Bitcoin Forum
February 12, 2016, 10:27:41 PM *
News: Latest stable version of Bitcoin Core: 0.11.2 [Torrent]
 
  Home Help Search Donate Login Register  
  Show Posts
Pages: « 1 ... 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 [59] 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 ... 317 »
1161  Economy / Services / Re: Quick programming bounty: anti-phishing regex - 0.2 BTC on: November 11, 2013, 12:20:05 AM
Seems pretty close, but that's too greedy (and expensive). Your regex sees this entire string (which is valid BBcode) as a match:
Code:
[url=http://phishing.com]http://safe-site.com/login.php[/url][nobbc]http://safe-site.com/login.php[/url][/nobbc]
1162  Economy / Scam Accusations / Re: TradeFortress is a scammer. on: November 10, 2013, 07:06:18 AM
How the Ripple thing worked was that TF gave people a Ripple BTC debt instrument "worth" some BTC, but without any intention to pay. For the recipients to actually see this payment in their Ripple balances, they had to add TF as a trusted entity in Ripple. If they did this, their balance would seem larger, but part of it would actually be worthless. Additionally, Ripple would in some causes automatically trade other high-value assets in a Ripple "wallet" for additional worthless TF assets. In this way, some people lost real money, but this was rather rare, and TF compensated at least some of the affected people.
1163  Other / Meta / Re: Security bounties on: November 10, 2013, 05:41:06 AM
If it would not violate anonymity of individual security researchers, could you post statistics as to how many bugs in each category have been reported and fixed?

Just yours so far. (A CSRF.)
1164  Other / Meta / Re: Abuse of the trust system by Vod on: November 09, 2013, 08:55:59 PM
Vod is in the default trust network via Tomatocage and BadBear. I don't much want to remove those people from the default trust list, so you should complain to them.

You can see how someone got into your trust network by looking at the stuff at the bottom of https://bitcointalk.org/index.php?action=trust
1165  Other / Meta / Re: Marketplace trust on: November 09, 2013, 06:19:14 AM
You have unusual trust settings, or that was only temporary. sublime5447 is not in the default trust network.
1166  Other / Meta / Trust system - users with most trust list trust on: November 09, 2013, 06:14:51 AM
Here are the users who appear most frequently on trust lists that have been edited at least once:

Code:
+-------+-------------------+------------+
| count | member            | in_default |
+-------+-------------------+------------+
|   519 | DefaultTrust      |          0 |
|    82 | John (John K.)    |          1 |
|    82 | theymos           |          1 |
|    30 | TradeFortress     |          0 |
|    23 | dooglus           |          0 |
|    22 | burnside          |          0 |
|    21 | CanaryInTheMine   |          1 |
|    21 | Gavin Andresen    |          0 |
|    20 | Tomatocage        |          1 |
|    19 | HostFat           |          1 |
|    18 | ThickAsThieves    |          0 |
|    17 | sublime5447       |          0 |
|    17 | BadBear           |          1 |
|    17 | BCB               |          0 |
|    16 | friedcat          |          0 |
|    16 | yxt               |          0 |
|    15 | Maged             |          1 |
|    15 | Chaang Noi (Goat) |          0 |
|    14 | escrow.ms         |          1 |
|    13 | casascius         |          0 |
|    13 | satoshi           |          0 |
|    13 | OgNasty           |          1 |
|    12 | Akka              |          0 |
|    12 | paci              |          0 |
|    12 | sirius            |          1 |
|    11 | Projects          |          0 |
|    11 | ziomik            |          0 |
|    11 | diego1000         |          0 |
|    10 | Ukyo              |          0 |
|    10 | Deprived          |          0 |
|    10 | phantastisch      |          0 |
|    10 | SebastianJu       |          0 |
|    10 | MPOE-PR           |          0 |
|     9 | Stemby            |          0 |
|     9 | Menig             |          0 |
|     9 | J.Socal           |          0 |
|     9 | Luke-Jr           |          0 |
|     9 | bertani           |          0 |
|     9 | DeaDTerra         |          0 |
|     9 | zefir             |          0 |
|     9 | qwk               |          0 |
|     9 | tysat             |          0 |
|     8 | TheButterZone     |          0 |
|     8 | Inaba             |          0 |
|     8 | MagicalTux        |          0 |
|     8 | Benson Samuel     |          0 |
|     8 | ercolinux         |          0 |
|     8 | TECSHARE          |          0 |
|     7 | Bicknellski       |          0 |
|     7 | LoweryCBS         |          0 |
+-------+-------------------+------------+

