Bitcoin Forum
June 24, 2024, 08:32:33 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] MangoCoinz (official) - The mobile crypto currency on: October 27, 2015, 07:15:25 PM
SCAM ALERT!
DO NOT PUT ANY MONEY INTO THIS COIN!
Read the whole post to understand! Some things may be technical at first, but I hope everyone will understand.

I have been silently reading the previous announcement thread since a few weeks now and have to say I'm surprised by how many people think this "coin" will yield anything good. Why do I think so follows:
- Centralized architecture, it's a huge red flag already. Devs can manipulate coin amount anytime they want. They can issue new coins from nothing. (The coin amount counter is running on their server, that data means nothing.) Given this much control they can manipulate the price any way they want, the fact they didn't do it just shows their incompetence in this field. Seriously, they could be rich already. The "blockchain" viewer also runs on their server, same here, it cannot be trusted. By the way, there isn't even a blockchain probably. It would make no sense with this setup. It's just a plain old database with the syncs stored. There are other problems with centralization though: a DDoS could bring the entire system down. (Currently, I would bet 90 % the server doesn't have DDoS protection.) A hacker could get into the server, issue random coins to random accounts, delete everything from the database (yeah, there are backups probably (if there are lol), but the outage and rollback would still be disastrous if the "coin" would get popular). They could also leak all user data depending on what is stored. Some simple misconfiguration could also bring the system down. Such an environment should be extremely robust. And I didn't even mention scaling: if this would get very popular, it would need scaling and since you're dealing with transactions and syncs you can't go NoSQL. Transaction management in a high-scale environment is really hard, banks have dedicated teams to do it.
- Syncs - wait what??? So without any kind of proof I can get stuff worth money? Hell yeah! Before you say it's mining: No, it isn't! There's an app checking accelerometer data and sending the server how much movement occurred. How about faking accelerometer data? Actually, since code is running on users' devices, it can be altered or fed fake data anytime. No, obfuscation won't help either. There are many ways to defeat it. Let's go through a few! Device software can be modified to provide data what I want. Virtual machines could be spawned to do the same, or some hybrid solution, virtualizing only the app. Possibilities are endless! One can modify the application itself to do what they want. One could create bots by reverse engineering the functionality and writing a program to mimic it. TOR and proxies would give them thousands of individual "miners" generating lots of "coins" every day (even if devs implemented TOR or proxy detection, they can't detect all proxies (see private ones) or one with a small-sized botnet could use totally legit IP addresses which you cannot filter (this is plausible, especially if you think about such groups, they would also have the capacity to maintain a solid bot)). The problem is that there is NO PROOF OF WORK/STAKE/ETC. mechanism. It simply trusts the environment and this is a huge no-go in cryptocurrency.
- The app - Even though I'm no expert in the field, it took me roughly half an hour reading about the APK decompilation process and doing it. Noticed the core parts are in a native library, finally something interesting. I already know why the app has (/had, newest one is said to be stable) so many bugs and crashes reported by other members. Sure, writing it in all Java would have revealed how there is no real proof for validating syncs, but the devs aren't competent enough probably to deal with C or C++ and implement a proper bug-free code natively. No, do not say it's a beta, it's still unacceptable.
- Closed source - Devs say the infrastructure is closed source because if it would be open, scammers would create clones and saturate the market. This is such a ridiculous contradiction. Cheesy Devs are the very scammers here. Yes, they say they are honest (why say it anyway? people either trust you or don't), but we cannot know this honesty will keep up later on. Also, what if a new member in the dev team comes and they won't be? This leads to another question - how many devs are there in the team anyway? Two? Three? (In a post one of them said they got another member.) Total lack of transparency. This does nothing good in the cryptocurrency ecosystem among lots of scammers. Also, open sourcing the app would reveal all the flaws I already mentioned.
- Mainly just to make an interesting point: The API - Without knowing much about the details, the API for integrating third-party systems works as follows: First of all, it's not open. You need to contact the dev team, supply them information about the system you're building, you have to prove that you're part of the team that's developing this particular system (read it somewhere on another forum) then you get the documentation which probably entails the following: You need to connect to the central server through some obscure HTTP(S)-based methods. UseCryptos had to integrate this system, that's why it took so long from initial announcement to actually get an up and running system. Why is this bad? First, it really slows down development time if you want to support this "coin", which is not something developers can allow themselves. This results in lower adaption rate as nobody would like to spend time for this specific coin when they can get up and running with all other JSONRPC coins in a few minutes. Bitcoin introduced the JSONRPC API and since lot of other coins are based on that, they too include it. BUT: Other, totally custom coded coins also include this API for the sake of good integration capabilities. They keep up with standards. The thing is, people have already written many wrappers and helper libraries so it really is a breeze to work with. Also, this approvement for every service is good now, but what if you got tens or hundreds of requests a day later? How would you cope with it? Also, since all of these services connect to the same server, making lots of requests, this also will increase server and bandwidth load. Got to scaling again...
- Getting popular - Seriously, I do not care if some people in the early (especially beta) days lose money. Heck, I wouldn't have written up all these (yeah, took a lot of time...) if I didn't think about the future. My problem is mainly the following: The "coin" is aimed at the masses, especially running clubs. These people know nothing about the workings of the system and they trust it. Also, traders on cryptocurrency exchanges put money into it and get scammed by those gaming the system. And here I have to say it again: They cannot secure the system against gaming. The design simply does not allow it. It would need a proper proof algorithm, but in the sense of running and acceleration checking it cannot be designed by our current knowledge (I also was thinking about it, it's a no-go.). One cannot simply trust code running on a user device. No matter how much obfuscation the devs do, if there is big money in it, people will hack it. This is not even something to talk about, it's fact.
- PayPal payout - Simply put, PayPal sees cryptocurrencies as one of its direct concurrency and disables accounts trading coins if it finds out. Even though Mango is not a cryptocurrency, I don't think they'll like it if it gets popular. This would not be a problem, but this option is there to make things simple (people don't have to deal with exchanges) and

