A Short Beginners Guide to (trading) CryptoCurrency

Published / by Rens Hollanders / 2 Comments on A Short Beginners Guide to (trading) CryptoCurrency
 

Hi there,

Thought I’d write a post about a topic that is more booming now than ever, what to know about and how to trade CryptoCurrencies.

Disclaimer: I’ve written this article to the best of my knowledge, If i’m misinformed or talking nonsense, or you would like to have some information added please be so kind to inform me in a appropriate manner in the comment section.

This article is intended for people who are looking for information on where to start if they have any interest in CryptoCurrency.

Basically, CryptoCurrency as we know it in 2017 exists and is related to the following topics:

  • Blockchain
  • Initial Coin Offerings (ICO’s)
  • What are Smart Contracts
  • Trading
  • Exchanges
  • Participation

We will go deeper into these topics one by one after the introduction.

Introduction

So I’ve become familiar with CryptoCurrency and mainly Bitcoin as the first blockchain cryptocurrency back in 2012. Bitcoin then already existed for two years and had build a reasonable reputation of something of value. But it is only since May 2017 that I have become really involved with CryptoCurrency as an investment for the future, and participating in one of the many communication methods used by CryptoCurrency owners and traders.

The Basics

So if you are looking to start investing, buying, trading, but also working with or on a blockchain solution where would you start?

What is blockchain?

First you would need to understand (if it has your interest to understand it at least) what blockchain is, and what it does. The first initial idea of blockchain can be compared with a database. Traditional database like we know them in IT ifrastructures are central, blockchain however is different, it’s decentral. Nobody own’s it, yet everyone is equally important once involved. This means that everybody can become part of the chain. On this database transactions occur just like on a regular database. These transactions are not financial transactions they are just actions that tell the system what has happened. But as soon as a transaction is executed all peers in the network become aware of the transactions and it becomes irreversible. A CryptoCurrency makes use of this procedure to send tokens around, and these tokens posses some kind of value (which we will discuss later on).

Blockchain usage

Blockchain isn’t solely intended for sending tokens with value around the network. At this moment numerous big companies like Microsoft, IBM, Google, Amazon but also banks and other very large enterprise companies have shown interest in blockchain. One of the most relevant examples of how blockchain can be used, is see-container company “Maersk” who is working closely with Microsoft and IBM to investigate the usage of blockchain into their company. By what I have heard and read it is used for the insurance process of see-containers.

Currently this is a process which needs to be ran by 40 stakeholders before a sea container is permitted to ship. 40 Stakeholders which are even equally important, but are slowed down by a bureaucratic process. This is where blockchain comes in, to speed up the process but also make it more reliable and less fraudulent. Once a transaction occurs it is acknowledged by its peers and after a certain number of confirmations becomes irreversible, making it basically incorruptible.

Initial Coin Offerings

A massive hype in the blockchain ‘world’ nowadays are Initial Coin Offerings or ICO’s

These ICO’s are basically comparable with start-ups or campaigns to kickstart a venture, raising funds to proceed with the development of the company. Over a period of 4 months a large amount of new cryptocurrency have risen each claiming key features and functionality incomparable with other cryptocurrency. An ICO is funded by exchaging cryptocurrency for their own token. For example on the ethereum network ETH tokens are send to an address and in return the sender will receive a number of tokens in the newly developed cryptocurrency.

A general trend is that people invest heavily in these ICO’s to dump them as soon as possible they come available on a cryptocurrency exchange. Usually in the first hours after a release on these exchanges the coin increases in value but wouldn’t hold it’s position too long before people cash out.

Recent developments have lead to the banning of ICO’s in the China area. As Chinese people are claimed to be notorious gamblers, Chinese government has decided it is forbidden for Chinese people to participate in ICO’s.

