No, I'm totally there with you. Private Internet Access was bought out a month or two ago by Kape, which are the same outright malicious company which own CyberGhost which I talked about in my quoted post above. Their reddit was filled with users complaining that they had already paid for 3 or even 5 years in advance and were unable to get a refund, and so just had to eat the loss and move to another provider. I'd never pay for more than a few months in advance. I also find that (generally speaking) the companies offering the biggest discounts are also the ones which are less reliable or have worse reviews.

It's (currently) on the third page of InvestBox:


That video explains nothing, other than repeating that you can earn 7% a day and it is entirely risk free, which we know is a lie.

Why would the onus fall on the community to clean up after YoBit? If you want your signature campaign not to be banned, it is your responsibility to police it, not ours.

I for one had never heard of "InvestBox" before yesterday, and there was no warning or notice given to anybody, yahoo62278 included, before YoBit change the signature. Regardless, again, it is our responsibility to vet projects on behalf of spammers. If you are going to advertise a product, it is your responsibility to find out what you are advertising.

Thanks for the explanation regarding InvestBox, and having looked in to this a bit more, I agree with your statement I have quoted. I created an account on YoBit to try to find out more about this "X10" token. It's very first trade was on the 19th of this month (so 4 or 5 days ago), where over 1.2 billion tokens (worth over 61 BTC) suddenly materialized out of nowhere. There is no possibility to deposit or withdraw this token, and you are met with errors if you try to do either. There is no information regarding a blockchain, contract address, or anything of the like. This token was created out of nothing by YoBit and is being sold to "investors" for BTC. Even if they pay out 10% interest of their token as they claim, "investors" will be massively out in terms of BTC. This is a downright scam.

Neither gambling sites or mixers advertise guaranteed risk free returns of 10% daily. They are in no way comparable.

Except they aren't giving them away. They are selling them to people for BTC, and then keeping the BTC for themselves and paying the interest in more worthless tokens printed out of thin air that will never be able to be sold.

To everyone asking for theymos'/yahoo62278's/mods'/etc approval: Take some damn responsibility and think for yourself. You want all the money of advertising this scam without any of the repercussions that come with it. If theymos told you to go and take out a loan and not pay it back, would you do it?

Google reviews are easily and frequently manipulated. There are people who sell this as a service using bots and multiple accounts, either hacked or created solely for this purpose. For not much money, certainly far less than a successful scam app might make, you can purchase multiple fake positive reviews, just like you can buy Facebook likes or comments, Twitter likes or comments, forum posts, bumping services, and so on. You shouldn't be trusting Google reviews to tell you what's safe to download.

Don't trust. Verify.

That's pretty much the point. No one understands how it works because they purposefully give no details. All they do claim is that it definitely isn't a Ponzi (because everyone knows projects which aren't Ponzis have to declare in capitals that they are definitely NOT Ponzis).

Even ignoring the points regarding many of their offered investments being shitcoins, they have offerings for BTC of up to 1% daily or 15% weekly. They also claim "it's 100% safe". This is categorically not possible.

Only your master private key is linked to every address in the wallet. Individual private keys are only linked to a single address.

The words key and address are not synonymous. There is no such thing as a private address, and public keys and public addresses are two different things.

Only if they have been converted to Wallet Import Format (WIF). A private key is more generally though of as a 64 character hexadecimal string.

Actually, the 256 bit number known as the seed number is randomly generated. The words are very specifically calculated in order to encode this number.

It should absolutely be permanently offline. As soon as your seed phrase has touched an internet enabled device, you should consider it compromised.

I'm going to quote a post I made a month ago around the time of the Black Friday deals below. The TL:DR is that you should absolutely not use Cyberghost VPN, and VyprVPN don't have a great track record either.

NordVPN also have a Christmas deal on, but I can't vouch for their password manager app which is included.

Just because an app is from outside the play store doesn't automatically mean it is untrustworthy, and similarly, just because an app is from inside the play store doesn't make it safe.

