Bitcoin Forum
January 27, 2023, 09:23:33 AM *
News: Latest Bitcoin Core release: 24.0.1 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 »
1  Other / Beginners & Help / Re: Do you tell your friends about your crypto achievements? on: March 29, 2022, 01:36:30 PM
Nope, not ever. Most of them don't even know I'm into crypto at all.
There's a saying that was told to me a log time ago: "a secret stops being a secret when two people know about it". I follow that phrase to a "T".
Another saying goes: "the worst thing about betrayal is it never comes from an enemy".
Money does funny things, even to good, honest people. I can't risk that.
2  Other / Beginners & Help / Re: What kind of software should beginners know? on: March 18, 2022, 03:01:47 PM
Screw software to begin with — what you need at the start is education.

I absolutely agree with this statement. The best security practice (on and offline) is to trust only yourself, and not to rely on software from companies/people that may have "ulterior motives" for offering that perceived security. In my opinion, short of being a security expert, there are simple enough steps you can take to add an acceptable level of security to your life, from being (very!) careful what you click on, to having a dedicated OS (on a pendrive/external drive, or a separate computer if you can afford it) for your crypto.
2FA and other security methods work, and will keep on working for a while, until somebody (a bad guy) cracks them, or a good guy realizes there's money to be made off of them. Best security method is for nobody to even know you have crypto to begin with.
3  Other / Beginners & Help / Re: Be the first newbie to answer correct and get 1 merit on: March 12, 2022, 03:27:38 PM

You will end up with this text
Code:
who mined BTC block 272326 and what was that block's weight

Use block explorers like blockchair.com, and you will end up with the answer by searching for Bitcoin block 272326

https://blockchair.com/bitcoin/block/272326

That's what I wanted to know! Thank you! Smiley
I had already gotten the question (who mined BTC block...). I use https://paulschou.com/tools/xlate/, but didn't know about the block explorers...
4  Other / Off-topic / Re: Which EV should I buy? on: March 12, 2022, 02:41:07 PM
Well, the thing is, if you're buying it for environmental reasons, you need to look how your energy is being generated. If you live in the US, for example, about 70% of your electricity is being produced from coal, so there goes the benefit. In other countries with a higher percentage of energy generated by more environmentally friendly means, EV's may be more suitable.

In any case it's a complicated issue. I spent literally years researching alternative fuels, both for environmental and economic reasons. Looks for forums on EV's, hybrids, etc. You will find a lot of good information on the subject.
5  Other / Off-topic / Re: Which EV should I buy? on: March 11, 2022, 05:25:15 PM
Anyone else have a similar dilemma? thoughts?

Ok, first, you're buying a car, not a company. You need to focus on what each car offers vs. their asking price. "Hate the company" is not a valid argument.
Second, you need to research on the many factors involved when buying a car. You will have to deal with it long after you stop worrying about the asking price.
Then, first, you need to consider what's the use you'll give your car. Is it gonna be a toy? Daily driver? Work tool?
Choosing a technology in its infancy over another, well established one has a series of caveats you need to think about. Are there charging stations nearby? Can you recharge your car at home? How long does it take for a full charge? What's the estimated lifespan of the batteries (try to find expert advise here, no marketing bullshit) vs. replacement cost. Spare parts availability? Can your mechanic fix it?
Go to each car's forum and read about them. You will soon be able to tell the fanbois from the guys you can trust. Read about typical problems, quirks, maintenance costs, etc.
I personally wouldn't buy an EV if it was free. The technology is just not mature enough to my taste. Also, if you prefer an EV for environmental reasons, there are better alternatives, all of which use ICE's, like bioethanol, biodiesel, CNG, SVO, etc.
Otherwise, if you do it just because you like the insane amounts of torque they produce, go right ahead, but make an informed decision.
6  Other / Beginners & Help / Re: Be the first newbie to answer correct and get 1 merit on: March 11, 2022, 04:58:12 PM
Alright, I got the question. How did you get the answer?
7  Other / Beginners & Help / Re: What happened to my motivation on: March 10, 2022, 04:55:22 PM
Mr.right85: I'm so very sorry for all you're going through. I can definitely relate on all counts.

First thing you need to understand: it's not that companies care more for profit than they care for their workers. They don't care for their workers at all. We're at a point in time that workers (even qualified ones) are just meat, that's it.

