Bitcoin Forum
March 24, 2017, 04:30:01 AM *
News: Latest stable version of Bitcoin Core: 0.14.0  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: how is a miner using http secure?  (Read 480 times)
scar
Jr. Member
*
Offline Offline

Activity: 35


View Profile
June 21, 2011, 12:44:16 AM
 #1

how is it secure when a miner is using insecure http to send the user and password?

1P1Y7vVy3wwBUUyBAPdxULTn4KZpttQrfS
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1490329801
Hero Member
*
Offline Offline

Posts: 1490329801

View Profile Personal Message (Offline)

Ignore
1490329801
Reply with quote  #2

1490329801
Report to moderator
1490329801
Hero Member
*
Offline Offline

Posts: 1490329801

View Profile Personal Message (Offline)

Ignore
1490329801
Reply with quote  #2

1490329801
Report to moderator
xunker
Newbie
*
Offline Offline

Activity: 21



View Profile
June 21, 2011, 08:08:38 PM
 #2

how is it secure when a miner is using insecure http to send the user and password?

"No Mr. Bond, I expect you to die."

Translation: it isn't.  If you mine in a pool and this fact worries you:

A) ask your pool admins to enable HTTPS urls for miners
B) move to a pool that uses HTTPS for miners
C) move to a pool that allows you to create miner-only passwords (e.g. you can use them in a URL for your miner, but they cannot be used to log in to that pools' web site to change your account, a la bitcoinpool.com)
randomguy7
Hero Member
*****
Offline Offline

Activity: 528


View Profile
June 21, 2011, 08:15:37 PM
 #3

Are there currently any pools which support https for miners?
thecount
Newbie
*
Offline Offline

Activity: 5


View Profile
June 21, 2011, 08:23:11 PM
 #4

Either use a unique miner-only password or use a pool that doesn't require a password (eligius).
cvk
Newbie
*
Offline Offline

Activity: 5


View Profile
June 21, 2011, 08:35:17 PM
 #5

how is it secure when a miner is using insecure http to send the user and password?

Your miner will be insecure, but that's not a problem as long as you are using a different password for your user account.

If an attacker gets one of your workers' passwords by sniffing your unencrypted HTTP traffic, I think the worst thing he could do is execute a denial of service attack in your name in an attempt to get you banned from your pool.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!