Bitcoin Forum
August 19, 2022, 11:20:23 AM *
News: Latest Bitcoin Core release: 23.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1] 2 3 4 5 6 7 »
1  Bitcoin / Legal / Re: MtGox Bitcoin Lawsuit on: February 26, 2014, 12:08:30 AM
Don't disregard the possibility that the OP might *deserve* those kudos if the FBI arrests Mr. Karpeles, or whoever is responsible for the Great Bitcoin Heist(tm) against Mt. Gox.  Don't disregard the likelihood that anybody who had bitcoins deposited with Mt. Gox is SOL when it comes to getting them back, either, even if the FBI finds the perp.  A few lessons from this:

1) Don't treat uninsured, unregulated "banks" and "currency exchanges" as if they were risk-free.  They're not.

2) Don't treat money as yours until you have it in a safe place.  Your own keychain is a safe place, *if* you keep it encrypted and keep current backups.  A safe deposit box at your bank, or a fire-resistant strongbox at home, make it even safer.

I had about .000004 of a bitcoin left in Mt. Gox, not enough to worry about.  I left it there in 2010 or 2011, when I concluded that Mt. Gox was not being operated by standards that I trusted for my money and withdrew most of what I had.  I don't use Paypal either, for the same reason. :/

If you want to see Bitcoin become something other than a currency speculator's wet dream, I suggest that you start planning a banking and financial system that has the same basic safeguards as exist for fiat money.  That system is a LONG way from perfect or secure, but it has some degree of accountability built-in.  When bitcoin has that, and when the current currency fluctuations die down, it will be something that businesses will be willing to accept as more than an experiment, and people will then be able to use as they would dollars or euros or yen.
2  Bitcoin / Legal / Re: Announcing nationwide petition drive to get city hall to bail out bitcoin. on: February 25, 2014, 11:51:45 PM
Oh, and maybe post comments on how to start a petition.

I don't recommend this, not if you do not want to have Bitcoin under the thumb of whichever government bails it out.
3  Economy / Goods / Re: Maple Syrup on: January 18, 2012, 03:05:29 AM
I'd definitely consider it, although with BTC running at $6.50 US right now, I hope the prices would be adjusted to reflect that.  Wink
4  Economy / Goods / Re: [Interest Check] Home Made Rum-Flavored Vanilla Extract on: January 18, 2012, 03:02:02 AM
I'd be interested in a bottle as long as the price wasn't insane.  If I liked it, I'd be interested in semi-regular purchases.  (And might volunteer a recipe or two using it for your web site, if you'd like, as well.) :-)
5  Economy / Trading Discussion / Re: MT. GOX PHISH SITE REPORTED: ltgox.com on: January 14, 2012, 06:13:49 PM
It's probably a waste of time to spam the fake credentials.  Even on a Saturday, with Mikko Hypponen on the case, it'll be down soon.  Also, Spamhaus just listed the IP that hosts the site.

But if it makes you feel good.... Wink
6  Economy / Trading Discussion / MT. GOX PHISH SITE REPORTED: ltgox.com on: January 14, 2012, 05:48:08 PM
There is a live Mt. Gox phish site at the domain ltgox dot com.  I just saw this on Twitter:

   @mikko: Bitcoin users, note that "ltgox ․ com" hosts a live Mt.Gox phishing site. Stores
               stolen logins to "/home/ddancom/". Oh, hello there @ddancom

I have a tool for investigating malware and phish sites, so I opened the URL.  It is live as of 17:46 UTC (9:46 AM on the U.S. west coast.)  Do NOT be fooled.

By the way, @mikko is Mikko Hypponen, who works for Finnish company F-Secure and is one of the top malware and security experts in the world.  @ddancom is presumably the phisher. Wink
7  Bitcoin / Development & Technical Discussion / New version (0.51) on Windows 7: bitcoin-qt.exe aborts with error after install on: January 03, 2012, 05:29:08 AM
I've completely uninstalled Bitcoin (my wallets being packed away and safe), and installed a clean Bitcoin 0.51 under Windows 7.  I *cannot* get it to work -- the client aborts with an error every time.  (Three tries so far, uninstalling each time.)  Is anybody else having this problem?  Does anybody know how to fix it?
8  Bitcoin / Bitcoin Discussion / Re: Obnoxious Casascius Spam (hint: /etc/hosts: 127.0.0.1 casascius.com) on: October 26, 2011, 02:45:50 AM
It appeared that the leaked e-mail list was targeted, and that's why I sent to it.  I certainly do understand that receiving the e-mail is obnoxious.  I suppose I have to weigh it against how obnoxious it is to hear about people getting scammed.

It should be obvious I hate spam as much as the next guy, and I feel I'm running the gauntlet even trying that (with respect to my ISP).

