It is rarely a good idea to reinvent the wheel, when it comes to security-sensitive, time-tested, well-reviewed-by-experts cryptography code. This. Also why is avoiding dependency on OpenSSL important? Something I am missing? |
|
|
|
Here is the address the coins went to; 1PVc7JCJp3L3LqjzjjUw5Mm1NQHGFTj1fP. I am not sure about the RPC port. I think I have access turned off to everyone but our home network. That is just my wife and I. Obviously your wife just robbed you. |
|
|
|
I like the way you think. Duosecurity is a great company and their "push login" is nice feature. Still for the size of Bitcoinica they likely want their 2 factor solution not hosted by third party. |
|
|
|
It's really hard to believe that after the linode debacle, you guys are
still leaving that many coins on hosted systems.
Please learn about offline transactions and how to properly decouple
the wallet from your trading system.
This. It is insane to me. The cost of a secure co-location cage with dedicated hardware firewall, and private switch, and private servers. Every single piece of hardware owned and configured by you. The exchange and wallet should be on seperate servers and the wallet server should have no insecure connections. Come on it is 2012 guys. IPMI makes doing secure remote co-location a lot easier. VPN secure KVM over IP, bios upgrades, hardware monitoring, remote power control, even remote media loading. No reason for anyone to have access to the cage. Any good colocation provider can enforce user specified cage access protocol (i.e. requires 2 whitelisted users, and auto-notification of everyone on the whitelist w/ 2 hour delay). On edit: password resets? What the fuck are password resets? This isn't a facebook account. Your admin loses his password well he can't login. Period. If he keeps doing it you fire his ass and hire someone who is more capable. Logins should be password + cert and limited to a dedicated NIC. Your own personally owned and configured hardware firewall limits connections to the login NIC based on whitelisted IP addresses. |
|
|
|
|
Awesome.
Yes please do that.
|
|
|
|
I just looked at the topics being presented besides yours, and all of them could/should be about bitcoin. Lets hope that bitcoin is at least brought up in all these other presentations.
Get Beyond the Strategies to Drive Emerging Payments Adoption
Person to Person Payments
Mobilizing and Digitizing Payment Products
Mobile Wallets: What Do They Mean to Financial Institutions?
The Decoupling of Banks - How Non-Bank Entities will Dictate the Future of Consumer Financial Services
My guess (and Bitpay can confirm) is that Bitcoin won't even be mentioned. It is more like why you banks need to support my closed platform x which will never have more than limited appeal because it will never have universal support. Of course Bitcoin is the elephant in the room because as you point out it is the answer to all those topics. Banks could actually benefit from Bitcoin. Imagine if in your online banking account you could exchange money in your checking account for coins (and in reverse). The killer app for Bitcoin. 99% of users would never use Mt.Gox they simply would buy coins from their bank or when paid in coins convert them back into funds in their checking account instantly. Makes all those closed p2p fund transfer systems look quaint. |
|
|
|
I'm not sure which reason accounts for the increase, but I have a feeling it's because EMC is used as a backup for a lot of people, so the latter is likely the more likely explanation. Hit over 5000 LP watchers on one server last night during a few long polls. We normally only have about 1000 active miners give or take a few hundred at any given time.
Maybe a less invasive method would be for cgminer to delay the getwork on backup pools by a few seconds (and do so randomly)? So time 0 your would see your 1000 or so active users send getwork and then spread out over the next x seconds randomly requests would come from the other 4000 or so users. |
|
|
|
the max is dynamic and changes on every single bet placed.
Anyway that can be verified? Otherwise the house could cheat by this sequence: Max bet = 1000 BTC. Player places bet for 1000 BTC. House determines if bet wins or loses. If lose - then record as a loss If win - then reduce max bet to 900 BTC and record as over max. |
|
|
|
No problem here are the relevant calculations. Transaction priority is calculated as a value-weighted sum of input age, divided by transaction size in bytes:
priority = sum(input_value_in_base_units * input_age)/size_in_bytes
Transactions need to have a priority above 57,600,000 to avoid the enforced limit. This threshold is written in the code as COIN * 144 / 250, suggesting that the threshold represents a one day old, 1 btc coin (144 is the expected number of blocks per day) and a transaction size of 250 bytes.
