Lexicus
Deity
Paying for peer review probably creates hella perverse incentives
MrCynical
Deity
I'm generally in favour of the idea of paid peer review. Cryptocurrency that appears to require not one, but two awkward steps of conversion with extremely volatile exchange rates to get to usable money is however obviously inferior to getting paid in normal money. This is another of those cases where it's unclear what, if anything, crypto is bringing to the table. At least from the peer reviewer's point of view. Obviously a benefit to the journal that the payment is essentially in their own scrip. The fact they charge a $1000 "article processing fee", which by the looks of it has to be paid in real money doesn't really do much to improve my impression of this setup.
To be fair, not paying for peer review also isn't great incentive wise. At best, it encourages rubber stamping things with a minimum of time and attention, since there's no real credit for it. That's before we get into the issue that the only people with major incentive to peer review papers at present are those with less than honourable motives - e.g. obstructing publication of research that's related to, but damaging to their own.
RobAnybody
Emperor
- Joined
- Feb 21, 2009
- Messages
- 1,952
I've been updating prices every 3 (or 6 last post) months, but something weird is going on. That /\ post was 11/17. As of today, 12/5: Bitcoin: $43,773.62; Etherium: $2,281.48.
Anyone got any explanations? As in, 'this is dumb, ignore it (most likely)'; or, 'this [poop] is randomly skyrocketing again, so get in for no good reason'? Or better yet [some logical explanation].
Everything is going up, even SHIBA (my "screw you guys I'm going home" plan if it ever really takes off).
Today (7/26/24):
Bitcoin: $67,828.88
Etherium: $3,257.22
Doge: $0.13
Shiba: $0.000017
I (as usual) have no idea what to do with this information - everything's down from my last update. But I felt like including the older posts just to show that even while down, it's way up from that 11/23 post. Beanies gonna Beanie I guess.
EDIT: inserted the date into my current post, for future posts like this
More Trump-family scams. Melaniameme 
Indeed, as the youtuber says, is there really anything more to people buying those coins, apart from hoping someone even dumber will buy a little later and then they will have time to sell with the utter and permanent collapse happening immediately after?
Indeed, as the youtuber says, is there really anything more to people buying those coins, apart from hoping someone even dumber will buy a little later and then they will have time to sell with the utter and permanent collapse happening immediately after?
innonimatu
the resident Cassandra
- Joined
- Dec 4, 2006
- Messages
- 15,374
This is the thing where Trump and his oligarch hangers-on will cause maximum damage to the US. I don't think I can even guess the size of the finacial crisis it's going to cause when the bandstops playing.
The guy who did the $LIBRA and MELANIA coins has done a fairly frank interview, including saying:
- Everyone, including the MELANIA team did insider trading (snipping)
- There is no utility creation in crypto
- He has personal control over $100 ,illion from the $LIBRA launch
- His life is in danger
- Trump had a diner before the launch of his coin where people got to buy it at 500 million (?)
- It is not Javier Milei's fault because he knows [poo] about crypto
- Everyone, including the MELANIA team did insider trading (snipping)
- There is no utility creation in crypto
- He has personal control over $100 ,illion from the $LIBRA launch
- His life is in danger
- Trump had a diner before the launch of his coin where people got to buy it at 500 million (?)
- It is not Javier Milei's fault because he knows [poo] about crypto
Last edited:
Cryptocurrency theft of £1.1bn could be biggest ever
Cryptocurrency firm Bybit said hackers stole $1.5bn (£1.1bn) worth of digital currency in what could be the biggest crypto theft in history.
The Dubai-based company's founder told users that their funds were "safe" and that it would refund any of those affected.
It said hackers stole from its Ethereum coin digital wallet. Ethereum is the second largest cryptocurrency by value after Bitcoin.
Bybit's founder Ben Zhou said the money could be covered by the firm or by a loan from partners. Bybit holds $20bn (£15bn) in assets.
Bybit said the hackers exploited security features, then transferred the money to an unidentified address.
After the theft, the value of Ethereum fell by around 4% on Friday, leaving it worth $2,641.41 (£2,090) per coin.
The scale of the theft would exceed a previous record, which was a $620m (£490m) heist of Ethereum and USD Coin from the Ronin Network in 2022.
Bybit was founded in 2018. US President Donald Trump and former Paypal chief Peter Thiel were reportedly among its early investors.
Beeb
Cryptocurrency firm Bybit said hackers stole $1.5bn (£1.1bn) worth of digital currency in what could be the biggest crypto theft in history.
