Die einfachste Methode wäre das LSB (least significant bit) der Bitmap als dein Trägermedium zu nutzen. Also entweder Daten verschlüsseln oder nicht -> dann in einen Bitstring umwandeln -> LSB der einzelnen Pixel dementsprechend ändern. Das fällt nicht auf, da das LSB kaum was an der Farbe/Helligkeit ändert. Diese Methode ist recht alt und bekannt. Kann also leicht erkannt werden. Geht sowas auch mit Gimp [...]
Wenn Gimp es zulässt die einzelnen Bitwerte der einzelnen Farbkanäle zu bearbeiten, dann ja. |
|
|
|
In the history details, under Outputs, there are 3 addresses - the first is un-highlighted and contains the purchase btc price (so that is where the money was sent), the second is highlighted in blue (and appears to be the fee), and the third and final is highlighted in yellow, which shows the net amount, post-fee. All seems to make sense so I'll just wait for the seller to hopefully respond to my ticket.
That's correct. The blue highlighted is not the network fee, tho. It is the fee from TrustedCoin for using their 2FA service. The fee is 0.001 BTC for 20 transactions. If this was your first transactions, this means that your next 19 will be co-signed by trustedcoin for free. I submitted a ticket to the seller, because it appears to me they supplied one bitcoin address on the "checkout" page, and that is what I copied/pasted into Electrum and where the funds were sent. Subsequently, I received an email from the seller with a different bitcoin address, so I think it's up to them to explain... perhaps the bitcoin address provided at checkout was fine, but it concerns me I got a follow up email stating a different bitcoin address. Perhaps the seller has multiple bitcoin addresses? I just don't understand this very well and perhaps, worst case, I was somehow scammed.
Usually, a shop generates a new address for each customer and order. The fact that you received 2 different addresses to send to is quite weird tho. This seems a bit shady. It could be just a mistake, but the possibility of you getting scammed exists. |
|
|
|
it takes me to a page showing a transaction ID with status of "596 confirmations", the amount "sent", and the fee. Then, there is a long string of numbers under "Inputs (1)", which are not highlighted, and then a second string of numbers highlighted in green. Under "outputs (3)", it shows the amount sent, the fee, and the net of the two, but I do not see the seller's bitcoin address anywhere. The 3rd line under outputs (the net amount of the purchase less the fee) is highlighted in yellow.
The address you sent the coins to should be under "Outputs". A green color means its an "receiving" address from your wallet (the address where you receive funds to when sending to your wallet), yellow means its a change address from your wallet. No background means its an address not related to your wallet. That's where you send the funds to. I can't tell if the funds were sent or if the funds are in my wallet, or even worse, if the funds were sent to the wrong bitcoin address and I'm not sure how this would happen given I am running version 3.3.8 and I copied/pasted the seller's bitcoin address directly from their instructions.
You can check the bottom left corner for your balance. Since your transaction went through (596 confirmations), they shouldn't be in your wallet anymore. Your "History" tab exactly tells you when you received/send a transaction. Basically, this is too techy for me and I just don't understand what I'm looking at. Is there a way to determine (a) to which bitcoin address the funds were sent, (2) if the funds were even sent at all, (3) if the funds are still in my wallet...? I am so confused.
a) As mentioned above, the output address which is not highlighted is where you sent the funds to. 2) Should be visible in the history. Feel free to share a screenshot of your "History" tab. You might censor some stuff (like amount and transaction id) if you want to. 3) Checking the bottom left corner for the balance and the history should solve this. |
|
|
|
|
Doesn't really matter which service you use (the legitimate one or not).
You can never rule out that the server has access to your information.
You might as well just send your private information via a PM here. Same effect.
If you want to securely transmit data, encrypt it.
|
|
|
|
[...] Klar ein Risiko ist bei Paypal immer vorhanden, aber bei kleinen Beträgen sehe ich das unproblematisch.
