davout (OP)
Legendary
Offline
Activity: 1372
Merit: 1008
1davout
|
|
September 24, 2012, 03:42:43 PM Last edit: September 24, 2012, 09:12:59 PM by hazek |
|
TL;DR : Paste a Bitcoin address in a bank wire "reference" field. Bitcoins automatically sent to that address. Also refer your friends and get 1% of what we sell. Hello everyone! I'm very proud to announce that Paymium is launching a new original service called InstaWire, it's available at https://instawire.org. It'll let you buy Bitcoins hassle-free by simply pasting your Bitcoin address in the "Comments" field of a bank wire. It's mostly intended for beginners or people who want to buy a few coins from time to time without the pain of registering an account on an exchange or going through AMhell. The price will vary depending on market conditions and include a small commission. We also have a nice affiliation program where you direct customers to us through a specially crafted link containing your Bitcoin address and you are rewarded with 1% of the Bitcoins sold. So if you refer Paul to us and Paul buys 100 BTC on InstaWire, we reward you with 1 BTC out of our own pocket. Just craft your URL like this : https://instawire.org/?r=1DavouTAsveznCFHsz688xvbrRAq4u2qm8 put in on your blog, your signature, get its QR code tattoed on your chest and listen to the sweet sound of Bitcoins rolling in. (Pro-tip : we haven't edited the wiki pages yet to add InstaWire to the lists)
|
|
|
|
evoorhees
Legendary
Offline
Activity: 1008
Merit: 1023
Democracy is the original 51% attack
|
|
September 24, 2012, 03:49:00 PM |
|
LOVE IT. Nice work
|
|
|
|
BIGMERVE
|
|
September 24, 2012, 03:52:01 PM |
|
Your website only mentions Euros. Do you accept USD too?
|
|
|
|
Remember remember the 5th of November
Legendary
Offline
Activity: 1862
Merit: 1011
Reverse engineer from time to time
|
|
September 24, 2012, 03:57:38 PM |
|
Not saying anything, but these kind of websites usually have some XSS vulnerabilities. Please check for that.
|
BTC:1AiCRMxgf1ptVQwx6hDuKMu4f7F27QmJC2
|
|
|
knight22
Legendary
Offline
Activity: 1372
Merit: 1000
--------------->¿?
|
|
September 24, 2012, 03:59:38 PM |
|
Seems pretty nice! It would be cool if it is available for CAD too...
|
|
|
|
n8rwJeTt8TrrLKPa55eU
|
|
September 24, 2012, 04:01:23 PM |
|
Excellent idea! The obvious suggestion/request is to increase the €100 limit and accept other currencies (USD, etc)
|
|
|
|
davout (OP)
Legendary
Offline
Activity: 1372
Merit: 1008
1davout
|
|
September 24, 2012, 04:03:22 PM |
|
Obvious suggestion/request is to increase the €100 limit and accept other currencies (USD, etc) We're working on accepting USD through Dwolla and other methods, that should come pretty soon.
|
|
|
|
teslacoil404
Member
Offline
Activity: 78
Merit: 10
|
|
September 24, 2012, 04:21:47 PM |
|
very very nice! Good job!
|
|
|
|
davout (OP)
Legendary
Offline
Activity: 1372
Merit: 1008
1davout
|
|
September 26, 2012, 09:25:51 AM |
|
We got our first two customers yesterday! And they went through my affiliate link
|
|
|
|
drekk
Member
Offline
Activity: 70
Merit: 10
Who shot who in the what now?
|
|
September 26, 2012, 10:43:04 AM |
|
Looking good! Ordered 10 BTC yesterday. I somehow didn't receive the notification E-Mail, but you can check the status of pending orders by (re-)entering your BTC address on the front page. It won't place a new order, if you don't want to! This way I was able to finalize the process and have just gotten the sixth confirmation for the transfer. And davout made a small provision. Everybody happy! ~drekk~
|
☛ GPG Key / Fingerprint: CDFF 083A 3056 7DD8 B5B9 6687 726C AB05 D6AE 6148☛ Overly attached BitMinter miner // 4pmlIE9idmlvdXMgdHJvbGwgaXMgb2J2aW91cy4g4pm
|
|
|
Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto
|
|
September 28, 2012, 07:05:17 AM |
|
You could accept USD, but I am guessing that you would have to open a USD bank account with your bank (other currency or foreign currency account.)
