Bitcoin Forum
October 27, 2021, 11:05:15 AM *
News: Latest Bitcoin Core release: 22.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1] 2 3 4 »
1  Other / Meta / [Fixed] Email addressess are displayed on profile page by default for new users on: September 27, 2015, 09:14:14 AM
I notice that email addresses are now being shown on profile pages of new accounts by default. One account here has likely been hacked due to this (insecure email address). IIRC one of the first changes Satoshi made to SMF when he created this forum was to disable showing emails by default, any reason why this was changed or is it a mistake?
2  Other / Meta / the difference between the Bitcoin-XT client and Bitcoin-XT network/currency on: August 14, 2015, 01:04:31 PM
So people on here and on reddit have been complaining about censorship of bitcoin-XT topics.

This is because the staff consider the bitcoin-XT currency to be an altcoin, which I agree with. Altcoin topics must go in the altcoin section on bitcointalk and I think they are trashed on /r/bitcoin. Because the Bitcoin-XT currency is an altcoin, if the staff were to allow bitcoin-XT in the other sections but not dogecoin or litecoin and the other altcoins, then that would really be censorship.

However I'd like to point out that bitcoin-XT currently uses the same network/currency as every other Bitcoin client right now. And while the developers of this client do have plans to switch to a new network/currency with a trigger in the code, at present bitcoin-XT is a Bitcoin client and not an altcoin client.

Therefore because bitcoin-XT is currently a Bitcoin client, shouldn't discussion of the client itself be allowed in the main sections?

if another Bitcoin client such as Electrum announced plans to drop support for Bitcoin in favor of Litecoin sometime in the future, would the staff immediately ban discussion of this client in the main sections, or would they allow it until it actually transitions to another currency?

This is why I think the guys who delisted bitcoin-XT from bitcoin.org were wrong in doing that, as it is currently a Bitcoin client. Any Bitcoin client could change to another currency if they wanted, just because the developers of this one plan to do that in the future doesn't make it an altcoin client right now, when it changes it will be an altcoin client.
3  Bitcoin / Bitcoin Discussion / Will we hard fork again for another serious bug? on: August 06, 2015, 02:38:18 PM
On August 15th 2010, somebody found a buffer overflow exploit in the wxBitcoin client (which is now called Bitcoin Core) and used it to create 184,467,440,737 BTC (184 billion) out of thin air (https://bitcointalk.org/index.php?topic=822.0 ). Just 5 hours later a new version of the Bitcoin client was published with a fix but in addition the blockchain was hard forked and the offending tx removed from it.

If a serious issue like this was ever found in the Bitcoin Core client again, would the offending txs be removed again? if so, then why doesn't this happen when bugs are found in other clients?

Does Bitcoin Core have some kind of privilege in this sense? or was this just a once off thing, or did the small bitcoin community at the time manage to get everyone to agree to have this tx removed?
4  Bitcoin / Bitcoin Discussion / Who is the thief? on: May 20, 2015, 11:46:32 AM
Random thought. Take this hypothetical situation:

Person A finds out via brute force that the private key 0xFFFF FFFF FFFF 1111 contains 10BTC and tells person B the Bitcoin address and person D the private key
Person B crafts a Bitcoin transaction that sends the 10BTC to Person C and gives that transaction to person D.
Person D signs this transaction with the private key provided by person A and gives it to Person E.
Person E broadcasts this signed transaction to the Bitcoin network.

Who is the thief?

Was it person A, who simply discovered the weak private key?
Person B who crafted a Bitcoin transaction ?
Person C who unknowingly received the stolen funds?
Person D who signed a transaction he did not make with a private key A gave him?
Person E who simply relayed a Bitcoin transaction?

So legally and morally speaking, which person do you consider to be the thief? which of these acts is considered "theft" to you?
5  Other / Meta / Leave the trust system as is but remove trust scores on: May 19, 2015, 05:26:17 PM
Just a random thought. Leave the trust system as it is, but remove the trust scores shown on the profile etc. To evaluate someones trustworthiness, users should open their trust page, review the feedback and evaluate the users trustworthiness for themselves.

