you are all really waste my time guys, strange that you dont understand basic functions of message sign.
Honestly.. you waste our time. Even if you could sign a message using an old staked address, this wouldn't proof anything. All it would proof is that either 1) you are the original owner of this account or 2) you have contact to the original owner of this account. However, this is not relevant in this case. You need to proof that you didn't intend to sell your account. Not that you can sign messages using old addresses appearing on this forum.
|
|
|
Yes, it is a scam service. But if the system works like that, then anyone's support or opposition means nothing, except of DT members opinion. Disabling the support or oppose button for regular users will be a good idea, since it it worthless for anyone except DT members. Correct me if I'm wrong please.
It is not worthless. No one said that only DT votes count. Votes count from anyone who is in your trust list. If you didn't touch it.. then yes only DT1 / DT2 count. However, if you include other people, their vote counts too (for you). It is stated in the OP: ~snip~ Only users in your trust network count as supporting or opposing flags. For guests, the default trust network is used. ~snip~
|
|
|
In the White Paper , Satoshi assumed the mining market would stay open. Error 1: ASICS closed the mining market to the rich elite only.
No he didn't. He already knew that at some point there will be 'larger' server farms who are mining. And that a single individual won't mine in the future. And neither is the market accessible to the 'rich elite' only. Anyone can start mining with a relatively low budget. Low budget -> low income. High budget -> high income. Just because you can't mine with a CPU or CPU anymore, it doesn't mean that you have to belong to the 'rich elite' to start mining. Error 2: Nodes processing transactions for free are in short supply, if any. Of course this is due to the energy waste, making free transactions impracticable.
No, they aren't. There are currently ~9100 nodes online. These nodes also don't waste energy. They don't need much energy at all. A few $ per year isn't really a lot.. But you were probably refering to the miner 'wasting' energy, right ? Well.. this energy isn't wasted either. It is absolutely necessary to guarantee the integrity and security of the bitcoin network. Error 3: Transaction fees alone will not be able to maintain Bitcoin insane energy waste.
They will. As pointed out, the energy is not wasted. I don't know what kind of shitpost you were creating. And with what kind of purpose. Maybe you are just not informed at all, or are following your own agenda. I don't know. And i honestly also don't care. Please inform yourself before composing such shitposts. It hurts my eyes (and mind) to read that bullshit.
Today most whitepapers try to garner investors so they focus mostly on supply and questionable technical terms. They are trying to sell an investment vehicle pretty much like banks do when they give you fancy prospects of their latest mutual funds.
Satoshi's whitepaper was about suggesting a concrete technical solution to a previously unsolved problem. To that extend the emission rate and overall supply were irrelevant, especially since there were no investors to speak of with the main audience being academics and cryptography enthusiasts.
Exactly this. HeRetiK boilded it down to an essence. Satoshi didn't want to attract investors. He didn't want to get rich. It was a proposal for a peer-2-peer digital currency. The first one. Noone cared about the economic aspects.
|
|
|
I was thinking about 5 DTs supporting a flag and 30 random nobodies opposing it. At least that's how I interpreted mosprognoz's post.
Oh.. that makes sense now. I somehow didn't get the context to that specific post. I don't know why i kept thinking you are referring to the original post bringing up this service. Whatsoever.. this service is either a scam, or worthless. I hope no one falls for that. Anyone falling for such stupid things is just encouraging others to create more similar scammy 'services'.
|
|
|
Warning!! This project is a scam.
Plagiarized whitepaper and stolen identities: see here.
|
|
|
Please don't destroy our reputation, hard work and idea.
You destroyed it yourself by plagiarizing a whitepaper. Either write one yourself or mark each copied phrase with the link to the original source. By the way.. which reputation ? Which hard work ? Since when is ctrl+c / ctrl+v 'hard work' ?
|
|
|
The flag would still be active and visible on threads, which is its main purpose.
