Because Craig Wright is a "big name"? The organizers risk the credibility of the conference, unless it's a fake Bitcoin conference. The same too if Roger Ver was there.
Yes. Even as people hate him and I definitely dislike him as well, doesn't change the fact that his name may gain attention online; especially when talking about him battling with other bitcoin/crypto personalities. And as far as I know though, it's not a bitcoin-specific conference, but a cryptocurrency one. Hence why they're there along with Brock Pierce which is mainly an EOS dude as far as I know.
|
|
|
i don't think they are going to give up on Libra though. they are losing all their supporters and partners these days but i am sure they will go ahead with it even though i think there is still a huge chance that it fails miserably, its centralization alone guarantees that.
Same thoughts. Though PayPal, Visa, Mastercard, and other big names already pulled out, they could just probably look for partnership replacement right? I'm guessing that some other mid-size companies actually want in. PayPal and company probably just wanted out due to Libra being shunned by the fed.
|
|
|
Yes, your right. I’ve just installed it on a new device with a new set of credentials, and the multi device feature is on by default (which it shouldn’t).
It definitely shouldn't be on by default. It's just convenient to have that feature, but in exchange for security risks. Definitely not worth it in my opinion. I hope the application features contained in this application are more complete than those of Google
It is. Google's 2FA basically has little to no features besides the 2FA functionality itself.
|
|
|
What's the point of them creating the Calibra wallet if it won't be used for Libra in the first place though. There are enough decent wallets out there on the web, free to use by everyone. Calibra would be unnecessary, especially knowing that there's like a 90% chance that it's going to be a custodial wallet anyway.
|
|
|
I know ledger has a name but it isn't open source right so anything can happen in the future if btc goes up in price
Ledger's Ledger Live software is open source. who knows if the card is backdoor idk i just want a reliable safe place to store these two cryptos any suggestions?
As far as I know coldcard is bitcoin only, so you obviously won't be able to store your XMR. With that said, if you're really that paranoid and don't want to trust wallet sellers, simply run electrum on an air-gapped device. also is it true the nano S can be use also not just from your computer but I can pay on the go with the OTG cables and connect it to my phone with the ledger live app?
Yes you can.
|
|
|
You meant catex.io right? If so, I could barely find any reviews concerning this exchange.
Here's the thing. There are already a good number of reputable altcoin-heavy exchanges that we could use(Binance, OKEx, Huobi, etc). So unless this exchange has a certain coin/token that you want to trade but other reputable exchanges don't have that coin/token yet, why are you looking for a new one?
|
|
|
but how do you actually know, which wallet will be safe?
You use open source wallets. Yes, a lot of people don't know how to verify and take a look at the code themselves, if a certain wallet seems to be vulnerable to a lot of problems and is unsecure in general, expect some developers to call them out; pretty much just like what happened with Jaxx in the past. This is why you should always use non-custodial wallets that are already fairly reputable so we know that the code was at least most likely studied by a good number of people. How did you choose your current wallet?
By learning about the pros and cons of certain wallet types. And since I want to maximize security but with decent usability, the perfect pick was a hardware wallet. In my case, Ledger. Which is greatly reputable in the cryptocurrency space, along with Trezor.
|
|
|
According to Authy, you need to disable the multi-device feature one you have installed authy in your device/s, to prevent more devices from being added (i.e. a swim-swapped device).
Yes, but the multi-device feature is turned on by default right? Chances are that the casual Authy user doesn't know the potential problems that could be had with that feature being turned on. If however your associated email is also compromised, then there is a window of vulnerability past 24 hours of attempting to recover the account through email.
While that's great, I don't think it's enough to be honest. If an email gets compromised, it could also take a lot of effort to recover the email. Jeebus I remember the last time I tried to recover my old gmail account.
|
|
|
If you're interested in downloading a wallet, the best choice would be to use open source, non-custodial wallets[1]. We barely know what website is this and if it's actually legitimate or not. Don't get too hooked up by their cool and modern website designs.
[1] https://cryptosec.info/cryptocurrency-wallets/#noncustodial
|
|
|
When you lose your device that has Authy installed, you can use SMS to recover it and/or as a temporary 2FA method. Otherwise, you just use the app.
This is precisely one of the reasons why some people aren't comfortable with using Authy. As far as I know(correct me if I'm wrong), if someone managed to do a sim swap hence gaining access to your mobile number, the hacker could then gain access to your Authy 2FA codes. Right?
|
|
|
I have checked the video and it was boring. Though they have different opinions the statements they mentioned are not new to me. I did not finish the video since the skeptics are not very technical and what they are sharing are just their opinions. They dont even use good data and statistics in their arguments. I was hoping to see good technical conversation next bitcoin conference.
Even though it was stupid and they barely had a good smooth exchange of arguments, I actually found it amusing lol. Bobby Lee seemed so angry that if they were drinking alcohol he might physically attack Nouriel Roubini lmao. Roubini was damn annoying. Why do conferences keep giving Craig Wright a platform? He shouldn't be allowed to speak about Bitcoin anywhere, especially after the case that proved that he falsified documents.
