Since more and more people are getting banned due to plagiarism currently and quite a few of them just create a new account to further participate / spam this forum... what is the correct way to report ban evasion ? Simply report a post of them with 'ban evasion' in the comment field ? Post into a 'Ban Evasion' thread (e.g. [Report] Ban Evasion [Requesting Admin/mod to check those and ban]) ? What is the consensus here? What is the most efficient way which creates the least workload for the mods ?
|
|
|
Yes, that's the correct PGP key. The signature is valid and the file therefore is the original electrum file. The reason it shows '.. is not trusted by you or ..' is because you didn't explicitly trust this key. the Electrum app asked me if I wanted to encrypt my wallet but I chose not to wrong move you must choose yes He MUST ? Not really, no. You don't need to encrypt your wallet file if you are using electrum as a front-end for your hardware wallet. One obviously should encrypt the wallet file if it stores sensitive information (i.e. private keys / seed), but without sensitive information being stored (which is the case when using electrum with a hardware wallet) that's definitely not necessary. The wallet is password protected and since no transaction can be sent without physical confirmation on the Ledger itself I figured there is no need to encrypt the wallet. Is my thinking correct?
Yes, your thinking is correct.
|
|
|
I recall he wasn't 100% on whether or not my router or even modem served as a NAT but for years I was under the assumption that they did?
Your router serves as a kind of NAT by creating a local network, but that's not what i was referring to. Your public IP is still visible to the internet (same IP from each client in your local network). Since IPv4 addresses are running out (very close to no more being available soon), ISPs have started to use a single IPv4 address for multiple of their clients. They set up a NAT 'server' and use multiple ports to distinguish between traffic from/to different clients. To the visited websites, it seems that all of the clients have the same IP address, which is kind of true, because all traffic is coming from that ISP's server. However, note that using NAT does NOT have any effect on the security. Neither positive or negative. Sometimes it gives a false sense of security by 'obscuring' the IP. But you are not more or less secured using NAT.
|
|
|
Personally, i prefer https://jochen-hoenicke.de/queue/#0,24h. The first and the third graph can help you determining which fee you should choose to get a transaction confirmed in a reasonable amount of time (given that there is no spike coming the moment after you broadcasted your transaction). However, it honestly doesn't matter which site you are using. Choose the one which feels informative and clear to you.
|
|
|
Du musst den private key in alle wallets (BTC, BCH, BSV, .. und was es sonst noch so für shitforks gibt) importieren. Du solltest dabei mit dem Coin, welcher am meisten Wert hat, beginnen (also BTC). Dein Vorgehen sollte also sein: - Private key in ein BTC wallet importieren
- BTC auf ein neues Wallet übertragen
- Private key in ein BCH wallet importieren
- BCH auf ein neues Wallet übertragen
- usw..
Grund dafür ist, dass je wertloser der coin wird, die Wahrscheinlichkeit steigt, dass das Wallet irgendwelche malware enthält. Würdest du gleich mit dem 10. shitcoin anfangen und das Wallet enthält malware, wären all deine Coins (auch BTC) weg. Daher vom wertvollsten zum wertlosesten.
|
|
|
3. You're connected to many nodes and open ports which add security vulnerability
This was the one question I had as well but if I'm running my node through something like a router that doesn't broadcast my private IP address I was told that's fine Everyone you are communicating with on the internet (e.g. websites, microsoft server, games server, basically whatever you do with your PC which has to do with the internet) has your IP (or at least he IP of your ISP if you are sitting behind a NAT). This has no security implications at all. In fact, it is necessary. An IP address is absolutely NO private information. It is absolutely mandatory to communicate. Therefore each node you are connected to, sees your IP. If you additionally accept incoming connections, they are connecting to your PC (on port 8333). As long as there is no severe vulnerability in bitcoin core, that's completely fine. Theoretically, a chance exists that a specifically crafted message can crash core, for example. Or, which would be the ultimate MCA, a remote code execution with the permissions of the user running core. The attack surface exists. The theoretical chance of such a vulnerability also exists. But since core has been here since the beginning of BTC, it gets less and less probable each day. Core is a properly tested software. Not some student-project. I, personally, would assess the risk as being low or very low. If you are using windows, you shouldn't be worried about THAT at all. Windows has way more vulnerabilities which are way more severe than bitcoin core will ever have. And most of them stay unfixed for a long period of time.
|
|
|
Why not just extract all private keys with the bip39 tool and import them?