Smart Contracts

Smart Contracts is something made possible on the blockchain. It is nothing more then an agreement between two parties, where the blockchain is used to control under which circumstances the transaction is executed. Let’s say I want to order a pizza at Domino’s. I can setup a smart contract and send it to the blockchain. In this contract I make the following demands:

  • The pizza is delivered at my house
  • The pizza needs to be fresh and warm
  • The pizza needs to have tomatoes and cheese on it

In return I’ll send an amount of tokens with the specific amount of value I have agreed with Domino’s over the network. As soon as Domino’s meets my demands, the tokens are released.

This is a smart contract in it’s simplest form. For more info, please see: What are Smart Contract?

Trading CryptoCurrency

Since the rise and fall and rise again of Bitcoin each new All Time High (ATH) has generated attention for bitcoin itself as CryptoCurrency in it’s whole. As we can see by coinmarketcap.com historical snapshot, in 2013 there where 7 coins listed. Currently there are over 850+ cryptocurrencies available for trading.

The basics of trading cryptocurrency is as following:

Money (which we will call FIAT) needs to be deposited either at an exchange through wired SEPA transfer, or via paypall or via other websites which enable you to buy bitcoin or other cryptocurrencies and send it directly into a wallet.

So FIAT > Exchange > Wallet

Your wallet exist out of an address which is hexadecimal and is generated once you open up a wallet, or deposit currency on a exchange. This address is public and for everyone to see. If I have the address I can list how much currency it currently possesses and which transactions have been executed towards or away from the address. So basically my bank account is out in the open and visible, but since there is no direct relation between the address and me, nobody know’s which address belongs to me or someone.

Now you say, they know my bank account, can’t anyone hack into this? No, not unless you give your private keys to this person. Each wallet generates a private key. This private key again is a very long string which holds all the information to your wallet. With this key I can access the wallet and control it. This means receiving or sending currency which is available on this wallet.

Exchanges

If you want to trade in your cryptocurrency back to FIAT or another cryptocurrency this can be done at an exchange. This means you need to send out an amount from your wallet to an exchange. If your currency is already on a exchange, you can skip this step and exchange it right away to another currency.

There are a number of large exchanges around at this time (Sept. 2017)

  1. Bitfinex $505,867,176
  2. Bittrex $445,875,834
  3. Poloniex $249,425,157
  4. Kraken $214,885,074
  5. Bitstamp $140,261,655

As you can see the exchanges Bitfinex and Bittrex are the biggest exchanges, Bitfinex trades around 35 cryptocurrencies and Bittrex around 257! different cryptocurrencies.

Personally I have experience with the following exchanges: Bittrex, Poloniex, Kraken. I’ll list my personal pro’s and con’s about these exchanges here:

Bitfinex

Pro:
  • Margin trading, also available for a certain amount of alternative coins like NEO
  • Fast interface with instant trades
  • Long and decent track record. The exchange has been hacked before but responded accordingly
  • Mobile Application
Con:
  • Not many altcoins, more attention for the big coins
  • Margin leverage to a maximum of 3.3

Bittrex

Pro:
  • Fast
  • Reliable
  • High number of cryptocurrency
  • USDT available
  • Basic Account withdraw 3 BTC per day
Con:
  • No withdrawal to FIAT possible

Kraken

Pro:
  • Withdrawal to FIAT possible
  • Stop-loss and Take-Profit orders or combination of both
  • Support is fast on average with tier verification
Con:
  • Website will become slow and unusable during critical times (in case of fast increase or decrease of cryptocurrency value)

Poloniex

Pro:
  • BTC lending
  • Margin trading
  • Stop-limit and combined orders
Con:
  • Support is slow and doesn’t respond very quickly
  • Withdraw is limited to 1000 USD a day

Each exchange has common functionality such as buying or selling currencies but some exchanges stand out with special features such as lending, margin trading, going long or short

Each exchange works with pairs between cryptocurrencies, this means Bitcoin and another currency or Ethereum and another currency. This means to swap between currencies you need to first go back to Bitcoin or Ethereum before you can engage in another currency.

