Kind of ironic that even opening an account on gambling websites has become a gamble on its own.
And just about any other site that holds your funds. I think it's going to get worse and worse since people seem to be jumping though whatever they ask for. We see it as insane KYC they see it as CYA (Cover Your Ass) let's face it. If someone was doing something wrong and they come back and say, we have a copy of his ID with him standing under a street sign and the address is within the geo-location of the IP that he connected with. They have a better case then saying, yeah he said his name was Bob and we believed him. I can also see some small country somewhere taking advantage of this and opening up their borders for online casinos and such. Just so they get their cut. Until other countries complain and we do the loop again. -Dave |
|
|
|
Honestly the last justification I want to resort to is that my friend did something dishonest.
Unfortunately, it seems so. Or there is someone else that has access to the wallet. Eliminating all the hacked or installed malware options. Do they know who really has access to the device in question? You don't want to accuse your friend, does your friend not want to think about the fact that there may be a dishonest person living or working with them? I know nobody wants to go down that thought path, but if you eliminate everything else, it's always a possibility. -Dave |
|
|
|
|
I am not sure how to say this, but I think a hybrid setup for smart contracts would be better. I do think that having them as an L2 or other layer would be good. BUT, I also think there should be a way to and I know I am saying this poorly, 'prove on the 1st layer what the 2nd layer contract said' Kind of like when you make an L2 or L3 or whatever layer smart contract you generate some form of a checksum and signature, THAT is then put into the blockchain. This way there is always a way to go back and prove what the original was. If something goes terribly wrong on the other network, you can still prove what was what.
Yeah, I know not the best way of saying this but I think I get my point across.
-Dave
|
|
|
|
Thanks for that I had forgotten about the Blockstream satellite network. So lets assume everything else is gone would BTC really be able to run and produce new blocks with just that small satellite network?
As long as there are miner/pool and node connected to internet satellite, Bitcoin network will continue to run. But we'll experience network congestion due to decreased hashrate since not all miner/pool subscribe to internet satellite. Although realistically, most people would worry more about social and economic impact due to majority of internet structure is gone. Which really sums it up nicely. Even if BTC was working, you would have a lot of difficulty buying things as merchants imploded all over the place. Assuming you even had service on your device. The large main players have redundancy to keep the local networks up, but everything else would become a disaster very quickly. Recovery, would be somewhat quick however since there would be an outcry to get it fixed whatever the cost. -Dave |
|
|
|
Fortnine has a short review up: https://www.youtube.com/watch?v=rVjrt-JCKLgI still don't have a firm delivery, but at this point I am perfectly happy letting them keep the bike and me keep the final payment till next year. Really don't need to get it and have the warranty start, pay for insurance and registration for it to sit in storage for months. The 0 to 60 is slower then I thought it would be IRL but other then that it all tracks. From reading other online motorcycle discussions, I am surprised of the number of people who just found out from the 1 second comment in the video that it's made in China. And seriously, when the seat looks like that, do you really expect comfort? -Dave |
|
|
|
|
Where are you getting the data from? It looks like it's a pull from coinmap.org which is very outdated, at least where I am in Long Island, NY. There are a bunch of places that no longer take BTC listed there, that it looks like you have listed. Or are you both pulling from someplace else that I don't know about?
And you are also missing as are a lot of ATMs, none of the LibertyX are there.
-Dave
|
|
|
|
I am curious that maybe there are some miners who switch from Ethereum to Bitcoin because Ethereum now is on POS, so this could be a factor too. Most of the Ethereum Miner were mining with GPUs. Of course, there were some ASIC miners. But I don't think those ASICs can mine SHA-256. So, Those ASICs are basically dead. Or they still Mine ETC (Ether Classic), but I don't think it's profitable anymore. It's Possible that maybe GPU Miners selling their GPU and buying Bitcoin minable ASIC miners? That's the only thing I can imagine. I don't see any other reason behind this pump. Bitmain was selling a lot of gear over the last few months slated for September delivery, so there probably is a lot of that going online. With the hot weather over in Texas some of the mines there that were off to keep their grid from exploding are back on. Add in the places that had both ETH and BTC miners but were power limited so could not run them all are now BTC only. And here we are at a new mining high. -Dave |
|
|
|
I have a bit crazy idea, but the cheaters are getting more and more advanced these days.
