|
Locking because nothing is happening about this and the last several pages are just people looking for a place to post for their sig campaign
|
|
|
|
Is there a tool that can take a block number, and a block count, and return the number of minutes between successive blocks. While I can build this by hand from blockchain.info, there is a certain tediousness to it.
For example, I would like to start at block 370944, the beginning of the current epoch, and continue for some small number, perhaps 18 or 24.
Each bitcoin block has a timestamp, but it is added by the miner (by the local time on the bitcoind machine or on the pool server) when the block was generated to be hashed. There are many blocks that have a negative timestamp offset compared with the previous block due to differences in computer clocks. It may be more reliable to have a listening node monitor the time that new blocks are published on the network (which propagate everywhere within seconds) if you are not doing historical analysis. In Bitcoin Core, you can get the timestamps out of your local blockchain, but it requires chaining two RPC commands: one to get the block hash, and one to dump that block using the hash. Here's a post I wrote describing a script to do this. Replace "bitcoind" with "bitcoin-cli" when using the latest Bitcoin software. Here's a PM I wrote someone else with the details of wot to do. I have a CSV of block times: https://bitcointalk.org/index.php?topic=135982.msg1453722#msg1453722I dumped them on Windows with this "dumptime.cmd" in the bitcoind directory (and then added some more spreadsheet columns to make epoch time readable time), here it dumps times from block 50000-99999: @echo off
setlocal enableextensions
set /a height=50000
rem echo --start > timeout.txt
:beg
for /f "tokens=* delims=:" %%a in (
'bitcoind getblockhash %height%'
) do (
set hash=%%a
)
for /f "tokens=*" %%a in (
'bitcoind getblock %hash% ^| find "time"'
) do (
set blktim=%%a
)
echo %height%: %blktim%
echo %height%: %blktim% >> timeout.txt
set /a height = height + 1
IF %height% LEQ 99999 goto beg
endlocal blocknum,epochtime,blocksec,datetime
0,1231006505,0,2009-01-03T18:15:05Z
1,1231469665,0,2009-01-09T02:54:25Z
2,1231469744,79,2009-01-09T02:55:44Z
3,1231470173,429,2009-01-09T03:02:53Z
4,1231470988,815,2009-01-09T03:16:28Z
5,1231471428,440,2009-01-09T03:23:48Z
6,1231471789,361,2009-01-09T03:29:49Z
7,1231472369,580,2009-01-09T03:39:29Z
8,1231472743,374,2009-01-09T03:45:43Z
9,1231473279,536,2009-01-09T03:54:39Z
10,1231473952,673,2009-01-09T04:05:52Z
11,1231474360,408,2009-01-09T04:12:40Z
12,1231474888,528,2009-01-09T04:21:28Z
13,1231475020,132,2009-01-09T04:23:40Z
14,1231475589,569,2009-01-09T04:33:09Z |
|
|
|
Given that there are two bitcoin addresses per private key, that if you are iterating through private keys pseudo-randomly (i assume this is what vanitygen does, at the end of the day), it does seem that you may as well look at both the addresses each time you calculate a point on the curve for a given private key...
Only the initial key position is random, then vanitygen just increments the key by one for each additional address search. There is little cost to be saved there. |
|
|
|
|
Testnet is not gigabytes to download either, it is much smaller than the main chain. As long as the peers find each other on the LAN (which can be done with the "addnode" command-line option) they will be up to date rather quickly.
If your lab is behind a NAT from the real internet, you will want just one "master" node connecting to the internet (with port-forwarding of the bitcoin port to that machine if you have sysadmin access to do so). then all other internal Bitcoins should connect to it by specifying just the master's IP address with the "connect" command-line option.
|
|
|
|
Could anybody post the necessary code changes to allow oclvanitygen to generate compressed and uncompressed keys simultaneously? I suspect the speed increase must be substantial
Thanks!
