i think poker sounds more fair than anything else. Only rake is kinda a deal. I don't play dice anymore because of more options games for choosing in casino sites ... like Texas holdem poker
Actually, poker is very hard to make provably fair. Typically the setup is that there's a "house". You have to trust them: * to shuffle the deck fairly, * not to tell anyone what cards your are holding, * not to play against you, * etc. You also have to trust the people you're playing against not to collude with each other (sharing hole card information, playing soft against each other, re-min-raising each other to keep you in a pot, etc.) to gain an unfair edge over you. So long as you trust the house and everyone you're playing against it's OK. But it's not provably fair like dice sites can be. See https://en.wikipedia.org/wiki/Mental_poker for a discussion of how poker could be made provably fair, and the trade-offs required to do so. |
|
|
|
I dont care much i just needed one cold wallet so i can store 10 clams and forget about them. Same as i did with some stellard and dash . I just like to have some amount of alt coin that i made money on , its for free and one day that coin might be worth so much more or nothing. So i like to keep some small amount of each on a paper wallet and forget about it  . The neat thing about https://dcpos.github.io/bip39/ is that you can use a single secret mnemonic to store all your altcoins, using the magic of BIP44. It would be nice if it could generate QR codes for funding and spending from the offline addresses. |
|
|
|
any good site to make clam paper wallets ?
NVM just found out about just-dice.com/clamadress  is the canonical URL. I only put up a copy on just-dice.com because the DNS for clamaddress.org was taking too long to propagate. I was thinking yesterday about the idea of paper HD wallets. It's silly to have to make a new random private key for each and every paper wallet when these exist: * BIP32 -- Hierarchical Deterministic Wallets * BIP39 -- Mnemonic code for generating deterministic keys * BIP44 -- Multi-Account Hierarchy for Deterministic Wallets Together these give us a standard way of creating an infinite number of cold wallets while only needing to remember a single short list of random words. I'll see what needs to be done to get https://dooglus.github.io/bip39/ to work with CLAM addresses.
The biggest problem with CLAM paper wallets though in my opinion is that there's very little demand for them. CLAMs need to be online to stake, otherwise you're losing out on the more than 1% per week you would be earning if you were staking.
Edit: I got https://dooglus.github.io/bip39/ working with CLAM, but I think it's probably better to see if we can get the changes merged into the parent repository, at https://dcpos.github.io/bip39/ - I've opened an issue in github about doing so.
Edit2: I recommend not using https://dooglus.github.io/bip39/ at all other than for testing. It's new, untested, and probably broken in strange ways. In particular I 'assigned' CLAM the coin ID of 4, since it was the 4th coin added (counting from 0) - but I was working from an old version of the parent repo, and other coins have since been added.Edit3: https://dcpos.github.io/bip39/ now supports CLAM HD cold wallets. Copy it offline, have it generate a single list of 15 words, write it down, and you never need to generate another cold storage secret again. |
|
|
|
I work for myself, no one is behind this but me. My career is Bitcoin so I have an obligation to protect it.
You seem confused. There are thousands of lines of code in Bitcoin Core itself concerned with the whitelisting and blacklisting of peers based on their behaviour. I get that you're trying to "help", by railing against XT, but when you overstate your case it isn't helpful. You're unable to point to specifics in the XT changeset that implement blacklisting because they don't exist. Specifically, the 'fShouldBan' member which you keep quoting is already part of Bitcoin Core, and has been for a long time now. It is nothing to do with XT. See this code in the original Bitcoin repository. Hearn's changes are relatively small if you ignore the IP list itself which makes up the majority of the diff. It does the following: * fetches a list of Tor exit nodes from torproject.org, leaking your IP address to that site in the process * in the event that your node is full, it will disconnect a Tor exit node if a non-Tor peer attempts to connect That's about all. I don't know why anyone would think it's a good idea to lump a bunch of unpopular changes in with the silly change which increases the block size limit from 1 MB to 8000 MB. Each extra already-rejected-by-people-who-know-their-shit change you add in surely just makes the whole package even less attractive. Unless maybe the strategy is to make the shit sandwich less unappealing over time by removing one turd at a time until only the blocksize change remains. Then everyone will exclaim "boy, there's only one turd in this sandwich - that's so much better than five turds" and gobble it up. I hope not. |
|
|
|
You do know that is a python script, run at compile time to dynamically generate the list from tor? Unless you are recompiling bitcoin binaries ( on your live server!!) every time you start your node, then this is not an issue. If tor does indeed log ip addresses ( which makes the whole thing pointless anyway) then they are only logging the address of the machine that compiled the code. In most (intelligent) cases that will not be the one running the node. In most cases you will be downloading binaries.
