|
Someone managed to get bitcointalk.org listed on a prominent after market domain sales platform. Then all the domain registrars started marketing the site as for sale.
The warning was added to make it clear the site wasn't for sale, hopefully to prevent people getting scammed and also as evidence should registrars do anything strange and transfer the domain to someone else.
|
|
|
|
|
No. He deserves damnatio memoriae.
|
|
|
|
|
We're well passed the era of trying to wrap economics around carefully crafted ideologies. Maybe you can make a new one, but it won't be long until those ideas become obsolete too at the rate of progress.
|
|
|
|
|
Only professional programmers would consider his code 'bad' or 'sloppy'. But professional programmers have a tendency to over-complicate everything behind twenty layers of abstraction and object-orientated garbage, so they see anything that doesn't do the same as bad code.
The bigger problem is that he used Windows, which is an unforgivable sin.
|
|
|
|
|
Thank you!
The captcha on the log in page was driving everyone crazy, especially Tor users.
|
|
|
|
|
Having ~2 sites where the binaries are distributed is ideal, but no more. Having distribution centralized helps spot any compromised binaries quicker than if they were spread out between 10 different sites (it would take longer for anyone to detect malicious binaries on one site because users and eyeballs are spread out between sites). Probably even if you had 10 sites, most users would converge on 2 anyway.
I generally always recommend bitcoin.org as the best place to get the binaries. The number of users and businesses running scripts to fetch the binaries from there and check the integrity is considerable. For most users who don't check the signatures, it's the least risky place to get them.
|
|
|
|
I don't understand how this can work. Suppose I automatically generate two dandelion transactions, with some relationship with each other, like parent/child and relay them at the same time. Not seeing the first transaction makes the second invalid, but if they both relay through dandelion, won't there be situations where the second transaction is seen by the Bitcoin network first and rejected as invalid because the first is still swimming around in dandelion relays somewhere? Or are both somehow routing through the same route?  Additionally, from what I read, every dandelion ready node can turn any dandelion transaction into a normal Bitcoin transaction and broadcast it. There isn't anything like onion routing preventing intermediaries from reading what they're sending along in the next hop. What if you set up a few nodes, but instead of "fluffing" a transaction 10% of the time, you do it 50%. Doesn't that degrade the overall security assumptions? Maybe these are stupid questions and I've misunderstood something, but the BIP and overall research feels incomplete. |
|
|
|
|
The bigger a forum gets, and the more niche and limited the topic, the less there is to actually discuss. Aside from the usual "who is Satoshi Nakamoto?" type posts, and the day-to-day price movements and happenings, there's not a lot of things to talk about. There's more people on here than possible discussion material. You get people who care a lot about their rank and making money just posting nonsense, but if you banned all of these people, there wouldn't be more quality discussion, there would be about the same as before, but you would just notice it more because all the crap is gone. When you lurk for a while though you quickly develop a sense of which topics and sections are good parts of the site.
It's a little crazy how a lot of users on here care about magic internet points though. Maybe there is some psychological thing about a fascination with points, because it seems to be a thing on every social platform. I remember how even decades old forum software had those reputation points, Reddit has karma, Facebook has likes, etc. It's like nobody builds anything social without some sort of point system attached so users can compare the length of their virtual dicks. Maybe this explains how Bitcoin caught on so well when it was unknown, because it was pretty nice and somehow satisfying to own a lot of useless internet currency, but the more people thought that way the less useless and more valuable it eventually became.
|
|
|
|
|
Passports are bad, but it could be a lot worse with something like biometrics. Better to acknowledge that nation states while bad are still not too creepy with how they keep track of their slaves.
