm. Fly had maintained an account on a now-defunct hacking forum, whose database was breached under "Flycracker". It turns out, the email Flycracker had used was also hacked at some point, and a source told Krebs that the email was full of reports from a keylogger Fly had installed on his wife's computer. Now, because presumably his wife wasn't part of, or perhaps even privy to her husband's illicit dealings, her email account happened to be her full legal name, which Krebs was able to trace to her husband. Now, around this time, the site Fly maintained disappeared from the web, and administrators on another major fraud forum started purging his account. This is a step they typically take when they suspect a member has been apprehended by authorities. Nobody knew for sure, but they didn't want to take any chances. More research by Krebs revealed that the criminals' intuition had been correct, and Fly was arrested in Italy, carrying documents under an assumed name. He was sitting in an Italian jail, awaiting potential extradition to the United States, as well as potentially facing charges in Italy. This was relayed to Krebs by a law enforcement official who simply said "The Fly has been swatted". (Presumably while slowly removing a pair of aviator sunglasses) While Fly may have been put away, the story between Krebs and Fly wasn't quite over. He did end up being extradited to the US for prosecution, but while imprisoned in Italy, Fly actually started sending Krebs letters. Understandably distrustful after the whole "heroin" thing, his contacts in federal law enforcement tested the letter, and found it to be clean. Inside, there was a heartfelt and personal letter, apologizing for fucking with Krebs in so many ways. He also forgave Krebs for posting his identity online, leading him to muse that perhaps Fly was working through a twelve-step program. In December, he received another letter, this time a simple postcard with a cheerful message wishing him a Merry Christmas and a Happy New Year. Krebs concluded his post thusly:
Cybercrooks have done some pretty crazy stuff to me in response to my reporting about them. But I don’t normally get this kind of closure. I look forward to meeting with Fly in person one day soon now that he will be just a short train ride away. And he may be here for some time: If convicted on all charges, Fly faces up to 30 years in U.S. federal prison.
Criminals are none too happy when they find their businesses and identities on the front page of KrebsOnSecurity. It usually means law enforcement isn't far behind. One such business was known as vDOS. A DDOS-for-hire (also known as a "booter" or a "stresser") site that found itself hacked, with all their customer records still in their databases leaked. Analysis of the records found that in a four-month time span, the service had been responsible for about 8.81 years worth of attack time, meaning on average at any given second, there were 26 simultaneous attacks running. Interestingly, the hack of vDOS came about from another DDOS-for-hire site, who as it turns out was simply reselling services provided by vDOS. They were far from the only one. vDOS appeared to provide firepower to a large number of different resellers. In addition to the attack logs, support messages were also among the data stolen. This contained some complaints from various clients who complained they were unable to launch attacks against Israeli IPs. This is a common tactic by hackers to try and avoid unwanted attention from authorities in their country of residence. This was confirmed when two men from Israel were arrested for their involvement in owning and running vDOS. However, this was just the beginning for this bit of drama. The two men arrested went by the handles "applej4ck" and "Raziel". They had recently published a paper on DDOS attack methods in an online Israeli security magazine. Interestingly, on the same day the men were arrested, questioned, and released on bail, vDOS went offline. Not because it had been taken down by Israeli authorities, not because they had shut it down themselves, but because a DDOS protection firm, BackConnect Security, had hijacked the IP addresses belonging to the company. To spare a lot of technical detail, it's called a BGP hijack, and it basically works by a company saying "Yeah, those are our addresses." It's kind of amazing how much of the internet is basically just secured by the digital equivalent of pinky swears. You can read some more technical detail on Wikipedia. Anyway, we'll get back to BackConnect. Following the publication of the story uncovering the inner workings of vDOS, KrebsOnSecurity was hit with a record breaking DDOS attack, that peaked at 620/Gbps, nearly double the most powerful DDOS attack previously on record. To put that in perspective, that's enough bandwidth to download 5 simultaneous copies of Interstellar in 4K resolution every single second, and still have room to spare. The attack was so devastating, Akamai, one of the largest providers of DDOS protection in the world had to drop Krebs as a pro bono client. Luckily, Google was willing to step in and place his site under the protection of Google's Project Shield, a free service designed to protect the news sites and journalists from being knocked offline by DDOS attacks. This attack was apparently in retaliation for the vDOS story, since some of the data sent in the attack included the string "freeapplej4ck". The attack was executed by a botnet of Internet of Things (or IoT) devices. These are those "smart" devices like camera systems, routers, DVRs. Basically things that connect to the cloud. An astounding amount of those are secured with default passwords that can be easily looked up from various sites or even the manufacturers' websites. This was the start of a discovery of a massive botnet that had been growing for years. Now time for a couple quick side stories: Dyn, a company who provides DNS to many major companies including Twitter, Reddit, and others came under attack, leaving many sites (including Twitter and Reddit) faltering in the wake of it. Potentially due to one of their engineers' collaboration with Krebs on another story. It turned out that the same botnet that attacked Krebs' site was at least part of the attack on Dyn And back to BackConnect, that DDOS protection firm that hijacked the IP addresses from vDOS. Well it turns out BGP Hijacks are old hat for the company. They had done it at least 17 times before. Including at least once (purportedly with permission) for the address 188.8.131.52. Aka, "leet". It turns out one of the co-founders of BackConnect actually posted screenshots of him visiting sites that tell you your public IP address in a DDOS mitigation industry chat, showing it as 184.108.40.206. They also used a BGP Hijack against a hosting company and tried to frame a rival DDOS mitigation provider. Finally, another provider, Datawagon was interestingly implicated in hosting DDOS-for-hire sites while offering DDOS protection. In a Skype conversation where the founder of Datawagon wanted to talk about that time he registered dominos.pizza and got sued for it, he brings up scanning the internet for vulnerable routers completely unprompted. Following the publication of the story about BackConnect, in which he was included in, he was incensed about his portrayal, and argued with Krebs over Skype before Krebs ultimately ended up blocking him. He was subsequently flooded with fake contact requests from bogus or hacked Skype accounts. Shortly thereafter, the record-breaking DDOS attack rained down upon his site. Back to the main tale! So, it turns out the botnet of IoT devices was puppeteered by a malware called Mirai. How did it get its name? Well, that's the name its creator gave it, after an anime called Mirai Nikki. How did this name come to light? The creator posted the source code online. (The name part, not the origin. The origin didn't come 'til later.) The post purported that they'd picked it up from somewhere in their travels as a DDOS industry professional. It turns out this is a semi-common tactic when miscreants fear that law enforcement might come looking for them, and having the only copy of the source code of a malware in existence is a pretty strong indicator that you have something to do with it. So, releasing the source to the world gives a veneer of plausible deniability should that eventuality come to pass. So who was this mysterious benefactor of malware source? They went by the name "Anna-senpai". As research on the Mirai botnet grew, and more malware authors incorporated parts of Mirai's source code into their own attacks, attention on the botnet increased, and on the people behind it. The attention was presumably the reason why Hackforums, the forum where the source code was posted, later disallowed ostensible "Server Stress Tester" services from being sold on it. By December, "Operation Tarpit" had wrought 34 arrests and over a hundred "knock and talk" interviews questioning people about their involvement. By January, things started to come crashing down. Krebs published an extensive exposé on Anna-senpai detailing all the evidence linking them to the creation of Mirai. The post was so big, he included a damn glossary. What sparked the largest botnet the internet had ever seen? Minecraft. Minecraft servers are big business. A popular one can earn tens of thousands of dollars per month from people buying powers, building space, or other things. It's also a fiercely competitive business, with hundreds of servers vying for players. It turns out that things may have started, as with another set of companies, two rival DDOS mitigation providers competing for customers. ProTraf was a provider of such mitigation technology, and a company whose owner later worked for ProTraf had on at least one occasion hijacked addresses belonging to another company, ProxyPipe. ProxyPipe had also been hit with DDOS attacks they suspected to be launched by ProTraf. While looking into the President of ProTraf, Krebs realized he'd seen the relatively uncommon combination of programming languages and skills posted by the President somewhere else. They were shared by Anna-senpai on Hackforums. As Krebs dug deeper and deeper into Anna-senpai's online presence, he uncovered other usernames, including one he traced to some Minecraft forums where a photoshopped picture of a still from Pulp Fiction contained the faces of BackConnect, which was a rival to ProTraf's DDOS mitigation business, and another face. A hacker by the name of Vyp0r, who another employee of ProTraf claimed betrayed his trust and blackmailed him into posting the source of another piece of malware called Bashlite. There was also a third character photoshopped into the image. An anime character named "Yamada" from a movie called B Gata H Hei. Interestingly, under the same username, Krebs found a "MyAnimeList" profile which, out of 9 titles it had marked as watched, were B Gata H Hei, as well as Mirai Nikki, the show from which Mirai derived its name. It continues on with other evidence, including DDOS attacks against Rutgers University, but in short, there was little doubt in the identity of "Anna-senpai", but the person behind the identity did contact Krebs to comment. He denied any involvement in Mirai or DDOS attacks.