Hier im Forum (und generell im Internet) wäre ich vorsichtig.. Die betrügen hier für weniger als 10€. Solltest trozdem immer darauf achten mit wem du Geschäfte machst. Den Rängen unter Full Member ohne Trading history, würde ich hier keine 10€ anvertrauen. |
|
|
|
Yes, but at least in this case your chain is as stronger than it would be if you had done it with only a single tool, because as long as you use different passphrases with same entropy, the encryption chain is as strong as the passphrase used in the strongest encryption program from this chain. If all three programs are secure, the attacker would have to crack three different passphrases in order to get to your wallet.
However, if you use the same passphrase, the encryption is as strong as the weakest link. In this case, the weakest link is going to be your passphrase used by your weakest program.
TL;DR: Yes, encrypting triple times can greatly increase your security, although it doesn't have to.
No. Encrypting something three times does not increase the security. What you should do is to concatenate your 3 different passwords into one password, feed it into a key derivation function and use that key to encrypt your data. Overall you have the same entropy as when encrypting it 3 times with those passwords individually. But the big disadvantage with your idea is, that the cracking process is being split into 3 parts with less entropy each. This speeds the cracking process up - by a lot. TL;DR: No, encrypting something more than once does not increase the security at all. |
|
|
|
|
I believe someone had his limit lifted after politely asking of it publicly? Not absolutely sure tho.
However, i agree that this limit is quite annoying when reporting multiple posts in a row or leaving multiple negative trust feedbacks in a row (i.e. when tagging absusing alt accounts with the same message and reference).
|
|
|
|
[...] (at least, I really hope there isn't an individual tracking number or data linked to each device!) [...]
According to ledger, that is not the case: [...] There is actually no way to identify a given Nano S, there is no serial number, 2 nano S with the same seed are identical from technical perspective. Not that one wouldn't expect such an answer from them when asked tho. |
|
|
|
It didn't really fail the genuine check. Since it couldn't connect to the device, it shows non-genuine (weird message which can cause confusion). I suppose, just as BitCryptex mentioned, that your user does not have the necessary privileges to access the device. So adding the udev rules will fix it: Try adding the udev rules and reconnecting your Ledger after you have done that. |
|
|
|
I think the browser was decent in terms of privacy(before this affiliate link fiasco). Yes, you could achieve better privacy through a well-customized Firefox browser, but this is more for the masses. More like privacy out of the box.
To be honestly, most people - if they care about their privacy - should start with their operating system. Using windows but then on the other hand trying to increase their privacy by using a specific browser is kind of pointless. If you all want your privacy to be maxed out, better consider using Linux-based Operating Systems, particularly Kali (which really focuses in Defensive Security) that is open-source.
Kali is mostly just a debian with lots of penetration tools pre-installed. It definitely is not suitable as an everyday OS. Generally, any linux is fine. But if you want a privacy-focused OS out of the box, Tails is the way to go. |
|
|
|
That, and don't use your personal emails when collecting bounties and/or airdrops. It's not like creating a new email is expensive anyway. Though it's quite a hassle shuffling through multiple emails, it's a great sacrifice in exchange for privacy.
Usually you can use delimiter for the same main mail address to create sub addresses. I have my own mail server running, where i can use either + or - to create sub addresses. I know that googlemail also offers that, not sure about other free mail provider tho. So with a mail address like mail@googlemail.com, you can receive mails to mail+scam1@googlemail.com, mail+scam2@googlemail.com, etc.. With that, you can only use one mail address (postbox) for multiple mail addresses. If you'll get a scam/phishing mail, to such a sub address, you'll know who shared/sold your mail address. |
|
|
|
Ran a few tests, it works, it's all good, but I lost 2 days. Not complaining that much, I learned a few new things, tomorrow I will attempt to create the Standalone Executable for Windows. I would have been better off having someone with experience beside me to teach me a few things, and I would have been glad to pay for that.
