|
Title: bit.co.in address shortener Post by: coinminers on April 04, 2013, 06:55:36 AM Has anyone here heard about the address shortener bit.co.in ?
Curious to hear your thoughts. Cheers! Title: Re: bit.co.in address shortener Post by: gweedo on April 04, 2013, 06:58:22 AM Never heard about it, but it doesn't talk about any way it is verifiable database or how to protect the user's address from being changed. Also no tip buttons. But http://qcl.me has all that! Make sure you know where your putting your address and what security so they can't collect your tips.
Title: Re: bit.co.in address shortener Post by: rme on April 04, 2013, 07:04:36 AM Your Bitcoin Address is too short (minimum is 34 characters).
Thats a bug, "A Bitcoin address, or simply address, is an identifier of 27-34 alphanumeric characters, beginning with the number 1 or 3, that represents a possible destination for a Bitcoin payment." My Bitcoin address is 32 characters long, please fix ASAP ;) Title: Re: bit.co.in address shortener Post by: coinminers on April 04, 2013, 07:27:23 AM Your Bitcoin Address is too short (minimum is 34 characters). Thats a bug, "A Bitcoin address, or simply address, is an identifier of 27-34 alphanumeric characters, beginning with the number 1 or 3, that represents a possible destination for a Bitcoin payment." My Bitcoin address is 32 characters long, please fix ASAP ;) Try now ;) Title: Re: bit.co.in address shortener Post by: gweedo on April 04, 2013, 07:31:42 AM Your Bitcoin Address is too short (minimum is 34 characters). Thats a bug, "A Bitcoin address, or simply address, is an identifier of 27-34 alphanumeric characters, beginning with the number 1 or 3, that represents a possible destination for a Bitcoin payment." My Bitcoin address is 32 characters long, please fix ASAP ;) Try now ;) I guess your the owner ::) you could have just said so ;) Also can you explain the security you employ? Are the address encrypted so you can't change them? Title: Re: bit.co.in address shortener Post by: coinminers on April 06, 2013, 04:39:08 PM I guess your the owner ::) you could have just said so ;) Also can you explain the security you employ? Are the address encrypted so you can't change them? We employ the most up to date Cross-site Scripting Prevention, Cross-site Request Forgery Prevention, and Cookie Attack Prevention (even though there is no login capability yet) techniques. Furthermore the server is only accessible through non 80 ports from one single undisclosed location. If the addresses were encrypted I could still change them so I don't see how encryption would help prevent me from doing so if I had the retarded intention to do so, unless I'm missing something? Title: Re: bit.co.in address shortener Post by: remotemass on April 06, 2013, 04:53:28 PM What is the 4 digit pin number?
Is it to allow the owner of it to change the link to another address later? That would be a nice feature Title: Re: bit.co.in address shortener Post by: gweedo on April 06, 2013, 05:40:09 PM If the addresses were encrypted I could still change them so I don't see how encryption would help prevent me from doing so if I had the retarded intention to do so, unless I'm missing something? but what if a hacker gains access and changes the address how do protect against it? Title: Re: bit.co.in address shortener Post by: rme on April 06, 2013, 05:42:08 PM If the addresses were encrypted I could still change them so I don't see how encryption would help prevent me from doing so if I had the retarded intention to do so, unless I'm missing something? but what if a hacker gains access and changes the address how do protect against it? Just use a 64 character password for the ftp and do not login in a insecure pc. Title: Re: bit.co.in address shortener Post by: mai77 on April 06, 2013, 07:15:03 PM there is a high risk potential in this. I don't think people will use it overly, unless there is credible insurance against fraud by anybody.
