Bitcoin address collisions are the things that could happen, but the chances are extremely small that it's not going to happen in practice and if it does have a party.
|
|
|
What OP is saying is that the higher the difficulty gets, the more likely a block after looping through all the possible nonce space will not have one that matches the difficulty. A dumb miner would keep repeating that loop and never ever find a block, a smart one would change some other part of the block like extraNonce.
|
|
|
Fixed issue with adding usernames to your addressbook.
|
|
|
yes you have, you posted phishing links and you were selling phished propert.
|
|
|
I find it funny how we are arguing about 50 bitcoins that is owned by a person who probably has more than a million.
|
|
|
Hi QuiveringGibbage,
Have you tried saving it to a file and then calling gpg like this:
gpg --decrypt myfile.txt
|
|
|
Welcome to the forums! Launching an IPO is a good way to introduce yourself to the community and showcase your reputation.
|
|
|
CreativeX, put your GPU to better use - mine weedcoin
|
|
|
gweedo: the issue is with you spreading FUD. The only site not salted is CoinChat but despite multiple denials you somehow assume it is for all my other sites, which is the FUD and lies part.
That's what is reasonable but obviously people will ho "a chat room just hashes? Everything is properly done for sites that actually handle money?" But I guess that reaction wasn't what you are looking for.
If you do not get this part, you're dense or you are just here to pick a fight.
|
|
|
How stupid can one be to not read the difference between CoinChat and CoinLenders.
One thing I noticed though is that I saw that the salt is a global variable in CoinLenders -> the salt is the same for everyone? -> if the database leaks the attacker can find people having the same password easily since the sha256 of (salt.pwd) is the same for everyone when pwd1 === pwd2
This is no longer the case. All passwords has been rehashed and salted with a user unique salt.
|
|
|
The problem is that people tend to use the same password for all those registrations... I'm pretty sure a lot of people on CoinChat have the same password on their input account.
You can argue that they shouldn't, although it wouldn't really be their fault if the CoinChat db is leaked and their input account gets hacked.
When you sign up for Inputs, we have giant text telling you to not reuse passwords. Unfortunately some people don't follow that, but they are the same kind of user who will enter their passwords on inputsio.myfreesite.com or download wallet.dat.exe.
|
|
|
BTT: do you plan on adding a function to add a private key, like it's possible on blockchain.info, or do you see some security issues?
We'll do sweeping which is safer. There has recently been a pretty high profile case where a bunch of people using Blockchain.info lost bitcoins because they imported a contest private key or something, and blockchain.info was add private key happy. Anyway, posting IP and such of the user is no different than this: https://bitcointalk.org/index.php?topic=254920.0 - they are technical details, not personal details.
|
|
|
Dude all you do is screw over your users and abuse your powers Yes, I screwed over a hacker / phisher / script kiddie / DoSer. Was he your friend? Also, you're. Try digesting messages before rushing to post! I'm happy to post a SQL dump of users.password, which are hashed and salted with a user unique salt. That proves nothing through, if it was not indistinguishable from randomness then it was done wrong. No, you're not getting SSH / mysql / whatever access. ooooh, in your quoted excerpt he actually used the possessive pronoun "your" correctly. a bit quick to flame back, eh Seņor Grammar Nazi? Lol, my mistake, sorry Anyway, gweedo, I'm happy to remove my negative feedback if you stop continue to make misleading and factually incorrect statements regarding my websites. You don't need to remove anything, that's extortion. I made it clear my negative feedback was because you continued to lie and spread FUD.
|
|
|
> posts full dox (password, ip etc) of a user > talks about privacy
made me laugh IRL.
By user, you mean attacker / someone who is compromising and phishing accounts and DoSing our sites. If you use a service and attack the/related service maliciously while spreading phishing links to capture people's login details, and extorting people for things you've scammed and expect them not to do something about it.. it's called protecting our users. (I also think we have different definition of what dox is. No personal details - things like name, address, etc were posted - we don't collect that - only technical ones used to identify the attacker like IP addresses, related accounts, and password hash. The password hash was relevant because the attacker had a habit of using the same pass on his numerous accounts)
|
|
|
OK, let's keep this thread about Inputs.io and not other services. I don't think BIPS is a scam, but any business that deals with fiat has heavy regulatory and reporting burdens. Inputs is privacy focused, which rules us out from touching fiat (at least directly). I will just say: it is an absolutely horrible idea to use a wallet for transactions tied to your identity for Bitcoin. Let's not think of Bitcoin as another funding method, but why Bitcoin was created. "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" (the genesis block of Bitcoin). Services like Coinbase, BIPS, Coinjar can be great, especially for integration into the banking system, but by selling their soul they can never do what we can do - protect the privacy of our users.
|
|
|
I seriously don't like making comments on competitors, however how you're handling WalletBit isn't really good IMO. Instawallet at least had a 90 day claim window.
To me, this would be a betrayal of trust, even if I'm the only user who still uses it. But people choose to do business differently and we should leave it at that.
|
|
|
How about adding to the leaderboard the "Highest risk taken" where "risk" is measured as the variance of the wager (or sqrt thereof).
Just a way to compare 1 BTC staked on 0.1% and 100 BTC staked on 98% - the first one has higher variance, and is indeed more "risky"
Then we'll see some of those crazy lottery bets coming up in the leaderboard
That would be the same as the potential win, is it not? This is pretty likely to end up with people placing longshot bets and actually winning.
|
|
|
If this is not open source it is not secure. I'm sorry, but please open source.
|
|
|
I'm interested, however can you do the raffle in a provably fair way? Cryptography will prove that you selected a fair player.
For the actual implementation, it's not too difficult. Generate a random string. A trusted third party (like me) would generate a random string too.
You hash your string with SHA256 and post it here. I hash it with SHA256 and post it here too.
When the raffle ends, we concat (combine) our two secrets (the strings, not the hashed version), and hash that. Then, for each ticket number we hash that plus the hash of the two secrets. We then get the ticket which is a SHA256 hash.
The ticket with the lowest value wins.
|
|
|
If you want free coins, coinchat.org
|
|
|
|