Example, I’ve purchased Bitcoin somewhere and want to invest in Litecoin, I need to go to an exchange and exchange the desired amount of Bitcoin to Litecoin. Later on I decide to invest in Ethereum. I then first need to exchange Litecoin back to Bitcoin before I can buy Ethereum.

Most of these exchanges if not all possess and API which enables you to control what happens with your currency remotely, with some self written code or perhaps you have purchased a bot.

Wallets

Cryptocurrency can be held in wallets, these wallets are a hexadecimal address that represent an address on the blockchain. As soon as a wallet address is generated it becomes part of the blockchain basically to never disappear ever again. Once a address is generated it can be traced indefinitely. It is publicly available and will tell how much currency is held onto the address. So are your coins on this wallet? No, your wallet is secured with a private key and depending on the software has options to secure access through a passphrase, a 12 word sentence or just a password you make up of your own. This information is needed to access your tokens, but the tokens itself aren’t physically present on your wallet which you may have installed on your phone, computer or airgapped device. It’s just some piece of information you own, so you can prove you are the holder of the amount of tokens that is residing on that specific address.

Private Keys

Each wallet possesses a private key, this is also a very long string of characters which is basically all the information that is needed to access the address on the blockchain and enables you to deposit, withdraw and transfer currency on the blockchain. Usually a wallet is secured with a password, or 12 or 24 word passphrase.

Paper Wallet

People often speak about a paper wallet which you can safely store in your house, or at a bank locker/safe. This is nothing more and nothing less than these 12 or 24 words written down on a piece of paper.

Full chain sync vs. light wallets and multi wallets

Back in the days when there were only a few cryptocurrency values that each had their own blockchain, in order to participate you needed to download the entire blockchain onto our computer. Nowadays the blockchain size for Bitcoin is 133 GB (as of september 2017).

Today there are many solutions in participating in the blockchain, there are so called full, fast and null wallets. So full wallet wil actually sync the entire blockchain to your computer opposed to fast or light wallets which will do a partial sync. And then there are null wallets which don’t have to sync

Research and/or Participate: Twitter, Slack, Reddit, BitcoinTalk

Let’s say you want to invest or participate in a cryptocurrency, what would be the best places for you to start?

Big sources for information are Bitcointalk, Reddit and the Slack channel of a currency team. Also the currency’s website, roadmap and whitepaper are a must read to predict what is coming. Do research of how the course rate responded after news became public, but don’t forget all alternative cryptocurrency is related to the big one: Bitcoin. There aren’t much coins which price isn’t influenced by the course rate of bitcoin.

Do’s and Don’ts

Do’s

  • Buy low / Sell high
  • Hold a coin you belief in
  • Define a strategy

Dont’s

  • Sell low(er than you have bought for) (duh!)
  • Be greedy (be satisfied with 5, 10, 20%)
  • Buy during or after a pump (likely it will fall back right after)
  • Organize or participate in pump & dumps (I will explain this one more extensively right after)
  • Trade with emotion (again I’ll dedicate some words to this)

Safe Strategy

Upon entering the cryptocurrency market it is good to set a predefined target on when you will get out of it. For example, decide to get out of a coin or the market entirely on a profit percentage of 20%. This helps you control your emotion (see Dont’s) and lets you make a rational decision and still feel good about it. Entering the cryptocurrency market as a ‘newbee’ is almost like entering a casino to play a game of roulette. Based on your emotions you want to increase your stakes and profit, and want to make up for your losses when things went sideways. By setting a goal or defining your strategy you’ll be able to cope with your emotions.

Pump & Dumps

I thought I devote an entire section to pump and dumps and why you should be carefull with it. Since the cryptocurrency market is an unregulated market which has no control or authority to control it or have say over what is ok and what not, there is an entire world beneath the surface of people trying to take advantage over other people. Just like the real world!

