Binary Options Trading Station download SourceForge.net

Everything You Always Wanted To Know About Swaps* (*But Were Afraid To Ask)

Hello, dummies
It's your old pal, Fuzzy.
As I'm sure you've all noticed, a lot of the stuff that gets posted here is - to put it delicately - fucking ridiculous. More backwards-ass shit gets posted to wallstreetbets than you'd see on a Westboro Baptist community message board. I mean, I had a look at the daily thread yesterday and..... yeesh. I know, I know. We all make like the divine Laura Dern circa 1992 on the daily and stick our hands deep into this steaming heap of shit to find the nuggets of valuable and/or hilarious information within (thanks for reading, BTW). I agree. I love it just the way it is too. That's what makes WSB great.
What I'm getting at is that a lot of the stuff that gets posted here - notwithstanding it being funny or interesting - is just... wrong. Like, fucking your cousin wrong. And to be clear, I mean the fucking your *first* cousin kinda wrong, before my Southerners in the back get all het up (simmer down, Billy Ray - I know Mabel's twice removed on your grand-sister's side). Truly, I try to let it slide. I do my bit to try and put you on the right path. Most of the time, I sleep easy no matter how badly I've seen someone explain what a bank liquidity crisis is. But out of all of those tens of thousands of misguided, autistic attempts at understanding the world of high finance, one thing gets so consistently - so *emphatically* - fucked up and misunderstood by you retards that last night I felt obligated at the end of a long work day to pull together this edition of Finance with Fuzzy just for you. It's so serious I'm not even going to make a u/pokimane gag. Have you guessed what it is yet? Here's a clue. It's in the title of the post.
That's right, friends. Today in the neighborhood we're going to talk all about hedging in financial markets - spots, swaps, collars, forwards, CDS, synthetic CDOs, all that fun shit. Don't worry; I'm going to explain what all the scary words mean and how they impact your OTM RH positions along the way.
We're going to break it down like this. (1) "What's a hedge, Fuzzy?" (2) Common Hedging Strategies and (3) All About ISDAs and Credit Default Swaps.
Before we begin. For the nerds and JV traders in the back (and anyone else who needs to hear this up front) - I am simplifying these descriptions for the purposes of this post. I am also obviously not going to try and cover every exotic form of hedge under the sun or give a detailed summation of what caused the financial crisis. If you are interested in something specific ask a question, but don't try and impress me with your Investopedia skills or technical points I didn't cover; I will just be forced to flex my years of IRL experience on you in the comments and you'll look like a big dummy.
TL;DR? Fuck you. There is no TL;DR. You've come this far already. What's a few more paragraphs? Put down the Cheetos and try to concentrate for the next 5-7 minutes. You'll learn something, and I promise I'll be gentle.
Ready? Let's get started.
1. The Tao of Risk: Hedging as a Way of Life
The simplest way to characterize what a hedge 'is' is to imagine every action having a binary outcome. One is bad, one is good. Red lines, green lines; uppie, downie. With me so far? Good. A 'hedge' is simply the employment of a strategy to mitigate the effect of your action having the wrong binary outcome. You wanted X, but you got Z! Frowny face. A hedge strategy introduces a third outcome. If you hedged against the possibility of Z happening, then you can wind up with Y instead. Not as good as X, but not as bad as Z. The technical definition I like to give my idiot juniors is as follows:
Utilization of a defensive strategy to mitigate risk, at a fraction of the cost to capital of the risk itself.
Congratulations. You just finished Hedging 101. "But Fuzzy, that's easy! I just sold a naked call against my 95% OTM put! I'm adequately hedged!". Spoiler alert: you're not (although good work on executing a collar, which I describe below). What I'm talking about here is what would be referred to as a 'perfect hedge'; a binary outcome where downside is totally mitigated by a risk management strategy. That's not how it works IRL. Pay attention; this is the tricky part.
You can't take a single position and conclude that you're adequately hedged because risks are fluid, not static. So you need to constantly adjust your position in order to maximize the value of the hedge and insure your position. You also need to consider exposure to more than one category of risk. There are micro (specific exposure) risks, and macro (trend exposure) risks, and both need to factor into the hedge calculus.
That's why, in the real world, the value of hedging depends entirely on the design of the hedging strategy itself. Here, when we say "value" of the hedge, we're not talking about cash money - we're talking about the intrinsic value of the hedge relative to the the risk profile of your underlying exposure. To achieve this, people hedge dynamically. In wallstreetbets terms, this means that as the value of your position changes, you need to change your hedges too. The idea is to efficiently and continuously distribute and rebalance risk across different states and periods, taking value from states in which the marginal cost of the hedge is low and putting it back into states where marginal cost of the hedge is high, until the shadow value of your underlying exposure is equalized across your positions. The punchline, I guess, is that one static position is a hedge in the same way that the finger paintings you make for your wife's boyfriend are art - it's technically correct, but you're only playing yourself by believing it.
Anyway. Obviously doing this as a small potatoes trader is hard but it's worth taking into account. Enough basic shit. So how does this work in markets?
2. A Hedging Taxonomy
The best place to start here is a practical question. What does a business need to hedge against? Think about the specific risk that an individual business faces. These are legion, so I'm just going to list a few of the key ones that apply to most corporates. (1) You have commodity risk for the shit you buy or the shit you use. (2) You have currency risk for the money you borrow. (3) You have rate risk on the debt you carry. (4) You have offtake risk for the shit you sell. Complicated, right? To help address the many and varied ways that shit can go wrong in a sophisticated market, smart operators like yours truly have devised a whole bundle of different instruments which can help you manage the risk. I might write about some of the more complicated ones in a later post if people are interested (CDO/CLOs, strip/stack hedges and bond swaps with option toggles come to mind) but let's stick to the basics for now.
(i) Swaps
A swap is one of the most common forms of hedge instrument, and they're used by pretty much everyone that can afford them. The language is complicated but the concept isn't, so pay attention and you'll be fine. This is the most important part of this section so it'll be the longest one.
Swaps are derivative contracts with two counterparties (before you ask, you can't trade 'em on an exchange - they're OTC instruments only). They're used to exchange one cash flow for another cash flow of equal expected value; doing this allows you to take speculative positions on certain financial prices or to alter the cash flows of existing assets or liabilities within a business. "Wait, Fuzz; slow down! What do you mean sets of cash flows?". Fear not, little autist. Ol' Fuzz has you covered.
The cash flows I'm talking about are referred to in swap-land as 'legs'. One leg is fixed - a set payment that's the same every time it gets paid - and the other is variable - it fluctuates (typically indexed off the price of the underlying risk that you are speculating on / protecting against). You set it up at the start so that they're notionally equal and the two legs net off; so at open, the swap is a zero NPV instrument. Here's where the fun starts. If the price that you based the variable leg of the swap on changes, the value of the swap will shift; the party on the wrong side of the move ponies up via the variable payment. It's a zero sum game.
I'll give you an example using the most vanilla swap around; an interest rate trade. Here's how it works. You borrow money from a bank, and they charge you a rate of interest. You lock the rate up front, because you're smart like that. But then - quelle surprise! - the rate gets better after you borrow. Now you're bagholding to the tune of, I don't know, 5 bps. Doesn't sound like much but on a billion dollar loan that's a lot of money (a classic example of the kind of 'small, deep hole' that's terrible for profits). Now, if you had a swap contract on the rate before you entered the trade, you're set; if the rate goes down, you get a payment under the swap. If it goes up, whatever payment you're making to the bank is netted off by the fact that you're borrowing at a sub-market rate. Win-win! Or, at least, Lose Less / Lose Less. That's the name of the game in hedging.
There are many different kinds of swaps, some of which are pretty exotic; but they're all different variations on the same theme. If your business has exposure to something which fluctuates in price, you trade swaps to hedge against the fluctuation. The valuation of swaps is also super interesting but I guarantee you that 99% of you won't understand it so I'm not going to try and explain it here although I encourage you to google it if you're interested.
Because they're OTC, none of them are filed publicly. Someeeeeetimes you see an ISDA (dsicussed below) but the confirms themselves (the individual swaps) are not filed. You can usually read about the hedging strategy in a 10-K, though. For what it's worth, most modern credit agreements ban speculative hedging. Top tip: This is occasionally something worth checking in credit agreements when you invest in businesses that are debt issuers - being able to do this increases the risk profile significantly and is particularly important in times of economic volatility (ctrl+f "non-speculative" in the credit agreement to be sure).
(ii) Forwards
A forward is a contract made today for the future delivery of an asset at a pre-agreed price. That's it. "But Fuzzy! That sounds just like a futures contract!". I know. Confusing, right? Just like a futures trade, forwards are generally used in commodity or forex land to protect against price fluctuations. The differences between forwards and futures are small but significant. I'm not going to go into super boring detail because I don't think many of you are commodities traders but it is still an important thing to understand even if you're just an RH jockey, so stick with me.
Just like swaps, forwards are OTC contracts - they're not publicly traded. This is distinct from futures, which are traded on exchanges (see The Ballad Of Big Dick Vick for some more color on this). In a forward, no money changes hands until the maturity date of the contract when delivery and receipt are carried out; price and quantity are locked in from day 1. As you now know having read about BDV, futures are marked to market daily, and normally people close them out with synthetic settlement using an inverse position. They're also liquid, and that makes them easier to unwind or close out in case shit goes sideways.
People use forwards when they absolutely have to get rid of the thing they made (or take delivery of the thing they need). If you're a miner, or a farmer, you use this shit to make sure that at the end of the production cycle, you can get rid of the shit you made (and you won't get fucked by someone taking cash settlement over delivery). If you're a buyer, you use them to guarantee that you'll get whatever the shit is that you'll need at a price agreed in advance. Because they're OTC, you can also exactly tailor them to the requirements of your particular circumstances.
These contracts are incredibly byzantine (and there are even crazier synthetic forwards you can see in money markets for the true degenerate fund managers). In my experience, only Texan oilfield magnates, commodities traders, and the weirdo forex crowd fuck with them. I (i) do not own a 10 gallon hat or a novelty size belt buckle (ii) do not wake up in the middle of the night freaking out about the price of pork fat and (iii) love greenbacks too much to care about other countries' monopoly money, so I don't fuck with them.
(iii) Collars
No, not the kind your wife is encouraging you to wear try out to 'spice things up' in the bedroom during quarantine. Collars are actually the hedging strategy most applicable to WSB. Collars deal with options! Hooray!
To execute a basic collar (also called a wrapper by tea-drinking Brits and people from the Antipodes), you buy an out of the money put while simultaneously writing a covered call on the same equity. The put protects your position against price drops and writing the call produces income that offsets the put premium. Doing this limits your tendies (you can only profit up to the strike price of the call) but also writes down your risk. If you screen large volume trades with a VOL/OI of more than 3 or 4x (and they're not bullshit biotech stocks), you can sometimes see these being constructed in real time as hedge funds protect themselves on their shorts.
(3) All About ISDAs, CDS and Synthetic CDOs
You may have heard about the mythical ISDA. Much like an indenture (discussed in my post on $F), it's a magic legal machine that lets you build swaps via trade confirms with a willing counterparty. They are very complicated legal documents and you need to be a true expert to fuck with them. Fortunately, I am, so I do. They're made of two parts; a Master (which is a form agreement that's always the same) and a Schedule (which amends the Master to include your specific terms). They are also the engine behind just about every major credit crunch of the last 10+ years.
First - a brief explainer. An ISDA is a not in and of itself a hedge - it's an umbrella contract that governs the terms of your swaps, which you use to construct your hedge position. You can trade commodities, forex, rates, whatever, all under the same ISDA.
Let me explain. Remember when we talked about swaps? Right. So. You can trade swaps on just about anything. In the late 90s and early 2000s, people had the smart idea of using other people's debt and or credit ratings as the variable leg of swap documentation. These are called credit default swaps. I was actually starting out at a bank during this time and, I gotta tell you, the only thing I can compare people's enthusiasm for this shit to was that moment in your early teens when you discover jerking off. Except, unlike your bathroom bound shame sessions to Mom's Sears catalogue, every single person you know felt that way too; and they're all doing it at once. It was a fiscal circlejerk of epic proportions, and the financial crisis was the inevitable bukkake finish. WSB autism is absolutely no comparison for the enthusiasm people had during this time for lighting each other's money on fire.
Here's how it works. You pick a company. Any company. Maybe even your own! And then you write a swap. In the swap, you define "Credit Event" with respect to that company's debt as the variable leg . And you write in... whatever you want. A ratings downgrade, default under the docs, failure to meet a leverage ratio or FCCR for a certain testing period... whatever. Now, this started out as a hedge position, just like we discussed above. The purest of intentions, of course. But then people realized - if bad shit happens, you make money. And banks... don't like calling in loans or forcing bankruptcies. Can you smell what the moral hazard is cooking?
Enter synthetic CDOs. CDOs are basically pools of asset backed securities that invest in debt (loans or bonds). They've been around for a minute but they got famous in the 2000s because a shitload of them containing subprime mortgage debt went belly up in 2008. This got a lot of publicity because a lot of sad looking rednecks got foreclosed on and were interviewed on CNBC. "OH!", the people cried. "Look at those big bad bankers buying up subprime loans! They caused this!". Wrong answer, America. The debt wasn't the problem. What a lot of people don't realize is that the real meat of the problem was not in regular way CDOs investing in bundles of shit mortgage debts in synthetic CDOs investing in CDS predicated on that debt. They're synthetic because they don't have a stake in the actual underlying debt; just the instruments riding on the coattails. The reason these are so popular (and remain so) is that smart structured attorneys and bankers like your faithful correspondent realized that an even more profitable and efficient way of building high yield products with limited downside was investing in instruments that profit from failure of debt and in instruments that rely on that debt and then hedging that exposure with other CDS instruments in paired trades, and on and on up the chain. The problem with doing this was that everyone wound up exposed to everybody else's books as a result, and when one went tits up, everybody did. Hence, recession, Basel III, etc. Thanks, Obama.
Heavy investment in CDS can also have a warping effect on the price of debt (something else that happened during the pre-financial crisis years and is starting to happen again now). This happens in three different ways. (1) Investors who previously were long on the debt hedge their position by selling CDS protection on the underlying, putting downward pressure on the debt price. (2) Investors who previously shorted the debt switch to buying CDS protection because the relatively illiquid debt (partic. when its a bond) trades at a discount below par compared to the CDS. The resulting reduction in short selling puts upward pressure on the bond price. (3) The delta in price and actual value of the debt tempts some investors to become NBTs (neg basis traders) who long the debt and purchase CDS protection. If traders can't take leverage, nothing happens to the price of the debt. If basis traders can take leverage (which is nearly always the case because they're holding a hedged position), they can push up or depress the debt price, goosing swap premiums etc. Anyway. Enough technical details.
I could keep going. This is a fascinating topic that is very poorly understood and explained, mainly because the people that caused it all still work on the street and use the same tactics today (it's also terribly taught at business schools because none of the teachers were actually around to see how this played out live). But it relates to the topic of today's lesson, so I thought I'd include it here.
Work depending, I'll be back next week with a covenant breakdown. Most upvoted ticker gets the post.
*EDIT 1\* In a total blowout, $PLAY won. So it's D&B time next week. Post will drop Monday at market open.
submitted by fuzzyblankeet to wallstreetbets [link] [comments]

