Bitcoin, the libertarian’s dream currency, is far past the heady days of late 2013. When one Bitcoin was worth $1000 USD, there was no end to what could be done; new, gigantic mining rigs were being created, every online store jumped onto the bandwagon, and the price of Bitcoin inevitably crashed. Right now, the exchange rate sits at about $280 USD per coin, valuing all the Bitcoins ever mined somewhere around $4 Billion USD. That’s a lot of coins out there, and a lot of miners constantly verifying the integrity of the greatest thing to come from the Bitcoin community: the blockchain.
The bitcoin is just a record, or the ledger, of every transaction that has ever occurred on the Bitcoin network. It’s distributed, and the act of mining coins creates new blocks, or another set of data committed to the blockchain for eternity. While magical Internet money™ is by far the most visible product of the blockchain, developers, investors, and other people in the know are gushing about the possibilities of what can be done with a distributed record that can’t practically be altered and can’t be deleted.
[Jon Matonis], a figurehead for the entire cryptocurrency movement, recently said Bitcoin has become the strongest computer in the world, and stronger than all of the top 500 supercomputers combined. All of this computational power is effectively funneled in to verifying the integrity of the blockchain.
Bitcoin and other cryptocurrencies are not just a completely anonymous payment system; that’s only a side effect of the blockchain. The blockchain is the only inherently valuable part of a bitcoin; each transaction is logged in the blockchain, providing incredible security over how every coin is spent. No currency in the history of mankind has ever had a record of how every dollar or denarius is spent, and at the very least makes for very interesting economics research. Now, thousands of researchers across the globe are wondering what else the blockchain can do; tapping the power of the most powerful computer on the planet must have some interesting applications, and in the last few months, a few ideas have popped up.
Continue reading “Applications For The Bitcoin Blockchain”
If you are interested in local wildlife, you may want to consider this wildlife camera project (Google cache). [Arnis] has been using his to film foxes and mice. The core components of this build are a Raspberry Pi and an infrared camera module specifically made for the Pi. The system runs on a 20,000 mAh battery, which [Arnis] claims results in around 18 hours of battery life.
[Arnis] appears to be using a passive infrared (PIR) sensor to detect motion. These sensors work by detecting sudden changes in the amount of ambient infrared radiation. Mammals are good sources of infrared radiation, so the sensor would work well to detect animals in the vicinity. The Pi is also hooked up to a secondary circuit consisting of a relay, a battery, and an infrared light. When it’s dark outside, [Arnis] can enable “night mode” which will turn on the infrared light. This provides some level of night vision for recording the furry critters in low light conditions.
[Arnis] is also using a Bluetooth dongle with the Pi in order to communicate with an Android phone. Using a custom Android app, he is able to connect back to the Pi and start the camera recording script. He can also use the app to sync the time on the Pi or download an updated image from the camera to ensure it is pointed in the right direction. Be sure to check out the demo video below.
If you like these wildlife cameras, you might want to check out some older projects that serve a similar purpose. Continue reading “Remote Controlled Wildlife Camera With Raspberry Pi”
[Laxman] is back again with another hack related to Facebook photos. This hack revolves around the Facebook mobile application’s “sync photos” function. This feature automatically uploads every photo taken on your mobile device to your Facebook account. These photos are automatically marked as private so that only the user can see them. The user would have to manually update the privacy settings on each photo later in order to make them available to friends or the public.
[Laxman] wanted to put these privacy restrictions to the test, so he started poking around the Facebook mobile application. He found that the Facebook app would make an HTTP GET request to a specific URL in order to retrieve the synced photos. This request was performed using a top-level access token. The Facebook server checked this token before sending down the private images. It sounds secure, but [Laxman] found a fatal flaw.
The Facebook server only checked the owner of the token. It did not bother to check which Facebook application was making the request. As long as the app had the “user_photos” permission, it was able to pull down the private photos. This permission is required by many applications as it allows the apps to access the user’s public photos. This vulnerability could have allowed an attacker access to the victim’s private photos by building a malicious application and then tricking victims into installing the app.
At least, that could have been the case if Facebook wasn’t so good about fixing their vulnerabilities. [Laxman] disclosed his finding to Facebook. They had patched the vulnerability less than an hour after acknowledging the disclosure. They also found this vulnerability severe enough to warrant a $10,000 bounty payout to [Laxman]. This is in addition to the $12,500 [Laxman] received last month for a different Facebook photo-related vulnerability.