|
|
|
|
|
|
|
|
|
|
|
"There should not be any signed int. If you've found a signed int
somewhere, please tell me (within the next 25 years please) and I'll
change it to unsigned int." -- Satoshi
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
marcus_of_augustus
Legendary
 Offline
Activity: 3920
Merit: 2348
Eadem mutata resurgo
|
 |
April 03, 2013, 08:47:06 PM |
|
Sounds expensive. These web wallets seem like unexploded bombs just lying around waiting to go off. |
|
|
|
pinger
Legendary
Offline
Activity: 1512
Merit: 1001
Bitcoin - Resistance is futile
|
|
April 04, 2013, 03:38:15 AM |
|
Some genius need to implement, a password for the wallets ...
|
For rent
|
|
|
lucif
Sr. Member
Offline
Activity: 462
Merit: 250
Clown prophet
|
|
April 04, 2013, 06:35:34 AM |
|
More than. https://instawallet.org/ leads to HTTPS webpage with bitcoin-central exchange service suspension notice. It is actually https://bitcoin-central.net/On one hand they claims they owns 50k BTC and they are under control. On other hand, their parallel project instawallt closes to indefinite time.... [Apr-01 10:30PM CET]
Bitcoin-Central and Paytunia update: Our customer's bitcoins and euros are safe and will not be affected by the security breach. We have taken the websites off-line for proper investigation.
The address 1LrPYjto3hsLzWJNstghuwdrQXB96KbrCy is under our exclusive control.
We thank you for your patience and will provide updates exclusively on this page as they come in. We are committed to resuming service as soon as possible. Expect normal service to resume within 48 hours. |
|
|
|
|
|
|
Mike Hearn
Legendary
Offline
Activity: 1526
Merit: 1129
|
|
April 04, 2013, 09:24:16 AM |
|
There's nothing wrong with having an open source trading engine, there shouldn't be any secrets in there.
The issue with InstaWallet is that it's very old and when it was first created, giving people super-easy disposable wallets seemed like a good idea. And it was! The problem is people parked money there and then (probably) forgot about it or lost their URL, meaning that the service accumulated a large balance. Because there was no signup or identity verification involved, if anyone ever learned the list of wallet URLs then it's game over - there's no way to recover from that or get people their money back reliably.
Though InstaWallet was conceptually very neat, I often wish the energy put into web wallet services like that was put into better downloadable wallet applications instead. The web model and Bitcoin don't mix very well, which is why the most successful web wallet (blockchain.info) has a very unusual design and for max safety requires people to use a browser extension.
|
|
|
|
|
lucif
Sr. Member
Offline
Activity: 462
Merit: 250
Clown prophet
|
|
April 04, 2013, 09:39:05 AM |
|
There's nothing wrong with having an open source trading engine, there shouldn't be any secrets in there.
Yeah? What if developers leaved a bug with vulnurability and have no idea about it? And 1000s hackers in the world have ability to watch and reverse the source... |
|
|
|
|
Puppet
Legendary
Offline
Activity: 980
Merit: 1040
|
|
April 04, 2013, 10:11:18 AM |
|
There's nothing wrong with having an open source trading engine, there shouldn't be any secrets in there.
Yeah? What if developers leaved a bug with vulnurability and have no idea about it? And 1000s hackers in the world have ability to watch and reverse the source... And 1000s of legitimate developers have the possibility to find and correct bugs before hackers do. Its how linux and unix work and your bank runs on it. That said; in this case the ratio of honest devs and wannabee hackers was probably skewed in the wrong direction, and the software couldnt possibly have been as mature as something like linux/unix so Im not sure it was a great idea. |
|
|
|
|
lucif
Sr. Member
Offline
Activity: 462
Merit: 250
Clown prophet
|
|
April 04, 2013, 11:06:43 AM |
|
This is hard violation of all security guidelines for money flow systems. Don't mess Unix with PCI-like services.
Banks don't put a map of all their inside structure right near door. Its just stupid.
Sources must keep safe. Programmers must be under NDA. Otherwise your service will be hero of such breaking news.
|
|
|
|
|
01BTC10
VIP
Hero Member
Offline
Activity: 756
Merit: 503
|
|
April 04, 2013, 11:09:09 AM |
|
There's nothing wrong with having an open source trading engine, there shouldn't be any secrets in there.
Yeah? What if developers leaved a bug with vulnurability and have no idea about it? And 1000s hackers in the world have ability to watch and reverse the source... Security via obscurity doesn't make it more secure. |
|
|
|
|
lucif
Sr. Member
Offline
Activity: 462
Merit: 250
Clown prophet
|
|
April 04, 2013, 11:16:43 AM |
|
Security via obscurity doesn't make it more secure.
Obscurity is additional level. There are much of levels. Keep sources open could be good practice for anyone except money flow. However i see this community sloven level is too high. Why I explain obvious security standards... I see they had very good security, yeah. |
|
|
|
|
lucif
Sr. Member
Offline
Activity: 462
Merit: 250
Clown prophet
|
|
April 04, 2013, 11:19:27 AM |
|
|
|
|
|
|
|