[ANN][ANDROID MINING][AIRDROP] NewEnglandcoin: Scrypt RandomSpike

New England
New England 6 States Songs: https://www.reddit.com/newengland/comments/er8wxd/new_england_6_states_songs/
NewEnglandcoin
Symbol: NENG
NewEnglandcoin is a clone of Bitcoin using scrypt as a proof-of-work algorithm with enhanced features to protect against 51% attack and decentralize on mining to allow diversified mining rigs across CPUs, GPUs, ASICs and Android phones.
Mining Algorithm: Scrypt with RandomSpike. RandomSpike is 3rd generation of Dynamic Difficulty (DynDiff) algorithm on top of scrypt.
1 minute block targets base difficulty reset: every 1440 blocks subsidy halves in 2.1m blocks (~ 2 to 4 years) 84,000,000,000 total maximum NENG 20000 NENG per block Pre-mine: 1% - reserved for dev fund ICO: None RPCPort: 6376 Port: 6377
NewEnglandcoin has dogecoin like supply at 84 billion maximum NENG. This huge supply insures that NENG is suitable for retail transactions and daily use. The inflation schedule of NengEnglandcoin is actually identical to that of Litecoin. Bitcoin and Litecoin are already proven to be great long term store of value. The Litecoin-like NENG inflation schedule will make NewEnglandcoin ideal for long term investment appreciation as the supply is limited and capped at a fixed number
Bitcoin Fork - Suitable for Home Hobbyists
NewEnglandcoin core wallet continues to maintain version tag of "Satoshi v0.8.7.5" because NewEnglandcoin is very much an exact clone of bitcoin plus some mining feature changes with DynDiff algorithm. NewEnglandcoin is very suitable as lite version of bitcoin for educational purpose on desktop mining, full node running and bitcoin programming using bitcoin-json APIs.
The NewEnglandcoin (NENG) mining algorithm original upgrade ideas were mainly designed for decentralization of mining rigs on scrypt, which is same algo as litecoin/dogecoin. The way it is going now is that NENG is very suitable for bitcoin/litecoin/dogecoin hobbyists who can not , will not spend huge money to run noisy ASIC/GPU mining equipments, but still want to mine NENG at home with quiet simple CPU/GPU or with a cheap ASIC like FutureBit Moonlander 2 USB or Apollo pod on solo mining setup to obtain very decent profitable results. NENG allows bitcoin litecoin hobbyists to experience full node running, solo mining, CPU/GPU/ASIC for a fun experience at home at cheap cost without breaking bank on equipment or electricity.
MIT Free Course - 23 lectures about Bitcoin, Blockchain and Finance (Fall,2018)
https://www.youtube.com/playlist?list=PLUl4u3cNGP63UUkfL0onkxF6MYgVa04Fn
CPU Minable Coin Because of dynamic difficulty algorithm on top of scrypt, NewEnglandcoin is CPU Minable. Users can easily set up full node for mining at Home PC or Mac using our dedicated cheetah software.
Research on the first forked 50 blocks on v1.2.0 core confirmed that ASIC/GPU miners mined 66% of 50 blocks, CPU miners mined the remaining 34%.
NENG v1.4.0 release enabled CPU mining inside android phones.
Youtube Video Tutorial
How to CPU Mine NewEnglandcoin (NENG) in Windows 10 Part 1 https://www.youtube.com/watch?v=sdOoPvAjzlE How to CPU Mine NewEnglandcoin (NENG) in Windows 10 Part 2 https://www.youtube.com/watch?v=nHnRJvJRzZg
How to CPU Mine NewEnglandcoin (NENG) in macOS https://www.youtube.com/watch?v=Zj7NLMeNSOQ
Decentralization and Community Driven NewEnglandcoin is a decentralized coin just like bitcoin. There is no boss on NewEnglandcoin. Nobody nor the dev owns NENG.
We know a coin is worth nothing if there is no backing from community. Therefore, we as dev do not intend to make decision on this coin solely by ourselves. It is our expectation that NewEnglandcoin community will make majority of decisions on direction of this coin from now on. We as dev merely view our-self as coin creater and technical support of this coin while providing NENG a permanent home at ShorelineCrypto Exchange.
Twitter Airdrop
Follow NENG twitter and receive 100,000 NENG on Twitter Airdrop to up to 1000 winners
Graphic Redesign Bounty
Top one award: 90.9 million NENG Top 10 Winners: 500,000 NENG / person Event Timing: March 25, 2019 - Present Event Address: NewEnglandcoin DISCORD at: https://discord.gg/UPeBwgs
Please complete above Twitter Bounty requirement first. Then follow Below Steps to qualify for the Bounty: (1) Required: submit your own designed NENG logo picture in gif, png jpg or any other common graphic file format into DISCORD "bounty-submission" board (2) Optional: submit a second graphic for logo or any other marketing purposes into "bounty-submission" board. (3) Complete below form.
Please limit your submission to no more than two total. Delete any wrongly submitted or undesired graphics in the board. Contact DISCORD u/honglu69#5911 or u/krypton#6139 if you have any issues.
Twitter Airdrop/Graphic Redesign bounty sign up: https://goo.gl/forms/L0vcwmVi8c76cR7m1
Milestones
Roadmap
NENG v1.4.0 Android Mining, randomSpike Evaluation https://github.com/ShorelineCrypto/NewEnglandCoin/releases/download/NENG_2020_Q3_report/NENG_2020_Q3_report.pdf
RandomSpike - NENG core v1.3.0 Hardfork Upgrade Proposal https://github.com/ShorelineCrypto/NewEnglandCoin/releases/download/2020Q1_Report/Scrypt_RandomSpike_NENGv1.3.0_Hardfork_Proposal.pdf
NENG Security, Decentralization & Valuation
https://github.com/ShorelineCrypto/NewEnglandCoin/releases/download/2019Q2_report/NENG_Security_Decentralization_Value.pdf
Whitepaper v1.0 https://github.com/ShorelineCrypto/NewEnglandCoin/releases/download/whitepaper_v1.0/NENG_WhitePaper.pdf
DISCORD https://discord.gg/UPeBwgs
Explorer
http://www.findblocks.com/exploreNENG http://86.100.49.209/exploreNENG http://nengexplorer.mooo.com:3001/
Step by step guide on how to setup an explorer: https://github.com/ShorelineCrypto/nengexplorer
Github https://github.com/ShorelineCrypto/NewEnglandCoin
Wallet
Android with UserLand App (arm64/armhf), Chromebook (x64/arm64/armhf): https://github.com/ShorelineCrypto/NewEnglandCoin/releases/tag/v1.4.0.5
Linux Wallet (Ubuntu/Linux Mint, Debian/MX Linux, Arch/Manjaro, Fedora, openSUSE): https://github.com/ShorelineCrypto/NewEnglandCoin/releases/tag/v1.4.0.3
MacOS Wallet (10.11 El Capitan or higher): https://github.com/ShorelineCrypto/NewEnglandCoin/releases/tag/v1.4.0.2
Android with GNUroot on 32 bits old Phones (alpha release) wallet: https://github.com/ShorelineCrypto/NewEnglandCoin/releases/tag/v1.4.0
Windows wallet: https://github.com/ShorelineCrypto/NewEnglandCoin/releases/tag/v1.3.0.1
addnode ip address for the wallet to sync faster, frequently updated conf file: https://github.com/ShorelineCrypto/cheetah_cpumineblob/mastenewenglandcoin.conf-example
How to Sync Full Node Desktop Wallet https://www.reddit.com/NewEnglandCoin/comments/er6f0q/how_to_sync_full_node_desktop_wallet/
TWITTER https://twitter.com/newenglandcoin
REDDIT https://www.reddit.com/NewEnglandCoin/
Cheetah CPU Miner Software https://github.com/ShorelineCrypto/cheetah_cpuminer
Solo Mining with GPU or ASIC https://bitcointalk.org/index.php?topic=5027091.msg52187727#msg52187727
How to Run Two Full Node in Same Desktop PC https://bitcointalk.org/index.php?topic=5027091.msg53581449#msg53581449
ASIC/GPU Mining Pools Warning to Big ASIC Miners Due to DynDiff Algo on top of Scrypt, solo mining is recommended for ASIC/GPU miners. Further more, even for mining pools, small mining pool will generate better performance than big NENG mining pool because of new algo v1.2.x post hard fork.
The set up configuration of NENG for scrypt pool mining is same as a typical normal scrypt coin. In other word, DynDiff on Scrypt algo is backward compatible with Scrypt algo. Because ASIC/GPU miners rely on CPU miners for smooth blockchain movement, checkout bottom of "Latest News" section for A WARNING to All ASIC miners before you decide to dump big ASIC hash rate into NENG mining.
(1) Original DynDiff Warning: https://bitcointalk.org/index.php?topic=5027091.msg48324708#msg48324708 (2) New Warning on RandomSpike Spike difficulty (244k) introduced in RandomSpike served as roadblocks to instant mining and provide security against 51% attack risk. However, this spike difficulty like a roadblock that makes big ASIC mining less profitable. In case of spike block to be mined, the spike difficulty immediately serve as base difficulty, which will block GPU/ASIC miners effectively and leave CPU cheetah solo miners dominating mining almost 100% until next base difficulty reset.
FindBlocks http://findblocks.com/
CRpool http://crpool.xyz/
Cminors' Pool http://newenglandcoin.cminors-pool.com/
SPOOL https://spools.online/
Exchange
📷
https://shorelinecrypto.com/
Features: anonymous sign up and trading. No restriction or limit on deposit or withdraw.
The trading pairs available: NewEnglandcoin (NENG) / Dogecoin (DOGE)
Trading commission: A round trip trading will incur 0.10% trading fees in average. Fees are paid only on buyer side. buy fee: 0.2% / sell fee: 0% Deposit fees: free for all coins Withdraw fees: ZERO per withdraw. Mining fees are appointed by each coin blockchain. To cover the blockchain mining fees, there is minimum balance per coin per account: * Dogecoin 2 DOGE * NewEnglandcoin 1 NENG
Latest News Aug 30, 2020 - NENG v1.4.0.5 Released for Android/Chromebook Upgrade with armhf, better hardware support https://bitcointalk.org/index.php?topic=5027091.msg55098029#msg55098029
Aug 11, 2020 - NENG v1.4.0.4 Released for Android arm64 Upgrade / Chromebook Support https://bitcointalk.org/index.php?topic=5027091.msg54977437#msg54977437
Jul 30, 2020 - NENG v1.4.0.3 Released for Linux Wallet Upgrade with 8 Distros https://bitcointalk.org/index.php?topic=5027091.msg54898540#msg54898540
Jul 21, 2020 - NENG v1.4.0.2 Released for MacOS Upgrade with Catalina https://bitcointalk.org/index.php?topic=5027091.msg54839522#msg54839522
Jul 19, 2020 - NENG v1.4.0.1 Released for MacOS Wallet Upgrade https://bitcointalk.org/index.php?topic=5027091.msg54830333#msg54830333
Jul 15, 2020 - NENG v1.4.0 Released for Android Mining, Ubuntu 20.04 support https://bitcointalk.org/index.php?topic=5027091.msg54803639#msg54803639
Jul 11, 2020 - NENG v1.4.0 Android Mining, randomSpike Evaluation https://bitcointalk.org/index.php?topic=5027091.msg54777222#msg54777222
Jun 27, 2020 - Pre-Announce: NENG v1.4.0 Proposal for Mobile Miner Upgrade, Android Mining Start in July 2020 https://bitcointalk.org/index.php?topic=5027091.msg54694233#msg54694233
Jun 19, 2020 - Best Practice for Futurebit Moonlander2 USB ASIC on solo mining mode https://bitcointalk.org/index.php?topic=5027091.msg54645726#msg54645726
Mar 15, 2020 - Scrypt RandomSpike - NENG v1.3.0.1 Released for better wallet syncing https://bitcointalk.org/index.php?topic=5027091.msg54030923#msg54030923
Feb 23, 2020 - Scrypt RandomSpike - NENG Core v1.3.0 Relased, Hardfork on Mar 1 https://bitcointalk.org/index.php?topic=5027091.msg53900926#msg53900926
Feb 1, 2020 - Scrypt RandomSpike Proposal Published- NENG 1.3.0 Hardfork https://bitcointalk.org/index.php?topic=5027091.msg53735458#msg53735458
Jan 15, 2020 - NewEnglandcoin Dev Team Expanded with New Kickoff https://bitcointalk.org/index.php?topic=5027091.msg53617358#msg53617358
Jan 12, 2020 - Explanation of Base Diff Reset and Effect of Supply https://www.reddit.com/NewEnglandCoin/comments/envmo1/explanation_of_base_diff_reset_and_effect_of/
Dec 19, 2019 - Shoreline_tradingbot version 1.0 is released https://bitcointalk.org/index.php?topic=5121953.msg53391184#msg53391184
Sept 1, 2019 - NewEnglandcoin (NENG) is Selected as Shoreline Tradingbot First Supported Coin https://bitcointalk.org/index.php?topic=5027091.msg52331201#msg52331201
Aug 15, 2019 - Mining Update on Effect of Base Difficulty Reset, GPU vs ASIC https://bitcointalk.org/index.php?topic=5027091.msg52169572#msg52169572
Jul 7, 2019 - CPU Mining on macOS Mojave is supported under latest Cheetah_Cpuminer Release https://bitcointalk.org/index.php?topic=5027091.msg51745839#msg51745839
Jun 1, 2019 - NENG Fiat project is stopped by Square, Inc https://bitcointalk.org/index.php?topic=5027091.msg51312291#msg51312291
Apr 21, 2019 - NENG Fiat Project is Launched by ShorelineCrypto https://bitcointalk.org/index.php?topic=5027091.msg50714764#msg50714764
Apr 7, 2019 - Announcement of Fiat Project for all U.S. Residents & Mobile Miner Project Initiation https://bitcointalk.org/index.php?topic=5027091.msg50506585#msg50506585
Apr 1, 2019 - Disclosure on Large Buying on NENG at ShorelineCrypto Exchange https://bitcointalk.org/index.php?topic=5027091.msg50417196#msg50417196
Mar 27, 2019 - Disclosure on Large Buying on NENG at ShorelineCrypto Exchange https://bitcointalk.org/index.php?topic=5027091.msg50332097#msg50332097
Mar 17, 2019 - Disclosure on Large Buying on NENG at ShorelineCrypto Exchange https://bitcointalk.org/index.php?topic=5027091.msg50208194#msg50208194
Feb 26, 2019 - Community Project - NewEnglandcoin Graphic Redesign Bounty Initiated https://bitcointalk.org/index.php?topic=5027091.msg49931305#msg49931305
Feb 22, 2019 - Dev Policy on Checkpoints on NewEnglandcoin https://bitcointalk.org/index.php?topic=5027091.msg49875242#msg49875242
Feb 20, 2019 - NewEnglandCoin v1.2.1 Released to Secure the Hard Kork https://bitcointalk.org/index.php?topic=5027091.msg49831059#msg49831059
Feb 11, 2019 - NewEnglandCoin v1.2.0 Released, Anti-51% Attack, Anti-instant Mining after Hard Fork https://bitcointalk.org/index.php?topic=5027091.msg49685389#msg49685389
Jan 13, 2019 - Cheetah_CpuMiner added support for CPU Mining on Mac https://bitcointalk.org/index.php?topic=5027091.msg49218760#msg49218760
Jan 12, 2019 - NENG Core v1.1.2 Released to support MacOS OSX Wallet https://bitcointalk.org/index.php?topic=5027091.msg49202088#msg49202088
Jan 2, 2019 - Cheetah_Cpuminer v1.1.0 is released for both Linux and Windows https://bitcointalk.org/index.php?topic=5027091.msg49004345#msg49004345
Dec 31, 2018 - Technical Whitepaper is Released https://bitcointalk.org/index.php?topic=5027091.msg48990334#msg48990334
Dec 28, 2018 - Cheetah_Cpuminer v1.0.0 is released for Linux https://bitcointalk.org/index.php?topic=5027091.msg48935135#msg48935135
Update on Dec 14, 2018 - NENG Blockchain Stuck Issue https://bitcointalk.org/index.php?topic=5027091.msg48668375#msg48668375
Nov 27, 2018 - Exclusive for PC CPU Miners - How to Steal a Block from ASIC Miners https://bitcointalk.org/index.php?topic=5027091.msg48258465#msg48258465
Nov 28, 2018 - How to CPU Mine a NENG block with window/linux PC https://bitcointalk.org/index.php?topic=5027091.msg48298311#msg48298311
Nov 29, 2018 - A Warning to ASIC Miners https://bitcointalk.org/index.php?topic=5027091.msg48324708#msg48324708
Disclosure: Dev Team Came from ShorelineCrypto, a US based Informatics Service Business offering Fee for service for Coin Creation, Coin Exchange Listing, Blockchain Consulting, etc.
submitted by honglu69 to NewEnglandCoin [link] [comments]

