So I take it that delays with depositing and/or withdrawing coins were the main problem then?

I usually stuck with trading the major coins like PPC, LTC, DOGE, and BTC on Cryptsy and only deposited BTC so perhaps my experience with them was better compared to others.

I would think that an encrypted wallet with a strong enough password should still be secure even when stored on the cloud although obviously it's not as secure as keeping it completely offline. Even if an employee from the hosting company found your wallet and attempted to crack it, your coins should still be safe if your password is strong enough.


I don't think that link accommodates dictionary attacks though. Putting "hello my name is" shows that it would take 2 billion years to crack it and "good morning" gives a result of 546 years. Obviously, neither of these are true.


Wifi passwords are notoriously easy to crack. I believe even WPA2 can be cracked in a few days. The underlying AES encryption standard is pretty secure but there are workarounds and vulnerabilities which can reduce the effort required to crack these passwords significantly.


Ah... You're right. Didn't realize it varied so much. The 50,000 figure was from a laptop I had a while ago performing SHA-256 decryption. Although I guess I should have realized it since the no. of encryption iterations and method of encryption used varies between different programs.

There are advantages and disadvantages for both. One big advantage of using a microwallet service is that you can cycle through dozens of faucet sites either manually or by using a faucet rotator and quickly reach the payment threshold within an hour or two.



This is definitely true. Newbies who use faucets should understand that faucets are not a good way to get BTC. If you want to play around with faucets for the experience, then there's no problem with that. I did the exact same thing myself. But in any other setting, spending a whole day clicking on faucets just to make 10 cents is a terrible use of one's time.

There are ways to get more significant amounts of BTC from faucet sites however. If you happen to own a successful and highly popular faucet such as Freebitco.in then you would get a lot of money from advertising revenue. Or if you own a successful blog or website then you can add an affiliate link and get a steady stream of BTC from referrals. But these options are probably beyond the reach of most newbies.

Hmm... I superimposed the two lines together after July 2012 and this is what I got:



So it looks like there was a tiny trickle of coins still being slowly lost after July 2012 but most of the damage appears to have taken place between July 2011 and July 2012. After around early-mid 2013, the lines are almost perfectly aligned.


I'm not sure if it would be possible to hide that much money. Mixing probably wouldn't work since the amounts involved are so large. I remember someone tried to mix a ton of stolen coins through Bitmixer and it didn't work because the coins that came out were still 99% his.

And because of this, trying to convert the coins into fiat would risk exposing the culprit's identity. If whoever is responsible kept most of it in cold storage and mixed their coins in small batches then it could conceivably work although it would take a very long time. Techniques of analyzing the blockchain are getting better and any developments in the field can be applied retroactively so the thief will always need to stay one step ahead to avoid being caught.

And that's assuming that the thief isn't Mark Karpeles or someone closely associated with Mt. Gox. If they were, then any attempt to cash out the stolen coins would be instantly noticeable and I doubt they would be so dumb to even attempt it.

Where I'm from (New Zealand), the major traders on LocalBitcoins accept only cash deposits without ID. If you want to send fiat via online banking, you have to submit proof of ID to prevent the risk of chargeback fraud/stolen bank details. After submitting these, you can then trade without the need for further verification up to a certain amount. Of course, all of this is not needed for trades that occur in person.


I don't think the OP was suggesting that the site itself was a scam. LocalBitcoins is just a neutral platform that allows buyers and sellers to connect with each other. Scams can happen on LocalBitcoins just like the way scams can happen on eBay or Bitcointalk.


They have escrow for BTC only. It's mainly to minimize the risk of the person who receives the BTC from running off with the coins before the trade is complete (and also probably because a fiat escrow is unworkable for OTC trades anyway). Hence the responsibility of ensuring that the trade is successful is up to the person receiving the fiat.

Faucets wouldn't work under Tor anyway, since they usually rely on IP addresses to prevent abuse.


It shouldn't be easy to get malware when browsing Tor if you follow the usual precautions - i.e. turn off JavaScript and any plugins such as Flash, don't download files to your PC unless you're certain it's safe, etc.


He isn't guaranteeing that. He said in an earlier post that out of the 15,000 links, about 4,000 are active and working. The list is probably a few months old.



To be fair to the OP, a list that is manually compiled and curated could be worth more than one that is automatically compiled using a script. I have no idea if OP's list is any good or not though, so I'm only just speculating.


A script? You mean like a PHP script for a directory or just an office document? I might be interested if it's a PHP script for a web directory with preloaded and editable entries.

I don't think the fact that he chose to launch his coin using a newbie account proves that he is a "sockpuppet master". He could have had many sockpuppet accounts, or he might not have had any. It's not something that is known at all.


