This is why I truly believe in having multiple wallets to store your funds. Agreed. I use a mobile wallet for a few hundred dollars worth of bitcoin, which I carry around daily. I know it is far from being secure, but it's an amount I can easily afford to lose and an amount I would happily give to an attacker to prevent any physical harm to myself. The amount in that wallet is in no way linked to my main cold storage via blockchain analysis. My various cold storage wallets are also in no way linked, are of various types (hardware, paper, old laptop which has been airgapped), and are all stored separately.
|
|
|
It looks like the $5 wrench attack came up a few times as well. Easiest way to avoid that would be multisig. Spread those keys across the land. If someone holds you up until you give up your private keys, you can't. Obviously the best way to mitigate a wrench attack is to maintain your privacy wo you don't become a target, but I've often wondered what the best way to survive it would be provided the attacker has already overcome that first step. Unless they know for a fact your wallet set up (which is incredibly unlikely), then there is no real difference in using multi-sig and just telling them you are using multi-sig. However, if they are willing to physically attack you for money, is having everything you own locked away in multi-sig wallets really the best way to go? Perhaps you actually want to have some bitcoin available you can hand over for your own sake. Also, there's nothing really stopping them from forcing you to tell them where you've stored all your multi-sig keys instead of the keys themselves.
|
|
|
mBTC is garbage because, it has both non decimals and decimals. So do most fiat systems, and no one has issues discerning the difference between $1.50 and $15. You cannot push a BIP over something that can and WILL change and is outside of Bitcoin to begin with. Who said anything about a BIP? I even agreed Satoshi is likely to become the denomination of choice in the future. I'm not trying to force anyone else to use mBTC, simply stating that I find it the easiest denomination to work in at current prices. If my internet wasn't garbage i would show you pictures of prices. Restaurant menus, shops, everything is expressed like satoshis, now that my currency is 75% the value of a satoshi. And I could show you similar pictures or screenshots of sites with prices in mBTC. Each to their own. The only time I personally use sats is when talking about fees.
|
|
|
This guy sounds like an idiot.
According to the article, he had "long been obsessed with the value of privacy".
And yet, he has a very active twitter account with over 200,000 followers. He posts pictures and videos of himself on his twitter account. He has a onename page that links to his twitter, his Facebook, his LinkedIn, his Instagram. He has a car license plate that said "BITCOIN". He didn't even use a VPN. He is so desperate to live privately, that he gets a story about himself published in the New York Times.
If you actually want to be anonymous, this is not the way to do it.
|
|
|
So for this attack to be successful, an attacker would need the technical knowledge to build such a device, shrink it to a size that would fit inside a USB cable, physical access to my house to switch out my USB cable without me knowing about it, wait for me to use my device, and then physical access to my house a second time to retrieve the altered USB cable with the data stored within? Surely if they have both the technical knowledge and the physical access to do all that, it would be far easier for them to just install a hidden camera to watch me type in my PIN? This isn't a vector of attack I am going to be getting too worried about. ![Tongue](https://bitcointalk.org/Smileys/default/tongue.gif)
|
|
|
I prefer denominating things in mBTC for the time being. BTC is too large for small USD values, and sats is too small for large USD values, whereas mBTC lies somewhere in the middle. USD | BTC | Sats | mBTC | $1 | 0.000094 BTC | 9,400 sats | 0.094 mBTC | $10 | 0.00094 BTC | 94,000 sats | 0.94 mBTC | $100 | 0.0094 BTC | 940,000 sats | 9.4 mBTC | $1000 | 0.094 BTC | 9,400,000 sats | 94 mBTC |
Try saying all of those out loud. Zero point zero zero zero zero nine four is awkward, as is nine million four hundred thousand. mBTC is (at current prices) the most easily workable denomination, and also avoids having to count zeros, which you have to do when dealing in BTC or if someone doesn't include the commas in satoshi. Satoshi could well become the denomination of choice in the future, but at the moment, I think mBTC is the easiest to work with both visually and verbally.
|
|
|
I wonder- what could be the possible fine by GDPR of losing custoers data, or it does not work with theft ? Theres certainly a precedent for it, and a very recent one at that. Just last month, Marriott International (the hotel chain) were handed a fine of over $120 million after hackers stole the personal details of several million customers. A few days before that, British Airways were fined over $220 million after a similar hack and security breach. The GDPR allows a maximum fine of up to €20 million or 4% of annual turnover. The hacks above involved hundreds of thousands individuals, though. If Binance were fined, i would suspect it would be a much lower sum.
|
|
|
On Wednesday, a Telegram group created by an admin under the pseudonym “Guardian M” distributed hundreds of images of individuals holding their IDs and pieces of paper written with “Binance, 02/24/19,” alleging that the data presented was hacked from the exchange.