Step-by-Step Guide for Adding a Stack, Expanding Control Lines, and Building an Assembler

After the positive response to my first tutorial on expanding the RAM, I thought I'd continue the fun by expanding the capabilities of Ben's 8-bit CPU even further. That said, you'll need to have done the work in the previous post to be able to do this. You can get a sense for what we'll do in this Imgur gallery.
In this tutorial, we'll balance software and hardware improvements to make this a pretty capable machine:

Parts List

To only update the hardware, you'll need:
If you want to update the toolchain, you'll need:
  1. Arduino Mega 2560 (Amazon) to create the programmer.
  2. Ribbon Jumper Cables (Amazon) to connect the Arduino to the breadboard.
  3. TL866 II Plus EEPROM Programmer (Amazon) to program the ROM.
Bonus Clock Improvement: One additional thing I did is replace the 74LS04 inverter in Ben's clock circuit with a 74LS14 inverting Schmitt trigger (datasheet, Jameco). The pinouts are identical! Just drop it in, wire the existing lines, and then run the clock output through it twice (since it's inverting) to get a squeaky clean clock signal. Useful if you want to go even faster with the CPU.

Step 1: Program with an Arduino and Assembler (Image 1, Image 2)

There's a certain delight in the physical programming of a computer with switches. This is how Bill Gates and Paul Allen famously programmed the Altair 8800 and started Microsoft. But at some point, the hardware becomes limited by how effectively you can input the software. After upgrading the RAM, I quickly felt constrained by how long it took to program everything.
You can continue to program the computer physically if you want and even after upgrading that option is still available, so this step is optional. There's probably many ways to approach the programming, but this way felt simple and in the spirit of the build. We'll use an Arduino Mega 2560, like the one in Ben's 6502 build, to program the RAM. We'll start with a homemade assembler then switch to something more robust.
Preparing the Physical Interface
The first thing to do is prepare the CPU to be programmed by the Arduino. We already did the hard work on this in the RAM upgrade tutorial by using the bus to write to the RAM and disconnecting the control ROM while in program mode. Now we just need to route the appropriate lines to a convenient spot on the board to plug the Arduino into.
  1. This is optional, but I rewired all the DIP switches to have ground on one side, rather than alternating sides like Ben's build. This just makes it easier to route wires.
  2. Wire the 8 address lines from the DIP switch, connecting the side opposite to ground (the one going to the chips) to a convenient point on the board. I put them on the far left, next to the address LEDs and above the write button circuit.
  3. Wire the 8 data lines from the DIP switch, connecting the side opposite to ground (the one going to the chips) directly below the address lines. Make sure they're separated by the gutter so they're not connected.
  4. Wire a line from the write button to your input area. You want to connect the side of the button that's not connected to ground (the one going to the chip).
So now you have one convenient spot with 8 address lines, 8 data lines, and a write line. If you want to get fancy, you can wire them into some kind of connector, but I found that ribbon jumper cables work nicely and keep things tidy.
The way we'll program the RAM is to enter program mode and set all the DIP switches to the high position (e.g., 11111111). Since the switches are upside-down, this means they'll all be disconnected and not driving to ground. The address and write lines will simply be floating and the data lines will be weakly pulled up by 1k resistors. Either way, the Arduino can now drive the signals going into the chips using its outputs.
Creating the Arduino Programmer
Now that we can interface with an Arduino, we need to write some software. If you follow Ben's 6502 video, you'll have all the knowledge you need to get this working. If you want some hints and code, see below (source code):
  1. Create arrays for your data and address lines. For example: const char ADDRESS_LINES[] = {39, 41, 43, 45, 47, 49, 51, 53};. Create your write line with #define RAM_WRITE 3.
  2. Create functions to enable and disable your address and data lines. You want to enable them before writing. Make sure to disable them afterward so that you can still manually program using DIP switches without disconnecting the Arduino. The code looks like this (just change INPUT to OUTPUT accordingly): for(int n = 0; n < 8; n += 1) { pinMode(ADDRESS_LINES[n], OUTPUT); }
  3. Create a function to write to an address. It'll look like void writeData(byte writeAddress, byte writeData) and basically use two loops, one for address and one for data, followed by toggling the write.
  4. Create a char array that contains your program and data. You can use #define to create opcodes like #define LDA 0x01.
  5. In your main function, loop through the program array and send it through writeData.
With this setup, you can now load multi-line programs in a fraction of a second! This can really come in handy with debugging by stress testing your CPU with software. Make sure to test your setup with existing programs you know run reliably. Now that you have your basic setup working, you can add 8 additional lines to read the bus and expand the program to let you read memory locations or even monitor the running of your CPU.
Making an Assembler
The above will serve us well but it's missing a key feature: labels. Labels are invaluable in assembly because they're so versatile. Jumps, subroutines, variables all use labels. The problem is that labels require parsing. Parsing is a fun project on the road to a compiler but not something I wanted to delve into right now--if you're interested, you can learn about Flex and Bison. Instead, I found a custom assembler that lets you define your CPU's instruction set and it'll do everything else for you. Let's get it setup:
  1. If you're on Windows, you can use the pre-built binaries. Otherwise, you'll need to install Rust and compile via cargo build.
  2. Create a file called 8bit.cpu and define your CPU instructions (source code). For example, LDA would be lda {address} -> 0x01 @ address[7:0]. What's cool is you can also now create the instruction's immediate variant instead of having to call it LDI: lda #{value} -> 0x05 @ value[7:0].
  3. You can now write assembly by adding #include "8bit.cpu" to the top of your code. There's a lot of neat features so make sure to read the documentation!
  4. Once you've written some assembly, you can generate the machine code using ./customasm yourprogram.s -f hexc -p. This prints out a char array just like our Arduino program used!
  5. Copy the char array into your Arduino program and send it to your CPU.
At this stage, you can start creating some pretty complex programs with ease. I would definitely play around with writing some larger programs. I actually found a bug in my hardware that was hidden for a while because my programs were never very complex!

Step 2: Expand the Control Lines (Image)

Before we can expand the CPU any further, we have to address the fact we're running out of control lines. An easy way to do this is to add a 3rd 28C16 ROM and be on your way. If you want something a little more involved but satisfying, read on.
Right now the control lines are one hot encoded. This means that if you have 4 lines, you can encode 4 states. But we know that a 4-bit binary number can encode 16 states. We'll use this principle via 74LS138 decoders, just like Ben used for the step counter.
Choosing the Control Line Combinations
Everything comes with trade-offs. In the case of combining control lines, it means the two control lines we choose to combine can never be activated at the same time. We can ensure this by encoding all the inputs together in the first 74LS138 and all the outputs together in a second 74LS138. We'll keep the remaining control lines directly connected.
Rewiring the Control Lines
If your build is anything like mine, the control lines are a bit of a mess. You'll need to be careful when rewiring to ensure it all comes back together correctly. Let's get to it:
  1. Place the two 74LS138 decoders on the far right side of the breadboard with the ROMs. Connect them to power and ground.
  2. You'll likely run out of inverters, so place a 74LS04 on the breadboard above your decoders. Connect it to power and ground.
  3. Carefully take your inputs (MI, RI, II, AI, BI, J) and wire them to the outputs of the left 74LS138. Do not wire anything to O0 because that's activated by 000 which won't work for us!
  4. Carefully take your outputs (RO, CO, AO, EO) and wire them to the outputs of the right 74LS138. Remember, do not wire anything to O0!
  5. Now, the 74LS138 outputs are active low, but the ROM outputs were active high. This means you need to swap the wiring on all your existing 74LS04 inverters for the LEDs and control lines to work. Make sure you track which control lines are supposed to be active high vs. active low!
  6. Wire E3 to power and E2 to ground. Connect the E1 on both 138s together, then connect it to the same line as OE on your ROMs. This will ensure that the outputs are disabled when you're in program mode. You can actually take off the 1k pull-up resistors from the previous tutorial at this stage, because the 138s actively drive the lines going to the 74LS04 inverters rather than floating like the ROMs.
At this point, you really need to ensure that the massive rewiring job was successful. Connect 3 jumper wires to A0-A2 and test all the combinations manually. Make sure the correct LED lights up and check with a multimeteoscilloscope that you're getting the right signal at each chip. Catching mistakes at this point will save you a lot of headaches! Now that everything is working, let's finish up:
  1. Connect A0-A2 of the left 74LS138 to the left ROM's A0-A2.
  2. Connect A0-A2 of the right 74LS138 to the right ROM's A0-A2.
  3. Distribute the rest of the control signals across the two ROMs.
Changing the ROM Code
This part is easy. We just need to update all of our #define with the new addresses and program the ROMs again. For clarity that we're not using one-hot encoding anymore, I recommend using hex instead of binary. So instead of #define MI 0b0000000100000000, we can use #define MI 0x0100, #define RI 0x0200, and so on.
Testing
Expanding the control lines required physically rewiring a lot of critical stuff, so small mistakes can creep up and make mysterious errors down the road. Write a program that activates each control line at least once and make sure it works properly! With your assembler and Arduino programmer, this should be trivial.
Bonus: Adding B Register Output
With the additional control lines, don't forget you can now add a BO signal easily which lets you fully use the B register.

Step 3: Add a Stack (Image 1, Image 2)

Adding a stack significantly expands the capability of the CPU. It enables subroutines, recursion, and handling interrupts (with some additional logic). We'll create our stack with an 8-bit stack pointer hard-coded from $0100 to $01FF, just like the 6502.
Wiring up the Stack Pointer
A stack pointer is conceptually similar to a program counter. It stores an address, you can read it and write to it, and it increments. The only difference between a stack pointer and a program counter is that the stack pointer must also decrement. To create our stack pointer, we'll use two 74LS193 4-bit up/down binary counters:
  1. Place a 74LS00 NAND gate, 74LS245 transceiver, and two 74LS193 counters in a row next to your output register. Wire up power and ground.
  2. Wire the the Carry output of the right 193 to the Count Up input of the left 193. Do the same for the Borrow output and Count Down input.
  3. Connect the Clear input between the two 193s and with an active high reset line. The B register has one you can use on its 74LS173s.
  4. Connect the Load input between the two 193s and to a new active low control line called SI on your 74LS138 decoder.
  5. Connect the QA-QD outputs of the lower counter to A8-A5 and the upper counter to A4-A1. Pay special attention because the output are in a weird order (BACD) and you want to make sure the lower A is connected to A8 and the upper A is connected to A4.
  6. Connect the A-D inputs of the lower counter to B8-B5 and the upper counter to B4-B1. Again, the inputs are in a weird order and on both sides of the chip so pay special attention.
  7. Connect the B1-B8 outputs of the 74LS245 transceiver to the bus.
  8. On the 74LS245 transceiver, connect DIR to power (high) and connect OE to a new active low control line called SO on your 74LS138 decoder.
  9. Add 8 LEDs and resistors to the lower part of the 74LS245 transceiver (A1-A8) so you can see what's going on with the stack pointer.
Enabling Increment & Decrement
We've now connected everything but the Count Up and Count Down inputs. The way the 74LS193 works is that if nothing is counting, both inputs are high. If you want to increment, you keep Count Down high and pulse Count Up. To decrement, you do the opposite. We'll use a 74LS00 NAND gate for this:
  1. Take the clock from the 74LS08 AND gate and make it an input into two different NAND gates on the 74LS00.
  2. Take the output from one NAND gate and wire it to the Count Up input on the lower 74LS193 counter. Take the other output and wire it to the Count Down input.
  3. Wire up a new active high control line called SP from your ROM to the NAND gate going into Count Up.
  4. Wire up a new active high control line called SM from your ROM to the NAND gate going into Count Down.
At this point, everything should be working. Your counter should be able to reset, input a value, output a value, and increment/decrement. But the issue is it'll be writing to $0000 to $00FF in the RAM! Let's fix that.
Accessing Higher Memory Addresses
We need the stack to be in a different place in memory than our regular program. The problem is, we only have an 8-bit bus, so how do we tell the RAM we want a higher address? We'll use a special control line to do this:
  1. Wire up an active high line called SA from the 28C16 ROM to A8 on the Cypress CY7C199 RAM.
  2. Add an LED and resistor so you can see when the stack is active.
That's it! Now, whenever we need the stack we can use a combination of the control line and stack pointer to access $0100 to $01FF.
Updating the Instruction Set
All that's left now is to create some instructions that utilize the stack. We'll need to settle some conventions before we begin:
If you want to add a little personal flair to your design, you can change the convention fairly easily. Let's implement push and pop (source code):
  1. Define all your new control lines, such as #define SI 0x0700 and #define SO 0x0005.
  2. Create two new instructions: PSH (1011) and POP (1100).
  3. PSH starts the same as any other for the first two steps: MI|CO and RO|II|CE. The next step is to put the contents of the stack pointer into the address register via MI|SO|SA. Recall that SA is the special control line that tells the memory to access the $01XX bank rather than $00XX.
  4. We then take the contents of AO and write it into the RAM. We can also increment the stack pointer at this stage. All of this is done via: AO|RI|SP|SA, followed by TR.
  5. POP is pretty similar. Start off with MI|CO and RO|II|CE. We then need to take a cycle and decrement the stack pointer with SM. Like with PSH, we then set the address register with MI|SO|SA.
  6. We now just need to output the RAM into our A register with RO|AI|SA and then end the instruction with TR.
  7. Updating the assembler is easy since neither instruction has operands. For example, push is just psh -> 0x0B.
And that's it! Write some programs that take advantage of your new 256 byte stack to make sure everything works as expected.

