The DB is probably doing most of the work anyway, so are you sure it's improving performance?
When the web server is handling the password hashing via BCrypt... Yes. BCrypt is just a bit resource intensive...
|
|
|
OP if you're reading this, please get multipool back up! I've got 3 GH/s to point your way but I can't if you're down!
|
|
|
Any and all interaction with the database should done using either Stored or Prepared Procedures
Prepared statements, yes, stored procs, NO. SPs never really increase security (unless you are talking about the DA's job security), but they do complicate the design. Therefore, you shouldn't use them "just because". Most apps these days use some form of ORM and a minimal set of sprocs, if any. In addition to the salt data stored with the hashed password and the validation fields I'm keeping on each row, there's also an additional application-specific salt that exists only in the stored procedures which, of course, have the "WITH ENCRYPTION" flag set. This adds an extra layer of difficulty to password cracking attempts since not all of the salt data will be known to an attacker without first going through SQL's built-in encryption. I also have validation fields on each row of every table such that inserts or updates made without going through the stored procs will be considered invalid. Every stored proc re-validates every record it touches and locks the account if invalid records are found. There is no way to buy, sell, deposit or withdraw bitcoins without a correct validation field and the validation fields are SHA512 with both stored salt data and additional salt in the encrypted stored procedures. Stored procs which update this validation number require their own validation in the form of a session key which is a hashed amalgam of both a large random number and browser fingerprint data, such that if the cookie were stolen (a la firesheep) it would still be useless without also faking HTTP headers, IP address etc. These session keys are stored in a manner similar to password hashes and are invalidated at the database level after ten minutes of inactivity. This is also my method for enforcing a ten minute auto-logout on idle: if your session key in the database is null, every page redirects to login. So never say never... Anything can be used as a tool to increase security, it all depends on how you use it. I chose to enforce a lot of my security and data integrity rules at the database level rather than at the web server or application level. Since SQL resides on a separate server which is not internet accessible, it places much of my infrastructure behind at least one more layer of security. P.S.: As an added benefit, the offloading of many transaction processing and security tasks to stored procedures also allows me to split the load more evenly between the CPUs of my web server and my SQL server, thus increasing the transaction rate that I can handle with the same hardware.
|
|
|
Perhaps we should first define how many dimensions we are working with.
My brain goes all mushy after about 11...
|
|
|
Wave function collapse is not that bad, look at the Quantum Zeno Effect: If Bitcoin has a finite, gaussian decaying lifetime, we simply need to observe the market often and fast to make it stay I think we're going to need a LOT more market volume
|
|
|
1. When I saw the title I had a feeling someone didn't understand some science.
2. When I read the OP, I had a feeling someone would screw up and use the Bohr model of the atom to justify roundness.
3. When someone finally did use the Bohr model, I had a feeling I'd end up being the one who explained how and why they were wrong.
When someone not only proved me wrong on #3 but went on to make Schroedinger jokes about the market collapsing when observed I finally realized EXACTLY how right for me this community is.
You guys rock.
|
|
|
All good for me! Well.. I do have one mBTC *more* than I thought.. not sure how that happened.
Better yet, I've got 0.00005 USD more than I thought... Not sure how that works. Actually I think I do know how that works. They probably store everything in the database as decimal(n,8) whether it's in BTC or not, so I probably made a fractional cent or two on some trades here and there which just got truncated off of my displayed balance.
|
|
|
is this real or a trick to get my password and username?
I checked DNS and their SSL certificate before logging in. After logging in, they had my correct balance. If it's a fraud, it's a damn good fraud...
|
|
|
Well I, for one, have a correct balance
|
|
|
While it *is* true that the world understands the multiplicative SI prefixes (kilo, mega, etc.) better than the divisive SI prefixes (milli, micro, etc.) it is also true that the world is VERY good at coming up with nicknames - pounds, pounds sterling, sterling, British pounds, ster, stg. and quid all refer to the same thing. This discussion seems to be about what the official names of < 1 BTC units will be, but realistically it'll be a week before the "millibitcent" turns into "millie" or "mill" or some such truncated version. The community is scientifically fluent enough that the SI prefixes will see common use, what we really need to decide on once and for all is if a "millie" is going to mean 1/1000 of a full bitcoin or 1/1000 of a bitcent. I for one say we subdivide the bitcent to allow the current smallest unit (e-8) to have a "round" name. If we need to add more precision in the future, we'll just need to do so 3 decimal places at a time so that the next SI unit down can apply to the new "smallest unit"
|
|
|
They reported it wrong. The "money" that changed hands at Mt Gox is just numbers in a database that can be rolled back, in order for the money to actually be "stolen" it'd have to be cashed out, which to the best of our knowledge it wasn't. Aside from the 200-some BTC cashed out by "Kevin" during the $0.01 exchange rate crash no BTC or USD are known (to us anyway) to have left an actual wallet or bank account. They reported $9 million because the news media consists primarily of pretty but stupid people who are paid to read from a teleprompter paid by the worst researchers that no money will buy (interns).
|
|
|
Facebook credits are designed so that dollars go in, but only flow back out to the companies with facebook games.