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 01, 2012, 01:51:20 AM |
|
My experience with wiring money is that the comments field is often converted to all caps. How do you deal with that?
One thing is kind of scary is that a rogue bank employee who knows about bitcoin could perform a low-tech meatspace MITM attack and insert his own address. By the time it was discovered it would be too late.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
davout (OP)
Legendary
Offline
Activity: 1372
Merit: 1008
1davout
|
|
October 01, 2012, 06:46:34 AM |
|
My experience with wiring money is that the comments field is often converted to all caps. How do you deal with that?
If the address we receive is truncated, uppercased or otherwise invalid it gets corrected transparently as soon as the user checks for his transfer status by inputting his full and valid address in our interface. One thing is kind of scary is that a rogue bank employee who knows about bitcoin could perform a low-tech meatspace MITM attack and insert his own address. By the time it was discovered it would be too late.
I highly doubt there is any manual intervention in transfers made from web interfaces, and even if there was, I think the risk is pretty equivalent to having your transfer maliciously re-routed to a different IBAN.
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 01, 2012, 01:39:56 PM |
|
One thing is kind of scary is that a rogue bank employee who knows about bitcoin could perform a low-tech meatspace MITM attack and insert his own address. By the time it was discovered it would be too late.
I highly doubt there is any manual intervention in transfers made from web interfaces, and even if there was, I think the risk is pretty equivalent to having your transfer maliciously re-routed to a different IBAN. Whether or not there is is highly dependent on the bank and their procedures. None of us really knows for sure, but finding out the hard way will be really expensive for somebody. I know I'm a little bit prudish, but then again, I haven't lost money with Zhou Tong, Pirate, or ever had a wallet stolen, or funds in a website that got hacked. I sent a wire out recently and, after clearly verifying that the amount was x, it went through for 10x, and then I had to start sounding the alarm bells pointing out that somebody somewhere screwed up. So clearly, at some places, some things are done manually. In that case, the full 10x hit the recipient's bank account, and then they were able to get the destination bank to send 9x of it back. Imagine your bank wire gets manipulated by a clipboard BTC-address replacer because some step along the way involves copy and paste on a computer that caught malware. Just sayin'!
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
Boussac
Legendary
Offline
Activity: 1221
Merit: 1025
e-ducat.fr
|
|
October 06, 2012, 08:50:27 PM |
|
One thing is kind of scary is that a rogue bank employee who knows about bitcoin could perform a low-tech meatspace MITM attack and insert his own address. By the time it was discovered it would be too late.
I highly doubt there is any manual intervention in transfers made from web interfaces, and even if there was, I think the risk is pretty equivalent to having your transfer maliciously re-routed to a different IBAN. Whether or not there is is highly dependent on the bank and their procedures. None of us really knows for sure, but finding out the hard way will be really expensive for somebody. I know I'm a little bit prudish, but then again, I haven't lost money with Zhou Tong, Pirate, or ever had a wallet stolen, or funds in a website that got hacked. I sent a wire out recently and, after clearly verifying that the amount was x, it went through for 10x, and then I had to start sounding the alarm bells pointing out that somebody somewhere screwed up. So clearly, at some places, some things are done manually. In that case, the full 10x hit the recipient's bank account, and then they were able to get the destination bank to send 9x of it back. Imagine your bank wire gets manipulated by a clipboard BTC-address replacer because some step along the way involves copy and paste on a computer that caught malware. Just sayin'! Come on ! Even in the very unlikely situation were they can alter the content of an online wire transfer, bank employees would not risk losing their job for a few BTC (each bank will only process a fraction of the traffic and it would not take long before we receive complaints). Then again, I can get struck by lightning twice tomorrow.