Step 4: Add Subroutine Instructions (Image)

The last step to complete our stack is to add subroutine instructions. This allows us to write complex programs and paves the way for things like interrupt handling.
Subroutines are like a blend of push/pop instructions and a jump. Basically, when you want to call a subroutine, you save your spot in the program by pushing the program counter onto the stack, then jumping to the subroutine's location in memory. When you're done with the subroutine, you simply pop the program counter value from the stack and jump back into it.
We'll follow 6502 conventions and only save and restore the program counter for subroutines. Other CPUs may choose to save more state, but it's generally left up to the programmer to ensure they're not wiping out states in their subroutines (e.g., push the A register at the start of your subroutine if you're messing with it and restore it before you leave).
Adding an Extra Opcode Line
I've started running low on opcodes at this point. Luckily, we still have two free address lines we can use. To enable 5-bit opcodes, simply wire up the 4Q output of your upper 74LS173 register to A7 of your 28C16 ROM (this assumes your opcodes are at A3-A6).
Updating the ROM Writer
At this point, you simply need to update the Arduino writer to support 32 instructions vs. the current 16. So, for example, UCODE_TEMPLATE[16][8] becomes UCODE_TEMPLATE[32][8] and you fill in the 16 new array elements with nop. The problem is that the Arduino only has so much memory and with the way Ben's code is written to support conditional jumps, it starts to get tight.
I bet the code can be re-written to handle this, but I had a TL866II Plus EEPROM programmer handy from the 6502 build and I felt it would be easier to start using that instead. Converting to a regular C program is really simple (source code):
  1. Copy all the #define, global const arrays (don't forget to expand them from 16 to 32), and void initUCode(). Add #include and #include to the top.
  2. In your traditional int main (void) C function, after initializing with initUCode(), make two arrays: char ucode_upper[2048] and char ucode_lower[2048].
  3. Take your existing loop code that loops through all addresses: for (int address = 0; address < 2048; address++).
  4. Modify instruction to be 5-bit with int instruction = (address & 0b00011111000) >> 3;.
  5. When writing, just write to the arrays like so: ucode_lower[address] = ucode[flags][instruction][step]; and ucode_upper[address] = ucode[flags][instruction][step] >> 8;.
  6. Open a new file with FILE *f = fopen("rom_upper.hex", "wb");, write to it with fwrite(ucode_upper, sizeof(char), sizeof(ucode_upper), f); and close it with fclose(f);. Repeat this with the lower ROM too.
  7. Compile your code using gcc (you can use any C compiler), like so: gcc -Wall makerom.c -o makerom.
Running your program will spit out two binary files with the full contents of each ROM. Writing the file via the TL866II Plus requires minipro and the following command: minipro -p CAT28C16A -w rom_upper.hex.
Adding Subroutine Instructions
At this point, I cleaned up my instruction set layout a bit. I made psh and pop 1000 and 1001, respectively. I then created two new instructions: jsr and rts. These allow us to jump to a subroutine and returns from a subroutine. They're relatively simple:
  1. For jsr, the first three steps are the same as psh: MI|CO, RO|II|CE, MI|SO|SA.
  2. On the next step, instead of AO we use CO to save the program counter to the stack: CO|RI|SP|SA.
  3. We then essentially read the 2nd byte to do a jump and terminate: MI|CO, RO|J.
  4. For rts, the first four steps are the same as pop: MI|CO, RO|II|CE, SM, MI|SO|SA.
  5. On the next step, instead of AI we use J to load the program counter with the contents in stack: RO|J|SA.
  6. We're not done! If we just left this as-is, we'd jump to the 2nd byte of jsr which is not an opcode, but a memory address. All hell would break loose! We need to add a CE step to increment the program counter and then terminate.
Once you update the ROM, you should have fully functioning subroutines with 5-bit opcodes. One great way to test them is to create a recursive program to calculate something--just don't go too deep or you'll end up with a stack overflow!

Conclusion

And that's it! Another successful upgrade of your 8-bit CPU. You now have a very capable machine and toolchain. At this point I would have a bunch of fun with the software aspects. In terms of hardware, there's a number of ways to go from here:
  1. Interrupts. Interrupts are just special subroutines triggered by an external line. You can make one similar to how Ben did conditional jumps. The only added complexity is the need to load/save the flags register since an interrupt can happen at any time and you don't want to destroy the state. Given this would take more than 8 steps, you'd also need to add another line for the step counter (see below).
  2. ROM expansion. At this point, address lines on the ROM are getting tight which limits any expansion possibilities. With the new approach to ROM programming, it's trivial to switch out the 28C16 for the 28C256 that Ben uses in the 6502. These give you 4 additional address lines for flags/interrupts, opcodes, and steps.
  3. LCD output. At this point, adding a 16x2 character LCD like Ben uses in the 6502 is very possible.
  4. Segment/bank register. It's essentially a 2nd memory address register that lets you access 256-byte segments/banks of RAM using bank switching. This lets you take full advantage of the 32K of RAM in the Cypress chip.
  5. Fast increment instructions. Add these to registers by replacing 74LS173s with 74LS193s, allowing you to more quickly increment without going through the ALU. This is used to speed up loops and array operations.
submitted by MironV to beneater [link] [comments]

Freestanding in Prague

Freestanding in Prague

The C++ standards committee met in Prague, Czech Republic between Feb 10 and Feb 15. The standard is wording complete, and the only thing between here and getting it published is ISO process. As is typical for me at these meetings, I spent a lot of time doing freestanding things, Library Incubator (LEWGI) things, and minuting along the way (15-ish sessions/papers!).

Freestanding

I had three freestanding papers coming into this meeting:
The first two papers are pieces of my former "P0829: Freestanding Proposal" paper, and had been seen by the Feature Test study group in Belfast. During this meeting, I got to run them by the Library Incubator for some design feedback. The papers were received well, though some potential danger points still exist. Library Evolution can look at the papers as soon as they have time.
P2013 is the first smaller piece taken out of "P1105: Leaving no room for a lower-level language: A C++ Subset". Exceptions are probably the most important thing in P1105, but there's so much activity going on in this area that it is hard for me to make good recommendations. The next highest priority was new and delete, hence P2013 being born. I also felt that P2013 was a good test paper to see if the committee was willing to make any language based change for freestanding.
I had presented P2013 in a prior Low Latency / SG14 telecon, and received unanimous approval (no neutral, no against votes). I was able to present it in the Evolution Incubator, and received no against votes. Then, in a surprisingly quick turnaround, I was able to present to Evolution, and again received no against votes. So now I just need to come up with wording that accomplishes my goals, without breaking constant evaluated new.

Errors and ABI

On Monday, we held a join session between Evolution and Library Evolution to talk about one of the C++ boogeymen, ABI. P1836 and P2028 have good background reading if you are not familiar with the topic. The usual arguments were raised, including that we are losing out on performance by preserving ABI, and that breaking ABI would mean abandoning some software that cannot be rebuilt today. We took some polls, and I fear that each person will interpret the polls differently. The way I interpreted the polls is that we won't do a "big" ABI break anytime soon, but we will be more willing to consider compiler heroics in order to do ABI breaks in the library.
One ABI area that is frequently overlooked is the situation that I am in. I can rebuild all of my source code, but even despite that I still care about ABI because I don't ship all of it together. I build a library with a plugin architecture, and breaking ABI would mean updating all the plugins on customer systems simultaneously... which is no easy task. I also ship binaries on Linux systems. We would prefer to be able to use new C++ features, despite targeting the various "LTS" distributions. ABI stability is a big part of that. I am hoping to make another post to cpp with my thoughts in the next few months, tentatively titled "ABI Breaks: Not just about rebuilding".
On Tuesday, LEWG discussed "P1656: 'Throws: Nothing' should be noexcept". This is a substantial change to the policy laid out in N3279, authored by Alisdair Meredith. That's why it is informally called the "Lakos" rule. We discussed the trade-offs involved, including how adding noexcept can constrain future changes, how noexcept can make precondition tests more difficult, and how this will change little in practice, because implementers already mark most "Throws: Nothing" calls as noexcept. Arguments about performance, code bloat, and standards guaranteed portability won out though. This paper was "only" a policy change, so a follow-on paper will need to be authored by someone in order to actually do the noexcept marking.
Wednesday night we had a social event celebrating the impending C++20 release. The event was held in the Prague Crossroads, built in 927 A.D.. The large tables let us have conversations with people we may not have really bumped into during the rest of the meeting. I started talking exceptions with a few of the other people at the table, and one of the had some particularly in depth knowledge about the topic. As it turns out, I was sitting at the same table as James Renwick of Low-cost Deterministic C++ Exceptions for Embedded Systems fame. I ended up talking his ear off over the course of the night.
Thursday in LEWG, we talked about Niall Douglas's "P1028: SG14 status_code and standard error object". This is the class that may one day be thrown by P0709 "Static" exceptions. Coincidentally, the most contentious parts were issues involving ABI. In several of the virtual interfaces in the standard, we've wanted to add things later, but haven't been able to do so.
Friday, James Renwick was able to present his paper, and the room was very receptive of it. One of my concerns going in to the presentation was that the committee would be unwilling to change anything in the standard related to today's exceptions. After the presentation and discussion, I'm less concerned about that. There was definitely a willingness to make some changes... but one of the big challenges is a question of whether we change default behavior in some cases, or change language ABI, even for C.

Other papers

P1385: "High level" Linear Algebra

This one is the "high level" linear algebra paper. There's a different, "lower level" linear algebra paper (P1673) that covers BLAS use cases. P1385 is intended to be something that can sit on top of P1673, if I understand correctly.
For being a math paper, there was surprisingly little math discussion in Library Incubator. We were generally discussing general interface issues like object ownership, concept requirements, and how to spell various operations, particularly inner product and outer product.

P1935: Physical Units

We are still in the philosophy and goals stage of this paper. We got to discuss the finer points of the distinctions between "kilogram" and "1 kilogram"; the difference between a unit, a dimension, and a quantity; and the difference between systems and models.
This paper is challenging in that there is significant prior art, as well as strong opinions about "the right way" to do things. This gets to one of the trickier parts of standards meetings... driving consensus. The interested parties have been requested to (preferably) work together outside of the three meetings a year, or failing that, to write a paper that gives some outline of what a solution should look like.
This paper also has an absurdly awesome / terrifying metaprogramming trick in it. A base class uses a friend declaration to declare (but not define) a function with an auto return type and no trailing return value. The derived class then declares and defines the function (again via friend) and lets the definition of the function determine the auto return type. This lets the base class use decltype to pull type information out of the derived class without explicitly passing that information down in a template argument (sorcery!). The main caveat with this trick is that it only works with exactly one derived class, as otherwise you end up with multiple conflicting definitions of the same function.

Concurrent Queues, P0260 and P1958

It's amazing what a minor paper reorg will do for productivity. This pair of papers used to be a single paper in the San Diego time frame, and we had a difficult time understanding how the pieces worked together. With the paper split as it is now, we have a small, concrete piece to review, which we were then able to see how it fit in to the interfaces and concepts of the larger paper. We got to dig in to some corner case traps with exception safety, move semantics, and race conditions. There were implementers in the room that could say what their implementation did, and I feel that the room was able to give good feedback to the authors.

P1944: constexpr and

Antony Polukhin is secretly my accidental nemesis (well, not so secret anymore). Over the course of C++20, he sprinkled constexpr on many of the things. As it turns out, there is a large (but not 100%) overlap of constexpr and freestanding. Each thing that went constexpr turned into a merge conflict that I got to resolve in my papers.
And he's still at it!
In this case, 100% of the things that were constexpr'd were also things that I have previously identified as being potentially freestanding. So that's a positive. There were concerns about implementability though, as sometimes, the C library and the C++ library come from different vendors, and having forwarding wrappers is far from trivial.

A minute about minuting

For the wg21 readers out there, if you think you are bad at taking minutes, that just means you need more practice :) . If you find yourself in a room that is about to review a paper that you are not heavily invested in, volunteer to take minutes. That way you can make a valuable contribution, even for an area where you don't have domain expertise.
As a bonus, you get to follow the minuter's code (something I just made up) about spelling other people's names. As the person taking minutes, you have license to change up to three letters in someone's name, so long as it isn't used maliciously. You can freely take any double letter in a name and convert it to a single letter (e.g. Connor -> Conor), turn a single letter to a double letter (David -> Davvid), or completely rearrange any consecutive series of vowels. And people will thank you for it! You are also given free license to interrupt people in order to ask them who they are. Give it a try!

Closing

I've got a bunch of papers to write for the next mailing, and I won't even be in Varna. So if you're interested in championing some freestanding papers, let me know, and I can coach you on the topics.
submitted by ben_craig to cpp [link] [comments]

ForexBit Review

Overview:

The name of this broker ForexBit suggests that the broker deals with the exchange of Forex, Cryptos and provides Contracts-for-Difference. The broker does not mention any account types on its website but shows some investment plans. The plans offered show growth in investments on an hourly basis. The website looks attractive but also seems misguiding. This ForexBit review will shed light on the characteristics and offerings of this broker. Don’t forget to follow this review completely for the sake of your investments.

About ForexBit:

The broker ForexBit offers trade-in FX and binary options. The assets provided by them are very broad. The assets consist of cryptos, indexes, lots of commodities, shares, bonds, and futures. The crypto-coin portfolio of this broker is also very wide and contains all major cryptos like Bitcoin, Ethereum, Ripple, Litecoin, Dash, and minor ones like IOTA, ZCash, Ada, NEO, Bitcoin Cash, Stellar Lumens, and several others. The official website claims that potential customers of ForexBit are provided with MetaTrader5 trading platform.
The domain of this broker does not furnish information about its owner or manager. But interestingly it provides a company number on the top side of the website. When clicked on it, it redirects to a pdf file that mentions the owner's name and other details. The name of the owner turns out to be Donald Brian and a UK based address. Not surprisingly enough, such documentation and information must be treated as scam and misleading. No genuine broker has such a witty information system. Furthermore, the Financial Conduct Authority in the UK has blacklisted this shady broker on its website. So, it is clear that the broker ForexBit is unlicensed and unregulated. And its potential clients are prone to scam and their funds are not in the safe hands.
The initial investment required starts from $20 to $2500 according to the plans. The level 1 plan offers a 10% growth in 8 hours with a referral of 5%. The level 2 plan offers a 15% growth in 8 hours with a referral of 5%. The level 3 plan offers a 30% growth in 7 hours with a referral of 7%. And the advance plan offers a 55% growth in investment in just 4 hours with a referral of 8%. But the question of how ForexBit will achieve such high profit in such a less time is unanswered.

Is ForexBit scam or legit?

The answer to this question is straight forward, the broker ForexBit is a scam. The information provided on the website does not fulfill any trading criteria. It only asks for the investments. Furthermore, the great strategy for gaining such a huge profit in very less time is also not mentioned anywhere. The provided information on its owner is as shady as it gets. The referral system present makes it clear that the broker is not genuine and trying to make money merely by trader's investments and their referrals. Stay away from this cryptocurrency scam.
submitted by fraudbrokers to u/fraudbrokers [link] [comments]

Fairlearn - A Python package to assess AI system's fairness

In 2015, Claire Cain Miller wrote on The New York Times that there was a widespread belief that software and algorithms that rely on data were objective. Five years later, we know for sure that AI is not free of human influence. Data is created, stored, and processed by people, machine learning algorithms are written and maintained by people, and AI applications simply reflect people’s attitudes and behavior.
Data scientists know that no longer accuracy is the only concern when developing machine learning models, fairness must be considered as well. In order to make sure that machine learning solutions are fair and the value of their predictions easy to understand and explain, it is essential to build tools that developers and data scientists can use to assess their AI system’s fairness and mitigate any observed unfairness issues.
This article will focus on AI fairness, by explaining the following aspects and tools:
  1. Fairlearn: a tool to assess AI system’s fairness and mitigate any observed unfairness issues
  2. How to use Fairlearn in Azure Machine Learning
  3. What we mean by fairness
  4. Fairlearn algorithms
  5. Fairlearn dashboard
  6. Comparing multiple models
  7. Additional resources and how to contribute

1. Fairlearn: a tool to assess AI system’s fairness and mitigate any observed unfairness issues

Fairlearn is a Python package that empowers developers of artificial intelligence (AI) systems to assess their system’s fairness and mitigate any observed unfairness issues. Fairlearn contains mitigation algorithms as well as a Jupyter widget for model assessment. The Fairlearn package has two components:
There is also a collection of Jupyter notebooks and an a detailed API guide, that you can check to learn how to leverage Fairlearn for your own data science scenario.

