Show Posts
|
Pages: [1] 2 3 4 5 6 7 »
|
dbt1033, any news about rads? Or FLO is your new favorite investment?
|
|
|
I supposed recent reward reduction will increase the price, can't understand why it's not working yet
|
|
|
Username: bullox Thank you for this awesome promotion KingDice. 
|
|
|
Philadelphia Flyers 2-4 Los Angeles Kings
|
|
|
Philadelphia Flyers 1 - 3 Los Angeles Kings
|
|
|
OP is a moron.
You'd generally export those values as strings for enhanced readibility when combined and thrown together in, say, a table. Key word here is EXPORT.
You act as if there is no way to convert that json element back to a float.... silly.
|
|
|
MtGox won't be able to handle the amount of traffic it is about to receive.
Exactly. When it comes back up, BTC will be worth 404
|
|
|
9001 billion zimbabwe dollars
|
|
|
Please post link to data about transfer volumes during attack.
Take a look for yourself. Goto blockexplorer, look at all the movement in the 2 blocks following [19:15:36]
|
|
|
I never used gox so I dont know the specifics, maybe others can shed some light.
Was the $1000 valuation of BTC maximum's withdrawal based on the pinpoint price, a 24-hr average, a 48-hr average, what?
If it was pinpoint, it sure explains the ENORMOUS amount of coins transferred in the blockexplorer reports as the attack was occurring.... The guy may have gotten away with 100,000 btc.
|
|
|
When it comes online: $17.50
If people are notified of the exact time it comes back online, within 2 hours it will be $5
If not notified in advance of opening time, within 2 hours it will be $9.40
|
|
|
Isn't it ironic that bitcoin mining is essentially also cracking a hash?
Very. Almost every person in this forum has the necessary hardware to get crackin.
|
|
|
so obviously its md5, and the salt is contained within db entry, but what method are they using to get the unicode characters back into hex strings that most password crackers utilize for reversing md5?
|
|
|
jesus christ look at those terrible passwords.....
|
|
|
However, if the salt has been exposed then it's the same thing as not using one...
That's not how salts work. The point is that an attacker can do a lot of effort in advance to generate a massive rainbow table containing the hashes of a large set of possible passwords (or in practice, simply pay for access to such a service). By adding a random nonce (i.e. the salt) to passwords before hashing them, you force the attacker to include all possible nonce values in those passwords. For each extra bit in the nonce, you double the size the rainbow table, quickly making it infeasible to generate one. So even if the salt is public, it will still do its job in preventing the use of rainbow tables. The attacker will be forced to brute-force by trying all possible passwords in combination with a given nonce just to crack a single password hash. And the avergae bitcoin enthusiast has a plethora of brute force power available to them.  Sorry everyone who used mtgox but you should really be not on this forum and out changing pw at every single site that you have ever used even 1 of the items in that database (username, email, or password)
|
|
|
lol wow that password hash is just begging to be cracked. That kind of length of total output hash is like the luggage lock of electronic security... Even salted sufficiently that is just not adequate.
I would like to echo the previous poster who said they have stronger encryption in a game they develop...
|
|
|
what about all the coins that were transferred and/or cashed out
Dollars cashed out? Might be reversible. BTC transferred to an address? Irreversible. Don't worry about your lucky 80 coins  If it was attacked as described, the person who sold all the btc, then purchased them again at .01btc would have moved the price such that they potentially could have withdrawn 100k BTC. But that depends if mtgox uses a 1/2/14-day average or spot-price for how they determine their 1k limit.
|
|
|
KeePass is free and provides excellent security. I played with it a long time ago (I think I will revisit it again) . Choose a good password and you will do fine. I use LastPass ( www.lastpass.com), have you heard of it? LastPass has had some problems as of late, however I still recommend it. If you choose a good password with LastPass, then you will do well (as with KeePass). LastPass is multiplatform and is free for the basic edition. If you upgrade (for $12 year, sorry they don't except BitCoin yet  ), you would also be able to use it with your mobile devices. I have the free edition myself. LastPass does offer multifactor authentication*. I'm not sure if KeePass does that (as I wrote, I played with it a long time ago). Grated the multifactor authentication is better and easier to use with the upgrade. No I do not work for LastPass. I just believe that it is a great product. * Multifactor authentication will require you to do something after you put in your correct user ID and password. For free members (if that opt in), that will ask you to enter some random info. For details, goto http://helpdesk.lastpass.com/?s=gridAsking more questions is not multi factor authentications. That's just essentially having two passwords. Any question can be answered. The heart of multiple factor authentication is to not only test WHAT YOU KNOW (password, passphrase, security question) but also to test WHO YOU ARE or WHAT YOU HAVE. The former is biometric data, the latter would be tokens like a rsa keyfob or a card to swipe or an rfid tag. Any security product that doesn't even KNOW what two factor authentication is..... man. You should steer clear of any of their products.
|
|
|
|