Do I get my candy now?
No candy for you. See this code which runs at run time not compile time, and which also sends your IP address to torproject.org. |
|
|
|
There's too much that could do wrong.
That could *go* wrong. Stupid auction thread not allowing editing... |
|
|
|
Maybe some kind of title company could be used as escrow (similar to how real estate deals are done). Most title companies routinely are in possession of millions of dollars worth of customer funds. This would allow a sale to be done more formally to prevent any question of legal ownership in the future.
If both parties *really* want to do the transaction in a way that most 10BTC trades are done on the forum then someone like Dooglus could act as escrow as it is my understanding that he was holding tens of thousands of BTC on behalf of his investors (when the USD price of btc was higher).
I believe that this kind of a "trade" should be done in person and handled in a legal matter. Indeed. I wouldn't be interested in escrowing a deal like this. There's too much that could do wrong. |
|
|
|
I got my withdraw just over 1.5 BTC
Yeah, me too. I just got my withdrawal of 123.456 BTC. Nice, wanna donate to a struggling millenial living by paycheck?  I was joking, just like cvokey presumably was. |
|
|
|
I got my withdraw just over 1.5 BTC
Yeah, me too. I just got my withdrawal of 123.456 BTC. |
|
|
|
I would ask, if tspacepilot has lied about fraudulently withdrawing any money in the past (I believe that he has), then why should his word be trusted regarding the magnitude of how much he withdrew because of his bot?
I don't think he thinks of it as fraudulent. I don't either. Using a bot to automate boring tasks isn't fraud. Tspacepilot was also inquiring as to how people abuse the faucet on Prime Dice
[...]
I believe this shows that he is interested in doing similar things in the future (e.g. using automation to receive money from websites that he should not be receiving.
I don't think so. I'm interested in all kinds of scams. Not because I want to be scammer, but because I want to understand how they work. I find them interesting, and I find that understanding them is a good first step to being prepared to defend against them too. You seem to be condemning him for asking questions and being interested in the subject. What tspacepilot did was fraud
I don't think so. "wrongful or criminal deception intended to result in financial or personal gain" He ran a bot, aiming to provide a service to fellow chatters. The bot earned a small amount of commission for being active on the site. That's not fraud, even if the T&C said that bots had to have "bot" in their name and his didn't. Furthermore when he was called out on his fraud, he responded with intimidation and trolling. Would you consider someone to be trustworthy if after you left them a negative rating, they started trolling both you and JD (without any substance other then the fact that you left an "unjust" rating)?
No, I wouldn't. How did he attempt to intimidate you? would you trust him with a small amount of money, say 4BTC? What about an amount similar that was claimed by TF that tspacepilot stole, say 0.5BTC? What about half that amount, say .25BTC? What if there was a way that would guarantee that you are in fact speaking to tspacepilot but had no way to prove your agreement (e.g. only you would know that you got scammed), would you trust him with any of the above amounts?
No. I don't really trust anyone with anything. I very rarely have to. I'm in the fortunate position of having a good trust rating here, and so when I trade with people they are almost always willing to go first. I don't think I would hold it against him that one of his first attempts at writing asynchronous code had a bug in it, or that he was unable to come to a resolution about it with TF. What do you think would happen if you accidentally sent any of the above amounts to tspacepilot? What about a greater amount? Do you think he would quickly return the money?
My gut feeling is that he would. But I'm not about to test it out. I have no need to. You'll notice I haven't left feedback about his trustworthiness. That's because I have no experience of him in that regard. Are any of the above answers impacted on the fact that you know that tspacepilot withdrew money from coin chat that he was not entitled to? Does the fact that tspacepilot lied about withdrawing money from coin chat numerous times affect any of the above answers?
I'm not aware of him having lied about anything. Is there some example you can quote? I think a lot of people would trust a hero member who they know is the original owner of their account with .25BTC (I don't think tspacepilot has been sold), but I do not think it would be smart to trust tspacepilot with that small of an amount.
"Hero member" simply means that he's posted a lot doesn't it? I don't see why that implies anything about trustworthiness, in either direction. |
|
|
|
I don't see the point of encrypting a wallet.
It wouldn't be compulsory. If you don't want to encrypt your wallet then don't. How strong is your encryption key (pass phrase) going to be?