2. How to use Fairlearn in Azure Machine Learning

The Fairlearn package can be installed via:
pip install fairlearn
or optionally with a full feature set by adding extras, e.g. pip install fairlearn[customplots], or you can clone the repository locally via:
git clone [email protected]:fairlearn/fairlearn.git
In Azure Machine Learning, there are a few options to use Jupyter notebooks for your experiments:

a) Get Fairlearn samples on your notebook server

If you’d like to bring your own notebook server for local development, follow these steps:
  1. Use the instructions at Azure Machine Learning SDK to install the Azure Machine Learning SDK for Python
  2. Create an Azure Machine Learning workspace.
  3. Write a configuration file
  4. Clone the GitHub repository.
git clone [email protected]:fairlearn/fairlearn.git
  1. Start the notebook server from your cloned directory.
jupyter notebook
For more information, see Install the Azure Machine Learning SDK for Python.
b) Get Fairlearn samples on DSVM
The Data Science Virtual Machine (DSVM) is a customized VM image built specifically for doing data science. If you create a DSVM, the SDK and notebook server are installed and configured for you. However, you’ll still need to create a workspace and clone the sample repository.
  1. Create an Azure Machine Learning workspace.
  2. Clone the GitHub repository.
git clone [email protected]:fairlearn/fairlearn.git
  1. Add a workspace configuration file to the cloned directory using either of these methods:
  1. Start the notebook server from your cloned directory:
jupyter notebook

3. What we mean by fairness

Fighting against unfairness and discrimination has a long history in philosophy and psychology, and recently in machine learning. However, in order to be able to achieve fairness, we should first define the notion of it. An AI system can behave unfairly for a variety of reasons and many different fairness explanations have been used in literature, making this definition even more challenging. In general, fairness definitions fall under three different categories as follows:
In Fairlearn, we define whether an AI system is behaving unfairly in terms of its impact on people – i.e., in terms of harms. We focus on two kinds of harms:
We follow the approach known as group fairness, which asks: Which groups of individuals are at risk of experiencing harm? The relevant groups need to be specified by the data scientist and are application-specific. Group fairness is formalized by a set of constraints, which require that some aspect (or aspects) of the AI system’s behavior be comparable across the groups. The Fairlearn package enables the assessment and mitigation of unfairness under several common definitions.

4. Fairlearn algorithms

Fairlearn contains the following algorithms for mitigating unfairness in binary classification and regression:
https://preview.redd.it/5fzg767oh5051.png?width=898&format=png&auto=webp&s=731eab09b421c2dd3233ea9e184df136bf066739

5. Fairlearn dashboard

Fairlearn dashboard is a Jupyter notebook widget for assessing how a model’s predictions impact different groups (e.g., different ethnicities), and also for comparing multiple models along different fairness and accuracy metrics.
To assess a single model’s fairness and accuracy, the dashboard widget can be launched within a Jupyter notebook as follows:
from fairlearn.widget import FairlearnDashboard
# A_test containts your sensitive features (e.g., age, binary gender)
# sensitive_feature_names containts your sensitive feature names
# y_true contains ground truth labels
# y_pred contains prediction labels
FairlearnDashboard(sensitive_features=A_test,
sensitive_feature_names=['BinaryGender', 'Age'],
y_true=Y_test.tolist(),
y_pred=[y_pred.tolist()])
After the launch, the widget walks the user through the assessment set-up, where the user is asked to select:
  1. the sensitive feature of interest (e.g., binary gender or age)
  2. the accuracy metric (e.g., model precision) along which to evaluate the overall model performance as well as any disparities across groups.
These selections are then used to obtain the visualization of the model’s impact on the subgroups (e.g., model precision for females and model precision for males). The following figures illustrate the set-up steps, where binary gender is selected as a sensitive feature and the accuracy rate is selected as the accuracy metric:
After the set-up, the dashboard presents the model assessment in two panels, as summarized in the table, and visualized in the screenshot below:
https://preview.redd.it/juxlrmrkh5051.png?width=900&format=png&auto=webp&s=d92da30619369f5ab5109834ff7ff4ec3ad7f33d

6. Comparing multiple models

An additional feature that this dashboard offers is the comparison of multiple models, such as the models produced by different learning algorithms and different mitigation approaches, including:
As before, the user is first asked to select the sensitive feature and the accuracy metric. The model comparison view then depicts the accuracy and disparity of all the provided models in a scatter plot. This allows the user to examine trade-offs between algorithm accuracy and fairness. Moreover, each of the dots can be clicked to open the assessment of the corresponding model.
The figure below shows the model comparison view with binary gender selected as a sensitive feature and accuracy rate selected as the accuracy metric.

7. Additional resources and how to contribute

For references and additional resources, please refer to:
To contribute please check this contributing guide.
submitted by frlazzeri to deeplearning [link] [comments]

Fairlearn - A Python package to assess AI system's fairness

Fairlearn - A Python package to assess AI system's fairness
In 2015, Claire Cain Miller wrote on The New York Times that there was a widespread belief that software and algorithms that rely on data were objective. Five years later, we know for sure that AI is not free of human influence. Data is created, stored, and processed by people, machine learning algorithms are written and maintained by people, and AI applications simply reflect people’s attitudes and behavior.
Data scientists know that no longer accuracy is the only concern when developing machine learning models, fairness must be considered as well. In order to make sure that machine learning solutions are fair and the value of their predictions easy to understand and explain, it is essential to build tools that developers and data scientists can use to assess their AI system’s fairness and mitigate any observed unfairness issues.
This article will focus on AI fairness, by explaining the following aspects and tools:
  1. Fairlearn: a tool to assess AI system’s fairness and mitigate any observed unfairness issues
  2. How to use Fairlearn in Azure Machine Learning
  3. What we mean by fairness
  4. Fairlearn algorithms
  5. Fairlearn dashboard
  6. Comparing multiple models
  7. Additional resources and how to contribute

1. Fairlearn: a tool to assess AI system’s fairness and mitigate any observed unfairness issues

Fairlearn is a Python package that empowers developers of artificial intelligence (AI) systems to assess their system’s fairness and mitigate any observed unfairness issues. Fairlearn contains mitigation algorithms as well as a Jupyter widget for model assessment. The Fairlearn package has two components:
  • A dashboard for assessing which groups are negatively impacted by a model, and for comparing multiple models in terms of various fairness and accuracy metrics.
  • Algorithms for mitigating unfairness in a variety of AI tasks and along a variety of fairness definitions.
There is also a collection of Jupyter notebooks and an a detailed API guide, that you can check to learn how to leverage Fairlearn for your own data science scenario.

2. How to use Fairlearn in Azure Machine Learning

The Fairlearn package can be installed via:
pip install fairlearn
or optionally with a full feature set by adding extras, e.g. pip install fairlearn[customplots], or you can clone the repository locally via:
git clone [email protected]:fairlearn/fairlearn.git
In Azure Machine Learning, there are a few options to use Jupyter notebooks for your experiments:

a) Get Fairlearn samples on your notebook server

If you’d like to bring your own notebook server for local development, follow these steps:
  1. Use the instructions at Azure Machine Learning SDK to install the Azure Machine Learning SDK for Python
  2. Create an Azure Machine Learning workspace.
  3. Write a configuration file
  4. Clone the GitHub repository.
git clone [email protected]:fairlearn/fairlearn.git
  1. Start the notebook server from your cloned directory.
jupyter notebook
For more information, see Install the Azure Machine Learning SDK for Python.
b) Get Fairlearn samples on DSVM
The Data Science Virtual Machine (DSVM) is a customized VM image built specifically for doing data science. If you create a DSVM, the SDK and notebook server are installed and configured for you. However, you’ll still need to create a workspace and clone the sample repository.
  1. Create an Azure Machine Learning workspace.
  2. Clone the GitHub repository.
git clone [email protected]:fairlearn/fairlearn.git
  1. Add a workspace configuration file to the cloned directory using either of these methods:
  • In the Azure portal, select Download config.json from the Overview section of your workspace.
  • Create a new workspace using code in the configuration.ipynb notebook in your cloned directory
  1. Start the notebook server from your cloned directory:
jupyter notebook

3. What we mean by fairness

Fighting against unfairness and discrimination has a long history in philosophy and psychology, and recently in machine learning. However, in order to be able to achieve fairness, we should first define the notion of it. An AI system can behave unfairly for a variety of reasons and many different fairness explanations have been used in literature, making this definition even more challenging. In general, fairness definitions fall under three different categories as follows:
  • Individual Fairness – Give similar predictions to similar individuals.
  • Group Fairness – Treat different groups equally.
  • Subgroup Fairness – Subgroup fairness intends to obtain the best properties of the group and individual notions of fairness.
In Fairlearn, we define whether an AI system is behaving unfairly in terms of its impact on people – i.e., in terms of harms. We focus on two kinds of harms:
  • Allocation harms. These harms can occur when AI systems extend or withhold opportunities, resources, or information. Some of the key applications are in hiring, school admissions, and lending.
  • Quality-of-service harms. Quality of service refers to whether a system works as well for one person as it does for another, even if no opportunities, resources, or information are extended or withheld.
We follow the approach known as group fairness, which asks: Which groups of individuals are at risk of experiencing harm? The relevant groups need to be specified by the data scientist and are application-specific. Group fairness is formalized by a set of constraints, which require that some aspect (or aspects) of the AI system’s behavior be comparable across the groups. The Fairlearn package enables the assessment and mitigation of unfairness under several common definitions.

4. Fairlearn algorithms

Fairlearn contains the following algorithms for mitigating unfairness in binary classification and regression:
https://preview.redd.it/2inmvd6g75051.png?width=899&format=png&auto=webp&s=3386410974a9e3640ef8ef8a409a2f19f989330a

5. Fairlearn dashboard

Fairlearn dashboard is a Jupyter notebook widget for assessing how a model’s predictions impact different groups (e.g., different ethnicities), and also for comparing multiple models along different fairness and accuracy metrics.
To assess a single model’s fairness and accuracy, the dashboard widget can be launched within a Jupyter notebook as follows:
from fairlearn.widget import FairlearnDashboard
# A_test containts your sensitive features (e.g., age, binary gender)
# sensitive_feature_names containts your sensitive feature names
# y_true contains ground truth labels
# y_pred contains prediction labels
FairlearnDashboard(sensitive_features=A_test,
sensitive_feature_names=['BinaryGender', 'Age'],
y_true=Y_test.tolist(),
y_pred=[y_pred.tolist()])
After the launch, the widget walks the user through the assessment set-up, where the user is asked to select:
  1. the sensitive feature of interest (e.g., binary gender or age)
  2. the accuracy metric (e.g., model precision) along which to evaluate the overall model performance as well as any disparities across groups.
These selections are then used to obtain the visualization of the model’s impact on the subgroups (e.g., model precision for females and model precision for males). The following figures illustrate the set-up steps, where binary gender is selected as a sensitive feature and the accuracy rate is selected as the accuracy metric:
After the set-up, the dashboard presents the model assessment in two panels, as summarized in the table, and visualized in the screenshot below:

https://preview.redd.it/enskhh7i75051.png?width=900&format=png&auto=webp&s=db98cb058029655757df1946e42bca4831170451

6. Comparing multiple models

An additional feature that this dashboard offers is the comparison of multiple models, such as the models produced by different learning algorithms and different mitigation approaches, including:
  • fairlearn.reductions.GridSearch
  • fairlearn.reductions.ExponentiatedGradient
  • fairlearn.postprocessing.ThresholdOptimizer
As before, the user is first asked to select the sensitive feature and the accuracy metric. The model comparison view then depicts the accuracy and disparity of all the provided models in a scatter plot. This allows the user to examine trade-offs between algorithm accuracy and fairness. Moreover, each of the dots can be clicked to open the assessment of the corresponding model.
The figure below shows the model comparison view with binary gender selected as a sensitive feature and accuracy rate selected as the accuracy metric.

7. Additional resources and how to contribute

For references and additional resources, please refer to:
To contribute please check this contributing guide.
submitted by frlazzeri to learnmachinelearning [link] [comments]

Vault 7 - CIA Hacking Tools Revealed

Vault 7 - CIA Hacking Tools Revealed
March 07, 2017
from Wikileaks Website


https://preview.redd.it/9ufj63xnfdb41.jpg?width=500&format=pjpg&auto=webp&s=46bbc937f4f060bad1eaac3e0dce732e3d8346ee

Press Release
Today, Tuesday 7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency.
Code-named "Vault 7" by WikiLeaks, it is the largest ever publication of confidential documents on the agency.
The first full part of the series, "Year Zero", comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence (below image) in Langley, Virgina.
It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.
Recently, the CIA lost control of the majority of its hacking arsenal including,
  1. malware
  2. viruses
  3. trojans
  4. weaponized "zero day" exploits
  5. malware remote control systems

...and associated documentation.
This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA.
The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.
"Year Zero" introduces the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of "zero day" weaponized exploits against a wide range of U.S. and European company products, include,

  1. Apple's iPhone
  2. Google's Android
  3. Microsoft's Windows
  4. Samsung TVs,

...which are turned into covert microphones.
Since 2001 the CIA has gained political and budgetary preeminence over the U.S. National Security Agency (NSA).
The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force - its own substantial fleet of hackers.
The agency's hacking division freed it from having to disclose its often controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA's hacking capacities.
By the end of 2016, the CIA's hacking division, which formally falls under the agency's Center for Cyber Intelligence (CCI - below image), had over 5000 registered users and had produced more than a thousand,
hacking systems trojans viruses,
...and other "weaponized" malware.


https://preview.redd.it/3jsojkqxfdb41.jpg?width=366&format=pjpg&auto=webp&s=e92eafbb113ab3e972045cc242dde0f0dd511e96

Such is the scale of the CIA's undertaking that by 2016, its hackers had utilized more codes than those used to run Facebook.
The CIA had created, in effect, its "own NSA" with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.
In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA's hacking capabilities exceed its mandated powers and the problem of public oversight of the agency.
The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.
Once a single cyber 'weapon' is 'loose' it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.

Julian Assange, WikiLeaks editor stated that,
"There is an extreme proliferation risk in the development of cyber 'weapons'.
Comparisons can be drawn between the uncontrolled proliferation of such 'weapons', which results from the inability to contain them combined with their high market value, and the global arms trade.
But the significance of 'Year Zero' goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective."

Wikileaks has carefully reviewed the "Year Zero" disclosure and published substantive CIA documentation while avoiding the distribution of 'armed' cyberweapons until a consensus emerges on the technical and political nature of the CIA's program and how such 'weapons' should analyzed, disarmed and published.

