Look, I didn't even directly call you an asshole. I said it was an asshole move to expose everyone's money to a security risk. You only took offense because you yourself have committed this act. This is akin to a murderer taking offense to someone saying murderers are criminals and sinners.
are you saying that i have stolen? say if i did have a exploit against mtgox. i could steal anyone's money. i did not do that, i just released the exploit to the forum. how does that make me a bad person? are locksmiths also bad then? they can unlock people doors?
|
|
|
No, I'm calling you an asshole because you've made an asshole move.
"If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck."
are you an asshole too then? non-asshole are not insulting people.
|
|
|
I'd say it's everyone's responsibility to not be an asshole.
are you insulting me because of my opinion?
|
|
|
uuhhh! people are really mad at me. i do as i do, work with it! say i found a flaw in mtgox, that allowed me to empty random accounts. if i just publicly showed people how to do it, they would fastly abandon mtgox, beacuse it was insecure. problem solved! It would be a better idea to follow these steps: 1. Inform MtGox about the flaw so they are given a chance to fix it. 2. If it is not fixed, tell people that there is a flaw that MtGox refuses to fix, so they should empty their accounts, but do not post any details. 2a. After people have been given a chance to withdraw their funds and abandon MtGox, post the full details. 3. If the problem is fixed, post the flaw, in full, on the forum. Then people can decide on their own if MtGox should be abandoned or not. Otherwise, people may not even have a chance to abandon MtGox. All their money may get stolen, because of you. i don't care, about the other users. i did nothing wrong. i published information, are you gonna censor me? i is not responsibly to take care of mtgox's users. its also too complicated the whole 3-4 step thing. much simpler with a 1 step thing.
|
|
|
uuhhh! people are really mad at me. i do as i do, work with it! say i found a flaw in mtgox, that allowed me to empty random accounts. if i just publicly showed people how to do it, they would fastly abandon mtgox, beacuse it was insecure. problem solved!
|
|
|
Actually "the founder (FlexCoin)" have the right definition of ethical full-disclosure. Releasing any bug before submitting to his developers is in fact not full-disclosure but a way that crackers work not hackers.
The only two reasons that hackers should go full-disclosure is if a developer don't worry much about it, go lazy not patching it after a reasonable time frame or if the developers try to silent patch without advice his customers by public advisories.
That's how ethical vulnerability researchers work and will always works. That's why full-disclosure have been made after all. To help users which are non aware of security bugs to stop using the software before a patch was made once a vulnerability have been discovered.
I also of course the fact that "the founder (FlexCoin)" have to "force" his idea but I understand that this should be take with care.
what if i you want to inform other people that are using the service, to just get the hell out of there its insecure? http://en.wikipedia.org/wiki/Full_disclosure: Full disclosure requires that full details of a security vulnerability are disclosed to the public, including details of the vulnerability and how to detect and exploit it. see? wikipedia disagree with you.
|
|
|
So bitcoins will necessarily stay underground and never go mainstream? Too bad for all the small businesses and the economy that could have flourished around it! thats why it may go mainstream, even if they are illegal. drugs are illegal too you know, people are using them anyway. there will be small businesses taking bitcoin as payment.
|
|
|
and i would be able to exchange my bitcoins to a local currency, i would just need to find someone that is using it.
Start your own fresh block chain and see if you can get someone to exchange your private block chain coins to a local currency. If so, you'll be rich. If not, you'll know why it takes more than your 10 friends to make bitcoins valuable. why would i start my own blockchain? no it does not take more then my 10 friends to make bitcoin valuable among us. if we would like to trade little round white stones, instead of bitcoin, they would be valuable among us.
|
|
|
"Hey, I just told everyone in town you left your door unlocked instead of just telling you so you could lock it. But I did the right thing, you should be glad I didn't break into your house and steal your stuff."
maybe you should just lock your door.
|
|
|
We're fine... then as a personal favour.. if you find something specifically related to my service... I humbly request that you tell me first and give me a chance... again as a personal request and not forced.
then i may do it, will not promise anything.
|
|
|
1 - I wouldn't do that with your banking crap because I don't have your banking crap to do it with.. and because that violates every ethical code I have believed in.. but alas it's just my belief .. you do as you want.
thank you! now stop trying to enforce some bug policy, it only pisses me off and make me want to exploit the bugs i may find. 2 - we'll agree to disagree... agree! (end of discussion?)
|
|
|
Anyhow kokjo : Please school me a little bit as to how placing huge buy/sell orders stabalize things if there is no real intention of actually following through with that order?
