1bitc0inplz (OP)
Member
 Offline
Activity: 112
Merit: 10
|
 |
June 24, 2011, 11:37:16 PM |
|
tossed 1.3G at you. You need to add a payout lock and email change warnings.
Thank you. Also, that is a great suggestion. I have just added that to our task tracker. |
|
|
|
1bitc0inplz (OP)
Member
Offline
Activity: 112
Merit: 10
|
|
June 25, 2011, 02:56:35 AM |
|
This last block dropped after only 121525 shares and about 14 hours.  I am still amazed how quickly we took care of that last block! |
|
|
|
jasonstx
Newbie
Offline
Activity: 53
Merit: 0
|
|
June 25, 2011, 03:50:54 AM |
|
tossed 1.3G at you. You need to add a payout lock and email change warnings.
Thank you. Also, that is a great suggestion. I have just added that to our task tracker. I wonder how hard it would be to add something like the google authenticator when changing wallet addresses. Another idea I saw floating around is wallet addresses as the worker name and only allowing payout to the wallet address of the worker. |
|
|
|
|
jasonstx
Newbie
Offline
Activity: 53
Merit: 0
|
|
June 25, 2011, 12:22:48 PM |
|
I also suggest the IP whitelist option for each worker. Protect against a ddos on the pool itself.
An API JSON interface for worker stats
A idle notification option for twitter/email/sms notification
A scheduled status notification option for twitter/email/sms notification.
Of course this is just a wishlist of the cool things I have seen at other pools.
|
|
|
|
|
1bitc0inplz (OP)
Member
Offline
Activity: 112
Merit: 10
|
|
June 25, 2011, 03:36:52 PM |
|
jasonstx, those are all great suggestions. I will work on getting those added to our task tracker.
In fact, the wallet id lock was something I was prototyping last night. Not sure, exactly, how I want it to work yet... but it is differently something high on my list of things to work on.
|
|
|
|
|
zoro
|
|
June 25, 2011, 06:23:25 PM |
|
i prefer to choose my worker's name and pass  |
|
|
|
1bitc0inplz (OP)
Member
Offline
Activity: 112
Merit: 10
|
|
June 25, 2011, 06:46:09 PM |
|
i prefer to choose my worker's name and pass We agree. This is actually harder than it sounds, trying to migrate the worker's credentials and also the way we treat some of this on the backend will have to change. So, we've been very busy talking about the best way to handle this migration, and we think we have a solution. We hope to have this to you all in the next few days. |
|
|
|
jasonstx
Newbie
Offline
Activity: 53
Merit: 0
|
|
June 25, 2011, 07:16:20 PM |
|
for the payout lock it seems like you could keep a datetime of the last wallet change and if the difference < 24 hours, disable the payout button. Also when you submit the wallet change, trigger an email notification but still allow the change. If an account is hijacked, that person has 24 hours to recover the account before anything bad happens.
You must also send email notifications to the old email address when the email address is changed and allow some way to recover an account to the previous email address else an attacker could just change the email address, then change the wallet address with no one the wiser.
|
|
|
|
|
1bitc0inplz (OP)
Member
Offline
Activity: 112
Merit: 10
|
|
June 25, 2011, 10:06:48 PM |
|
for the payout lock it seems like you could keep a datetime of the last wallet change and if the difference < 24 hours, disable the payout button. Also when you submit the wallet change, trigger an email notification but still allow the change. If an account is hijacked, that person has 24 hours to recover the account before anything bad happens.
You must also send email notifications to the old email address when the email address is changed and allow some way to recover an account to the previous email address else an attacker could just change the email address, then change the wallet address with no one the wiser.
That's a pretty good suggestion. On a related note, I wonder how many of us use PGP? Or, would be willing to use PGP to help secure their account. |
|
|
|
jasonstx
Newbie
Offline
Activity: 53
Merit: 0
|
|
June 26, 2011, 04:45:41 PM |
|
Well, what if when setting up your account you actually had 2 passwords, one for logging in/managing workers and another to manage wallet/passwords and payouts? Another thing I just thought of is a image verification/pin code like I have seen at banks.
You are shown a randomized keypad after logging in so instead of:
1 2 3
4 5 6
7 8 9
* 0 #
it may look like:
5 9 4
2 0 3
1 7 6
* 8 #
You click on the images in the correct order (onclicks to build a hashed string for post) and you are in.
This defeats keyloggers as you are clicking at different locations each time.
disabling image caching on the browser and you are secure for all but totally hacked and rooted machines where your screen is recorded.
|
|
|
|
|
|
|
|
klamathonsite
|
|
June 26, 2011, 08:13:33 PM |
|
Is there a problem with site getting it to stay constant so i can login and setup workers not happening it is constantly taking me to
add wallet id and i cant get past it and i already have set it and saved it.
and I i cant login in from another ip i guess with his server which makes it very inconvenient
|
|
|
|
|
1bitc0inplz (OP)
Member
Offline
Activity: 112
Merit: 10
|
|
June 26, 2011, 08:17:19 PM |
|
Is there a problem with site getting it to stay constant so i can login and setup workers not happening it is constantly taking me to
add wallet id and i cant get past it and i already have set it and saved it.
and I i cant login in from another ip i guess with his server which makes it very inconvenient
I am not sure I completely understand. You should be able to login from any IP address that you wish, and setting up workers shouldn't require you to have a wallet ID set. Could you email us at support@bitp.it with your information (username and/or email address) and we will look into the specifics of this situation. |
|
|
|
|
klamathonsite
|
|
June 26, 2011, 08:25:02 PM |
|
ya it was being strange I think i got it now but i had my partner try to long in to setup worker and hes at another location different ip and when he trys to login
is give him internal message with blank white screen.
So i have a few cards up now trying out the service if i like what i see I will then move my other 10 cards over.
|
|
|
|
|
1bitc0inplz (OP)
Member
Offline
Activity: 112
Merit: 10
|
|
June 27, 2011, 01:08:15 AM |
|
ya it was being strange I think i got it now but i had my partner try to long in to setup worker and hes at another location different ip and when he trys to login
is give him internal message with blank white screen.
So i have a few cards up now trying out the service if i like what i see I will then move my other 10 cards over.
Good to hear you got past it. I will look into this blank "Internal" screen and see if I can reproduce it. All things considered, though, I do hope you enjoy our pool. As zoro pointed out, I believe you will notice that our stale rate is the lowest around  |
|
|
|
|
jme621
|
|
June 27, 2011, 06:30:32 AM |
|
A: i get that internal screen everytime i try to login, have to repeat login process and it logs me in, no biggie, kinda habit now lol
B: WOOT, we got #5 !!
|
|
|
|
|
|
luffy
|
|
June 27, 2011, 06:39:48 AM |
|
this pool's luck is outstanding!!!! plz make a column in the leaderboard with the found blocks. |
|
|
|
|
naypalm
Legendary
Offline
Activity: 1272
Merit: 1012
howdy
|
|
June 27, 2011, 07:00:57 AM |
|
Woot on #5  |
|
|
|
|
jme621
|
|
June 27, 2011, 07:17:20 AM |
|
this pool's luck is outstanding!!!! plz make a column in the leaderboard with the found blocks. i think you mean in the round history? leaderboard is only for current round. |
|
|
|
|
|
luffy
|
|
June 27, 2011, 07:25:59 AM |
|
well, since the nickname is not changed then the found block per user is connected to the user all the time no matter what is his/her potition in the leaderboard |
|
|
|
|
|