What if he is running a service to create threads so people with paid signatures to be able to reach theirs post quotas quickly and easily just posting all the same bullshit answers?
I hope I'm not giving them ideas...
I do not think that is such a crazy idea. Who knows? He might even have a few alt accounts of his own that he uses to answer his own questions. It is not like we haven't seen even stranger things on this forum. If there was incentive in the form of profit to be gained, then I think it is not such a crazy idea to think that someone might take advantage of it. I mean, you don't even have to be a programmer to create bots and scripts that can answer questions automatically. There are programs out there that allow people with little technical knowledge to do so. I do not think that there is any evidence to support this theory, but if it were true it would certainly explain some things. This has been discussed on and off a few times. How someone with a few higher raking accounts could create a new user and ask a question that and start a conversation with 2 or 3 other users that are are all just them talking to themselves. If you prep it in advance, it's all just cut and past from a word document into the forum. You could probably somewhat easily get a couple of dozen posts a week just by doing that. It's a bit more work then just the spam posting people but not a lot. -Dave |
|
|
|
There are probably a bunch that were taken down because of this: https://bitcointalk.org/index.php?topic=5410704 and although a patch / fix has been out for weeks are still offline due to the attitude of 'I'll let someone else risk it for a bit' If you were not making a lot of money with your ATMs at the moment due to market conditions due to the possibility of loosing a bunch of funds you may be more wary of turning it back on. I would also think a drop in ATMs is also due to increased competition. I have seen rates drop locally a lot. If you were charging 10% and now your competition is charging 7% you have to drop below that. But, if you are sitting on expensive leases and so on can you make money at 6.5% when BTC is below $20k? Or do you just shut down and walk away. -Dave |
|
|
|
|
The issue, at least IMO, with banks / others screwing up payments is not just the money involved, it's the time you have to put in to 'make it right'
If I screw up I spend time fixing what I did wrong. If a bank screws up, I spend time dealing with the issues they created. Yes, they will 99.99% of the time cover the fees & penalties. But, I still have to deal with it.
Pushing this thread, back OT........
As of now they seem to have just about everyone I use in terms of billing except for my HOA bill. Not a big deal since the community has been changing property management companies a lot. If we don't change in 2023 I'll look into it.
Would like to have the ability to save account numbers so I don't have to put it in every time, but I understand the security implications of storing it.
Along the lines of that would like a regular bill payment option, as in have everything that you have paid in one place and just click the ones you want to pay again, but as above I understand they are now long term storing your information and they may not want to do that.
-Dave
|
|
|
|
It's because they are cheap, they try to reduce the cost at the expense of other things, I think they set a fixed price for the cost and ask their engineers to design something within that price, all these asic miners manufacturers companies do some stupid shit that nothing justifies it except being cheap.
So long as it does not die within warranty they don't care. It's not a lot different then how a lot of things are built today. Get it to X price and design it to work for Y amount to time with Z reliability. It's not like there is a lot of competition in the space. A few vendors, and although some are better then others there are none that are Toyota HyLux reliable. https://www.youtube.com/watch?v=xnWKz7Cthkk-Dave |
|
|
|
Funds were returned without any itervention, so all is over, but I started to have a serious doubts what to do in situations like that. At the end you transfer your coins somewhere and must believe they are safe.