Litecoin might not look very innovative today but it actually achieved quite a lot when it was first introduced.

Before Litecoin, there was Tenebrix. Tenebrix was an innovative coin because it was the first to use the Scrypt algorithm which was resistant to GPU mining at the time. This meant that while Bitcoin mining was dominated by those who had the money to afford massive GPU mining rig setups, those who still had "normal" PC systems could now choose to mine an alternative currency which didn't yet have GPU miners pushing everyone out of the competition. Unfortunately, Tenebrix was a premined buggy failure based on the already very buggy Multicoin. In response to the premine, coblee decided to fork Tenebrix to create Fairbrix which wasn't premined but still a buggy failure (since it was based on Tenebrix which was based on the very buggy Multicoin). So then he decided to start from scratch by forking Bitcoin directly and incorporating all of the innovations that Tenebrix and Fairbrix introduced and thus Litecoin was born.

Technology-wise, Litecoin doesn't do anything that the now hundreds of other altcoins can't do, so you're correct in this regard. But you could say the exact same thing for Bitcoin as well. What does Bitcoin do that Catcoin doesn't? Or Flappycoin? Or Pesetacoin? Or any of the other 1,000 or so Litecoin and Bitcoin clones out there? Well, the answer to that can be found by not looking at the technology but the community. No other coin has the same infrastructure, the same network hashrate, the same security, the same volume, the same startups which aim to develop services on top of it, the same numbers, the same brand recognition, the same media exposure, the same exchanges which support it, or the same network effect.

Litecoin is no. 2* because it is the original altcoin**. Bitcoin is no. 1 because it is the original coin.

*Not counting Ripple since the dynamics behind LTC and XRP are completely different.

**Not counting altcoins which existed before it since pretty much all of them are dead and irrelevant. Think of Litecoin as being the "original" second child and other altcoins like Dogecoin and Catcoin as being the third, fourth, fifth children, etc.

Other responses have been pretty accurate so far. The only other thing I'd like to mention is that the passphrase or password that OP describes should not be confused with a NXT passphrase or a Bitcoin brainwallet passphrase. For the latter two, a far higher level of security is required since you are dealing with not just a single attacker but dozens and possibly hundreds of attackers distributed all over the world using precomputed rainbow tables which can crack wallets in a manner that is not computationally expensive.

For the typical wallet password you might use to unlock a Qt or Electrum wallet, 12-20 random characters with a combination of uppercase and lowercase letters, numbers, and symbols is usually considered to be sufficient for the short to medium-term future. Keep in mind that Moore's law* states that computing power will double every 18 or so months so a password that is considered sufficient today might not be sufficient 20 years from now.

For a NXT passphrase or Bitcoin brainwallet passphrase, you really don't want anything under 30-35 characters in length and 50+ character passphrases are usually recommended. Mine, for instance, is 560 characters in length with uppercase and lowercase letters, numbers, and symbols.

*Yes, I'm aware that some predictions show that Moore's law is slowing down and will cease to remain true in the future but that's just hypothetical at this stage and beyond the scope of this thread.

EDIT: And for those who say that you shouldn't use words, this is mostly true. However, a sufficiently long and randomly generated list of words from a large enough pool should be uncrackable by any brute force method. Some people might find a list of English words to be more memorable compared to traditional passwords. Electrum uses this method, and so does NXT. And while these programs use 12-13 words to generate their passphrases, a lower number (e.g. 10 words) might be sufficient for encrypting a wallet.dat file.


1,000 guesses per second isn't a good assumption given that a.) the comic assumes that you're target is a web service, and b.) modern computers are capable of better speeds than this anyway. I think an ordinary computer is capable of 50,000 guesses per second.

It is possible to promote voluntary regulation in a decentralized ecosystem. NXT attempted it with their NXTinspect auditing service, for example.


I didn't write it so I'm not sure what it's supposed to mean. It does seem very strange that NEM is listed as being BTC compatible but NXT isn't. At first, I assumed it might have something to do with being based on Bitcoin's blockchain but there is another column which describes that. Hmm... Perhaps it has something to do with the fact that dividends can be paid out in BTC as opposed to the native currency? That's the only explanation I can think of.


Unfortunately, it's not quite as simple as that. Note that all the exchanges listed on that page are pretty much closed ecosystems and don't really interact with any other cryptocurrencies except for themselves. You can't really buy bitcoins, litecoins, or USD on the NXT asset exchange (or any other distributed asset exchange for that matter) because the assets listed there are really just bitcoin, litecoin, or USD IOUs. This is a big and very complex problem that we are only just beginning to solve. Check out automated transactions and atomic cross-chain trading for the beginnings of what a future decentralized altcoin exchange might look like.


