tvbcof
Legendary
Offline
Activity: 4606
Merit: 1276
|
|
April 26, 2013, 01:50:45 AM |
|
I don't buy it. You just signed up for a bitcointalk.org account on 4/9/13, yet you have quite a lot more than 500 Bitcoins, and you've had a number of regular transactions since at least as far back as 9/14/12? But on the forum, you're dabbling in microtrades of LTC and FC worth less than 1 BTC?
Nope, sorry. You found a large recent transaction, then posted it as if it was yours. You're looking for sympathy and free handouts.
Want to prove me wrong? Sign a message with any one of the addresses from which your funds were supposedly stolen.
And that my friends is experience and good judgement. Or an artifact of speed-reading. I would not rule out the OP being a sock-puppet account (or just a fresh account.) These are neither discouraged by the forum owner, nor would it be a bad idea to report a security issue. It also may be the case that certain people are fairly involved with Bitcoin without having early (or any) involvement with this forum. It's not unfair in my mind to classify this forum as something of a cesspool, and it is certainly a waste of time...particularly for those like myself who have limited self-control and much free time.
|
sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
|
|
|
silvereagle (OP)
Newbie
Offline
Activity: 28
Merit: 0
|
|
April 26, 2013, 01:53:32 AM |
|
Actually been on here for just about a year - just never had any reason or desire to post until recently.
|
|
|
|
Lgetty17
Member
Offline
Activity: 98
Merit: 10
|
|
April 26, 2013, 07:26:15 AM |
|
When you say "hot wallet" do you just mean one linked to the Internet? Online wallet? What are the limitations of an offline wallet?
|
|
|
|
zebedee
Donator
Hero Member
Offline
Activity: 668
Merit: 500
|
|
April 26, 2013, 08:42:38 AM |
|
have the bitcoin-qt client (behind firewall and encrypted wallet), blockchain.info (pretty tough password) and also have the address on my phone using bitcoinspinner for android (could be weak link).
My phone was hacked the other day (posted in off-topic.) I didn't investigate it in detail...just wiped the phone and moved on. I would have a lot of trouble trusting the phone for anything at this point. Certainly not a bitcoin client or access to any on-line wallet with more than a few dollars worth of value. I now don't use it for e-mail on my main e-mail account. Just set up a secondary e-mail for very limited data and use which is a drag (vs. being able to check my mail e-mail from my phone.) I guess I'll do the same with on-line wallets which should be easy enough. I have a Windows machine but would prefer to not access any wallet with more than a few BTC from it as well so this will kill several birds with one stone. Can you post a link? I couldn't find a thread either in Offtopic or your history at a glance. What phone? What do you mean "hacked"? Would like to know given I store up to about 10 BTC on my phone most of the time.
|
|
|
|
silvereagle (OP)
Newbie
Offline
Activity: 28
Merit: 0
|
|
April 26, 2013, 10:31:15 AM |
|
When you say "hot wallet" do you just mean one linked to the Internet? Online wallet? What are the limitations of an offline wallet?
By 'hot' i mean one connected to the network that can be used to send and receive. 'Cold' storage usually means setting up a key you can store things then printing out a paper wallet or something similar and not having the private key/wallet accessible by any means on your computer.
|
|
|
|
|
Eich
Newbie
Offline
Activity: 46
Merit: 0
|
|
April 26, 2013, 02:22:36 PM |
|
I love how you can watch your money being stolen from you LIVE and there's really nothing you can do. hopefully, during one of those jumps, someone catches on to it and returns the funds like in the case of Ozcoin.
Innovation will solve these issues unless regulation decides to stifle creativity.
|
|
|
|
Meni Rosenfeld
Donator
Legendary
Offline
Activity: 2058
Merit: 1054
|
|
April 26, 2013, 02:28:52 PM |
|
I have a customer who is a victim of this particular theft. Here are his answers to piuk's questions. Do you have a bitcoin app on your android phone? NoDo you have a blockchain.info wallet holding the address in question? YesIf you have a blockchain wallet do you use a public alias the same as your bitcointalk, bitcoin-otc or irc username? NoDo you have accounts on one of the following sites: BTC-e, bitcoin-central or mining.bitcoin.cz? NoDo you reuse the same wallet password on different websites (specifically the above sites)? NoDo you read the BTC-e chat box? NoDoes your browser have Java enabled? http://isjavaenabled.com - I have JAVA but I manually choose each time whether to run itHe insists that he is keeping a secure environment and that neither his computer nor strong password were compromised. Any leads on what could have caused this? Or who the thief is? Will reimbursing affected users be considered?
|
|
|
|
der_troll
|
|
April 26, 2013, 02:36:21 PM |
|
I was asked to run Java last time I logged in to Blockchain.info. Is this supposed to happen? Think I'll transfer my Bitcoins to a paperwallet to be on the safe side...
|
|
|
|
Remember remember the 5th of November
Legendary
Offline
Activity: 1862
Merit: 1011
Reverse engineer from time to time
|
|
April 26, 2013, 02:42:05 PM |
|
I was asked to run Java last time I logged in to Blockchain.info. Is this supposed to happen? Think I'll transfer my Bitcoins to a paperwallet to be on the safe side...