So no more red warnings. What do you guys think? good idea/bad idea? will it stop "abuse" of the trust system? will people take the time to manually review trust before trading?
6  Other / Meta / Different SSL cert for bitcointalk.org (This Connection is Untrusted) on: May 07, 2015, 10:30:38 AM
I had this issue over Tor earlier today and suspected it was a bad/broken exit node, however it appears others had the same issue at around the same time (I opened this thread because the other one is locked) so I suspect it could be caused by something else on bitcointalk.org's side, perhaps by the new DDoS prevention service.

It lasted only a short amount of time.

I got the same error message:


Anyone else get it? if so, when and we're you using Tor?
7  Other / Meta / 503 Service Temporarily Unavailable on: April 21, 2015, 11:07:18 AM
Been getting this error very frequently today.

Is it a DoS? if so it appears the new anti-DoS service is ineffective.
8  Bitcoin / Bitcoin Discussion / Time to bust a myth. Paper wallets are less secure than normal encrypted wallets on: April 06, 2015, 04:18:15 AM
This seems to be a pretty common myth among Bitcoiners now. Often what I hear people say is that paper is not hackable, therefore your Bitcoins are safe from hackers. However given actual realworld scenarios I am going to show you that a paper wallet provides no extra security than a properly made encrypted wallet stored on the PC.

For my examples, here are how the two types of wallets are created.




Paper wallet:
The user downloads software to generate a paper wallet, a common one is https://bitaddress.org.
Often times the user will disconnect their internet when generating the wallet, or if they are extra paranoid they will also use a live operating system, like a Ubuntu live CD, to run the paper wallet software.
The user generates a number of paper wallets, paranoid users will encrypt them with a password. The user will either print these out or handwrite them


Encrypted wallet:
The user downloads wallet software such as electrum
The user then creates a new wallet and encrypts it with a strong unique password, the user should never enter this password anywhere else other than the wallet software, and the password should be at least 80bits strong. In my example the user will use a randomly generated 16 character password made up of upper and lower letters, numbers and special symbols, which is 106bits.




The creation process:

We are going to pretend that the OS you use everyday on your computer is infected with malware during the creation process and see how the two types of wallets are vulnerable.

Paper wallet:
When you are creating the paper wallet, any malware on your PC can read the private keys. What most people will tell you to do is disconnect from the internet, that this will prevent the malware from sending back the private key, but it won't, the malware will simply wait until you reconnect to the internet and send the private key then.

But it doesn't even need internet to steal your bitcoins. The malware can interfere with the generation process itself, and give you a private key and Bitcoin address that is already known to the hacker. This is called
 backdooring the random number generator.

Now one will be quick to point out that if we are using a live OS like ubuntu that the malware won't be running and cannot do anything. That might be the case for many types of dumb malware, however there does exist malware that can hide in the BIOS and firmware of your computer and can infect your live operating system. Here are some examples of this type of malware in the wild:

http://www.theregister.co.uk/2015/02/17/kaspersky_labs_equation_group/
https://en.wikipedia.org/wiki/BadBIOS

If you print out your wallet, the printer provides a whole other avenue for attack. If it is a networked printer, when you hit print your computer will send your wallet out over the network unencrypted to the printer, allowing anyone to listen in and steal it. Some printers also have a built-in memory that stores what is printed out, even if you clear this memory it is possible to recover it in some cases with proper forensics tools.

Encrypted wallet:
An encrypted wallet is just as vulnerable as a paper wallet during the creation process. It too can have it's private keys transmitted by malware, or it's random number generator backdoored.

Summary:
Both wallets are just as vulnerable to theft. Paper wallets are slightly more vulnerable if you use a printer.

Disconnecting from the internet is entirely pointless and provides no extra security whatsoever. Running a live OS will somewhat protect you from dumb malware, however this is basically security through obscurity.




While your bitcoin is in storage:

Now we are going to pretend you've been infected with malware while your Bitcoins are in your wallet.

Paper wallet:
There is a small chance that whatever software you used to generate the paper wallet has left a trace behind on your computer during the creation process. The private key may have accidentally entered your swap and ended up written to disk. If this has happened then the malware can steal your Bitcoins.

If this has not happened then you are safe, because malware can't "jump" from your PC onto your paper wallet.
However you are not safe from physical theft unless you encrypted your paper wallet.

