Title: how is a miner using http secure? Post by: scar on June 21, 2011, 12:44:16 AM how is it secure when a miner is using insecure http to send the user and password?
Title: Re: how is a miner using http secure? Post by: xunker on June 21, 2011, 08:08:38 PM how is it secure when a miner is using insecure http to send the user and password? "No Mr. Bond, I expect you to die." Translation: it isn't. If you mine in a pool and this fact worries you: A) ask your pool admins to enable HTTPS urls for miners B) move to a pool that uses HTTPS for miners C) move to a pool that allows you to create miner-only passwords (e.g. you can use them in a URL for your miner, but they cannot be used to log in to that pools' web site to change your account, a la bitcoinpool.com) Title: Re: how is a miner using http secure? Post by: randomguy7 on June 21, 2011, 08:15:37 PM Are there currently any pools which support https for miners?
Title: Re: how is a miner using http secure? Post by: thecount on June 21, 2011, 08:23:11 PM Either use a unique miner-only password or use a pool that doesn't require a password (eligius).
Title: Re: how is a miner using http secure? Post by: cvk on June 21, 2011, 08:35:17 PM how is it secure when a miner is using insecure http to send the user and password? Your miner will be insecure, but that's not a problem as long as you are using a different password for your user account. If an attacker gets one of your workers' passwords by sniffing your unencrypted HTTP traffic, I think the worst thing he could do is execute a denial of service attack in your name in an attempt to get you banned from your pool. |