The learn effect is bigger if you do it on your own, trust me. However, if you are going to be stuck at some point, or have any questions, feel free to post them here. I (and others most likely too) will gladly assist you without taking money from you. Since you already learned some linux basics, you already laid the foundation of running a bootable linux distro. It is always nice to know how to at least navigate in a linux environment (e.g. if you need to repair your filesystem, recover deleted files, access coins from a cold wallet setup). |
|
|
|
I appreciate your reply! It does seem like I know more about the exchange than anyone else I've been able to find. Their support group isn't replying to my emails and I'm concerned about identity theft by going through the KYC process. I might end up doing that if I can determine that MixCoins is in legitimate hands, but I want to make sure my docs don't get stolen.
You could try to add a kind of watermark to your KYC images. It doesn't need to be a digital one. But a simple piece of paper with a text along the lines "This is for KYC for mixcoins" and the current date. You just need to make sure that one can not simply remove/cut that without it being noticeable e.g. small piece of paper across your ID. |
|
|
|
And so on, about 50+ active threads all about rewards bumped in the last 24h, while in the feedback category only 6. It's starting to become clear where their millions of new users come from...cryptotalk deja-vu  What else would be the reason to use a new chromium based browser? Obviously its because of the ability to earn a few cents per month. People are willingly selling their personal data for less than 5$ in the bounty section here. And those same people are also hunting for every few cents. This includes using brave. |
|
|
|
|
Actually i never heard of mixcoins before.
And a web search also doesn't result in a lot of information.
I guess it is up to you whether you want to do the KYC to get your funds back. This mostly depends on the amount and whether you are willing to accept it as a loss.
For the future, i'd suggest to only use big and reputable exchanges. Their KYC is not as shady (i.e. they don't actively try to lock you out) and their security is much better overall.
|
|
|
|
|
Vll. wäre ein anderes Wallet eine Alternative für dich.
Ledger live is allgemein eher so.. naja. Nicht so der Hit.
Und das gilt eig. für alle Coins, nicht nur für ETH.
Für BTC würde ich dir z.B. zu Electrum raten und für ETH kannst du, wenn du das möchtest, auch MEW nutzen.
Wichtig ist halt, dass du das nur als Interface für dein Hardware Wallet verwendest. Also nicht ein neues Wallet erstellen, sondern mit deinem Ledger verbinden.
Damit hast du die Sicherheit deines Hardware Wallets verbunden mit den Features des verwendeten Software Wallets (also Electrum oder MEW).
|
|
|
|
Downloaded directly from their official github account but so much puzzles for me from Ledger Live team. Why they don't provide the signature to releases? IDK, what to believe any longer.  The windows releases are signed. You'll get a popup when trying to install a program in windows asking whether you want to execute it. This popup shows you who signed the executable. Also the one and only detection is from an unknown AV software. The heuristics which triggered the alarm was apparently the download within the executable. That's not surprising since ledger live is downloading new updates itself. |
|
|
|
Watch with understanding  I don't need to watch it completely. If your statement is, that it is possible to retrieve a private key from a signed transaction, it simply is wrong. There is no poorly made YT video which could convince me otherwise. |
|
|
|
You are right, but also it helps against double spending and makes all transactions authentic and secure.
You don't need to run a full node to verify whether a transaction is 1) valid or 2) included into a block. The SPV protocol handles by storing only the block header and not the full blocks. I will appreciate further explaination about this, which wallets are non-node wallets? Are non-node wallets the custodial wallets?
"non-node" walltes are wallets which do not keep a copy of the blockchain. They are called lightweight wallets or SPV wallets. Custodial wallets on the other hand, are wallets where not you, but a 3rd party has access to the private key (e.g. exchanges). Also, if I have an open source wallet like bitcoin core and eletrum, are they example of bitcoin client? As they are made of softwares that can generate private keys securely on their own.
They are definitely clients, yes. And both of them can create private keys (and seeds) securely, indeed. |
|
|
|
This completely generic video does not help OP at all. The answer simply is no. This video just shows how to retrieve a transaction. It doesn't help OP at all. |
|
|
|
|
Show Posts