If you received it 3 times, it means you had 3 accounts at MtGox... =)  I only sent it once.

I got one of your emails, and so far one scam spam that matches the description you gave in your emails. Technically what you did (really did, not the scam emails) was spam.  It was unsolicited bulk email.  While there might have been a better way to deal with this than send out that big email blast, however, I'd be hard put to consider somebody who just wanted to warn people about a scam or phish a bad guy.  (And I'm a hardcore antispam activist with a LONG track record in antispam.)  Announcing the scam here would notify some people, but a lot of the Mt. Gox client base doesn't participate in this forum much.  (Some of those who did got disillusioned after loosing a bunch of bitcoins in earlier frauds and wandered off.)  It's hard to imagine how to contact them all in any other way.

My condolences.  This isn't fun, I know. :/


9  Economy / Collectibles / Re: CASASCIUS PHYSICAL BITCOIN - In Stock Now! (pic) on: October 26, 2011, 02:32:46 AM
Well, the site it came from was in Russia and casascius.com is in Utah, so I can buy that explanation.  I withdraw my previous statement then... either you've hit upon a clever way to market or someone is being a total douche in Russia and I'm happy to give you the benefit of the doubt in this instance.

Not even necessarily in Russia.  The IP that was used to send the scam spams from "casascius.net" was in Russia.  I checked, and that IP is currently listed in the Spamhaus SBL.  Here's a link to the SBL listing page for the scam:

http://www.spamhaus.org/sbl/sbl.lasso?query=SBL119864

The IP appears to host an insecure PHP script (ajax.php), and that script was used to send the spam.  The spammer could have done this from anywhere; insecure scripts rarely log IPs that connect to them and never include those IPs in the headers of the email that they send. :/  The domain casascius.net is registered through a really scuzzy offshore registrar, and the ownership information for the domain is cloaked in Whois.  So I think that the scammer (whoever it is) actually does own that domain.

It is *theoretically* possible that Mike Caldwell (the real Casascius) could have done all this. If he did, he's got a genius IQ, a truly warped imagination, *and* no ethics.   People like that exist, but in my experience they are rare.  And he doesn't come across as one of them here on the board. Wink

He did send one email to the whole Mt. Gox list.  That email warned them about the scam.  While *technically* it was unsolicited bulk email and therefore spam, I doubt that the most rabid antispammer would object to what he did.  Spamhaus did not, and they clearly must have gotten his email because email addresses on the Mt. Gox list either belonged to a Spamhaus person in the first place or were donated to them after the security breach so that they could monitor scams and phishing attacks aimed at those email addresses.
10  Economy / Goods / Re: 1 gram .999 fine silver "bitcoin" rounds *********type 2*********** on: October 14, 2011, 10:33:44 PM
I don't mind the 1 gram coins -- they're smaller than U.S. dimes, but not so much smaller that you can't keep track of them or enjoy the designs on them.  However, I would not at all mind seeing some larger coins, and some 1 gram coins in other precious metals such as palladium, gold, or platinum....  Just an idea, if you have the capital and the demand to justify it. Wink
11  Economy / Goods / Re: BitBrew Promotion! on: October 14, 2011, 10:30:54 PM
Just finished my last bit of the Edd's Ethiopian Harrar I had in stock.  Fortunately I have some more on its way, should arrive today or tomorrow.  :-)  I'm a coffee nut -- I frequently order coffee beans from some very fine roasters.  I wouldn't have bought Edd's coffee more than once for the novelty of being able to use Bitcoins to pay.  This will be my third or fourth order from him when it gets here, so you can take it for a given that I recommend his coffee.  (The customer service is quite good too.)
12  Economy / Services / Re: Professional Writing/Editing Services on: October 06, 2011, 05:30:47 PM
Most technical writers doing work for hire don't charge per word, but I would agree to a rate of US $ 0.05/word for academic or research writing, US $ 0.10/word for commercial or professional writing.  The equivalent in today's bitcoins would be approximately BTC 0.01/word.  (Bitcoins seem to be hovering at an exchange rate of $5.00 US to 1 BTC.) 
13  Economy / Goods / Re: 1 gram .999 fine silver "bitcoin" rounds *********type 2*********** on: September 24, 2011, 03:28:09 AM
I've been expecting both gold and silver to dive from current highs.  I'll probably invest seriously once they're back down to a reasonable level.  (IMHO the current level absolutely screams "bubble".)  But I didn't buy the silver Bitcoins as an investment in anything but making some family members happy.  It will do that. :-)
14  Economy / Goods / Hey, Mick (Mjbmonetarymetals), howabout 1 gm gold bitcoins?;) on: September 22, 2011, 12:45:51 AM
I love your 1 gram silver bitcoins, and plan to use them for stocking stuffers this year.  I would probably buy a few in 22 or 24 carat gold as well if they were available.  (Hint) <G>
15  Economy / Goods / Re: BitBrew Promotion! on: September 22, 2011, 12:42:32 AM
Edd's got the right idea.  And IMHO the right product.  I've ordered two batches (five types) of coffee from him now.  The Sumatra and Peruvian were excellent: I've had better only from some *very* fine coffee roasters.  The Jamaica Blue Mountain is superb; it isn't my favorite varietal, but it is my mother's and she will be getting a batch for Christmas.  The Ethiopian Harrar is within a shade of the best I've ever had and definitely the best that I can find now -- I've ordered it twice and expect I'll be ordering it regularly.
16  Economy / Goods / Re: 1 gram .999 fine silver "bitcoin" rounds *********type 2*********** on: September 13, 2011, 11:19:20 PM
Mine have arrived, and are gorgeous.  Christmas stocking stuffers that should start a REAL conversation. :-)
17  Economy / Goods / Re: BitBrew Promotion! on: September 13, 2011, 03:11:30 AM
Don't have any coupons, but the coffee Edd sells is good.  I've got another batch on order already, and expect I'll be buying from him regularly.  (His Ethiopian Harrar is superb.)
18  Economy / Goods / Re: 1 gram .999 fine silver "bitcoin" rounds *********type 2*********** on: September 12, 2011, 08:29:23 PM
My silver bitcoins have arrived.  They're as advertized, and quite gorgeous.  I'll look forward to stuffing some stockings with them this Christmas. Wink
19  Other / Meta / Re: Info about the recent attack on: September 11, 2011, 08:49:27 PM
Everyone should use lastpass.com and generate the longest password a site will accept (or just 32 random characters/numbers is sufficient imo) plus save that on lastpass.com

