So, to save the current owner (my friend) from any possible malware the old owner may have had installed in this PC, what should we do to prevent ourselves? Will a complete OS change work out?
Reinstalling the OS is the absolute minimum you should do. You'll get most malware removed with a wipe of the hard drive + reinstalling the OS. However, the theoretical risk of rootkits still exists. Reinstalling the OS won't help you there. But the chances aren't very high to have a computer infected with a good (in terms of professional) root kit. But since it is going to be used as an offline storage, you shouldn't be worried too much about that. |
|
|
|
Did you even completely read my post and the article you have linked? [...]
Newer android versions (6.0 + ) automatically encrypt the whole internal storage.
[...]
Once wiped, the decryption key is gone. And afterwards no data can be recovered anymore.
With android < 6.0, you need to manually encrypt the mobile before wiping to achieve the same result.
[...]
Your linked article: Before you sell your device, here's a how to on really protecting your data by encrypting it before attempting the reset.
You need to read the whole post/article and not quote it out of context. |
|
|
|
|
First, which android version are we talking about?
Usually simply wiping the phone is all you need to do.
Newer android versions (6.0 + ) automatically encrypt the whole internal storage.
The key to decrypt is stored on the storage which is protected by your pin (not sim pin, but unlock pin (e.g. pattern)).
Once wiped, the decryption key is gone. And afterwards no data can be recovered anymore.
With android < 6.0, you need to manually encrypt the mobile before wiping to achieve the same result.
If you want to be absolutely certainly 100% sure, just put some junk data afterwards on the mobile to fill up the storage which will lead to all data being completely overwritten (instead of simply being marked as free space).
However, even without filling it up after wiping, you are already extremely safe from data recovery.
|
|
|
|
In your above example %3,7i[0-9a-f] % is wild 3,7i[0-9a-f] = anything from the second char through the 7th can be 0123456789 abcdefABCDEF. But I am having a hard time understanding how to exclude any digits other than the last two or four AND [0-9a-f] looks like I want only letters a-f. Dont I want it to be [0-9a-z]? or is "f" just a symbol that means a-z?
My mistake, yes. a-f means from a to f. a-z is what i intended to write. So If I wanted to exclude all digits (and special) other than the last four I could write %3,7i[a-f]?
%3,7i[a-z], yes. |
|
|
|
About the part that doesn't make sense to you, it actually does. Bots provide support and resistance for each other, is a variation of swarm intelligence applied to markets.
Sure  Other than replying to every criticism and scam accusations with facts, the only way i have to prove it to you is that you test the bot for 1 month. Then you can pubblish your experience here on bitcointalk. Since you're a legendary member, maybe your opinion will be worth more than mine. if 1k is too much i can lower it to 500 for you.
Oh wow! Counter offer: Can i send you all of my money and you make me rich please ? Give BTC address, dear nigerian prince. |
|
|
|
yesh so let's trash all people that doesn't have a legendary account. the bitcointalk oligarchy at its finest!
No trashing. I am just saying that member accounts are used very often to scam people. And this 'service' is extremely suspicious. I just warned everyone reading this. And sorry i won't spend more of my time trying to get stupid merits while i can do something productive.
It is not like you need to explicitely do something for it.. Just don't make shitposts and they come from alone. Here's a copy paste:
You might ask yourself... if the bot is so great, why sharing?
1. More bots running the trade equals more support for the trade which equals to even higher probability of success.
2. More passive income for myself.
So for as i see it, is a WIN/WIN situation.
Well.. yeah.. this doesn't make sense. More bots doing the same -> less earnings from it. If you can, prove me otherwise. |
|
|
|
people give api key to portfolio management apps all the time  Mostly only api keys which allow to view the trading history. There were indeed some apps which required an API key which allows trading. And it has been exploited for exactly what i have described, leading to thousands of people losing their funds. You wouldn't be the first scammer using this technique. My bot only trades XBT market, if the user sees a shitcoin trade then something is very wrong.
Of course something is wrong then, because this would mean you scammed them and stole their money. Also why wouldn't i be reputable at all? do i have negative feedbacks?
Because you are posting from a member account. They are being traded here on the forum for a few bucks all the time. Is that hard to understand that if my payment is only on profits i have no interest but to grow the client capital?
Why don't you simply get rich silently with your super secret magic trading bot ? |
|
|
|
|
This screams scam.
One should never trust a 3rd party their api key to give full control regarding trading away.
The fact that the person providing this 'service' is not reputable at all, makes it even more risky.
For anyone considering this:
OP can steal your funds by pumping a shitcoin selling his own stack to you. You will be left with a worthless coin worth a few dollars, while he will own all of your BTC.
Be cautious.
|
|
|
|
|
Sorry for your loss.
Why did you wait 2 weeks to create this scam accusation? Were you hoping for him to send you the gift card ?
I have left him a negative rating. If you start a flag against him, i will support it.
Let's see whether he replies to it or not (i guess he won't since it is just a newbie account and he probably will use a new one to scam people).
Don't do business with newbies without an escrow.
|
|
|
|
github is far more secure than a private server.
