521
|
Bitcoin / Project Development / Re: GLBSE 2.0 open for testing
|
on: May 15, 2012, 04:37:00 PM
|
I don't know if I should be worried but the password box is in cleartext.
You should be if there is someone over your shoulder, but since it's submitted over https, no one else online will be reading it. Quite a lot of users couldn't login because they left their caps lock key on, this lets then see exactly what they're entering. The normal login for password is stared out.
|
|
|
522
|
Economy / Securities / Re: GLBSE switching DNS servers, may cause issues
|
on: May 15, 2012, 04:25:37 PM
|
It's probably astronomically less than the possibility of the GLBSE server being hacked, but you are correct, a chance does exist. I suspect that the DDOS protection and speedup will be worth it to the majority of users, however.
Nefario needs to build in some additional security tools, things besides only the cumbersome and annoying two factor authentication, and once a good option is decided on it should probably take top priority. Things like: 1. The ability to require a different password(s) than the login to make change email, trades or withdraw bitcoins, etc. 2. With changes discussed in #1 add the ability to require a transaction PIN code which is sent via email. 3. Perhaps offer a YubiKey option. But being fairly minimalist and one who travels often I do not want another little piece of physical crap to deal with and possibly lose. 4. The ability to 'freeze' an account for a specified amount of time. Or an ability to require a BTC withdrawal to take X amount of time before it is submitted to the network during which it could be canceled. Just some things that could add enough friction to make it not worth a thief's time and reduce the potential profitability from messing with GLBSE accounts. Regarding making accounts more secure. Once a users email has been compromised, and two factor authentication is not enabled there is no way for us to tell the difference between the hacker and the real account owner. I am going to be adding more security features that will hopefully prevent accounts getting cleared out, but the above mentioned won't do much except piss off users. We only keep a small fraction of BTC on our server, nearly all of it is in cold storage, I think GLBSE isn't really a worthwhile target for attackers. There isn't much to steal.
|
|
|
523
|
Economy / Securities / Re: GLBSE switching DNS servers, may cause issues
|
on: May 15, 2012, 04:13:52 PM
|
Would this have caused my account to not work at all?
I doubt it. What do you mean by "not work at all"? I could not log in, Nefario has fixed it for me but i have no idea what was wrong. Perhaps some database records got garbled. Anyway, glad it's fixed. No, he wasn't solving the captcha after the failed login.
|
|
|
524
|
Economy / Securities / GLBSE switching DNS servers, may cause issues
|
on: May 15, 2012, 02:45:20 AM
|
As part of using cloudflares service (to protect and speed up GLBSE for users) we're required to change the DNS servers for the domain.
This means that over the next 24 hours there may be connection issues as a result(name not resolving). This is also responsible for the SSL errors or warnings users may be experiencing.
We're sorry for any inconvenience caused but believe this is a move for the better, the end result will be a much faster service for users.
|
|
|
527
|
Economy / Securities / Re: GLBSE uptime
|
on: May 14, 2012, 02:45:00 PM
|
I figure it's a complete loss. I just went around changing passwords for all of my accounts.
If you're using windows you need to check to see if you have a trojan, keylogger or other malware running.
|
|
|
528
|
Economy / Securities / Re: GLBSE uptime
|
on: May 14, 2012, 02:35:33 PM
|
I don't have an account with bitcoinica.
On looking into this, it was a single login attempt, there were no multiple attempts, the thief knew the email and password. This is exactly what 2factor authentication prevents. It's even worse for us if email accounts are compromised, even if we contact the person, there is no real way for us to know it's them or not.
|
|
|
530
|
Local / Deutsch (German) / Re: Intersango help!
|
on: May 13, 2012, 06:19:04 PM
|
You need to go to "add funds" for the currency you are depositing (there are a few of them there, of which BTC is only one, for BTC you don't need a code).
|
|
|
531
|
Economy / Securities / Re: [GLBSE] 2,500 PPT.D Pirate Pass Through Bonds!
|
on: May 13, 2012, 04:43:45 PM
|
Fee structure hasn't changed, this is a new feature (that has been heavily requested), and this is probably the first asset that will be making use of it, I've not gotten the communities input on the fee.