No need to worry and no need for 'trust' either (since you mentioned this word earlier). Worst-case, you unilaterally close the channel. I do believe channel partners are even punished a little, for disappearing and requiring such a force close. There can be penalties, depending on the settings you used when opening the channel. The issue can be that if you are not paying attention or if you or the other side have changed some things you may have to wait a while for the force close to happen. Not a big deal unless you need the funds now, but if you do you should probably not have them in an open channel anyway. I use LN a lot but still full understand, things can still go wonky. As an example, think of all the people in Cuba, Florida, and anyplace else that was just fucked up by Hurricane Ian. If you were running a node at home, or in your business, you stand a good chance of being offline for weeks now. If I had a channel open to someone there, and there is really no way for me to know where you actually are, I could wait a week before deciding to do a force close, and then be waiting 'x' number of blocks / time for that to actually occur. Through no fault of mine. -Dave |
|
|
|
from google play when you click on contact developer you get:  so yeah, that looks funky. I don't see any other reviews or mentions of it while poking around so it looks like a scam to me. I would make a post in the scam accucsation board too so people looking there will see it too. -Dave |
|
|
|
That paper wasn't particularly correct when it was written-- essentially it's saying that a bad guy could dos attack all hidden service bitcoin peers AND make all clearnet peers ban all the tor peers. And thus cause the tor using user to drop the protection of tor. Okay, that used to be a concern but (1) the latter attack would have been highly visible and never happened and (2) "here is this benefit that DOS attacks might make you turn off" isn't a reason to not use the beneficial thing to begin with!
But worse, its completely inapplicable now -- and for many years -- because the banning mechanism they're discussing was removed.
But hey, every time I see someone promoting it I get extra information on which users are slightly more likely to be state actors trying to undermine the privacy of Bitcoin users. So at least it has that benefit.
Kinda sucks though that bitcoiners don't even know that it's totally inapplicable and these same FUD threads keep getting repeated year after year and people that probably heard the correction don't remember.
Someone should probably put together a website with a list of links to papers like the OP posted, a one or 2 line summary of what it says, and then a link to an article / post / document as to why it is wrong. So, when someone comes and does post about it again, all someone else has to do is say no, that's wrong here is why and here is the link. Just saves time, and discussion and so on. -Dave |
|
|
|
|
Obvious, but never said enough. Don't run RC code on production machines with real money involved and even if it's only a little sitting there, backup your wallet.dat file before doing running it.
I know we all know, but lets be sure everyone knows.
-Dave
|
|
|
|
3) I have had payments hit in as little as 48 hours (2 days) and as long as 120 (5 days) don't know if it's on their end or the the payees but if you need to pay something tomorrow this is not for you.
If you are paying your bills, isn't 120 a bit too long of a wait? I know a utility company isn't gonna wait 120 days for their money before disconnecting you. What specifically took 120 days to get paid if I may ask? Not asking to invade your privacy but if I was to want to use this service I would want to know what to avoid trying this service to pay to avoid the long delay. Hours, not days. And IMO 5 days is pushing the limit but I don't know if it's the service they are using or my CC company that just reacts a bit slower then I would like. But, it is a nice service to have, and it eliminates the 2 middle steps in BTC -> exchange -> Bank -> Pay bill. -Dave |
|
|
|
Your way, making it looks like your phone is infected works too. I was thinking of a x of y multisig with enough people involved that it's going to involve a lot of $5 wrenches on people.