1167  Economy / Services / Re: Quick programming bounty: anti-phishing regex - 0.2 BTC on: November 09, 2013, 02:07:49 AM
What the forum was previously doing was replacing all instances of:
Code:
(
\[i?url [^]]+ \]
    \W* ((?:http|www) [^[]+ )
\[/i?url\]
)ix
with the captured stuff ($1). So [url=http://google.com]http://asdf.com[/url] becomes just asdf.com. But this can be defeated in many ways.
1168  Economy / Services / Re: Quick programming bounty: anti-phishing regex - 0.2 BTC on: November 09, 2013, 01:55:03 AM
I don't want to match particular domains. phishing.com and safe-site.com are just examples. I want the regex to match all [url] links where the link text appears to be an auto-linkified URL on casual examination, but where the actual link URL is different.

Example:
http://bitcointalk.org (http://bitcointalk.org)
http://google.com ([url=http://google.com]http://google.com[/url])
http://google.com ([url=http://google.com]http://bitcointalk.org[/url])

I want the regex to match the last link's BBcode (without knowing about "bitcointalk.org" or "google.com"), and I don't want it to be possible for someone to bypass the regex using Unicode tricks, images, etc.
1169  Economy / Services / Quick programming bounty: anti-phishing regex - 0.2 BTC on: November 09, 2013, 12:53:49 AM
Create a single PCRE regex (PHP preg_match) that accurately matches phishing BBcode like:

Code:
[url=http://phishing.com]http://safe-site.com/login.php[/url]
[url=phishing.com]safe-site.com[/url]
[iurl=http://phishing.com]safe-site.com[/url]
[url=http://phishing.com][b]safe[/b]-site.com[/url]
[url=http://phishing.com]safe-site.io[/url]
[url=http://phishing.com]safe-site⠠com[/url] (notice Unicode . lookalike)
[url=http://phishing.com]safe-site .com[/url] (notice Unicode hair space)
[url=http://phishing.com]safe-site[img]http://asdf.com/period.png[/img]com[/url] (a link containing both text and an image)

but does not match:

Code:
[url=http://safe-site.com]http://safe-site.com[/url]
[url=safe-site.com]safe-site.com[/url]
[url=http://safe-site.com]safe-site.com[/url]
[url=safe-site.com]http://safe-site.com[/url]
[url=http://safe-site.com][img]http://asdf.com/image.png[/img]
[url=http://safe-site.com]  [img]http://asdf.com/image.png[/img]   (notice whitespace)
[url=http://safe-site.com]safe-site.com is a good site[/url]
[url=http://safe-site.com]こんにちは。[/url]

These parts of the URL should be captured:
Code:
[url=$1]$2[/url]
And there should be no other capturing groups.

Make your regex somewhat readable so that I can check your logic, perhaps using the x modifier.

Post your solution here when you have it. The person who posts the first solution that I find acceptable gets the bounty. I may split the bounty among several people if my chosen solution is a derivative of a previously-posted attempted solution.
1170  Economy / Auctions / Advertise on this forum - Round 102 on: November 08, 2013, 11:21:05 PM
The forum sells ad space in the area beneath the first post of every topic page. About 25% of ad income goes to the forum moderators as thanks for all of their work. (There are many moderators, so each moderator gets only a small amount -- moderators should be seen as volunteers, not employees.) The rest is stored in the forum's treasury (verifiably), where it sits until the forum needs it.