I won't argue whether it really is more secure or not now... But.. the 'security' doesn't matter because you should always verify the signature of the file anyway. So even if the server is compromised, even if you download a malicious version.. (which can happen on the website as well as on github, no difference here) you should never install it because the signature check will fail. Stop trusting a server, verify the files yourself. |
|
|
|
Everything is explained here: https://github.com/gurnec/btcrecover/blob/master/TUTORIAL.md#the-token-fileFor example: - $ at the end of a line for setting this as the last token (i.e. what your password ends with)
- ^ at the beginning of a line for setting this as the first token (i.e. what your password starts with)
- %2,4d for a wildcard which means 2 to 4 digits
- %A for an uppercase letter
So your token file should at least contain the following: ^%A (starts with uppercase letter)
%2,4d$ (ends with 2 to 4 digits)
You can exclude characters by simply not including them (i.e. you set beginning anchor (uppercase letter), ending anchor (2-4 digits) and set X-Y characters of your charset (e.g. 0-9a-z) in between). If you can't figure the remaining ones out yourself, please describe your password more precisely. With "8 digits may be 10", do you refer to only digits (numbers) ? Or are you referring to letters and digits ? If for example your overall password is 8-10 chars long and you know the first is uppercase letter and the last 2-4 is digits, and in the middle you have 0-9, a-z and A-Z, you can add: This will give you 3-7 chars from the charset (0-9, a-z, A-Z) Then, your token file could look like this: ^%A (starts with uppercase letter)
%2,4d$ (ends with 2 to 4 digits)
%3,7i[0-9a-f] (3 to 7 characters of 0-9, a-z, A-Z (not at the beginning and not and the end))
This is not optimized yet, since it tests unnecessary combinations (e.g. 4 digits and 7 chars in the middle, which results in a length of 12). You could enhance this with mutual exclusions ( https://github.com/gurnec/btcrecover/blob/master/TUTORIAL.md#mutual-exclusion). This should you just give an idea how to construct it. |
|
|
|
|
If you are indeed sure that you have sent your funds to the correct address, i see 2 options:
1) They scammed you. The majority of deepweb sites are a scam.
2) Their software is extremely bad and didn't recognize the deposit, which is quite unlikely.
Since you have successfully sent the funds to the address provided, it is definitely the fault of the site you sent them too.
Your only option is to contact them / wait for their reply (if any is coming at all).
|
|
|
|
|
You'll find a lot of articles and threads with google.
For as much security as possible, you need 1 thing:
An completely airgapped computer. Not connected to any network, no wifi/bluetooth, etc..
How exactly you store your private keys, is up to you.
You could use a core wallet.dat file, electrum, a hardware wallet which you only connect to that computer, an encrypted text file with private keys, multisig spread across multiple airgapped computers, etc...
|
|
|
|
Let's be logical. can a full member do this mistake?
Obviously, yes. This has nothing to do with your status on this forum. This is not a 'forum-thing'. Please explain the following: - Original ANN (which you translated) does not contain a malicious link
- Your (translated) ANN has a malicious link instead of the original one
|
|
|
|
This is why it is important to at least read what you are translating. Check links, do not work for shady users and websites..
The original thread ( archived link) does only point to github. OP changed the destination of the link to bitbucket. He didn't just translate it. He intentionally changed the URL. |
|
|
|
Dont have answer for this argument, sorry.
Of course you don't. The reason you stated for keeping it closed source is simply ridiculous. General warning:
Use this wallet at your own risk. Closed-source applications provided by newbies should not be trusted.
You can't know whether it contains malware/backdoors or simply poor code quality which results in vulnerabilities. |
|
|
|
can anyone show me how to delete this negative trust?
You can't. I lose all my stake for signature bounty. by this simple mistake
Mistake? Since when is changing links pointing towards malware in a translation a 'mistake' ? I lose my a livelihood.
Then you should start searching for a real job.
Edit to reply to your edit: 1- let's discuss this problem what mean negative trust: that you believe that anyone dealing with me is at a high risk of losing money, and guests would be well-advised to avoid doing so. This determination is based on concrete red flags which any knowledgeable & reasonable forum user should agree with, and it is not based on the user's opinions. answer but I am just a translator. to translate an ANN and be the same as the original you need to take a Quote and translate. I didn't verify the like! maybe yes. maybe I was tired. so I make this mistake  You are not 'just a translator'. You intentionally changed the URL to point towards a malicious executable. This has nothing to do with a 'mistake' or with 'being tired'. Uploading malware and changing the links in an ANN thread does not happen on accident., Your client could probably even give you a red flag (violating a contract) for this. There are a lot of wannabe-lawyer here who would eat you alive once the flag is created. |
|
|
|
|
Tor always slows you down.
Your fiber connection doesn't help you when using tor at all, regardless of the site you are accessing.
I never had a halfway fast connection to any site using tor, which is understandable given the structure and usage of the tor network.
Can you usually browse the forum at a 'normal speed' when using tor ?
|
|
|
|
|
The best way achieving that would probably be using labels.
You can create labels, and add all message from a specific user to that label.
Unfortunately there is no more handy way to get the whole conversation to be shown (as far as i am aware of).
|
|
|
|
'My Messages' -> on the left site click 'Search Messages' ( click here for direct link) -> enter the username into the field 'by user' -> click on search -> profit |
|
|
|
|
Show Posts