I refer to it as "coin", because this is not a coin in terms of standard naming. Not at least here on BitcoinTalk. This site is about cryptocurrencies which have proper cryptographic algorithms to ensure mining hasn't been tampered with. I would rather call it a token if I were to give a description.


Some things you say are true, most aren't. Reading up on general purpose tech and having a premise that every system only works on the worst and lowest version of the tech type it uses is just bad. The problems you have mentioned are, simply put, problems that any architecture of that type has. Do you keep your money in a bank or under your bedsheets? Think twice if it's a bank.
But that doesn't mean you can't get the 99% efficiency.

We have invested a lot of money and time into this project, we have been through a lot of bad and nice stuff with our community. If you are indeed someone who has read the old thread, you would know that all the stuff present now will only get better in the future. We said we will move towards open source and decentralization. We delivered before. We will on this as well.
Once the thread gets rolling, we will present our plans.

Please don't mistake our honesty for incompetence.
Made an account just so you can post here?

I said nothing about the worst tech, what I wrote regard to the optimal case. You need top stuff to deliver the expected QoS in case of such a system.

"Think twice if it's a bank." - Yes, I only keep the necessary amount in a bank. But this discussion is not about me, I'm not the average in this case. That's not to say I don't trust a bank. The thing is, in some cases you don't have another option. Also, banks employ top security and reliability experts. They have regulatory obligations. Again, this discussion is not about banks in general, but: Most people don't have security concerns. Just imagine a simple runner as they are the main targets They don't care about the system. They trust it as much as they do with a bank. What bad could happen anyway? - they think. But let's examine the emotional side: A club runs for charity for a month to help raising money, but someone games the system and suddenly their coins are worth nothing.

