|
|
AlexGR
Legendary
 Offline
Activity: 1708
Merit: 1049
|
 |
July 22, 2016, 11:23:58 PM |
|
Whales will become totally irrelevant when the user base and posting volume increases by 10x or 100x or even 1000x. There just aren't that many whales and whales have the same voting power restrictions as anyone else. A rare whale sighting will be a big deal.
You presume all whales are benevolent. Stake will eventually end up in a power-law distribution, because perpetual 100% debasement is not sustainable (even the transactions fees of the entire earth could not support it). Also it is incorrect to say they play by the same rules. 3 x 3 = 9 is not 1/2 of 6 x 6 = 36. Any way, I have proposed a partial solution. By voting power I was referring to the declining weight according to frequency of votes placed. Just like anyone else, whales can only make about 40 votes per day without depleting their voting power. So with millions of posts and comments and a handful of whales making at most 40 votes per day each, do the math. Seems there'll* be a fix for that: https://steemit.com/crypto-news/@dana-edwards/attention-based-stigmergic-distributed-collaborative-organizations#@alexgr/re-dana-edwards-re-pino-re-dana-edwards-attention-based-stigmergic-distributed-collaborative-organizations-20160722t201600593z* (already is, but not in the UI) |
|
|
|
|
BlindMayorBitcorn
Legendary
Offline
Activity: 1260
Merit: 1116
|
|
July 22, 2016, 11:33:42 PM |
|
To me everything points to the former, closing registration + extending payout time in a last ditch effort to retain value of the hyper-inflated currency...
Registration is open. Furthermore closing registration is pretty much the very last thing a Ponzi scheme would ever want to do. I think it's great to see the big fish of monero debone his own reputation for this. You get hundreds of thousands of dollars, I get something to point at and laugh. So this is win-win. Almost... |
Forgive my petulance and oft-times, I fear, ill-founded criticisms, and forgive me that I have, by this time, made your eyes and head ache with my long letter. But I cannot forgo hastily the pleasure and pride of thus conversing with you.
|
|
|
|
iamnotback
|
|
July 22, 2016, 11:39:29 PM |
|
To me everything points to the former, closing registration + extending payout time in a last ditch effort to retain value of the hyper-inflated currency...
Registration is open. Furthermore closing registration is pretty much the very last thing a Ponzi scheme would ever want to do. I think it's great to see the big fish of monero debone his own reputation for this. You get hundreds of thousands of dollars, I get something to point at and laugh. So this is win-win. Almost... He is the big winner if he can cash out. Good guys finish last. Someone wrote today that Ned is raking in $700K per week. |
|
|
|
|
AlexGR
Legendary
Offline
Activity: 1708
Merit: 1049
|
|
July 22, 2016, 11:44:16 PM |
|
If they are selling: "Oh they are dumping! They are cashing out"
If they aren't selling: "Oh they are pumping the price through artificial liquidity shortage because they control all the coins! Bastards!"
...so no matter what they do they will get criticism.
|
|
|
|
|
Pheonike
Newbie
Offline
Activity: 46
Merit: 0
|
|
July 23, 2016, 12:01:47 AM |
|
The point of the stopping sign-ups was to revamp the security. Users must use a strong password generated for them by browser now. The passwords that some people were using were easy to brute force. Some much FUD on this site. This place is the definition of crabs in a barrel.
|
|
|
|
|
smooth
Legendary
Offline
Activity: 2968
Merit: 1198
|
|
July 23, 2016, 12:36:05 AM |
|
Whales will become totally irrelevant when the user base and posting volume increases by 10x or 100x or even 1000x. There just aren't that many whales and whales have the same voting power restrictions as anyone else. A rare whale sighting will be a big deal.
You presume all whales are benevolent. Stake will eventually end up in a power-law distribution, because perpetual 100% debasement is not sustainable (even the transactions fees of the entire earth could not support it). Also it is incorrect to say they play by the same rules. 3 x 3 = 9 is not 1/2 of 6 x 6 = 36. Any way, I have proposed a partial solution. By voting power I was referring to the declining weight according to frequency of votes placed. Just like anyone else, whales can only make about 40 votes per day without depleting their voting power. So with millions of posts and comments and a handful of whales making at most 40 votes per day each, do the math. Seems there'll* be a fix for that: https://steemit.com/crypto-news/@dana-edwards/attention-based-stigmergic-distributed-collaborative-organizations#@alexgr/re-dana-edwards-re-pino-re-dana-edwards-attention-based-stigmergic-distributed-collaborative-organizations-20160722t201600593z* (already is, but not in the UI) Yes you can voluntarily reduce your power per vote (I do this occasionally in the CLI) but then you are effectively transformed into a to a group of smaller stakeholders (using 1/10 the vote power as your base vote weight, you can vote as if you were 10 stakeholders each at 1/10 size). |
|
|
|
|
|
illyiller
|
|
July 23, 2016, 12:52:27 AM |
|
I recently read that Steem's JavaScript wallet system stores the hash of a user's password on the blockchain. This would essentially reduce security to the level of brain wallets. Doesn't this open the possibility of brute force attacks to compromise many of those wallets? All it would take is cheap cracking software and some hundreds of low-hanging fruit wallets with weak passwords.
|
|
|
|
|
smooth
Legendary
Offline
Activity: 2968
Merit: 1198
|
|
July 23, 2016, 01:02:55 AM |
|
I recently read that Steem's JavaScript wallet system stores the hash of a user's password on the blockchain. This would essentially reduce security to the level of brain wallets. Doesn't this open the possibility of brute force attacks to compromise many of those wallets? All it would take is cheap cracking software and some hundreds of low-hanging fruit wallets with weak passwords.
