Bitcoin Forum
March 04, 2021, 01:05:31 AM *
News: Latest Bitcoin Core release: 0.21.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1] 2 3 »
1  Economy / Marketplace / Re: Bitcoinica - Advanced Bitcoin Trading Platform on: September 11, 2011, 04:48:19 PM
What's so special about the country I'm living in? And what? "financial fraud"?

While I don't really understand what you mean, I have to say that the Bitcoin market is open for all, and new ideas are coming out every day. I urge you to look at the product itself instead of judging by other factors.

I'm not interested in unethically making other Bitcoin fans' money in this united community. What we want is to enlarge and enrich the Bitcoin market and Bitcoinica does the job of bringing in Forex traders.
Zhoutong, I truely think that you are a genius. It so just happens that you seem to have an innate ability to come up with evil schemes. I truely believe you when you are saying that you don't know what I'm talking about.

Wikipedia has a good introduction to bucket shop concept and why it is considered a fraud in most of the civilized world.

http://en.wikipedia.org/wiki/Bucket_shop_(stock_market)

Jesse Livermore was the most famous bucket shop promoter, although he never was a bucket shop operator. In fact the actual bucket shop operators went to the extreme to avoid being associated with him.

http://en.wikipedia.org/wiki/Jesse_Lauriston_Livermore

Your country is significant in my mind, because the South East Asia was/is a heaven for bucket shops. In not sure about Singapore, but Hong Kong and Macau have a long and continuous history of fly-by-night hole-in-the-wall financial "exchanges". You have extended the long tradition with your offer of accepting single USD accounts to allow wagering on bitcoin.


Thanks for the explanation. However,

1. Bitcoinica is not a bucket shop, it's a brokerage. All the hedging will take place if our clients place orders in a particular direction. The spread seems high now, but will be eventually lower.

2. We don't bet against our clients. We never want them to lose. There's no incentive to do that.

3. There are large scale transactions coming in Bitcoinica. First day we got 3700+ BTC, ranked number 3 among all trading platforms. Bitcoinica has more than 5% of total Bitcoin/USD trades. A bucket shop can't survive this amount of volume.

4. Because of stop orders and margin calls, we are partly responsible for the crash. Our orders are already influencing the market.

5. I'm not a Singapore citizen. I just live here. Thank you for teaching me the culture.


Contradicting answers from this post and your reply above.

"That's not really true. We hedge most of the transactions in Mt. Gox. However, I do have to use a bit of smartness to write an algorithm to manage the hedging. I can see the actual trading data of Bitcoinica - way too many people are transacting at different directions nearlyat the same time. I also checked my Mt Gox account history, even with the algorithm, I'm still selling to myself most of the time."


#3 "I'm still selling to myself most of the time" - so are you really the third largest if you are selling to yourself

2  Bitcoin / Bitcoin Discussion / Re: Biggest sell signal if we go under 5.70-5.80 level on: September 09, 2011, 12:03:27 PM
BTC just sailed through your barrier, then $5.50 and now $5.40.  lets see how your prediction holds!
3  Bitcoin / Bitcoin Discussion / Re: Currency Collapse, Bitcoin As A Fallback on: September 09, 2011, 11:51:33 AM
Ummmm...  our friendly neighborhood currency Bitcoin IS COLLAPSING as we speak.  40% collapse down to $6 in one week?  What next week?  Next month.  I don't think we are in any position to be discussing Bitcoin as a fallback to anything. 

If the economy and financial system shudders that bad, you had better have a shed load of gold bars along with a sharp knife to cut shavings to pay for stuff IMO. .
4  Alternate cryptocurrencies / Altcoin Discussion / Re: [ANNOUNCE] New Solidcoin Client Fully Open-Source! on: September 06, 2011, 06:32:36 AM
well actually, a fork WOULD test out his "new 51% attack prevention solution"
5  Alternate cryptocurrencies / Altcoin Discussion / Re: SolidCoin 1.04 to be Released - Update as soon as possible on: September 06, 2011, 01:36:27 AM
960000 coins
6  Alternate cryptocurrencies / Altcoin Discussion / Re: SolidCoin 1.04 to be Released - Update as soon as possible on: September 06, 2011, 01:25:18 AM
[09:23] <@RealSolid> nearly 30000 blocks
[09:23] <@RealSolid> 960000 coins
7  Alternate cryptocurrencies / Altcoin Discussion / Re: SolidCoin founder admits to deceptive intent in 'Bitcoin Crash' article. on: September 04, 2011, 02:36:45 PM
Here are some more gems from Solidcoin crew publicly discussing to attack bitcoin.  (from #solidcoin irc)