|
|
|
|
I just managed to log in now, but couldn't use the site at all yesterday. Even today it took me way too long because of the captcha (wasted so much time training Google AI to improve its spying capability  ). The initial Cloulflare page with the captcha isn't the problem, it's the log in page with the issues. I think some sort of creative solution as suggested by some is possible here. Maybe a whitelist of PGP keys? Users can put their public key in their account somewhere, and those with enough trust can log in without the captcha by signing some arbitrary text? |
|
|
|
You apologize, only to spit in my face with more vicious attacks. My Reddit account was compromised at that time, but I quickly regained access to it. I told this fact to a few people who contacted me in concern, and thought the issue was put to rest, but it turns out it's being intentionally resurfaced to discredit me. And "asking Blockstream for money" because I was "broke"? Seriously? I contacted a whole bunch of businesses about sponsorships for bitcoin.org, something I've done for a while. I've pasted the email below. Your timeline of events is wrong, the compromised posts are from Sept 2017, but this email was sent in May 2016. So it wasn't "a few weeks later" that my Reddit account posted those things. You are being intentionally deceptive, vague and making up timelines to make me seem more erratic and malicious. I might be distrustful of Blockstream (I don't trust most American technology companies, and I didn't trust the Foundation too much either), but when you make up timelines, misconstrue things, and behave like an amateur NSA PSYOP agent, it doesn't help your case. Back on topic, I think there's two sets of Core users: those who run their node and rarely update it, and the more enthusiastic ones who keep up with upgrades. It might make sense to have a LTS version with more thoroughly tested and vetted consensus critical code (that's proven itself), and a regular version. I think more choice and flexibility could be useful here. Obviously it won't catch all bugs, there will always be bugs, but it might help minimize it. Though with all the eyes on the code now after the recent bug, especially around optimizations, maybe more people will be ready to point out critical flaws. Date: Mon, 30 May 2016 11:38:52 +0000 From: =?UTF-8?Q?C=C3=B8bra?= < domain@bitcoin.org> To: < inquiries@blockstream.com> Cc: "Gregory Maxwell" < greg@xiph.org> Message-Id: < 15501759afd.df43a501857.5742453511502958330@bitcoin.org> Subject: Bitcoin.org Sponsorship MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_2033_1126291026.1464608332543" X-Priority: Medium User-Agent: Zoho Mail X-Mailer: Zoho Mail X-ZohoMail-Sender: Cøbra ------=_Part_2033_1126291026.1464608332543 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit Hey, Bitcoin.org is currently looking for a new sponsor (previously we were sponsored by the Bitcoin Foundation) and we were wondering if Blockstream would be interested in supporting the site financially. The site continues to get large increases in traffic, and we want to ensure that the site remains fast, online and secure well into the future. Bitcoin.org is the first place most new users go to learn about bitcoin, it teaches them how Bitcoin works, and helps them get set up with a wallet. The site's content has been translated into many languages, and any user is free to make a pull request on Github to improve the site. If this opportunity is something that interests you, then please let me know, and we can discuss further the details of a sponsorship arrangement. Thanks. ------=_Part_2033_1126291026.1464608332543 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head>= <meta content=3D"text/html;charset=3DUTF-8" http-equiv=3D"Content-Type"></h= ead><body ><div style=3D'font-size:10pt;font-family:Verdana,Arial,Helvetica= ,sans-serif;'>Hey,<div><br></div><div>Bitcoin.org is currently looking for = a new sponsor (previously we were sponsored by the Bitcoin Foundation) and = we were wondering if Blockstream would be interested in supporting the site= financially. The site continues to get large increases in traffic, and we = want to ensure that the site remains fast, online and secure well into the = future. Bitcoin.org is the first place most new users go to learn about bit= coin, it teaches them how Bitcoin works, and helps them get set up with a w= allet. The site's content has been translated into many languages, and any = user is free to make a pull request on Github to improve the site.</div><di= v><br></div><div>If this opportunity is something that interests you, then = please let me know, and we can discuss further the details of a sponsorship= arrangement. Thanks.</div></div></body></html> ------=_Part_2033_1126291026.1464608332543-- |
|
|
|
It would be more productive if you were specific instead of vague. The vague allegations, devoid of context, just come across as toxic themselves-- a character attack, rather than a complaint about something specific that could be handled better.
