Indeed, I've done this a number of times with both the new and old versions of the andreas wallet. I'm happy to help someone who's struggling with it. It's actually not too hard at all. |
|
|
|
In the scam accusation thread, turtle had claimed that the AGC did load onto his Amazon account, that his account reversed the card off of his account (more then one time?), somehow got his account to reflect the gift card balance to be back on his account, then the coins shipped....
@Quickseller, please stop derailing this thead. This is the thread you're looking for: https://bitcointalk.org/index.php?topic=1163098.0Is there any user here whom the majority of the community consider trustworthy?
I think thats the real problem with the trust system, there is a lack of trustworthy users on bitcointalk. I guess message boards aren't a good way to trade. Even anonymous marketplaces like Silk Road don't have as many scammers because of the escrow system.
Well the point is the default trust system is meant to consist of trustworthy people. This is the centralized, top-down version of the trust system which the de-facto one. However, given this thread and this reply among others, it doesn't seem like the centralized view was intended. It seems like it was an implementation error. So, default trust has become equivalent to standard trust has become equivalent to "the trust system". But I don't think it has to be that way and it seems that many others agree. If people used trusted escrows here there would be a hell of a lot less scams,... You're absolultely right about this. But it's not clear to me that enshrining a select few people special "green lights" does anything at all to educate people or encourage them to be smart. It seems to do quite the opposite, leaving people with a false sense of security based on the idea that "the trust system" will take care of them. |
|
|
|
|
In case it's relevant. I can add that I was sent the wrong product which I purchased on amazon by a sender this January. In my case, it was a 9$ product, so it wasn't very expensive (it was a case for a tablet, when they should have sent a case for a phone), in any case, what happened is that I wrote to them and they sent me the right case. I asked them to send me some sort of shipping label. They said "we don't do that, just send it back to me at your own expense and we'll reimburse you".
I write this just to say that I don't think it's true that amazon always sends you a label. I was not sent a label in this case.
|
|
|
|
Sorry to necro this thread.
However, given the large number of recent posts and complaints about the trust system, default trust, and how people who are trusted sometimes behave I thought it might be useful to remind people that theymos has considered alternatives and it was a pretty evenly split vote on moving to something new.
For those of you who are unhappy, you may want to outline your alternative and see if you can get some agreement on an alternative as theymos is clearly not determined that the current system continue no matter what. His proposal here may be a useful starting point for your thinking.
Good Luck!
Thanks, galbros, this thread is really relevant to recent issues re the trust system and it's not one that I had seen previously. One thing this really brings home to me is that it seems like theymos definitely would have preferred a more distributed trust network---one in which people are actively adding and removing people based on their own experiences. The current system gives us the tools to add and remove people, but because a vast majority of people do not add or remove or modify, they're really little point in doing so yourself. Default trust has become "standard trust" and like-it-or-not, changing your own settings away from the standard just makes you out of the loop. It's a little bit of a critical mass problem, in my opinion. I think something like this proposal would be very valuable, I especally like the part of confronting a user with their own trust setting and forcing them to actively choose something/someone. Having chosen, they'll be more aware that they can revist those choices. The part about offering the "top 30" might have been problematic in this proposal, but I really see value in trying to get the wonderful personalization tools of the trust system more active. |
|
|
|
It would be interesting to know the minimum of had to have been gambled to have got to each level, including 8. That would be a good basis on which to objectively evaluate them. There are other factors of course, but that would be a good start.
I think minimum risked/gambled would be really hard to define because so many of the games have varying payouts and the goals are usually in "amount won" not in "amount risked". For example, if you walk up to a fire game there's a chance that you get a huge jackpot on the first bet, so you would have risked very little (what's the minimum, IDK, but you'd have to know the highest possible jackpot at the lowest possible stakes to evaluate it). There's probably a good way to do it in terms of expected amount risked. That is, if all the games are (say) .95EV and you need to win 100BTC to get to level N, then we could say that on average we expect people to risk 105.26BTC(=100BTC/.95) to get to that level. I think that's basically the closest you could come to caculating risk for a given level. That is, use expected, rather than minimum. |
|
|
|
@LFC_Bitcoin and @Blazed, it's not that I don't value your comments, but I think they're better off in the thread(s) about how to improve the trust system to prevent abuse. Here: https://bitcointalk.org/index.php?topic=1031791.0https://bitcointalk.org/index.php?topic=1163292.0Unfortunately, with all the attacks and drama that quickseller and his attack-dog alts produce in the forum, it's become very difficult to keep it all straight. I have been told in no uncertain terms that this thread is the only place where I'm allowed to discuss Quickseller's abuse of me, so I want to try to keep things on topic here at least since this is the only place to discuss it.