"Made an account just so you can post here?" - Nope, I read the whole old thread and even posted twice. Those posts were also about security. I simply wanted to post my concerns here as you're extending the coin now. There is no problem with the issues as long as there are about 1000 people using it. That's 1000 * (daily limit) * (BTC trade price) * (BTC/USD price) per day (not considering multi-accounts) and it's not a huge amount. But if it's 100k people and BTC trade price is 100x the current one, it's significant money and it will be worth gaming the system. So yeah, I mainly posted it here so people stumble upon the truth hoping at least they scroll down reading the first page.

@barabbas: The reason I started with "Scam alert" is to get people's attention. Most wouldn't care about a long post otherwise.

@everyone: Reading again, my previous post looks a bit harsh and rude at some places, sorry for that.
2  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] MangoCoinz (official) - The mobile crypto currency on: October 26, 2015, 05:27:19 PM
SCAM ALERT!
DO NOT PUT ANY MONEY INTO THIS COIN!
Read the whole post to understand! Some things may be technical at first, but I hope everyone will understand.

I have been silently reading the previous announcement thread since a few weeks now and have to say I'm surprised by how many people think this "coin" will yield anything good. Why do I think so follows:
- Centralized architecture, it's a huge red flag already. Devs can manipulate coin amount anytime they want. They can issue new coins from nothing. (The coin amount counter is running on their server, that data means nothing.) Given this much control they can manipulate the price any way they want, the fact they didn't do it just shows their incompetence in this field. Seriously, they could be rich already. The "blockchain" viewer also runs on their server, same here, it cannot be trusted. By the way, there isn't even a blockchain probably. It would make no sense with this setup. It's just a plain old database with the syncs stored. There are other problems with centralization though: a DDoS could bring the entire system down. (Currently, I would bet 90 % the server doesn't have DDoS protection.) A hacker could get into the server, issue random coins to random accounts, delete everything from the database (yeah, there are backups probably (if there are lol), but the outage and rollback would still be disastrous if the "coin" would get popular). They could also leak all user data depending on what is stored. Some simple misconfiguration could also bring the system down. Such an environment should be extremely robust. And I didn't even mention scaling: if this would get very popular, it would need scaling and since you're dealing with transactions and syncs you can't go NoSQL. Transaction management in a high-scale environment is really hard, banks have dedicated teams to do it.
- Syncs - wait what??? So without any kind of proof I can get stuff worth money? Hell yeah! Before you say it's mining: No, it isn't! There's an app checking accelerometer data and sending the server how much movement occurred. How about faking accelerometer data? Actually, since code is running on users' devices, it can be altered or fed fake data anytime. No, obfuscation won't help either. There are many ways to defeat it. Let's go through a few! Device software can be modified to provide data what I want. Virtual machines could be spawned to do the same, or some hybrid solution, virtualizing only the app. Possibilities are endless! One can modify the application itself to do what they want. One could create bots by reverse engineering the functionality and writing a program to mimic it. TOR and proxies would give them thousands of individual "miners" generating lots of "coins" every day (even if devs implemented TOR or proxy detection, they can't detect all proxies (see private ones) or one with a small-sized botnet could use totally legit IP addresses which you cannot filter (this is plausible, especially if you think about such groups, they would also have the capacity to maintain a solid bot)). The problem is that there is NO PROOF OF WORK/STAKE/ETC. mechanism. It simply trusts the environment and this is a huge no-go in cryptocurrency.