So much for Binance's initial statement that "they all appear to be dated from February of 2018." ![Undecided](https://bitcointalk.org/Smileys/default/undecided.gif) I'm obviously not going to link to them, but you can view the pictures online. All the ones I've seen are dated 24th February 2018. All the other articles I have read also say 2018. I suspect this is just poor reporting by coindesk. There are also a couple of articles which say that all these photos are from Binance phishing sites. It seems a number of Binance users were previously emailed to say their account was locked, and they were required to upload KYC documents to unlock it, along with a link in the email to a phishing site. Binance's statement on the matter is far from reassuring though. It sounds like they have no idea whether or not they were hacked, or how it might have happened. I'm a strong advocate of never doing KYC for anything crypto related, and this is why.
|
|
|
So if binance can get hacked being the biggest exchange out there with top notch security. How do we know they have "top notch security"? Has there been any independent audits of their security practices? Have any external experts reviewed their security set up? We only have Binance's own word to go on, and they are hardly going to come out and say "Hey guys, out security is pretty questionable, but it's not our KYC documents so we don't care." This is some mental gymnastic nonsense. They say they haven't been hacked because the images don't contain their watermark. Then in the next paragraph, they say the images came from a time when they were using a third party to process KYC, which wouldn't be applying Binance's watermark in the first place. They call the leak "fake", but then offer 25 BTC for any information regarding it. It sounds like they don't really know what's going on. There are, however, some suggestions floating around that these documents may all have come from a Binance phishing site, which told users their account was locked until they uploaded KYC documents. If you have ever completed KYC on Binance, then you should consider doing the following as a minimum: Place a fraud alert on your credit report. This is free to do. This will flag up to any third party which is approached for a loan or credit in your name, and should prompt them to contact you before extending said loan or credit. Keep a close eye on your credit report. Anything which shows up there which you didn't initiate yourself is a major cause for concern. Dispute these with the bank or lender involved as well as with the credit agency. Keep a close eye for suspicious activity on any of your accounts, such as attempted password resets or address changes.
|
|
|
Under "Pro" for a custodial wallet, you write: Centralized authority allows easy recovery if you forget your access password or some how lose access to your wallet Be aware that his is also a con. If they can reset your password for you, they can reset your password for anyone else as well. A little bit of social engineering or an email hack may be all an attacker needs to convince the third party to let them in to your account. Talking about your phone/computer being infected with malware - this is one of the main benefits of a hardware wallet such as a Ledger or Trezor. You can use them safely even on infected devices without the risk of your private keys being exposed. They also force you to confirm any transaction on the device itself, which helps to mitigate against clipboard malware (provided the user is following the proper steps and double checking the address). You also don't mention that many third party and custodial services, including both wallets and exchanges, turn out to be complete scams, and will disappear with your coins and there is nothing you can do about it. Speaking of scams, I would be careful about recommending freewallet. There have unresolved scam accusations against them, couple with active negative trust and warning flags. See here for more information: Freewallet.org is a fraudster who cheated me out of 15.2BTC.
|
|
|
But after 100+ reports don't you think some action should be taken? I completely agree, and have talked about this before. Half of the spam posts are machine generated or text spun plagiarism. They can generate new posts in less time than it takes to report them. Reporting starts to feel like banging your head against a wall, when for every post you get deleted the spammer makes 3 more, and we don't actually take any action against the account. It's just a never ending game of whack-a-mole, when we should just be unplugging the machine at the wall. Seeing the same name pop up on your report statistics again and again is frustrating, to say the least. I'm starting to think that having a set number of posts deleted within 30 days should prompt a manual mod review of your account for consideration of an escalating ban.
|
|
|
That is what I always thought myself, but now the big concern we have to contend with is that the IRS is jumping in front of Bitcoiners and saying they want a piece of the action. This is by no means unique to bitcoin. The IRS want to stick their noses in everything. Bitcoin may seem different since it is actually a currency in its own right, but since the IRS class it as property, it will be taxed as property. Let's say we are trading basketball cards. I swap you a rare Kobe Bryant card for a rare LeBron James card. No fiat changes hand. No values are even discussed. As far as the IRS is concerned, we both sold our cards to the other person for fiat, and then used that fiat to immediately buy the other person's card. We both owe taxes on the capital gain made, which is the difference between what we bought the card for originally, and what its market value was when we traded it to each other. Do people report such trades and pay taxes? Largely no, but there is no publically accessible ledger of all basketball card trades.
|
|
|
Because one wrong character or number in adress and your lovely bitcoins are gone forever That's not true. Bitcoin addresses contain a built in checksum, so if you accidentally change a character or two, the checksum will not match up. You will almost certainly end up with an invalid address which your wallet will not accept. The chance of generating a valid but incorrect address from a typo is about 1 in 4.3 billion. You can read more about it here: https://en.bitcoin.it/wiki/Address#What.27s_in_an_address
|
|
|
You can have a look through all of Satoshi's writings here: https://satoshi.nakamotoinstitute.org/And you can also have a look through all of his forum posts here: https://bitcointalk.org/index.php?action=profile;u=3As far as I can tell, he never directly mentioned taxation. Tax is mentioned briefly in a couple of the early email chains between Satoshi and people like Hal Finney and Ray Dillinger. I'll paste the relevant sections here: I know the same (lack of intrinsic value) can be said of fiat currencies, but an artificial demand for fiat currencies is created by (among other things) taxation and legal-tender laws. Also, even a fiat currency can be an inflation hedge against another fiat currency's higher rate of inflation. But in the case of bitcoins the inflation rate of 35% is almost guaranteed by the technology, there are no supporting mechanisms for taxation, and no legal-tender laws. People will not hold assets in this highly-inflationary currency if they can help it. In the modern world, no major government wants to allow untracable international financial transactions above some fairly modest size thresholds. (The usual catch-phrases are things like "laundering drug money", "tax evasion", and/or "financing terrorist groups".) To this end, electronic financial transactions are currently monitored by various governments & their agencies, and any but the smallest of transactions now come with various ID requirements for the humans on each end.