This thread is about getting quickseller to somehow justify his long-lasting abuse campaign on me, or to withdraw it. He's recently withdrawn one of his sock ratings, I hope he's going to be withdrawing the other one ( https://bitcointalk.org/index.php?action=profile;u=519804;sa=showPosts) very soon, as it's clearly even more trolling than the one from ACCTSeller which he has removed. Blazed, the one thing you said which is relevant here is this: I guess you could say some collateral damage is bound to happen a long the way. The fact that we can publicly dispute things here in meta makes for a decent checks and balances.
But I called out quickseller for his abuse immediately when he started doing it back in mid April: https://bitcointalk.org/index.php?topic=1032755.0Yet his attack didn't abate, badbear was away and he merely added more negative feedback from sockpuppets in the interim. It's clear to anyone who looks into the situation that it was a personal vendetta gone wrong. QS thought it would be easy to smear me because I didn't do trading so I didn't have a long list of people to tell him to stop. He banked on the fact that he's well known and feared and that people wouldn't cross him. The sad thing is that for the past 5 months, this basically worked. Even now, he cannot explain his rating other than as a personal attack for crossing him and at this point, he's just quit trying to do so. You'll note that he hasn't replied directly to me in this thread for approximately 6 weeks now. Surely that's enough time to forumlate a response if he has one. You say that "some collateral damage is bound to happen along the way", but what if your account and your reputation were part of that collateral damage? For the record, I quite disagree. I have think the default trust system could be improved drammatically, and should be. But even under the current system there's simply no reason to keep someone on the elite list who acts first and tries to rationalize later. Some people are known temperstorms (the ironic thing is that all this drama started because I had the balls to call out QS for his temper), but other people are known for calm, rational, deliberate action. I would argue that if you're going to have a centralized trust system where any single person can destroy another person's reputation at the push of a button, that's a very good reason to only put calm, deliberate, rational people into that position. With great power comes great responsiblity. I ask you too look at the post history of the known alts of QS (ACCTSeller, FunFunnyFan, and many others) and then to ask yourself whether that's the kind of person who you would hand a badge and a gun to. Yes, QS knows how to look up addresses in the blockchain. Yes, he spends an incredible amount of time on the forum, but there are others out there who do meet those criteria without the reflexive attack-dog mentality of Quickseller. Even now as the OP of this thread fills with people asking QS to withdraw his false attack on me, the best he will do is remove one of the sock ratings and disappear. His strategy is to drum up the next controversy and the next controversy as fast as possible, so that people will forget about this or call it "solved" in their own minds. It's really not solved until QS does the right thing (removes the false attacks) or the community does the right thing (removes QS from power). |
|
|
|
I think the idea of turtlehurricane is exploitable because scammer simply would have to build a lot of accounts and spam all negative ratings away. Or give positives all the way from the start. If it was done right it wouldn't matter because people wouldn't care about untrusted feedbacks any more than they do today. The difference would be that the trusted feedbacks that appear on a trust page would be ones that you actually chose as trusted, and not ones handed to you by someone you might or might not agree with. We know that nearly no user is bothering with changing something on the trust list so i wonder if tspacepilot's idea will work. In fact i like his idea of adding those people to default trust that you trust. Then you can trust their reviews. Indeed, but you don't mean adding them to default trust, you mean adding them to your trust list. In practice that woul no work because people wouldn't bother to add someone in 98% of all cases.
But this is a failure of the default settings. If the default settings were blank, the first thing people would ask is "what am I supposed to do with these trust settings?" Who knows, maybe a sticky thread would get created which basically said, if you don't know what to do with your trust settings, add "badbear" and "quickseller". In any case, I think that educating people about the decentralized potential of the trust system would be a wonderful step forward from the problematic top-down system that exists currently. And next thing is that you never could add as much users as are on default trust. Which means you will miss a lot scam alerts. Since you surely don't want to add those users that add their negative rating to everyone who appears in scam accusations. Because that often enough are accounts that are levelled up to make a scam at one point in time.