Encrypted wallet:
The malware can steal your wallet file, however, the wallet file is encrypted. Because the password is 16 characters long, the hacker cannot access your wallet. If the hacker had the computing power of all Bitcoin miners combined it would take 45964.97 years to crack just your wallet - and thats under a best case scenario. So even though the malware can read the wallet, it cannot do anything with it. Now some of you are going to say "keylogger" - we'll get to that in the next part.

Summary:
While the Bitcoins are being stored in the wallet, both wallets are very safe. Bitcoins can be physcially stolen from paper wallets if they are not encrypted, and if you use a weak password on your normal encrypted wallet then they can also be stolen.




While Sending Bitcoins:
Now we are going to pretend you've been infected with malware while you attempt to send Bitcoins from your wallet:

Paper wallet:
Once you enter in the private key into your computer the malware can immediately steal it and it's game over. Much like the creation process disconnecting from the internet or using a live OS won't help much as Bitcoin transaction has a random number called a K value, which the malware can backdoor to steal your Bitcoins even if you are offline. Also you need to go online to broadcast the transaction anyway.

Encrypted wallet:
Once you enter in the password into your computer the malware can immediately steal it (keylogger) and it's game over.

Summary:
Both wallets are completely vulnerable to theft.




Conclusion:
Paper wallets are hackable, despite claims that some people make, and are just as vulnerable as properly created encrypted wallets.
Paper wallets also have extra security concerns such as physical theft or if you use a printer.
Paper wallets may be cool, and they may be useful for some situations, but if you want to secure your Bitcoins, ignore all of the half-informed sheeple telling you to create a paper wallet and create a normal encrypted wallet, encrypt it with a strong randomly generated password and never enter this password anywhere other than the wallet software. This is safer than a paper wallet and MUCH more convenient. Also paper wallets encourage address reuse which is bad, if you use paper wallets you need to make a new wallet everytime you make a transaction if you want any kind of privacy at all.
9  Bitcoin / Bitcoin Discussion / What will happen to your Bitcoins when you die? on: April 05, 2015, 01:59:36 AM
What will happen to your Bitcoins when you die, will they be lost forever?

I feel that this is something that is overlooked by most Bitcoin users.

Do any of you have a system in place to allow loved-ones to access your funds when you pass on? What is the best way to do this? please share your wisdom in this thread.
10  Other / Off-topic / - on: February 10, 2015, 12:58:39 AM
-
11  Bitcoin / Bitcoin Discussion / - on: January 28, 2015, 02:45:48 AM
-
12  Other / Off-topic / - on: January 26, 2015, 09:59:26 PM
-
13  Economy / Services / BlazrEscrow - Escrow service with 1% fee on: January 20, 2015, 04:02:31 AM
BlazrEscrow

About BlazrEscrow:
I am willing to act as an escrow for most transactions.
An escrow is a third party that both a buyer and seller trust who takes controls of the funds for a transaction in order to allow a buyer and seller who do not trust each other to trade.

How BlazrEscrow works:
The buyer/seller contacts me and lets me know the details of the trade, such as what is being bought, who the other party is, how long it should take to be delivered.

I will then send a PGP signed message to both buyer and seller, which includes this brief description of the trade, and an escrow bitcoin address.

Once the buyer funds the escrow address, I will confirm to both parties that the escrow has been funded and that the seller should now send the goods.

Once the buyer receives the goods and they are content with the trade, they will send me a message informing me to release the escrow payment to the seller.

If either party is unhappy with the trade, they should contact me to let me know they are opening a dispute. At this point both parties will provide all the evidence they have (such as PM's, tracking numbers, etc). I will review this evidence and act as a mediator and try to resolve the issue. Based on this evidence I will decide which party receives the funds.

Frequently Asked Questions:
What is the minimum transaction amount?
There is no minimum, however note that I charge fees.

Do you escrow bitcointalk accounts?
Yes I do.

How escrow funds are stored:
All funds held in escrow by me are backed by my own personal funds. In the event something happens to funds I am holding in escrow, I will attempt to cover the loss personally.

For small transactions (<$500) I will be storing the Bitcoin on a hot wallet.

For larger transactions (>$500) I will be storing the Bitcoin on an airgapped wallet.

For very large transactions (>$20,000) the funds can be stored in a multisig 2-of-3 address along with the buyer and seller. More on how that works below. In addition to this I am willing to participate in a multisig transaction for any sized transaction. Multisig escrow is mandatory for transactions over $25,000 as I cannot personally guarantee transactions of that amount without a multisig setup.