The Dubai-based company's founder told users that their funds were "safe" and that it would refund any of those affected.
It said hackers stole from its Ethereum coin digital wallet. Ethereum is the second largest cryptocurrency by value after Bitcoin.
Bybit's founder Ben Zhou said the money could be covered by the firm or by a loan from partners. Bybit holds $20bn (£15bn) in assets.
Bybit said the hackers exploited security features, then transferred the money to an unidentified address.
After the theft, the value of Ethereum fell by around 4% on Friday, leaving it worth $2,641.41 (£2,090) per coin.
The scale of the theft would exceed a previous record, which was a $620m (£490m) heist of Ethereum and USD Coin from the Ronin Network in 2022.
Bybit was founded in 2018. US President Donald Trump and former Paypal chief Peter Thiel were reportedly among its early investors.
Beeb
How the $1.5 billion hack was done, possibly by the Norks
We laugh at banks for still using COBOL two generations after it was obsolete, but having the economy of a small country in some bit of Javascript that updates from a third party seems wrong in the exact opposite way.
Up to $140M in bounty rewards for return of Ethereum allegedly pilfered by hermit nation
Cryptocurrency exchange Bybit, just days after suspected North Korean operatives stole $1.5 billion in Ethereum from it, has launched a bounty program to help recover its funds.
In announcing the initiative, CEO and co-founder Ben Zhou claimed Kim Jong Un's crack cyber-crime ring Lazarus pilfered the digital dosh, which would be a record for the Norks.
Here's how the program works: If someone spots and reports a blockchain transaction or transfer involving currency that can be traced back to the theft from Bybit's wallet, they'll get five percent of the crypto-cash upon its recovery, and the exchange or mixer that facilitated the retrieval will get a five percent cut, too. That means about $140 million is up for grabs total (Ethereum has dropped more than 10 percent in US dollar value in the past few days.)
According to an analysis of the incident by forensic security outfit Sygnia Labs and financial investigators Verichains, the heist was pulled off by miscreants who were able to alter the JavaScript code of SafeWallet, which is used by Bybit to manage its funds, so that the Ethereum in transit ultimately ended up in North Koreans' pockets. Allegedly.
It's believed the code was changed by compromising an AWS S3 or CloudFront account used by SafeWallet to host its software. This analysis has since been confirmed by the wallet maker itself, which said one of its developer machines was compromised – likely leading to the cloud storage tampering.
"The forensic review into the targeted attack by the Lazarus Group on Bybit concluded that this attack targeted to the Bybit Safe was achieved through a compromised machine of a SafeWallet developer resulting in the proposal of a disguised malicious transaction," SafeWallet said.
"Lazarus is a state-sponsored North Korean hacker group that is well known for sophisticated social engineering attacks on developer credentials, sometimes combined with zero-day exploits. Important! The forensic review of external security researchers did NOT indicate any vulnerabilities in the Safe smart contracts or source code of the frontend and services."
This is the code wot did it. If any human had looked at this code it would have been obviously malicious, no one should have let this near a code base that did anything important.
El Reg
We laugh at banks for still using COBOL two generations after it was obsolete, but having the economy of a small country in some bit of Javascript that updates from a third party seems wrong in the exact opposite way.
Up to $140M in bounty rewards for return of Ethereum allegedly pilfered by hermit nation
Cryptocurrency exchange Bybit, just days after suspected North Korean operatives stole $1.5 billion in Ethereum from it, has launched a bounty program to help recover its funds.
In announcing the initiative, CEO and co-founder Ben Zhou claimed Kim Jong Un's crack cyber-crime ring Lazarus pilfered the digital dosh, which would be a record for the Norks.
Here's how the program works: If someone spots and reports a blockchain transaction or transfer involving currency that can be traced back to the theft from Bybit's wallet, they'll get five percent of the crypto-cash upon its recovery, and the exchange or mixer that facilitated the retrieval will get a five percent cut, too. That means about $140 million is up for grabs total (Ethereum has dropped more than 10 percent in US dollar value in the past few days.)
According to an analysis of the incident by forensic security outfit Sygnia Labs and financial investigators Verichains, the heist was pulled off by miscreants who were able to alter the JavaScript code of SafeWallet, which is used by Bybit to manage its funds, so that the Ethereum in transit ultimately ended up in North Koreans' pockets. Allegedly.
It's believed the code was changed by compromising an AWS S3 or CloudFront account used by SafeWallet to host its software. This analysis has since been confirmed by the wallet maker itself, which said one of its developer machines was compromised – likely leading to the cloud storage tampering.