As far as I know it should've been Roger Ver I think, and getting CSW was just a desperation move to get a big name into the panel. And in the first place the conference's goal is to get people with conflicting opinions so it just made sense to invite roubini and CSW.
|
|
|
Has anyone here watched this yet? I think it's cool to have a good number of people with different views and opinions on one panel. In this case though, good lawd Nouriel Roubini is still blabbering the same arguments. It's always the "shitcoins lose 99% of their value etc etc". It's frustrating. I think they could get a far better bitcoin/crypto skeptic than Roubini. Heck, I'd go as far as saying that Peter Schiff is a better bitcoin/crypto skeptic. P.S. It's 45:36 minutes. Definitely not everyone's cup of tea.
|
|
|
lol I haven't even heard of that BKEX thing. If there's on characteristic of an exchange you need to find, it's reputation. Definitely OKEX since it's been around for a while now and I haven't heard that much complaints; and though I only used it a couple of times, I never had a problem with it. Though of course I'm not saying that BKEX is bad, it's just that I haven't heard anything about it.
|
|
|
Don't spread FUD in the beginners section please, 2FA by SMS is not the safest method but it's not a "very insecure method"... SIM jacking is not a massive threat,
Oh it's definitely insecure and could be a massive threat. Though I'd say SMS auth is better than no auth at all, there's zero reason for a person to not use app 2fas. beginners shouldn't need to understand and install dozens of app to use bitcoin. Using bitcoin should be an easy way of sending funds, not a new problem to manage.
Dozen apps? You use one authenticator app for literally almost all important accounts you have all over the web, not only crypto-related apps. Also, you're most likely not going to need 2fa if you're using a non-custodial wallet to start with. Unless you're keeping funds on exchanges(which of course you shouldn't do unless you're a daytrader). Very good find! I will try it asap. I allowed myself to translate it into german. Hope that is ok. I obviously linked your thread as a source ![Smiley](https://bitcointalk.org/Smileys/default/smiley.gif) Sure! Hope it could help.
|
|
|
True. But there's a really really huge difference between a lot of Binance accounts being hacked through means user-targetted attacks like social engineering the user's accounts through phishing links and such, compared to Binance's cold storage actually being hacked. Now THAT'S a big difference. Pretty much like what happened to MtGox and Bitfinex in the past, but multiplied a multiple times.
|
|
|
Apparently, due to the number of complaints on various social media sites about users losing access to their accounts due to lost/broken phones, a lot of people do not. They probably see it as a huge hassle. Those people are pretty much in the same category as people who don't like writing down their wallet's recovery phrase hence the reason why still a good number of people prefer leaving their coins and tokens on online wallets and on exchanges.
I think this is why my gox crash was so spectacular: many people were looking for a "trusted" custodial service, where you could store your bitcoins safety.... Without worrying about keys airgapped or whatever.... I think in a few years we will see banking offering that kind of services for BTC. True. Hence why I see if ever Binance gets hacked, it will be a significantly BIGGER bubble that's going to be popped. People leave so much funds on Binance that it's almost guaranteed(in my opinion) for the cryptocurrency markets to crash a lot further assuming Binance gets hacked some time in the future. There are simply so much people putting their trust into Binance thinking that Binance is "unhackable" or some similarly unrealistic stuff.
|
|
|
Do people not write down the codes?
Apparently, due to the number of complaints on various social media sites about users losing access to their accounts due to lost/broken phones, a lot of people do not. They probably see it as a huge hassle. Those people are pretty much in the same category as people who don't like writing down their wallet's recovery phrase hence the reason why still a good number of people prefer leaving their coins and tokens on online wallets and on exchanges.
|
|
|
The biggest problem with Google Authenticathor is that you will need to manually back up every account in another device, or save the keys offline (manually as well).
If you do not save your 2FA in one device, than save on another, for every website, you will be depending 100% on your device. If you lose the device, you will lose the access to your accounts (all of them).
This was actually my surprise with the Google 2FA back in the day. Knowing it was Google, I automatically expected that the backup codes were somewhat synced to my Google account; hence when I downloaded and installed Google 2FA on my freshly factory restored mobile phone(without making a backup of the keys), well, let's just say I didn't have a pleasant experience trying to contact all the service representatives from 5+ accounts I had with 2FA activated..
|
|
|
but it is possible to copy the code, modify it, then create fishing site and distribute some bad app, right? it would be eliminated, yes, but some people can suffer.
You could also say the same with close sourced apps(the distribution of "bad" apps). In fact, unethical and immoral people do that all the time. They create scammy app versions of some famous websites that doesn't really have official apps in the hopes of victims thinking that it's the official app. Like what o_e_l_e_o said, simply don't download from unofficial sources; and this applies for both open source and closed source software.
|
|
|
the question remains if other platforms and services do not use this and stick to google authenticator and authy, what choice do we have as end users?
As far as I know, the platform/service doesn't even know what 2 factor authenticator app you're using. So this shouldn't really be a problem to be honest. You could probably even use a 2FA app you develop yourself(if you know how to, of course). (correct me If I'm wrong, though I'm very sure of this.)
|
|
|
|