I don't think so. ~snip~ A newbie-warning flag is active if there are more people supporting such a flag than opposing it. [...] A scammer flag requires 3 more supporting users than opposing users to become active. [...] Only users in your trust network count as supporting or opposing flags. For guests, the default trust network is used. ~snip~
The flag would be only visible to the people who explicitly included the (worthless) senior account into their trustlist. And i doubt that the accounts used for such a service (if it exists at all) are in anyones trustlist (except maybe the one from their alts). So 25 bucks to tag and ban 15 Senior and above accounts? Sounds like a good deal to me. No one gets a tag (see above). And no one gets a ban. Bans are not related to this at all.
|
|
|
the exchange hack cases that i know of have never been because of a security flaw in their systems.
Exhibit 1: Bitgrail - 170M $ They had a vulnerability which allowed people to withdraw funds they did not have. A lot of ETH and NANO have been stolen this way. The extremely embarrassing mistake which lead to that was that sanity checks have been handled client-side (javascrit; LOL). Exhibit 2: GateHub - 10M $ The attacker gained person to a database holding (valid) API tokens of their customer. These have been used to withdraw funds. Exhibit 3: Bitfinex - 72M $ (120K BTC at that time) Bitfinex hat a flaw in the design of their system. They were using multisig wallets in cooperatin with Bitgo as a co-signer. Unfortunately, the Bitgo server basically signed whatever bitfinex wanted to be signed. Once an attacker gained access to the bitfinex server, he let 1) bitfinex sign a transaction and 2) told bitgo to co-sign it from the bitfinex server. And these 3 are definitely not all cases where security flaws in the technology and the system-design were the reason for funds being stolen. [...] but i still prefer open source software because the closed source one is audited by one person/team while the open source one can be audited by thousands and they usually are (the popular ones anyways).
The problem is that auditing can never find all technical- and design flaws. The software has to be built with security in mind - from the beginning. 'Implementing' security afterwards, almost always goes wrong.
|
|
|
You guys are making it easy for hackers to find their potential targets. By posting in this thread, you are effectively telling hackers what password manager you are using and he does not have to search for ideal targets.
That's nonsense. This does not give an potential attacker any advantage at all. He'd still need to compromise my system. And once my system is compromised, he can scan all my files for which password manager i use and choose his malware accordingly. Despite that if the machine is compromised, you have more to worry than 'just' your password manager which might or might not be exploitable. So let's say this hacker knows about some exploit in one of these password managers and you post that you are using it, then he or she can just focus their phishing emails or hacks on you as a easy target. Phishing is an completely social aspect. If you fall for it, you fall for it. Doesn't matter which password manager you are using. If your device is compromised, your password manager is too (at least after being opened the next time). Which PW manager you use has no influence on the social aspects of phishing. I'd rather focus on the technical aspects in this discussion.
|
|
|
~snip~
Good job, keychainx. Copying parts from me and ETFbitcoin and later claiming i copied parts of your post.
|
|
|
Lets make a collective flag, revealing his shitty activity. I will support flag immediately.
Anyone who has proven that he scammed someone, has the right to claim the 5 BTC offered by game-protect. If this person does not receive the BTC, a flag (violating written contract) is appropriate. P.s. Just report the PM if the whole PM consists of insulting you. With a bit of luck, his ban will be extended
|
|
|
Also, one more question for you guys who knows a lot of this geek stuff. Should I use on my Android the Bitwarden App, or the Bitwarden Addon for firefox android? Any security or convenience difference?
I don't see big differences regarding the security. The sensitive information is encapsulated, either in the datafolder of the bitwarden app itself, or in the data folder of firefox. One argument against the firefox addon might be an exploit in the browser which would allow a malicious website to eventually access some data. I believe this would be slighly harder to accomplish using the application. But that's more of a theoretical aspect. I don't think this plays a role practically.
|
|
|
Is it possible to make it so it checks for 24 word seeds and also without having to provide atleast 1 address? Basicly i need it to just give all checksum passed seeds from 24 words.
Theoretically, yes. Practically, no. There are too much combinations for you to ever check in your lifetime. That's mathematically not possible with the current technology.
