|
exxe (OP)
|
 |
December 20, 2012, 07:14:12 PM
Last edit: December 21, 2012, 01:48:12 PM by exxe |
|
Without wanting to offend someone but I think MPOE-PR is not the right guy for me. I often feel uncomfortable when I read his posts in this forum.
Edit: Sorry for assuming that you are male, MPOE-PR.
|
|
|
|
|
|
|
|
|
|
|
|
"Your bitcoin is secured in a way that is physically impossible for others to access, no matter for what reason, no matter how good the excuse, no matter a majority of miners, no matter what." -- Greg Maxwell
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
|
rini17
|
|
December 20, 2012, 11:05:55 PM |
|
Without wanting to offend someone but I think MPOE-PR is not the right guy for me. I often feel uncomfortable when I read his posts in this forum.
Someday you'll have to learn to do business with people who make you uncomfortable, too. Plus, devoting few of these thousands hours to doing deeper research about other market players (so at least you'll know the correct gender of people involved) instead of relying on bitcointalk drama won't hurt. |
|
|
|
|
exxe (OP)
|
|
December 21, 2012, 01:01:53 PM
Last edit: December 21, 2012, 01:47:05 PM by exxe |
|
Someday you'll have to learn to do business with people who make you uncomfortable, too.
I disagree. Plus, devoting few of these thousands hours to doing deeper research about other market players (so at least you'll know the correct gender of people involved) instead of relying on bitcointalk drama won't hurt.
Well, the creator of MPEX is called Miracea right  (Miracea is a male name I guess). And MPOE-PR is another person? However, this is really offtopic now. Thanks for your critisism anyway. Edit: I got it know I guess. Added an excuse to MPOE-PR to the post above. |
|
|
|
|
Stephen Gornick
Legendary
 Offline
Activity: 2506
Merit: 1010
|
|
December 31, 2012, 07:10:07 AM |
|
Regarding this "Master Key" business. From Wikipedia: Two-factor authentication (TFA, T-FA or 2FA) is an approach to authentication which requires the presentation of two or more of the three authentication factors: a knowledge factor ("something the user knows"), a possession factor ("something the user has"), and an inherence factor ("something the user is"). - http://en.wikipedia.org/wiki/Two-factor_authenticationA "Master Key" is simply an additional password. Passwords are extremely vulnerable to a replay attack. Please consider adding true 2FA such as OTP / Google Authenticator. If you do add 2FA, please implement it properly -- i.e., always require the OTP for each and every withdrawal request. A plea to exchanges ... lets do 2 factor right! - http://bitcointalk.org/index.php?topic=109424.0Also, there mgiht be a better resolution than "oops, all your coins belong to us" in the case where the OTP is lost. For instance, allowing me to specify an exit address would allow for withdrawal should something happen, like let's say my house burns down and both my phone and the backup copy of my OTP secret are lost. - http://en.bitcoin.it/wiki/Exit_Address |
|
|
|
|
exxe (OP)
|
|
December 31, 2012, 12:27:19 PM |
|
I have thought really long about the Master Key logic and also noticed that libertyreserve.com uses a similar thing. The advantages of the current system are: - Every user is forced to use it when withdrawing. From my experience most people don't use 2FA if it's an opt-in.
- It is easy to understand and you don't need (smart)phones, a Google Account or whatever.
- You can login and trade on insecure systems without risking that someone can withdraw everything a few minutes later.
- After 3 failed attempts to withdraw the account gets locked for one day and triggers an email notification.
- Lost Master Keys can be resetted (but with a waiting period, email notifications and a big warning message when you log in).
- An attacker cannot withdraw Bitcoins if he manages to steal a session.
Downsides are: - If an attacker has access to the email account, 1Broker account and the user does not log in during the waiting period the 2FA mechanism fails. (Could be solved by increasing the waiting period)
- Lazy users may store their Master Key at insecure places.
The current system is not set in stone however. I'm always open for changes and ideas are welcome. IMHO it's currently more secure than an opt-in GAuth. (for the average user) |
|
|
|
|
|
|
|
exxe (OP)
|
|
December 31, 2012, 03:04:25 PM |
|
You could offer each user the choice -- Master Key or OTP.
This sounds good. Added to the TODO list. |
|
|
|
|
|
fimp
|
|
January 02, 2013, 09:24:45 PM |
|
Hello exxe
A very interesting service that I could be interested in testing. However, for me to trust you, your business has to make sense to me - i.e. I need to understand how your business can be profitable so you have an incentive to keep running it instead of just stealing people's coins. Also because your spreads are very low.