Google are pretty bad at screening apps before they are published on the play store, and we frequently see apps with either malware hidden in them or apps designed to mimic another (such as a fake wallet app) showing up and being downloaded. There was a user on here a while ago who had their seed stolen because they installed a custom keyboard app from the play store, which recorded everything they typed and sent it back to the scammer who developed it. Similarly, if I'm installing Electrum (for example), and choose to download and install the APK myself from electrum.org, that doesn't automatically mean it's more likely to be malicious.

The better advice is to not install any app unless you absolutely must. Apps which give you sparkly keyboards, or fancy wall papers, or silly mobile games, are completely unncessary. One of the top apps on the Google play store right now is an app that takes a photo of your face and makes you look like an elf. Completely pointless, and every additional app you download and give permission to is an additional security risk.

Based on what? Do you have any evidence or proof of payouts?

So what you are saying is if you deposit anything with actual value, it is likely to get stolen? So in what way is this "legitimate"?

There is no investment program in the world which can promise returns of 10% a day whilst also claiming to be "100% safe". This is a scam.

Can anyone shed some light on this "InvestBox"? This is all the information I can find on their website:

This is all the information they provide. It's definitely not a Ponzi, it's from a "special fund", but with absolutely zero details as to what this "special fund" is, or how it is able to generate profits of 10% per day, which is obviously nonsense.* Also, how can an "InvestBox" change to "no coins" and yet still be able to pay out? This has all the hallmarks of a Ponzi.

Furthermore, the only thing I can find regarding this "X10" token is an announcement from bitcoin.com's forums here. (Warning: bitcoin.com is a known scam site designed to trick newbies in to buying a trash altcoin.) See the following quote:

So as far as I can see, YoBit are advertising a Ponzi scheme built on top of a pyramid scheme. Please someone correct me if I'm wrong, but users should really think long and hard before applying this new signature.

---

*10% profit a day could turn $100 in to over a million dollars in 3 months, and over two billion dollars in 6 months. Obviously bullshit.

Sure, in most cases it would be a "soft brick", which would be recoverable provided you are able to flash the stock OS back on to the phone. However, I wouldn't claim that there is no conceivable way that it could be hard bricked and unrecoverable. I'm sure there's someone out there who could mess up badly enough.

It is, partly. It is developed by a consortium of developers know as the Open Handset Alliance, of which Google is the largest member. Once development of a new version is completed, it is published to the Android Open Source Project, which as the name suggests, is open source.

There are multiple projects which build upon the open source code, and end up with a more privacy or security focused product. Examples include GrapheneOS and LineageOS, which you mentioned.

Yes. You will find instructions for how to do so on their respective websites: https://wiki.lineageos.org/devices/ and https://grapheneos.org/install.

Be aware that doing so is not without risk. It is possible to brick your phone if you make mistakes while installing a custom OS.

Yeah, SearX is the way to go if you find other search engines' results to be inadequate, or are "addicted" to Google. You can edit your preferences and configure it so it will simply search Google on your behalf and return the results to you, but stripped of all tracking cookies and without sharing your IP, browser fingerprint, or other identifiable information.

Exactly. He obviously knows referral links are against the rules, so he's taking deliberate steps to evade the rules and trick users in to unknowingly click on his links.

Anyway, I reported a bunch of his posts for breaking the "advertising in other users' theeads" rule, and they were all trashed.

I also reported one of his topics for being both insubstantial advertising and linking to referral link spam, and it was also trashed.

So it seems there is at least one mod out there who agrees with my initial post. I am therefore going to continue to report this kind of nonsense when I see it. Hopefully other mods also agree; wouldn't want to lose my 100% reporting score.

Opera's VPN, like most free or built in VPNs, is a terrible choice. Using it makes your privacy worse, not better. Using it redirects all your internet traffic via Opera's servers, and they monitor all your traffic and collect and sell your data to third parties.