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 07, 2012, 12:01:29 AM |
|
Come on ! Even in the very unlikely situation were they can alter the content of an online wire transfer, bank employees would not risk losing their job for a few BTC (each bank will only process a fraction of the traffic and it would not take long before we receive complaints). Then again, I can get struck by lightning twice tomorrow.
That's not a safe assumption to make when customers are the one taking the risk, possibly with a lot of money. What if somebody somewhere can alter a comment without losing their job or being detected or identified? Neither of us knows for certain that's impossible. Complaints won't do much good if you're complaining after the money has already been stolen. You use SSL when you bank or shop online, right? Even though the risk of MITM is relatively small? Even if only spending $10? You would exercise caution (especially with other people's money) for much the same reason as you would use SSL when transacting online.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
davout (OP)
Legendary
Offline
Activity: 1372
Merit: 1008
1davout
|
|
October 08, 2012, 07:38:08 AM |
|
That's not a safe assumption to make when customers are the one taking the risk, possibly with a lot of money.
Coming from you it's kind of a really weird thing to say. You do sell 1000 BTC casascius gold coins right ? Yeah, that's what I thought. What if somebody somewhere can alter a comment without losing their job or being detected or identified? Neither of us knows for certain that's impossible. Complaints won't do much good if you're complaining after the money has already been stolen. You use SSL when you bank or shop online, right? Even though the risk of MITM is relatively small? Even if only spending $10? You would exercise caution (especially with other people's money) for much the same reason as you would use SSL when transacting online.
Whatever man, you're the one that can potentially run away with thousands of BTC worth of private keys and your only comment on this service is that we shouldn't trust banks to properly execute transfers 100€ worth ?
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
October 09, 2012, 02:03:00 AM |
|
That's not a safe assumption to make when customers are the one taking the risk, possibly with a lot of money.
Coming from you it's kind of a really weird thing to say. You do sell 1000 BTC casascius gold coins right ? Yep, mainly because those who have bought my coins likely feel they have adequate recourse against me, and if their BTC were to disappear, there is exactly one person whose ass to kick. I have helped to mitigate their risk by sharing my personal information and offering to cooperate with any reasonable steps to verify anything anybody wants. You are welcome to disregard my input, as I don't mean it to be critical. Given the fee for a typical bankwire, I'd expect to see amounts much larger than 100€, certainly amounts worth stealing. I am simply recommending that you take steps to mitigate the risk of a MITM changing the comment field on a bankwire for his own benefit and not assuming it can never happen.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
Boussac
Legendary
Offline
Activity: 1221
Merit: 1025
e-ducat.fr
|
|
October 09, 2012, 04:11:39 PM |
|
That's not a safe assumption to make when customers are the one taking the risk, possibly with a lot of money.
Coming from you it's kind of a really weird thing to say. You do sell 1000 BTC casascius gold coins right ? Yep, mainly because those who have bought my coins likely feel they have adequate recourse against me, and if their BTC were to disappear, there is exactly one person whose ass to kick. I have helped to mitigate their risk by sharing my personal information and offering to cooperate with any reasonable steps to verify anything anybody wants. You are welcome to disregard my input, as I don't mean it to be critical. Given the fee for a typical bankwire, I'd expect to see amounts much larger than 100€, certainly amounts worth stealing. I am simply recommending that you take steps to mitigate the risk of a MITM changing the comment field on a bankwire for his own benefit and not assuming it can never happen. Your concern is valid but has been addressed in our risk analysis before launching the service: we have capped the maximum amount to 100 € per day per bank account. Given the instawire sales flow seen by any given bank and the risk for the job security of a bank employee engaging in this kind of fraud, we consider the risk acceptable at this point.
|
|
|
|
OneEyed
aka aurele
Full Member
Offline
Activity: 154
Merit: 100
|
|
October 09, 2012, 04:15:12 PM |
|
I'm currently testing the service, but while everything went very quickly so far (I initiated the transfer around 22:30 yesterday if I remember correctly, and it looks like you already received it 20 hours later) my purchase entered a so-called "Pending risk assessment" state. Does this phase take long? (I've been using this bank account with bitcoin-central a lot, inbound and outbound)
|
|
|
|
|