So a question:
I assume you hedge the positions entered by your users by entering positions of your own on the regular markets. Assets and positions are denominated in BTC on 1Broker. How do you intend to pay back customers their full BTC amount if BTC rate goes up while they are in a market position - and your funds are used in hedging positions on the normal markets denominated in USD?
|
|
|
|
|
exxe (OP)
|
|
January 02, 2013, 10:11:42 PM |
|
Hello exxe
A very interesting service that I could be interested in testing. However, for me to trust you, your business has to make sense to me - i.e. I need to understand how your business can be profitable so you have an incentive to keep running it instead of just stealing people's coins. Also because your spreads are very low.
So a question:
I assume you hedge the positions entered by your users by entering positions of your own on the regular markets. Assets and positions are denominated in BTC on 1Broker. How do you intend to pay back customers their full BTC amount if BTC rate goes up while they are in a market position - and your funds are used in hedging positions on the normal markets denominated in USD?
Hi! My real identity is known to theymos and some other members, so stealing funds wouldn't be so smart. But I understand your concerns: Currently most positions are not open longer than a few hours. For this type of positions hedging isn't necessary as the outcome is basically random. (at least for inexperienced traders) For longer term positions and small leverages we hedge on trusted European CFD platforms with EUR denominated accounts. This CFD platform has a bit smaller spreads too. The BTC/EUR volatility risks can be reduced by using the cost-average-effect ( http://en.wikipedia.org/wiki/Dollar_cost_averaging). Currently we are making small but stable profits. Parameters like spreads still need to be tested and could be increased, but it looks good right now.  |
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
January 02, 2013, 10:19:49 PM |
|
You could offer each user the choice -- Master Key or OTP.
Stephen is being nice. Master Key = idiotic. A second password is no real security and offering it to users is simply going to lead to a false sense of security. |
|
|
|
|
|
exxe (OP)
|
|
January 02, 2013, 10:35:55 PM |
|
You could offer each user the choice -- Master Key or OTP.
Stephen is being nice. Master Key = idiotic. A second password is no real security and offering it to users is simply going to lead to a false sense of security. Theoretically yes. However, my experience is that most account hacks result from hacks on other services and users using the same password or simply email account hacks. A master key could save the user in these cases. I have seen this type of system quite often and think it's better than nothing. Implementing an opt-in GAuth is on the todo list, however. I'm removing the the 'extremely secure' in the security page, too. The Master Key is not worth this phrase, you are right, but I disagree with calling it idiotic. |
|
|
|
|
wuala
Full Member
Offline
Activity: 163
Merit: 100
Luk, soy tu padreeee
|
|
January 02, 2013, 10:40:52 PM |
|
Another gambling site?  |
Leave the force be with you...
|
|
|
|
exxe (OP)
|
|
January 02, 2013, 10:52:20 PM |
|
Another gambling site? With customizable leverages you can gamble or invest. This is the intention behind this service. |
|
|
|
|
|
exxe (OP)
|
|
January 08, 2013, 04:05:06 PM |
|
I'm thinking about the way of implementing a "real" 2FA (at least on withdrawing) and I came to the conclusion that OAuth, Google Authenticator and others are not optimal. They require good technical skills/a Google Account/.. which will eventually lock out some people. I'm now tending to a SMS TAN system which everyone knows from banks. The advantages would be: - (Nearly) everyone can use it and understands it.
- It is long-term tested and considered secure.
Anyone has concerns or feedback? |
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
January 11, 2013, 03:24:30 PM |
|
Theoretically yes. However, my experience is that most account hacks result from hacks on other services and users using the same password or simply email account hacks. A master key could save the user in these cases.
I have seen this type of system quite often and think it's better than nothing.
Implementing an opt-in GAuth is on the todo list, however.
I'm removing the the 'extremely secure' in the security page, too. The Master Key is not worth this phrase, you are right, but I disagree with calling it idiotic.
Idiotic was harsh. I am glad you are taking security seriously. However compared to a true 2FA system the system is going to leave keylogged users vulnerable. Even with just an email compromised user depending on how active the user is if the user's email is compromised an attacker could still pull off an attack. Your right though it is better than nothing. It does prevent pure password re-use attacks and session stealing attacks (which the way some exchanges have poorly implemented 2FA don't). I'm thinking about the way of implementing a "real" 2FA (at least on withdrawing) and I came to the conclusion that OAuth, Google Authenticator and others are not optimal. They require good technical skills/a Google Account/.. which will eventually lock out some people. I'm now tending to a SMS TAN system which everyone knows from banks. The advantages would be: - (Nearly) everyone can use it and understands it.
