coinminers (OP)
|
|
April 04, 2013, 06:55:36 AM |
|
Has anyone here heard about the address shortener bit.co.in ?
Curious to hear your thoughts.
Cheers!
|
|
|
|
gweedo
Legendary
Offline
Activity: 1498
Merit: 1000
|
|
April 04, 2013, 06:58:22 AM |
|
Never heard about it, but it doesn't talk about any way it is verifiable database or how to protect the user's address from being changed. Also no tip buttons. But http://qcl.me has all that! Make sure you know where your putting your address and what security so they can't collect your tips.
|
|
|
|
rme
|
|
April 04, 2013, 07:04:36 AM |
|
Your Bitcoin Address is too short (minimum is 34 characters). Thats a bug, "A Bitcoin address, or simply address, is an identifier of 27-34 alphanumeric characters, beginning with the number 1 or 3, that represents a possible destination for a Bitcoin payment." My Bitcoin address is 32 characters long, please fix ASAP
|
|
|
|
coinminers (OP)
|
|
April 04, 2013, 07:27:23 AM |
|
Your Bitcoin Address is too short (minimum is 34 characters). Thats a bug, "A Bitcoin address, or simply address, is an identifier of 27-34 alphanumeric characters, beginning with the number 1 or 3, that represents a possible destination for a Bitcoin payment." My Bitcoin address is 32 characters long, please fix ASAP Try now
|
|
|
|
gweedo
Legendary
Offline
Activity: 1498
Merit: 1000
|
|
April 04, 2013, 07:31:42 AM |
|
Your Bitcoin Address is too short (minimum is 34 characters). Thats a bug, "A Bitcoin address, or simply address, is an identifier of 27-34 alphanumeric characters, beginning with the number 1 or 3, that represents a possible destination for a Bitcoin payment." My Bitcoin address is 32 characters long, please fix ASAP Try now I guess your the owner you could have just said so Also can you explain the security you employ? Are the address encrypted so you can't change them?
|
|
|
|
coinminers (OP)
|
|
April 06, 2013, 04:39:08 PM |
|
I guess your the owner you could have just said so Also can you explain the security you employ? Are the address encrypted so you can't change them? We employ the most up to date Cross-site Scripting Prevention, Cross-site Request Forgery Prevention, and Cookie Attack Prevention (even though there is no login capability yet) techniques. Furthermore the server is only accessible through non 80 ports from one single undisclosed location. If the addresses were encrypted I could still change them so I don't see how encryption would help prevent me from doing so if I had the retarded intention to do so, unless I'm missing something?
|
|
|
|
remotemass
Legendary
Offline
Activity: 1122
Merit: 1017
ASMR El Salvador
|
|
April 06, 2013, 04:53:28 PM |
|
What is the 4 digit pin number? Is it to allow the owner of it to change the link to another address later? That would be a nice feature
|
{ Imagine a sequence of bits generated from the first decimal place of the square roots of whole integers that are irrational numbers. If the decimal falls between 0 and 5, it's considered bit 0, and if it falls between 5 and 10, it's considered bit 1. This sequence from a simple integer count of contiguous irrationals and their logical decimal expansion of the first decimal place is called the 'main irrational stream.' Our goal is to design a physical and optical computing system system that can detect when this stream starts matching a specific pattern of a given size of bits. bitcointalk.org/index.php?topic=166760.0 } Satoshi did use a friend class in C++ and put a comment on the code saying: "This is why people hate C++".
|
|
|
gweedo
Legendary
Offline
Activity: 1498
Merit: 1000
|
|
April 06, 2013, 05:40:09 PM |
|
If the addresses were encrypted I could still change them so I don't see how encryption would help prevent me from doing so if I had the retarded intention to do so, unless I'm missing something?
but what if a hacker gains access and changes the address how do protect against it?
|
|
|
|
rme
|
|
April 06, 2013, 05:42:08 PM |
|
If the addresses were encrypted I could still change them so I don't see how encryption would help prevent me from doing so if I had the retarded intention to do so, unless I'm missing something?
but what if a hacker gains access and changes the address how do protect against it? If a hacker gains access can replace the entire website with a fake one and you can do nothing to stop it. Just use a 64 character password for the ftp and do not login in a insecure pc.
|
|
|
|
mai77
Newbie
Offline
Activity: 28
Merit: 0
|
|
April 06, 2013, 07:15:03 PM |
|
there is a high risk potential in this. I don't think people will use it overly, unless there is credible insurance against fraud by anybody.
