BoXXoB
Legendary
Offline
Activity: 2018
Merit: 1108
|
|
July 17, 2016, 08:10:46 PM |
|
Oh wait. Why don't you just add 2FA and email confirmation to withdrawals?
This. I still can't understand they didn't add the feature. ATLEAST MAKE IT OPTIONAL...
|
|
|
|
amiraja
|
|
July 18, 2016, 03:33:03 AM |
|
why I always can not chat in the chat primedice not running
|
|
|
|
janggernaut
Legendary
Offline
Activity: 2366
Merit: 1130
|
|
July 18, 2016, 04:00:17 AM |
|
why I always can not chat in the chat primedice not running
I just tried it and my chat appears like usual, maybe because ypur connection?
|
|
|
|
shulio
Legendary
Offline
Activity: 1540
Merit: 1016
|
|
July 18, 2016, 05:52:42 AM |
|
adding mail confirmations for withdraw will be solution
If the 'hacker' has access to the account, this means your email address could got compromised as well if he knows what your email address which is linked to the PD account is. The simplest solution to this is to force a 2FA for every account , this is the simplest yet the toughest thing to break for the hacker yes if they hacked highly possible their mail got hacked too but at least they will see confirmation mail on their mail or they will see their mail password changed too so they wont doubt someone at pd staff got their coins It would seem to me it would be very difficult to hack, considering the captcha on the login now, just noticed that. I would suspect the user may have a keylogger type virus on their system, and not know it. While the keylogger would be relatively useless for things like a BTC wallet on your local machine, because they wouldnt have access to it, it would allow them to get into sites they log into. When I ran my business years back, my staff abused the hell out of AIM and other chat application. Writing up didnt work. Installed a baracudda system, costing $8000, didnt stop them. So, one night, after consulting our lawyers of course-- and that it was ok to do so, we installed a paid for program to log specifically mouse movements, in what programs, what windows, and capture screenshots every 10 seconds. Only for one reason, the abuse of employees not working and chatting literally all day was costing a fortune. The program was incredibly stealth, it did not show up on the hard drive, it did not show up anywhere using any detection method as a running service. It was impossible to see. The only way you could "get" into it, was to type your "keycode" into notepad, which was something obscure... like 4f8behe9e$$b6b4b Then a window would appear. My point- it was undetectable. Even with Windows defender. MS Security Essentials. Etc. It literally emailed out the data on a interval basis, over a vpn, so even if the user analyzed the traffic, it was encrypted first, then sent encrypted again over an obscure port via VPN. That said: If a user has a keylogger on their computer. They could gain access to the users PD Account. Then they could find the deposit address. With the deposit address, using Blockchain.info, set up a watch, with audio alarm- the second a deposit hits, pre-confirmation. So they hear it, then wait for confirm. Login, and the moment it hits, withdraw. I'm totally freaked out by keyloggers. For that reason, I sandbox nearly everything I run, and run VMs. My root system I keep highly protected. There are so many viruses out there. Its insane. Be safe guys, and be very careful what you install. As well as the websites you visit. Cheers! Strato With this said, email confirmation will be useless as well if there is this undetectable keylogger. However putting 2FA on your phone up will be the most secure thing even if you got a keylogger on your computer. The only way to stop this from happening again is to force 2FA to all accounts which has made deposits before
|
|
|
|
petermike
|
|
July 18, 2016, 10:47:08 AM |
|
Now I think Primedice is best site. Almost all believe it. They said: "First off primedice stores hashed passwords that we cant see. Not developer, not stunna, not edward not anybody." It's very safe; if have error, it will your error. I love PD and all giveaway. Thanks!
|
|
|
|
Daneric
|
|
July 18, 2016, 02:04:49 PM |
|
There have been several cases of people claiming that their coins were stolen in primedice accounts. When PD4 was launched, I thought the security of the accounts was going to be enhanced. Instead, Stunna and company have decided to ignore this and have left their dear customers at the mercy of hackers. What I expected with the new version was a security feature during withdrawing or tipping. An example is in localbitcoins. Complete whereby if you enable login 2FA, the same also affects withdrawals. Stunna please put this feature as optional so that if you want to withdraw you need 2FA which a hacker cannot access.
