So what is not clear to me The difference between CC and Public Domain. Your creativity when it comes to giving the license-required attribution doesn't in any way affect the product's license status.
|
|
|
would the typical miner be likely to replace their GPUs with this product. What sort of penetration do you think it could make in the global hash rate?
I don't mine. I don't plan on start mining until there are small low power FPGA/sASIC/ASIC solutions available that I can fire up and forget. No whining fans, no noticeable heat output. I don't plan on ever mining for profit. I would run such a system to help support Bitcoin. While I can't quantify any numbers for you, I'm quite sure there are others who - like me - are interested in Bitcoin as a social and political experiment more than as an "investment". With all that said, without ArtForz or ztex at least considering your numbers to be plausible (Mhash/s as well as price) I belong to the wait-and-see crowd. Impressed and interested, if true.
|
|
|
Let's assume that we "magically" build a product as described in the first post and offer it for sale at a price that was maybe 2x the cost to build. What kind of market do you think there would be for such a product? Are we talking the sale of 10's, 100's or 1000's or boards? Does anyone have an opinion on that? Please include some of your reasonings, too.
|
|
|
Let me guess, by microcontroller I must assume some Java PIC, by your posts I *REALLY* doubt you would touch ASM even with a 10 feet pole.
I'm 40 years old and wrote my first assembler program when I was 12 a. You might want to let this one go, any basic level crypto 101 course will tell you the same things I've posted since they're considered to be common knowledge if you design and implement something with provable security. "an attacker would have to guess first which salting method was used" is what disqualifies you outright in this argument btw (I'm leaving this discussion here since I don't think it produces anything of value to theymos and the reasons he had when creating the thread) a: Since, umm, that's what you had back then if you wanted to do anything remotely interesting.
|
|
|
lastpass is great, it will generate random passwords for you, keep track of multiple accounts, and automatically fill in forms and auto log you into nearly every site. You can have access to your passwords as long as you can get a web connection. This isnt as good as keypass as it is a third party holding onto your passwords, if they go down for the day, you are screwed, if they get hacked you are screwed. But so far they have been exemplary. They had some odd network traffic and without knowing if they had been actually hacked they suggested everyone changes their master passwords, which was the proper thing to do, but which most corps dont do. The LastPass plugin caches locally meaning you have access to your passwords offline as well, and they do not store your actual unencrypted passwords which means you're not "screwed" if they get hacked. The most obvious attack vector is to somehow modify the javascript that gets sent to your client, or to intercept both your locally entered master password as well as the lastpass-stored encrypted keyfile. I fully recommend LastPass, even with those two caveats in mind. (Paying users can also use the mobile client)
|
|
|
Well... I'm the kind of guy where people goes AFTER being "well paying" consultants... and AFTER it goes down. That's why I'm amazed by your kind to keep being "well paid". If you believe you're able to fool anyone who's read our posts here - fine by me I think you mistake low level microcontroller crypto implementation for "apt-get install apache" though. ("goes down"? really?)
|
|
|
The Bitcoin ecosystem requires centralized trusted parties to operate - exchanges
Well. It doesn't require them, although it ends up making things easier for a lot of people. Only one out of all my Bitcoin transactions have been to a "centralized" exchange, the rest have been P2P. For one thing, since I have been of the opinion that for Bitcoin to succeed people must use it and not speculate in buy-and-hold I've always told people who become interested in Bitcoin that they can get some from me, at market rate. (Which is currently about half of my average acquisition price) I wish more people did, and I have high hopes for the current bubble deflation to weed out most of the get-quick-rich "it can only get higher" so-called investors.
|
|
|
I really would love to know where you folks get those "well paid consultant" jobs!
You shouldn't be too surprised that us who do end up at the forum of the world's first possibly-successful crypto currency.
|
|
|
You really don't know what password attacks are all about, do you?
I spent a few years, as a well paid consultant, designing and implementing crypto security systems on embedded platforms. You? (Everything described in my posts would be considered "best practices") There's no edging on encrypt/generate the salt
Adding layers of encryption/hashing does not always increase security while always increasing implementation complexity. Your schemes are simply unnecessary, it's better to increase the password entropy.
|
|
|
1. Open a free account at ExchangeBitcoins.com 2. Go to the deposit page, make a reservation, and print the instructions. 3. Make a cash deposit at any of thousands of bank locations nationwide. 4. Purchase some Bitcoins.
You call that easy compared to what people already have? (Oh, and while I know it comes as a surprise to most americans, there's actually like three or four other countries not included in "nationwide")
|
|
|
You should try seals first. I send you some chips if you ask at my table, I'm playing now. Freemoney there also.
Playing at your website is pretty un-professional. You're saying you've never played at btcontilt, username Weaver? The only one I've never seen play at his own site is Josh (StrikeSapphire).
|
|
|
where it later can create the same consumer easy of use as credit card payments but with lower merchant fees.
Paying in Bitcoin is easier than using a credit card. You have to get the bitcoins first. Until there's a (much) simpler way for the consumers to, as hassle-free as possible, pay using Bitcoin without actually having to have two wallets (their regular currency as well as bitcoins) credit cards will be much easier to use. Paying using your mobile with NFC is going to become huge during next year. Mobile Bitcoin payments will be no easier than mobile VISA/Mastercard payments. http://www.google.com/wallet/http://usa.visa.com/personal/cards/paywave/index.htmlhttp://www.paypass.com/
|
|
|
You may ADD OR REMOVE walls of his path
Yes, that's the "obscurity" part of your reasoning. It doesn't provide any added level of (real) security. When designing a security system all forms of added levels of complexity are risks where there might be edge cases you haven't thought about. You want as few implementation parts as possible, while still giving you a provable level of security.
|
|
|
Well sounds like it's not a full fledged client, that is able to fully participate in the network activity.
When someone tells you that you're wrong, it's good etiquette to educate yourself before posting again. The Bitcoin Wallet several of us are using on Android is indeed a network participating client. It's based on BitcoinJ, an Android Bitcoin library. https://market.android.com/details?id=de.schildbach.wallethttp://code.google.com/p/bitcoinj/To the actual point of your post, I would agree. For the short term Bitcoin proponents should focus on the usecases where Bitcoin really shines, like international wire transfers (competing with Western Union etc), while building an infrastructure (which Bit-Pay is doing in a wonderful way) where it later can create the same consumer easy of use as credit card payments but with lower merchant fees.
|
|
|
Why everyone comes with "security by obscurity" without even KNOW what that stands for?!
In Open Source NOTHING is "obscure", it's a class with several flavors, creating entropy, not "obscurity".
Feel free to write coherent posts. Either the attacker has to guess (obscurity) or not. In any case, you're completely missing the point of salt if you feel that's a suitable place in a crypto system to add stronger complexity.
|
|
|
I go to uni sometimes. UK
You might want to re-read the OP with that UK university background in mind. we're just looking to pass our design on to someone prepared to take it to market
I'd suggest contacting ztex who's already making and reselling a similar product: https://bitcointalk.org/index.php?topic=40047.0
|
|
|
would have to guess first which salting method was used
http://en.wikipedia.org/wiki/Security_through_obscurityThere's no reason to make the salt a part of the complexity of brute forcing passwords. Educate the users instead. "Password strength" indicators are one of several good ways of doing that.
|
|
|
Ahh, silly me, I got around the errors by right-clicking and 'save link as'.
Edit: But unable to open. The windows.exe is reported as a 16bit program, and the .zip looks corrupt
Yeah it's because while you get a file when right-clicking it's still the same error message and not the actual program.
|
|
|
|