Wikileaks has also decided to Redact (see far below) and Anonymize some identifying information in "Year Zero" for in depth analysis. These redactions include ten of thousands of CIA targets and attack machines throughout,
Latin America Europe the United States

While we are aware of the imperfect results of any approach chosen, we remain committed to our publishing model and note that the quantity of published pages in "Vault 7" part one ("Year Zero") already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.

Analysis

CIA malware targets iPhone, Android, smart TVs
CIA malware and hacking tools are built by EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence), a department belonging to the CIA's DDI (Directorate for Digital Innovation).
The DDI is one of the five major directorates of the CIA (see above image of the CIA for more details).
The EDG is responsible for the development, testing and operational support of all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations world-wide.
The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell's 1984, but "Weeping Angel", developed by the CIA's Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization.
The attack against Samsung smart TVs was developed in cooperation with the United Kingdom's MI5/BTSS.
After infestation, Weeping Angel places the target TV in a 'Fake-Off' mode, so that the owner falsely believes the TV is off when it is on. In 'Fake-Off' mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.
As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.
The CIA's Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones. Infected phones can be instructed to send the CIA the user's geolocation, audio and text communications as well as covertly activate the phone's camera and microphone.
Despite iPhone's minority share (14.5%) of the global smart phone market in 2016, a specialized unit in the CIA's Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads.
CIA's arsenal includes numerous local and remote "zero days" developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop.
The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.
A similar unit targets Google's Android which is used to run the majority of the world's smart phones (~85%) including Samsung, HTC and Sony. 1.15 billion Android powered phones were sold last year.
"Year Zero" shows that as of 2016 the CIA had 24 "weaponized" Android "zero days" which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors.
These techniques permit the CIA to bypass the encryption of, WhatsApp
  1. Signal
  2. Telegram
  3. Wiebo
  4. Confide
  5. Cloackman
...by hacking the "smart" phones that they run on and collecting audio and message traffic before encryption is applied.
CIA malware targets Windows, OSx, Linux, routers
The CIA also runs a very substantial effort to infect and control Microsoft Windows users with its malware.
This includes multiple local and remote weaponized "zero days", air gap jumping viruses such as "Hammer Drill" which infects software distributed on CD/DVDs, infectors for removable media such as USBs, systems to hide data in images or in covert disk areas ("Brutal Kangaroo") and to keep its malware infestations going.
Many of these infection efforts are pulled together by the CIA's Automated Implant Branch (AIB), which has developed several attack systems for automated infestation and control of CIA malware, such as "Assassin" and "Medusa".
Attacks against Internet infrastructure and webservers are developed by the CIA's Network Devices Branch (NDB).
The CIA has developed automated multi-platform malware attack and control systems covering Windows, Mac OS X, Solaris, Linux and more, such as EDB's "HIVE" and the related "Cutthroat" and "Swindle" tools, which are described in the examples section far below.
CIA 'hoarded' vulnerabilities ("zero days")
In the wake of Edward Snowden's leaks about the NSA, the U.S. technology industry secured a commitment from the Obama administration that the executive would disclose on an ongoing basis - rather than hoard - serious vulnerabilities, exploits, bugs or "zero days" to Apple, Google, Microsoft, and other US-based manufacturers.
Serious vulnerabilities not disclosed to the manufacturers places huge swathes of the population and critical infrastructure at risk to foreign intelligence or cyber criminals who independently discover or hear rumors of the vulnerability.
If the CIA can discover such vulnerabilities so can others.
The U.S. government's commitment to the Vulnerabilities Equities Process came after significant lobbying by US technology companies, who risk losing their share of the global market over real and perceived hidden vulnerabilities.
The government stated that it would disclose all pervasive vulnerabilities discovered after 2010 on an ongoing basis.
"Year Zero" documents show that the CIA breached the Obama administration's commitments. Many of the vulnerabilities used in the CIA's cyber arsenal are pervasive and some may already have been found by rival intelligence agencies or cyber criminals.
As an example, specific CIA malware revealed in "Year Zero" is able to penetrate, infest and control both the Android phone and iPhone software that runs or has run presidential Twitter accounts.
The CIA attacks this software by using undisclosed security vulnerabilities ("zero days") possessed by the CIA but if the CIA can hack these phones then so can everyone else who has obtained or discovered the vulnerability.
As long as the CIA keeps these vulnerabilities concealed from Apple and Google (who make the phones) they will not be fixed, and the phones will remain hackable.
The same vulnerabilities exist for the population at large, including the U.S. Cabinet, Congress, top CEOs, system administrators, security officers and engineers.
By hiding these security flaws from manufacturers like Apple and Google the CIA ensures that it can hack everyone at the expense of leaving everyone hackable.
'Cyberwar' programs are a serious proliferation risk
Cyber 'weapons' are not possible to keep under effective control.
While nuclear proliferation has been restrained by the enormous costs and visible infrastructure involved in assembling enough fissile material to produce a critical nuclear mass, cyber 'weapons', once developed, are very hard to retain.
Cyber 'weapons' are in fact just computer programs which can be pirated like any other. Since they are entirely comprised of information they can be copied quickly with no marginal cost.
Securing such 'weapons' is particularly difficult since the same people who develop and use them have the skills to exfiltrate copies without leaving traces - sometimes by using the very same 'weapons' against the organizations that contain them.
There are substantial price incentives for government hackers and consultants to obtain copies since there is a global "vulnerability market" that will pay hundreds of thousands to millions of dollars for copies of such 'weapons'.
Similarly, contractors and companies who obtain such 'weapons' sometimes use them for their own purposes, obtaining advantage over their competitors in selling 'hacking' services.
Over the last three years the United States intelligence sector, which consists of government agencies such as the CIA and NSA and their contractors, such as Booz Allan Hamilton, has been subject to unprecedented series of data exfiltrations by its own workers.
A number of intelligence community members not yet publicly named have been arrested or subject to federal criminal investigations in separate incidents.
Most visibly, on February 8, 2017 a U.S. federal grand jury indicted Harold T. Martin III with 20 counts of mishandling classified information.
The Department of Justice alleged that it seized some 50,000 gigabytes of information from Harold T. Martin III that he had obtained from classified programs at NSA and CIA, including the source code for numerous hacking tools.
Once a single cyber 'weapon' is 'loose' it can spread around the world in seconds, to be used by peer states, cyber mafia and teenage hackers alike.
U.S. Consulate in Frankfurt is a covert CIA hacker base
In addition to its operations in Langley, Virginia the CIA also uses the U.S. consulate in Frankfurt as a covert base for its hackers covering Europe, the Middle East and Africa.
CIA hackers operating out of the Frankfurt consulate ("Center for Cyber Intelligence Europe" or CCIE) are given diplomatic ("black") passports and State Department cover.
The instructions for incoming CIA hackers make Germany's counter-intelligence efforts appear inconsequential: "Breeze through German Customs because you have your cover-for-action story down pat, and all they did was stamp your passport" Your Cover Story (for this trip) Q: Why are you here? A: Supporting technical consultations at the Consulate. Two earlier WikiLeaks publications give further detail on CIA approaches to customs and secondary screening procedures.
Once in Frankfurt CIA hackers can travel without further border checks to the 25 European countries that are part of the Shengen open border area - including France, Italy and Switzerland.
A number of the CIA's electronic attack methods are designed for physical proximity.
These attack methods are able to penetrate high security networks that are disconnected from the internet, such as police record database. In these cases, a CIA officer, agent or allied intelligence officer acting under instructions, physically infiltrates the targeted workplace.
The attacker is provided with a USB containing malware developed for the CIA for this purpose, which is inserted into the targeted computer. The attacker then infects and exfiltrates data to removable media.
For example, the CIA attack system Fine Dining, provides 24 decoy applications for CIA spies to use.
To witnesses, the spy appears to be running a program showing videos (e.g VLC), presenting slides (Prezi), playing a computer game (Breakout2, 2048) or even running a fake virus scanner (Kaspersky, McAfee, Sophos).
But while the decoy application is on the screen, the underlying system is automatically infected and ransacked.
How the CIA dramatically increased proliferation risks
In what is surely one of the most astounding intelligence own goals in living memory, the CIA structured its classification regime such that for the most market valuable part of "Vault 7", the CIA's, weaponized malware (implants + zero days) Listening Posts (LP) Command and Control (C2) systems, ...the agency has little legal recourse.
The CIA made these systems unclassified.
Why the CIA chose to make its cyber-arsenal unclassified reveals how concepts developed for military use do not easily crossover to the 'battlefield' of cyber 'war'.
To attack its targets, the CIA usually requires that its implants communicate with their control programs over the internet.
If CIA implants, Command & Control and Listening Post software were classified, then CIA officers could be prosecuted or dismissed for violating rules that prohibit placing classified information onto the Internet.
Consequently the CIA has secretly made most of its cyber spying/war code unclassified. The U.S. government is not able to assert copyright either, due to restrictions in the U.S. Constitution.
This means that cyber 'arms' manufactures and computer hackers can freely "pirate" these 'weapons' if they are obtained. The CIA has primarily had to rely on obfuscation to protect its malware secrets.
Conventional weapons such as missiles may be fired at the enemy (i.e. into an unsecured area). Proximity to or impact with the target detonates the ordnance including its classified parts. Hence military personnel do not violate classification rules by firing ordnance with classified parts.
Ordnance will likely explode. If it does not, that is not the operator's intent.
Over the last decade U.S. hacking operations have been increasingly dressed up in military jargon to tap into Department of Defense funding streams.
For instance, attempted "malware injections" (commercial jargon) or "implant drops" (NSA jargon) are being called "fires" as if a weapon was being fired.
However the analogy is questionable.
Unlike bullets, bombs or missiles, most CIA malware is designed to live for days or even years after it has reached its 'target'. CIA malware does not "explode on impact" but rather permanently infests its target. In order to infect target's device, copies of the malware must be placed on the target's devices, giving physical possession of the malware to the target.
To exfiltrate data back to the CIA or to await further instructions the malware must communicate with CIA Command & Control (C2) systems placed on internet connected servers.
But such servers are typically not approved to hold classified information, so CIA command and control systems are also made unclassified.
A successful 'attack' on a target's computer system is more like a series of complex stock maneuvers in a hostile take-over bid or the careful planting of rumors in order to gain control over an organization's leadership rather than the firing of a weapons system.
If there is a military analogy to be made, the infestation of a target is perhaps akin to the execution of a whole series of military maneuvers against the target's territory including observation, infiltration, occupation and exploitation.
Evading forensics and anti-virus
A series of standards lay out CIA malware infestation patterns which are likely to assist forensic crime scene investigators as well as, Apple
  1. Microsoft
  2. Google
  3. Samsung
  4. Nokia
  5. Blackberry
  6. Siemens
  7. anti-virus companies,
...attribute and defend against attacks.
"Tradecraft DO's and DON'Ts" contains CIA rules on how its malware should be written to avoid fingerprints implicating the "CIA, US government, or its witting partner companies" in "forensic review".
Similar secret standards cover the, use of encryption to hide CIA hacker and malware communication (pdf) describing targets & exfiltrated data (pdf) executing payloads (pdf) persisting (pdf), ...in the target's machines over time.
CIA hackers developed successful attacks against most well known anti-virus programs.
These are documented in, AV defeats Personal Security Products Detecting and defeating PSPs PSP/DebuggeRE Avoidance For example, Comodo was defeated by CIA malware placing itself in the Window's "Recycle Bin". While Comodo 6.x has a "Gaping Hole of DOOM".
CIA hackers discussed what the NSA's "Equation Group" hackers did wrong and how the CIA's malware makers could avoid similar exposure.

Examples

The CIA's Engineering Development Group (EDG) management system contains around 500 different projects (only some of which are documented by "Year Zero") each with their own sub-projects, malware and hacker tools.
The majority of these projects relate to tools that are used for,
penetration infestation ("implanting") control exfiltration
Another branch of development focuses on the development and operation of Listening Posts (LP) and Command and Control (C2) systems used to communicate with and control CIA implants.
Special projects are used to target specific hardware from routers to smart TVs.
Some example projects are described below, but see the table of contents for the full list of projects described by WikiLeaks' "Year Zero".
UMBRAGE
The CIA's hand crafted hacking techniques pose a problem for the agency.
Each technique it has created forms a "fingerprint" that can be used by forensic investigators to attribute multiple different attacks to the same entity.
This is analogous to finding the same distinctive knife wound on multiple separate murder victims. The unique wounding style creates suspicion that a single murderer is responsible.
As soon one murder in the set is solved then the other murders also find likely attribution.
The CIA's Remote Devices Branch's UMBRAGE group collects and maintains a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation.
With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the "fingerprints" of the groups that the attack techniques were stolen from.
UMBRAGE components cover,
keyloggers
  1. password collection
  2. webcam capture
  3. data destruction
  4. persistence
  5. privilege escalation
  6. stealth
  7. anti-virus (PSP) avoidance
  8. survey techniques

Fine Dining
Fine Dining comes with a standardized questionnaire i.e menu that CIA case officers fill out.
The questionnaire is used by the agency's OSB (Operational Support Branch) to transform the requests of case officers into technical requirements for hacking attacks (typically "exfiltrating" information from computer systems) for specific operations.
The questionnaire allows the OSB to identify how to adapt existing tools for the operation, and communicate this to CIA malware configuration staff.
The OSB functions as the interface between CIA operational staff and the relevant technical support staff.
Among the list of possible targets of the collection are,
  • 'Asset'
  • 'Liason Asset'
  • 'System Administrator'
  • 'Foreign Information Operations'
  • 'Foreign Intelligence Agencies'
  • 'Foreign Government Entities'
Notably absent is any reference to extremists or transnational criminals. The 'Case Officer' is also asked to specify the environment of the target like the type of computer, operating system used, Internet connectivity and installed anti-virus utilities (PSPs) as well as a list of file types to be exfiltrated like Office documents, audio, video, images or custom file types.
The 'menu' also asks for information if recurring access to the target is possible and how long unobserved access to the computer can be maintained.
This information is used by the CIA's 'JQJIMPROVISE' software (see below) to configure a set of CIA malware suited to the specific needs of an operation.
Improvise (JQJIMPROVISE)
  1. 'Improvise' is a toolset for configuration, post-processing, payload setup and execution vector
  2. selection for survey/exfiltration tools supporting all major operating systems like,
  3. Windows (Bartender)
  4. MacOS (JukeBox)
  5. Linux (DanceFloor)
  6. Its configuration utilities like Margarita allows the NOC (Network Operation Center) to customize tools
based on requirements from 'Fine Dining' questionnaires.
HIVE
HIVE is a multi-platform CIA malware suite and its associated control software.
The project provides customizable implants for Windows, Solaris, MikroTik (used in internet routers) and Linux platforms and a Listening Post (LP)/Command and Control (C2) infrastructure to communicate with these implants.
The implants are configured to communicate via HTTPS with the webserver of a cover domain; each operation utilizing these implants has a separate cover domain and the infrastructure can handle any number of cover domains.
Each cover domain resolves to an IP address that is located at a commercial VPS (Virtual Private Server) provider.
The public-facing server forwards all incoming traffic via a VPN to a 'Blot' server that handles actual connection requests from clients.
It is setup for optional SSL client authentication: if a client sends a valid client certificate (only implants can do that), the connection is forwarded to the 'Honeycomb' toolserver that communicates with the implant.
If a valid certificate is missing (which is the case if someone tries to open the cover domain website by accident), the traffic is forwarded to a cover server that delivers an unsuspicious looking website.
The Honeycomb toolserver receives exfiltrated information from the implant; an operator can also task the implant to execute jobs on the target computer, so the toolserver acts as a C2 (command and control) server for the implant.
Similar functionality (though limited to Windows) is provided by the RickBobby project.
See the classified user and developer guides for HIVE.