And Facebook tries hard to ensure that the companies cashing out the credits are real companies, and not people just trying to move money through their system. There are no open exchanges, by design.
Well really that's not the problem right now, since we're talking about trading facebook credits (hereafter referred to as FBC) for BTC, which is a non-monetary exchange at present. If someone then exchanged their BTC for USD that's not really facebook's problem. The problem right now is, that I'm aware of, there is no way to send, trade, exchange etc. facebook credits with other users.
|
|
|
build them! google > vga dummy plug just some real cheap 68/75ohm resistors needed Yep, every radio shack in the U.S. sells 5-packs of 68 ohm resistors for 99 cents, which is two more than you need. Simple guide: http://www.overclock.net/folding-home-guides-tutorials/384733-30-second-dummy-plug.htmlThere's another method that works with only one resistor but it requires you stick the resistor directly in the DVI connector itself, which I wasn't really comfortable with...
|
|
|
Who just bought MtCocks.com? I JUST BOUGHT MTCOCKS.COM!
Now what should I do with it?
The name says it all... use it for sell porn (for bitcoins). Maybe I could start a business venture with BitcoinPorn. Hey BitcoinPorn, you reading this one?
|
|
|
I propose a new site named Mt Cox, where you basically climb to the top of the mountain, and push the summit of Mt. Cox right into your butthole, and then tell people you're not pushing a Mountain of Cox into their butthole.
WHOIS information for mtcox.com : [Querying whois.verisign-grs.com] [whois.verisign-grs.com] Whois Server Version 2.0 Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.netfor detailed information. Domain Name: MTCOX.COM Registrar: DYNADOT, LLC Whois Server: whois.dynadot.com Referral URL: http://www.dynadot.com Name Server: NS1.DYNADOT.COM Name Server: NS2.DYNADOT.COM Status: clientTransferProhibited Updated Date: 10-jun-2011 Creation Date: 10-jun-2011 Expiration Date: 10-jun-2012 Who just bought MtCocks.com? I JUST BOUGHT MTCOCKS.COM! Now what should I do with it?
|
|
|
Yes but you got in early, and ideally have already recouped your intial investment on the rigs you set up.
Not nearly as early as you think and not nearly as early as I'd have liked Still, the margin of profitability has always been narrower for new operations than existing ones - which is sort of true in any business. There are lots of peaks and valleys in profitability in every industry but they do keep chugging along and making money. I remember speaking with my Aunt a while back (she's an exec for a hospital) about how over the course of her career she's seen new doctors and nurses get hired for grossly different wages and it had little to do with the profitability of the hospital, inflation etc. - the cause was availability. A bunch of people would hear that industry X was "recession-proof" or they'd see quick money to be made and new high school grads go to college to work in industry X. This removes them from the pool of potential doctors so less doctors graduate that year. If this goes on long enough, hospitals start to get desperate for new doctors and their wages increase which of course makes medicine the new "industry X" that everyone goes to college for. There are a handful of industries that "industry X" seems to rotate through but the same basic concepts apply to many things. In short, when mining becomes less profitable than, say, speculating more newcomers to bitcoin will speculate than mine, which then creates a shortage of miners. Homeostasis, my friend, homeostasis.
|
|
|
The elites have pretty much formed a zero-sum game.
I agree with the concept of your post, but I'm honestly tired of seeing this term. It's not that it's being misused or even overused, it's that it should be obvious to everyone involved that every (physical) thing on this blue-green rock is part of a zero sum game. I don't see anyone bringing back resources from Mars just yet and I can't move away from Earth to live on Titan or something. If you have something, your ownership of it removes the ability of others to own it. This is why the computers and the internet are REALLY revolutionary - we're beginning to make ideas more tangible. If I have an idea and I share it with you, I've lost nothing and now you have something you didn't before. In other words, things that we apply the "zero sum game" terms to are only zero-sum because we've erected imaginary walls (see what I did there?) around the concept as though it were free from outside influence. Atoms do not spontaneously come into or leave existence so if it exists as a physical object it HAS to be zero-sum in one way or another. Maybe this is why we're all flocking to digital currency, we realize on some level that the ideals we hold can only be executed in a non-zero-sum world and so we happily move as much as we can away from the physical world to make our ideals reality.
|
|
|
And the Swedish haven't been fighting multiple wars half-way across the world since Nixon administration. And the Swedish are relatively cultural homogeneous. SO what?
ignoratio elenchi I like this. I think I'm going to start responding to others' posts with nothing more than the name of the logical fallacy they are committing. Let's all do this - let's make this the next big meme and pound some logic through those thick skulls out there... WHO'S WITH ME?!?!
|
|
|
|