You have attacked me with character attacks by viciously claiming on Reddit that I had sold my credentials, and even sent me an e-mail out of the blue one day asking how much I "sold out" for. I don't have time to look through your extensive post history on /r/btc, but I remember you spent years wrestling with pigs and constantly harassing and deriding people that wanted to "improve the world". I attacked these people too in similar ways, and many of them were incompetent, but I think you out of all people aren't in a position to preach the value of polite discourse, since you're one of the more toxic/controversial figures in the Core team. I'm disappointed, I think I explained directly and via analogy as to why this is the case but it doesn't seem to have been communicated to you. Perhaps someone else will give a go at translating the point, if its still unclear.  Yes, this was your analogy: Imagine a bridge construction crew with generally good safety practices that has a rare fatal accident. Some government bureaucrat swings in and says "you're constructing too fast: it would be okay to construct slower, fill out these 1001 forms in triplicate for each action you take to prevent more problems". In some kind of theoretical world the extra checks would help, or at least not hurt. But for most work there is a set of optimal paces where the best work is done. Fast enough to keep people's minds maximally engaged, slow enough that everything runs smoothly and all necessary precautions can be taken. We wouldn't be to surprised to see that hypothetical crew's accident rate go up after a change to increase overhead in the name of making things more safe: either efforts that actually improve safety get diverted to safety theatre, or otherwise some people just tune out, assume the procedure is responsible for safety instead of themselves, and ultimately make more errors.
This analogy is flawed and makes no sense. Bridge construction is completely different from software engineering through the open source process. Construction is a linear thing, you can't build multiple "prototypes" of real physical bridges and test them and choose between them, you need to build the entire thing once, and in this context you would be correct that it makes more sense to keep minds maximally engaged. But in Bitcoin Core, developers can work in their own branches with total freedom, and no red tape, so I fail to see how they wouldn't be engaged? There's nothing stopping them from working "optimal paces" in their own branch and then opening a pull request after their sprint to try to get the change merged in. There already exists a testing/review step, IMO there's no harm in making this step slightly longer and encouraging the community to try to break and mess up a new feature. Bounties can be paid to try to break stuff too. Anyway I'm exiting this discussion because I feel like we're going to go around in circles and derail the thread, and I've said what I wanted to say. I think we should take the personal issues to PM or something. Cheers. |
|
|
|
It's easy to point fingers and assert that the world would be better if other people acted according to your will instead of their own free will, harder to look at your own actions and contemplate what you could to to improve things. To risk making the same mistake myself: Instead of calling people who owe you nothing incompetent, you could offer to help... Just a thought. It's the advice that I've tried to follow myself, and I think it's helped improve the world a lot more than insults ever would.
I think this discussion is getting away from the general topic, but you were recently someone who would attack other development teams trying to "improve the world" in their own way with even more harsh terms and toxic insults. I don't think polite discourse is your strong suit either when you are known for pointing fingers at people that fork your project. What I seem to be getting from your posts is that mostly every change is a consensus risk, and that development should move faster or at the same pace, but not slower. You claim that moving slower would potentially result in less testing, which makes no sense. You can simply have a feature or optimization on a test branch, encourage users to mess with it (by actually interacting with the feature, as awemany was doing), possibly even with some sort of bounty scheme, and once sufficient time has passed and lots of different people and companies in the industry have tried to break it, you merge it in. I can't fathom how moving slower wouldn't help here. |
|
|
|
In an effort to increase communications, we are launching an opt-in, announcement-only mailing-list for users of Bitcoin Core to receive notifications of security issues and new releases. https://bitcoincore.org/en/2016/03/15/announcement-list/Apparently, according to Luke-jr who's subscribed, Bitcoin Core still hasn't even bothered to use their announcement mailing list (specifically set up for security issues and new releases) to warn about CVE-2018-17144 yet (a security issue fixed in a new release no less!). That's pretty incompetent if you ask me. https://twitter.com/LukeDashjr/status/1043917007303966727 |
|
|
|
For example, right now, a huge majority of the network is running vulnerable software, but because the alert system was removed, there's no way to reach them and tell them to upgrade. We just have to pray they check certain sites. Makes no sense. Some sort of alert feature in software that handles money is a necessity, it could have been enabled by default with an option to disable it. Satoshi was so smart and practical to add that.
