Show Posts
|
Pages: [1] 2 »
|
Hashes are worthless because even fake sites can host hashes. Also if the official site gets hacked the hacker can replace the hashes too. This has actually happened in the past in the opensource world with linux mint. A digital signature can't be forged though so that's why digital signatures are provided.
i think the confusion stems from the fact that linux distributions such as Ubuntu provide a hash (SHA1, MD5, and SHA256 has) of the .iso file but what people miss is that they are also signing the hashes with a PGP key which you have to verify. i believe they are doing it that way because it may not be possible to sign a 1-2 GB file (the .iso) with a PGP. so they provide hashes the sign them with their key. can the devs adopt the Ubuntu hash model, that is- sign the hashes with PGP key. This would server both purposes.
|
|
|
^ This. Exactly.
At the very least, hashes should be posted on the website or the release.txt How hard is it? I dont think it will take more then 5 minutes.
|
|
|
Request for future- Electrum Technologies GmbH and devs
PLEASE do something about this issue & at the very least run a "Official Electrum Server". The current scenario is scary and you never know, what advanced future attacks are brewing by the bad guys.
Thanks.
|
|
|
what if they are brewing an advanced attack!
is there a list of honest servers i can manually connect to?
Yes interested in this as well. Yes guys, any more honest servers out there? is there a "Official Electrum Server" as well?
|
|
|
got it. thanks.
any other server guys?
|
|
|
how is it not already sorted? i guess, electrum is the one of the oldest wallet out there.
this is scary. does anybody know how to find honest servers?
|
|
|
what if they are brewing an advanced attack!
is there a list of honest servers i can manually connect to?
|
|
|
so i need to be watching out for these servers. is it humanly possible to be constantly on watchout while being on Auto connect??!!
i thought electrum would be easy. guess i was wrong.
|
|
|
how do i know, i am not connected to an attackers server? i have selected Auto connect.
|
|
|
thanks guys. love you all.
|
|
|
my thoughts as well. which server is the official server to connect to?
|
|
|
Hey TryNinja, thanks for the reply. i use a windows system & cant do these commands. also- i dont want to install additional softwares like gpg4win etc. what i can do is, use the inbuilt certUtil in Windows cmd to do sha256, sha1, md5 hashes. it would be truly great, if you please do a quick hash of the file and post below. thanks. ![Smiley](https://bitcointalk.org/Smileys/default/smiley.gif)
|
|
|
would be great, if somebody answers. i need to do some high value tranx. Thanks. ![Smiley](https://bitcointalk.org/Smileys/default/smiley.gif)
|
|
|
Guys,i need hash confirmation of latest Electrum release:- electrum-3.3.2-portable.exe Hashes i have are:- SHA256 22489e88966a9939cf34a94878f7ddf1dad140cce28ebe5339af6212afa611be SHA1 312afce51cbd22e8e6a93cc5611e03c14995172f MD5 5e9bf05766292e74ebfb08baf15888a2 Please confirm,if i have the correct file and hashes. ![Smiley](https://bitcointalk.org/Smileys/default/smiley.gif)
|
|
|
Hey guys. I raised some objection regarding the subject matter on some other section of this forum which was being viewed by Benson and many others. to my surprise, my post was DELETED. May be, I touched a raw nerve there. This topic sure needs addressing. I have pasted my comment which was deleted below:
It is high time that Indian Bitcoin community addresses the elephant in the room.
Benson being the moderator of the Indian Forum has SERIOUS CONFLICTS OF INTEREST- as he ALSO runs an indian bitcoin exchange. He can use this position to modulate public opinion to suit his privately held bitcoin exchange's interest.
Benson, I think everyone would love to hear your answer to the below:
# Being the moderator of the Indian forum on bitcointalk.org, what information of the users data you have access to>> like there ip, browser info, user agent etc. # is Theymos aware that you also run a Indian Bitcoin Exchange? If not already aware, did you made an attempt to tell him?
i would like all the senior guys in the Indian Bitcoin Forum like buysellbitcoin, dashingriddler skang, masakali, ,subvolatil, BTCIndia to chip in on this. i have been feeling this for at least 1 year now. Now is high time guys...
|
|
|
waiting for Mahin's input on blockchain.info/taint..............
the entire objective of this discussion is, identifying tools for f2f buyers, so that they can at least take some precautionary measures, against the risks of buying STOLEN or TAINTED coins. skang, suppose i am doing a f2f deal, buying bitcoins worth 2 lakhs INR, and i want to take some precautionary steps, what should I be doing to safeguard myself??
I am making the below list, which I think will be definitely helpful for the Indian BTC community in the long run............. (please keep on expanding the list)
Precautionary steps against risk of buying Tainted/STOLEN coins:
1. Ask the seller of coins to provide his BTC address beforehand, so that you (the buyer) can do a taint analysis via blockchain.info/taint, before proceeding for the transaction. Relevant notes on the above point:
2. Do a google search for that address and see if anything suspicious comes up Relevant notes on the above point:
3.
|
|
|
understood ![Grin](https://bitcointalk.org/Smileys/default/grin.gif) let's try english ![Smiley](https://bitcointalk.org/Smileys/default/smiley.gif)
|
|
|
thanks for sharing this info skang.......truly worth appreciation.... "If someone uses an anonymous coinjoin, there is no taint analysis service that can track the coins."are u absolutely sure about this? does mixers & tumblers, make bitcoin from pseudo-anoynous to COMPLETELY ANONYMOUS?
|
|
|
https://chainalysis.com/But how would you know that guy is hitman and has killed someone and has received coins on that address. The crime and bitcoin address should be connected and should have been in public knowledge or atleast in the knowledge of tool you are using. Taint analysis can help you only with bad addresses which are already identified as connected to some so called crime. Will surely try to put some points later today as I will have to use blockchain.info taint analysis tool ( Never used it before ) Regards if i would have known, i wud have NEVER BOUGHT the T1 tainted coins, in the first place! The POLICE wud know in there investigation and will come knocking on my door because, i being the good guy, went to unocoin to sell my T1 Tainted coins- they have my ip, they have my id proof and they have ME!! will be waiting for your tutorial on blockchain.info/taint...............thanks..............i am sure many others indian bitcoin buyers/sellers wud find your guide useful....... ![Smiley](https://bitcointalk.org/Smileys/default/smiley.gif)
|
|
|
|