Recently it was changed to generate exclusively high entropy passwords. |
|
|
|
|
generalizethis
Legendary
Offline
Activity: 1750
Merit: 1036
Facts are more efficient than fud
|
|
July 23, 2016, 01:09:14 AM |
|
I recently read that Steem's JavaScript wallet system stores the hash of a user's password on the blockchain. This would essentially reduce security to the level of brain wallets. Doesn't this open the possibility of brute force attacks to compromise many of those wallets? All it would take is cheap cracking software and some hundreds of low-hanging fruit wallets with weak passwords.
Recently it was changed to generate exclusively high entropy passwords. Building on that--what are the plans for further security upgrades? I read a bit on the witness security, but it's been a few days and can't remember the details.... |
|
|
|
iCEBREAKER
Legendary
Offline
Activity: 2156
Merit: 1072
Crypto is the separation of Power and State.
|
|
July 23, 2016, 01:22:40 AM |
|
Good work. Keep stealing ch33p XMR from the market and hloding them in your strong hands. Using shitcoin pumps to help is some great jujutsu.
I hope (lifestyle-altering amounts of) money doesn't change smooth. It would suck if he spent all his time on beaches in hammocks with rum-heavy tropical drinks, instead of slumming around the altcoin ghetto with us.  |
██████████
██████████████████
██████████████████████
██████████████████████████
████████████████████████████
██████████████████████████████
████████████████████████████████
████████████████████████████████
██████████████████████████████████
██████████████████████████████████
██████████████████████████████████
██████████████████████████████████
██████████████████████████████████
████████████████████████████████
██████████████
██████████████
████████████████████████████
██████████████████████████
██████████████████████
██████████████████
██████████
Monero
|
| "The difference between bad and well-developed digital cash will determine
whether we have a dictatorship or a real democracy." David Chaum 1996
"Fungibility provides privacy as a side effect." Adam Back 2014
|
| | |
|
|
|
smooth
Legendary
Offline
Activity: 2968
Merit: 1198
|
|
July 23, 2016, 01:26:38 AM
Last edit: July 23, 2016, 01:42:48 AM by smooth |
|
I recently read that Steem's JavaScript wallet system stores the hash of a user's password on the blockchain. This would essentially reduce security to the level of brain wallets. Doesn't this open the possibility of brute force attacks to compromise many of those wallets? All it would take is cheap cracking software and some hundreds of low-hanging fruit wallets with weak passwords.
Recently it was changed to generate exclusively high entropy passwords. Building on that--what are the plans for further security upgrades? I read a bit on the witness security, but it's been a few days and can't remember the details.... I don't know the witness security thing but the main direction on security seems to be account recovery. This approach accepts that keys will be compromised but makes it less costly. Already there is a system where a compromised account can be returned to its original owner. Next up will be time locked access controls so if an account is compromised, limits apply to the amount of funds that can be removed from the account before it is recovered (this already applies to Steem Power and will be added to the other asset times). The final form of recovery that is planned is being able to designate a group of friends and family (essentially a form of multisig) who can approve recovery from lost keys (including death of the owner without leaving access to the keys to anyone). |
|
|
|
|
BlindMayorBitcorn
Legendary
Offline
Activity: 1260
Merit: 1116
|
|
July 23, 2016, 01:32:17 AM |
|
Good work. Using shitcoin pumps to help is great.
I hope (lifestyle-altering amounts of) scamshilling doesn't change smooth. It would suck if he spent all his time on beaches with his fingers around rum-soaked bollocks, instead of slumming around the altcoin ghetto with us. It really is that easy. |
Forgive my petulance and oft-times, I fear, ill-founded criticisms, and forgive me that I have, by this time, made your eyes and head ache with my long letter. But I cannot forgo hastily the pleasure and pride of thus conversing with you.
|
|
|
generalizethis
Legendary
Offline
Activity: 1750
Merit: 1036
Facts are more efficient than fud
|
|
July 23, 2016, 01:39:55 AM |
|
I recently read that Steem's JavaScript wallet system stores the hash of a user's password on the blockchain. This would essentially reduce security to the level of brain wallets. Doesn't this open the possibility of brute force attacks to compromise many of those wallets? All it would take is cheap cracking software and some hundreds of low-hanging fruit wallets with weak passwords.
