I edited my application earlier, but it's better to post my question here: It looks like I'll have to install an app on a smartphone. I prefer a website for several reasons: 1. Smartphones are inconvenient to use for finances. 2. I can't easily use a VM or wipe my smartphone. 3. I don't want to install VPN software on my smartphone. 4. I never install unknown software on my devices. If I can review without a smartphone, I'll gladly apply. If not, my review ends with "I'll never use such a service". I don't even install software from my bank. On second thought: I can experiment with Mullvad VPN on an old tablet, and wipe it afterwards. It won't run very smooth, but it should work. Still, I prefer a desktop computer for anything other than "coffee money". you may use some phone number services on the Internet to get a random phone number just for a single SMS. Then you can begin the test, just you know that you may lose the account access because you don't own the random phone number Does that mean someone else can access my account just by accessing the same phone number? |
|
|
|
"#PeckShieldAlert In H1 2023, there are 395+ major hacks (386 DeFi related) in Web3 space, leading to ~$479.4m loss." "The future of finance". And people keep falling for it. |
|
|
|
This attack could just as well have happened by email. The main problem isn't the QR-code, the problem is giving a phone access to a bank account that can send $20,000. Here, banks are more and more moving towards mobile usage. Until now, I've been able to avoid it, but they're replacing more and more dedicated hardware devices by a code on an app. It's cheaper for the bank, but they sacrifice security for convenience. |
|
|
|
for exemple I have a BTC wallet with 0.00001 BTC and I just want to send 0.00001 to another wallet in order to this wallet just see the incoming transfer but I want it to get rejected by blockchain, like a fake node input on blockchain, is it possible? I've seen this in the past: it was possible to make blockchain.info show transactions that didn't exist anywhere else, and would never confirm. But that's a bug/exploit on the website, not on Bitcoin. What are you trying to accomplish? |
|
|
|
Strings which look random may not be at all How about 9428367110839506348425063820855586539232765? Looks random, right? Except that it's part of the first million decimals of pi. The same with seed phrases: you can create one based on a Shakespear book. The seed will look random, but it's created deterministically. You can only tell it's not random once you find the source. |
|
|
|
It's advised for BTC private keys to be generated on an offline machine (that never gets connected to the internet) for maximum security. But what would be a good alternative when you don't have an offline machine? That's what I used to do: reboot from Linux Live DVD, and work offline. But it became annoying and time consuming to leave my normal system and reboot several times (for instance because of an incompatible Electrum version or too low transaction fees when signing offline). I now have a spare laptop for this, which makes it a lot easier. The laptop doesn't have to be brand new, any cheap second hand laptop will do after you wipe it. Just make sure it has enough RAM, it's nice to be able to boot Knoppix " toram" and work without the (external) DVD drive. True, I would add more: you can generate some master private key once, and then store only your public key on your online device. Then, you could generate new keys, without accessing your private key at all. That introduces another risk factor: if your public key gets changed, you're funding someone else's Bitcoin addresses. Sure, getting offline machine would be the most sensible way, but when you don't have a spare device lying around, buying a used one just to create one address to store not very significant amount of btc seems like an overkill. The way I see it: a second hand laptop costs about the same as a new hardware wallet. |
|
|
|
Of course, and I'm sure theymos is more than capable of generating a suitable .onion address. Just pointing out it is easily done. Reading into this, I realize there will be more complications. For instance, I often link to a topic by using an absolute URL instead of a relative URL (update: and even relative links get stored as absolute links after posting). All those links need to be replaced to avoid sending users from the .onion forum to the clearnet forum. The image proxy should also get a .onion entry. Unfortunately, it's not as straight forward as I initially expected. |
|
|
|
Bump: 4.1 sat/vbyte should be enough for a fairly quick confirmation now. Just make sure to enable RBF, in case fees go up again and you can't wait. |
|
|
|
I think 16 random strings is the minimum (up to 56) The shorter v2 addresses can't be used anymore, now 56 characters (v3) is the default. I've just generated the following, which theymos can have for free.  btctalkhfmnva2746gkwhsxpirz3w7bu3ocut7uzjlszsxlou4naruyd.onion As always: "not your keys, not your coins address" applies here too. |
|
|
|
The Pharmacist 63 times and The Sceptical Chymist 4 times that's a total of 69 times, not sure it would be enough for a monthly Pornhubs premium sub  You know what they say: "the wish is the father of the thought". 63+4=69  Lol. |
|
|
|
Since another member advised me not to get involved in reputation boards No one should take away your freedom. There is no restriction in the forum, you can contribute anywhere you wish. It's (obviously) not forbidden, but as a Newbie, I stayed away from any Reputation drama. Bitcointalk looked like a scary place where users got tagged for the smallest things they did. Staying out of that is what earned me the nickname "Switzerland". |
|
|
|
I find it annoying when you mention a lot of people unnecessarily. I just use one notification bot, made by LoyceV. you can just make the bot ignore users that you find annoying using it. Even easier: you can just ignore certain topics. I don't think users should adjust their posting behaviour for people who use a notification bot. Bots should adjust to posts, not the other way around. |
|
|
|
Secondly what if you throw away your see because it was too week concealed amongst all those boxes? Some people never throw anything away  That only works if you don't buy too much unnecessary stuff, otherwise you'll turn into a hoarder. I'd say a box in a garage is a good place, usually those places store decades worth of items that "may come in handy some day", so it doesn't stand out.