"I don’t think there are enough facts to definitively point the finger at me," [Anna-senpai] said. "Besides this article, I was pretty much a nobody. No history of doing this kind of stuff, nothing that points to any kind of sociopathic behavior. Which is what the author is, a sociopath."
I don't have the time or energy to write another effortpost, and as is I'm over 20,000 characters, so here's a few other tidbits of Krebs' clashes with miscreants.
A source and security researcher he was talking to started blabbing about him working with Krebs, and also was selling data to hackers on the side. His example data in his sales post was fucking Brian Krebs'.
Lastupdated2018-01-29 This post is a collaboration with the Bitcoin community to create a one-stop source for Lightning Network information. There are still questions in the FAQ that are unanswered, if you know the answer and can provide a source please do so!
Lightning Network White Paper - The protocol has changed since this original paper, but covers the mid-level mechanics of the Lightning Network with an emphasis on the smart contracts that make it trustless
If you can answer please PM me and include source if possible. Feel free to help keep these answers up to date and as brief but correct as possible
Is Lightning Bitcoin?
Yes. You pick a peer and after some setup, create a bitcoin transaction to fund the lightning channel; it’ll then take another transaction to close it and release your funds. You and your peer always hold a bitcoin transaction to get your funds whenever you want: just broadcast to the blockchain like normal. In other words, you and your peer create a shared account, and then use Lightning to securely negotiate who gets how much from that shared account, without waiting for the bitcoin blockchain.
Is the Lightning Network open source?
Yes, Lightning is open source. Anyone can review the code (in the same way as the bitcoin code)
Who owns and controls the Lightning Network?
Similar to the bitcoin network, no one will ever own or control the Lightning Network. The code is open source and free for anyone to download and review. Anyone can run a node and be part of the network.
I’ve heard that Lightning transactions are happening “off-chain”…Does that mean that my bitcoin will be removed from the blockchain?
No, your bitcoin will never leave the blockchain. Instead your bitcoin will be held in a multi-signature address as long as your channel stays open. When the channel is closed; the final transaction will be added to the blockchain. “Off-chain” is not a perfect term, but it is used due to the fact that the transfer of ownership is no longer reflected on the blockchain until the channel is closed.
Do I need a constant connection to run a lightning node?
Not necessarily, Example: A and B have a channel. 1 BTC each. A sends B 0.5 BTC. B sends back 0.25 BTC. Balance should be A = 0.75, B = 1.25. If A gets disconnected, B can publish the first Tx where the balance was A = 0.5 and B = 1.5. If the node B does in fact attempt to cheat by publishing an old state (such as the A=0.5 and B=1.5 state), this cheat can then be detected on-chain and used to steal the cheaters funds, i.e., A can see the closing transaction, notice it's an old one and grab all funds in the channel (A=2, B=0). The time that A has in order to react to the cheating counterparty is given by the CheckLockTimeVerify (CLTV) in the cheating transaction, which is adjustable. So if A foresees that it'll be able to check in about once every 24 hours it'll require that the CLTV is at least that large, if it's once a week then that's fine too. You definitely do not need to be online and watching the chain 24/7, just make sure to check in once in a while before the CLTV expires. Alternatively you can outsource the watch duties, in order to keep the CLTV timeouts low. This can be achieved both with trusted third parties or untrusted ones (watchtowers). In the case of a unilateral close, e.g., you just go offline and never come back, the other endpoint will have to wait for that timeout to expire to get its funds back. So peers might not accept channels with extremely high CLTV timeouts. -- Source
What Are Lightning’s Advantages?
Tiny payments are possible: since fees are proportional to the payment amount, you can pay a fraction of a cent; accounting is even done in thousandths of a satoshi. Payments are settled instantly: the money is sent in the time it takes to cross the network to your destination and back, typically a fraction of a second.
Does Lightning require Segregated Witness?
Yes, but not in theory. You could make a poorer lightning network without it, which has higher risks when establishing channels (you might have to wait a month if things go wrong!), has limited channel lifetime, longer minimum payment expiry times on each hop, is less efficient and has less robust outsourcing. The entire spec as written today assumes segregated witness, as it solves all these problems.
Can I Send Funds From Lightning to a Normal Bitcoin Address?
No, for now. For the first version of the protocol, if you wanted to send a normal bitcoin transaction using your channel, you have to close it, send the funds, then reopen the channel (3 transactions). In future versions, you and your peer would agree to spend out of your lightning channel funds just like a normal bitcoin payment, allowing you to use your lightning wallet like a normal bitcoin wallet.
Can I Make Money Running a Lightning Node?
Not really. Anyone can set up a node, and so it’s a race to the bottom on fees. In practice, we may see the network use a nominal fee and not change very much, which only provides an incremental incentive to route on a node you’re going to use yourself, and not enough to run one merely for fees. Having clients use criteria other than fees (e.g. randomness, diversity) in route selection will also help this.
What is the release date for Lightning on Mainnet?
Would there be any KYC/AML issues with certain nodes?
Nope, because there is no custody ever involved. It's just like forwarding packets. -- Source
What is the delay time for the recipient of a transaction receiving confirmation?
Furthermore, the Lightning Network scales not with the transaction throughput of the underlying blockchain, but with modern data processing and latency limits - payments can be made nearly as quickly as packets can be sent. -- Source
How does the lightning network prevent centralization?
How would the lightning network work between exchanges?
Each exchange will get to decide and need to implement the software into their system, but some ideas have been outlined here: Google Doc - Lightning Exchanges Note that by virtue of the usual benefits of cost-less, instantaneous transactions, lightning will make arbitrage between exchanges much more efficient and thus lead to consistent pricing across exchange that adopt it. -- Source
How do lightning nodes find other lightning nodes?
Does every user need to store the state of the complete Lightning Network?
According to Rusty's calculations we should be able to store 1 million nodes in about 100 MB, so that should work even for mobile phones. Beyond that we have some proposals ready to lighten the load on endpoints, but we'll cross that bridge when we get there. -- Source
Would I need to download the complete state every time I open the App and make a payment?
No you'd remember the information from the last time you started the app and only sync the differences. This is not yet implemented, but it shouldn't be too hard to get a preliminary protocol working if that turns out to be a problem. -- Source
What needs to happen for the Lightning Network to be deployed and what can I do as a user to help?
Lightning is based on participants in the network running lightning node software that enables them to interact with other nodes. This does not require being a full bitcoin node, but you will have to run "lnd", "eclair", or one of the other node softwares listed above. All lightning wallets have node software integrated into them, because that is necessary to create payment channels and conduct payments on the network, but you can also intentionally run lnd or similar for public benefit - e.g. you can hold open payment channels or channels with higher volume, than you need for your own transactions. You would be compensated in modest fees by those who transact across your node with multi-hop payments. -- Source
Is there anyway for someone who isn't a developer to meaningfully contribute?
