Added.

It would be better to have a separate watchlist system in addition to "new replies to your posts". Why should you be able to break the page's stated function of showing new replies to your posts?

I tried to install it once, but it caused problems and I didn't want to deal with it at the time. Maybe I'll try again later.

Post it in this section.

You could send transactions with an nLockTime equal to the subscription due date. (nLockTime is an already-existing feature that prohibits a transaction from being accepted into a block until a certain time.) Send this transaction to the service a month ahead of time, and then you don't need to be online at the payment time. You can cancel it at any time.

You've reported no posts. If you want something to be done about a post, you must report it.

If the services kept each person's BTC separate, they could give people withdrawal transactions in advance. The users could then withdraw at any time without contacting the service by broadcasting the transaction. The users would also know immediately if any of these funds were spent.

I might use it if it had extremely good physical security. Like CyberBunker, but devoted to the bank. Physical security is the only thing I can't do -- I have encryption and backups handled.

I've been thinking recently about the interesting security measures such a bank could use. It'd be really fun to build it.

The target is stored in a fixed-size form that basically says, "This many zeroes followed by these bytes, followed by enough zeroes to fill 256 bits". It can handle any number, with lower precision for higher numbers.

"Difficulty" isn't used for anything except display, so it doesn't matter how that is stored.

HTTPS prevents someone who is sitting between you and the destination on the network from reading or modifying your transmissions. For example, it prevents your ISP from seeing your MtGox password. Usually, anyone between you and the destination is pretty trustworthy, but this is not the case if you live in a non-free country or if you are using a free proxy like Tor.

This compromise means that all HTTPS connections are suspect until things are sorted out. Even sites that don't use StartSSL can have their HTTPS broken. Even if MtGox was using Verisign, they would be affected equally.

I recommend installing the Certificate Patrol and Perspectives extensions for Firefox:
http://patrol.psyced.org/
http://www.networknotary.org/firefox.html

Certificate Patrol warns you whenever a site's certificate changes. This will happen when an attacker tries to exploit a compromised certificate authority like StartSSL. It also happens occasionally for other reasons.

Perspectives asks several notary servers for information about certificates. If the notaries see a different certificate than you do, then there is probably an attack going on. In the settings, use these options:
- Percentage of notaries...: 100
- Days of continuous...: 0
- Contact notaries for all HTTPS sites: yes
- Allow Perspectives to automatically...: no (unless you want to allow Perspectives to stand in for a CA when a site is using a self-signed certificate)

Nothing is being hidden. I will provide copies of deleted threads on request. Just send me the URL.

BBE's /q/getdifficulty uses Bitcoin's old difficulty calculation, which has some precision problems. You'll notice that the difficulty reported on block pages is the same as yours.

I'm not going to delete that one, since it would have been OK if that post and his post just afterward were combined. That they're separate posts doesn't really matter. The purpose of the rule is to force all participants to constantly contribute to the discussion, which hugolp was clearly doing.

Anyway, you should report all posts that you think are wrong, regardless of whether the poster is a mod/admin. (Hugolp was not a moderator at the time of that post, however.)

Relying only on "time online" would be too easy to bypass. As people have mentioned here, you can easily "reload every" the board to get the time with no posts. Requiring some posts ensures that trolls will be noticed here before leaking out into the rest of the board.

If you have even one good post, it will be very easy to get manually whitelisted.

Done. I'm not sure what to do with the topics in the old sections, though. For now, no one can post new topics there, though you should still be able to move your topics from there.

Report obvious trolling and off-topic posts.

You may specify more strict rules in your OP, and moderators should moderate according to these rules as long as the rules are reasonable and very clear. For example, you could ban certain words (though you must specify the words).

Yes.


They will not include them in their blocks, but they will accept them in other blocks. (This has not always been the default behavior -- previously everyone would include all transactions.)

Not true. They can fund their PayPal account with ACH, which is reversible. If they reverse this ACH transfer, PayPal will take back the funds.

Gift payments can also be made directly with a credit card, which is even easier to chargeback.

Adding an image allows you to "force" readers to request a remote document, which can be used in various attacks. It could have been used with the MtGox CSRF attack, for example. Hopefully people with 50+ posts will not attempt this, though even this number may be too low.

I've been thinking that maybe images should be totally prohibited everywhere.

Les raisons interdiction devrait toujours avoir un nombre après eux, comme "Spam 8". Message du nombre.