At the price the Block Erupter Blades sold for I'd MUCH prefer that they sell the new ASICs rather than mining with them.
The key thing is that ASICMINER won't be able to sell at that price again. |
|
|
|
Give a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.
Chinese Proverb http://stackoverflow.com/a/195019/804495https://www.owasp.org/index.php/Category:OWASP_Guide_Projecthttps://www.owasp.org/index.php/Data_ValidationYou should not codez production stuff without at least skimming the whole guideIf you think I'm a bit rude, sorry but that is the point - to show that you need to rethink what you are doing. I would be happy to properly disclose your security vulnerabilities if you didn't choose to make a site handling money (without a clue of what you're doing) as one of your first projects. People who try to do this need to be discouraged. We don't want another bitcoinica or instawallet. |
|
|
|
Here's another vulnerability you should fix (on top of no coins for withdrawals, and the "free btc")   |
|
|
|
Do you still understand that I'm not doing this game for profit?
That doesn't excuse the fact that you are making a coinflip game with no bankroll. You also will not make any profit (to donate) on 50/50 coinflips. Don't get me wrong, a dice game where the profits are donated to charity is great, but it shouldn't be done as someone's first coding project. What if someone actually deposits a bitcoin, flips, and wins 2 BTC? How are they going to get paid, because your site has 0 coins to pay out winnings. |
|
|
|
This is nice, thank you for that test. That was what I was looking for in the testers. Don't worry, I'll send your coins back This is how beta testing works. My coins? I haven't deposited anything. Also please stop acting so internet gangsta. If you want the best then give advice not brag what you can do. It makes you look stupid not very friendly Please also have a clue of what you are doing before handling people's money. Really, how many times do I need to say this? Also, how big is your site's bankroll? It seems like you don't have one at all... |
|
|
|
But why don't you answer if you know the answer? Yes, rand is not 100% accurate, but I made a little video as well showing how accurate rand is: http://screencast.com/t/A2kt5VObI'm not sure if you legitimately have no clue or are just trolling. Bad PRNGs allows an attacker to predict the next outputs if they have collected enough outputs. Your randomness distribution does not matter, a bad PRNG like rand should not be used for gambling or cryptography even if it has a good distribution. Also, it took me literally 2 minutes to hack your website and give myself a balance without depositing anything:  |
|
|
|
|
Srsly, it's as simple as this:
$secret = "foobar";
function flipCoin($txid){
return substr(decbin(ord(hash("sha256", $txid . $secret))), 0, 1);
}
echo flipCoin("ebd4d32e72ce9cf4cff1f0baeb1df6243f65f2e16300b839ab96d3f64ad22ba1");
|
|
|
|
|
1. Yes, I can tell what the result will be if I play enough times. This is the problem of a PRNG, they go 123 -> 342 -> 492 -> 123 -> 342 except on a much larger scale.
Please learn this before handling other people's money.
2. Make it provably fair.
|
|
|
|
Been a while since we heard from TheDarKnight in BIPS helpdesk. So I figure he fixed whatever was wrong.
Can someone change the title of this thread, or simply remove it...
You could report this post to a mod and see if they would be willing to move it to the scammer accusations section. |
|
|
|
|
Your logic is flawed. I'd post more but smoothie already did.
|
|
|
|
First of all, you are using rand. That is not cryptographically secure. Caution
This function does not generate cryptographically secure values, and should not be used for cryptographic purposes. If you need a cryptographically secure value, consider using openssl_random_pseudo_bytes() instead.
secondly, read this: https://bitcointalk.org/index.php?topic=161236.0You can't prove to me that your odds are 50/50. Provably fair lets you prove it and let anyone else verify it. |
|
|
|
I wanted to ask, what is going on with satoshidice?
are they failing to pay dividends?
are people concerned about the site being slow?
are people concerned about the sudden absence of key personnel from the forums?
1. No 2. The bet return part, yes. It seems sometimes S.DICE's bet processing script is very slow (far beyond 1 confirmation times) 3. Yes. |
|
|
|
Gave away 3 BTC |
|
|
|
Stop asking people to do this, if they felt it was in their blueprint or plans it would be included.
I'm expressing my feedback which is "make it provably fair". Given how a new bitcoin casino (without provably fairness and usually also without a clue on how to not get trapped w/ doublespending) pops up at the rate of 2 per day, I really cannot be bothered to "It would be easier to garner trust in this specific community (which is small and insignificant in gambling terms) by providing a service to prove the fairness of your bets...just a suggestion" The issue is it is very hard to tell if a coin flip site actually has 50/50 chances, or 49/51 chances, or 45/55 chances. When there's something that allows everyone to verify their odds and RNG are fair, then there's no reason to not do it short of the development time. I don't think most people realize that you are handling other people's money. |
|
|
|
|
Are you aware what you are doing is illegal? You can't sell a Home Simpson mug without proper licensing, for example.
|
|
|
|
|
Show Posts