The biggest risk is probably someone going through old junk looking for a few washers to fit something. |
|
|
|
How about Duckduckgo? That's a search engine, not a browser.Never mind, it's a browser too nowdays! I learned something new But it's a Windows beta, so not really useful for the rest of us. |
|
|
|
My mistake at that time was trying to install some video editor from an unofficial link and using crack. I'm sure you've discovered it by now, but you should never run pirated software on any system that should remain secure. Even better if you can find an open source alternative for it. Chrome is provably awful in every way, from being filled with spyware, to insecurely storing passwords I was flabbergasted years back, when I discovered Chrome "conveniently" uploaded all my stored passwords to Google. |
|
|
|
No operating system is completely safe and no operating system that can not be hacked. Probably what LoyceV means is that the chance of having such malware on Linux is low. Linux is also completely open source. Correct. Windows has been "the place to be" for malware for decades. Last year, 95% of all malware targeted Windows, even though it's market share is only 30% nowadays. Are you saying that if I don't use windows the chances of this copy/paste hack is zero? For example lets say I own a Mac laptop, am I safe from this attack? Thinking you're safe would be the biggest mistake. It's a lot safer, but even if it's a lot smaller, there's always a risk. So assume you're not safe, and act accordingly. |
|
|
|
Is there any means to properly helps new users understand the rules and regulations of this forum? There is, if they're willing to read it. What i will suggest is that as soon a user sign up on the forum the next message they should see as a pop-up messages See Writing a welcome message, which hasn't been implemented in 5 years. I believe if him or she is ban she may not know his offense of getting ban. I believe that spammers like this aren't here to contribute anything to Bitcointalk. They can't be helped by showing them the rules, they can only be banned. It's common internet netiquette not to spam on any forum. |
|
|
|
And how safe is it to use Bitcoin Core in pruned mode? In this case, you have to download only 6GB of data. Bitcoin Core website says that you aren't sacrificing any security by enabling pruning. Pruning without sacrificing security means you'll have to download about 500 GB, it just takes only 6GB on disk. And indeed, as far as I know that is as safe as running a full node. So, if I enable pruning and create a bitcoin transaction, will my IP be revealed to other nodes? Yes. But your node could just as well be broadcasting someone else's transaction. |
|
|
|
AHMED carried out an attack on the Crypto Exchange by exploiting a vulnerability in one of the Crypto Exchange’s smart contracts and inserting fake pricing data to fraudulently cause that smart contract to generate approximately $9 million dollars’ worth of inflated fees This has been the problem with "smart" contracts ever since Ethereum's DAO "hack": the contract isn't as smart as they want you to believe, and the users don't even understand how it works. AHMED was a senior security engineer for an international technology company whose resume reflected skills in, among other things, reverse engineering smart contracts and blockchain audits, which are some of the specialized skills AHMED used to execute the attack. With normal contracts, you have to be a lawyer to fully understand what's in there. With smart contracts, you need to be a security engineer to understand it. That's ironic: the sole purpose of a smart contract was be to make it trustless. If it's trustless, fraud wouldn't be possible. As a user, I stay away from "smart" contracts. Don't send your money into something you don't fully understand! |
|
|
|
|
Show Posts