Sure, you can help write up educational material. You can learn and read more about the tech at http://dev.lightning.community/resources. You can test the various desktop and mobile apps out there (Lightning Desktop, Zap, Eclair apps). -- Source
Do I need to be a miner to be a Lightning Network node?
Do I need to run a full Bitcoin node to run a lightning node?
lit doesn't depend on having your own full node -- it automatically connects to full nodes on the network. -- Source LND uses a light client mode, so it doesn't require a full node. The name of the light client it uses is called neutrino
How does the lightning network stop "Cheating" (Someone broadcasting an old transaction)?
Upon opening a channel, the two endpoints first agree on a reserve value, below which the channel balance may not drop. This is to make sure that both endpoints always have some skin in the game as rustyreddit puts it :-) For a cheat to become worth it, the opponent has to be absolutely sure that you cannot retaliate against him during the timeout. So he has to make sure you never ever get network connectivity during that time. Having someone else also watching for channel closures and notifying you, or releasing a canned retaliation, makes this even harder for the attacker. This is because if he misjudged you being truly offline you can retaliate by grabbing all of its funds. Spotty connections, DDoS, and similar will not provide the attacker the necessary guarantees to make cheating worthwhile. Any form of uncertainty about your online status acts as a deterrent to the other endpoint. -- Source
How many times would someone need to open and close their lightning channels?
You typically want to have more than one channel open at any given time for redundancy's sake. And we imagine open and close will probably be automated for the most part. In fact we already have a feature in LND called autopilot that can automatically open channels for a user. Frequency will depend whether the funds are needed on-chain or more useful on LN. -- Source
Will the lightning network reduce BTC Liquidity due to "locking-up" funds in channels?
When setting up a Lightning Network Node are fees set for the entire node, or each channel when opened?
You don't really set up a "node" in the sense that anyone with more than one channel can automatically be a node and route payments. Fees on LN can be set by the node, and can change dynamically on the network. -- Source
Can Lightning routing fees be changed dynamically, without closing channels?
Yes but it has to be implemented in the Lightning software being used. -- Source
How can you make sure that there will be routes with large enough balances to handle transactions?
You won't have to do anything. With autopilot enabled, it'll automatically open and close channels based on the availability of the network. -- Source
How does the Lightning Network stop flooding nodes (DDoS) with micro transactions? Is this even an issue?
IoT is a whole ecosystem that contains intelligent devices equipped with sensors (sensors) that provide remote control, storage, transmission and security of data. The Internet of Things (IoT) is an innovative solution in various areas such as healthcare, insurance, labor protection, logistics, ecology, etc. To unleash the full potential of using IoT devices, it is necessary to solve many problems related to standards, security, architecture, ecosystem construction, channels and device connection protocols. Today in the world, large organizations such as NIST, IEEE, ISO / IEC, and others make enormous efforts in addressing the issues of standardization, security, and the architecture of developed devices. Analysis of recent scientific research in the field of solving information security issues and data privacy of IoT devices showed positive results, but these methods and approaches are based on traditional methods of network security. The development and application of security mechanisms for IoT devices is a complex and heterogeneous task. In this regard, ensuring information security and the protection of sensitive data, as well as the availability of IoT devices, is the main purpose of writing this article. Given the above, many questions arise related to the security status of IoT devices, namely: What are the current standards and protocols for IoT? What are the requirements for ensuring information security of IoT devices? What security mechanisms do IoT devices have? What methods of testing IoT devices exist? Manufacturers and developers of IoT devices do not pay enough attention to security issues. With the development of cyber-attacks, attack vectors are becoming more sophisticated and aimed at several infrastructure elements at the same time. IoT infrastructure typically includes millions of connected objects and devices that store and share confidential information. Scenarios of theft and fraud, such as hacking and falsifying personal data, pose a serious threat to such IoT devices. Most IoT devices use the public Internet to exchange data, which makes them vulnerable to cyber-attacks. Modern approaches to information security often offer solutions to individual problems, when multi-level approaches offer increased resistance to cyber-attacks. Challenges of testing IoT devices To a request to name essential items, many would answer: food, a roof over your head, clothes … With one caveat: this was the case in the last century. Since then, the species Homo Sapiens has accumulated needs. We need automatic sensors to control the lighting, not just switches, for smart systems to monitor health and car traffic. The list goes on … In general, we can make life easier and better. Let’s try to figure out how all this Internet of things works before moving on to testing. IoT testing Content What is the Internet of Things (IoT)? Examples of IoT devices # 1) Wearable technology: # 2) Infrastructure and development # 3) Health Technologies that are present in IoT IoT Testing # 1) Usability: # 2) IoT Security: # 3) Network features: # 4) Efficiency: # 5) Compatibility testing: # 6) Pilot testing: # 7) Check for compliance: # 8) Testing updates: IoT testing challenges # 1) Hard / soft # 2) Device Interaction Model # 3) Testing data coming in real time # 4) UI # 5) Network Availability IoT Testing Tools # 1) Software: # 2) Hard: Total What is the Internet of Things (IoT)? The Internet of things (or IoT) is a network that combines many objects: vehicles, home automation, medical equipment, microchips, etc. All these constituent elements accumulate and transmit data. Through this technology, the user controls the devices remotely.
Examples of IoT devices
# 1) Wearable technology: Fitbit Fitness Bracelets and Apple Watch smart watches sync seamlessly with other mobile devices.
IoT – watches and bracelets
Itís easier to collect health information: heart rate, body activity during sleep, etc. # 2) Infrastructure and development The CitySense app analyzes lighting data online and turns lights on and off automatically. There are applications that control traffic lights or report on the availability of parking lots. # 3) Health Some health monitoring systems are used in hospitals. The basis of their work is indicative data. These services control the dosage of drugs at different times of the day. For example, the UroSense application monitors the level of fluid in the body and, if necessary, increases this level. And doctors will learn about patient information wirelessly. Technologies that are present in IoT RFID (Radio Frequency Identification), EPC (Electronic Product Code) NFC (ìNear Field Communicationî) provides two-way communication between devices. This technology is present in smartphones and is used for contactless transactions. Bluetooth It is widely used in situations where near-field communication is sufficient. Most often present in wearable devices. Z-Wave. Low frequency RF technology. Most often used for home automation, lighting control, etc. WiFi. The most popular network for IoT (file, data and message transfer). IoT Testing Consider an example : a medical system that monitors health status, heart rate, fluid content, and sends reports to healthcare providers. Data is displayed in the system; archives available. And doctors are already deciding whether to take medication for the patient remotely. IoT architecture There are several approaches for testing the IoT architecture. # 1) Usability: It is necessary to provide usability testing of each device. A medical device that monitors your health should be portable. Sufficiently thought out equipment is needed that would send not only notifications, but also error messages, warnings, etc. The system must have an option that captures events, so that the end user understands. If this is not possible, event information is stored in the database. The ability to process data and exchange tasks between devices is carefully checked. # 2) IoT Security: Data is at the heart of all connected devices. Therefore, unauthorized access during data transfer is not ruled out. From the point of view of software testing, it is necessary to check how secure / encrypted the data is. If there is a UI, you need to check if it is password protected. # 3) Network features: Network connectivity and IoT functionality are critical. After all, we are talking about a system that is used for health purposes. Two main aspects are tested: The presence of a network , the possibility of data transfer (whether jobs are transferred from one device to another without any hitch). The scenario when there is no connection . Regardless of the level of reliability of the system, it is likely that the status of the system will be ìofflineî. If the network is unavailable, employees of the hospital or other organization need to know about it (notifications). Thus, they will be able to monitor the condition of the patient themselves, and not wait for the system to work. On the other hand, in such systems there is usually a mechanism that saves data if the system is offline. That is, data loss is eliminated. # 4) Efficiency: It is necessary to take into account the extent to which the healthcare solution is applicable in specific conditions. In testing, from 2 to 10 patients participate, data is transmitted to 10-20 devices. If the entire hospital is connected to the network, this is already 180-200 patients. That is, there will be more actual data than test data. In addition, it is necessary to test the utility for monitoring the system: current load, power consumption, temperature, etc. # 5) Compatibility testing: This item is always present in the plan for testing the IoT system. The compatibility of different versions of operating systems, browser types and their respective versions, devices of different generations, communication modes [for example, Bluetooth 2.0, 3.0] is extremely important for IoT. # 6) Pilot testing: Pilot testing is a mandatory point of the test plan. Only tests in the laboratory will allow us to conclude that the system is functional. In pilot testing, the number of users is limited. They make manipulations with the application and express their opinion. These comments turn out to be very helpful, they make a reliable application. # 7) Check for compliance: The system, which monitors the state of health, undergoes many compliance checks. It also happens that a software product passes all stages of testing, but fails the final test for compliance [testing is carried out by the regulatory body]. It is more advisable to check for compliance with norms and standards before starting the development cycle. # 8) Testing updates: IoT is a combination of many protocols, devices, operating systems, firmware, hardware, network layers, etc. When an update occurs – be it a system or something else of the above – rigorous regression testing is required. The overall strategy is being amended to avoid the difficulties associated with the upgrade.