Recently it was changed to generate exclusively high entropy passwords. Building on that--what are the plans for further security upgrades? I read a bit on the witness security, but it's been a few days and can't remember the details.... I don't know the witness security thing but the main direction on security seems to be account recovery. This approach accepts that keys will be compromised but makes it less costly. Already there is a system where a compromised account can be returned to its original owner. Next up will be time locked access controls so if an account is compromised, limits apply to the amount of funds that can be removed from the account before it is recovered (this already applied to Steem Power and will be added to the other asset times). The final form of recovery that is planned is being able to designate a group of friends and family (essentially a form of multisig) who can approve recovery from lost keys (including death of the owner without leaving access to the keys to anyone). Is there a write-up of those features? |
|
|
|
smooth
Legendary
Offline
Activity: 2968
Merit: 1198
|
|
July 23, 2016, 01:41:05 AM |
|
I recently read that Steem's JavaScript wallet system stores the hash of a user's password on the blockchain. This would essentially reduce security to the level of brain wallets. Doesn't this open the possibility of brute force attacks to compromise many of those wallets? All it would take is cheap cracking software and some hundreds of low-hanging fruit wallets with weak passwords.
Recently it was changed to generate exclusively high entropy passwords. Building on that--what are the plans for further security upgrades? I read a bit on the witness security, but it's been a few days and can't remember the details.... I don't know the witness security thing but the main direction on security seems to be account recovery. This approach accepts that keys will be compromised but makes it less costly. Already there is a system where a compromised account can be returned to its original owner. Next up will be time locked access controls so if an account is compromised, limits apply to the amount of funds that can be removed from the account before it is recovered (this already applied to Steem Power and will be added to the other asset times). The final form of recovery that is planned is being able to designate a group of friends and family (essentially a form of multisig) who can approve recovery from lost keys (including death of the owner without leaving access to the keys to anyone). Is there a write-up of those features? |
|
|
|
|
generalizethis
Legendary
Offline
Activity: 1750
Merit: 1036
Facts are more efficient than fud
|
|
July 23, 2016, 01:45:22 AM |
|
I recently read that Steem's JavaScript wallet system stores the hash of a user's password on the blockchain. This would essentially reduce security to the level of brain wallets. Doesn't this open the possibility of brute force attacks to compromise many of those wallets? All it would take is cheap cracking software and some hundreds of low-hanging fruit wallets with weak passwords.
Recently it was changed to generate exclusively high entropy passwords. Building on that--what are the plans for further security upgrades? I read a bit on the witness security, but it's been a few days and can't remember the details.... I don't know the witness security thing but the main direction on security seems to be account recovery. This approach accepts that keys will be compromised but makes it less costly. Already there is a system where a compromised account can be returned to its original owner. Next up will be time locked access controls so if an account is compromised, limits apply to the amount of funds that can be removed from the account before it is recovered (this already applied to Steem Power and will be added to the other asset times). The final form of recovery that is planned is being able to designate a group of friends and family (essentially a form of multisig) who can approve recovery from lost keys (including death of the owner without leaving access to the keys to anyone). Is there a write-up of those features? Permission to quote you?/ I think the security was the lightbulb for me--acknowledge the problem and solve it. |
|
|
|
smooth
Legendary
Offline
Activity: 2968
Merit: 1198
|
|
July 23, 2016, 01:55:44 AM |
|
I recently read that Steem's JavaScript wallet system stores the hash of a user's password on the blockchain. This would essentially reduce security to the level of brain wallets. Doesn't this open the possibility of brute force attacks to compromise many of those wallets? All it would take is cheap cracking software and some hundreds of low-hanging fruit wallets with weak passwords.
Recently it was changed to generate exclusively high entropy passwords. Building on that--what are the plans for further security upgrades? I read a bit on the witness security, but it's been a few days and can't remember the details.... I don't know the witness security thing but the main direction on security seems to be account recovery. This approach accepts that keys will be compromised but makes it less costly. Already there is a system where a compromised account can be returned to its original owner. Next up will be time locked access controls so if an account is compromised, limits apply to the amount of funds that can be removed from the account before it is recovered (this already applied to Steem Power and will be added to the other asset times). The final form of recovery that is planned is being able to designate a group of friends and family (essentially a form of multisig) who can approve recovery from lost keys (including death of the owner without leaving access to the keys to anyone). Is there a write-up of those features? Permission to quote you?/ Sure |
|
|
|
|
generalizethis
Legendary
Offline
Activity: 1750
Merit: 1036
Facts are more efficient than fud
|
|
July 23, 2016, 02:07:56 AM |
|
|
|
|
|
|
iamnotback
|
|
July 23, 2016, 02:09:03 AM |
|
There are dumb motherfuckers over at Steemit. |
|
|
|
|
smooth
Legendary
Offline
Activity: 2968
Merit: 1198
|
|
July 23, 2016, 02:14:01 AM |
|
There are dumb motherfuckers over at Steemit.FIFY |
|
|
|
|
|
