I would rather it not be archived.
|
|
|
Placed an order... let's see how it goes. Not a lot of confidence so far, as it does not return a transaction number for credit card purchase. It went so fast -- which might be good -- it made me wonder if my credit card was really charged.
|
|
|
Have Pecunix, want to buy at least 6000 BTC. Willing to pay 0.0015 GAU per bitcoin.
Send PM if interested. Thanks.
|
|
|
Purchases are now limited to 10,000 BTC per day per IP (ie. per person), in an attempt to pro-actively comply with US regulations. We want to help establish bitcoin as a viable digital commodity, a store of value, by making it easy for others to obtain bitcoins. We do not want to enable law-breakers or money launderers etc.
|
|
|
SSL connections are The Right Answer.
If I had any OpenSSL programming experience I'd volunteer to implement it. Anybody willing and able to teach bitcoin to speak https?
And for extra credit, support SSL client certificates for authentication either instead of or in addition to HTTP-Basic...
SSL is easy in C. C++, satoshi-style, is another matter boost has some stuff: http://live.boost.org/doc/libs/1_37_0/doc/html/boost_asio/overview/ssl.html
|
|
|
RE: binding to any/all IPs: DANGER! Make sure you have good firewall rules for port 8332 or you are likely to find yourself with an empty wallet! Bitcoin is using HTTP BASIC authentication, so anybody who can eavesdrop on the connection between your JSON-RPC client and the bitcoin server can see the password (it is NOT encrypted).
I was thinking about adding support for Digest auth... I wouldn't bother-- HTTP Digest auth is vulnerable to man-in-the-middle attacks, it'd be a lot of work for a probably false sense of security. For Some Value Of vulnerable. The password cannot be obtained, at least. MiTM can (a) tell the client to use another auth, and (b) impersonate a server. (a) can be mitigated by requiring RFC 2617, (b) by SSL. But, use of HTTP-Basic is just a crime, because it is so trivial to obtain the shared secret. If HTTP-Basic is to be kept, at least require SSL connections?
|
|
|
Patch updated for current SVN, r146, aka the "break patches with a CR/LF policy change" revision.
Same patch URL (see top of this thread), no change in implementation or operation.
|
|
|
Patch updated for current SVN, r146, aka the "break patches with a CR/LF policy change" revision.
Same patch URL (see top of this thread), no change in implementation or operation.
|
|
|
RE: binding to any/all IPs: DANGER! Make sure you have good firewall rules for port 8332 or you are likely to find yourself with an empty wallet! Bitcoin is using HTTP BASIC authentication, so anybody who can eavesdrop on the connection between your JSON-RPC client and the bitcoin server can see the password (it is NOT encrypted).
I was thinking about adding support for Digest auth...
|
|
|
Damn, that was fast. Eh, did they contact you or did you remove it preemptively after reading terms or something?
BCS had contacted support on an unrelated issue -- Google Base was having trouble "claiming" our store's URL -- and while handling that support issue, Google says they noticed a policy violation, and disabled BCS's Google Checkout account.
|
|
|
Would an admin kindly remove "Google Checkout" from the list of our accepted payment methods, on http://www.bitcoin.org/tradeThanks for the mention!
|
|
|
Google Checkout support has been removed. Apparently they don't like digital currency.
|
|
|
Updated and simplified the Google Checkout experience a bit.
I wonder if there is a payment processor that accepts only debit cards? The chargeback issue is largely one of credit cards, if I understand correctly.
|
|
|
They claim they dont have chargebacks yet in their tos it says they do?wtf?
Im coming to the conclusion that it is almost impossible to avoid this situation.
Handling chargebacks is required by law in the US, which indeed leads to an unavoidable situation.
|
|
|
LR doesnt have chargebacks True but it does charge transfer fees, which we currently absorb. Whats your markup for this service?
At the moment? There isn't a set number, it's largely a finger-in-the-air experiment for each currency. Looking at non-bitcoin exchanges, for example, Liberty Reserve-USD seems to be slightly undervalued compared to PayPal-USD, so I try to compensate for that. Each payment method has its own transfer fees, though I could look into giving people the option of paying that themselves, and reducing the price.
|
|
|
|