That shouldn't happen, you were infected by Java, most likely. But how did Java exploit end up on Blockchain.info?
|
BTC:1AiCRMxgf1ptVQwx6hDuKMu4f7F27QmJC2
|
|
|
der_troll
|
|
April 26, 2013, 02:46:15 PM |
|
I didn't press "accept", so I hope I'm safe. But I can't log into Blockchain now without it popping up... Maybe I should uninstall Java.
|
|
|
|
Kaiji
Full Member
Offline
Activity: 140
Merit: 100
Hoist the Colours
|
|
April 26, 2013, 02:51:46 PM |
|
It's too bad that stolen bitcoins cannot be redflagged so they can't be spent or sold on exchanges. If every bitcoins previous chain of owners can be verified it shouldn't be too hard.
|
|
|
|
SgtSpike
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
April 26, 2013, 03:10:53 PM |
|
It's too bad that stolen bitcoins cannot be redflagged so they can't be spent or sold on exchanges. If every bitcoins previous chain of owners can be verified it shouldn't be too hard.
It wouldn't be hard, but part of Bitcoins being Bitcoins is that they are fungible. We'd be in for a whole huge mess if people started attempting to determine whether coins were stolen. What authority do you go by? If one person says funds are stolen, and another person says they were legitimately acquired, who do you believe? What if you do not have services available to check the stolen-ness of coins prior to accepting them? Not to mention, a proper criminal could simply send the coins to a mixing service, and then the taint would be spread across many different people and addresses. This has been discussed many times before, and always ends up that no one wants to uphold any kind of taint on Bitcoin coins. It just wouldn't work, and would largely kill Bitcoin.
|
|
|
|
Kaiji
Full Member
Offline
Activity: 140
Merit: 100
Hoist the Colours
|
|
April 26, 2013, 04:19:54 PM |
|
It's too bad that stolen bitcoins cannot be redflagged so they can't be spent or sold on exchanges. If every bitcoins previous chain of owners can be verified it shouldn't be too hard.
It wouldn't be hard, but part of Bitcoins being Bitcoins is that they are fungible. We'd be in for a whole huge mess if people started attempting to determine whether coins were stolen. What authority do you go by? If one person says funds are stolen, and another person says they were legitimately acquired, who do you believe? What if you do not have services available to check the stolen-ness of coins prior to accepting them? Not to mention, a proper criminal could simply send the coins to a mixing service, and then the taint would be spread across many different people and addresses. This has been discussed many times before, and always ends up that no one wants to uphold any kind of taint on Bitcoin coins. It just wouldn't work, and would largely kill Bitcoin. I see you're point. Trying to make bitcoin owners traceable would also have similar problems. They only way would be to be able to secure a wallet with something more tougher to crack than a password. Same with emails, passwords are the weak link to their security.
|
|
|
|
bitcoinminer
|
|
April 26, 2013, 05:24:52 PM |
|
For 0.78 BTC you just got a very inexpensive lesson in security. Don't let those coins be spent for naught.
|
Be fearful when others are greedy, and greedy when others are fearful.
-Warren Buffett
|
|
|
demzie
|
|
April 26, 2013, 05:27:57 PM |
|
hmmzzz armory?
|
|
|
|
Mike Hearn
Legendary
Offline
Activity: 1526
Merit: 1129
|
|
April 26, 2013, 05:34:45 PM |
|
I am not convinced this has anything to do with Android. I've seen some chatter about brute-forcing attacks against blockchain.info wallets. Is it possible some older wallets have passwords that aren't strong enough? The b.i KDF is SHA1 repeated only a handful of times, iirc, because JavaScript is slow.
|
|
|
|
organofcorti
Donator
Legendary
Offline
Activity: 2058
Merit: 1007
Poor impulse control.
|
|
April 26, 2013, 05:35:43 PM |
|
[...] Does your browser have Java enabled? http://isjavaenabled.com -- Tough call on this one. I've been running noscript for a week or so on Firefox on a fresh install, so should be protected there, but have had that address for a while and know I was on btc-e prior to installing noscript, so all depends when person would gotten my privkey. Are you confusing Java for Javascript? Or does noscript disable Java now too?
|
|
|
|
Mylon
Full Member
Offline
Activity: 140
Merit: 100
Mining FTW
|
|
April 26, 2013, 06:33:53 PM |
|
[...] Does your browser have Java enabled? http://isjavaenabled.com -- Tough call on this one. I've been running noscript for a week or so on Firefox on a fresh install, so should be protected there, but have had that address for a while and know I was on btc-e prior to installing noscript, so all depends when person would gotten my privkey. Are you confusing Java for Javascript? Or does noscript disable Java now too? noscript, if properly used disables all javascript and all other functionality other than plain html. Has been that way since I've been using it... which is for a couple years now.
|
"All Your Base Are Belong To Us" by CATS
|
|
|
Anenome5
|
|
April 26, 2013, 07:09:04 PM |
|
...Sign a message with any one of the addresses from which your funds were supposedly stolen.
How does one even do that?
|
Democracy is the original 51% attack.
|
|
|
|