The best advise I can give you (which is what I'm doing now): start dreaming. It doesn't matter what you dream about. Dreaming about a better future will give you the drive you feel you're lacking now. And learn. Learn here, read books, get courses online, anything that rocks your boat. Tough times lay ahead, it's always hard to get back from a difficult time. But if you're consistent and smart, anything can be achieved. Just (like I always say) KEEP AT IT!
8  Other / Beginners & Help / Re: HACK IT! (a friendly challenge for the forum's experts) on: March 10, 2022, 02:29:32 PM
In this case, Black box mean you don't reveal your protocol works and people don't know anything about your protocol. All they know are it's input and output.

Alright, so that's not a black box protocol, since I already revealed several  aspects of it on my OP. And calling it a string is not an oversimplification, it's a statement of fact, since it IS, undoubtedly (albeit a long one), a string.
9  Other / Beginners & Help / Re: HACK IT! (a friendly challenge for the forum's experts) on: March 09, 2022, 08:07:13 PM
I can't crack it that's my answer.

Thank you Nakamura12, that's exactly the kind of answer I was hoping for.
About the rest of your reply, that's waaaay above my head, sorry, but what I imagine is if I'm gonna input my plain seed words in the computer (at any time) or in a hardware wallet, of course I'm taking a risk. What I intend is to secure the seeds while they're not in use, when I'm storing them.
10  Other / Off-topic / Here's something you guys should know. on: March 09, 2022, 04:47:51 PM


Gotta love science... Grin
11  Other / Beginners & Help / Re: "Bitcoin" vs "bitcoin" | Do we know the difference? on: March 09, 2022, 04:14:37 PM
I use a different set of rules: when I remember to capitalize it, it's Bitcoin, when I don't, it's bitcoin. Works great. Grin
12  Other / Beginners & Help / Re: HACK IT! (a friendly challenge for the forum's experts) on: March 09, 2022, 04:07:46 PM
ETFbitcoin: you're arguing for the sake of arguing. I have clearly stated, both in my OP and in my second post, I haven't used any state of the art (or any at all, actually) encryption method.
Any penetration tester, ethical (or not-so-ethical) hacker, or computer security expert knows how to crack a string, you don't need to be Ralph Merkle to do it.
And I don't know what a "black box protocol" is, so maybe I'm using it, maybe I'm not.

   
  • No encryption algorithm has been used.




I have used a childish method (writing the words backwards), together with translating each words into my native language (Spanish), and finally inserting said words into the first verse of what is arguably the absolute best known Argentinian classic of all times: "Martín Fierro", by José Hernández. I have known that book (and its first verse by memory) since I was 9 (and I'm turning 57 today, so it's been a long time), so the chances of me forgetting it are... well... nil.
............................................................
It's not encrypted. There's no hash to forget.


13  Other / Beginners & Help / Re: HACK IT! (a friendly challenge for the forum's experts) on: March 08, 2022, 02:41:08 PM

I wasnt able to cracked it in 5minutes.

Maybe I would be able to in a few hours, if needed.

Anyway, the answer to your question is: it looks easy to crack.


As Pmalek said, reinvent security ia not a good idea. Why don't  you look for  a real encryption method? Such as using a passphrase?


Notedown the seed and add the 13rd word, the passphrase. It can be a word, a letter , a music, whatever you want. This will add security to your method. your coins will be safer using this method.

That wasn't the question. The question was if it IS easy to crack, not what it looks like.
Of course, reinventing the wheel is not a good idea. Maybe we should get in contact with Jim Dunlop and let him know that. Why not using a passphrase? I'm using one! Really?

Obviously, by looking at the string you posted in the OP, no one can come to the conclusion that those are Spanish words translated from English and written down backwards. Not only that, but they were also inserted into that Argentinian book you mentioned. So if you only want a straight answer to the question if that is easily recoverable. No, it isn't. I am going to refrain from commenting on anything else then.   

Thank you! That is as close to a good answer as I can hope for, considering. I'll take it.  Smiley


Yes, it's difficult question since i doubt anyone here have qualification as security auditor.

There are a number of members here who clearly know a lot about security. You don't need to be a security auditor to know how to crack a string.
14  Other / Beginners & Help / Re: HACK IT! (a friendly challenge for the forum's experts) on: March 07, 2022, 07:33:47 PM
It seems like you are trying to get someone's confirmation that your method is good, but as you can see, no one agrees that should be the way to do things.