- The app - Even though I'm no expert in the field, it took me roughly half an hour reading about the APK decompilation process and doing it. Noticed the core parts are in a native library, finally something interesting. I already know why the app has (/had, newest one is said to be stable) so many bugs and crashes reported by other members. Sure, writing it in all Java would have revealed how there is no real proof for validating syncs, but the devs aren't competent enough probably to deal with C or C++ and implement a proper bug-free code natively. No, do not say it's a beta, it's still unacceptable.
- Closed source - Devs say the infrastructure is closed source because if it would be open, scammers would create clones and saturate the market. This is such a ridiculous contradiction. Cheesy Devs are the very scammers here. Yes, they say they are honest (why say it anyway? people either trust you or don't), but we cannot know this honesty will keep up later on. Also, what if a new member in the dev team comes and they won't be? This leads to another question - how many devs are there in the team anyway? Two? Three? (In a post one of them said they got another member.) Total lack of transparency. This does nothing good in the cryptocurrency ecosystem among lots of scammers. Also, open sourcing the app would reveal all the flaws I already mentioned.
- Mainly just to make an interesting point: The API - Without knowing much about the details, the API for integrating third-party systems works as follows: First of all, it's not open. You need to contact the dev team, supply them information about the system you're building, you have to prove that you're part of the team that's developing this particular system (read it somewhere on another forum) then you get the documentation which probably entails the following: You need to connect to the central server through some obscure HTTP(S)-based methods. UseCryptos had to integrate this system, that's why it took so long from initial announcement to actually get an up and running system. Why is this bad? First, it really slows down development time if you want to support this "coin", which is not something developers can allow themselves. This results in lower adaption rate as nobody would like to spend time for this specific coin when they can get up and running with all other JSONRPC coins in a few minutes. Bitcoin introduced the JSONRPC API and since lot of other coins are based on that, they too include it. BUT: Other, totally custom coded coins also include this API for the sake of good integration capabilities. They keep up with standards. The thing is, people have already written many wrappers and helper libraries so it really is a breeze to work with. Also, this approvement for every service is good now, but what if you got tens or hundreds of requests a day later? How would you cope with it? Also, since all of these services connect to the same server, making lots of requests, this also will increase server and bandwidth load. Got to scaling again...
- Getting popular - Seriously, I do not care if some people in the early (especially beta) days lose money. Heck, I wouldn't have written up all these (yeah, took a lot of time...) if I didn't think about the future. My problem is mainly the following: The "coin" is aimed at the masses, especially running clubs. These people know nothing about the workings of the system and they trust it. Also, traders on cryptocurrency exchanges put money into it and get scammed by those gaming the system. And here I have to say it again: They cannot secure the system against gaming. The design simply does not allow it. It would need a proper proof algorithm, but in the sense of running and acceleration checking it cannot be designed by our current knowledge (I also was thinking about it, it's a no-go.). One cannot simply trust code running on a user device. No matter how much obfuscation the devs do, if there is big money in it, people will hack it. This is not even something to talk about, it's fact.
- PayPal payout - Simply put, PayPal sees cryptocurrencies as one of its direct concurrency and disables accounts trading coins if it finds out. Even though Mango is not a cryptocurrency, I don't think they'll like it if it gets popular. This would not be a problem, but this option is there to make things simple (people don't have to deal with exchanges) and