Fees:
Normal Escrow:
For a normal escrow, I charge 1% of transaction amount + transaction fee for every payment I need to make. Typically I only need to make one payment (releasing the funds to the seller). I will confirm upfront the total fees I charge.

Multisig Escrow:
If there is no dispute, I charge 1% fee for a multisig escrow + transaction fee.
If there is a dispute that I need to resolve, there will be a 2% fee.

For transactions over $25,000 in value multisig is required.

My contact details:
The best way to contact me is by PM here on the forum.

My Email: blazr2048@gmail.com
PGP fingerprint: 851E 59A1 4E68 9192 5754  700A 5C34 AC76 2916 3393 (https://keybase.io/blazr)

I am also sometimes on freenode IRC, username: Blazr

These are the only ways you can contact me. I don't use Skype or anything else nor will I.

My PGP Key:

Update:
Now you can directly verify my signed messages on Keybase: https://keybase.io/blazr

All important message I send, especially ones that include Bitcoin address, will be signed by my PGP key. A PGP key is like a digital passport that lets you verify a person's identity. It prevents an imposter or hacker from pretending to be me and also prevents someone tampering with my messages. Additionally you can use this to send me encrypted messages, in case you need to send me private information.

It is your responsibility to verify that the messages are actually signed by me. To do this, you will need to install gnupg. Gnupg is preinstalled on most Linux/Mac systems, and gpg4win is available for Windows. Learning how to use this software is HIGHLY recommended if you use Bitcoin, as it will allow you to verify your Bitcoin wallet software whether it has been tampered, and many other things.

First you will need a copy of my PGP key. To get it open a terminal and type this:
Code:
$ gpg --keyserver hkp://keys.gnupg.net --recv-key 0x5C34AC7629163393

And you will get an output similar to this:

Code:
gpg: requesting key 29163393 from hkp server keys.gnupg.net
gpg: key 29163393: "Blazr <blazr2048@gmail.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

Next thing you need to do is verify this key is really mine, because it could belong to an imposter. You can do this by verifying its fingerprint, type:

Code:
$ gpg --fingerprint 0x5C34AC7629163393

What you see should exactly match this:
Quote
pub   1024D/29163393 2012-04-25
      Key fingerprint = 851E 59A1 4E68 9192 5754  700A 5C34 AC76 2916 3393
uid       [ unknown] Blazr <blazr2048@gmail.com>
sub   2048R/2D7A5315 2016-06-04
sub   2048R/CBFC4E4F 2016-06-04

The key part here is the bit in bold. This part is the fingerprint, think of it like a Bitcoin address. It should exactly match above.

Once you have my key, it is very easy to verify my messages. Here is a test message you can try:

Code:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

This is a test message.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJXVBLaAAoJEJrhnjctelMVUeIH/j7D91vdIe3h/4KkJzxvXv3H
KhlKK0BuL57z5IgD8cdqCGeqdEhJGw6UCFwZ9mKms1P6xVqETBnJoZMODzO722Pj
RCDJ1FvcA9ORiRPJtAebsY21dZ+Ke1Pcs54+c/LGIxioPZ68XSXkkK/LVIwTxD2z
soNUWwSqNW6NgSKBET6t3E0WO11+uKW68/WJN5y6cAo4geN2gUMDKysckbAXhuER
t6m603shDIdc7sIVZbb7ZQyhialtjZce3BnRE58T1iClHyhRg3nOHDgJFlQ886NA
2MHjShUftBEHqWliTuVST060waEJH7rSdL74AdEy7EseN60PW766bhFAwtNQJSU=
=PWVO
-----END PGP SIGNATURE-----

Copy this message, open a terminal and type gpg and press enter. You should see the following:
Code:
gpg: Go ahead and type your message ...
Paste in the message, press enter to make a new line and then press ctrl+d (ctrl+z on Windows) and then enter. You should see something similar to this:

Code:
gpg: Signature made 06/05/16 12:54:02 GMT Daylight Time using RSA key ID 2D7A5315
gpg: Good signature from "Blazr <blazr2048@gmail.com>" [unknown]

The key part here is Good signature. You should also pay attention to the key id. You may get a message about an untrusted key, this is OK, it is just because you haven't signed my key, which is something you do if you are 100% sure it is my key, for example if I meet you in person and we exchange keys face-to-face.