It's going to have over 100 bits of entropy, making it impossible to brute-force. Hopefully the encryption will use something CPU-intensive like scrypt, making brute force attempts less likely to be successful for shorter passphrases too. If your pass phrase is long enough to be secure, do you really want to type it in every time you need it?
Yes, that's exactly what I want. I want to be able to unlock my private keys for a specified amount of time by typing the passphrase. The same as Bitcoin Core does. I spend from Mycelium maybe once a month. I can handle typing my passphrase that often. I type it into Bitcoin Core more often than that, and it's not a problem at all. You will have it written down on a piece of paper, because a long, random and rarely used secret is easy to forget.
I don't write my passwords on paper. That seems like a bad idea. I find that typing all my passwords at least once per month is enough to keep them in my memory. Cold storage is simpler and more secure than encryption.
I've not tried using cold storage with Mycelium. I prefer to keep my cold storage keys completely offline. How does it handle coin selection and change addresses? That seems like it would be a pain, if it's even handled at all. |
|
|
|
Based on what happened in thisthread, it looks like TF had originally claimed that 1.5 BTC was stolen, and then here it was updated to .503 BTC with the explanation that this was the amount that tspacepilot withdrew from coinchat, this matches the risked amount in tspacepilot's trust rating from TF. TF seems to have been quoting the whole amount that tsp withdrew, but only a small fraction of that was due to the malfunctioning bot. You reaction to his bot accidentally earning a tiny amount of dust seems way over the top. How do you justify leaving multiple angry trust ratings for this? I think overall your contribution to the trust system is a net positive, but in this case it feels to me like it's borderline abusive. |
|
|
|
can u post updated chart please. profit has gone up the whole time since mid july.
As Andu says, that was quite recent already, but here's a couple of new ones anyway:   Edit: You can always find relatively up-to-date charts on the "Stats" tab at just-dice.com: Site profit charts: * recent profit * all-time profit * percentage profit |
|
|
|
You were not stupid. Many many people put money into Scrypt.cc. It paid every day for almost a year and a half before site problems started. You are not alone. You are one of thousands.
I'm sorry, but "Investing" in a mining operation that isn't really mining is pretty stupid whether you're the only one doing it or one of thousands doing it. |
|
|
|
the NotBitcoinXT initiative prompted this message from Alan Back, Ph. D., to the bitcoin developers' mailing list: The recent proposal here to run noXT (patch to falsely claim to mine on XT while actually rejecting it's blocks) could add enough
uncertainty about the activation that Bitcoin-XT would probably have to be aborted.
So Adam Back, Ph. D., thinks it is okay (if not wonderful) that nodes lie to the bitcoin community in order to preserve Blockstream's exclusive control of the protocol. Think of that before trusting your savings to a system whose security strongly depends on the integrity of the BitcoinCore implementation. The sentence you quoted appears to be a statement of fact. It doesn't sound to me like he's judging whether the fact is "okay" or "wonderful". |
|
|
|
In this post TF claimed that tspacepilot fraudulently withdrew .5 BTC from coinchat. As much as I dislike taking TF's word for anything, that was the only amount ever presented and tspacepilot never disputed the amount he stole (note: the conclusion that tspacepilot stole money from coinchat was based solely on statements made by tspacepilot and my understanding of the rules of coinchat, and the words of TF were relied upon 0%). I had suggested to tspacepilot that he could return the money he stole from coinchat however he was not interested in discussing this but rather claimed that he never did anything wrong. (A very good explanation as to why it is appropriate to conclude that tspacepilot stole from coinchat is here. As I remember it, coinchat was a site that paid you coins in exchange for posting chat. That's clearly a silly idea and will only lead to people posting nonsense to earn money. The incentives are all wrong and encourage just what you don't want on a chat site. It's much the same as companies running "signature campaigns" which pay forum users for each post they make. You end up with thousands of garbage posts and the quality of the forum drops as a result. In other words what you reward is what you get. TF was paying for chat, so he got it. And of course people are going to automate that if they can. I don't think writing a bot to take advantage of a poorly thought out incentive scheme is "fraud" or "dishonest" and certainly doesn't require punishment years later. What needed fixing was the incentive scheme. Stop paying people to post crap and they will stop posting crap. Regarding tspacepilot's ban: he was (most likely) banned for posting many off topic posts, derailing threads, and creating multiple/duplicate threads when the conversation of the first thread didn't go his way (he would lock threads when others did not agree with him), and overall trolling. He has been doing this for months and I would say that if this is his first ban for this behavior and if he was only banned for 5 days then he has gotten off very easy.
