What if he turns around and says 'Sorry guys it was too hard for me to implement, I hit a brick wall and have given up. But I am still keeping the donations because I put all the time and effort in trying to do it and time is money'.

Has this been done before? I would be interested in learning about this.

Perhaps this could end up in a BFL style situation.

I suspect mtrlt is finding it more challenging than he originally anticipated to construct a GPU miner which offers superior performance.

Site down for maintenance - https://twitter.com/btcecom

Notice how Realsolid calls people 'laymen' without even knowing the background of the person he is speaking to (myself - 1st class maths degree from an ivy league university and have been a web developer for years). The least Realsolid should do is warn on the new user registration page that he can read the passwords as this will stop most people from re-using passwords. That is the ethically correct thing to do imo until he follows the industry standard of hashing and salting passwords rather than reversible encryption/decryption.

This is a good point. If RS has done things properly the cold storage funds won't be accessible and only the hot wallet would be affected by this. Although until RS realised/accepted that his db had been compromised, the hacker could just keep emptying the hot wallet everytime RS filled it back up.

No it's beyond ludricous to suggest it's not possible there are holes in your security measures outside of a dodgy datacenter. It's laughable you think it's impossible there might be a hole somewhere you haven't thought of. The probability is non-zero, fact.

Multi-billion dollar companies with teams of the best minds in the industry have had their db's compromised by hackers, you're deluded to have your main argument as "welp we can't be hacked anyway LOL".

This is complete fluff in relation to my post. As far as 'gold standard', the SQL site that using password hashing and salting per password is doing a superior job to mcxnow in terms of password storage. Every single packet of information nonsense is simply irrelevant to what we are talking about here. Encrypted passwords could be retrieved in plaintext form by a hacker at your exchange Realsolid, however small the possibility, it's still a possibility. Honestly I'm not wanting to be rude here, but do you not understand this concept?


I addressed this point in my original message in anticipation of you making this weak argument. Yes you could check your email on a computer that has a virus. In the same way you could check your mcxnow account on a computer that has a virus. By extension that makes your own site 'ridiculously insecure'. If you have a keylogger on your machine you think the keylogger will collect the email password but never the mcxnow password? That makes no sense at all.

The distinction between the two is if you implemented an email reset system properly the onus wouldn't fall on the customer but instead on the person who is responsible for running the exchange.


That doesn't make any sense in relation to what I wrote:


If everyone used a strong, unique password (never going to happen) the hacker gaining access to all those passwords would still be a non-zero probability. I guess what you tried to say is, if everyone used a strong, unique password then it wouldn't matter if a hacker gained access to everyone's passwords - however people do re-use their passwords unfortunately, a good programmer would design for this and use the standard approach of hashing and salting - it's very, very little effort. This is all completely standard, textbook web programming stuff you'll find on any book or lecture on the subject.

Do not confuse me as someone who is claiming the exchange is insecure. I am simply explaining that their password storage procedure is crap.

As a separate note, ethically Realsolid should say on his sign up page that passwords can be decrypted to their plaintext format by the admin and are thus readable by him. Because that is the case here. It will also encourage and explain to users one reason why they have to use a unique, strong password just for mcxnow.

Email password reset mechanisms are not ridiculously insecure if they are done correctly. Their only weak point is a 'hacker' could get their email password and do a reset but of course if they can get their email password then they can probably get their mcxnow password too.

Hashing of passwords is the gold standard of password storage in web applications.

Admins are strongly advised to never use encryption for the obvious reason if the db is compromised then the hacker gains access to everyone's passwords. Before you give your standard canned response to this, remember: 1. some people use dozens of websites and it's a pain in the arse having a strong, unique password for every single one, 2. even if you're the world's best programmer unexpected things can occur meaning the db could be compromised. It is therefore a non-zero probability that a hacker could gain everyone's passwords by your poor decision to employ encryption; using hashing+salting would make this a zero probability.

I'm sure it would happen.

If I was you I would be more concerned whether investing in these shares at this price was a smart move. Even at the July all time high 10,000USD fee profits, the price is only about decent based on the dividend. If August turns out to be a more normal month then people will realise they shouldn't value the shares based on the exchange's best month (when XPM launched). If the true monthly average fee profits for the exchange are more like 3,000 USD then the price you people bought in at is over inflated.

This is why market capitalisation is the true indicator of a coin's value (market price of coin multiplied number of coins in existence).

Novacoin market cap is behind Feathercoin at present.

Too bad none of you complainers backed me up the other month when I complained loudly and articulately why it was a bad move for Worldcoin to join UNOCS without any form of prior public debate or transparency.

Same shit has happened again with this patch and now some of you are finally starting to cotton on why it's bad that a couple of people get to pull all the strings behind the scenes and make the decisions, with no public debate or transparency beforehand.

Good job I sold my coins back then, I advise you all to do the same.

I thought mtrlt was a student who was doing this project in his spare time?

I'm not surprised your post got deleted when you act like a dick.

I don't know why you care so much anyway. If it wasn't already obvious, when the miner is released to the donators it's going to get leaked very quickly. So in all likelihood your 1 bitcoin really has turned out to be a donation in the true sense of the word.

OP is on record as heavily backing Emunie - a closed source, heavily pre-mined crypto currency. The supply of which also varies with demand.

Primecoin is not a currency because it takes 1 minute to confirm? Unlike Bitcoin which takes 5 times longer? lol what a dumbass. Bitcoin was ruled as real money by a US district court this week. Literally nothing in the OP makes any logical sense, can't decide if OP is genuinely mentally challenged or is just trolling with FUD. Probably a combination since he thinks his Internet Explorer logo ripoff was a solid contribution towards the Emunie project.

I also posted early on in this thread that donating might not be the smartest idea, as people who get access to the beta will just resell it cheaper to cover their cost.

Bitcoin v09 will offer significant merchant improvements including recurring payments support - http://thegenesisblock.com/significant-merchant-improvements-planned-for-bitcoin-v0-9

Isn't the interest rate 50% on this coin now or something ridiculous

Is there still time to donate to OP?

Anyone who kept the faith and continued mining it for months after it died deserve to have their faith rewarded imo.

I'm guessing fake since no-one else is reporting it.

Muddafudda is just trying to help. You're coming across as a huge jerk.