"[22:32] <Blitzboom> RealSolid: haha, you know about a bitcoin vulnerabilitys
[22:32] <Blitzboom> ?
[22:32] <@RealSolid> Blitzboom: i know about a few
[22:32] <Sativacyborg> but people might want to drain if they see that happens with there coins
[22:32] <@RealSolid> should i write a tool others can use to take down their network?
[22:32] <@RealSolid> should we artforz btc?
[22:32] <Blitzboom> RealSolid: would be interesting
[22:32] <Sativacyborg> xD
[22:32] <x11> RealSolid yea you should
[22:32] <@RealSolid> they are amateurs
[22:33] <Snapman> not that amateur if they were able to rage it up
[22:33] <Sativacyborg> artz said it would take about 80 btc in fees or something like that:O
[22:33] <@RealSolid> gavin supporting a known hacker
[22:33] <Blitzboom> if you can do it and release a fix in solidcoin after it happens, solidcoin would probably gain credibility
[22:33] <Blitzboom> or before it happens
[22:33] <Blitzboom> my schadenfreude wants to see it happen
[22:34] <Phoebus> RealSolid, a malicious hacker, hacking is not bad on its own.
[22:34] <Solid_OhForf2> if anyone is willing to attack something, this should not be discussed in public.. thats kinda stupid
[22:34] <@RealSolid> Phoebus: indeed
"
8  Economy / Service Announcements / Re: Camp BX Hacker / Security Audit: Results on: June 29, 2011, 04:51:36 PM
While it is great you have had this done, this is mostly marketing.   Unless there were some other tests done, you are being very misleading on what this really means.

Quote
"(formerly McAfee Hacker-Safe), who are ranked #1 in security industry for threat detection"
Ranked #1.  When and by whom?

Quote
"We were tested for >1,000 known vulnerabilities specific to our platform"
Really?  How were the tests specific to your platform?  To my knowledge, and after talking to them on the phone today, there is only one McAfee Secure product.  It is a standard daily PCI scan that is the same for everyone that buys that product.  You can be set up and them scanning you in hours by putting some code on your site.  As their rep said on the phone  "it is all in the cloud, you just put the code on your site and we scan every day."      

Quote
We have also achieved all requirements for the McAfee Secure Trustmark
The trustmark is just a badge you get for passing all the automated tests every day.  It is a marketing "bonus" to show your customers you got the scan done, there are no additional tests involved.  They even say on their site that by displaying the badge customers got "12% increase in sales conversions"

Quote
certified for compliance with 7 information and data security standards
Is this what McAfee says you have passed from using their McAfee secure product?  Or do you have other tests?  


Itsagas,
      I think there may have been couple of miscommunication on your call - McAfee has three products.  (1) McAfee Secure  (2) McAfee PCI Certification, and (3) McAfee Saas Vulnerabilities Scan.

Sales teams are not the best source for technical answers.  Please open a ticket with their support team, who will be able to tell you far more details.

Essentially, the test includes a set of probes to guess what software / versions you are running, and then the specific tests battery starts.  I have the full log available to me, and can share it with a reputed member of Bitcoin forum for independent verification.

And as I mentioned couple of messages back, McAfee is just one facet in our approach.  We are using everything from Nmap to peer-reviews to find holes before launch.

Hope this helps,
      Keyur






Thanks Keyur, I am aware what they offer, I talked to them at some length.   Here is their three products.  There actually aren't different tests involved between the three.
http://www.mcafeesecure.com/us/products/compare_products.jsp

Yes, you fill a questionnaire out and then the tests start.  Then the tests are the same every day.  I understand.   I am just saying to admit to what this actually is. 
 
No doubt you have logs full of tests, no one is questioning you signed up and did Mcafee Secure.  The tests in your logs will be the standard tests that the Mcafee Secure Daily PCI scan gives to every website that pays for that service.
9  Economy / Service Announcements / Re: Camp BX Hacker / Security Audit: Results on: June 29, 2011, 04:33:12 PM
Hi everyone,
      The results are in!  https://campbx.com/testnet/main.php

We were tested for >1,000 known vulnerabilities specific to our platform and services by McAfee Secure (formerly McAfee Hacker-Safe), who are ranked #1 in security industry for threat detection.  This is the same auditing service used by well-known brands like Costco, Petco, and Roush Racing for their e-commerce websites.