|
|
|
|
Nicolai
Newbie
Offline
Activity: 39
Merit: 0
|
|
April 06, 2013, 07:50:58 PM Last edit: April 06, 2013, 08:05:59 PM by Nicolai |
|
I guess your the owner you could have just said so Also can you explain the security you employ? Are the address encrypted so you can't change them? We employ the most up to date Cross-site Scripting Prevention, Cross-site Request Forgery Prevention, and Cookie Attack Prevention (even though there is no login capability yet) techniques. Furthermore the server is only accessible through non 80 ports from one single undisclosed location. If the addresses were encrypted I could still change them so I don't see how encryption would help prevent me from doing so if I had the retarded intention to do so, unless I'm missing something? And do you know anything about security, or are you just copy/pasting a lot of bull**** ? http://bit.co.in/123451 <-- woops? https://i.imgur.com/wz7TKlY.png
|
|
|
|
coinminers (OP)
|
|
April 06, 2013, 08:04:47 PM |
|
And do you know anything about security, or are you just copy/pasting a lot of bull**** ? http://bit.co.in/123451 <-- woops? No I was giving you my honest answer, doesn't mean we can't improve things of course.
|
|
|
|
gweedo
Legendary
Offline
Activity: 1498
Merit: 1000
|
|
April 06, 2013, 08:06:51 PM |
|
And do you know anything about security, or are you just copy/pasting a lot of bull**** ? http://bit.co.in/123451 <-- woops? No I was giving you my honest answer, doesn't mean we can't improve things of course. That is a basic security for a web site...
|
|
|
|
coinminers (OP)
|
|
April 06, 2013, 08:11:41 PM |
|
That is a basic security for a web site...
Yes, I agree. It was an oversight on my part for which I aplologize.
|
|
|
|
tlr
Member
Offline
Activity: 86
Merit: 10
|
|
April 06, 2013, 08:21:37 PM |
|
Also saw this today: http://bitcaddy.com/It would be pretty neat if we had a convention to store short address mappings in the blockchain, that way it's totally distributed and transparent.
|
|
|
|
coinminers (OP)
|
|
April 06, 2013, 08:32:01 PM |
|
What is the 4 digit pin number? Is it to allow the owner of it to change the link to another address later? That would be a nice feature
Yes, but it has to happen by emailing us and we'll then do it for you upon verification.
|
|
|
|
tlr
Member
Offline
Activity: 86
Merit: 10
|
|
April 06, 2013, 08:52:06 PM |
|
It would be pretty neat if we had a convention to store short address mappings in the blockchain, that way it's totally distributed and transparent.
Build it, you could use something like namecoin to get you started, and you would probably put every shortener out of business. Also bitcaddy, looks to not talk about the securely they use and plus they charge for custom. Clearly and I hate to do self promotion but http://qcl.me is the currently aside from firstbits, is the most secure and verifiable shortener on the internet. It has been tried to be hacked many times and all attackers haven't gain access to anything. The database can't be changed by me or a 3rd party, the only thing that could happen is the database could be deleted, the site is self checking before displaying any address, and it includes litecoins address. I don't see any completion that does anything remotely to what my site is doing. If they are they don't talk about it. Oh, "firstbits" seems to solve this problem nicely, except for the transaction spam problem, and you can't use custom names. My idea would suffer the same problem, unless we used a separate block chain like namecoin, but I don't particularly like that idea. In that case it would make more sense to just use namecoin with a different namespace.
|
|
|
|
coinminers (OP)
|
|
April 06, 2013, 09:48:01 PM |
|
Another flaw in the system, what if someone hacks your email without you knowing it and collects some pins waits and then changes the addresses...
I sell the site, without the software, this is not looking good for you plus your getting ran over in the business.
The good news is that the software can be changed. I didn't spend much time on this so far and was doing this mostly to gather this kind of feedback and hear these kinds of concerns which I appreciate. I have lots of ideas on how to improve things.
|
|
|
|
coinminers (OP)
|
|
April 07, 2013, 01:01:04 AM |
|
I guess your the owner you could have just said so Also can you explain the security you employ? Are the address encrypted so you can't change them? We employ the most up to date Cross-site Scripting Prevention, Cross-site Request Forgery Prevention, and Cookie Attack Prevention (even though there is no login capability yet) techniques. Furthermore the server is only accessible through non 80 ports from one single undisclosed location. If the addresses were encrypted I could still change them so I don't see how encryption would help prevent me from doing so if I had the retarded intention to do so, unless I'm missing something? And do you know anything about security, or are you just copy/pasting a lot of bull**** ? http://bit.co.in/123451 <-- woops? OK, I added the appropriate validation now. I'm very sorry for missing this obvious shortcoming and I appreciate you pointing it out.
|
|
|
|
coinminers (OP)
|
|
April 11, 2013, 11:12:46 PM |
|
Also I just wanted to let you know that now all shortnames are one way hashed and addresses encrypted with the shortname, so there's no way for anyone even if he got into it to replace other shortlink's currency addresses with his own.
Thanks for the feedback. Cheers!
|
|
|
|
|