I'm not. I'm trying to find out if the method used above is difficult to crack, but so far all I could find out it's what's difficult is to answer a simple question, and this thread has turned into a "you should do (or NOT do) this because I know better" rant. I never told anybody to protect their seeds. I never told anybody to use this or any other method.
I just want to know if it's hard to crack.
Is it such a difficult question to answer?
15  Other / Beginners & Help / Re: a newbie query on: March 07, 2022, 06:50:33 PM
Ronny1468: you're doing great, keep at it. Just don't do any more investing/trading until you  learn a lot more about the whole thing. Read books, watch courses, watch videos, and finally keep reading this forum a lot. It's free, and the amount of information in here is staggering. Then keep asking questions. You will find yourself in a position in which every reply you get will open more and more questions.
Do that, and start putting money when you're ready, but not a minute earlier.
16  Economy / Trading Discussion / Re: Short selling on: March 07, 2022, 06:31:03 PM
Thank you everybody for the replies.
For the record, it's not that I feel any way about shorting, I'm just testing the waters. The explanation I had didn't make sense to me, now I know the whole thing is much bigger and more complex than I thought.

I haven't posted on this board so far, so for those that don't know me, I'm a newbie,
I will totally disagree with you indecencies that you are full member not even an ordinary member, for you to become a full member you have possessed 140 activities which is approximately six months, so you are not a newbie

And then I was convinced there was nobody crazier than me... Grin Grin Grin
In any case, I registered on October 28th, so that'd make it a bit over 4 months. And the more I learn, the more I feel I'm just scratching the very surface of the thing...

and as green as can be expected. I've been trying to learn as much as I can, watching videos, and reading anything I can get my hands on. As of late, I watched a video on short selling a gazillion times, but I just can't wrap my mind around it. It just doesn't make any sense to me.
Yes, i support you via learning on your own and this will give you much insight to learn more, watching videos and making other research will activate you level of notifying your error.

Thank you. It'd probably be easier if I had some previous knowledge on another form of trading, like stocks or forex, but I'm literally new to the whole thing. Up until mid October I was convinced crypto was a "scam"...
17  Other / Beginners & Help / Re: HACK IT! (a friendly challenge for the forum's experts) on: March 07, 2022, 03:42:17 PM
Alright, this thread is getting ridiculous.
Just for the record: I started this thread to gauge how difficult it might be to crack a homemade attempt at securing the seed words, and the example posted is just that: an example, and so is the method used. My seed words are already protected, they're (obviously) not the ones I posted above, and the method I used is also different from the one I used in this thread. Instead, I got a bunch of replies trying to dissuade me from doing that, and not  a single post was made following the thread's topic.
In any case, the purpose was to make everybody aware you CAN protect your seed words, should you choose to do so. I made (and make) no guarantee whatsoever that you may not forget it nor have any other problem in the future that might make you unable to  recover your seeds, and/or your funds. Securing your seeds is meant as protection against thieves, not against "everything". That protection just doesn't exist.


You are overcomplicating things which are already complicated, and I fully agree with Neurotic Fish.

Technically, your funds are not more secure now then before, and they are less secure because you are more likely to lose them.

12-24 words method is secure enough. If you can't hide it from a thief inside your house, you should think about that and not about a complicated method which you can remember "easily".

Well, then I fully disagree with both of you.
I can't even start to understand how you can thing any kind of encryption would be "less secure" than having your stuff just laying around, waiting for somebody to find it. Yeah, I can forget "my method" (or any method), but if I leave my seeds unprotected and somebody drains my account, I can recite my seed words in Esperanto, but my funds are not coming back.
Using that criteria you should make a wallet without any seed words (that you CAN forget, and you can search the forum on all the threads that have been opened about it), without passwords, and without any protection whatsoever. That would avoid the risk about you forgetting anything, wouldn't it? Then again, you could even forget you had a wallet to begin with...

The problem here is that your family member probably won't remember it, or even care about this whole music coded stuff.
As it is very unlikely that you will accidentally die, you are asking for something very complicated for a family member that will most likely never do it (so he also won't put all effort you are demanding him in his "traning" to recover your funds)

Well, if they wouldn't put in the effort, they shouldn't reap the benefits, should they?