Pump and dumps are a coördinated scheme to increase and decrease the value of a cryptocurrency over a short period of time. Usually these p&d’s are coördinated in telegram, whats-app and or private slack channels. Usually there is one person or a team who dictates the pump or dump and others follow. As the value begins to increase or decrease it draws the attention of other people that are already invested in or want to invest. Thus creating basically a ponzi scheme to facilitate financial gains over these people. The person or team that initiates the pump or dump gains the most, as others follow. Then there are the people who are unaware of what is happening, and usually they pay the price (the money needs to come from somewhere, where their is gain there is loss)

I’m not a moralist, but be aware that participating in these schemes comes at a price and has it’s risks. And currently since there is no regulation possible, these people are untouchable, but as soon a relationship can be created between an individual as in knowing who this person is, and your wallet addresses I’m not so sure these people are untouchable any longer.

Trade with(out) Emotion!

A big share which comes with FOMO (fear of missing out) is emotion! The one that always bites you in the ass when it comes to making rational decisions. Can you trade without emotion? Without fear? Since there are no guarantees which way cryptocurrency goes. It can go up or down, and what do you do when you are heavily invested in a coin?

Common abbreviations

  • HOD’L originated from this thread on bitcointalk and has gone ‘viral’ amongst cryptocurrency traders meaning, they will hold their currency for a longer period
  • FOMO which means: Fear of Missing Out, this usually occurs when currency is at an exceptional low price and you wish you had some funds available to buy them, or when a currency is ‘mooning’ and you don’t possess any of it
  • FUD which means: Fear Uncertainty and Doubt, FUD is widespread, nowadays with fake news it is very easy to manipulate cryptocurrency value by spreading rumors to create fear, which will lead to uncertainty and doubt for cryptocurrency holders to stay in the currency for the upcoming period. So FUD is spread to create a movement. Unexperienced traders are lured into selling their investments while more experienced traders will go along for the ride
  • ATH, means: All Time High, the highest value a cryptocurrency has ever had
  • 24 High and Low can be seen on some exchanges to see what a currency did over a time span of 24 hours.
  • Moon or mooning, when a currency rises exceptionally to new hights
  • Pump and Dump, when a coin is massively bought or sold this affects the course rate and value of a currency. Pump and Dumps are often organized in private slack channels or telegram and whats-app groups.
  • Alts (as in alternative coins, as in altcoins, as in any coin other than Bitcoin)

Closing words

I hope you’ve found this article very useful on your way towards cryptocurrency trading. I would appreciate it if you would be so kind to leave a comment if this has helped you in any way.

Disabling SMB1 after WannaCry? Make Sure SMB2 is enabled

Published / by Rens Hollanders / 1 Comment on Disabling SMB1 after WannaCry? Make Sure SMB2 is enabled
 

After recent events in the online world, everybody is in a frenzy patching their servers, disabling SMB1, removing the feature from Windows 10 and Windows Server 2012 R2 (after It should have been done way way before). So was I. This week’s priority at the customer I’m working for is entirely dedicated to patching servers (if they weren’t patched prior to WannaCry, which was a small percentage nevertheless) and disabling and removing the SMB1 feature on all the machines.

A lot has been written about WannaCry and how to deal with it. The two most helpfull articles come from big MS itself: How to enable and disable SMBv1, SMBv2, and SMBv3 in Windows and Windows Server and WannaCrypt attacks: guidance for Azure customers.

After patching and removing the feature (directly instead of just disabling it first) on a Windows 2012R2 Server, I discovered I couldn’t browse to the server any longer. Each time I did a: “\\sctxps-01\d$” (which is a Citrix Provisioning Services Server) I got a message the server couldn’t be reached:

After hitting some key phrases on Google and finding the recommendations of Microsoft, it struck me. The Set-Command: “Set-SmbServerConfiguration -EnableSMB1Protocol $false” which configures SMB to be turned off, can also be partially used as a Get-Command to see it’s current states. And look what we found:

It appeared SMB1 Protocol was still turned on, however due to the removal of the feature entirely from the Server, the machine wasn’t reachable any longer through UNC, IP and even localhost. After hitting the command: “Set-SmbServerConfiguration -EnableSMB2Protocol $true” the server could be reached again.