Your "suspicion" is misplaced. The only calculation in common that would be saved is the calculation of the x coordinate of the public key, which is just a few multiplications. Everything else, from creating the compressed public key parity, creating an address from a compressed public key and checking for the vanity match would be a completely different process. |
|
|
|
If you managed to import an address and its private without triggering the built-in rescan function to update the current balance of your wallet, then you will need to close the wallet software completely, and restart it with the rescan option from the command line. The "wallet.dat" data file maintains a current balance for your addresses. Every time that a new block is downloaded, any payment to you is noted and the balance in addresses you own is updated in this local file.
However, if your local client is in sync, having already downloaded the entire blockchain, and you then import a private key through a third-party utility, the Bitcoin client doesn't go back in history searching for old payments to this new address. You must close Bitcoin, and relaunch it with the command-line option "bitcoin-qt -rescan". This will start up Bitcoin in a mode where for several minutes it will re-examine the blockchain and attempt to detect any missing payments to you to correct your balance.
After doing so, you should be able to go to the "send" tab and select "inputs", and see the individual payments previously received by this address which contribute to your balance. If you still don't, you should look up that specific address in a block explorer site to see if it really has coins - your old wallet may have your bitcoins in other addresses than the one you think, due to "change". Here's another old post of how to do this: You need to add a command line option at the command line. On windows, open "command prompt" under accessories. Here is a typical command line session for 32 bit windows (blue is what you type):
C:\Users\user1>cd \
C:\>cd "Program Files"
C:\Program Files>cd Bitcoin
C:\Program Files\Bitcoin>bitcoin-qt -rescan
Then Bitcoin will start with the wallet splash screen displaying "rescanning..." for a minute or two. |
|
|
|
RIP. Use electrum or something else. Web-based wallets are so insecure.
No, you're completely missing the point. The problem is not that it's insecure. There are web-based implementations of Electrum (not called Electrum, but exact same technology). The problem is that the key generation method for a BrainWallet is completely flawed (in both theory and implementation). It doesn't matter that it's web based. Yes, web based wallets are less secure. But a well-implemented web wallet can beat out a shitty desktop wallet any day. Green Wallet is a great example of a great implementation, because their code is very JS-based, and very little actually happens server-side. And then when the website is hacked to look the same, but it is replaced with an address logger, etc? Or the site operator goes rogue and installs a background decrypter to a "secure" wallet and then cashes everyone out? Lesson, don't put more bitcoin in a web wallet, exchange, or web-generated address than you can afford to lose. The same warning can even be made for regular bitcoin wallets if they are used on your virused keylogged rootkitted backdoored RATted Java, PDF, and Flash 0-day Internet browsing machine. Here's a foreshadowing quote I made that amuses me: ...
I echo the sentiment that it is not worth developing any kind of "brain" based wallet, and that people who trust people to make their own passphrases are not people to be trusted with people's passphrases.
I had contemplated making a brainphrase-to-deterministic-wallet creator, but even if it used ten minutes of GPU time hashing through various combined key derivation functions per passphrase, it still could not be secure, being limited by the unbounded inventiveness of dummies using easily guessable passwords.
|
|
|
|
|
Radeon HD 5770, 58x0, 59xx series are the best address generators for the money, and they work with the stock client when using ATI Catalyst 11.11 driver (after cleaning up files left behind by newer versions of the driver)
The vanitygen client has command-line options -p for platform (if you have multiple versions of OpenCL installed), and -d for device to pick which physical CPU/GPU to run on. It also has a help option.