|
|
|
|
actmyname
Copper Member
Legendary
Offline
Activity: 2562
Merit: 2510
Spear the bees
|
|
July 18, 2016, 02:09:04 PM |
|
There have been several cases of people claiming that their coins were stolen in primedice accounts. When PD4 was launched, I thought the security of the accounts was going to be enhanced. Instead, Stunna and company have decided to ignore this and have left their dear customers at the mercy of hackers. What I expected with the new version was a security feature during withdrawing or tipping. An example is in localbitcoins. Complete whereby if you enable login 2FA, the same also affects withdrawals. Stunna please put this feature as optional so that if you want to withdraw you need 2FA which a hacker cannot access.
Why not enable 2FA for logins to prevent anybody from attempting to tip or withdraw at all? That doesn't seem like it would be a problem.
|
|
|
|
cazkooo
Legendary
Offline
Activity: 1540
Merit: 1013
|
|
July 18, 2016, 02:28:27 PM |
|
Why not enable 2FA for logins to prevent anybody from attempting to tip or withdraw at all? That doesn't seem like it would be a problem.
Some people dont like the trouble of having to enter code whenever you want to login or withdraw, it is not very convenient though but it is safer however some people just dislike it . PD cant force everyone to use 2 FA as well because it is optional however for your own safety it is better to use it
|
|
|
|
actmyname
Copper Member
Legendary
Offline
Activity: 2562
Merit: 2510
Spear the bees
|
|
July 18, 2016, 02:44:52 PM |
|
Why not enable 2FA for logins to prevent anybody from attempting to tip or withdraw at all? That doesn't seem like it would be a problem.
Some people dont like the trouble of having to enter code whenever you want to login or withdraw, it is not very convenient though but it is safer however some people just dislike it . PD cant force everyone to use 2 FA as well because it is optional however for your own safety it is better to use it Did you even read? Why not enable 2FA for logins to prevent anybody from attempting to tip or withdraw at all? That doesn't seem like it would be a problem.
I'm not speaking of 2FA codes for withdrawals. Besides, you usually don't log out of PD and so all you have to do is just enter the 2FA code once and you're pretty much set. My point is that it's senseless to want a 2FA code for withdrawals if we already have one for logins. They can't withdraw your balance if they can't log in in the first place.
|
|
|
|
cazkooo
Legendary
Offline
Activity: 1540
Merit: 1013
|
|
July 18, 2016, 02:50:05 PM |
|
Why not enable 2FA for logins to prevent anybody from attempting to tip or withdraw at all? That doesn't seem like it would be a problem.
Some people dont like the trouble of having to enter code whenever you want to login or withdraw, it is not very convenient though but it is safer however some people just dislike it . PD cant force everyone to use 2 FA as well because it is optional however for your own safety it is better to use it Did you even read? Why not enable 2FA for logins to prevent anybody from attempting to tip or withdraw at all? That doesn't seem like it would be a problem.
I'm not speaking of 2FA codes for withdrawals. Besides, you usually don't log out of PD and so all you have to do is just enter the 2FA code once and you're pretty much set. My point is that it's senseless to want a 2FA code for withdrawals if we already have one for logins. They can't withdraw your balance if they can't log in in the first place. Do you even read my post as well? I bolded it as well As far as I know it is one package, if you set 2 FA to your accounts then it will be needed for both logins and withdrawals. It is stupid to only use 2 FA for logins if you could have even more secure way of setting security on your account
|
|
|
|
actmyname
Copper Member
Legendary
Offline
Activity: 2562
Merit: 2510
Spear the bees
|
|
July 18, 2016, 02:59:49 PM |
|
Do you even read my post as well? I bolded it as well As far as I know it is one package, if you set 2 FA to your accounts then it will be needed for both logins and withdrawals. It is stupid to only use 2 FA for logins if you could have even more secure way of setting security on your account
So you're essentially saying that a "hacker" would be able to breach the login 2FA. If they could do that, then they can breach the withdrawal 2FA as well! You might say it's extra security, but there's no point adding on to what's already virtually uncrackable. All you're doing is adding more locks onto a titanium vault guarded by an army. Sure, it might increase the security, but you've already got enough such that anybody won't get past the first stage. The only reason you might want to make a 2FA confirmation on withdrawals is if you have malware that can control your inputs and withdraw while you're on Primedice, but if that's the case then surely it's your problem of being too reckless.