It appeared someone had configured SMB1 before and turned of SMB2. Due to the removal now the servers SMB shares couldn’t be approached any longer over the network.

So please check your SMB status with: Get-SMBServerConfiguration before doing something drastic like removing SMB features. Of-course in an ideal world this would all be planned, risk, impact and analysis etc. But in an ideal world their wouldn’t be any Cryptolockers either.

Cheers! Rens

MDT – WinPEshl.ini what does it do?

Published / by Rens Hollanders / Leave a Comment
 

Something I’ve had on my blogroll for a long time and now finally found some time to write about it.

This little ini file is very important in the process of MDT doing what it does. As some of you may know, MDT uses a standard WinPE image which will be modified on the fly during the “update deploymentshare process” where boot images are generated, drivers embedded, the wallpaper and extra files are set.

After booting the WinPE image it will automatically start a VB script and call the parameters trying to connect with the deploymentshare. This all starts with WinPEshl.ini.

After installing the MDT software on your workstation or (management) server, you will find the ini file on a special location: C\Program Files\Microsoft Deployment Toolkit\Templates.

When you open the file the contents are as following:

Now for instance let’s say you would want something to execute prior to starting the process of connecting to the deployment share, you have some options:

  1. Modify the WinPEshl.ini
  2. Modify the MDT generated boot image after deploymentshare update
  3. Modify the default boot image

The default boot image which MDT uses as base for the modified MDT boot image can be found in the following two locations:

  1. x64: C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\amd64\en-us
  2. x86: C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Preinstallation Environment\x86\en-us

In my opinion it is best to stick with modifying the WinPEshl.ini for several reasons:

  1. Its traceable, easy documented by saying locating there and there is modified with x and y
  2. Its consistent, if you are altering a MDT generated and updated boot image, you need to do this every single time when you completely regenerate the boot images. I believe that when you are merely updating the existing images nothing changes
  3. It’s considerably faster to modify the ini file, then mounting a wim image with dism providing its customizations.

So what customizations are we talking about here, well I have encountered the following requests:

  1. Running scripts such as placing DNS suffix priority in a multiple domain environment
  2. Running scripts to wipe the disk entirely (for particular machines) preventing the dirty environment found error pop-up
  3. Running diagnostic tasks, password scripts etc.

So to end this, I think WinPEshl.ini is a need little file that has a huge responsibility in the process of MDT which can easily be altered to accomplish things that need to go outside and before the deployment process takes place.

For more info please see: Winpeshl.ini Files

Cheers! Rens

Activating Adobe Acrobat in a non-persistent environment

Published / by Rens Hollanders / Leave a Comment
 

So, yeah recent events at a customer lead me to writing this article for my own purposes of documenting what I did and sharing this with you to prevent the frustration I’ve encountered.

Lets just say Adobe isn’t that keen on using its software in a SBC environment or VDI infrastructure. Or you might say they still have the perception of the traditional stand alone work-space. -This is just my opinion

Using a product such as Adobe Acrobat DC requires activation for every single user that uses it, perhaps you have encountered it before. Upon starting Adobe Acrobat, the program closes itself and you are prompted with the following screen:

This to me is just unfeasible in a SBC or non-persistent environment, I guess that’s why this application gets packaged into a Microsoft App-V or VMware thinapp so often.

But since we haven’t got these tools to our possession we needed a different solution. This solution can be found by using adobe_prtk.exe which is part of the Adobe Provisioning Toolkit.

First of all we discovered the customer had a single user license, which will get you nowhere if you want to activate the product for multiple users. Adobe is software that cannot be easily fooled around with (which is a good thing from a anti-piracy standpoint).

So after a quick chat with Adobe support and the software distributor, the client purchased a volume license based on the English language (since this was cheaper).