The other possibility is having them be sent to a wallet that is always online and waiting for a transaction. That wallet will then send the BTC with a transaction with a timelock. They can keep hitting you with the wrench, it's not going to change time. But in both cases, how do you convince the attacker to stop hitting you? You could prove the address sent to is a multi-sig, by either revealing its script or spending from it before so its script can be viewed via any block explorer. But how do you convince the attacker that it is a multi-sig with other people and not just 3 of your own wallets? In the case of the timelocked transaction, how do you convince the attacker that although there has been a timelocked transaction you don't still have the seed phrase/private key to the wallet which created the timelocked transaction and could just create a normal transaction any time you want? At the end of the day, having a not-that-secure mobile wallet with a small amount of funds is not the worst thing in the world to lose, if by handing it over to an attacker you thereby avoid revealing anything about your main stash. You don't have to. They made a mistake of where they sent the funds. You are sitting there tied up getting hit with a wrench. Either that or your phone is infected, or if there is more then one person, they are stealing from their partners by sending funds that they have access to and not the others. This way at least you have company as they they start getting hit with a wrench. Or as we keep saying, don't leave a lot of funds on your phone. Since my old phone did a gravity check so I had to get a new one and BTC / crypto is down I would be more worried about not getting my phone back then getting my crypto stolen. -Dave |
|
|
|
IF ANY transaction is attempted to be sent, all the funds are sent to a per-determined address with a high fee, non RBF. I mean at that point it's only going to get you hit some more with the wrench but at least they don't get the money. Until they hit you so much you reveal how to access the destination address. You need something with plausible deniability. Different passphrases as Loyce has pointed out is the usual route to take. To build on your system, I guess you would need some way of making your phone appear like it was infected with malware. Perhaps it broadcasts the attacker's transaction with a very low fee, and then a few seconds later RBFs it to a different address. Or every time they enter their address, it makes it very obvious that the address is being "maliciously" changed to a different one. Either way, it just becomes a question of how you want to setup your OPSEC Your way, making it looks like your phone is infected works too. I was thinking of a x of y multisig with enough people involved that it's going to involve a lot of $5 wrenches on people. The other possibility is having them be sent to a wallet that is always online and waiting for a transaction. That wallet will then send the BTC with a transaction with a timelock. They can keep hitting you with the wrench, it's not going to change time. -Dave |
|
|
|
On the website it states the seed is generated from the wallet itself, is that even possible with NFC chips?
Some NFC chip has microcontroller which used as additional security (usually cryptographic challenge). But i'm not sure whether small power received by the chip is enough to run additional microcontroller to generate seed securely. Probably not and I can see it also being a support nightmare. There are so many variables to the amount of power a phone puts out through NFC. Add in different phone cases along with any other metal for attaching to magnetic holders and you have to assume that you are lucky to get tap to pay to work on a regular basis. I am not so much about open source as verifiable source with hardware / software wallet but without either why would you even want to use one that does not have it since there are so many that do give you that option. As always, for full disclosure, I use a closed source multi-coin wallet on my phone but I know and understand the risks and don't keep a lot of funds there. -Dave |
|
|
|
A long quote from myself about a different product, but yes why would anyone store funds / even use a product that was given away from an unknown manufacturer.Looks like there's a new reason to keep an extra PC/laptop to interact with crypto. Of course, with USB type A, even then no adapters are required. This means that the threat described in this topic will be excluded.
USB A can easily handle exploits for PC/laptops, see the link from my other post here. So by making the wrong assumptions, instead of protecting one, you can end up getting malware on the other. More and more manufacturers are refusing to use USB A in their devices, and over time this will lead to a shortage of such devices. The market for used devices will not be endless either.
This doesn't really make sense. USB A is still widely used for PCs, I don't think they'll get no-longer-produced too soon. And, if you want to, you can easily buy cheap and straightforwards adapters from USB A to micro USB or USB-C like this one:  <Cough> MacBooks </cough> And any of the ultra portable PC ones (Microsoft surface, etc.) are all USB A only. Having one of those small adapters is nice. But people are people, and people forget things. If I drop a few of those cables around a show like BlackHat or Defcon probably nobody is going to plug them into anything. Leave a few around Bitcoin Miami and you could probably get someone to plug them in. Buy a few dozen (yes it's expensive) but then put a logo on for something that looks like a giveaway and you know people are going to use it.... -Dave It's a bit different in the fact that it's a hardware wallet but still, you are 'giving' me a $100 item. Like the saying goes, if you don't pay for it you are the product. [o_e_l_e_o trigger warning].... Could also be 100% legit in security, but they are selling all your other information. Think about it, a decent HW wallet setup, that is now telling anyone who will pay for the information what coins came in and from what addresses and where they went. Or they could just be a team of incompetent nimrods who got funding and are trying to get a product out there, or a bunch of scammers who got funding who stole 90% of it and then just put out whatever to get more money from their backers. Going to have to find out a lot more, but for now yeah...run away. Thanks for making this thread, OP. I'm all out of sMerits, so I'll have to owe you some.
I sent him 4 2 from me and 2 from you :-) -Dave
|
|
|
|
|
Show Posts