So this guy did cut-and-paste of my comment and my original comment was deleted, what is this crap?
My post literally was the first response in this thread. I just saw a shitty one-liner from you like 20 minutes afterwards (post #4). Do you want to say that i stole your shitpost, traveled into the past and made a good and informative post out of it ? This comment was posted by another user, why did you steal it?
Sure. Please tell me from who. Or.. better.. report it as plagiarism and wait for me to get banned Because he is an impersonator (bob123)
Another worthless newbie alt
|
|
|
If newbies are opposing flag, will that count ? Anyone can oppose the flag ?
Anyone can support/oppose flags. However, only the trusted votes count. And trusted votes are defined by your trust settings. If you didn't touch your trustlist (which you definitely should do), DT1 and DT2 votes count only (big bold font).
|
|
|
we can't put aside open source (decentralized) exchanges just because of a possibility of them not being reviewed by experts at first. the alternative is closed sourced centralized exchanges that are getting hacked every day!
The problem is that not even reviewing them guarantees you to have a secure software. It is way easier to build the software from scratch with security in mind, than to adapt a different one and review/fix it. The fact that even closed source exchanges are getting hacked (which have professional security audits and code being written with security in mind - at least talking about the big ones), is an additional argument AGAINST using software which did not have any audits at all and without having a highly professional security-orientated development team working on it. Don't get me wrong. I fully support open-source. I use it wherever possible. But if i would be running such a business, i'd rather pay a lot of money for a proper (and secure) software, instead of trying to save at this place. now that is a different discussion. there is a difference between having a bug (which is normal and literary any code that has ever been written has them) and [intentional] backdoors put in the code with malicious intent.
How do you define backdoor ? If your only definition is a true 'backdoor' (i.e. malicious person can gain access from outside), then yes. This could be found. However, a maliciously intended vulnerability (maybe even in the design of the software which isn't recognizable at the first sight) won't be found in some 'standard security-orientated review'. IMO the risk is way too high.
|
|
|
I definitely wouldn't use some browser-in-built password manager.
Why not? Firefox has a masterpassword, so my password will be encrypted as well. Is it because it cannot generate new passwords randomly? Mostly because on the one side browser are very prone to being exploited. I know, this theoretically applies to each software, but browsers are software used by everyone. They are targeted way often. And on the other hand i don't want my password storage to directly be connected to internet. A 0-day exploit in the browsers password manager could lead to all of my passwords being leaked by simply visiting a malicious website. A 0-day exploit in a password manager, is not as severe as one in a browser. My machine would have to be compromised first. And in this case, i'd be already in trouble. So basically.. the reason for me is security. The reason i recommend KeePassXC over KeePassX because : ~snip~
Those are some good points. I agree with you. KeePassXC > KeePassX I'm sure you prefer not to use outdated software And you are definitely right. I am going to migrate from KeePassX to XC. Thanks for the info
|
|
|
Not possible.
You have 2 options:
1) Take legal actions, which most probably does not result in success since you have literally 0 information and the police don't even understand what bitcoin is. Neither do they take any actions (mostly).
2) Ask him politely to return the money, which he won't do.. since he stole it from you on purpose.
What you should do, is to understand how he was able to gain access to your private keys / device. Maybe your device(s) are still infected ?
Make sure to have a completely clean setup before storing any sensitive information on it again.
|
|
|
If you use Linux or Mac OS, you definitely should choose KeePassXC over KeePass.
Or KeePassX (linux)
|
|
|
I don't know how to create that.
For the future: 1) Visit the profile of the scammer. 2) Click on 'Trust'. 3) Scroll down to 'New feedback' -> 'Negative feedback'. 4) At the end of that line, click on 'add a flag'. 5) Choose the appropriate type (Type 2 and 3 only if you have been directly damaged, in other cases: type 1). 6) Enter the link to your thread and check the box. 7) Copy the URL (which is the URL to the flag) and post it here for others to support it.
|
|
|
|