|
|
|
|
https://bitcointalk.org/index.php?topic=177133.0The rule is right there as a sticky at the top of the newbie section; I'm quoting the version for dummies exactly as written: IS THE README TOO DIFFICULT TO READ, NEWBIE?WELL, HERE IS A SUMMARY OF THE NEWBIE READMEFORUM RULES- NO SPAM
- NO BEGGING (AKA ASKING FOR BITCOINS)
- NO REFERRAL LINKS
|
|
|
|
Firefox 39.0.3 was released and fixes a huge 0-day flaw in the built in PDF reader that allows a site to steal files from a PC - for you this means wallet files. "The vulnerability comes from the interaction of the mechanism that enforces JavaScript context separation (the “same origin policy”) and Firefox’s PDF Viewer. Mozilla products that don’t contain the PDF Viewer, such as Firefox for Android, are not vulnerable. The vulnerability does not enable the execution of arbitrary code but the exploit was able to inject a JavaScript payload into the local file context. This allowed it to search for and upload potentially sensitive local files".
https://blog.mozilla.org/security/2015/08/06/firefox-exploit-found-in-the-wild/It was found in ads on a news site that actively searched for and stole FTP client and account information along with bash history and scripts. It is as easy to imagine drive-bys taking wallet files or anything the user can access. The exact mechanism is not detailed without having access to the CVE. Mitigations such as moving or renaming the wallet file may not be effective, as searching for files is possible. Disabling the built-in PDF reader via about:config may not be effective either, so update. |
|
|
|
|
Brainwallet itself is javascript that is in itself pretty inocuous, however it started with piss poor hash-your-passphrase that let many dummies loose their money. Then it also had a very poor random number implementation for generating non "brain" addresses that had to be pointed out to the author. It earned a "not to ever be taken seriously" badge-of-honor almost immediately.
The real danger is when you put it up on the web where the interface or code can be hacked and replaced with anything without the end user knowing. Putting a keygen on the web should never have been done, besides that the addresses and privkeys are also traveling to you through an unsecure pipe and you are getting added to the webserver's logs.
I have some Python code linked in my signature that does just one thing - make you a single good offline bitcoin address that doesn't rely on a user's idea of a secure brain-phrase. I've only advocated that you run it from a live cd, verify the program's hash posted here (would require hacking me in two very different ways to falsify), and unplug from the internet before you generate keys - maybe even unplug your hard drives first just to be idiot-proof.
|
|
|
|
It is real, the sweepstakes sponsor is Microsoft, and the bitcoin card is one of several giveaway prizes that you can independently enter. https://www.bing.com/rewards/redeem/000300000246 - However, you cannot enter without making a Bing Rewards account; even the "no purchase necessary" clause demands that you complete Microsoft's goal, which is to get you (and your info) into Bing: ALTERNATE METHOD OF ENTRY: To enter without purchase and without redeeming any Bing Rewards credits, visit http://www.bing.com/explore/rewards and follow the links and instructions to create an Account (if you do not already have an Account). Then, on a 3" x 5" card or piece of paper, hand-print your full name, complete address, phone number (with area code), date of birth, email address, and the number of the sweepstakes which you wish to be entered into, and mail it to ""Bing Rewards August 2015 Sweepstakes", Free To Enter", P.O. Box 8554, Big Sandy, TX 75755-8554. you will receive one (1) entry into the applicable sweepstakes. Requests must be postmarked by August 31, 2015 and received by September 8, 2015. Only one (1) entry per envelope allowed. Entries mechanically reproduced or made in any fashion other than as specified herein are void. Entries submitted by script, macro or other automated or mechanical means, entries by any means which subvert the entry process and entries made in any fashion other than as specified herein are void. All entries become property of the Sponsor and will not be returned. |
|
|
|
How do I know this torrent is safe? The bootstrap import process validates the block headers from the torrent the same way that they would be validated if they were downloaded from peers on the Bitcoin client network. There are also checkpoints of older blocks hard-coded in the client that must match. Improvements in the networking of Bitcoin Core client have removed peer connectivity issues as a bottleneck.It is less likely these days that you will be done more quickly using the torrent, since this means you are only delaying the CPU work needed. Since much of the work in syncing with the rest of the network is this processor-intensive and disk-intensive validation, having a CPU with fast cores and especially an SSD drive capable of many more IOPS will vastly increase the speed. |
|
|
|
well i hope they don't remove this one because this is the only one i got to earn money online
i have tried many things like captcha typing, humanatic, referral, PTC and PPT
but i haven't earned any dollars but instead i just wasted time
the signature campaign is really a big opportunity and a very good sideline
because the benefit of it is really helpful to people like me who only earn $8 a day by working as government employee in my country
so please don't request the moderators to ban it
This is the selfish narcissistic attitute that allows email spammers and robocallers to exist: "sure I'll annoy thousands of people and waste hundreds of man-hours and other's resources, but this is how I make money" |
|
|
|
Anyone notice that BTCe data is no longer feeding?