If you aren't paying for a service, then you are not the customer, you are the product. Free VPNs are spying tools. A good VPN costs only a few dollars a month.

Not necessarily.

When a node receives the details of an unconfirmed transaction, it adds it to its memory pool. Default behavior of nodes is to reject a transaction if it conflicts with another transaction already in their memory pool, and flag it up as a potential double spend. These nodes will essentially keep whichever transaction they saw first, regardless of the fee. They also won't broadcast this conflicting transaction to other nodes, therefore impeding its dissemination through the network.

One of the two transactions will arrive first at the miner which will mine the next block. This can be down to various things, such as which transaction was broadcast first, which node or nodes it was broadcast to, and luck. Provided it has an acceptable fee, then it will be mined first, regardless of what fee the other transaction has.

If a user chooses to award most of their sMerits in one board (as many non-English speaking members do for obvious reasons), then that is their choice, but there is no such thing as a "merit source for the bitcoin discussion board", or any other board for that matter.

I completely agree with your points regarding freedom of speech, but freedom of speech doesn't include freedom to disrupt and derail. I'd never dream of trying to have posts deleted or users banned simply because they are expressing unpopular opinions. The whole point of freedom of speech is protect unpopular opinions; popular opinions don't need protecting. I'm sure you've seen the relevant XKCD which explains it well. However, CH/TOAA (as an example), has literally been posting the same nonsense regarding trust/merit/gangs/inner circles/etc. for over a year now. Any thread remotely related to merit or trust, he shows up with the same wall of nonsense, and the thread is rapidly derailed. I don't know of anyone who has reasonably defended that, or possibly could, as "not trolling".

Furthermore, the most commonly broken rule is subjective too. Who decides what is low value or uninteresting? Why enforce the spam rule but not the trolling rule?

Accident is at 1:19, written down the y axis of the graph on the TV.

Slab is at 1:32, just where it cuts from the close up of the guy's face back to the graphics, and there is like brown smoke/clouds all over the screen, near the bottom left. It is only on screen for 2 frames.

If you use the "," and "." keys, you can scroll a paused YouTube video forward and backwards a frame at a time. That's what I did to find them all.

Detecting most scams is easy. Plagiarized websites, plagiarized whitepapers, fake teams, stolen pictures, Ponzi structures, ridiculous giveaways, fake Facebook/Twitter/Instragram/whatever profiles, etc. Once you've been active for a few months, you will be able to pretty rapidly get a good idea of what is a scam and what isn't within 20 seconds of reading their thread/website. The community are pretty good at detecting these things early and putting warnings in the relevant places. The problem is that people don't care. They do no research in to either the project itself or in to the reviews for said project. Time and time again we see people complaining that they lost money on scams which have already been outed on this board, or to users with walls full of red trust, or to some shady exchange or mixer that they found via Google, or some cloud mining nonsense, the list goes on.

Avoiding scams is also easy. If you want to use a new service, website, or exchange, that you haven't used before, look on here or on reddit for reviews first. Don't use something brand new or without positive reviews you are sure are from real users. If you want to trade with a user, insist on using a trusted escrow unless you are absolutely sure you can trust them. If you want to invest in an ICO, just don't.

Yeah, I had tried that too.

Anyway, here is the actual seed:

Which led to this address: 3JeVd5ALNDvn7BbkqLYfV4qeQ16guPwJD2

For a win of $1,000.

Turns out I was on the right track though, and I had all the correct words (minus the two spare ones). The guy who won it also couldn't figure out the order on his own, and wrote a script (available here: https://github.com/AlexSSD7/Ledger-Xmas-Contest-Victory) to check all the possibilities for him. Perhaps there was no way to determine the order from the video? I was going to be pretty annoyed that he had beaten me by a few minutes, but it turns out from Twitter he actually claimed it yesterday, Ledger were just a bit behind in announcing it.

Anyway, that was a fun challenge. Would be cool to see more things like this in the future.