Title: Re: bit.co.in address shortener Post by: Nicolai on April 06, 2013, 07:50:58 PM I guess your the owner ::) you could have just said so ;) Also can you explain the security you employ? Are the address encrypted so you can't change them? We employ the most up to date Cross-site Scripting Prevention, Cross-site Request Forgery Prevention, and Cookie Attack Prevention (even though there is no login capability yet) techniques.Furthermore the server is only accessible through non 80 ports from one single undisclosed location. If the addresses were encrypted I could still change them so I don't see how encryption would help prevent me from doing so if I had the retarded intention to do so, unless I'm missing something? http://bit.co.in/123451 <-- woops? https://i.imgur.com/wz7TKlY.png Title: Re: bit.co.in address shortener Post by: coinminers on April 06, 2013, 08:04:47 PM And do you know anything about security, or are you just copy/pasting a lot of bull**** ? http://bit.co.in/123451 <-- woops? No I was giving you my honest answer, doesn't mean we can't improve things of course. Title: Re: bit.co.in address shortener Post by: gweedo on April 06, 2013, 08:06:51 PM And do you know anything about security, or are you just copy/pasting a lot of bull**** ? http://bit.co.in/123451 <-- woops? No I was giving you my honest answer, doesn't mean we can't improve things of course. That is a basic security for a web site... Title: Re: bit.co.in address shortener Post by: coinminers on April 06, 2013, 08:11:41 PM That is a basic security for a web site... Yes, I agree. It was an oversight on my part for which I aplologize. Title: Re: bit.co.in address shortener Post by: tlr on April 06, 2013, 08:21:37 PM Also saw this today: http://bitcaddy.com/
It would be pretty neat if we had a convention to store short address mappings in the blockchain, that way it's totally distributed and transparent. Title: Re: bit.co.in address shortener Post by: coinminers on April 06, 2013, 08:32:01 PM What is the 4 digit pin number? Is it to allow the owner of it to change the link to another address later? That would be a nice feature Yes, but it has to happen by emailing us and we'll then do it for you upon verification. Title: Re: bit.co.in address shortener Post by: tlr on April 06, 2013, 08:52:06 PM It would be pretty neat if we had a convention to store short address mappings in the blockchain, that way it's totally distributed and transparent. Build it, you could use something like namecoin to get you started, and you would probably put every shortener out of business. Also bitcaddy, looks to not talk about the securely they use and plus they charge for custom. Clearly and I hate to do self promotion but http://qcl.me is the currently aside from firstbits, is the most secure and verifiable shortener on the internet. It has been tried to be hacked many times and all attackers haven't gain access to anything. The database can't be changed by me or a 3rd party, the only thing that could happen is the database could be deleted, the site is self checking before displaying any address, and it includes litecoins address. I don't see any completion that does anything remotely to what my site is doing. If they are they don't talk about it. Oh, "firstbits" seems to solve this problem nicely, except for the transaction spam problem, and you can't use custom names. My idea would suffer the same problem, unless we used a separate block chain like namecoin, but I don't particularly like that idea. In that case it would make more sense to just use namecoin with a different namespace. Title: Re: bit.co.in address shortener Post by: coinminers on April 06, 2013, 09:48:01 PM Another flaw in the system, what if someone hacks your email without you knowing it and collects some pins waits and then changes the addresses... I sell the site, without the software, this is not looking good for you plus your getting ran over in the business. The good news is that the software can be changed. I didn't spend much time on this so far and was doing this mostly to gather this kind of feedback and hear these kinds of concerns which I appreciate. I have lots of ideas on how to improve things. Title: Re: bit.co.in address shortener Post by: coinminers on April 07, 2013, 01:01:04 AM I guess your the owner ::) you could have just said so ;) Also can you explain the security you employ? Are the address encrypted so you can't change them? We employ the most up to date Cross-site Scripting Prevention, Cross-site Request Forgery Prevention, and Cookie Attack Prevention (even though there is no login capability yet) techniques.Furthermore the server is only accessible through non 80 ports from one single undisclosed location. If the addresses were encrypted I could still change them so I don't see how encryption would help prevent me from doing so if I had the retarded intention to do so, unless I'm missing something? http://bit.co.in/123451 <-- woops? https://i.imgur.com/wz7TKlY.png OK, I added the appropriate validation now. I'm very sorry for missing this obvious shortcoming and I appreciate you pointing it out. Title: Re: bit.co.in address shortener Post by: coinminers on April 11, 2013, 11:12:46 PM Also I just wanted to let you know that now all shortnames are one way hashed and addresses encrypted with the shortname, so there's no way for anyone even if he got into it to replace other shortlink's currency addresses with his own.
Thanks for the feedback. Cheers! Title: Re: bit.co.in address shortener Post by: coinminers on May 02, 2013, 09:07:21 AM We have now added a fraud detection feature which you can embed independently on your end with completely verifiable javascript. If the address is changed it'll alert you accordingly.
See here for an example: http://bit.co.in/ej Best, Nima Title: Re: bit.co.in address shortener Post by: coinminers on April 29, 2014, 10:26:44 PM By the way, on bit.co.in you can now opt in to get your address stored in the Namecoin blockchain instead of our server.
|