It looks like there was a gap in data from Bitcoincharts: http://bitcoincharts.com/markets/btceUSD.html - this likely happened due to changes to the BTCe API that needed a software fix from Bitcoincharts, or actual exchange data downtime. Sometimes they have recovered missing historical spans of data when bitcoincharts->exchange API connection goes down for a while. I could remove mtgox as a default, but I'm sure everyone using this has custom configured their own command-line list of exchanges anyway. |
|
|
|
Is $1.5 million for a website a legitimate price? It seems extremely pricy to me, who has literally no experience in website design. I mean, unless it's like a site for Microsoft or something I can't imagine spending that much for a website.
Also, $100,000 a month to a company that no one really knows anything about? It just seems strange, to myself, a total outsider.
There are businesses that have a valuation of multi-billions based on their website software. How much do you think Facebook, Google, Yahoo, or Twitter would be worth if they weren't spending tens to hundreds of millions on development costs per year? These companies also contribute open source back to the world. Look at the Bootstrap framework (Twitter), Apache Storm (Twitter), Hadoop (Yahoo), Go language (Google), MapReduce (Google), React (Facebook). The mentioned software components are all merely components of a "site", and all have an incredibly large price tag if you look at the developer hours. Imagine the future where the go-to open-source forum software for the web was paid for with Bitcoin, and beat every commercial offering out there. This is programming, it is not simply a web site just because you are looking at it in your browser. You might also ask yourself why it would cost over $1.5 million to make a word processor, but for Microsoft, that's a billion dollar business. I was at a Fortune 500 company that decided to outsource a scheduling & timecard budget system. Of course done in India, and they decided to abort it after half a million had been spent. Qualified developers that can see a project through cost more than Indians who program like they read tech support scripts. I think everybody should just be quiet with their opinions about the web site software anyway. The forum is not run by committee, is not beholden to anyone to be anything other than what it is when it is, and the operator is spending its money on operating and improving the site, the original purpose of donations. |
|
|
|
Estimated time (conservative) for an attacker to break randomly-constructed
bitcointalk.org passwords with current technology
s=second; m=minute; h=hour; d=day; y=year; ky=1000 years; My=1 million years
Password length a-z a-zA-Z a-zA-Z0-9 <all standard>
8 0 3s 12s 2m
9 0 2m 13m 3h
10 8s 2h 13h 13d
11 3m 5d 34d 1y
12 1h 261d 3y 260y
13 1d 37y 366y 22ky
14 43d 1938y 22ky 1My
15 1y 100ky 1My 160My
-------------------------------------------------------
1 word 0
2 words 0
3 words 0
4 words 3m
5 words 19d
6 words 405y
7 words 3My
Good luck to the password hashers with my 34 character random password. The security answer is similar strength garbage. Don't think I'll need to change it. The forum also has it's own non-reused email address, if any mail turns up there I know the source is the forum or a leak. Once you are hosting-pwnd though, you have to audit EVERYTHING if you're not going to wipe and restore from backup pre-intrusion. Anything could have been done, such as redirects or php hacks to capture passwords or cookie sessions, or wholesale VM state dumps that still would allow compromise of existing accounts. |
|
|
|
|
Show Posts