Here is an executive summary of our results:

OWASP top-10 web vulnerabilities:
    A1: Injection - Pass
    A2: Cross-Site Scripting (XSS) - Pass
    A3: Broken Authentication and Session Management - Pass
    A4: Insecure Direct Object References - Pass
    A5: Cross-Site Request Forgery (CSRF) - Pass
    A6: Security Misconfiguration - Pass
    A7: Insecure Cryptographic Storage - Pass
    A8: Failure to Restrict URL Access - Pass
    A9: Insufficient Transport Layer Protection - Pass
    A10: Unvalidated Redirects and Forwards - Pass

Distributed Denial-of-Service attack: Pass with no noticeable slowdown in response time

All vulnerabilities are classified on a scale of 1-to-5, with 5 being Urgent and 1 being informational.  Camp BX final scorecard is:
Sev 5: zero
Sev 4: zero
Sev 3: zero
Sev 2: zero
Sev 1: 29
(Sev 1 includes information like "DNS Server detected", "NTP Server detected", "SSL Certificate mismatch on Testnet.CampBX.com"...)


This makes Camp BX is  the first Bitcoin platform certified for compliance with 7 information and data security standards!  

We have also achieved all requirements for the McAfee Secure Trustmark, and on our livenet launch Camp BX platform will proudly wear this badge.  A HUGE thank you to Alex and Yuriy for burning the midnight oil to fix all issues identified, and ensuring that we are able to achieve this crucial certification prior to our launch.


Going forward Camp BX will be re-tested daily for all known vulnerabilities.  We realize that security is a process, and we have put together alerts and escalation procedures in place to ensure that anything higher than Sev 1 is fixed within 72 hours.


Thank you and good night,
      Keyur





While it is great you have had this done, this is mostly marketing.   Unless there were some other tests done, you are being very misleading on what this really means.

Quote
"(formerly McAfee Hacker-Safe), who are ranked #1 in security industry for threat detection"
Ranked #1.  When and by whom?

Quote
"We were tested for >1,000 known vulnerabilities specific to our platform"
Really?  How were the tests specific to your platform?  To my knowledge, and after talking to them on the phone today, there is only one McAfee Secure product.  It is a standard daily PCI scan that is the same for everyone that buys that product.  You can be set up and them scanning you in hours by putting some code on your site.  As their rep said on the phone  "it is all in the cloud, you just put the code on your site and we scan every day."      

Quote
We have also achieved all requirements for the McAfee Secure Trustmark
The trustmark is just a badge you get for passing all the automated tests every day.  It is a marketing "bonus" to show your customers you got the scan done, there are no additional tests involved.  They even say on their site that by displaying the badge customers got "12% increase in sales conversions"

Quote
certified for compliance with 7 information and data security standards
Is this what McAfee says you have passed from using their McAfee secure product?  Or do you have other tests?  
10  Bitcoin / Mining / Re: dual 6990 ~1400mhash -> solo or pool? on: June 19, 2011, 08:14:24 AM
pool for sure. 
11  Bitcoin / Bitcoin Discussion / Mt. Gox Hack claims on: June 19, 2011, 08:06:01 AM
This is not me, just came across it on hacker news and thought we should know here.


"
I have hacked into mtgox database. Got a huge number of logins password combos.
Mtgox has fixed the problem now. Too late, cause I've already got the data.
 
Will sell the database for the right price.
Send your offers to:
xxxxxxx@hotmail.com
"

http://news.ycombinator.com/item?id=2670302
http://pastebin.com/ui0nusuZ
12  Alternate cryptocurrencies / Altcoin Discussion / Re: ./namecoind getinfo - returns hashrate of zero on: June 18, 2011, 01:05:28 PM
Great thanks.
13  Alternate cryptocurrencies / Altcoin Discussion / ./namecoind getinfo - returns hashrate of zero on: June 18, 2011, 11:08:03 AM
I am trying to run namecoin and test out solo mining but am not sure it is working properly. 

I have it running from /username/desktop/namecoin folder and it seems to be connecting, the blockchain appears to be downloaded and when I look at the debug.log, I don't see any glaring problems. 

I had some miners connecting with diablo and they show a hashrate.

Anyone know why namecoind might be showing a hashrate of 0 ?

14  Bitcoin / Bitcoin Discussion / Re: Hashrate Distribution over 51% for 'other' slush & deepbit is down. on: June 17, 2011, 08:16:03 AM
Other is everyone solo mining. You really don't have to worry about it having a majority, the other node's are not cooperating.
We don't really know that. Could be mostly a secret pool and the rest solo mining.

It is highly unlikely that every single powerful solo miner is under one umbrella / team.
15  Bitcoin / Bitcoin Discussion / Re: Changing the client code to give allinvain's money back? on: June 17, 2011, 02:44:19 AM
I was thinking you could hard-code in an array of "illegal" bitcoin addresses (those of the perpetrators) so that no client will invalidate Bitcoins originating from them. Also, you could hardcode in an address that starts with the amount of Bitcoins stolen, and give allinvain the private key. I'm sure it could be done though I don't know the technical specifics.