So, for example, a transaction that has 2 inputs, one of 5 btc with 10 confirmations, and one of 2 btc with 3 confirmations, and has a size of 500bytes, will have a priority of (500000000 * 10 + 200000000 * 3) / 500 = 11,800,000 https://en.bitcoin.it/wiki/Transaction_feesSo the only txs which should get stuck permanently are either malformed ones or ones which violate the seperate "dust spam" rule. If a tx is <0.01 in size it must contain a tx fee. This rule is separate from the priority based rules so a tx rejected by pools will continue to be rejected by pools regardless of how old the tx becomes. Of course one can always double spend their own stuck tx or mine it in their own block. |
|
|
|
|
Thanks I will take a look at it.
|
|
|
|
You can buy botnets easily if you know where to look, the thing is they are more commonly situated in less developed countries where they have shit CPUs and shit graphics cards among other issues. Anyway, this rise in difficulty has nothing to do with botnets. It has everything to do with this: https://glbse.com/assetsWhat makes you think that. The vast majority of those (by hashing power) already existed prior to the bond being issued. |
|
|
|
I guess I'm kind of surprised txs aren't given a higher priority if they've been in queue for a longer amount of time. I mean - if there's a tx which hasn't gone through in a week, and the queue of unconfirmed transactions is growing every day, those coins are probably effectively "lost," yeah? The coin age clock keeps running. Eventually the tx will have enough priority (combination of coin size & coin age) because coin age keeps growing. The network doesn't look at only age, it looks at output value * age. So yes "younger tx" can have higher priority if they are larger. |
|
|
|
You don't need a protocol change to do that if it's already possible to put your information in it.
Just change the extra information to
your name + previous block hash you've mined + sign(your name + previous block hash)
It should be possible to not insert this information so real anonymous mining stays possible.
Anyone can get the previous hash from your pool. It's in the blockchain, after all. However, publishing some kind of signature based on the block number or hash, signed by a pool's private key would be ideal. Except in a 51% attack.  The signature would need to contain something specific to the block (like merkle tree hash). |
|
|
|
You don't need a protocol change to do that if it's already possible to put your information in it.
Just change the extra information to
your name + previous block hash you've mined + sign(your name + previous block hash)
It should be possible to not insert this information so real anonymous mining stays possible.
That won't work but I wasn't suggesting a breaking protocol change but rather an agreed upon optional standard which is fully backwards compatible. Instead something like pools (optionally) create a public private keypair used for signing (probably should have mechanism for revocation or replacement). The pool would modify the getwork so that they hash some standardized identifer (should be specific to the block to avoid substitution attack) and sign it. Yes I was indicating such a system should be optional but sites like blockchain.info could scan the block look for a signature and then verify it w/ the pool's public key. In cases where the block can't be verified (or no signature is present) blockchain.info and other sites could still try to guestimate the origin by IP address. As long as the signature is placed somewhere which isn't a breaking change uniformed clients would simply ignore it. |
|
|
|
|
Not yet redeemed doesn't mean it hasn't been hashed into a block yet.
How many confirmations does blockchain.info show for the tx (you can search by the tx id, or any of the addresses).
If the tx hasn't been confirmed then likely it is a fee issue.
If it HAS been confirmed and you destination still doesn't see it the coins have been sent, the issue is just with the destination's client.
So the first troubleshooting step is has it been confirmed?
|
|
|
|
I stand corrected regarding the term. Having hundreds thousands of infected machines is reasonable to anyone?
Yes. |
|
|
|
Electricity costs are 0,24 EUR KW/h. Is that a typo? As in $0.31 per kWh? Has a higher electrical cost per MH than a GPU farm and double the capital cost. Hmm |
|
|
|
However I wonder if it's difficult to setup the configuration file so that I don't need to put in data manually every time I restart cgminer? start cgminer w/ options from command line. when it loads click (S) for settings and then (W) for write config file. You don't need to give it a name just press enter (default is cgminer.conf). Open it up in notepad and verify for acuracy. To start in the future just double click cgminer.exe (or put it in the startup folder) and it will load the default config automatically. edit---> my A to R ratio is 2%, so 2% rejected, is that good?
Technically your R% is R / (A + R) but the difference is likely minor. If you are sick 1 day and went to work 4 days you were sick 1 / (1+4) = 1/5th of the days (not 1/4). Well technically technically what you really want to look at is ( R + SS ) / (A + R +SS) although that is less of an issue now since I think cgminer submits all stales by default. |
|
|
|
|
I heard his Bitcoins are proof condition, very shiny and stuff.
|
|
|
|
|
Show Posts
