Looking for a security consultant

Eisenhower34 (OP)

Legendary

Offline

Activity: 906
Merit: 1002

Looking for a security consultant

September 03, 2012, 03:02:48 PM
Last edit: September 03, 2012, 06:52:42 PM by Eisenhower34

Bitcoin-Insurance.com is ready to launch, but I would feel much saver with one or two other people checking the code for security holes.

The code is written in php with codeigniter, so some knowledge there is usefull.

As backend we use a bitcoind running on the server and ABE to read the chain and load the data into a mysqlDB from which its read later (abe in no server mode). The wallet is kept offline. I didnt write the code myself this time and to be honest I dont trust my friend who coded the backend nor myself to find all security holes he may have left there.

Edit: Those who are interested, could they summarize small a bit why they are qualified for something like said? I dont want to send my code to everybody and therfor I only want to pick trustworthy people with some years experience in this field.

A thousand thanks upfront!

1715276048

Hero Member

Offline

Posts: 1715276048

Ignore

1715276048

1715276048


	Report to moderator

1715276048

Hero Member

Offline

Posts: 1715276048

Ignore

1715276048


	Report to moderator

It is a common myth that Bitcoin is ruled by a majority of miners. This is not true. Bitcoin miners "vote" on the ordering of transactions, but that's all they do. They can't vote to change the network rules.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.

1715276048

Hero Member

Offline

Posts: 1715276048

Ignore

1715276048


	Report to moderator

1715276048

Hero Member

Offline

Posts: 1715276048

Ignore

1715276048


	Report to moderator

Lethos

Sr. Member

Offline

Activity: 476
Merit: 250

Keep it Simple. Every Bit Matters.

Re: Looking for a security consultant

September 03, 2012, 03:22:13 PM

I could investigate the code.
However I'm sure you were hoping for someone with more reputation for doing such things.

Developer of Lethos Designs
Clients: DAC Europe | Lisa's Workshop

Eisenhower34 (OP)

Legendary

Offline

Activity: 906
Merit: 1002

Re: Looking for a security consultant

September 03, 2012, 06:24:15 PM

Thanks for your offer. Im hoping for someone with some experience in this field, but i would message you in case noone else replies.

notme

Legendary

Offline

Activity: 1904
Merit: 1002

Re: Looking for a security consultant

September 03, 2012, 06:40:21 PM

Be careful. Announcing you have something you are worried about protecting and offering a stranger access to see how protected it is may attract black hats.

https://www.bitcoin.org/bitcoin.pdf
While no idea is perfect, some ideas are useful.

Eisenhower34 (OP)

Legendary

Offline

Activity: 906
Merit: 1002

Re: Looking for a security consultant

September 03, 2012, 06:52:05 PM

Quote from: notme on September 03, 2012, 06:40:21 PM

Be careful. Announcing you have something you are worried about protecting and offering a stranger access to see how protected it is may attract black hats.

A software should be secure, no matter if the source is revealed or not.

But I understand your concern thats why I prefer trustworthy people

notme

Legendary

Offline

Activity: 1904
Merit: 1002

Re: Looking for a security consultant

September 03, 2012, 06:59:31 PM

Quote from: Eisenhower34 on September 03, 2012, 06:52:05 PM

Quote from: notme on September 03, 2012, 06:40:21 PM

Be careful. Announcing you have something you are worried about protecting and offering a stranger access to see how protected it is may attract black hats.

A software should be secure, no matter if the source is revealed or not.

But I understand your concern thats why I prefer trustworthy people

While that is true, if yours is not secure a black hat could pretend to secure it, fix a few things and leave one tiny hole he can later exploit.

https://www.bitcoin.org/bitcoin.pdf
While no idea is perfect, some ideas are useful.

cedivad

Legendary

Offline

Activity: 1176
Merit: 1001

Re: Looking for a security consultant

September 03, 2012, 07:09:44 PM

You better talk with a specialized company that does this and this alone.
You could pm me the code and I would be happy to give it a look for free, but I wouldn't if I where in you.

Btw why ci and not kohana? That's an awesome framework!

Btw-2, security trought obscurity works well.

My anger against what is wrong in the Bitcoin community is productive:
Bitcointa.lk - Replace "Bitcointalk.org" with "Bitcointa.lk" in this url to see how this page looks like on a proper forum (Announcement Thread)
Hashfast.org - Wiki for screwed customers

Lethos

Sr. Member

Offline

Activity: 476
Merit: 250

Keep it Simple. Every Bit Matters.

Re: Looking for a security consultant

September 03, 2012, 08:05:49 PM

Quote from: Eisenhower34 on September 03, 2012, 06:24:15 PM

Thanks for your offer. Im hoping for someone with some experience in this field, but i would message you in case noone else replies.

I have the experience in this field, just not the reputation, so I have no problem if you choose someone else.
Goodluck.

Developer of Lethos Designs
Clients: DAC Europe | Lisa's Workshop

Pages: [1]

Bitcoin Forum > Bitcoin > Bitcoin Technical Support > Looking for a security consultant

« previous topic next topic »