"The forensic review into the targeted attack by the Lazarus Group on Bybit concluded that this attack targeted to the Bybit Safe was achieved through a compromised machine of a SafeWallet developer resulting in the proposal of a disguised malicious transaction," SafeWallet said.
"Lazarus is a state-sponsored North Korean hacker group that is well known for sophisticated social engineering attacks on developer credentials, sometimes combined with zero-day exploits. Important! The forensic review of external security researchers did NOT indicate any vulnerabilities in the Safe smart contracts or source code of the frontend and services."
This is the code wot did it. If any human had looked at this code it would have been obviously malicious, no one should have let this near a code base that did anything important.
El Reg
Last edited:
Trump memecoin holders to get dinner with Trump (NYT)
In an astonishing escalation of the Trump family’s efforts to profit from cryptocurrencies, a website promoting Mr. Trump’s so-called memecoin announced on Wednesday that the coin’s largest buyers would be invited to meet with him. The effort was, in effect, an offer of access to the White House in exchange for an investment in one of Mr. Trump’s crypto ventures.
“Have Dinner with President Trump and the $TRUMP Community!” the invitation said. “Let the President know how many $TRUMP coins YOU own!”
For months, Mr. Trump’s forays into the crypto industry have created ethical conflicts with little precedent in presidential history. As he markets digital currencies to the public, Mr. Trump has also appointed regulators who are scaling back crypto enforcement and called for legislation that would boost the industry’s prospects in the United States.
As news of the dinner invitation spread on social media, the memecoin’s price surged more than 60 percent, suggesting that investors were rushing to accumulate the coin to qualify for a seat at the dinner.
“This is really incredible,” said Corey Frayer, who oversaw crypto policy for the Securities and Exchange Commission during the Biden administration. “They are making the pay-to-play deal explicit.”
He is obviously so sensitive about his weight, that he has to produce such fancifull images of himself.
In an astonishing escalation of the Trump family’s efforts to profit from cryptocurrencies, a website promoting Mr. Trump’s so-called memecoin announced on Wednesday that the coin’s largest buyers would be invited to meet with him. The effort was, in effect, an offer of access to the White House in exchange for an investment in one of Mr. Trump’s crypto ventures.
“Have Dinner with President Trump and the $TRUMP Community!” the invitation said. “Let the President know how many $TRUMP coins YOU own!”
For months, Mr. Trump’s forays into the crypto industry have created ethical conflicts with little precedent in presidential history. As he markets digital currencies to the public, Mr. Trump has also appointed regulators who are scaling back crypto enforcement and called for legislation that would boost the industry’s prospects in the United States.
As news of the dinner invitation spread on social media, the memecoin’s price surged more than 60 percent, suggesting that investors were rushing to accumulate the coin to qualify for a seat at the dinner.
“This is really incredible,” said Corey Frayer, who oversaw crypto policy for the Securities and Exchange Commission during the Biden administration. “They are making the pay-to-play deal explicit.”
He is obviously so sensitive about his weight, that he has to produce such fancifull images of himself.
Hygro
soundcloud.com/hygro/
There's something about bitcoin, boutique coins, and the push for global autocracy.
Coinbase extorted for $20M. Support staff bribed. Customers scammed. One hell of a SNAFU
Expert tells us: 'It is the most unique breach disclosure I've ever seen'
Coinbase says some of its overseas support staff were paid off to steal information on behalf of cybercriminals, and the company is now being extorted for $20 million.
According to a filing with the Securities and Exchange Commission (SEC) on Thursday, "an unknown threat actor" contacted the crypto exchange giant on May 11, informing it of the stolen data and "demanded money in exchange for not publicly disclosing the information."
Coinbase said it verified the email was genuine and related to information that was indeed stolen, but insists it will not be paying the criminals any dosh.
In a blog post, Coinbase confirmed the ransom demand was $20 million for data belonging to less than 1 percent of its monthly transacting users.
Flipping the script, Coinbase has vowed to instead pay $20 million for information leading to the arrest and conviction of the attackers.
The company said the data does not include passwords or private keys, but depending on the use, the following details of its customers may be compromised:
However, the post confirms that the attackers already used the stolen data to lend credibility to social engineering attacks, duping customers into sending funds to them.
"The threat actor appears to have obtained this information by paying multiple contractors or employees working in support roles outside the United States to collect information from internal Coinbase systems to which they had access in order to perform their job responsibilities," it said in the filing.
"These instances of such personnel accessing data without business need were independently detected by the company's security monitoring in the previous months.