IoT testing challengesIoT testing
# 1) Hard / soft IoT is an architecture in which software and hardware components are closely intertwined. Not only software is important, but also hard: sensors, gateways, etc. Functional testing alone will not be enough to certify the system. All components are interdependent. IoT is much more complicated than simpler systems [only software or only hard]. # 2) Device Interaction Model Components of the network must interact in real time or close to real. All this becomes a single whole – hence the additional difficulties associated with IoT (security, backward compatibility and updates). # 3) Testing data coming in real time Obtaining this data is extremely difficult. The matter is complicated by the fact that the system, as in the described case, may relate to the health sector. # 4) UI An IoT network usually consists of different devices that are controlled by different platforms [iOS, Android, Windows, linux]. Testing is possible only on some devices, since testing on all possible devices is almost impossible. # 5) Network Availability Network connectivity plays an important role in IoT. The data rate is increasing. IoT architecture should be tested under various connection conditions, at different speeds. Virtual network emulators in most cases are used to diversify network load, connectivity, stability, and other elements of load testing . But the evidence is always new scenarios, and the testing team does not know where the difficulties will arise in the future.
IoT Testing ToolsIoT and software
There are many tools that are used in testing IoT systems. They are classified depending on the purpose: # 1) Software: Wireshark : An open source tool. Used to monitor traffic in the interface, source / given host address, etc. Tcpdump : This tool does a similar job. The utility does not have a GUI, its interface is the command line. It enables the user to flash TCP / IP and other packets that are transmitted over the network. # 2) Hard: JTAG Dongle: A tool similar to debuggers in PC applications. Allows you to find defects in the code of the target platform and shows the changes step by step. Digital Storage Oscilloscope : checks various events using time stamps, power outages, signal integrity. Software Defined Radio : emulates a transmitter and receiver for various wireless gateways. IoT is an emerging market and many opportunities. In the foreseeable future, the Internet of things will become one of the main areas of work for tester teams. Network devices, smart gadget applications, communication modules – all this plays an important role in the study and evaluation of various services. Total The approach to testing IoT may vary depending on the specific system / architecture. Itís difficult to test IoT, but at the same time itís an interesting job, since testers have a good place to swing – there are many devices, protocols and operating systems. PS You should try out the TAAS format (“tests from the user’s point of view”), and not just fulfill the formal requirements. ————— Smart watches, baby-sitters, wireless gadgets and devices such as, for example, a portable radio station have long been part of everyday life. Hackers have already proven that many of these attacks on IoT are possible. Many people in general first learned about IoT security threats when they heard about the Mirai botnet in September 2016. According to some estimates, Mirai infected about 2.5 million IoT devices, including printers, routers and cameras connected to the Internet. The botnetís creators used it to launch distributed denial of service (DDoS) attacks, including an attack on the KrebsonSecurity cybersecurity blog. In fact, the attackers used all devices infected with Mirai to try to connect to the target site at the same time, in the hope of suppressing the servers and preventing access to the site. Since Mirai was first published on the news, attackers launched other botnet attacks on IoT, including Reaper and Hajime. Experts say that such attacks are most likely in the future. The Internet of Things (IoT) can bring many advantages to modern life, but it also has one huge drawback: security threats. In its 2018 IOT forecasts, Forroter Research notes: ìSecurity threats are a major concern for companies deploying IoT solutions – in fact, this is the main task of organizations looking to deploy IoT solutions. However, most firms do not regularly prevent IoT-specific security threats, and business pressure suppresses technical security issues. î IoT security risks can be even more significant on the consumer side, where people are often unaware of potential threats and what they should do to avoid threats. A 2017 IoT security survey sponsored by Gemalto Security Provider found that only 14 percent of consumers surveyed consider themselves IoT-aware. This number is particularly noteworthy because 54 percent of the respondents owned an average of four IoT devices. And these IoT security threats are not just theoretical. Hackers and cybercriminals have already found ways to compromise many IoT devices and networks, and experts say that successful attacks are likely to increase. Forrester predicted: “In 2018, we will see more attacks related to IoT … except that they will increase in scale and loss.” What types of IoT security threats will enterprises and consumers face in 2018? Based on historical precedent, here are ten of the most likely types of attacks.
Botnets and DDoS attacks
Remote recording The possibility that attackers can hack IoT devices and record owners without their knowledge is not revealed as a result of the work of hackers, but as a result of the work of the Central Intelligence Agency (CIA).
Documents released by WikiLeaks implied that the spy agency knew about dozens of zero-day exploits for IoT devices, but did not disclose errors, because they hoped to use vulnerabilities to secretly record conversations that would reveal the actions of alleged opponents of America. Documents pointed to vulnerabilities in smart TVs, as well as on Android and iOS smartphones. The obvious consequence is that criminals can also exploit these vulnerabilities for their vile purposes.
Spam In January 2014, one of the first known attacks using IoT devices used more than 100,000 Internet-connected devices, including televisions, routers, and at least one smart refrigerator to send 300,000 spam emails per day.
The attackers sent no more than 10 messages from each device, which makes it very difficult to block or determine the location of the incident. This first attack was not far from the last. IoT spam attacks continued in the fall with the Linux.ProxyM IoT botnet.
APTs In recent years, advanced persistent threats (APTs) have become a serious concern for security professionals.
APTs are carried out by funded and widespread attackers such as nation states or corporations that launch complex cyberattacks that are difficult to prevent or mitigate. For example, the Stuxnet worm, which destroyed Iranian nuclear centrifuges and hacking Sony Pictures 2014, was attributed to nation states. Because the critical infrastructure is connected to the Internet, many experts warn that APTs may launch a power-oriented IoT attack, industrial control systems, or other systems connected to the Internet. Some even warn that terrorists could launch an attack on iOT, which could harm the global economy.
Ransomware Ransomware has become too common on home PCs and corporate networks. Now experts say that it is only a matter of time before the attackers begin to block smart devices. Security researchers have already demonstrated the ability to install ransomware on smart thermostats. For example, they can raise the temperature to 95 degrees and refuse to return it to its normal state until the owner agrees to pay a ransom in Bitcoins. They can also launch similar attacks on garage doors, vehicles, or even appliances. How much would you pay to unlock your smart coffee pot first thing in the morning?
Data theft Obtaining important data, such as customer names, credit card numbers, social security numbers, and other personal information, is still one of the main goals of cyber attacks.