- It is long-term tested and considered secure.
Anyone has concerns or feedback? I would rethink Google Authenticator. It doesn't really require any technical skills. A user with smartphone and the ability to install an app is all that is necessary. Pretty much user proof at this point. 1) User installs GA app. 2) USer clicks on new site (on the app) 3) Users is directed to scan GA barcode (displayed on your website) with the smartphone. 4) Done. All the hard work is done on your end (generating & recording the GA secret keys, providing user with barcode, calculating current code and comparing to user provided value. For the user it is copy code on phone to web form. Still if you want to go SMS that is a valid option IMHO. Personally I don't see any security flaws (not for the amounts users are likely to be protecting). I did some testing with this provider and it might meet your needs. They can set you up with a trial account with some free SMS for development. http://www.cdyne.com/api/phone/sms/ |
|
|
|
|
Stephen Gornick
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
January 11, 2013, 11:43:43 PM |
|
A user with smartphone and the ability to install an app is all that is necessary.
Or a cheap Android tablet even. Or even simply a second computer using an HTML5 version of OTP authentication: How to use 2-factor auth on mtgox, even without a smartphone - http://bitcointalk.org/index.php?topic=111943.0 |
|
|
|
|
exxe (OP)
|
|
January 12, 2013, 12:04:50 AM |
|
I would rethink Google Authenticator. It doesn't really require any technical skills. A user with smartphone and the ability to install an app is all that is necessary. Pretty much user proof at this point.
Or a cheap Android tablet even.
Or even simply a second computer using an HTML5 version of OTP authentication:
And for the SMS based 2FA even a NOKIA 3210 is enough.  I'm going to implement the SMS 2FA, but this doesn't mean that Google Authenticator or OAuth can't be implemented in the future. I hope it gets ready before February. Thanks for the suggestions! |
|
|
|
|
|
fimp
|
|
January 12, 2013, 12:28:24 AM |
|
This doesn't make sense, or maybe we're talking about different things. The situation could look like this: * User buys 100BTC worth of Apple with no leverage at a time when 1 BTC = $10. * BTC price goes up 100% so 1 BTC = $20 * Apple price goes up 100%, so now you owe the user 200BTC * You must now spend $2000 to get the user his 100BTC profit. But if you were hedging the position on the markets yourself you have only earned $1000 from the doubling of the original $1000 worth of Apple that the user bought. * So you lose $1000 How do you avoid this? |
|
|
|
|
exxe (OP)
|
|
January 12, 2013, 01:08:35 AM |
|
This doesn't make sense, or maybe we're talking about different things. The situation could look like this: * User buys 100BTC worth of Apple with no leverage at a time when 1 BTC = $10. * BTC price goes up 100% so 1 BTC = $20 * Apple price goes up 100%, so now you owe the user 200BTC * You must now spend $2000 to get the user his 100BTC profit. But if you were hedging the position on the markets yourself you have only earned $1000 from the doubling of the original $1000 worth of Apple that the user bought. * So you lose $1000 How do you avoid this? Imagine 50 people having open positions on Apple. (long and short, no leverage) Short positions have a total value of: 100 BTC, Long positions have a total value of 300 BTC. Let's assume that we already hedge the required amount of 200*14.2 USD. Every week for example, this is recalculated, and adjusted. There are now 2 3 possibilities of the outcome. (BTC/USD: up, Apple: up, Apple hedge amount: up | BTC/USD: down, Apple: up, Apple hedge amount: up, ...). In the end sometimes we profit and sometimes not, but this is a zero sum game minus some fees. Even more important: In reality this isn't a big problem. Most people are using high leverages which create good profits from spreads without the necessity of hedging. Your example is a worst case: 1 user, high amount, no leverage, bad outcome. The masses make CFD brokers profitable. |
|
|
|
|
evoorhees
Legendary
Offline
Activity: 1008
Merit: 1021
Democracy is the original 51% attack
|
|
January 21, 2013, 08:10:45 PM |
|
Wanted to post here that I deposited 100btc at 1Broker, and went long on USD/BTC at 5x leverage. I earned 40btc and the site payed out correctly (I have withdraw 140 btc). So at least from this anecdote it was smooth and legitimate. Looking forward to seeing this site develop further |
|
|
|
|
|