|
|
|
|
cazkooo
Legendary
Offline
Activity: 1540
Merit: 1013
|
|
July 18, 2016, 03:05:30 PM |
|
The only reason you might want to make a 2FA confirmation on withdrawals is if you have malware that can control your inputs and withdraw while you're on Primedice, but if that's the case then surely it's your problem of being too reckless.
The same reason for everyone that being reckless that their login info is exposed to hacker. So far there is no confirmation yet of what kind of malware that infect all of these victims, they keep saying that their system antivirus or whatever doesnt detect anything wrong . One thing for sure all the victim was logged in to primedice before their money got stolen which of course it could be a malware that could only controls your account while you are logging your own accountPS : this of course is my own thoughts about this issue and I have no evidence whatsoever
|
|
|
|
Freaks
Legendary
Offline
Activity: 1554
Merit: 1001
|
|
July 18, 2016, 04:03:03 PM |
|
The only reason you might want to make a 2FA confirmation on withdrawals is if you have malware that can control your inputs and withdraw while you're on Primedice, but if that's the case then surely it's your problem of being too reckless.
The same reason for everyone that being reckless that their login info is exposed to hacker. So far there is no confirmation yet of what kind of malware that infect all of these victims, they keep saying that their system antivirus or whatever doesnt detect anything wrong . One thing for sure all the victim was logged in to primedice before their money got stolen which of course it could be a malware that could only controls your account while you are logging your own accountPS : this of course is my own thoughts about this issue and I have no evidence whatsoever It seems like that anybody has very strong malware which can detect high deposited amount and can steal it easily. That is very strange situation what is going like on PD.
|
|
|
|
cazkooo
Legendary
Offline
Activity: 1540
Merit: 1013
|
|
July 18, 2016, 04:26:52 PM |
|
The only reason you might want to make a 2FA confirmation on withdrawals is if you have malware that can control your inputs and withdraw while you're on Primedice, but if that's the case then surely it's your problem of being too reckless.
The same reason for everyone that being reckless that their login info is exposed to hacker. So far there is no confirmation yet of what kind of malware that infect all of these victims, they keep saying that their system antivirus or whatever doesnt detect anything wrong . One thing for sure all the victim was logged in to primedice before their money got stolen which of course it could be a malware that could only controls your account while you are logging your own accountPS : this of course is my own thoughts about this issue and I have no evidence whatsoever It seems like that anybody has very strong malware which can detect high deposited amount and can steal it easily. That is very strange situation what is going like on PD. We dont know for sure what is really happening here and all we get is clearly that there is some malware that steals your balance so I guess that the malware if exist doesnt really target all those high depositor but also small depositor however the thief just dont steal such small balance as it is not really worth it
|
|
|
|
Stunna (OP)
Legendary
Offline
Activity: 3192
Merit: 1279
Primedice.com, Stake.com
|
|
July 18, 2016, 04:52:16 PM |
|
The only reason you might want to make a 2FA confirmation on withdrawals is if you have malware that can control your inputs and withdraw while you're on Primedice, but if that's the case then surely it's your problem of being too reckless.
The same reason for everyone that being reckless that their login info is exposed to hacker. So far there is no confirmation yet of what kind of malware that infect all of these victims, they keep saying that their system antivirus or whatever doesnt detect anything wrong . One thing for sure all the victim was logged in to primedice before their money got stolen which of course it could be a malware that could only controls your account while you are logging your own accountPS : this of course is my own thoughts about this issue and I have no evidence whatsoever Every single case we've explored with this type of theft has been a very weak or re-used password. Bots and stuff stealing balances are common but usually people with decent amounts aren't running untrusted code. It's better to not have a password than to have a password that has your username in it plus a number
|
|
|
|
BoXXoB
Legendary
Offline
Activity: 2018
Merit: 1108
|
|
July 18, 2016, 04:53:29 PM |
|
The only reason you might want to make a 2FA confirmation on withdrawals is if you have malware that can control your inputs and withdraw while you're on Primedice, but if that's the case then surely it's your problem of being too reckless.