IoT devices represent a whole new vector of attack for criminals looking for ways to invade corporate or home networks. For example, if an improperly configured device or IoT sensor is connected to corporate networks, this can give attackers a new way to enter the network and potentially find the valuable data that they need.
Home theft As smart locks and smart garage doors become more commonplace, it is also more likely that cybercriminals can become real thieves.
Home systems that are not properly protected can be vulnerable to criminals with sophisticated tools and software. Security researchers are unlikely to have shown that itís quite easy to break into a house through smart locks from several different manufacturers, and smart garage doors do not seem to be much safer.
Communication with children One of the most disturbing IoT security stories came from children.
One couple discovered that the stranger not only used his monitor for children to spy on their three-year-old son, this stranger also spoke with his child through the device. Mother heard an unknown voice: ìWake up, boy, dad is looking for you,î and the child said that he was scared because at night someone was talking to him on an electronic device. As more and more children’s gadgets and toys connect to the Internet, it seems likely that these frightening scenarios may become more common.
Remote control of a vehicle As vehicles become smarter and more accessible on the Internet, they also become vulnerable to attack.
Hackers have shown that they can take control of a jeep, maximize air conditioning, change the radio station, start the wipers, and ultimately slow down the car. The news led to the recall of 1.4 million cars, but whitehat researchers, following the original exploit, said they discovered additional vulnerabilities that were not fixed by the Chrysler patch applied to the recalled cars. Although experts say the automotive industry is doing a great job of ensuring vehicle safety, it is almost certain that attackers will find new vulnerabilities in such smart cars.
Personal attacks Sometimes IoT covers more than just devices – it can also include people who have connected medical devices implanted in their bodies.
An episode of the television series Homeland attempted a murder aimed at an implanted medical device, and former vice president Dick Cheney was so worried about this scenario that he turned off the wireless capabilities on his implanted defibrillator. This kind of attack has not yet happened in real life, but it remains possible, as many medical devices become part of the IoT.
Hey guys, I thought I would put together an in-depth tour of the Gridcoin wallet software for all of our recent newcomers. Here I'll be outlining all the features and functions the windows GUI wallet has to offer, along with some basic RPC command usage. I'll be using the windows wallet as an example, but both linux and macOS should be rather similar. I'll be including as many pictures as I can as embedded hyperlinks. Edit: Note that since I originally made this there has been a UI update, so your client will be different colors but all the button locations are in the same place. This is my first post like this, so please forgive me if this appears a little scatter-brained. This will not cover the mining setup process for pool or solo miners. When you launch the wallet software for the first time you should be greeted with this screen.
If you're a pool miner or investor, press cancel.
If you're a solo miner, enter your email you used to sign up for projects and press OK.
If you're not sure or haven't decided yet, press cancel. We can come back to this later.
After that prompt, you should be left sitting on the main overview tab with several fields on it. From top to bottom:
Available: All coins available to be sent or staked (I'll cover this term later).
Stake: All coins that are currently staking.
Unconfirmed: All coins that have been received and have not yet received 110 confirmations.
Total: All coins in your wallet. (The sum of the above fields)
Blocks: How many blocks your client has in it's chain. Your wallet just started syncing with the network so this number will be low.
Difficulty: How difficult it is for someone to stake the next block.
Net Weight: An estimate for how many coins are staking on the entire network.
Coin Weight: How many of your coins that are currently staking.
Magnitude: A quantifier for how much work you put in mining. For solo miners only. For pool miners, this value will always be 0.
Project: Displays the projects you're working on, one at a time. For solo miners only. For pool miners, this will always say "INVESTOR".
CPID: Cross Project Identifier. Used to keep track of users across projects. For solo miners only. For pool miners, this will always say "INVESTOR".
Status: Displays various status messages.
Current Poll: Displays the latest poll.
Client Messages: Displays various client messages.
Now onto the other tabs on the left side. Currently we're on the Overview tab, lets move down to the Send tab. This tab it pretty self-explanatory, you use it if you want to send coins, but I'll go over the fields here:
Pay To: Enter a valid gridcoin address to send coins too. Gridcoin addresses always start with an S or and R.
Label: Enter a label here and it will put that address in your "address book" under that label for later use. You can leave it blank if you don't want it in your address book.
Message: Enter a message here if you want it attached to your transaction.
Amount: How many coins you want to send.
Add Attachment: Leave this alone, it is broken.
Track Coins: This doesn't do anything.
Now down to the Receive tab. Here you should have a single address listed. If you double click on the label field, you can edit it's label.
New: Generate a new address.
If you click on an address, the rest of the options should be clickable.
Copy: Copy the selected address to your clipboard.
Show QR Code: Show a scan-able QR code for the selected address.
Sign Message: Cryptographically sign a message using the selected address.
The Transactions tab is pretty boring considering we have no transactions yet. But as you can see there are some sorting tools at the top for when you do have transactions listed.
ADDRESS BOOK TAB
The Address Book is where all the addresses you've labeled (that aren't yours) will show up.
Verify Message: Verifies a message was signed by the selected address.
The rest of the functions are similar to the functions on the Receive tab.
Onto the Voting tab. There wont be any polls because we aren't in sync yet.
Reload Polls: Pretty self-explanatory, I've never had to use this.
Load History: By default, the wallet will only display active polls. If you want to view past polls you can use this.
Create Poll: You can create a network-wide poll. You must have 100,000 coins as a requirement to make a poll. (Creating a poll does not consume the coins)
Display coin control features (experts only!): This allows you to have a great deal of control over the coins in your wallet, check this for now and I'll explain how to use it further down. Don't forget to click "Apply".
ENCRYPTING YOUR WALLET
Now that all of that is out of the way. The first thing you'll want to do is encrypt your wallet. This prevents anybody with access to your computer from sending coins. This is something I would recommend everyone do. Go to Settings > Encrypt Wallet and create a password. YOU CANNOT RECOVER YOUR COINS IF YOU FORGET YOUR PASSWORD. Your wallet will close and you will have to start it up again. This time when it opens up, you should have a new button in the bottom left. Now if you want to stake you will have to unlock your wallet. Notice the "For staking only" box that is checked by default. If you want to send a beacon for solo mining or vote, you will need to uncheck this box.
GETTING IN SYNC AND ICONS
Before we continue, Let's wait until we're in sync. Depending on your internet speeds, this could take from several hours to over a day or 2. This can be sped up by using Advanced > Download Blocks, but this can still take several hours. This is what an in-sync client should look like. Notice the green check to the right of the Receive tab. All of these icons give you information when you hover your mouse over them. The lock The arrow tells you if you're staking. If you aren't staking, it will tell you why you're not staking. If you are staking it will give you an estimated staking time. Staking is a very random process and this is only an estimate, not a countdown. The connection bars tell you how many connections to the network you have. The check tells you if you're in sync.
WHAT IS STAKING?
Now I've said "stake" about a million times so far and haven't explained it. Gridcoin is a Proof of Stake (PoS) coin. Unlike bitcoins Proof of Work (PoW), PoS uses little system resources, so you can use those resources for scientific work. PoS works by users "Staking" with their balance. The higher the balance, the higher the chance to create, or "stake" a block. This means you need to have a positive balance in order to stake. Theoretically, you can stake with any amount over 0.0125 coins, but in practice it's recommended to have at least 2000 coins to reliably stake. Staking is important for solo miners, because they get paid when they stake. Pool miners don't need to stake in order to get paid however. So if you want to solo mine, you'll need to buy some coins from an exchange or start in the pool first and move to solo when you have enough coins. In addition to Research Rewards for miners, anyone who holds coins (solo miners, pool miners, and investors) gets 1.5% interest annually on top of your coins. So it can be beneficial for pool miners to stake as well. Here is a snippet of what a research rewards transaction looks like from my personal wallet. I have a label on that address of "Payout address" as you can see here.