You do realize that you're lamenting the removal of a back door key that could be used to remotely crash nodes? Even without the crash it inherently meant that a single potentially compromised party had the power to pop up to all users of the software potentially misleading messages-- like falsely claiming there were issues that required replacing the software with insecure alternatives. No thanks. No one who wants that power should by any account be allowed to have it. Not if Bitcoin is to really show its value as a decenteralized system. But it just goes to show that for every complex problem there is a simple centralized solution and inevitably someone will argue for Bitcoin to adopt it. Bitcoin is the consensus rules and protocol, which Bitcoin Core implements, but Bitcoin is not synonymous with everything in Bitcoin Core. The alert system was never part of the consensus rules, and therefore doesn't have anything to do with Bitcoin, so being excessively concerned with decentralization makes no sense in this context. Maybe the previous implementation of an alert system was flawed, with the crashing bugs, and the alert key being controlled by dubious people, but this doesn't make alerts in and of themselves a terrible idea. The unlikely event of the alert key being abused are overcome by having a "final" alert broadcast, any harm an attacker could do is minimal. The benefits far outweigh the risks here. But somehow allowing for thousands of users to unknowingly be put into situations where they're running insecure financial software is acceptable for you so long as you believe it improves some vague notion of decentralization (it doesn't). Let's be glad this bug wasn't something that could be exploited to hack into nodes remotely and steal funds, like a buffer overflow or use-after-free. |
|
|
|
|
I think the problem is that Core has too many developers, but not enough review/testing, and there's simply too much going on at once. When a lot of the changes are optimizations, refactoring, and the occasional networking/consensus touching stuff, it's inevitable you will get situations where a scary bug like this slips through due to all the emergent complexity. It's not like all these guys are doing GUI features. I like the idea of a fork with only necessary consensus changes (as these are very well tested). There should be two choices between reference implementations; "safe but slow" and "slightly more risky but fast". The more I think about it, the more a LTS version with only consensus changes and critical bug fixes makes a lot of sense in the context of Bitcoin.
To be honest, some really strange decisions get made at Bitcoin Core. For example, right now, a huge majority of the network is running vulnerable software, but because the alert system was removed, there's no way to reach them and tell them to upgrade. We just have to pray they check certain sites. Makes no sense. Some sort of alert feature in software that handles money is a necessity, it could have been enabled by default with an option to disable it. Satoshi was so smart and practical to add that.
|
|
|
|
It's disappointing how prominent people like Gregory Maxwell and Samson Mow have helped in spreading vicious rumors that I've been compromised or sold my account.
You can't reasonably believe that unless you have proof. Source? It's all just a smear campaign organized by people associated with Blockstream.
Source? The fact that something so obvious needs to be stated is a testament to how so many in this community have become paranoid and are in a state of permanently waiting for the next "enemy of Bitcoin" to show themselves.
Disagreed. We've seen hijacking before (recently @Bitcoin twitter handle), and being cautious isn't a bad thing. Roger Ver is pretty much down for anything to get his way from what I can tell. If this account was hijacked, it could just shill Bitcoin Cash on bitcoin.org, so I doubt they believe I've actually been compromised, it's just a means to smear me. They're very tribalistic and emotionally sensitive, so any opinion outside of their small overton window of acceptable thought scares them, and they react by launching personal attacks and smear campaigns. |
|
|
|
Therefore, he can hijack both domains if he wanted to? That doesn't sound good given his statements in the last couple of weeks/months on Twitter and whatnot.