This is indeed a very real danger. ReserveShare for an example was a scam asset that was supposed to represent shares in a new altcoin but actually represented nothing. There are other similar scammy assets on the NXT asset exchange as well. The lack of regulation means that anyone can create their own asset with a misleading name and description. Hence the reason why you might see assets for Facebook, Apple, Gold, or a fake copy of an existing genuine asset, despite none of these assets representing anything.

Fortunately, NXT did implement a few measures to counteract this problem such as removing the ability to search assets by name, not listing assets by default, only displaying assets by inputting the asset's ID, and also by imposing a 1,000 NXT fee for asset creation. Even so, it's not foolproof. The best way to avoid scammy assets is to do your research and check out the asset in question before buying and also to read what other people have said about it on forums such as these.

EDIT: I'm only using NXT as an example because it's the platform that I'm most familiar with. Similar measures could probably be applied for any other crypto asset platform out there.

Check out this link if you're interested in decentralized asset exchange platforms:

http://o.info/How_to_issue_a_cryptosecurity

There are many such systems in development, although most aren't widely used. Some of the more popular ones include NXT, Counterparty, Mastercoin, and BitShares.


And before that, NXT also implemented colored coins representing assets via their Asset Exchange.

Both fit the definition of colored coins but are intended to be used for different purposes. The monetary system can be used to represent fiat-backed or commodity-backed tokens, reward points and loyalty points, etc. The asset exchange is typically used to represent shares in a company. OP's request probably fits the latter more so than the former even though their functionality overlaps to a significant extent.

It all boils down to activity. Remember that you can get up to 14 activity for every activity period that you post in. A single activity period is roughly 14 days in length. So for instance, an account that has made only 100 posts but has posted in 10 activity periods has the potential to reach 10*14 = 140 activity in just a single day (or less) by making 40 more posts. Such an account would appear to be just a member but may also be marketed as a potential full member to reflect the fact that the buyer won't need to wait very long for the account to reach full member status.

I haven't used FaucetBOX but I've used Microwallet.org and Bitchest.me and if they are any similar, then what happens is you submit your normal Bitcoin address to the faucet. The faucet then sends satoshis (typically a few hundred satoshis) to Faucetbox. The reason why it can't send these satoshis directly to you is because the Bitcoin network enforces a minimum transaction size of 5,430 satoshis. Instead, by entering your normal address on Faucetbox, you can see how many coins were sent to your account from the various faucets that you used. After Faucetbox collects enough satoshis from these faucets for a proper transaction to happen (typically 5,430 satoshis but this might be changed to a higher limit), it will finally send these satoshis to your actual Bitcoin wallet.

I've always found Cryptsy to be a very reliable exchange with quick deposits and withdrawals. I've heard that they had some issues regarding NXT withdrawals which would be delayed for days but I believe the problems were attributed to the fact that NXT's code is very different from Bitcoin and most other altcoins. I've also heard that this problem has been fixed although I continue to use other exchanges like Poloniex for anything NXT-related.

Other than that, the only other criticism I can think of is that they have a lot of low-quality altcoins (or more specifically, scrypt coins based on Litecoin with little innovation) which were popular in 2014. The fact that they stake PoS coins and receive profits from doing so is something that all other exchanges do and isn't unique to them.

I've heard them being referred to as "Craptsy" which is puzzling because I can't think of any other exchange which gets as much hate and criticism as Cryptsy does. Also, it's rare to find an altcoin exchange which hasn't even been hacked at least once in its life so they must be doing something right security-wise. Can anyone shed some light on why Cryptsy gets so much hate around here?

It's obvious that there are many people out there who would not return money that was mistakenly sent to them. It's also possible that you could accidentally send coins to an address that is no longer maintained but is still valid. e.g. a defunct exchange's deposit address.

As for your second point, I don't mean a typo, hence the reason why the title is "miscopied" rather than "mistyped". I understand that there is a checksum which prevents sending to an invalid address. The scenario which I had in mind was sending to a valid but inappropriate address. For example, if I owned a business with a list of customers and I accidentally copied Bob's address instead of Bill's. Then the coins that should have been sent to Bill would now be owned by Bob. If Bob was a nice person, then he would send the coins back to me or alternatively, to Bill. But there is no guarantee that Bob is a nice person.