UTXOS AND COIN CONTROL
At this point you'll need some coins. You can use one of our faucets like this one or this one to test coin control out. First let me explain what a UTXO is. UTXO stands for Unspent Transaction Output. Say you have an address with 0 coins in it, and someone sends you 10 coins like I've done here. Those 10 coins are added to that address in the form of a UTXO, so we have an address with one 10 coin UTXO in it. Now we receive another 5 coins at the same address, like so. Now we have an address with one 10 coin UTXO and one 5 coin UTXO. But how do we view how our addresses are split up into different UTXOs? Earlier we checked the "Display coin control features" box in Settings > Options > Display. Once that's checked you'll notice there's another section in the Send tab labeled "Coin Control Features". If you click the "Inputs" button, you'll get a new window. And look, there's our 2 UTXOs. All UTXOs try to stake separately from each other, and remember that the chance a UTXO has to stake is proportional to it's size. So in this situation, my 10 coin UTXO has twice the chance to stake as my 5 coin UTXO. Now wallets, especially ones that make a lot of transactions, can get very fragmented over time. I've fragmented my wallet a little so I can show you what I'm talking about. How do we clean this up? We can consolidate all this into one UTXO by checking all the boxes on the left and selecting OK. Now pay attention to the fields on the top:
Quantity: The total amount of UTXOs we have selected.
Amount: The total amount of coins we have selected.
Fee: How much it would cost in fees to send all those UTXOs (more UTXOs = more transaction data = more fees)
After Fee: Amount - Fees.
Bytes: How large the transaction is in bytes.
Priority: How your client would prioritize making a transaction with this specific set of UTXOs selected had you not used coin control.
Low Output: If your transaction is less than 0.01 coins (I think).
custom change address: You can set the address you get your change back at, by default it will generate a new address.
So let's fill out our transaction so we end up with 1 UTXO at the end. In "Pay To:" Just put any address in your wallet, and for the amount put what it has listed in the "After Fee" Field. Just like this. Notice how we get no change back. Now click "Send", we'll be prompted to enter our passphrase and we're asked if we want to pay the fee, go ahead and click "Yes". Now if we go back to the Overview tab we get this funky icon. If you hover your mouse over it, it says "Payment to yourself", and the -0.0002 GRC is the network transaction fee. (Ignore the first one, that was me fragmenting my wallet) Now if we look at the Coin Control menu, we can see that we've slimmed our wallet down from 7 UTXOs to 1. Now why would you want to use coin control? 2 Situations:
UTXOs less than 0.0125 coins cannot stake. So you can combine a lot of tiny, useless UTXOs into 1 bigger one that can stake.
After a UTXO stakes, it cannot stake for another 16 hours. So if you have 1 large UTXO that is big enough to stake more than once every 16 hours, you can split it into smaller UTXOs which can allow you to stake slightly more often.
By default, the wallet will always generate a new address for change, which can make your wallet get very messy if you're sending lots of transactions. Keep in mind that more UTXOs = larger transactions = more fees.
Sidenote - When you stake, you will earn all research rewards owed reguardless of which UTXO staked. However, you'll earn the 1.5% interest for that UTXO. Not your whole wallet.
A fork is when the network splits into multiple chains, with part of the network on each chain. A fork can happen when 2 blocks are staked by different clients at the same time or very close to the same time, or when your client rejects a block that should have been accepted due to a bug in the code or through some other unique circumstance. How do I know if I'm on a fork? Generally you can spot a fork by looking at the difficulty on your Overview tab. With current network conditions, if your difficulty is below 0.1, then you're probably on a fork. You can confirm this by comparing your blockhash with someone elses, like a block explorer. Go to [Help > Debug Window > Console]. This is the RPC console, we can use to do a lot of things. You can type help to get a list of commands, and you can type help [command you need help with] (without the brackets) to get information on a command. We'll be using the getblockhash [block number] command. Type getblockhash [block number] in the console, but replace [block number] with the number listed next to the "Blocks:" field on the Overview tab. This will spit out a crazy string of characters, this is the "blockhash" of that block. Now head over to your favorite block explorer, I'll be using gridcoinstats. Find the block that you have the hash for, use the search bar or just find it in the list of blocks. Now compare your hash with the one gridcoinstats gives you. Does it match? If it matches, then you're probably good to go. If it matches but you still think you're on a fork, then you can try other block explorers, such as gridcoin.network or neuralminer.io. If it doesn't match, then you need to try to get off that fork. How do I get off a fork?
Just wait for an hour or two. 95% of the time your client is able to recover itself from a fork given a little time.
Restart the client, wait a few minutes to see if it fixes itself. If it doesn't restart again and wait. Repeat about 4 or 5 times.
Find where the fork started. Using the getblockhash command, go back some blocks and compare hashes with that on a block explorer so you can narrow down what the last block you and the block explorer had in common. Then use reorganize [the last block hash you had in common]. Note that reorganize takes a blockhash, not a block number.
A listening node is a node that listens for blocks and transactions broadcasted from nodes and forwards them on to other nodes. For example, during the syncing process when you're getting your node running for the first time, you're downloading all the blocks from listening nodes. So running a listening node helps support the network. Running a gridcoin listening node is simple. All you need to do is add listen=1 to your gridcoinresearch.conf and you need to forward port 32749 on your router. If you don't know how to port forward, I'd suggest googling "How to port forward [your router manufacturer]".
Three real reasons you should not buy the Nintendo Switch Online Service.
1. Online multiplayer should not be locked behind a paywall.
In response to the argument that the subscription will improve the servers that handle online matchmaking etc. How is paying a subscription to Nintendo going to help fix the rubbish internet connectivity offered by my ISP. Could someone please explain? If it does anything it will probably make it that much more difficult for me to upgrade to a better ISP/ network hardware. So it won't improve online multiplayer, there will still be plenty of disconnections and lagging players. That isn’t to say that their online service will be bad. However I do believe that it will be the same as it was for the Wii U, and the same as it is now, currently, for the Switch. This is the reality of the situation, if a player's internet connection is poor, then improving and upgrading the servers in some way isn't going to make any real difference. Dedicated servers The fact is there are reasons for using a dedicated serve servers for each game type, and Nintendo simply aren't going to implement them for smaller networks which are easy to manage, and in fact work faster without that middleman. Dedicated servers won't improve games like Splatoon 2, Mario Kart 8 Deluxe or Smash Ultimate, since, for those games at least, it is quicker to communicate Peer to Peer, rather than Peer to Server to Peer again. The diagrams below are simplified to show what a basic Client/Server topology looks like vs a Peer to Peer one. Fortnite Battle Royale uses the Client/Server model because there are up to 100 players participating in each round. In reality in the case of Fortnite Battle Royale there would be up to 100 consoles connected to a remote server. Large networks like this are not as easy to achieve using Peer to Peer. So they trade the faster, direct, distributed connections for the slower, indirect, bundled connections, because this would not be manageable without the server in between. Splatoon 2 does not have that many players all playing simultaneously in each match. Hence it uses either the Peer to Peer model or the Client Hosted model, because these are more efficient for games with small numbers of players. In Splatoon there are only up to 8 players in each match, which means 8 consoles, so the network is smaller, more easily manageable, and they can use direct connections (which are faster) between all the consoles. So you should not pay the subscription, because they have no intention of implementing dedicated servers for these games. This is part of the reason online multiplayer should be free, since not every online game will benefit from dedicated servers. Client/ Server vs Peer to Peer
"I've seen people time and time again say dedicated servers will make everything better, and that is a gross over generalisation, and it is not as straightforward as that. For example something like Splatoon 2 would probably actually benefit from being this whole Peer to Peer thing that we've got at the moment."
"Peer-to-peer is generally considered obsolete for action games, but is still common in the real-time strategy genre due to its suitability for games with large numbers of tokens and small numbers of players. Instead of constantly transmitting the positions of 1000 troops, the game can make a one-off transmission of the fact that 1000 troops are selected and that the player in command of them just issued a move order."