"Upon discovery, the company had immediately terminated the personnel involved and also implemented heightened fraud-monitoring protections and warned customers whose information was potentially accessed in order to prevent misuse of any compromised information."
Conibase went on to say that it is investing in anti-fraud technologies to mitigate the possibility that any of the stolen data could be used to defraud customers any further, and it pledged to reimburse those who had already been scammed.
It is also in the process of opening a new support hub based in the US and is "taking other measures to harden its defenses" against this type of attack.
According to active job boards, Coinbase support staff are dotted across the world, from the UK, Ireland, and the US to further afield in India, the Philippines, and Japan.
The SEC filing states that despite no material impact on the company's operations thus far, it expects the total cost of cleaning up the cyber snafu to be in the region of $180 million to $400 million.
The huge outlay will be spent on remediation costs and voluntary customer reimbursements, it says, although the sum could meaningfully increase or decrease based on further review of losses, indemnity claims, and recoveries.
"The company plans to aggressively pursue all remedies. As the company's investigation is ongoing, the full impact of these events are not yet known."
The announcement, made at US market open, has seen Coinbase's share price drop more than 7 percent at the time of writing.
Coinbase CEO Brian Armstrong Xeeted a response, echoing many of the points made in the filing and blog post.
In a near three-minute video, citing the $20 million bounty, he issued a threat to the attackers: "For these would-be extortionists, or anyone seeking to harm Coinbase customers, know that we will prosecute you and bring you to justice."
Altogether: the extensive detail in the SEC filing, the promise to reimburse socially engineered customers, the CEO's selfie video – experts have said this "is the most unique breach disclosure" they have ever seen.
On Coinbase's response, Charles Carmakal, SVP at Mandiant, told The Register: "It's very notable. It's not often that you see that level of transparency from a company, and you don't see companies basically sticking the middle finger up at a threat actor and ignoring their extortion demand, but in turn, offering the equivalent bounty to catch individuals behind the attack.
"It is the most unique breach disclosure I've ever seen. I've had security leaders here and there who have wanted to do something like this, but it's very hard to get buy-in from other executives or the CEO of the board to do that. What Coinbase did was unusual, but it's very commendable. So, it will be a case study for many years in school, and we'll see how it all plays out and works for them." ®
Expert tells us: 'It is the most unique breach disclosure I've ever seen'
Coinbase says some of its overseas support staff were paid off to steal information on behalf of cybercriminals, and the company is now being extorted for $20 million.
According to a filing with the Securities and Exchange Commission (SEC) on Thursday, "an unknown threat actor" contacted the crypto exchange giant on May 11, informing it of the stolen data and "demanded money in exchange for not publicly disclosing the information."
Coinbase said it verified the email was genuine and related to information that was indeed stolen, but insists it will not be paying the criminals any dosh.
In a blog post, Coinbase confirmed the ransom demand was $20 million for data belonging to less than 1 percent of its monthly transacting users.
Flipping the script, Coinbase has vowed to instead pay $20 million for information leading to the arrest and conviction of the attackers.
The company said the data does not include passwords or private keys, but depending on the use, the following details of its customers may be compromised:
- Names
- Addresses
- Phone numbers
- Email addresses
- Last four digits of Social Security Numbers
- Masked bank account numbers and some bank account identifiers
- Images tied to government IDs such as passports and driving licenses
- Coinbase account data including balance snapshaots and transaction histories
- "Limited corporate data," including documents, training material, and communications available to support agents
However, the post confirms that the attackers already used the stolen data to lend credibility to social engineering attacks, duping customers into sending funds to them.
"The threat actor appears to have obtained this information by paying multiple contractors or employees working in support roles outside the United States to collect information from internal Coinbase systems to which they had access in order to perform their job responsibilities," it said in the filing.
"These instances of such personnel accessing data without business need were independently detected by the company's security monitoring in the previous months.
"Upon discovery, the company had immediately terminated the personnel involved and also implemented heightened fraud-monitoring protections and warned customers whose information was potentially accessed in order to prevent misuse of any compromised information."
Conibase went on to say that it is investing in anti-fraud technologies to mitigate the possibility that any of the stolen data could be used to defraud customers any further, and it pledged to reimburse those who had already been scammed.
It is also in the process of opening a new support hub based in the US and is "taking other measures to harden its defenses" against this type of attack.
According to active job boards, Coinbase support staff are dotted across the world, from the UK, Ireland, and the US to further afield in India, the Philippines, and Japan.