Someone finding Bitcoin Cash useful for a particular use case (payments) doesn't mean they're immediately some raging "Bitcoin Cash is Bitcoin" crazy person. Right now I keep most of my money in Bitcoin, and some spending money in Bitcoin Cash, but if the fees get high on Bitcoin, as they sometimes do, I can just pay for things with Bitcoin Cash since adoption is reasonably good. It's ridiculous how there's no longer any nuance left in the community. Everyone's so ready to chase anyone out of the community just because they don't hate on Bitcoin Cash with the same fierce fiery hatred. I haven't done anything evil with my access, ever. In fact, I've been extremely aggressive in preventive efforts to harm actual evil like XT, Classic, BU, NYA, etc. It's disappointing how prominent people like Gregory Maxwell and Samson Mow have helped in spreading vicious rumors that I've been compromised or sold my account. Despite what you read on Twitter, there's no history of me doing anything malicious to harm the Bitcoin community. It's all just a smear campaign organized by people associated with Blockstream. I can assure you all that nobody will ever see anything evil put up on bitcoin.org or bitcointalk.org. The fact that something so obvious needs to be stated is a testament to how so many in this community have become paranoid and are in a state of permanently waiting for the next "enemy of Bitcoin" to show themselves. |
|
|
|
I dont buy that at all. This is freaking 2018. What is so difficult about shipping a machine over. It can be done in ONE DAY. There are only a few tweets about the machine's existence and no detailed reviews.
We have a foruner whose review claims that the machine is actually NOT as good as advertized. Some of the machine are abit better than S9 and some are worse.
No one wants a cherry picked review that shows good numbers. The fellow can probably drive to u and help u with the review. It is also suspicious that all your 2018 posts are in halong thread and your post before that was in 2015. No offense intended.
Quite honestly, if I was in Halong's shoes, I'd probably do the exact same thing. The March orders were the early believers and the ones that should deserve their units before anyone else. I certainly wouldn't ship test units to anyone before my very first customers that had paid me nearly half a year ago. Remember, everyone had the opportunity to see the unit in person -- which many people did, in January at multiple avenues. There is zero chance I would ship anyone else the units prior to my early believers. I think I've made my point clear and concise with my activity and have proven beyond a reasonable doubt that I am the original account holder. As indicated, if there was a manufacturer representative that lived close to you, I'm sure anyone here would do the same thing I have done. With regards to reviewing the unit, if anyone wants to fly/drive out to Milwaukee and visit my shop when I receive the unit, they are welcome to do so. I'm happy to host you and review the unit together with anyone that wishes to. Cobra, if you fly out, I'll even get a crow  You probably are in Halong's shoes, since you sound like Scott Offord, Halong's "helper" who also happens to be based in Milwaukee. I'll bet "zerobias" in this thread is Oleg, a Russian associated with this whole shady operation. Really, how convenient for this guy to get the hardware for review, and not people like philipma1957 and HagssFIN? Bunch of scammers selling likely stolen shit to the community that doesn't meet the specification, and fake miners, and preying on rightful concerns about mining centralization to pump their deception the entire way. I feel bad for people like -ck, Adam Back, and slush who got deceived by these guys and helped add legitimacy to them, the coming weeks are going to be... interesting for them. |
|
|
|
You indeed own that twit acc. LoL we are doomed.
How can you say that they are fake while there are hundreds of videos showing them while working already? ck himself said he wrote the code, slush itself confirmed they mined the first ASICBOOST block.
What happened to you?
I didn't say they were fake, I said Halong Mining was a scam, and that they're likely selling Innosilicon BTC miners they've obtained somehow, and using this to build legitimacy so they can sell non-existent hardware for other algorithms. I also said I doubt that they have these Innosilicon miners in enough volume to be able to fulfill all their customers orders. |
|
|
|
|
Show Posts