Source; https://en.wikipedia.org/wiki/Game_server So it is dependent on the type of game, whether or not to use Peer to Peer. For something that has low numbers of players like Mario Kart 8 Deluxe, Splatoon 2 and Smash Ultimate, either the Peer to Peer model or the Client Hosted model is used. However for something with hundreds of players or more, like an MMO, dedicated servers or the Client/Server model is used. Where small numbers of players are involved it is quicker for each console to talk directly to one another, than it is for them to have to go through a remote server to get the information to one another. I have already solved my problems with lag and disconnecting, and they aren't simply to do with the fact that they are using Peer to Peer or Client Hosted networking models for these games. If Peer to Peer was so hopeless, as many people claim, Bitcoin, the world's most successful decentralised crypto-currency would not be able to function. Even if Nintendo were to implement dedicated servers for one or two of their online games, Fortnite Battle Royale already has dedicated servers, provided by a third party for free, so what are we paying Nintendo for again? Also Steam on PC has a variety of online multiplayer games that use dedicated servers, but they seem to be able to sustain those servers, despite the fact that it is free to play online. You need a Wii LAN adapter. (Also, do not use Powerline kits. The reason why powerline is also affected by this relates to the way data is transmitted in the electrical circuit of your home, using a certain frequency, or range of frequencies in the case of multiple powerline adapters. So powerline data transmission may also suffer from problems with interference, due to electrical noise that may be present in that circuit. This is another important piece of information to remember, as many people who start using a wired Ethernet connection may be under the impression that it does not improve online multiplayer, if they are still using it in combination with a powerline kit.)
"Most of the networking issues in online games are caused inside the player's local network, where WiFi and powerline are the biggest offenders. WiFi (wireless LAN) is prone to interference, the 2.4GHz band is crowded, the 5Ghz band has shorter range, and the low effective bandwidth quickly causes network congestion. Another major drawback of WiFi is that unless you have a MU-MIMO access point, your clients can't "talk" to the access point all at once. This causes higher latency and latency variation (jitter) as your PC must wait for "its turn" to talk to the access point, which also increases the risk of packet loss. So, while the comfort provided by WiFi is great, it’s terrible for online gaming, which is why WiFi should be avoided at all costs." https://www.pcgamer.com/netcode-explained/2/
When I first started playing online multiplayer, I was relying on a Wi-Fi connection to my Router, and I was experiencing a lot of lag and disconnections. I searched for a reason for this problem, and I found that Wi-Fi does not provide a stable enough connection between the console and your gateway. It was only when I started using a Wired Ethernet connection to my Router that I could play without the massive number of disconnections I was experiencing. You will still experience a few disconnections occasionally, since the stability of the game depends on not just your connection, but that of the other players (who also need to be using wired LAN or you will still experience lag). If any of the other 7 players in Splatoon are not using a LAN adapter, you will see them lag and possibly disconnect in the game. But I must emphasise that even if they did completely rewrite Splatoon 2 to use dedicated servers, you would still see those players lagging and disconnecting because this is a problem related to the notorious instability that you experience when using Wi-Fi. So it is the players local connection that really makes the difference. There is a simple test you can use to verify what I am talking about regarding Wi-Fi instability. If you have a PC or Laptop which has both a wired Ethernet adapter and a Wi-Fi adapter, you can run the ping command to check the latency of the connection between the computer and your gateway/ router, by pinging the IP address of the gateway/ router. I ran this test using a Wi-Fi connection to my router from my PC. I could see how the latency of the connection between the PC and router was constantly going up and down, which isn't good for real time communication and stability. I ran the test again using the same PC and router, but this time I used the wired Ethernet connection to the router. This time it stayed mostly constant. It no longer jumped around between 1ms and 9ms. It would stay at 1ms or 2ms. But it was obvious this was the real problem, once I started using a wired connection for online multiplayer. This is the real problem with Nintendo’s online multiplayer games, and it is compounded by the fact that Nintendo did not integrate an Ethernet connection into the Wii U or the dock for the Switch, so the majority of players are still using the built in Wi-Fi connection of their consoles to play online multiplayer. Wi-Fi does not work well, when it comes to the real time communications required for online multiplayer. Basically this is because its wireless, and subject to interference very easily. Nintendo need to produce a decent LAN adapter for the Switch. The officially licensed Hori LAN adapter isn't even USB 3.0, where the port in the back of the dock is USB 3.0. I know that it may not yet be functioning at USB 3.0 speeds, but that is supposed to be coming. You can also use the official Wii/ Wii U LAN adapter with the Switch, since it is listed as being compatible on Nintendo's support site. So you don't need to buy another one, if you already have that. Link; What LAN Adapters Are Compatible With Nintendo Switch? Just be careful which LAN adapter you buy, some third party adapters may not work at all with the console. (Using a LAN adapter is only one part of the solution.) Also don't connect two routers in series, since you will create a double NAT problem. Use a networking switch and a router. Enable UPnP in your router's settings, or try manual port forwarding. If this doesn't help then its an issue with the way your ISP works or your network hardware. You should be able to get NAT Type 2 if your ISP is any good. The use of a networking switch is only recommended where it is absolutely necessary. If you can directly wire the console to your gateway/ router, then this is what you should do. But if you have no option, then I would recommend using a networking switch which prioritises certain ethernet ports for applications like online video games. There are simple unmanaged networking switches that will prioritise the traffic through one of their ports in order to minimise any delays, and in many cases you will see them being marketed towards people who play online video games. ZyXEL GS-105B v3 5-Port Desktop Gigabit Switch This is another reason online multiplayer should be free because if you pay the subscription, you aren't actually paying to fix anything regarding the actual multiplayer part of the service. "How To Reduce Lag In Super Smash Bros. 4" https://youtu.be/U3RPJu7c4XI "Wii U Ethernet Adapter VS Wifi / Review?" (Lag in last match is probably due to the opposing player using Wi-Fi or having a bad ISP) https://youtu.be/x5zwbXN8mF8 "Squid Tip: Optimize Your Internet Connection!" https://youtu.be/Gvejfuuypqc In relation to input lag in games on Wii U and the Switch; Input lag occurs because either people are using the 5GHz radio communication of the Gamepad, or they are using a Pro Controller which uses 2.4GHz Bluetooth communication. This is why many people prefer to use a wired Gamecube controller along with the Gamecube controller adapter for Smash 4. The Gamepad and the Pro Controller both use wireless communication which can also experience interference. Also once they start charging, it will increase. It is inevitable. Just look at how the subscription price has increased for PS Plus. And I don't believe it will stop increasing once they start. Perhaps slowly, but surely.
2. There should be a free local save data backup option.
Allow both local and online save backups for games like Splatoon 2. Nintendo have made the excuse, that they will not allow people to backup save data for games like Splatoon 2 in order to combat cheating. The following simple, yet effective, restrictions can be implemented in the system firmware of the console, in order to prevent cheating, while also allowing people to backup their save progress for these games;
Only allow the system to restore data if there is no save data, or it has become corrupted.
Do not allow people to erase the save data for those types of games.
Formatting the whole system would obviously erase the save data, but this would still deter players from simply erasing and restoring their save data, like when they lose their rank in Splatoon 2. (Please note that these restrictions cannot be based on file date as that is subject to manipulation, this is why I believe it should be based simply on the presence of valid, uncorrupted save data.) For games that require these restrictions, they could easily be integrated into the System Firmware. Just have the system perform the check on whether or not there is already valid save data. This is the advantage of this solution. It is so simple to implement, it would work with existing games like Splatoon 2 without needing to patch every single competitive game that you wanted to be protected by these restrictions. No need for complex handshakes with online servers, where you may need to alte write additional servlets, and then have to patch all the games to work with those servlets. People who want the "Save Data Cloud" are covered. People who want local backups are also covered. It can be done. Nintendo can't expect people to start a game as challenging as Splatoon 2 all over again from scratch, and to be constantly in fear of losing their hard earned progress on a portable system. That would be extremely frustrating, especially when there is no need for it if they used the restrictions above. I have read at least one comment where a Splatoon 2 player actually quit playing the game when all their progress was lost, and I am willing to bet there are many others. Remember video games are supposed to be fun.