Frequently Asked Questions

Why now?
WikiLeaks published as soon as its verification and analysis were ready. In February the Trump administration has issued an Executive Order calling for a "Cyberwar" review to be prepared within 30 days.
While the review increases the timeliness and relevance of the publication it did not play a role in setting the publication date.
Redactions
Names, email addresses and external IP addresses have been redacted in the released pages (70,875 redactions in total) until further analysis is complete. Over-redaction: Some items may have been redacted that are not employees, contractors, targets or otherwise related to the agency, but are, for example, authors of documentation for otherwise public projects that are used by the agency.
Identity vs. person: the redacted names are replaced by user IDs (numbers) to allow readers to assign multiple pages to a single author. Given the redaction process used a single person may be represented by more than one assigned identifier but no identifier refers to more than one real person.
Archive attachments (zip, tar.gz, ...), are replaced with a PDF listing all the file names in the archive. As the archive content is assessed it may be made available; until then the archive is redacted.
Attachments with other binary content, are replaced by a hex dump of the content to prevent accidental invocation of binaries that may have been infected with weaponized CIA malware. As the content is assessed it may be made available; until then the content is redacted.
Tens of thousands of routable IP addresses references, (including more than 22 thousand within the United States) that correspond to possible targets, CIA covert listening post servers, intermediary and test systems, are redacted for further exclusive investigation.
Binary files of non-public origin, are only available as dumps to prevent accidental invocation of CIA malware infected binaries.
Organizational Chart
The organizational chart (far above image) corresponds to the material published by WikiLeaks so far.
Since the organizational structure of the CIA below the level of Directorates is not public, the placement of the EDG and its branches within the org chart of the agency is reconstructed from information contained in the documents released so far.
It is intended to be used as a rough outline of the internal organization; please be aware that the reconstructed org chart is incomplete and that internal reorganizations occur frequently.
Wiki pages
"Year Zero" contains 7818 web pages with 943 attachments from the internal development groupware. The software used for this purpose is called Confluence, a proprietary software from Atlassian.
Webpages in this system (like in Wikipedia) have a version history that can provide interesting insights on how a document evolved over time; the 7818 documents include these page histories for 1136 latest versions.
The order of named pages within each level is determined by date (oldest first). Page content is not present if it was originally dynamically created by the Confluence software (as indicated on the re-constructed page).
What time period is covered?
The years 2013 to 2016. The sort order of the pages within each level is determined by date (oldest first).
WikiLeaks has obtained the CIA's creation/last modification date for each page but these do not yet appear for technical reasons. Usually the date can be discerned or approximated from the content and the page order.
If it is critical to know the exact time/date contact WikiLeaks.
What is "Vault 7"
"Vault 7" is a substantial collection of material about CIA activities obtained by WikiLeaks.
When was each part of "Vault 7" obtained?
Part one was obtained recently and covers through 2016. Details on the other parts will be available at the time of publication.
Is each part of "Vault 7" from a different source?
Details on the other parts will be available at the time of publication.
What is the total size of "Vault 7"?
The series is the largest intelligence publication in history.
How did WikiLeaks obtain each part of "Vault 7"?
Sources trust WikiLeaks to not reveal information that might help identify them.
Isn't WikiLeaks worried that the CIA will act against its staff to stop the series?
No. That would be certainly counter-productive.
Has WikiLeaks already 'mined' all the best stories?
No. WikiLeaks has intentionally not written up hundreds of impactful stories to encourage others to find them and so create expertise in the area for subsequent parts in the series. They're there.
Look. Those who demonstrate journalistic excellence may be considered for early access to future parts.
Won't other journalists find all the best stories before me?
Unlikely. There are very considerably more stories than there are journalists or academics who are in a position to write them.
submitted by CuteBananaMuffin to conspiracy [link] [comments]

Part 2: Tools & Info for Sysadmins - Mega List of Tips, Tools, Books, Blogs & More

(continued from part 1)
Unlocker is a tool to help delete those irritating locked files that give you an error message like "cannot delete file" or "access is denied." It helps with killing processes, unloading DLLs, deleting index.dat files, as well as unlocking, deleting, renaming, and moving locked files—typically without requiring a reboot.
IIS Crypto's newest version adds advanced settings; registry backup; new, simpler templates; support for Windows Server 2019 and more. This tool lets you enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows and reorder SSL/TLS cipher suites from IIS, change advanced settings, implement best practices with a single click, create custom templates and test your website. Available in both command line and GUI versions.
RocketDock is an application launcher with a clean interface that lets you drag/drop shortcuts for easy access and minimize windows to the dock. Features running application indicators, multi-monitor support, alpha-blended PNG and ICO icons, auto-hide and popup on mouse over, positioning and layering options. Fully customizable, portable, and compatible with MobyDock, ObjectDock, RK Launcher and Y'z Dock skins. Works even on slower computers and is Unicode compliant. Suggested by lieutenantcigarette: "If you like the dock on MacOS but prefer to use Windows, RocketDock has you covered. A superb and highly customisable dock that you can add your favourites to for easy and elegant access."
Baby FTP Server offers only the basics, but with the power to serve as a foundation for a more-complex server. Features include multi-threading, a real-time server log, support for PASV and non-PASV mode, ability to set permissions for download/upload/rename/delete/create directory. Only allows anonymous connections. Our thanks to FatherPrax for suggesting this one.
Strace is a Linux diagnostic, debugging and instructional userspace tool with a traditional command-line interface. Uses the ptrace kernel feature to monitor and tamper with interactions between processes and the kernel, including system calls, signal deliveries and changes of process state.
exa is a small, fast replacement for ls with more features and better defaults. It uses colors to distinguish file types and metadata, and it recognizes symlinks, extended attributes and Git. All in one single binary. phils_lab describes it as "'ls' on steroids, written in Rust."
rsync is a faster file transfer program for Unix to bring remote files into sync. It sends just the differences in the files across the link, without requiring both sets of files to be present at one of the ends. Suggested by zorinlynx, who adds that "rsync is GODLY for moving data around efficiently. And if an rsync is interrupted, just run it again."
Matter Wiki is a simple WYSIWYG wiki that can help teams store and collaborate. Every article gets filed under a topic, transparently, so you can tell who made what changes to which document and when. Thanks to bciar-iwdc for the recommendation.
LockHunter is a file unlocking tool that enables you to delete files that are being blocked for unknown reasons. Can be useful for fighting malware and other programs that are causing trouble. Deletes files into the recycle bin so you can restore them if necessary. Chucky2401 finds it preferable to Unlocker, "since I am on Windows 7. There are no new updates since July 2017, but the last beta was in June of this year."
aria2 is a lightweight multi-source command-line download utility that supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink. It can be manipulated via built-in JSON-RPC and XML-RPC interfaces. Recommended by jftuga, who appreciates it as a "cross-platform command line downloader (similar to wget or curl), but with the -x option can run a segmented download of a single file to increase throughput."
Free Services
Temp-Mail allows you to receive email at a temporary address that self-destructs after a certain period of time. Outwit all the forums, Wi-Fi owners, websites and blogs that insist you register to use them. Petti-The-Yeti says, "I don't give any company my direct email anymore. If I want to trial something but they ask for an email signup, I just grab a temporary email from here, sign up with it, and wait for the trial link or license info to come through. Then, you just download the file and close the website."
Duck DNS will point a DNS (sub domains of duckdns.org) to an IP of your choice. DDNS is a handy way for you to refer to a serverouter with an easily rememberable name for situations when the server's ip address will likely change. Suggested by xgnarf, who finds it "so much better for the free tier of noip—no 30-day nag to keep your host up."
Joe Sandbox detects and analyzes potential malicious files and URLs on Windows, Android, Mac OS, Linux and iOS for suspicious activities. It performs deep malware analysis and generates comprehensive and detailed reports. The Community Edition of Joe Sandbox Cloud allows you to run a maximum of 6 analyses per month, 3 per day on Windows, Linux and Android with limited analysis output. This one is from dangibbons94, who wanted to "share this cool service ... for malware analysis. I usually use Virus total for URL scanning, but this goes a lot more in depth. I just used basic analysis, which is free and enough for my needs."
Hybrid Analysis is a malware analysis service that detects and analyzes unknown threats for the community. This one was suggested by compupheonix, who adds that it "gets you super detailed reports... it's about the most fleshed out and detailed one I can find."
JustBeamIt is a file-transfer service that allows you to send files of any size via a peer-to-peer streaming model. Simply drag and drop your file and specify the recipient's email address. They will then receive a link that will trigger the download directly from your computer, so the file does not have to be uploaded to the service itself. The link is good for one download and expires after 10 minutes. Thanks to cooljacob204sfw for the recommendation!
ShieldsUP is a quick but powerful internet security checkup and information service. It was created by security researcher Steve Gibson to scan ports and let you know which ones have been opened through your firewalls or NAT routers.
Firefox Send is an encrypted file transfer service that allows you to share files up to 2.5GB from any browser or an Android app. Uses end-to-end encryption to keep data secure and offers security controls you can set. You can determine when your file link expires, the number of downloads, and whether to add a password. Your recipient receives a link to download the file, and they don’t need a Firefox account. This one comes from DePingus, who appreciates the focus on privacy. "They have E2E, expiring links, and a clear privacy policy."
Free DNS is a service where programmers share domain names with one another at no cost. Offers free hosting as well as dynamic DNS, static DNS, subdomain and domain hosting. They can host your domain's DNS as well as allowing you to register hostnames from domains they're hosting already. If you don't have a domain, you can sign up for a free account and create up to 5 subdomains off the domains others have contributed and point these hosts anywhere on the Internet. Thanks to 0x000000000000004C (yes, that's a username) for the suggestion!
ANY.RUN is an interactive malware analysis service for dynamic and static research of the majority of threats in any environment. It can provide a convenient in-depth analysis of new, unidentified malicious objects and help with the investigation of incidents. ImAshtonTurner appreciates it as "a great sandbox tool for viewing malware, etc."
Plik is a scalable, temporary file upload system similar to wetransfer that is written in golang. Thanks go to I_eat_Narwhals for this one!
Free My IP offers free, dynamic DNS. This service comes with no login, no ads, no newsletters, no links to click and no hassle. Kindly suggested by Jack of All Trades.
Mailinator provides free, temporary email inboxes on a receive-only, attachment-free system that requires no sign-up. All @mailinator.com addresses are public, readable and discoverable by anyone at any time—but are automatically deleted after a few hours. Can be a nice option for times when you to give out an address that won't be accessible longterm. Recommended by nachomountain, who's been using it "for years."
Magic Wormhole is a service for sending files directly with no intermediate upload, no web interface and no login. When both parties are online you with the minimal software installed, the wormhole is invoked via command line identifying the file you want to send. The server then provides a speakable, one-time-use password that you give the recipient. When they enter that password in their wormhole console, key exchange occurs and the download begins directly between your computers. rjohnson99 explains, "Magic Wormhole is sort of like JustBeamIt but is open-source and is built on Python. I use it a lot on Linux servers."
EveryCloud's Free Phish is our own, new Phishing Simulator. Once you've filled in the form and logged in, you can choose from lots of email templates (many of which we've coped from what we see in our Email Security business) and landing pages. Run a one-off free phish, then see who clicked or submitted data so you can understand where your organization is vulnerable and act accordingly.
Hardening Guides
CIS Hardening Guides contain the system security benchmarks developed by a global community of cybersecurity experts. Over 140 configuration guidelines are provided to help safeguard systems against threats. Recommended by cyanghost109 "to get a start on looking at hardening your own systems."
Podcasts
Daily Tech News is Tom Merrit's show covering the latest tech issues with some of the top experts in the field. With the focus on daily tech news and analysis, it's a great way to stay current. Thanks to EmoPolarbear for drawing it to our attention.
This Week in Enterprise Tech is a podcast that features IT experts explaining the complicated details of cutting-edge enterprise technology. Join host Lou Maresca on this informative exploration of enterprise solutions, with new episodes recorded every Friday afternoon.
Security Weekly is a podcast where a "bunch of security nerds" get together and talk shop. Topics are greatly varied, and the atmosphere is relaxed and conversational. The show typically tops out at 2 hours, which is perfect for those with a long commute. If you’re fascinated by discussion of deep technical and security-related topics, this may be a nice addition to your podcast repertoire.
Grumpy Old Geeks—What Went Wrong on the Internet and Who's To Blame is a podcast about the internet, technology and geek culture—among other things. The hosts bring their grumpy brand of humor to the "state of the world as they see it" in these roughly hour-long weekly episodes. Recommended by mkaxsnyder, who enjoys it because, "They are a good team that talk about recent and relevant topics from an IT perspective."
The Social-Engineer Podcast is a monthly discussion among the hosts—a group of security experts from SEORG—and a diverse assortment of guests. Topics focus around human behavior and how it affects information security, with new episodes released on the second Monday of every month. Thanks to MrAshRhodes for the suggestion.
The CyberWire podcasts discuss what's happening in cyberspace, providing news and commentary from industry experts. This cyber security-focused news service delivers concise, accessible, and relevant content without the gossip, sensationalism, and the marketing buzz that often distract from the stories that really matter. Appreciation to supermicromainboard for the suggestion.
Malicious Life is a podcast that tells the fascinating—and often unknown—stories of the wildest hacks you can ever imagine. Host Ran Levi, a cybersecurity expert and author, talks with the people who were actually involved to reveal the history of each event in depth. Our appreciation goes to peraphon for the recommendation.
The Broadcast Storm is a podcast for Cisco networking professionals. BluePieceOfPaper suggests it "for people studying for their CCNA/NP. Kevin Wallace is a CCIE Collaboration so he knows his *ishk. Good format for learning too. Most podcasts are about 8-15 mins long and its 'usually' an exam topic. It will be something like "HSPR" but instead of just explaining it super boring like Ben Stein reading a powerpoint, he usually goes into a story about how (insert time in his career) HSPR would have been super useful..."
Software Engineering Radio is a podcast for developers who are looking for an educational resource with original content that isn't recycled from other venues. Consists of conversations on relevant topics with experts from the software engineering world, with new episodes released three to four times per month. a9JDvXLWHumjaC tells us this is "a solid podcast for devs."
Books
System Center 2012 Configuration Manager is a comprehensive technical guide designed to help you optimize Microsoft's Configuration Manager 2012 according to your requirements and then to deploy and use it successfully. This methodical, step-by-step reference covers: the intentions behind the product and its role in the broader System Center product suite; planning, design, and implementation; and details on each of the most-important feature sets. Learn how to leverage the user-centric capabilities to provide anytime/anywhere services & software, while strengthening control and improving compliance.
Network Warrior: Everything You Need to Know That Wasn’t on the CCNA Exam is a practical guide to network infrastructure. Provides an in-depth view of routers and routing, switching (with Cisco Catalyst and Nexus switches as examples), SOHO VoIP and SOHO wireless access point design and configuration, introduction to IPv6 with configuration examples, telecom technologies in the data-networking world (including T1, DS3, frame relay, and MPLS), security, firewall theory and configuration, ACL and authentication, Quality of Service (QoS), with an emphasis on low-latency queuing (LLQ), IP address allocation, Network Time Protocol (NTP) and device failures.
Beginning the Linux Command Line is your ally in mastering Linux from the keyboard. It is intended for system administrators, software developers, and enthusiastic users who want a guide that will be useful for most distributions—i.e., all items have been checked against Ubuntu, Red Hat and SUSE. Addresses administering users and security and deploying firewalls. Updated to the latest versions of Linux to cover files and directories, including the Btrfs file system and its management and systemd boot procedure and firewall management with firewalld.
Modern Operating Systems, 4th Ed. is written for students taking intro courses on Operating Systems and for those who want an OS reference guide for work. The author, an OS researcher, includes both the latest materials on relevant operating systems as well as current research. The previous edition of Modern Operating Systems received the 2010 McGuffey Longevity Award that recognizes textbooks for excellence over time.
Time Management for System Administrators is a guide for organizing your approach to this challenging role in a way that improves your results. Bestselling author Thomas Limoncelli offers a collection of tips and techniques for navigating the competing goals and concurrent responsibilities that go along with working on large projects while also taking care of individual user's needs. The book focuses on strategies to help with daily tasks that will also allow you to handle the critical situations that inevitably require your attention. You'll learn how to manage interruptions, eliminate time wasters, keep an effective calendar, develop routines and prioritize, stay focused on the task at hand and document/automate to speed processes.
The Practice of System and Network Administration, 3rd Edition introduces beginners to advanced frameworks while serving as a guide to best practices in system administration that is helpful for even the most advanced experts. Organized into four major sections that build from the foundational elements of system administration through improved techniques for upgrades and change management to exploring assorted management topics. Covers the basics and then moves onto the advanced things that can be built on top of those basics to wield real power and execute difficult projects.
Learn Windows PowerShell in a Month of Lunches, Third Edition is designed to teach you PowerShell in a month's worth of 1-hour lessons. This updated edition covers PowerShell features that run on Windows 7, Windows Server 2008 R2 and later, PowerShell v3 and later, and it includes v5 features like PowerShellGet. For PowerShell v3 and up, Windows 7 and Windows Server 2008 R2 and later.
Troubleshooting with the Windows Sysinternals Tools is a guide to the powerful Sysinternals tools for diagnosing and troubleshooting issues. Sysinternals creator Mark Russinovich and Windows expert Aaron Margosis provide a deep understanding of Windows core concepts that aren’t well-documented elsewhere along with details on how to use Sysinternals tools to optimize any Windows system’s reliability, efficiency, performance and security. Includes an explanation of Sysinternals capabilities, details on each major tool, and examples of how the tools can be used to solve real-world cases involving error messages, hangs, sluggishness, malware infections and more.
DNS and BIND, 5th Ed. explains how to work with the Internet's distributed host information database—which is responsible for translating names into addresses, routing mail to its proper destination, and listing phone numbers according to the ENUM standard. Covers BIND 9.3.2 & 8.4.7, the what/how/why of DNS, name servers, MX records, subdividing domains (parenting), DNSSEC, TSIG, troubleshooting and more. PEPCK tells us this is "generally considered the DNS reference book (aside from the RFCs of course!)"
Windows PowerShell in Action, 3rd Ed. is a comprehensive guide to PowerShell. Written by language designer Bruce Payette and MVP Richard Siddaway, this volume gives a great introduction to Powershell, including everyday use cases and detailed examples for more-advanced topics like performance and module architecture. Covers workflows and classes, writing modules and scripts, desired state configuration and programming APIs/pipelines.This edition has been updated for PowerShell v6.
Zero Trust Networks: Building Secure Systems in Untrusted Networks explains the principles behind zero trust architecture, along with what's needed to implement it. Covers the evolution of perimeter-based defenses and how they evolved into the current broken model, case studies of zero trust in production networks on both the client and server side, example configurations for open-source tools that are useful for building a zero trust network and how to migrate from a perimeter-based network to a zero trust network in production. Kindly recommended by jaginfosec.
Tips
Here are a couple handy Windows shortcuts:
Here's a shortcut for a 4-pane explorer in Windows without installing 3rd-party software:
(Keep the win key down for the arrows, and no pauses.) Appreciation goes to ZAFJB for this one.
Our recent tip for a shortcut to get a 4-pane explorer in Windows, triggered this suggestion from SevaraB: "You can do that for an even larger grid of Windows by right-clicking the clock in the taskbar, and clicking 'Show windows side by side' to arrange them neatly. Did this for 4 rows of 6 windows when I had to have a quick 'n' dirty "video wall" of windows monitoring servers at our branches." ZAFJB adds that it actually works when you right-click "anywhere on the taskbar, except application icons or start button."
This tip comes courtesy of shipsass: "When I need to use Windows Explorer but I don't want to take my hands off the keyboard, I press Windows-E to launch Explorer and then Ctrl-L to jump to the address line and type my path. The Ctrl-L trick also works with any web browser, and it's an efficient way of talking less-technical people through instructions when 'browse to [location]' stumps them."
Clear browser history/cookies by pressing CTRL-SHIFT-DELETE on most major browsers. Thanks go to synapticpanda, who adds that this "saves me so much time when troubleshooting web apps where I am playing with the cache and such."
To rename a file with F2, while still editing the name of that file: Hit TAB to tab into the renaming of the next file. Thanks to abeeftaco for this one!
Alt-D is a reliable alternative to Ctrl-L for jumping to the address line in a browser. Thanks for this one go to fencepost_ajm, who explains: "Ctrl-L comes from the browser side as a shortcut for Location, Alt-D from the Windows Explorer side for Directory."
Browser shortcut: When typing a URL that ends with dot com, Ctrl + Enter will place the ".com" and take you to the page. Thanks to wpierre for this one!
This tip comes from anynonus, as something that daily that saves a few clicks: "Running a program with ctrl + shift + enter from start menu will start it as administrator (alt + y will select YES to run as admin) ... my user account is local admin [so] I don't feel like that is unsafe"
Building on our PowerShell resources, we received the following suggestion from halbaradkenafin: aka.ms/pskoans is "a way to learn PowerShell using PowerShell (and Pester). It's really cool and a bunch of folks have high praise for it (including a few teams within MSFT)."
Keyboard shortcut: If you already have an application open, hold ctrl + shift and middle click on the application in your task bar to open another instance as admin. Thanks go to Polymira for this one.
Remote Server Tip: "Critical advice. When testing out network configuration changes, prior to restarting the networking service or rebooting, always create a cron job that will restore your original network configuration and then reboot/restart networking on the machine after 5 minutes. If your config worked, you have enough time to remove it. If it didn't, it will fix itself. This is a beautifully simple solution that I learned from my old mentor at my very first job. I've held on to it for a long time." Thanks go to FrigidNox for the tip!
Websites
Deployment Research is the website of Johan Arwidmark, MS MVP in System Center Cloud and Datacenter Management. It is dedicated to sharing information and guidance around System Center, OS deployment, migration and more. The author shares tips and tricks to help improve the quality of IT Pros’ daily work.
Next of Windows is a website on (mostly) Microsoft-related technology. It's the place where Kent Chen—a computer veteran with many years of field experience—and Jonathan Hu—a web/mobile app developer and self-described "cool geek"—share what they know, what they learn and what they find in the hope of helping others learn and benefit.
High Scalability brings together all the relevant information about building scalable websites in one place. Because building a website with confidence requires a body of knowledge that can be slow to develop, the site focuses on moving visitors along the learning curve at a faster pace.
Information Technology Research Library is a great resource for IT-related research, white papers, reports, case studies, magazines, and eBooks. This library is provided at no charge by TradePub.com. GullibleDetective tells us it offers "free PDF files from a WIIIIIIDE variety of topics, not even just IT. Only caveat: as its a vendor-supported publishing company, you will have to give them a bit of information such as name, email address and possibly a company name. You undoubtedly have the ability to create fake information on this, mind you. The articles range from Excel templates, learning python, powershell, nosql etc. to converged architecture."
SS64 is a web-based reference guide for syntax and examples of the most-common database and OS computing commands. Recommended by Petti-The-Yeti, who adds, "I use this site all the time to look up commands and find examples while I'm building CMD and PS1 scripts."
Phishing and Malware Reporting. This website helps you put a stop to scams by getting fraudulent pages blocked. Easily report phishing webpages so they can be added to blacklists in as little as 15 minutes of your report. "Player024 tells us, "I highly recommend anyone in the industry to bookmark this page...With an average of about 10 minutes of work, I'm usually able to take down the phishing pages we receive thanks to the links posted on that website."
A Slack Channel
Windows Admin Slack is a great drive-by resource for the Windows sysadmin. This team has 33 public channels in total that cover different areas of helpful content on Windows administration.
Blogs
KC's Blog is the place where Microsoft MVP and web developer Kent Chen shares his IT insights and discoveries. The rather large library of posts offer helpful hints, how-tos, resources and news of interest to those in the Windows world.
The Windows Server Daily is the ever-current blog of technologist Katherine Moss, VP of open source & community engagement for StormlightTech. Offers brief daily posts on topics related to Windows server, Windows 10 and Administration.
An Infosec Slideshow
This security training slideshow was created for use during a quarterly infosec class. The content is offered generously by shalafi71, who adds, "Take this as a skeleton and flesh it out on your own. Take an hour or two and research the things I talk about. Tailor this to your own environment and users. Make it relevant to your people. Include corporate stories, include your audience, exclude yourself. This ain't about how smart you are at infosec, and I can't stress this enough, talk about how people can defend themselves. Give them things to look for and action they can take. No one gives a shit about your firewall rules."
Tech Tutorials
Tutorialspoint Library. This large collection of tech tutorials is a great resource for online learning. You'll find nearly 150 high-quality tutorials covering a wide array of languages and topics—from fundamentals to cutting-edge technologies. For example, this Powershell tutorial is designed for those with practical experience handling Windows-based Servers who want to learn how to install and use Windows Server 2012.
The Python Tutorial is a nice introduction to many of Python’s best features, enabling you to read and write Python modules and programs. It offers an understanding of the language's style and prepares you to learn more about the various Python library modules described in 'The Python Standard Library.' Kindly suggested by sharjeelsayed.
SysAdmin Humor
Day in the Life of a SysAdmin Episode 5: Lunch Break is an amusing look at a SysAdmin's attempt to take a brief lunch break. We imagine many of you can relate!
Have a fantastic week and as usual, let me know any comments or suggestions.
u/crispyducks
submitted by crispyducks to sysadmin [link] [comments]