This Family member will probably have to write down that music, your code, and the seed, all in the same piece of paper. That seed of paper is now bigger than before, and it is harder to hide from a thief.

Also, let's suppose you ask for your father/mother to recovery your funds in case you die. They are probably old now and will be much older in 10 years. Will they have a good memory to remember all your crazy code? It is already hard for an old family member to download electrum and insert a seed...

Not a family member, I already wrote it down, but not on the same piece of paper. You're begging for the lion to eat you.
The point is, with your seeds protected, you can tattoo the string on your ass if you like, and it will be as safe as if you hid it anywhere else (though it may be a bit unconfortable to read...  Wink).

Having a family member to secure your funds is very important. Unless you are someone who is 100% alone in your life, most of us should share our seed with family members. All of us can die at anytime, and our sons/daugthers (or other important family member) might need those BTC.

I am someone who is 100% alone in my life. My dad died in '84. My mother is also dead. My best friend lives over 10000 miles away from me, maybe in Georgia, maybe in Finland, I don't know. I haven't been able to get in contact with her since 2017.

 

Are you a native Spanish speaker, or you have utilized some online tool like google translate to present your seed words in Spanish?

Argentinian, born and raised. Currently living in Buenos Aires.


No, the risk is much higher. If you, your family, or your relatives find a piece of paper or metal with 12/24 words on it, they will have everything that's required to recover the coins.



Yeah, and so will a thief.
The risk is the same, there are no "tiers" for things you can forget. You can forget what you had for breakfast. Even if you leave your seeds unprotected, you can still forget them, of you can forget your wallet, or even the fact you even had any crypto to begin with.

The idea is to use a method you're very familiar with
You are familiar with the method, are your heirs?


Huh? Sorry, I didn't understand.  Huh

so the chances of me forgetting it are... well... nil.

You slip, fall, and hit your head on cement while clearing snow from your yard. You end up in a coma or worse. What do the chances for recovery look like now? A drunk driver hits you with his car on your way home from the general store, etc.

Tell me: why would I give a flying shit about my crypto if I end up in a coma "or worse"? Grin Grin

OK, fair question. But how are you going to explain to a thief what the encoded string is if he finds it in a safe or tucked away somewhere neatly in your home? Are you going to tell him it's a poem?  You keep a poem on a piece of paper in a safe or in your wall? A couple of broken fingers or threats to your family might motivate you to tell him what it really is.. 

Ok, as I said, no family. As to the couple of broken fingers, I have an idea: to avoid any kind of potential violence, why don't you just make everything you have available to anybody that may want it? Even if they don't know about crypto, you can teach them, and help them rob you. Hey, you may even make some new friends along the way...


There is a BIP 39 Spanish word list, but the words are not equivalent to those found on the English version, nor are they interchangeable.


I don't know the first thing about bip39. Either way, the initial idea was to use methods that can be decoded without the use of any hardware.

Some words translate different depending on the context. Since there is no context here per word, some words may present multiple alternative both on the way down (English to Spanish) and on the way back (Spanish to English). Spanish, as we know, may also have some minor variants between countries.

For example, "car" may be translated into "coche", but also to "carro", "auto" or "automobil". One of the given possibilities, "carro" could be translated as "cart", so depending on who is performing the translations may end-up with "cart" instead of "car" after completing the whole procedure.
 
Likewise, "token" could be translated as "ficha", but also as "símbolo", which, once translated back into English, could render a different word to the original.


True. But "coche", "carro", "auto", or "automovil" all translate to "car" in English, and "ficha" translates to "token".
In any case, I do get your point. As I said, that method above is just one possible  method, and not to be copied. Take it as a "proof of concept"...

18  Other / Beginners & Help / Re: HACK IT! (a friendly challenge for the forum's experts) on: March 04, 2022, 07:22:31 PM
Alright, no interest whatsoever.

Neurotic Fish: I think your concerns are unfounded, but I do appreciate them. Seriously.   Smiley

Now, as promised, here's the explanation. And I will, while we're at it, explain the method to my madness.

The risk of me (or anybody) forgetting the method used to secure the seed is exactly the same as the risk of forgetting where you hid the seed phrase to begin with. The idea is to use a method you're very familiar with, so, short of having a stroke (I already had one, so it'd be my second. And I'm actively working not to repeat the experience) or any other health issue that would cause such memory loss, it'd be very difficult for that to happen. To achieve that, and after thinking long and hard about the whole problem, I decided to:

1. Use simple methods I've been using for a very long time.
2. Use language to my advantage.
3. Use a phrase I've known since I was a kid.