|
|
|
What do you guys do while you wait? I usually look up the transaction ID in a block explorer to confirm that it has been broadcast and all looks as expected.* If it does, then we're all good. As long as you double check your address and amount before hitting send, you have nothing to worry about. A hardware wallet might help you with this if you don't already have one, since the address and amount are displayed on its screen, and you have to confirm them there before the transaction will send. Why do you get concerned about the wrong address? If you are typing it by hand, know that if you make a small mistake, you will almost certainly end up with an invalid address, which your wallet won't let you send to. If you are copy and pasting it, then you are only at risk if you have clipboard malware which will change the address (usually very noticeably) to a different one. As long as you double check the address you have entered with the one you want to send to as I said above, you will be safe. *I prefer blockchair.com or blockstream.info, since they both support Segwit addresses and both show fees more accurately in vBytes rather than bytes.
|
|
|
So if you have the money you have the power, you can even get a stadium wearing your name the 'o_e_l_e_o stadium' or the 'o_e_l_e_o Premier League' Time to start collecting donations! Perhaps we could rename it Oeleold Trafford. ![Grin](https://bitcointalk.org/Smileys/default/grin.gif)
|
|
|
It's not an altcoin, but rather an exchange. I've never heard of it either, but the news is legit - here is the press release from Newcastle United's website: https://www.nufc.co.uk/news/latest-news/stormgain-named-official-sleeve-partner/I'm curious as to how much vetting or otherwise football clubs and other sports teams do of their sponsors, or do they not pay too much attention provided they can pay the appropriate fee? The stormgain.com domain was only registered a few months ago, and they are based in Seychelles. I can find very little in the way of reviews or feedback online about people using it successfully. They are not listed on any major crypto site. I can find no data on their volume or number of users. Can Newcastle United say for sure this exchange isn't a scam?
|
|
|
Why do we have so many formats of address. Because new developments are made. We can't just force disable all legacy addresses, and we similarly can't force exchanges and other online services to start using bech32, even though it is strong encouraged to do so. It is so difficult first figure out which exchange or wallet uses what and then act. If you are confused about which type of address to pick, the safest option is to pick a "nested SegWit" address (which you will sometimes see written as P2WPKH-P2SH, P2SH(P2WPKH), P2WPKH-in-P2SH, or a similar combination). These addresses always start with a 3, although there are other types of address which also start with a 3. These address give you some of the benefits of SegWit (somewhat cheaper fees), but maintain full compatibility with all online exchanges and services. I've never used a Bech32 address and I've never seen any service I use offering one either. I am almost exclusively using bech32 addresses. Occasionally I still have to use a nested SegWit address for a service which won't let me withdraw to a native SegWit address, but as soon as I spend those coins, I redirect all the change to a bech32 address. No reason not to take advantage of cheaper fees.
|
|
|
The listed mod for that board hasn't been online since March, so maybe something needs sorting there first and foremost. ... At the very least, I think a rule should be introduced (and enforced) that you have to include your own thoughts and opinions on the subject to accompany the article itself. And not just a basic one-liner asking what other people think, either. Yes and yes. But I agree with DooMAD we should not go in that direction, censorship is the worst solution. If you look at the Bitcoin press hits, notable sources thread, which was the precursor to the Press board, jgarzik uses the following phrase (emphasis mine): "notable" is a loose definition that just means exercise common sense: a mention from a blogger with 1000 hits/month is not notable, nor is your average forum post, nor is anything that gives an obvious impression of bitcoin community self-promotion. I'd say sites like CoinIdol and CoinTelegraph pretty clearly fall under the category of "bitcoin community self-promotion". Sites which are entirely dedicated to churning out (poor quality) content about bitcoin or other cryptocurrency are not a "notable" place for an article about bitcoin to show up on. I'm on the fence with blocking crypto-related sites. I'd say treat it on a case-by-case basis. They're not all as dismal as CoinIdol. I actually wouldn't have an issue with articles from CoinIdol or similar showing up, provided they were of high quality, showing up infrequently, posted by genuine users, and sparking genuine discussion or debate. However, as it stands, one spammer who is presumably being paid by them just floods the board with every non-news, factually inaccurate, piece of word salad they churn out.
|
|
|
|