GOD OF INDICATORS - 99,99% work - binary option strategy ... BOSBS #2 - Binary Options Trading Strategy - How to trade ... Binary Options Trading Strategy - YouTube 2 Minutes Strategy Binary Options 2020 (IQ Options) - YouTube Binary Options in the U.S in 2020! - YouTube Best Binary Options Strategy 2020 - 2 Min Strategy Live ... How to trade Binary Options for beginners - Binary Options ... THE TRUTH ABOUT BINARY OPTIONS - YouTube Binary Options Strategy 2020  100% WIN GUARANTEED ... Options Trading for Beginners (The ULTIMATE In-Depth Guide)

Extreme Binary Options Trading Strategy is a combination of Metatrader 4 (MT4) indicator(s) and template. The essence of this binary options trading strategy is to transform the accumulated history data and trading signals. Extreme Binary Options Trading Strategy provides an opportunity to detect various peculiarities and patterns in price dynamics which are invisible to the naked eye. Based ... The Single Most Critical Factor to Binary Options Trading Success 2. What are Binary Options 3. The Flow of Decisions in a Binary Options Trade 4. Advantages and Disadvantages of Binary Options Trading 5. Binary Trading Risk Management 6. What You Need to Succeed in Binary Options 7. How Much Money You Need to Start Trading 8. Technical Analysis As a Tool for Binary Trading Success 9 ... Binary Options Course in PDF to Download: Disadvantages Most of the time the PDF courses you will find are very superficial and have little practical content. PDF courses tend to be repeated into copies, because those who offer this usually haven’t had the time or not even real knowledge in Binary Options to be able to teach something, so they copy each other and give it a different name. Internet-based binary options trading platforms may be collecting customer information such as credit card and driver’s license data for unspecified uses. If a binary options Internet-based trading platform requests photocopies of your credit card, driver’s license, or other personal data, do not provide the information. The third category of alleged fraud involves the manipulation of the ... author of Trading Binary Options (Bloomberg) and editor of The Fear and Greed Trader Newsletter, Agora Financial, Inc. P1: OTA/XYZ P2: ABC JWBT642-bprefae JWBT642-Nekritin January 11, 2012 21:12 Printer: Courier Westford Preface U nfortunately, most forex traders lose out. Profitable trading is re-served for the select few. Expectations drive reality for many things in life, and successful ... If trading 1 minute binary options price only needs to be entered every 1 minute or less. If trading 5 minute or later options same applies. Pick a set interval to continually update spreadsheet. 10 prices must be entered before data should be used off spreadsheet. The Definitive Guide for Practical Trading Strategies Guy Cohen. Library of Congress Number: 2004116072 Vice President and Editor-in-Chief: Tim Moore Executive Editor: Jim Boyd Editorial Assistant: Kate E. Stephenson Development Editor: Russ Hall Marketing Manager: Martin Litkowski International Marketing Manager: Tim Galligan Cover Designer: Sandra Schroeder Managing Editor: Gina Kanouse ...

[index] [4603] [2085] [19064] [11625] [5255] [821] [26202] [3672] [7772] [16582]

GOD OF INDICATORS - 99,99% work - binary option strategy ...

Binary Options Trading Strategy: http://gggmarketing.com/binaryoptions The code to financial to success has been dissected, deciphered, and laid bare for opt... 💰💲FULL BEGINNER? Join My PERSONAL TRAINING!💴💵 BLW Trading Academy: http://www.blwtradingacademy.com/ Live Trading Signals HERE!🔙💲💹Join My ... The road to success through trading IQ option Best Bot Reviews Iq Option 2020 ,We make videos using this softwhere bot which aims to make it easier for you t... Chapter 1 - Introduction to binary options trading: brokers, how it works, example of trade Chapter 2 - Bid/offer levels from the brokers: what it means in t... IQ Options -https://affiliate.iqoption.com/redir/...Please subscribe and leave a like for more videos.Online trading is a very risky investment/profession. It i... Best Binary Options Brokers for this Strategy: 1. 💲💹IQ Option FREE DEMO: http://www.cryptobinarylivingway.com/IQOption1 2. 💲💹Pocket Option FREE DEMO: http Options trading is a very difficult thing to learn as a beginner, as there are many moving parts and many concepts to learn simultaneously. In this video, my... get trading bots contact with telegram https://bit.ly/3aR8baT get pro or free signals https://bit.ly/2N5PLrp get strategy trading, visit my twitter https://b... Watch this video to learn how to start trading binary options profitably with my Price Action Trading Strategy! Make sure to start inside a Demo Account: htt... Are binary options a good idea? If you're thinking about trading binary options, watch this video first. Check out our FREE training for traders https://bi...

https://binary-optiontrade.lbasehre.tk