The phrase I posted above is the result of combining those methods:

I have used a childish method (writing the words backwards), together with translating each words into my native language (Spanish), and finally inserting said words into the first verse of what is arguably the absolute best known Argentinian classic of all times: "Martín Fierro", by José Hernández. I have known that book (and its first verse by memory) since I was 9 (and I'm turning 57 today, so it's been a long time), so the chances of me forgetting it are... well... nil.

From the get go, it has been surprising to me that, in a world that's all about security, the seed words are not only always left unsecured, but they're also created to be insecure from the very beginning.

For example:
  • All seed words are in English, therefore denying users the chance of using another language, and at the same time greatly limiting the available words, for the benefit of the thief.
  • Seed words are not capitalized, ever, which gives thieves some extra help.
  • Most wallets (as far as I know) have 12 seed words. Some have 24. Did anybody think about making them 17? Or maybe "any number between 10 and 30"? With all wallets having 12 words, the thief knows to look for a 12 word set. One might think that shouldn't be that hard, right?


And then come the excuses.

"What if you forget or die, and your family can't access the funds?" Well, that could be easily solved by making your family memorize the securing method from the beginning, wouldn't it?
Meanwhile, what happens if a thief gets ahold of your unprotected seed words, and drains your funds? Then your family won't be able to access said funds regardless.
What do you think would be easier, for a thief to get his hands on a seed phrase, written plain as day, and take advantage of it, or for you and your family to get strokes, or somehow all to forget how you secured your seeds?

"But what if you do forget anyway?" Again, what would be easier, to write a guide on how to "remember" your securing method and keep it elsewhere, or to hide your plain seeds in a bunch of different houses, find a bunch of people you can absolutely trust with them, and who won't get curious at all about you poking holes on their walls and then covering them and painting them over? Does that really sound like a feasible way to do it?

In any case, I started the thread just to proof my initial idea. It's not meant to be an imposition to anybody: you can use it if you feel it may help. That said, like with anything else, and as I've said before many times, security is the enemy of convenience, and if you use this or any other method to secure your seed phrase you should be aware of the risks and act accordingly.

So the initial words are: truck house truth palms entry fleas shame table sound puppy token drink

I initially translated each word to Spanish, ending up with camion casa verdad palmeras entrada pulgas verguenza mesa sonido cachorro ficha bebida

Then, I wrote them backwards:
 
noimac asac dadrev saremlap adartne saglup azneugrev asem odinos orrohcac ahcif adibeb

And finally, I inserted, letter by letter, into this verse:

"Aqui me pongo a cantar               "Here I get to sing
al compas de la viguela,                 to the guitar's rhythm,
que al hombre que lo desvela         that a man that's kept awake
una pena estraordinaria,                by an extraordinary pain,
como el ave solitaria,                     like a lonely bird,
con el cantar se consuela."             comforts himself by singing."

And the result was posted above.
So, like I said, that's the result of combining an "encryption method" I  used when I was a kid with my own native language and a verse from a book I loved since I first got my hands on it.

It's not encrypted. There's no hash to forget.
No hardware is needed.

This is not meant for anybody to copy it. Adapt it you your circumstances if you want to use it, and come up with your own method. Or don't use anything at all, it's up to you. The idea is to provide you a tool to be safer, not to impose anything on anybody. [/list]
19  Other / Off-topic / Re: Machine Learning on: March 04, 2022, 03:05:12 PM
Yes i go through Wikipedia. I get only 40 percent information about machine learning. As I am working on my project, so i need full detailed information from any good resourceful website.

Did you check their references? Wikipedia is my go-to site for research, but after years using it I started to check them also, and the information you  find there and following the links within the text is usually huge.
But again, I never wrote a thesis, so I'm playing it by ear here...
20  Other / Off-topic / Re: Is Firefox No Longer the Best Privacy Browser? on: March 03, 2022, 03:16:42 PM
Personally, I don't care much if FF is the safest browser. It's safe enough for me.
About chrome, if something is even marginally related to Google I wouldn't touch it with a stick. I use Duck Duck go, and don't ever do anything related to money on  my Android phone because of it. I used Chrome briefly not long ago, and didn't like it at all.
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!