Because it seems like the mnemonic code is somehow wrong. OP can use this seed to create a wallet, but there are no funds in there. The 'bip39 tool' will therefore also just give you private keys to public keys which do not have any balance. Currently, it seems that OP has to extract the seed / private keys from the mycelium wallet which is currently installed on his old mobile.
|
|
|
You don't really need to use the command prompt.
You can simply navigate to the armory folder and open the config file (it is a text file, so open it with your preferred text editor). If it doesn't exist yet, create it (called armoryqt.conf).
Then simply enter 1 line (satoshi-dir) into this text file containing the path to the blockchain folder as mentioned in previous replies.
|
|
|
Electrum has became a bitcoin phishing wallet, just wonder why still people using it!
There was a vulnerability (whose security implications were very low, by the way) which allowed the electrum server you were connected to to show a message. That's all. Malicious server abused this to show a fake 'update plz from unknown source without source code, trust me' warning. Calling electrum a phishing wallet is simply wrong. Would you send me all your coins if in windows a warning would appear which says 'your windows is insecure, send all your coins to your new wallet: 13zAttackerAddress' ? Wouldn't be too hard to achieve... Would you call windows a phishing OS then ? Oh.. and btw.. people still use electrum because 1) the vuln has been fixed 2) it is open source 3) it is AT LEAST as secure as other lightweight clients 4) it has almost all necessary features, which are missing in a lot of other wallets
|
|
|
If you have lost the access to the seed, have no private keys and no wallet file, then yes. These coins would be lost. The addresses itself are not lost, they can be found out by looking at a block explorer. But the private keys (which are necessary to spend the funds stored 'on them') are lost.
Everyone with access to the seed can recreate the whole 'wallet' (i.e. all private keys).
There are multiple ways to protect from that. The most obvious is to physically protect it. Don't let anyone gain access to it. Also, don't store it digitally.
You might further increase the security by encrypting the seed with a password. But you'll have to store that password somewhere too.. So, there is no perfect solution. You have to find the one which suites you the most.
|
|
|
I was talking about reversing hashes. read again.
The post you quoted was about rainbow tables. Not about reverting an hashing algorithm. So.. either you are incapable of reading or you don't understand the concept behind rainbow tables. Both would be pretty sad, given that you are running a 'professional' recovery service (a.k.a. some GPUs at home?). Computing rainbow tables has nothing to do with reverting hashes. Period. I do my homework, dont worry. And I dont need to earn signature points.
That's good. First do everything for school before dedicating yourself to your hobby. BTW.. what are signature points? And how do i get them?
|
|
|
You only need to hack BTC.com, ANTPool and ViaBTC and attack bitcoin network with their hardware. Will it be sucessfull 51% attack or I miss something?
Theoretically, yes. You could theoretically hack 3 mining pools. Then you have 2 options: 1) Start a 51% attack, which will effectively only work for a maximum of a few blocks because, as squatter mentioned, the hashrate of these pools would drop pretty fast and the resulting dump of price would reduce your gain by a lot, or 2) You do NOT start a 51% attack and silently earn 37.5 BTC per hour, which currently is ~350k USD.
|
|
|
The money won't last forever [...]
I really don't think money is an issue here. More than 1.7 million USD (at the current rate) should be more than enough to fund the forum for several centuries..
|
|
|
You consider all possible combinations but there are backdoors, I have recovered 11+ charachters for clients which you said would not be possible. Lets face it, math is not the only factor here, you have to be lucky sometimes too That's why i said that it is a generic answer which itself is not true. Under some rare circumstances, yes.. of course it can be recovered. But just because i recovered a password ' 123456789012345678901234567890', it doesn't mean that every 30 char passwords can be cracked (which your statement implied). I've heard there is a soft to extract password's hash from wallet.dat and then use Rainbow tables (which are already computed and ready for everyone on Web) to find out the relevant combination of characters. This way the necessary time will be greatly reduced.