The SEC filing states that despite no material impact on the company's operations thus far, it expects the total cost of cleaning up the cyber snafu to be in the region of $180 million to $400 million.
The huge outlay will be spent on remediation costs and voluntary customer reimbursements, it says, although the sum could meaningfully increase or decrease based on further review of losses, indemnity claims, and recoveries.
"The company plans to aggressively pursue all remedies. As the company's investigation is ongoing, the full impact of these events are not yet known."
The announcement, made at US market open, has seen Coinbase's share price drop more than 7 percent at the time of writing.
Coinbase CEO Brian Armstrong Xeeted a response, echoing many of the points made in the filing and blog post.
In a near three-minute video, citing the $20 million bounty, he issued a threat to the attackers: "For these would-be extortionists, or anyone seeking to harm Coinbase customers, know that we will prosecute you and bring you to justice."
Altogether: the extensive detail in the SEC filing, the promise to reimburse socially engineered customers, the CEO's selfie video – experts have said this "is the most unique breach disclosure" they have ever seen.
On Coinbase's response, Charles Carmakal, SVP at Mandiant, told The Register: "It's very notable. It's not often that you see that level of transparency from a company, and you don't see companies basically sticking the middle finger up at a threat actor and ignoring their extortion demand, but in turn, offering the equivalent bounty to catch individuals behind the attack.
"It is the most unique breach disclosure I've ever seen. I've had security leaders here and there who have wanted to do something like this, but it's very hard to get buy-in from other executives or the CEO of the board to do that. What Coinbase did was unusual, but it's very commendable. So, it will be a case study for many years in school, and we'll see how it all plays out and works for them." ®
Last edited:
If "we" do not like crypto for peer review, what about contributing to sci hub?
Sci Net: scientific communication support network
When someone struggles to access paywalled research article, they can post a request on Sci-Net. The other member who have access through university subscription will solve the request by uploading a PDF file.
Sci-Net will ask for a minimum amount of 1000 Sci-Hub tokens to register. The tokens will appear on your account after registration and will be used to reward uploaders. That is the most controversial part: some people argue that Sci-Net introduces paywall similar to publisher.
Even though both might appear similar at a first glance, the differences are profound. Compared to insane publisher paywalls, the entry tax on Sci-Net is symbolic and is not higher than an equivalent of a cup of coffee in most countries. The next difference is that in traditional approach, profits are made by publisher, and ordinary researcher has no control on how the money are used. On Sci-Net, you're using tokens directly to reward uploaders. Payments go to fellow researchers, not to the platform.
Cost to get the tokens:
Press this button to add Solana tokens (SOL) to the wallet. For Sci-Net invite, you will need the amount of SOL roughly equal to 10 USD.
I am not sure how that works though, this says they cost $0.00035 so 1000 should be 35 cents.
Sci Net: scientific communication support network
When someone struggles to access paywalled research article, they can post a request on Sci-Net. The other member who have access through university subscription will solve the request by uploading a PDF file.
Sci-Net will ask for a minimum amount of 1000 Sci-Hub tokens to register. The tokens will appear on your account after registration and will be used to reward uploaders. That is the most controversial part: some people argue that Sci-Net introduces paywall similar to publisher.
Even though both might appear similar at a first glance, the differences are profound. Compared to insane publisher paywalls, the entry tax on Sci-Net is symbolic and is not higher than an equivalent of a cup of coffee in most countries. The next difference is that in traditional approach, profits are made by publisher, and ordinary researcher has no control on how the money are used. On Sci-Net, you're using tokens directly to reward uploaders. Payments go to fellow researchers, not to the platform.
Cost to get the tokens:
Press this button to add Solana tokens (SOL) to the wallet. For Sci-Net invite, you will need the amount of SOL roughly equal to 10 USD.
I am not sure how that works though, this says they cost $0.00035 so 1000 should be 35 cents.
MrCynical
Deity
Something tells me that if any university subscription agreement doesn't explicitly ban this already, it soon will. It's common (and more or less impossible to prevent) people privately passing copies of paywalled papers around, so that's safe enough. But signing up as an organized paywall bypass service for personal profit, with accounts and a handy crypto ledger to leave a paper trail? Yeah - that's not smart.
No matter how many "We make everything anonymous - honest!" statements this lot post on their website, info gets leaked all the time. This is a recipe for finding yourself explaining to university admin why their subscriptions to major scientific journals just got suspended. And I don't think a few bucks worth of crypto is going to be much comfort to a PhD student or researcher who finds themselves thrown under the bus to get journal access reinstated.