LOL. thats not the bots. that is speculators who think that price will go or down. or that they can manipulate you to think that the hell is about to break lose. i don't get tricked by large sell/buy orders.
|
|
|
Let's say all governments team up against Bitcoin since it can be used for illegal transactions. not gonna happen. All exchange website and all businesses accepting Bitcoins are sued and therefore have to close or survive hidden. not gonna happen either. silkroad is anonymous, therefor it can't be shutdown. What would you do with a currency that you can only get by "mining" and buy nothing legal with it? is this fictive scenario, i would buy illegal things. or use bitcoin as a friend2friend currency. two friends could sell stuff to each other with bitcoin, it does not make the things illegal that they are trading. and i would be able to exchange my bitcoins to a local currency, i would just need to find someone that is using it. and i don't even think that there is something that is illegal all around the world.
|
|
|
that is YOUR opinion.
i believe in full disclosure.
i don't like that you are trying to force YOUR opinion down around MY head.
if i want to release information about a potential security threat. i do it. you should only be glad that im not trying to use it.
I believe that is irresponsibility to the highest levels. Posting a bug like that isn't helpful to anyone... look I follow the Ubuntu policy on bug requests... send it privately to the developers.. give them a chance to fix it.. then publish what went wrong... You don't send it out the other way... where you publish it publicly .. allow a billion people to hack into the system... then claim "i was doing the right thing" ... that's not the right thing... that's akin to me publishing your banking username and password... then saying "I was doing the right thing" instead of telling you "you're username and password are compromised" .. i believe in full disclosure as well... just give the guy a chance to fix it before you announce it... I'm asking for a few hours... not a few days or weeks... you should be happy that im not trying to exploit it on my own. you should just be glad that i release it on the forum, instead of selling it to the highest bidder. just do publish my banking username and password, feel free to do so.
|
|
|
that is YOUR opinion.
i believe in full disclosure.
i don't like that you are trying to force YOUR opinion down around MY head.
if i want to release information about a potential security threat. i do it. you should only be glad that im not trying to use it.
|
|
|
You say you know it's not about YOU but then you talk exclusively about YOU. While it has some novelty value, like Pet Rocks, its real value is in its utility, current and potential. That's what they'll target. Kill its utility and you kill its value. What good are your BTC holdings if they trade at a penny per coin?
well if i buy 100000 of them, is would have the same value are $1000. and i could go buy drugs anonymously. and no im not only talking about ME, i do need some people to trade with, and im sure there will be some. thats why i said I and other people are using the currency . it does not matter how many there is using it. only that there are more then one. OK, but when that happens, it is no longer a threat. They 'win'. i don't see any difference. i get to use bitcoin as a currency, im happy, and i will try to get more people to use it. they cannot 'win'. simply not possible.
|
|
|
Rather than be Anti-bot, I am for better programming to avoid such occurrences.
occurrences? of what? bots? or stupid people like tasty? i don't understand what you mean. Bots themselves and the occurrences of their use so easily. The markets need to find out what specific things the program looks for and find ways that it cannot be exploited. This could probably done with some type of 'over verification' process, where people have to re-enter passwords multiple times to make one trade. It's the solution only people who are actually invested in Bitcoin long term will love. Traders and bots will hate it. there is nothing thats gets exploited. feel free to make your own exchange, with capchas on every trade. a password every time does not make it harder for bots, its only annoying humans.
|
|
|
You say you know it's not about YOU but then you talk exclusively about YOU. While it has some novelty value, like Pet Rocks, its real value is in its utility, current and potential. That's what they'll target. Kill its utility and you kill its value. What good are your BTC holdings if they trade at a penny per coin?
well if i buy 100000 of them, is would have the same value are $1000. and i could go buy drugs anonymously. and no im not only talking about ME, i do need some people to trade with, and im sure there will be some. thats why i said I and other people are using the currency . it does not matter how many there is using it. only that there are more then one.
|
|
|
there is nothing hush hush about silk road. i don't know if they are down, and i don't care.
|
|
|
|