But surely anyone who wants to see the "scam alerts" can subscribe to the scam accusations subforum and add all the users they like from that section into their trust list. |
|
|
|
Tspacepilot, i will quote my answer from the other thread since it matches here too. I will add that your suggestion of changing red to yellow will not really change anything. Red is an alarm and it mostly is because of scams. Everyone can check out what it is about. When it was quickseller neg repping a newbie asking for a loan then you don't need to think automatically that he is a scammer. A yellow text instead red wouldn't change much there.
I think you're missing the point. The trust system has several wonderful features which aren't even used, such as the ability to select your own network and depth of trust. The reason they aren't used is because of the existence of default settings and the lack of any clear instructions about what a newbie should do. For this reason, 99% of the people don't change their trust settings and if you do change your trust settings, it just means that your blinding yourself to the state of affairs as seen by most users. The idea of the default trust list was supposedly that it would "bootstrap the system" so that people's trust wasn't all zeros at the beginning. What happened instead was that the few people on default trust became the de-facto scam police. And this led to the current situation where there's always a handful of people trying to fight their way into that elite clique. If steps were taken to educate people about how to build their own networks then I'd think we'd see two things: 1) A more natural, heterogenous community where people happily trade with people in their network, and approach others with caution 2) A healthier environment where there wasn't any one person you had to please in order to become an elite, in a more distributed trust network, you'd see many clusters of people instead of the top-down pyrimid style network we currently have. In my opinion, and from what I've read from theymos and others, it's this latter network that we were supposed to see in the trust system, but bootstrapping it with a central authority alongside the well-known internet phenomenon of mob-mentality has led to a number of avoidable abuses. @Saltyspitoon, upthread you said that you strongly agreed with some of my ideas here and that you were going to bring them up with Theymos. Do you have any update for us on that? |
|
|
|
Tell me, those who use the signature is not the first day. When you have made a new post, Satoshi amount increases or is visible only on Mondays? I 0.00000000 balance and the number of post increases. Maybe posts on the Russian-speaking branch is not taken into account?
The balance shown is for payout. You will not see a Satoshi amount during the week. Again, look at the rules. Ok, thank you wait until Monday. I hope payment. Tell me, in the rules says that you can not insert pictures. But sometimes you need agrumentirovat your screenshots. Such posts may be published, they will be taken into account? I would have assumed that they would pay for posts which had 75 or more characters in addition to any images. I'd be surprised if they're discounting any post with an image. But in effect, who knows? Why don't you tell us what happens when your payday comes along? |
|
|
|
Sorry for my ignorance, but isn't this more general than playing a sound. Presumably, you want to update the wallet balance from time to time anyway. Don't you have the same address pinging privacy problem no matter whether or not you play a jingle? I don't understand the connection to the audio file.
I'm not sure the Mycelium app updates the balance automatically. I often have to hit the refresh icon to see changes, but that could be because my Internet connection has a high latency, idk. I think that due to security reasons, external application (different from Mycelium) should be used for address watching and making beeps. Do not know if such application exists, but it should not be difficult to make. Can Mycelium export list of HD addresses (even old ones, even future ones) for "watch-only" in some CSV-like format? The post by Rassah just above (quoted below for convenience) suggests a privacy issue, not a security one. I thought SPV clients already had a way to request some superset of transactions they're actually interested in to protect privacy (though clearly not as well as a full node requesting every transaction). We keep getting asked this, and we keep having to explain that this is terrible for privacy. The only way a wallet can know that you have received coins is to constantly keep asking a node for an address babalce. Whoever runs that more then knows that that's your address. And with HD you would be pinging multiple addresses, so the node will know they all belong to you, and will be able to piece together your entire transaction history.