You could actually turn it into an entire component of the client where you hardcode in reversals of fradulent activity, based on democratic and fair judgements.

I'm sorry but this is an awful idea.  Who is going to use a client that allows the community to vote away the bitcoins in wallets?

The legal system does the same thing... and I think it is fair. I would use it.

then use the legal system.

what you propose opens the door for chargebacks.  then bitcoin would suck worse than paypal.

Yes, no chargebacks.  No democratic or "fair" processes or features are needed either.  It is up to the user to protect their wallet.  

Also with the new planned encryption features in the bitcoin wallet (and future security features I am sure), it will be safer for the average user.  

But still their responsibility in the end though...
16  Bitcoin / Mining / Re: 6950 Non-reference card OC, Flashing and tweaking thread on: June 15, 2011, 10:50:19 AM
I have 2 6950s..both reference...one his and one asus...i went on techpowerup and searched their bios collection..they have unlocked bios of both cards..

ALWAYS use an unlocked 6950 bios rather than flashing it with a 6970 bios...the later will cause your card to run hotter, break the voltage control, and has know to cause damage due to the memory using different timings..

as for increasing the overclocking limits, i dont use the unofficial method in msi afterburner as then i cant clock down the cards at idle and i lose the power control 20+ option in CCC..

to get around the 840mhz limit, i used racerx's registry CCC hack and set my own upper and lower limits, that way i didnt have to enable 'unofficial overclocking'..google it

Thanks but we are trying to work with NON REFERENCE cards in this thread! 

17  Bitcoin / Mining / Re: New miners with only profit in mind, you need to rethink before buying equipment on: June 14, 2011, 08:01:04 AM
- include estimates for difficulty for next 5 rounds in your projections
- make different estimations based on varying BTC price

Doing this you can still get a pretty good idea when you will pay off your mining equipment.  

And yes, you are correct, there are no guarantees, it is risky and not easy.  

But the decision is based on your math in the end.  (and risk tolerance once you know your numbers)

Yes, doing the maths is a good idea. It will give you a more clear vision of what could be. Im doing it.

The problem is that at the end of the day all your maths could account to nothing. The bitcoin price exchange could skyrocket again and give you record profits as the new miners take a while to set up new rigs. Or the bitcoin price exchange could collapse and you would eat all the hardware.

You can do all the maths you want to get a clearer vision of the "what if", but no math is going to tell you what is the right decssion.


No one said mining was a zero risk game.   Wink   Don't risk what you can't afford to lose. 
18  Bitcoin / Mining / Re: New miners with only profit in mind, you need to rethink before buying equipment on: June 14, 2011, 07:33:55 AM
Nothing to think about.  It is just math. 

- how long to pay off rigs including electricity?
- then profit for x months
- then throw away video cards in the garbage


Simple.

The problem is that it is not that simple. To calculate you need to know the difficulty of mining and the exchange of bitcoin and the currency you pay electricity with (dollar, euros, ...) for the next months. And if you knew that you would probably make more money speculating.

The difficulty changes (roughly) every 14 days and depends on the power of the Bitcoin network, which changes as new miners and new rigs are added. Can you tell me what difficulty is going to be in 2 months? In 4? In 6?

The exchange ration changes even more. Can you tell me what the exchange ratio is going to be in two months? In 4? In 6?

Basically you can not do the maths. You can speculate and make your guess, but at the end of the day its not guaranteed. Mining is risky. You can end up eating your hardware if the difficulty goes up a lot and the exchange does not. And the difficulty is going up a lot in the next iterations.

- include estimates for difficulty for next 5 rounds in your projections
- make different estimations based on varying BTC price

Doing this you can still get a pretty good idea when you will pay off your mining equipment. 

And yes, you are correct, there are no guarantees, it is risky and not easy. 

But the decision is based on your math in the end.  (and risk tolerance once you know your numbers)

19  Bitcoin / Bitcoin Discussion / Re: [ANN] Bitcoin version 0.3.23 released on: June 14, 2011, 06:05:32 AM
Great job.

feature suggestion.  "check for updates" and auto install new version.   

Thanks!
20  Bitcoin / Mining / Re: New miners with only profit in mind, you need to rethink before buying equipment on: June 14, 2011, 05:34:46 AM
Nothing to think about.  It is just math. 

- how long to pay off rigs including electricity?
- then profit for x months
- then throw away video cards in the garbage


Simple.
Pages: [1] 2 3 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!