You probably think of brain wallets (rainbow table) as there is no such thing determinating combination of characters from a hash, its not reversable. The hashing algorithms does not have to be reversible for rainbow tables to be applicable. The concept of rainbow tables is that you trade off computing power for storage space by precalculating the a big amount of combinations for further look-ups in this table. While this is not applicable to a single wallet file, i still wonder why you have such a misunderstanding regarding rainbow tables. Especially since you claim to be a professional password recovery service
|
|
|
Going back to "open-close source" topic I can repeat that most of offline wallets have their source code closed being commercial products.
And most (if not all) of them have severe security vulnerabilities and/or a very bad security concept. One should keep far away from those wallets whenever possible. This includes yours (a completely new wallet from a newbie without any history on bitcointalk.org and no security audits whatsoever). Big red flags. Talking about OWNR wallet specifically keep in mind that the wallet is a part of upcoming crypto ecosystem, preparing a number of Enterprise solutions. This is the area where you won't find any open-source.
This also is an area where no one will use your product without proper security audits. But it seems that you don't have any audits done or ongoing. Therefore your wallet is neither suited for end user nor for any commercial use.
|
|
|
You can create 1 (one!) single thread containing your ban appeal in the meta section. But since you already used this account for ban evading by posting in another thread which is not related to a ban appeal at all, your chance are getting worse and worse. Note that being banned doesn't mean that one single account is banned, but you (as a person) are banned from this forum. This includes any account of your (current or future). Post history archived for reference.
|
|
|
What do you mean with 'expiry date' ?
Bitcoin itself (the network / protocol) obviously can't expiry. The UTXOs (funds stored 'on an address') can't expiry too.
Broadcasted (and unconfirmed) transactions can be dropped form the mempool (not really expired). The consensus is that they will drop out of the mempool after 2 weeks. But single nodes can still keep it longer and broadcast it to prevent a transaction from completely dropping out. Those transactions still remain valid, even if dropped from the mempool, as long as the inputs are still available.
You need to be a bit more precise. What exactly do you think can or can not expiry ?
|
|
|
What has the stability of the price (which might or might not be completely influenced by whales) to do with the state of decentralization ? Just because those big fishes can pump or dump the value of BTC compared to a fiat currency, it doesn't mean that the network isn't decentralized Or can your transactions be blocked, reverted and censored because of the volatility of the BTC/USD value ? No, it can't. You are mixing up two completely different topics creating a link between them, where actually none exists. Additionally, i am interested in where you got your numbers from. 90% of bitcoin hold by whales
Could you elaborate please ?
|
|
|
Aktuell greife ich auf MEW per UTC (JSON File) zu.
Dies möchte ich auf eine aktuelle Methode ändern.
z.B. mit MEWConnect.
Wie ändere ich das?
Das geht nicht. Es ist so gedacht, dass du mit MEWConnect ein neues wallet anlegst. Bereits existierende private keys / JSON-files können so nicht importiert werden. Das verfolgt ein wenig das Konzept eines hardware wallets. Der Sinn ist es, dass die Keys neu (und sicher) angelegt werden um einer eventuellen früheren Kompromittierung entgegen zu beugen. Und meine 2. Frage.
Mit dem Firefox und Internet Explorer bekomme ich nur eine weiße Seite bei MEW.
Mit Chrome geht es?
Cookies hab ich gelöscht.
Ich hab kein Problem mit Firefox und MEW. Welche Version nutzt du ? Hast du irgendwelche Add-ons aktiv (z.B. NoScript oder irgendetwas anderes was Javascript blockiert) ?
|
|
|
Als "Dust" werden UTXOs bezeichnet, welche so gering sind, dass es mehr kosten würde diese zu versenden als sie selber Wert sind.
Versuche mal in den "Coins"-tab (keine Ahnung wie das dort auf deutsch heißt) zu gehen und den Dust-output (sehr kleiner Betrag) zu blockieren (rechtklick -> freeze).
Electrum versucht anscheinend automatisch den Input zu verwenden, welcher dann aber vom BTC Netzwerk abgelehnt wird (wegen no-dust policy). Wenn du diesen dust-output blockierst, sollte electrum automatisch was anderes als Input nehmen. Dies sollte dann problemlos funktionieren.
|
|
|
|