vito-lbs

# frozen_string_literal: true
source "https://rubygems.org"

gem "redis"
gem "pry"

vito-lbs

{
    "header": {
        "Name": "MDErgo1",
        "Layout": "Default",
        "Base": "Blank",
        "Version": "0.1",
        "Author": "HaaTa (Jacob Alexander) 2015",
        "KLL": "0.3c",
        "Date": "2015-09-12",
        "Generator": "KIICONF 0.2"

vito-lbs

#!/bin/env python -u
import random
from os import environ, listdir, path
from sys import exit
from subprocess import Popen, PIPE
import signal
from base64 import b64decode

def alarm_handler(signum, frame):
    print "timed out, sorry"

vito-lbs

    ActiveRecord::Base.connection_pool.with_connection do
      Nonce.where('expires_at < ?', Time.now).delete_all rescue nil
    end

vito-lbs

class Token < ActiveRecord::Base
  include BCrypt
  belongs_to :instance
  belongs_to :round
  has_many :redemptions
  has_many :captures, through: :redemptions

  validates :instance, presence: true
  validates :round, presence: true

vito-lbs

#!/usr/bin/env ruby
require 'pp'

host = "git@legitbs git server"

in_git = FileTest.exist?(File.join(Dir.pwd, '.git'))

if in_git
  puts <<-EOS
Don't run this from inside a git working copy, run it from an empty

vito-lbs

I don't think people understand what vulnerability sellers really do. They invest thousands of man and computer hours into finding bugs which people are willing to pay lots of money for. As a business, they want to keep their customer base happy, which means allowing their customers (yes, presumably the NSA/FBI/etc.) to use their exploits rather than selling them to Tails OS maintainers. Yes, it's probably the case that these exploits don't just go to nabbing child pornographers or drug traffickers, they also probably try to catch the next Snowden, which not everyone agrees is The Right Thing To Do. But for what it's worth, I'd still trust the US government (even with all its faults) far more than the Russians or Chinese.

But let's be honest here, Tails OS maintainers probably couldn't afford the same price that Exodus's customers will happily pay. Even if Exodus were happy to sell it to the Tails folks, that is certainly going to be a loss of money.

The arguments I'm used to hearing go something like "but

vito-lbs

  def to_token_string
    key.chars.zip(@secret.chars).join
  end
 
  def self.from_token_string(token_string)
    begin
      key, secret = token_string.chars.each_slice(2).to_a.transpose.map(&:join)
      candidate = self.where(key: key).first
    rescue
      return nil

vito-lbs

each ListLogResp is from a different signing key

<Choripan::Messages::ListLogResp logs: [<Choripan::Messages::Log uuid: "0621719b-f3bd-41d5-9560-2d698420f0b6", signature: "23gej2yicat16111vsyhe45fb50hrzcx2w5roxrhkhep3ao1yflfaux2b66ykjsetghliq4bhjn8wpqzqog2zyjau9uupcmp57te", timestamp: 1401847188>, <Choripan::Messages::Log uuid: "99129876-4080-4d5c-b16e-e6a38de5d7aa", signature: "24g5jmy7c3tw6j1lv6ywey56bv0lrmcu2w51o3rmk8ee3wotyalua0xwbb61ktsqtdhxih4zh2nqw3qaqjg3zwjmumuvp9ma52tf", timestamp: 1401847200>]>

<Choripan::Messages::ListLogResp logs: [<Choripan::Messages::Log uuid: "9c73d194-d20e-4444-9558-9036f85c2c20", signature: "1355dim3k8d54epwc5z3llv1mtyws6z40me2cy3s1i2d1m89vfi16273gjgyhjhx3kumpjg28gbswijz0fatq3g08phn9w7g1mgm", timestamp: 1401847398>, <Choripan::Messages::Log uuid: "7efefbce-0ea6-4ad0-9086-ea599158b8e4", signature: "145udymekgdg4lp0cfzxlevxmlyosfz608eecb3f1e2m1x89vfiu6l71g5g1h7hy33uipkgc8lbnwzjv0dapqmg782hi947y1xgf", timestamp: 1401847447>]>

<Choripan::Messages::ListLogResp logs: [<Choripan:

vito-lbs

group = ECDSA::Group::Secp256k1
point_field = ECDSA::PrimeField.new group.order

e1 = ECDSA.normalize_digest logs[0].uuid, group.bit_length
e2 = ECDSA.normalize_digest logs[1].uuid, group.bit_length

pack = Choripan::Packer.new

up1 = pack.unpack(logs[0].signature)
up2 = pack.unpack(logs[1].signature)