I refer to it as "coin", because this is not a coin in terms of standard naming. Not at least here on BitcoinTalk. This site is about cryptocurrencies which have proper cryptographic algorithms to ensure mining hasn't been tampered with. I would rather call it a token if I were to give a description.
3  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] MangoCoinz Official ANN Thread - Mine cryptocurrencies on you smart phone on: January 31, 2015, 09:52:05 AM
-Yes the coin is centralized, but there is a blockchain and there is proof of how many coins someone has. We have security in place, and everyday we are thinking of ways of improving it. I don't like doing bad things, I would rather be honest.
-We thought up a way of authenticating API request and it will be implemented in the next update so to mitigate the risk of bots.
-Yes the app gets some info about the device, but not much.
-Yes, we changed some things from v0.5.0b to v0.5.1. The password is hashed server side, and the password is sent via a secure connection (HTTPS).
-This was not introduced to ease the server load, but to improve security. We now use an even better salting method.

- If I may ask, how is proof implemented?
- Just updated and saw that. This authentication still can be implemented in a bot.
- I'm not concerned about manufacturer and device name, it can be even used as useful statistics, but please hash the IMEI in the next update. You have no need to store the IMEI number of all registered devices.
- This will only get effective if you migrate to trusted certificate. Also, this doesn't guarantee you don't store passwords in plaintext anymore.
- Same as above. Because of the centralized nature, users can't know for sure it isn't that way.

id like to point out "Since v0.5.1 update, passwords are sent directly to the server without hashing. This causes a security risk as devs can now save passwords in plaintext"
before v0.5.1 passwords were sent to the server hashed with a salt easily obtained via an unauthenticated request to the api which one could easily do from the browser

arbitrary account creation + sync of coins was possible, probably still is
quite a few other issues still exist such as the possibility to log out active users with nothing but a single http request

What would anyone do with the salt? You'd still need the password to successfully create the matching hash. Now this isn't needed anymore. Your password is sent plaintext to the server. Yeah, it's HTTPS, but self-signed as of now so it really is plaintext as a matter of fact.
Regarding "one could easily do from the browser" and "nothing but a single http request": I personally don't feel it simple doing a POST request from a browser.

I don't know if it would be better to open-source the whole project, release the blockchain and stuff, because it's also a point that scamcoin makers would saturate the market with this kinda coins. The problem is, we are talking about stuff worth money after all and trust isn't something anyone can build anything upon in this field. If there are flaws in the system, people will go and abuse them.
4  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] MangoCoinz Official ANN Thread - Mine cryptocurrencies on you smart phone on: January 30, 2015, 10:13:47 AM
Since everyone is talking about source and security lately, let me share my opinions. I'm an Android app and system developer and just recently started looking into cryptocurrencies.

So here are my findings about this coin:
- Reverse-engineering the apk was trivial, devs didn't even use ProGuard to make it harder to read. This is not a problem actually, because even if the app is obfuscated, it's not much harder to understand.
- The coin is centralized and all data is probably stored in a database without a blockchain and proof-of-anything. This system can be hacked, devs can do bad things (though they seem to be honest).
- Even if you don't have the source, there are a lot of ways to cheat the system on Android.
- Coding a desktop implementation based on the reverse-engineered apk is trivial, one can sync without using an Android device at all. Add proxies and bots to this and you can easily "mine" hundreds of coins per day. You can also signout anyone just by knowing the username. It might be possible to sync an arbitary amount of coins to any username too, this depends on how much checking is implemented. I guess it could work since if one used random device data, the system would think the user started using another device (too).
- The app uploads the following information about a device: device model and name, IMEI number and if the device is rooted. All of them can be faked on a rooted device. I understand that IMEI is used for checking multi-account usage on one device, but not in plaintext, it should be hashed and only that value sent to the server. What if the server is hacked, IMEI numbers are stolen and sold on the black market? I personally wouldn't be happy.
- Up until v0.5.0b, only salted password hashes were sent to the server, providing a secure authentication. The salt was generated by the device randomly upon signup. Since v0.5.1 update, passwords are sent directly to the server without hashing. This causes a security risk as devs can now save passwords in plaintext, which is problematic if you use the same password elsewhere, let's say for your e-mail account, not to mention they know your e-mail address too.
- Probably this was introduced to ease server load as there's no need for another API call to get the salt.
- Fortunately, communication between the device and the server is done through the secure HTTPS protocol. However, the server uses a self-signed certificate (trusted certificates are not free) and the app is coded not to reject unauthorized certificates for this very reason. This makes it possible to successfully execute a man-in-the-middle attack and steal passwords which aren't sent hashed anymore. This kind of attack is very common on public Wi-Fi access points, such as a coffee shop, airport, etc.

By all this said, please do not think I'm against this coin or anything. People just have to know the truth. Even if it might have sounded harsh at places, I appreciate developers' work, because this really is a unique idea. Unfortunately without a real blockchain and proof-of-anything system there's no way to properly secure the system. You can make it harder to cheat, but not impossible.
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!