Topic: MtGox2014Leak.zip - page 2. (Read 8362 times)

Ever heard of 0-day exploits? I don't have to prove anything here. All I'm saying is, that there is a risk you should not be willing to take if you don't know exactly what you are doing.
Files handed to you by cybercriminals can not be trusted.

I can concur that 'mtgox_balances' is accurate and well up to date. I was able to verify myself with the correct balance.

+1 Why would I even bother to take the risk? To see a supposed secret leaked document?  I know what the risks are, I've been on the internet and into computing for over 20 years now. I also worked on a farm and learned the smell of bullshit IRL. 

Assuming you can be 100% sure that the software you are using to open these files (or to unzip them) is absolutely secure and there are no exploits for them known to mankind. Which you can't.

Guys, word of advice, do NOT open any links or files that you aren't entirely aware of.
They may compromise your wallets or install a key logger on your PC recording your passwords.
Be careful!

Anyone who downloads this is fuckin crazy. What a crock of crap. I love how it is labeled "leak".  
Is that supposed to remind Mark that he leaked it to himself?

That's why I wrote "isolated" (no shared folders, preferably on a separate physical machine, guest additions disabled, etc.).

But I don't think your truly explaining the reason to use checksums: A trusted person releases a file to the wild, and states this is my files checksum. The problem here is the person who created this file is not trusted.

Just want to make that clear for people that are not engineers or coders or tech savvy to understand when to be using a checksum.


Since this file was released by an untrusted source checksums become useless and could give someone false hope.


Kosta

You're assuming the most simplistic possible implementation of virtualized networking.

Also, using off the shelf routers is a really bad idea. All that shit's rooted.

Yep…….
Let us not forget that even inside a VM any  virus/exploit is already BEHIND your main defense and can easily access the ip addresses of any computers on your internal network(not to mention default passwords/access on your router!!)
Including the machine the VM is being hosted on…(not much point in having a DMZ, if you are going to put shit inside it…)
and that is before we even consider the capability to  crash 'out' of a VM.

This is the result of teaching liberal arts at school…. many people seem incapable of thinking more than one move ahead.

Don't even run untrusted executables in a virtual machine! There have been several ways of breaking out of one, and there certainly will be more!

Why in the name of Satoshi would you run it at all?

You decompile untrusted executables, you don't run them.

Apparently the wallet stealer was some sort of super simple interpreted code this time and would only look for wallet.dat and upload it to the thieves this time, but next time it could very be much more advanced malware. Do not take stupid risks.

The TibanneBackOffice.exe executable is wallet stealing malware and here is decompiled proof

So true that it pays to play dumb.  And interesting gambit to release crapcode as smokescreen to cover cointheft.  Much to ponder, thanks a lot because also, most programs suck ass and are swiss cheese.  Your efforts to help are appreciated.

Knowing how to use a simple md5 or sha256 checksum should be pretty much mandatory for anyone messing around with Bitcoin in my opinion.  What a checksum is is pretty easy to understand and it should be pretty simple to use them on all platforms.

Anyone doing any coding really owes it to themselves to use a revision control system of some sort.  Keeping a local subversion repository one one's hard drive is a really a relatively simply operation and a getting the hang of a few command line options is all one really needs to do in order to use it effectively.  The comfort of knowing that you can easily snapshot anything and see changes expedites development.  I probably would not have gotten around to learning how nice this is if it were not a factor for my professional work, but I'd have been much the worse for it.

I find SVN to be really useful for remote admin/dev and deployment as well in conjunction with gmake, but that's beyond the scope of what most people need.

For routine system admin tasks I habitually use RCS which is built into most of the systems I use.  This lets me quickly see all of the stuff I've done on my system (and what I might be forgetting when I build another system and so on.)  RCS has some gotchas though.

The thought of Mt. Gox not using a revision control system is so absurd that I find it hard to believe.  I'm inclined to think that this is another bullshit story and feeble attempt to make people believe that they are more incompetent than they actually are.

This is fucking nuts! First, I had to get up to speed as to what the hell a motiff[sic] is in BFL's thread back in the day, now I need to learn what the heck a checksum is, then learn how to use it.

To show you what type of noob I am, although I know quite a bit about HTML and CSS, for the life of me I couldn't tell you what those acronyms stand for sans looking them up first. I know just enough about PHP as it applies to Wordpress that caused me all kinds of problems till I finally learnt to do backups of any codes I'm altering.

It is well known by those who know things, that PDF are absolute crapware destruction vector.  See the Aurora hacks of three years ago.

This whole exploit is another sad reality: Abused little shitbags grow up into thieving adult high-tech shitbags.

Huh?  No, the goal is simply to see if different zip archives are being passed around, and potentially leveraging some level of confidence that might have been associated with the 'original'.  It dawned on my right away that a good way for a thief to distribute trojans would be to  replace some of the dangerous files (specifically .exe and .pdf files) with one's own variant of them.  This whether the 'original' was trojan free or not.

We are not measuring absolute values here but rather looking for differential information.  The latter can be as valuable as the former in many cases.  Even more so since the 'original' would not have provided any information about safety anyway.

But we would need a checksum from the 'hacker' in order to ensure integrity.

A file which does not checksum will have different contents (or be corrupt) which is a give away that someone has monkeyed with it.  Almost certainly such a thing would indicate the inclusion of contents with exploits.

When I wrote that, it was unknown whether the 'original' contained exploits or not.  Reports now seem to indicate that it is full of them.  (Who could have seen that coming?)

Checksums are basic and simple things that have been in use for decades.  For good reason.  Using checksums in a situation like this one can help identify a very likely class of theft attempts.  There is no reason but utter ignorance and laziness not to use them...except to attempt to perpetrate a theft that is.

How many new members posting this url in the last 24 hours ?