|
|
|
|
So I'm planning to throw 99 times with a dice and punch the number into a metal strip or engrave it into marble to produce some bullet proof single address wallet. Wow, seriously? Marble engraving? Before I go such lengths I want to make sure this approach works. So I want to test each step and even fill this address with a few satoshis and spend them as well before I fill it with more serious amounts. Throwing a dice is easy, but converting it into a WIF private key isn't. The only way I found is through www.bitaddress.org, but I am not able to review the source and I don't want to rely at one source only. Is there anyone who can give me some other suggestions? I assume you can figure out how to convert your number into 256bit hex? If so, the following works fine for me: b58 = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'
def base58encode(n):
result = ''
while n > 0:
result = b58[n%58] + result
n /= 58
return result
# https://en.bitcoin.it/wiki/Base58Check_encoding
def base58CheckEncode(version, payload):
s = chr(version) + payload
checksum = hashlib.sha256(hashlib.sha256(s).digest()).digest()[0:4]
result = s + checksum
leadingZeros = countLeadingChars(result, '\0')
return '1' * leadingZeros + base58encode(base256decode(result))
def privateKeyToWif(key_hex, compressed=False):
if compressed:
key_hex=key_hex+'01'
return base58CheckEncode(0x80, key_hex.decode('hex'))
^^^ That's python, but you could use another language if you want. In the above, key_hex is a string. Here's an example of me using it.: >>> k="1111111111111111111111111111111111111111111111111111111111111111"
>>> privateKeyToWif(k)
'5HwoXVkHoRM8sL2KmNRS217n1g8mPPBomrY7yehCuXC1115WWsh'
>>> privateKeyToWif(k, compressed=True)
'KwntMbt59tTsj8xqpqYqRRWufyjGunvhSyeMo3NTYpFYzZbXJ5Hp'
|
|
|
|
|
I have to admit, I'm a little confused here. As far as I know, a transaction has to be signed to be valid. If the transaction was changed after the signature was added, then the signature isn't going to be valid (that's how digital signatures work). Also, I believe that the ecdsa signing algorithm uses a random number, so each time you sign the same content you're going to potentially get a different signature. How could a transaction be mutated in such a way that the signature wouldn't be rendered invalid?
|
|
|
|
Two feature suggestions:
1. Some audible indication if you receive bitcoins. Andreas Schilbach's wallet has a very neat 'tinkling coins' sound. Just something subtle. Would be a great addition in the user experience, I think (sounds crazy, but often I've heard "damn I love that sound of incoming coins!")
We keep getting asked this, and we keep having to explain that this is terrible for privacy. The only way a wallet can know that you have received coins is to constantly keep asking a node for an address babalce. Whoever runs that more then knows that that's your address. And with HD you would be pinging multiple addresses, so the node will know they all belong to you, and will be able to piece together your entire transaction history. Sorry for my ignorance, but isn't this more general than playing a sound. Presumably, you want to update the wallet balance from time to time anyway. Don't you have the same address pinging privacy problem no matter whether or not you play a jingle? I don't understand the connection to the audio file. |
|
|
|
-snip-
I think there are reasonably and concrete ways to improve the system.
-snip-
Could you point out some? Um, yes. You can't just ignore a 5 paragraph response and quote the summary sentence at the bottom and pretend that nothing else was written.  See especially paragraph #3 of your [snip]. See the OP of this thread. See the reference thread I linked to in the bottom of the post. |
|
|
|
How would you battle against the fraud of making multiple (few, dozens, hundreds) of multiple accounts? The forum would be quickly overrun with fraud since the honest people would have the one account and fighting against the scammer with many. So, no, the reputation system would not work just the same.
You would battle it by building your own trust list, one person at a time. A decentralized network wouldn't need to mean that all feedback is equally values, it would simply mean that each user chooses which feedback to value. If default trust were removed tomorrow, I imagine that a huge number of people would immediately add badbear, tomatocage, vod, dooglus, etc, etc to their trust lists. The difference between that and what we have today is that everyone who did that would suddently know who they were trusting and what their reasons were for doing so, rather than being handed a crutch to lean on which is probably going to fail them if they start leaning too hard. I would imagine that in such a scenario, over time, several tightly knit trust sub-networks might develop, and who knows, people might start choosing which trust network to "buy" into based on individual motivations and perceptions about those networks. But the crucial thing is that these networks would develop organically based on actual experineces of the forum users, rather than being imposed by a central, overworked authority which is subject to manipulation. A case in point for this kind of reasoning is that even bringing up such ideas will get you shouted at (often by people on default trust). I was told in no uncertain terms by someone on default trust list that arguing for a different sort of trust system is tantamount to promoting scams an fraud---and that's not the worst of it, but I wont' go on further on that now. There's another important point here, you don't have to go whole-hog. You could start with some small changes which would encourage users to interact with and build their own trust lists. A simple first step would be to change the overblown "warning: trade with extreme caution" to "this user has received negative feedback from someone in your trust list". That kind of change would encourage users to try to figure out what their trust list is, and how they can use it. You can also create your own trust lists and remove and add anyone you wish so I guess you can argue it is decentralised.