That screenshot looks very much like Bittrex which is one of the major altcoin exchanges. Here is a link to their BTC-BTCD market:

http://bittrex.com/Market/Index?MarketName=BTC-BTCD

Now, to answer your question, there is really no such thing as a "best altcoin exchange" since it's highly subjective. One person might prefer exchange A over B while another might prefer exchange B over A. My personal favorite is currently Poloniex, and Bter before their hack. I like Cryptsy too although I've heard that they can be slow to process NXT withdrawals (not sure if that's been fixed) so I usually stick with Poloniex for anything involving NXT. I understand Cryptsy gets a lot of hate around here for some reason but I've found them to be quite reliable so far.

I found this rather interesting post the other day in a thread discussing Novacoin, an early proof-of-stake coin:


Link: https://bitcointalk.org/index.php?topic=143221.msg1518745#msg1518745

Now I'm not saying that MarkM is BCNext because his other posts are quite critical of NXT and PoS-based systems but it's interesting to see that at least one other person had essentially solved the same problem of how to distribute a pure PoS currency before BCNext put forth his solution in October 2013 when he announced NXT.

Which leads me to wonder;

Was NXT really the first coin to use the IPO which has since been copied by hundreds of other coins since then and is now the dominant method of distributing PoS coins? Or were there older coins which used a similar method? My understanding is that before NXT, PoS currencies used a PoW stage to solve the distribution problem which is what Peercoin and Novacoin uses. The new method that NXT used was called the IPO because it's similar to the way stocks are distributed during an IPO.

Yeah, I was expecting an answer like that. It does seem to be a fundamental flaw in regards to Bitcoin's suitability as a mainstream currency which I can't really see as being solvable as long as Bitcoin continues to remain decentralized and trustless (although I also believe the fact that it is decentralized and trustless outweighs the negatives of making it not so). It's not really a technical problem, since the program is doing exactly what you tell it to do. Only problem is, humans tend to make mistakes as the example I gave in the OP shows.

Perhaps as a preventative measure, any large transactions in the future will be done not all at once but in a series of small steps, with the other party confirming multiple times along the way that the coins were indeed successfully received. That's the only real solution I can think of.

Sure feels strange to be posting here again since I'm definitely not a newbie anymore but I can't really think of anywhere else to post this question.

That being said, any mods can feel free to move this thread.

A few weeks ago, my parents received a $10,000 transaction into their bank account which they weren't expecting. Of course, they did the responsible thing and phoned the bank who then informed the person who had deposited the money of their mistake. What was suspected and eventually confirmed was that either the sender had written (or typed) the wrong bank account number or there was a mistake during processing and the funds were sent to the wrong account. The transaction was eventually taken back and the $10,000 disappeared from the account.

Now, I know that mistyping a Bitcoin address is highly unlikely since there is a checksum associated with every Bitcoin address which allows the client to detect invalid addresses and prevent coins from being sent to these addresses. Hence the title is "miscopied" and not "mistyped".

What would happen if someone copied the wrong address into their client and sent coins? Well I know the answer to that. Obviously, the coins would be sent to the wrong account. But then what? What recourse would the sender have to correct the error and if there is no recourse other than tracking down the recipient and convincing them to send the coins back (highly unlikely), then how will such mistakes be handled when Bitcoin's transaction frequency approaches that of the current fiat system?

Shame to see PBMining finally die, although I guess this outcome was to be expected after they collapsed several months ago. If I remember correctly, they also had advertisements here on the forums as well. Many people spoke about them positively and their projected returns were much better than the competition (in retrospect, I guess this was a sign of it being a ponzi). I considered buying a contract from them but ultimately decided against it.


Most cloud mining companies have failed and were revealed to be ponzis in disguise but there are some that are still alive. Very few (if any) return any sort of profit however. Check out this thread for a regularly updated list of them.

Some of the more notable ones which are still chugging along include the likes of Genesis Mining, Hashnest, Cryptsy's tradeable mining contracts, and CEX.IO (the option to continue cloud mining was switched off by default due to the falling BTC price but it's possible to switch it back on by changing your account settings).


Genesis Mining is usually considered to be one of the more legitimate cloud mining companies out there. That doesn't mean it definitely won't collapse though. AMHash enjoyed a similar reputation until earlier this year.

First of all, I'm highly critical of the current cloud mining industry and I understand that most are unprofitable. Nevertheless, I figured it wouldn't hurt to do this small experiment for just a bit of fun.

So basically, I was thinking about doing a series of blog posts where I purchase a small amount of cloud mining contracts (e.g. 1 to 5 dollars worth) to compare the returns of different companies over a period of time. Is there a list of cloud mining providers that have low or zero minimum purchase requirements? I know GAW had their hashlets which could have been bought for 8 or so dollars at one point but I'm not sure if that deal is still available because the last time I checked, their hashlets were out of stock.

Anyone know of any companies that might fit this description?