It's too easy and there is no excuse not to do it.

NO!  Everybody should use a long (16+ character) password with mixed upper- and lower-case letters, numerals, and symbols, but SHOULD NOT generate or store that password on lastpass.com or ANY third-party password service.  Use of such a service is placing the security of your information in the hands of a third party.  That's NUTs. 

Instead, use a password vault or a simple GPG-encrypted text file on your own laptop or personal computer, backed up to a CD/DVD or a USB dongle that is kept offsite.  Encrypt that one file with a long passphrase, and do the work to memorize the passphrase.  Voila -- actual security instead of security theater.

(I'm shaking my head at nutty idea that passwords should be entrusted to a third party that you don't even know.) Sad



20  Bitcoin / Bitcoin Discussion / Re: TradeHill - False emails claiming to be from us or Mt Gox on: September 07, 2011, 11:01:04 PM
1 . Such as no links in e-mails.
2 . If you see an e-mail that has a link or is suspicious please report it to security@xxx.xxx
3 . Do not enter your credentials on a site that looks suspicious.
4 . If you come to the website and it's missing an HTTPS (secure) then do not provide any information and report it to security@xxx.xxx
5 . XXXX company does not provide login forms on any other site other than XXXX proper.

For what it's worth, this is a good idea and these are good points.  I'd sort them out as follows:

FOR BANKS/EXCHANGES:

1) Send no email that contains URLs in the message body.
2) Use SSL for all Web pages that contain web forms or solicit input from users.
3) Provide no logins or access from any site other than the specified site.

FOR USERS:

1) Assume that emails that contain links or ask for information are scams and report them to security@xxx.xxx, which forwards them to the proper location.
2) Report web URLs that begin with anything other than "https" to security@xxx.com.
3) Do NOT EVER click a link in an email, or hit reply, and provide any private information to what you think is a request from your bank or financial institution.  It isn't.  It's a scam.

I also recommend that Mt. Gox, Tradehill, CampBX, Flexcoin, and any other Bitcoin bank or exchange designate a specific person responsible for security in their system, and that this person keep on top of security issues.  For example, I would hope that the people responsible for these sites are aware of a major hack/compromise in the SSL security system that was reported a couple of weeks ago -- the DigiNotar hack.  To summarize, one of the links in the security chain that ensures SSL connections are secure was hacked and extremely good forged certificates were issued for several heavily used web sites, such as Google, Yahoo, the Tor Project, and others. That allowed the hackers to intercept secure SSL communications between these sites and users. It appears that the Iranian government, not cyberthieves, was responsible -- THIS time.  But a group of cyberthieves could just as easily have issued certificates for Bank of America, CitiBank, Wells Fargo, or somewhere else where people keep money, snooped THOSE communications, and... You get the idea.

If you want the details on this hack, PM me or email me and I'll fill you in.  (It's highly technical and off-topic here.)  But Bitcoin isn't immune from this sort of thing.  Somebody at each Bitcoin bank and financial site needs to keep on top of this and be responsible for taking active security measures to fend off the bad guys.
Pages: [1] 2 3 4 5 6 7 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!