|
Title: To all exchanges: Please do this... Post by: proudhon on June 21, 2011, 07:04:28 PM I think every bitcoin exchange needs to require a bitcoin address at registration. Then, something like what deepbit does needs to be implemented where that address cannot be changed except by email verification to the email associated with the account. That way if something crazy happens the exchange can return what's ours more easily without everybody needing to go through some crazy verification process.
Title: Re: To all exchanges: Please do this... Post by: Desu on June 21, 2011, 07:06:11 PM E-mail verifcation on all transactions.
JS. Title: Re: To all exchanges: Please do this... Post by: Jered Kenna (TradeHill) on June 21, 2011, 07:21:50 PM We're considering all options.
The downside to a fixed address is when someone wants to cash out to someone else, which happens all the time. We're looking at the best way to authenticate and will implement something soon. -Jered Title: Re: To all exchanges: Please do this... Post by: GeniuSxBoY on June 21, 2011, 07:23:00 PM E-mail verifcation on all transactions. JS. didn't hackers go in and change email addresses? Title: Re: To all exchanges: Please do this... Post by: TonyHoyle on June 21, 2011, 07:24:45 PM didn't hackers go in and change email addresses? So have email address verification to change the email :p Lots of sites do this and it works well. Of course if you used the same password for your email and your exchange, you're hosed.. but there's only so much you can protect against. Title: Re: To all exchanges: Please do this... Post by: joan on June 21, 2011, 07:29:20 PM E-mail verifcation on all transactions. The idea of the address is that even if your E-mail gets compromised, the hacker cannot send the coins to himself.I also think sites related to Bitcoin should try to think more in terms of addresses rather than users. In this regards, I wish I could select the address to send coins from. This way it could serve to prove my identity (And that's why reusing addresses like in MyBitcoin is a bad idea IMHO). Signing stuff with the private key of an address would open some perspectives too. Cashing out to someone else would just need to cash out to himself first and then transfer (less privacy though). Title: Re: To all exchanges: Please do this... Post by: Desu on June 21, 2011, 07:47:05 PM E-mail verifcation on all transactions. The idea of the address is that even if your E-mail gets compromised, the hacker cannot send the coins to himself.I also think sites related to Bitcoin should try to think more in terms of addresses rather than users. In this regards, I wish I could select the address to send coins from. This way it could serve to prove my identity (And that's why reusing addresses like in MyBitcoin is a bad idea IMHO). Signing stuff with the private key of an address would open some perspectives too. Cashing out to someone else would just need to cash out to himself first and then transfer (less privacy though). Title: Re: To all exchanges: Please do this... Post by: khal on June 21, 2011, 08:07:47 PM We're considering all options. The downside to a fixed address is when someone wants to cash out to someone else, which happens all the time. We're looking at the best way to authenticate and will implement something soon. -Jered When this patch (http://forum.bitcoin.org/index.php?topic=6428.0) will be accepted in bitcoin (it allows to sign a message with a bitcoin address), you could require a bitcoin address at the registration time and if people wan't to withdraw to another address, they just have to sign the new address with the default address. This allow you to : - prove you own the original address (you can only sign messages with this address if it is in your wallet and you own the private key) - give your trust to other addresses Signing a message : 1L5zqFahc8Ahu9wtgJqCeJMendvD174xsG is the address given at registration time. Code: ./bitcoind signmessage 1L5zqFahc8Ahu9wtgJqCeJMendvD174xsG "New address : xxxxxxxxxxxxxxxxxxxxxxxx" Then, you need to give the output of the command to the website which will verify it (another "simple" command line). And it's done : - identity verified - the new address is provided by the verified identity in a secured way Title: Re: To all exchanges: Please do this... Post by: MaGNeT on June 21, 2011, 08:12:09 PM We're considering all options. The downside to a fixed address is when someone wants to cash out to someone else, which happens all the time. We're looking at the best way to authenticate and will implement something soon. -Jered It's not a downside. I can send the BTC to my own wallet and then transfer them to the wallet of another person. So there is no need to have the option to send it to another person... Title: Re: To all exchanges: Please do this... Post by: dinker on June 21, 2011, 08:45:09 PM Thanks for the info, mtgox is down right now is there a backup address I can send my file? I have many coins I need to secure them ASAP. thx!
Title: Re: To all exchanges: Please do this... Post by: TonyHoyle on June 21, 2011, 08:48:09 PM Thanks for the info, mtgox is down right now is there a backup address I can send my file? I have many coins I need to secure them ASAP. thx! :o :o :o ;D Title: Re: To all exchanges: Please do this... Post by: Desu on June 21, 2011, 08:51:23 PM News just in: Uh, Fail? How is that more secure?Mt.Gox creates an innovative new security measure. Users must upload their wallet.dat file to the server when they want to log-in for authentication. This cutting edge technology will ensure that all the users information is kept safe and secure. Title: Re: To all exchanges: Please do this... Post by: drknark on June 21, 2011, 08:58:23 PM News just in: Uh, Fail? How is that more secure?Mt.Gox creates an innovative new security measure. Users must upload their wallet.dat file to the server when they want to log-in for authentication. This cutting edge technology will ensure that all the users information is kept safe and secure. "Whooosh" (sound of the joke flying over your head) ;) Title: Re: To all exchanges: Please do this... Post by: andrepcg on June 21, 2011, 09:00:04 PM News just in: Uh, Fail? How is that more secure?Mt.Gox creates an innovative new security measure. Users must upload their wallet.dat file to the server when they want to log-in for authentication. This cutting edge technology will ensure that all the users information is kept safe and secure. someone does not understand sarcasm... Title: Re: To all exchanges: Please do this... Post by: MaGNeT on June 21, 2011, 09:39:32 PM News just in: Uh, Fail? How is that more secure?Mt.Gox creates an innovative new security measure. Users must upload their wallet.dat file to the server when they want to log-in for authentication. This cutting edge technology will ensure that all the users information is kept safe and secure. someone does not understand sarcasm... Everyone understands sarcasm.... |