Ads are allowed to contain any non-annoying HTML/CSS style. No images, JavaScript, or animation (no marquee or blinking). Ads must appear 3 or fewer lines tall in my browser. Ads will be prefixed with "Advertisement:". Ad text may not contain lies, misrepresentation, or inappropriate language. Ads may not link directly to any NSFW page. Ads may be rejected for other reasons.

There are 10 total ad slots which are randomly rotated. So one ad slot has a one in ten chance of appearing. Seven of the slots are for sale here. Ads appear only on topic pages with more than one post, and only for people using the default theme.

The ad lasts at least 7 days starting from when I put it up. (However, if you look at the ad history you'll see that ads frequently get 1-2 extra days, but this is random and definitely not guaranteed.)

Stats

Exact historical impression counts per slot:
https://bitcointalk.org/adrotate.php?adstats

Info about the current ad slots:
https://bitcointalk.org/adrotate.php?adinfo

Ad blocking

Hero members, Donators, VIPs, and moderators have the ability to disable ads. I don't expect many people to use this option. These people don't increase the impression counts for your ads.

I try to bypass Adblock Plus filters as much as possible, though this is not guaranteed. It is difficult or impossible for ABP filters to block the ad space itself without blocking posts. However, filters can match against the URLs in your links, your CSS classes and style attributes, and the HTML structure of your ads.

To prevent matches against URLs: I have some JavaScript which fixes links blocked by ABP. You must tell me if you want this for your ads. When someone with ABP and JavaScript enabled views your ads, your links are changed to a special randomized bitcointalk.org URL which redirects to your site when visited. People without ABP are unaffected, even if they don't have JavaScript enabled. The downsides are:
- ABP users will see the redirection link when they hover over the link, even if they disable ABP for the forum.
- Getting referral stats might become even more difficult.
- Some users might get a warning when redirecting from https to http.

To prevent matching on CSS classes/styles: Don't use inline CSS. I can give your ad a CSS class that is randomized on each pageload, but you must request this.

To prevent matching against your HTML structure: Use only one <a> and no other tags if possible. If your ads get blocked because of matching done on something inside of your ad, you are responsible for noticing this and giving me new ad HTML.

Auction rules

Post your bids in this thread. Prices must be stated in BTC per slot. You must state the max number of slots you want. When the auction ends, the highest bidders will have their slots filled until all seven slots are filled.

So if someone bids for 7 slots @ 5 BTC and this is the highest bid, then he'll get all 7 slots. If the two highest bids are 7 slots @ 4 BTC and 1 slot @ 5 BTC, then the first person will get 6 slots and the second person will get 1 slot.

The notation "2 @ 5" means 2 slots for 5 BTC each. Not 2 slots for 5 BTC total.

- When you post a bid, the bids in your previous posts are considered to be automatically canceled. You can put multiple bids in one post, however.
- All bid prices must be evenly divisible by 0.25.
- The bidding starts at 0.50.
- I will end the auction at an arbitrary time no more than 12 days from now. (I will probably end the auction 1-3 days before the ads are scheduled to go up.)
- If two people bid at the same price, the person who bid first will have his slots filled first.
- Bids are considered invalid and will be ignored if they do not specify both a price and a max quantity, or if they could not possibly win any slots

If these rules are confusing, look at some of the past forum ad auctions to see how it's done. I also post periodic status updates which should help make things clear.