How does MultiSig escrow work?
MultiSig escrow is a special kind of escrow where the funds are stored in a multisig 2-of-3 address.
This is a special kind of Bitcoin address that has 3 private keys.

The buyer holds a key, the seller holds a key, and the escrow (me) holds a key.

The funds are stored in this multisig address. In order to spend the funds in the escrow address, two keys are needed, every transaction needs to be signed by two keys.

This means that if both buyer and seller are satisfied with the transaction, they can use both of their keys to send the funds to the seller, without me needing to do anything.

If there is a problem, I will decide who should get the funds and will ask that person to sign the transaction. This is very powerful because this means I cannot steal the funds, and if I am hacked, the funds cannot be stolen as well.

It also means that if both buyer and seller disagree with my decision, they can use both of their keys to move the funds.

How do we setup a multisig escrow?
Currently setting up a multisig escrow requires both the buyer and seller to be running Electrum Bitcoin Wallet. In future I will have a simpler system for setting this up.

Here is a video explaining how it works: http://vimeo.com/96983886

Donations
Donations are much appreciated if you feel my service is flawless.

bitcoin:1BLazrD33MLN9U9q7Sdv4CbWNo97mMukog

14  Bitcoin / Bitcoin Technical Support / [EDU] What to do if you've been hacked on: January 19, 2015, 07:32:55 PM
If you have strong suspicions that one of your accounts or wallets has been hacked, then you'll need to follow the guide below. This guide will help you mitigate the damage of the hack and help ensure that you will not be the victim of another hack, so if you suspect you've been hacked, follow it step-by-step.

Step 1: Figure out what devices may be compromised and turn them off

First thing you should do is figure out which devices (such as your phone, tablet, laptop, gaming console) you used to login to those accounts or which ones had access to those wallets. For the time being, you will have to assume that those devices are entirely compromised until you figure out how the hack occurred.

Shut them down or pull the plug on them immediately. If they have been hacked or infected with sophisticated malware you cannot trust any output from them. Any application you use on the device could be manipulated and everything you do could be monitored or changed by the attacker, therefore you cannot use those devices until you are entirely sure they are 100% safe. Treat this like a crime scene and do not turn them on in order to preserve evidence.

Step 2: Get to a secure machine and attempt to secure all accounts/wallets that have been hacked

Next you'll need to find another device to use that you trust is not compromised. If you have an old spare computer, I would recommend using that. It would be advisable to download a Live OS, such as Ubuntu and run it on the device.
Do not use or download the Live OS on a device which you think might be compromised.

If your wallet has been hacked:
Generate a new wallet and move any remaining funds to it using a backup of your compromised wallet.
Do not use any of the old Bitcoin addresses ever again. If you are expecting a payment to one of them in the future, be sure to give the sender a new Bitcoin address.

If an account has been hacked:
Change the password to a secure unique password that you have never used before. It may be a good idea to write down the passwords for the time being so that you do not forget them.
Check for any other ways to recover your account, such as recovery questions and make sure to change those too. It may be a good idea to create a new account and abandon the old one after you have recovered it, it is possible the hacker has left a "backdoor" such as a hidden recovery question, in order to re-access the account in the future.

Step 3: Find out how you're accounts/wallets were accessed

Next you'll need to figure out exactly how you were hacked

If an account was hacked:
Try and figure out if the hacker logged in via password, or reset it via email/recovery questions.
If the hacker logged in via password, that password is compromised.
If the hacker reset your password via email, your email account was compromised.

If there is no record of the hacker logging in, but you still suspect the account was hacked, (for example, the last login to your PayPal account was you but there was an unauthorized withdrawal) or if the hacker logged into your account from your IP, then one of your suspected devices is compromised.

Step 4: Secure any other accounts that used those login credentials

If a password was compromised:
If you used that password for another account or wallet, you'll need to change your password on every account that you used it on. Follow the advice in step 2.