The same reason for everyone that being reckless that their login info is exposed to hacker. So far there is no confirmation yet of what kind of malware that infect all of these victims, they keep saying that their system antivirus or whatever doesnt detect anything wrong . One thing for sure all the victim was logged in to primedice before their money got stolen which of course it could be a malware that could only controls your account while you are logging your own accountPS : this of course is my own thoughts about this issue and I have no evidence whatsoever Every single case we've explored with this type of theft has been a very weak or re-used password. Bots and stuff stealing balances are common but usually people with decent amounts aren't running untrusted code. It's better to not have a password than to have a password that has your username in it plus a number What's preventing you from having 2FA on withdrawal though? As an option atleast...
|
|
|
|
Stunna (OP)
Legendary
Offline
Activity: 3192
Merit: 1279
Primedice.com, Stake.com
|
|
July 18, 2016, 04:56:50 PM |
|
The only reason you might want to make a 2FA confirmation on withdrawals is if you have malware that can control your inputs and withdraw while you're on Primedice, but if that's the case then surely it's your problem of being too reckless.
The same reason for everyone that being reckless that their login info is exposed to hacker. So far there is no confirmation yet of what kind of malware that infect all of these victims, they keep saying that their system antivirus or whatever doesnt detect anything wrong . One thing for sure all the victim was logged in to primedice before their money got stolen which of course it could be a malware that could only controls your account while you are logging your own accountPS : this of course is my own thoughts about this issue and I have no evidence whatsoever Every single case we've explored with this type of theft has been a very weak or re-used password. Bots and stuff stealing balances are common but usually people with decent amounts aren't running untrusted code. It's better to not have a password than to have a password that has your username in it plus a number What's preventing you from having 2FA on withdrawal though? As an option atleast... We'll consider adding that along with a few other measures, 99% of the people who complain on this forum never enabled 2fa in the first place though.
|
|
|
|
hell696969
Jr. Member
Offline
Activity: 55
Merit: 2
|
|
July 18, 2016, 04:59:59 PM |
|
Am i ever going to get a reply to my support ticket? it was from before V4
|
|
|
|
BoXXoB
Legendary
Offline
Activity: 2018
Merit: 1108
|
|
July 18, 2016, 05:00:41 PM |
|
The only reason you might want to make a 2FA confirmation on withdrawals is if you have malware that can control your inputs and withdraw while you're on Primedice, but if that's the case then surely it's your problem of being too reckless.
The same reason for everyone that being reckless that their login info is exposed to hacker. So far there is no confirmation yet of what kind of malware that infect all of these victims, they keep saying that their system antivirus or whatever doesnt detect anything wrong . One thing for sure all the victim was logged in to primedice before their money got stolen which of course it could be a malware that could only controls your account while you are logging your own accountPS : this of course is my own thoughts about this issue and I have no evidence whatsoever Every single case we've explored with this type of theft has been a very weak or re-used password. Bots and stuff stealing balances are common but usually people with decent amounts aren't running untrusted code. It's better to not have a password than to have a password that has your username in it plus a number What's preventing you from having 2FA on withdrawal though? As an option atleast... We'll consider adding that along with a few other measures, 99% of the people who complain on this forum never enabled 2fa in the first place though. Appreciate that you're considering it. And if the complainers didn't even have 2FA (and possibly had a weak password), of course it was their fault. I do understand most depends on how careful the person is. Even though there's no 2FA on withdraw I haven't had anything stolen obviously. Just better safe than sorry.
|
|
|
|
Kiritsugu
Legendary
Offline
Activity: 1570
Merit: 1041
|
|
July 18, 2016, 05:17:15 PM |
|
Am i ever going to get a reply to my support ticket? it was from before V4
What is your Support ID #? I can forward it to MICRO and have him take another look.
|
|
|
|
|