Bitcoin spending and transaction can be traceable

It seems that Bitcoin is only designed to eliminate the need for centralized issuer and central authority, but not anonymity, which is a common misconception among internet users as according to one of its developers (Jeff Garzik), transaction is recorded in public log and although the identity of the parties involved can’t be directly identified, the transaction can be easily traced and linked to other accounts through data mining and statistical analysis.

So it is harder to stay anonymous in transactions that involve large currency value.

bitcoinBitcoin is not anonymous

  • The Battle Is On – Silk Road vs Government, and Bitcoin Anonymity
  • How to use GNU Privacy Guard (GPG) – Encrypt, Decrypt, Sign and Verifying identities

    GPG or the GNU Privacy Guard is a free and open source software that implements OpenPGP public-key cryptography message format (RFC4880). You can use GPG to encrypt, decrypt, sign and verify files or emails. To use GPG, you need to generate the public-key/private-key pairs in your computer by running this command, and choose the default option


    gpg --gen-key

    The application will ask you to enter your ID and passphrase, make sure you choose a strong passphrase to guarantee the safety and security of your keys.

    Encrypting and Decrypting Files
    You can use GPG to encrypt files, it can be only decrypted by those who have your public-key. The command that can be used to encrypt file is :

    gpg --out encrypted_file.txt --encrypt original_file.txt

    Run this command to decrypt. Files encrypted with private key can only be decrypted with public key and vice-versa.

    gpg --out decrypted.txt --decrypt encrypted_file.txt

    Signing Email or body of texts
    Alternatively, you can chose to sign emails/texts instead of encrypting them. Signing files is a way to ensure that the message/texts/emails are from the right sender and its content has not been tempered with. You can run this command to sign email or texts :

    gpg --clearsign original_text.txt

    This will produce a signature file which content the original text with PGP signature embedded at the bottom of the message.

    To verify it (assuming you have the public key), you need to run this command:

    gpg --verify original_text.txt.asc

    Continue reading “How to use GNU Privacy Guard (GPG) – Encrypt, Decrypt, Sign and Verifying identities”

    Google Malware Warning Fucked up?

    I don’t know when this thing happened exactly, but I noticed it around 10:57 pm MYT (GMT+8) when I was searching information for Yaesu VX8R handheld radio.

    It seems somehow the Google Malware Warning fucked up and labels all the search result as “may harm your computer”. Funny thing is, Google labels its own website as potentially spreading malware.

    Google Calendar site is spreading malware?
    Google Terfakap

    This incident has showed me how reliant to Google i’ve become, which made me wonder what would happen if suddenly somebody might take advantage of our dependency to Google, and do nasty things to us and to our data? By the way, Google already know what you do, who you are, and where you live.

    Update: This event has been slashdotted, MAKE Magazine blog also covered the story.

    Update 2: Google somehow have fixed the issue at 11:22 pm MYT (GMT +8). Let’s see what they would say about this strange phenomenon.

    Update 3: Thanks to Manley, it seems Google has not fixed the issue, but rather disabled the Malware warning on its search result.

    Final Update : Google issued a statement in their official blog as well as StopBadware.org