If an email account was compromised:
Email accounts are the "key" to your online identity as most websites will let you reset your password using your email address. It is possible that the hacker will have attempted to place a "backdoor" in your email account so that they can regain access to it at a later date, so never use the compromised email address ever again if possible.
-1. Try to regain access to the email account and change the password/recovery procedures ASAP.
-2. Create a new email address with an email provider that you trust.
-3. Change the email address on every account that is linked to the old email address to your new one
-4.  Set up your old email address to forward any emails to your new email address.

Step 5: Try and find out how your wallet/login credentials were compromised

Once you are at this step you'll have mitigated the possible damage the hacker can cause as much as you can.  Next you'll need to figure out how your login credentials were compromised in the first place.
This is the step most people skip, but it is arguably the most important step because if you do not figure out how they were compromised then it will happen to you again.

First of all, you'll need to do some ask yourself some questions and do some heavy thinking.

If your password was compromised, how did that happen?
-Did you reuse your password on any other website?
-If so, which ones?
-Is it possible one of those websites was hacked, or is it possible one of the websites is owned by a malicious entity?
-When did you last enter that password? How long have you been using it for?
-It may be a good idea to do a Google search for your old password once you have stopped using it for everything. Place quotes " " around your password to do an exact search. It is possible that your password ended up in a password leak from a hacked website.

If your email account was compromised
-Follow the advice in step 3 to figure out how it was accessed.
-If a password was compromised, follow the advice above.

If your wallet was compromised
-Where did you store the wallet?
-What devices are able to access it?
-Was the wallet encrypted?
-Where did you store the wallet backups? were they encrypted?

If the wallet and backups were only stored locally on your devices, and not on a remote service, then you can be sure that one of the devices that stored the wallet is compromised.

Did you run any software on a device that was not created by and downloaded from a trusted source? if so, what was it? Did you install anything recently on a device? Do some research online and see if you can find out if you have installed any trojan viruses.

Step 6: Try and find out if/how the device was compromised

If one of the devices you suspect is a computer or has a removable hard drive, I would recommend removing the hard drive and connecting it up as a secondary drive to your secure PC.

DO NOT RUN ANY EXECUTABLE FILE ON THIS HARD DRIVE

If you cannot remove the hard drive, turn on the device but make sure it cannot connect to the internet, so unplug ethernet cables, unplug WiFi adapters or if you can't unplug them, plug out your WiFi modem. Boot the device from a Live OS if possible, or boot the device in Safe Mode.

Check the browser history on the device. Did you recently visit a phishing website? If so, that is likely how your password was compromised and your device is likely safe.

Do some research online of all installed software on the computer. Is any of it known to contain malware? If so, then the device is compromised. Never install that piece of software again.

Download a trustworthy anti-virus program and scan the device. If you find anything, then the device is compromised.

Step 7: Secure any other accounts or wallets there were accessible by a compromised device

You will need to figure out every account/wallet you've accessed on a compromised device and repeat step 2 on those accounts/wallets. You can use the browser history to aid you with this part.

If you are unsure if a particular device is compromised, I would recommend getting help from a computer security forum such as BleepingComputer or even BitcoinTalk. If you are still unsure if a device is compromised you should error on the side of caution and assume it is.

Step 8: Reformat and do a full reinstall on any device which is compromised

Download your operating system for the device. During the partitioning stage, be sure to delete the entire partition table, so that you are sure both you MBR and boot partiton are going to be overwritten.

If your device is a phone/tablet/console, do a factory reset and check online to see if its possible to reflash the device. If so, reflash the device with a new firmware that you download from a trustworthy source.

Step 9: Improve your security

Do not install any software that is developed by or downloaded from a non-trustworthy source. Always check that the installer is digitally-signed by a trusted key.

Use an anti-virus program, but do not rely on it. Virus writers constantly scan their viruses with anti-virus scanners and when they are detected they stop distributing that version of the virus and they keep making small changes to the virus until the anti-virus program is unable to detect it, and then start distributing this new undetected version. Anti-virus products only provide a small amount of protection, you should use common sense first, just because a virus scanner says a file isn't a known virus that does not mean it is safe.

Use a password manager, such as LastPass

Use 2FA on your accounts whenever available. Note that 2FA will not protect you from sophisticated malware that can hijack your session, so don't rely on 2FA too much.

Keep all of your software up-to-date. Enable automatic updates wherever available.