I don't spend enough time here to have noticed any of that (other than a bizarre tendency to defend DaDice, but that's probably a result of them paying him for his signature). Do you have URLs for offtopic posts? Edit: tsp messaged me on Just-Dice as follows. If what he says is true it certainly doesn't sound like he is deserving of any kind of negative trust rating: 12:04:46 (1157905) <tsp> → (1) <@dooglus> anyway, what he says is factually false, i did dispute the 0.5 and fwiw, that was one of the main sticking
points in trying to resolve what happened
12:05:07 (1157905) <tsp> → (1) <@dooglus> TF first said I owed him 1.5BTC, at the time, I only had like 0.4 or 0.5 to my name. so that was outlandish
12:05:26 (1157905) <tsp> → (1) <@dooglus> then he changed it to 0.5, then he changed it o 0.54, i kept asking him where he was getting these numbers, but
he wouldn't tell me.
12:05:55 (1157905) <tsp> → (1) <@dooglus> i don't know if you remember anything about coinchat, but it was a site where people chatting got rewards of
tips at random moments.
12:06:08 (1157905) <tsp> → (1) <@dooglus> there were many bots running services there for gambling and whatnot
12:06:31 (1157905) <tsp> → (1) <@dooglus> i was trying to learn about node and asynchronous programming and i started making a bot intended to look things
up in the wikipedia
12:06:56 (1157905) <tsp> → (1) <@dooglus> apparantely, at one moment, the bot was looping or something and it looked like an abuse.
12:07:20 (1157905) <tsp> → (1) <@dooglus> TF banned me but because he wouldn't discuss with me about what happened from his end, how much the bot might
have made (i estimate on the order ofa few ksat)
12:07:32 (1157905) <tsp> → (1) <@dooglus> i was never able to make it straight with him and that was basically that.
12:08:14 (1157905) <tsp> → (1) <@dooglus> i never had any other problems with anyone for the next 3 years (until QS came along) and did his thing where he
was trying to dig up dirt with me in a thinly veiled attack using his at-the-time unrevealed alt ACCTSeller. |
|
|
|
|
I think the negative feedback should be removed. It appears that tsp made attempts to resolve the old coinchat issue with tradefortress at the time, but that tradefortress was unwilling to discuss it.
I'm now told that tsp has been banned from posting on this forum for 5 days. That also seems unfair, but I'm sure I don't have the full story.
Is there more to this than the bullying of tsp? What's the motivation for banning him like this?
|
|
|
|
I think that Cyanogenmod patched this.
As I said, I heard that Google patched it too, but I don't know how to find their patch. Encrypting secret is useless, as attacker can replace Mycelium with fake and just wait for user to enter PIN.
Not entirely useless. I would enter my PIN maybe once a month, and not at all after hearing about an exploit like this until it was patched. As it stands I am vulnerable - I literally don't know where the master seed is stored or how to protect it from the malware threat. But I'm pretty sure it's sitting on my device in plain text just waiting to be stolen. The only thing I've been able to think of is moving most of the coins out of Mycelium until this is patched. |
|
|
|
Dude, I ask you to THINK ABOUT IT for a moment - you are a current member of SCC, you have a shit tonne of KHS and currently withdrawals are not occurring. Do you think the best way forward is to crap all over the site, threaten the owners, and raise the fear and loathing levels to epic proportions!? Or is it better to hope, and encourage the owners to do the right thing? Ya, it sounds pathetic, but if you THINK ABOUT IT, it's the best thing to do for someone in such circumstances.
If you have money in the scam it is already lost. Whether you get mad at the scammers or crawl up their asses won't make any difference. I'm not laughing at anyone. It's sad that people continue to fall for these scams, but what can you do? |
|
|
|
Are there any plans to offer secure encryption of private keys, such that a passphrase has to be entered before private keys can be decrypted? Something similar to what Bitcoin Core offers, where I can unlock my wallet for a specified time period. As I understand it the current 6 digit PIN code isn't an encryption key, and even if it was it is easily brute-force-able.
I read today about an exploit on Android which allows any unprivileged app to replace any other app and read its private storage: https://www.hackread.com/android-zero-day-vulnerability/ https://www.usenix.org/conference/woot15/workshop-program/presentation/pelesThis is another reason why it's important that Mycelium should allow the user to encrypt their secrets if it doesn't already. I've been unable to find any information about whether a patch is available for end users to fix this problem. The news reports seem to indicate that Google will include it in their monthly updates, but I don't know if that has already happened or not. |
|
|
|
|
Show Posts