3. Apart from the instant games library that comes with the subscription, people should always have the option to purchase, and own a video game.
If people want a service where they have instant access to a library of games, along with a save data cloud backup then that is okay, but do not dictate to other people that, those should be the only options.
Why having Shadowcash, Dash, and Zcash in the cryptocurrencies section is incredibly irresponsible.
Cryptocurrencies as many of you know allow people, for the first time, to be in control of their money. This is important for a multitude of reasons related to personal freedoms and expressions, but not all cryptocurrencies can be trusted so blindly. Bitcoin obviously is the most famous and is well received among freedom-seeking individuals, but Bitcoin is not fungible and all transactions are publicly viewable similar to publishing your bank statements online which is not very good for privacy. Now the reason why I think the aforementioned cryptocurrencies in the title are very poor candidates to be published on https://www.privacytools.io is because they have very poor claims for security and privacy, two things many of us here value very much, and do not make any assurances to the bold claims they make for privacy and security which relied on and encouraged for use by privacytools.io. Shadowcash was created as a fork of the Bitcoin codebase with ring-signtaures implemented poorly as an optional sending feature that was meant to obscure transactions. One of Monero's cryptographers, Shen Noether, had been reviewing Shadowcash's ring-signature implementation and found that it was completely and irrevocably broken. Further reading can be found on this topic here https://shnoe.wordpress.com/2016/02/11/de-anonymizing-shadowcash-and-oz-coin/ and here https://github.com/ShenNoetheDeanon Such lack of understanding of cryptography and security from developers who are creating applications regular people would be relying on for their personal privacy should be no candidate on an esteemed website like https://www.privacytools.io Not to mention a shady release that equated to over 6 million coins being mined in the first two weeks of the network's lifetime and quickly pivoting to a Proof-of-Stake network that no longer mints new coins. This event very quickly and unfairly distributed large portions of the currency to the developers of Shadowcash questioning the legitimacy of this cryptocurrency and whether or not their goal of the project is privacy and security at all. Dash(formerly known as Darkcoin) was also a fork of Bitcoin and to distinguish itself it implemented a modified version of CoinJoin for optional use into the protocol which as history's shown with Bitcoin's version of CoinJoin makes zero assurances to privacy because the blockchain and all their transactions are still publicly auditable by following the previous outputs. In the Dash network there are centralized nodes called "Master Nodes" which execute many operations in the network from CoinJoin to the locking of transactions for faster "confirmations". Dash is touted as a private cryptocurrency that has even less privacy than Bitcoin http://weuse.cash/2016/10/26/warning-dash-privacy-is-worse-than-bitcoin/ The release of Darkcoin(later rebranded to Dash), as described in the previous link, involved mining over 2 millions coins(roughly 30% of the coin supply) over the course of two days. This is similar to Shadowcash's launch which questions the legitimacy of such a "privacy-focused" project and should warrant zero trust to the claims they make for privacy or security for users of privacytools.io On to Zcash another cryptocurrency who forked Bitcoin's code for the goal of creating a private and secure cryptocurrency that utilizes a very brand new cryptosystem called zk-snarks. I won't go into much detail about how zk-snarks work because this topic alone goes far beyond the scope of this post. Essentially Zcash's optional feature for sending private transactions break the link between sender and recepient to obscure transaction data on the blockchain. Now zk-snarks are an incredibly experimental cryptosystem that has not even been thoroughly peer-reviewed by the academia community. This fact should alone warrant caution to the use of Zcash for privacy because cryptography, barely three years old, that has not has stood the test of time to be considered secure and reliable is under very poor assumptions to be relying on for privacy and security for privacytools.io users. Not to mention a trusted-setup by two employees of Zcash Electric Coin Company and four other individuals to generate zk-snarks parameters for the launch of Zcash. This blind trust that is required for Zcash allows for infinite coins to be invisibly created in the network if these six individuals colluded or were using compromised computers for the generation. To end this section the corporation, Zcash Electric Coin Company, will consequently receive 20% of all block rewards for the next four years. Such corporate interest and unproven cryptographic algorithms can not be trusted by individuals who are seeking privacy and security on privacytools.io To reiterate on these three cryptocurrencies: snake-oil cryptography that is unverified to be secure by academic researchers and make false claims to privacy and security should not be published on a website like privacytools.io that encourages sound, secure privacy-oriented applications to be used over traditional options. Now the argument for why Monero is a strong candidate to be featured on privacytools.io alonsgide Bitcoin is because Monero does not make false claims to security and privacy. Monero has been thoroughly reviewed by academic researchers(cryptonote review, ledger journal publication, researchers from University College London, and more here). Monero uses widely acclaimed and reviewed cryptography created by Daniel J. Bernstein, who is an outspoken cryptographer that is a huge supporter of privacy-related projects. Monero is, unlike all other cryptocurrencies, private-by-default allowing its users to freely transact on its network without adversaries surveilling all past and present transactions. Monero is in addition a thriving open-source project that is also creating an alternative security-focused i2p router. The goals of Monero are very inline with what privacy-seeking individuals desire. We simply want to reclaim our privacy in a world where privacy is relentlessly attacked and criticized. I hope the administrators of https://www.privacytools.io can re-evaluate the cryptocurrencies featured in the cryptocurrency section because I can not emphasize enough how detrimental such recommendations can be for using a cryptocurrency that may greatly threaten users privacy. Thank you.
This wikiHow teaches you how to open ports in your router's firewall or your Windows computer's firewall. The majority of ports in a firewall are closed by default to prevent intrusion; opening a port is a good way to solve connectivity issues—both between a device and a router, and between a program and a device—but it also opens up your network or computer to attack. Bitcoin mining - Discuss here everything related to Bitcoin mining - pools, software (miners), hardware, etc. Download links are not allowed in this section. For more informations, see item "5. No Suspicious download links" in the Forum Rules. All others go to Altcoin mining section. How to Unblock Blocked Websites in WiFi. WiFi, either in airports, restaurants, coffee shops, schools, universities or even at home, would be coded to block certain websites. Unfortunately, in many cases, the block can only be removed by... How to block Bitcoin Mining in your browser by Martin Brinkmann on September 22, 2017 in Internet - Last Update: September 22, 2017 - 30 comments Bitcoin mining can be profitable, and that is likely the reason why we have seen desktop miners and now also browser miners being pushed on to user devices. Will pay for access to your Bitcoin Mining Hardware Remotely. Started by LFring01 on December 16, 2013, 03:44 :05 PM 0 Replies 2241 Views December 16, 2013, 03:44:05 PM by LFring01. What router are you using for 10 blades or more? Started by Logicus on December 03, 2013, 07:17:01 AM 6 Replies 2806 Views December 15, 2013, 06:12:01 AM by Logicus. Extra Cloud Mining,brovser only,buy - sell Gh/s ...
Ransomware is blocked by RansomFree. This video is unavailable. Watch Queue Queue Need some help setting up your new Teltonika RUTX09 router? Watch our quick start guide video and follow the step by step instructions to easily set up your new router for operation. We go through an example in which we talk about how do these work in a Bitcoin payment channel. HTLC Bitcoin Wiki : ... How is bitcoin "locked" to an address - OP_CHECKSIG, locking scripts ... How to block a website using your router - Duration: 4:30. TheComputertips 290,112 views. 4:30. How to block websites using Google Chrome (UPDATED 2014) - Duration: 12:19. ... Running through the initial Setup and Router configuration to get your Casa Bitcoin & Lightning Node fully operational on the networks.