Note: this guide is unfinished, I'll be adding more to it soon. Feel free to leave suggestions below. Donations are much appreciated: 16EJ8oEeFpGU6TcQKHMBedZTbVGRwHCWaZ
15  Economy / Speculation / OMG! Bitcoin price hits $199,470! on: January 17, 2015, 09:04:41 PM
Looks like the current price is $199,470/kBTC! and people said the bitcoin price would never hit $1,000 again.


EDIT: its $199,750 now! we're going to the moon!
16  Bitcoin / Development & Technical Discussion / Implementing a system for revoking compromised Bitcoin addresses on: January 06, 2015, 05:37:59 PM
Recently Bitstamp had a large number of Bitcoin addresses compromised. These addresses were used by their clients to make deposits, and many clients had been reusing these addresses.

I have been thinking that maybe it might be a good idea to implement a system for revoking a compromised Bitcoin address.

The idea would be that once a Bitcoin address is compromised, the owner would broadcast a signed message revoking the address. Whenever someone tries to send funds to this address, a message would appear in their client letting them know the address has been revoked by the owner and ask them to confirm if they would still like to send the funds.

A revoked Bitcoin address would function as normal, it would still be able to send/receive funds, however clients would display a message indicating it has been revoked whenever someone tries to send funds to it.

This would be useful for many reasons, including revoking poorly generated addresses such ones that have been generated using bugged RNG's or weak brainwallet passphrases and of course hacked wallets.

What do you guys think of this idea? Is this something thats worth looking in to?
17  Other / Meta / Why was the PayPal discussion thread removed from the altcoin section? on: December 11, 2014, 10:02:53 PM
I'm wondering why the mods moved my PayPal discussion thread from the altcoin section to offtopic:
https://bitcointalk.org/index.php?topic=889679.0

The PayPal payment network utilizes cryptography (SSL) to authenticate payments of fiat currency. It fits the definition of a cryptocurrency and should be discussed in the alternative cryptocurrency section.
18  Other / Off-topic / PayPal.com | very old cryptocurrency | discussion thread (moved from alt cryptos) on: December 11, 2014, 06:27:52 PM
This thread will serve as a discussion thread for PayPal.com - an alternative cryptocurrency (altcoin).

Paypal is a service that uses cryptography (SSL) to authenticate payments of many different fiat currencies. It is one of the oldest altcoins around.

All PayPal.com discussion may go here.
19  Other / Meta / Lets talk about the altcoin section again on: December 07, 2014, 07:52:14 PM
I know this has been discussed hundreds of times, but we really do need to do something about the altcoin section. The altcoin is now biggest section on the forum and altcoin spam constantly spills over into other sections. BitcoinTalk is becoming less and less about Bitcoin, many older members are leaving because of this, I even left a few months ago and have recently returned hoping for things to be different yet its the same.

It's obvious the altcoiners are not going away any time soon and a solution is desperately needed, so here is what I propose we do:

The BitcoinTalk management builds a separate forum for the altcoin community and the existing altcoin section is migrated over there. The separate forum could be run and moderated by current altcoin section staff.

A rule be introduced and strictly enforced that bans promotion of altcoins on bitcointalk.

Once the new forum has established itself, ownership of it could be transferred away from bitcointalk to reputable altcoin forum staff members.

What do you guys think about this? I think it's the best way to get rid of the altcoiners and have discussion on BitcoinTalk actually be about Bitcoin.
20  Economy / Auctions / ENCRYPT (dot) INFO - Premium Domain name auction starting at 0.1BTC! on: August 06, 2014, 11:39:24 PM
This is an auction for the domain name encrypt dot into.

Domain: encrypt (dot) info
Registration date: 2002-07-13
Registrar: Namecheap
Expiration date: 2016-07-13

Starting Bid: 0.1BTC
Minimum Increment: 0.05BTC
Auction Ends: August 20th 2014 00:00 UTC

NOTE: There is a hidden reserve price. This domain will not be sold if the auction does not reach the reserve price. When the auction ends it is my discretion whether or not I decide disclose this reserve price.

Domain will be pushed to the buyers Namecheap account.

I am willing to use an escrow, however I will only use a multisig escrow address for that and I will only use an escrower whom I feel safe with. I reserve the right to decline to use an escrow if I do not feel safe.

Let the bidding begin!
Pages: [1] 2 3 4 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!