Now we where able to activate and stream the license (that’s the way Adobe works) to the machines. To do this we will need the following things:

  1. The serial number
  2. Grant an offline exception for the product through the Adobe Customization Wizard
  3. Know if the product is Continues Track or Classic Track (see here)
  4. License ID or LEID (see here)
  5. The command lines

As I said before you’ll need a volume license serial number, the track the customer had or used was “Continuous” and the accompanying “LEID” is: “V7{}AcrobatESR-12-Win-GM”

This leads to the following command line for Adobe_PRTK.exe: “Adobe_prtk –tool=VolumeSerialize –generate –serial=XXXX-XXXX-XXXX-XXXX-XXXX-XXXX –leid=V7{}AcrobatESR-12-Win-GM –regsuppress=ss –eulasuppress”

As you can see, the Return Code is “0”, which is a good thing. After running the command above a prov.xml is generated. This file holds the license information. This “prov.xml” file on it’s turn can be used to stream the activation of Adobe Acrobat against machines that are non-persistent such as a VDI work-space, Citrix XenApp MCS or PVS etc.

The command line to use the prov.xml is: adobe_prtk.exe” –tool=VolumeSerialize –provfile=”prov.xml” –stream

Again if everything is successful the Return Code will be “0”. We have created a job that after every boot or reboot the command line above is executed against every machine Adobe Acrobat is installed on.

This will resolve the “sign-in required” screen in your user sessions. The activation is machine based, however make sure people cannot start Adobe Acrobat more times then you have licenses for.

This situation resolved the activation issues with the customer. However there was one oddity happening which we have recently discovered. If you have supplied alternative languages in the Adobe Acrobat Customization Wizard DC, you will need to provide and purchase a license in the desired language. So if you want to have a Dutch Acrobat installation, purchase a Dutch license (licenses in other languages appear to be more expensive then native English).

Our software distributor provided a English license because this was cheaper for the client, but when the client switched the desktop from English to Dutch, Adobe needed activation again, the currently streamed license was insufficient and the “Sign-in” required screen prompted again. To avoid this make sure you will only install the English language.

After returning the question to the software distributor the feedback was as following:

Purchase the language you desire and English is always available, purchase a English only license and no other language can or may be selected.

Hope you find this useful and it will save you time and energy.

– Something wrong? Did I mess up, talking BS or got another trick up your sleeve? Please let me know in the comment section!

Cheers! Rens

Download Windows ADK: The numerous versions of Microsoft Windows ADK (Assessment and Planning Toolkit)..and where to find them!

Published / by Rens Hollanders / 16 Comments on Download Windows ADK: The numerous versions of Microsoft Windows ADK (Assessment and Planning Toolkit)..and where to find them!
 

adk_en

…You get my point right?

As a core prerequisite for Microsoft’s Deployment Toolkit Windows Automated Installation Kit (WAIK) successor: Assessment and Deployment Kit (ADK), count’s numerous versions out there wandering the interwebs. As I’m always looking for the latest version available whenever I perform a Microsoft Deployment Toolkit implementation, I thought it would be nice to create and maintain a list of the most recent versions of ADK out there.

I went on a little investigation and came to the following table:

Name Installed Version URL Release Date
Windows ADK for Windows 10 v1607 10.1.14393.0 Download Sept. 2016
Windows ADK for Windows 10 v1511 10.1.10586.0 Download Oct. 2015
Windows ADK for Windows 10 RTM 10.0.26624.0 Download July. 2015
Windows ADK for Windows 10 10.0.10240.0 Download July. 2015
Windows ADK for Windows 8.1 8.100.26866 Download Sept. 2014
Windows ADK for Windows 8.1 update 8.100.26629 Apr. 2014
Windows ADK for Windows 8.1 update 8.100.26020 Oct. 2013
Windows ADK for Windows 8.1 RTM 8.100.25984 Sept. 2013
Windows ADK for Windows 8 8.59.25584 Download Dec. 2012
Windows ADK for Windows 10 v1703 10.1.15063 Download March. 2017

I will continue to expand this list as new versions come available. If you have any missing info like download links of the versions listed above. Please do not hesitate to contact me!

Cheers! Rens