You're right, hilarious, in principle. But in implementation, it's a bit of a fail. Everyone is invited to create their own trust list and to set the depth they wish to see in that list. But in practice, almost no one does this, so, because trust depth default is 2, unless you're in the depth 1, it doesn't matter to anyone who you've put in your trust list, and changing your trust list just amounts to not seeing what everyone else sees. dserrano5 said here that default trust wasn't supposed to last, but was added as a bootstrap mechanism so that the trust network wasn't terribly empty and sparse before people had a chance to create their own lists. The current system is a far-cry from that scenario, I think there are reasonably and concrete ways to improve the system. I hope that they'll be more seriously considered given all the abuses we've seen of the trust system by an (admittedly small) number of folks associated with it. EDIT: for reference, a similar topic was discused here some months previously: https://bitcointalk.org/index.php?topic=1031791.0 |
|
|
|
Thanks to you guys' tips and pointers, I got my hand-built transaction generated and signed and pushed: 0100000001571e279a795de0d026b6edc83e187447d2371384eda3c2c86fa67ecb8a86a53c010000006b483045022100c1369a31af8a3f85233a8210f06808a712e37e5cd0513ae0386b5a033bc4194f022048f30f8acc6a07ef26aa9f7c72ca9d82f769fa78b0a06c0fdfbb79bdc0a713ff01210314bad032ce3473485d1144c5aeb95858adec29e2864d212a114b969dc3477885ffffffff01703a8c00000000001976a9140f532b6d8285d6d1bba1286cd74350270edbc7ee88ac00000000
There were a few extra tricks to figure out because I used a compressed pubkey instead on uncompressed so I had to modify ken sheriff's python code a bit to get a valid signature. But it looks like everything worked: https://testnet.blockexplorer.com/tx/4ffe67e59d699b8ea7f61cfe4d63bdd1cce52e7b3b80622358c05f70d6acb07f^^^ That's a hand-built transaction on the testnet. After that confirms, I'll make one more to give my testnet coins back to the faucet. Topic closed. Thanks to everyone. I feel like I just earned some sort of merit badge. |
|
|
|
It's fine if he leaves negative rep, anyone can do that. The absurd thing is he is on default trust. But with respect to leaving negative reputation points, you're not supposed to "trust-spam" or continually use your alts to leave many negative ratings. That is against the rules and people have been banned for it. QS left me three ratings with three accounts. He has recently deleted one of them (presumably responding to commenters above) but it's not clear why he hasn't removed the more trolling comments from his alt FunFunnyFan. He's abused me and dozens of other people. It's toxic.
I agree that it's absurd and as you can see in the many quotes in the OP of this thread, everyone who has looked into this situation is calling for him to withdraw his abuse on me. Yet he ignores it. From what I've seen, QS' strategy is to argue with distractions and overblown comparisons (he literally compared me to convicted rapist just a few posts upthread?!). Often, given the mob-mentality of "justice" that often develops in pseudo-anonymous internet fora, this is enough to exhaust his victim and that's that. Other times the victim has stamina for the onslaught and continues to ask QS to explain the rating and the reason for the attack, when QS cannot answer, he simply moves on. He can easily draw everyone's attention elsewhere by attacking a new person (scammer or not a scammer). So that seems to be what he's doing now with me. As he couldn't answer dooglus' points, he's just gone on to something else. |
|
|
|
I hope this could be helpful for our community to find who is this destructive digger. If not, again please ignore me.
A curious hypothesis. The main part I want to comment on is whether or not this digger is destructive. 1) The more he digs clams from the initial dist, the less you have to worry when or where they'll be dug (you get the uncertainty out of the way) 2) The cheaper he sells his bounty, the cheaper the clams for everyone interested in buying. If you were happy to buy at 0.01BTC, shouldn't you be jumping to buy at half price (or lower). It seems to me that what's going on is a real buy opportunities for the true CLAM believers. |
|
|
|
Can you post a list of BTC addresses somewhere? I have a theory on where they came from that i can check.
Here's some of it. The full list is at http://privatepaste.com/2b3f383378*SNIP* Thanks I think I know how this digger came to have so many addresses now. "drumroll, please!" ... ... [drumroll continuing] ... ... Well, don't leave us hanging! |
|
|
|
|
Show Posts