I actually need to talk about this with OP, so don't consider it (fee) set in stone, it's just what I've been using in my tests.
Sorry, my previous post wasn't meant to be an announcement on new fees, just in reply to how the bonds would be bought back (not via a market order).
The point to take from this is that you won't need to put your bonds up for sale or look out for an orderwall, it will just be taken care of, at the appropriate time you will find that your bonds have gone and been replaced by bitcoin.
Don't worry about fees, there will be no new ones on you're end.
|
|
|
532
|
Economy / Securities / Re: [GLBSE] 2,500 PPT.D Pirate Pass Through Bonds!
|
on: May 13, 2012, 04:23:39 PM
|
But my last buy (where I was a market maker), my fee was 0.5%. I'm confused. When you submitted your order, did it execute right away or did you have to wait some time? If it filled right away, its because it matched against someone else's order, meaning you weren't the market maker. If it took some time, it meant someone else had to match your order, which means you were the market maker. Market makers don't pay fees (or at least aren't supposed to). so everybody should list all their shares in each issue for sale at 1.28 before the 4 weeks are up which is when you put up the buy offer for them all, because otherwise we will incur the fee as taker of your market maker buy offer, is that correct? No, the asset issuer will be using buyback functionality which will allow them to buy back all outstanding bonds (whether they have been put up on the market or not) and the sellers will pay the 0.5% trade fee.
|
|
|
534
|
Economy / Marketplace / Re: GLBSE DOWN !?
|
on: May 13, 2012, 04:05:45 PM
|
400 errors have now been fixed, it was caused by a header setting on the proxy for us.glbse.com and glbse.com.
I'd already contacted (and sorted out) Bees Brothers about his issue. Generally the speed has been much improved and we're getting much much less timeout errors, hopefully after th next bunch of changes they'll be a thing of the past.
|
|
|
536
|
Economy / Securities / Re: GLBSE better, harder, stronger, faster, cheaper now with MAKER/TAKER
|
on: May 13, 2012, 12:45:34 AM
|
I've made some much needed performance changes, the site is now usable (please don't go hammering it), but shouldn't fall over when more than a few users visit.
Still plenty of more performance improvements to be made.
One useful addition is the refresh button beside the orderbook table, it will update the orderbook, pulling json data from the GLBSE api. No more need to refresh the entire page.
|
|
|
537
|
Economy / Marketplace / Re: GLBSE plan in case of legal holdup
|
on: May 13, 2012, 12:15:08 AM
|
Nefario has your forums been down for a while or is just me?
I've taken it down. Forever, as in there will no longer be a GLBSE-run forum? For the moment yes, I think the bitcointalk forums server the purpose well enough and have an excellent, dedicated admins, GLBSE doesn't have the resources yet to offer that. The forum DB has been saved at least, so anything that was in it can be recovered.
|
|
|
538
|
Economy / Securities / Re: GLBSE uptime
|
on: May 12, 2012, 02:21:58 PM
|
Also, what's the use of the captcha on the login page when you can login perfectly fine with no captcha using the form on the header menu?
If you make a failed login attempt, every other login attempt will redirect you to the captcha page. You can fill in the form at the top, but it will just re-direct you to the captcha page because you need to solve the captcha to login to your account. You can't get around it.
|
|
|
539
|
Economy / Securities / Re: GLBSE uptime
|
on: May 12, 2012, 02:07:16 PM
|
404 Not Found
nginx/0.7.67
I'm getting 404's today. Is it because it's the week-end ?
No, there was a false alarm on a security issue which caused me to bring the site down, it was down for all of 1 minute. Better safe than sorry.
|
|
|
540
|
Economy / Securities / Re: GLBSE uptime
|
on: May 11, 2012, 09:57:37 PM
|
us.glbse.com is still down with the same error.
A bit too zealous with the security configs there
|
|
|
|