You must pay for your slots within 24 hours of receiving the payment address. Otherwise your slots may be sold to someone else.
1171  Economy / Auctions / Re: Advertise on this forum - Round 101 on: November 08, 2013, 10:58:04 PM
Auction ended. Final result:
Slots BTC/Slot Person
1 5.75 addictivegaming
3 5.5 bidji29
2 5.25 ktzhan
1 5.25 CEX
1172  Other / Meta / Re: My trust score has gone down dramatically? on: November 08, 2013, 02:07:53 PM
Lot of convoluted theories in here. Simplest explanation is that theymos has changed the algorithm, since this is the first major shift in trust on someone who had a lot of positive trust. I noticed that even after 6 or 7 people on the default list had given him neg trust he was still at 17x something.

Right. The Trust system isn't really designed to deal with "long con" situations, but it was performing particularly badly in this case. I changed the algorithm to more severely limit the maximum number of positive trust points you can get per month.

(I'm not saying that TradeFortress is or is not a scammer at this point, but someone with more than 30% negative trust ratings should have a negative trust score.)

I also removed TradeFortress from DefaultTrust (early yesterday), so his entire branch of the trust network is now untrusted by default.
1173  Economy / Service Announcements / Re: Inputs.io | Instant Payments, Offchain API, Secure Wallet, 235k+ BTC transferred on: November 07, 2013, 10:04:23 AM
Code:
Jul 11 23:17:25 <[\\\]> what is TF selling?
Jul 11 23:17:35 <theymos> inputs.io
Jul 11 23:17:43 <Cusipzzz> webwallet rubbish
Jul 11 23:18:03 <[\\\]> how do they make money?
Jul 11 23:18:09 <theymos> I don't know.
Jul 11 23:18:09 <[\\\]> whats the incentive to run the webwallet?
Jul 11 23:18:25 <Cusipzzz> the eventual 'hacking' obv

Smiley
1174  Bitcoin / Technical Support / Re: Bitcoin-qt - All them files... on: November 06, 2013, 03:08:18 AM
Wallet.dat is the only one that will enable people to take your coins.

I'm not so sure about this. I think that there may sometimes be BDB-related files there which could leak keys.

debug.log can probably be used to figure out which transactions are yours.
1175  Bitcoin / Development & Technical Discussion / Re: Is that possible to know from which input coins come from? on: November 04, 2013, 08:08:06 AM
Right. It's impossible to unambiguously track a single bitcoin (or whatever) through many transactions because there's no objective way to say which outputs it has gone through.
1176  Economy / Service Discussion / Re: Where's John K? on: November 03, 2013, 01:33:46 AM
Arvicco and I escrowed a 339.6 BTC transaction using John K. on October 23rd. On October 25th, the transaction was completed and Arvicco requested that John K release the escrowed funds.  From that point until now, we have heard nothing from him.  The maximum contractual duration he allows for funds release is 2 days, and we now a week beyond release request.  You can see that he has not been active since the morning of 10/26:

https://bitcointalk.org/index.php?action=profile;u=31288

We have contacted theymos to ask about how to proceed. He recommended we post publicly, in the hopes that someone might know how to reach out to him.

This is accurate as far as I know.

I don't have a ton of personal info on him, but I'll release what I do have in a few days. Hopefully he's OK. He just came the the US, so if he was injured or arrested, we might not hear about it (and he might need our help).
1177  Other / Meta / Re: CSS errors in forum on: November 02, 2013, 09:01:11 PM
Yeah, I think that one of your extensions is messing with the forum's CSS somehow.
1178  Other / Meta / Re: whiskers75 Hacked on: November 01, 2013, 01:05:55 PM
Whoever owns your account email owns your account. So you should be careful about using non-existent webmail accounts, mailinator-type sites, etc.
1179  Other / Meta / Re: whiskers75 Hacked on: November 01, 2013, 03:50:38 AM
OK, have him send me (signed) the email address I should use for the account. He can then use the forgotten password feature.
1180  Other / Meta / Re: Youtube videos~is there a way to embed them on posts? on: October 31, 2013, 10:03:17 PM
Embedding SWFs would be amazing.  Cheesy

Amazingly annoying and insecure.
Pages: « 1 ... 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 [59] 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 ... 317 »
Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!