[4+ EH] Slush Pool (slushpool.com); Overt AsicBoost; World First Mining Pool

[Camello_AR]

2. Passwords are generally low entropy.  If you've used your mining pw elsewhere change it now.

I use a securely generated random password for every slave and every pool. Even if the passwords aren't hashed there's no way any attacker can get into any other pool account.

Is not necesary to have a high secure worker pass. Even when pass is so simple (but diferent as other passwords you use in your life) the only use that it has is mine. Then, if somebody knows your worker/pass combination, the only can do is mine for you
I have simply workname/passwords combinations, but not related to other pass used, to get easy remembers when setup diferents workers 

[1714208971]

1714208971

[1714208971]

1714208971

[jerethdaminer]

how do you check address resolution in gui miner?

[gbx]

how do you check address resolution in gui miner?

In Windows > Start > Run (or Windows Key + R)

Type CMD and hit Enter

type NSLOOKUP

enter in the name you want to resolve.

[hugheser]

I cant function without an account page to refresh every 5 minutes. I might just chalk today up as a personal day.

[Kruncha]

2. Passwords are generally low entropy.  If you've used your mining pw elsewhere change it now.

I use a securely generated random password for every slave and every pool. Even if the passwords aren't hashed there's no way any attacker can get into any other pool account.

Is not necesary to have a high secure worker pass. Even when pass is so simple (but diferent as other passwords you use in your life) the only use that it has is mine. Then, if somebody knows your worker/pass combination, the only can do is mine for you
I have simply workname/passwords combinations, but not related to other pass used, to get easy remembers when setup diferents workers 

That is true.

OFF TOPIC: You speak better English than some English people I know, certainly better than I speak Spanish (I lived there for 5 years)

K.

[claxdog]

I am like a cat in a room full of rocking chairs.I need my stats page.lol. good job keeping us mining slush.

[ntgrac]

I am like a cat in a room full of rocking chairs.I need my stats page.lol. good job keeping us mining slush.

You are not alone :-D

Thanks to slush too.

[beenjammin]

THANK YOU Slush from a 4 day old miner noob. Your handling off this recent server attack shows me that I chose the correct pool. And for my fellow miners ... I too miss the account and statistics pages. I am a big fan of those. Keep on rocking Slush.

[limit]

THANK YOU Slush from a 4 day old miner noob. Your handling off this recent server attack shows me that I chose the correct pool. And for my fellow miners ... I too miss the account and statistics pages. I am a big fan of those. Keep on rocking Slush.

+1

[p0rkbelly]

I was expecting my first payout about (was just waiting for the last final confirmations to finish up) the time the servers were taken down.

Does the website need to be back up for that to happen?

[joolzg]

Slush, is mining on the pool working as there has been no block in over 4 hours, so its either a git block, or something amisss

joolz
ps. any timescale for coming online?

[SkyNet]

I am expecting a payout as well.
Does it actually work or do we need to wait for the website to come back up?

[digital]

Slush has said that the database is down.  Only the mining back end is working.

Which means we are all still working to find blocks.  But the rewards are currently not being calculated.  And he can't make any payouts until the database is back up.  Once the database is back up, he will calculate all the blocks that have been found since the attack and everyone will get credited what they are owed.

Then when that's done and he's sure everything is in good working order, he will re-enable payouts.

I'm sure you can understand, he doesn't want any payouts happening until we are all confident they will be correct.  That benefits us all.

[jerethdaminer]

slush is a good pool manager and thanks to whoever reminded me about nslook up it resolves to a 54.0210.10.xxx address thats right inst it

[mikesheadroom]

there has been no block in over 4 hours

Slush just found a block.

[Lucko]

I'm sure you can understand, he doesn't want any payouts happening until we are all confident they will be correct.  That benefits us all.

Totally understand but I have a ebay action that is happening now and it ends in litel more them 3 hours and I will pay in bitcoins... That is a problem... I only have 0,2 bitcoins in wallet and estimated 0,8 coin on pool... You can see my problem...

[wigsgiw]

Slush, is mining on the pool working as there has been no block in over 4 hours, so its either a git block, or something amisss

Sounds like you may still be mining for the old server. Blocks are being found regularly for me here, and the slowdown you're seeing will be because most have switched over the the new.

Check that stratum.bitcoin.cz resolves to 54.214.x.x for you, and then restart your mining processes and you should be up and running on the new

[phelix]

What about the user database?  Was it compromised?  I'd hate to see bitcoins sent to the wrong address.

I have a database snapshot taken before bad guys overtook the database. So there's no reason to think payout addresses have been modified. Any change of wallet on pool profile requires email confirmation by account owner so I think we're on safe side here.

Unfortunately the user database can be considered as compromised, so the attacker knows user's emails :-(.

How were the passwords hashed?

never answer that!!!

let me rephrase: were the passwords securely hashed?

[p0rkbelly]

What about the user database?  Was it compromised?  I'd hate to see bitcoins sent to the wrong address.

I have a database snapshot taken before bad guys overtook the database. So there's no reason to think payout addresses have been modified. Any change of wallet on pool profile requires email confirmation by account owner so I think we're on safe side here.

Unfortunately the user database can be considered as compromised, so the attacker knows user's emails :-(.

How were the passwords hashed?

never answer that!!!

let me rephrase: were the passwords securely hashed?

And salted?

Not to preach to you, but this is a perfect example why everyone should use unique passwords on every website.

I personally use 20+ character randomly generated passwords thanks to LastPass.  Makes secure password management so easy.

[joolzg]

Slush, is mining on the pool working as there has been no block in over 4 hours, so its either a git block, or something amisss

Sounds like you may still be mining for the old server. Blocks are being found regularly for me here, and the slowdown you're seeing will be because most have switched over the the new.

Check that stratum.bitcoin.cz resolves to 54.214.x.x for you, and then restart your mining processes and you should be up and running on the new

Im looking at blockchain!!!!!

found one

232921 (Main Chain)    2013-04-24 14:36:00    00000000000000e3d44a39649dd4a9b98786dfa46a0bd6c038895c614ee26fed

last one

232896 (Main Chain)    2013-04-24 10:20:11    00000000000001c9aeefe9ae55ce6cbfa05e634dc3cfe16587c48bf03c607593

6 hours+

joolz