BTC Guild Security Warning!

Bitcoin Forum

May 11, 2024, 09:27:59 PM

Welcome, Guest. Please login or register.

News: Latest Bitcoin Core release: 27.0 [Torrent]

Home

Help

Bitcoin Forum > Bitcoin > Mining > Pools > BTC Guild Security Warning!

Pages: [1]

« previous topic next topic »

Author

Topic: BTC Guild Security Warning! (Read 1932 times)

terminator (OP)

Newbie

Offline

Activity: 10
Merit: 0

BTC Guild Security Warning!

June 28, 2011, 04:28:00 PM

Recently BTC guild replaced all the secure https links on the menu with http links.
Also the site now has google ads which load javascript from insecure http.

This allows man in the middle attacks on your accounts.
An attacker can hijack the insecure request to google and inject javascript into btc guild pages to steal cookies/money, even if your on a https page.
If you click any of the links in the menu, your login cookies are sent over plain text http.
I sent an email to them about this and got no response.

If you use Tor to access btc guild, you are especially vulnerable to this.

1715462879

Hero Member

Offline

Posts: 1715462879

Ignore

1715462879

1715462879


	Report to moderator

1715462879

Hero Member

Offline

Posts: 1715462879

Ignore

1715462879


	Report to moderator

1715462879

Hero Member

Offline

Posts: 1715462879

Ignore

1715462879


	Report to moderator

"This isn't the kind of software where we can leave so many unresolved bugs that we need a tracker for them." -- Satoshi

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.

1715462879

Hero Member

Offline

Posts: 1715462879

Ignore

1715462879


	Report to moderator

TurdHurdur

Full Member

Offline

Activity: 216
Merit: 100

Re: BTC Guild Security Warning!

June 28, 2011, 05:26:32 PM

Good work getting the BTCGuild thread deleted. Tongue

mike85123

Full Member

Offline

Activity: 196
Merit: 100

Re: BTC Guild Security Warning!

June 28, 2011, 05:30:36 PM

I posted to the thread (where did it go btw?) asking if he could deliver ads via ssl and never got a response. Started donating to remove ads and there is still a warning from Chrome that there are still some items not being delivered over ssl. Would be nice to just have everything run over ssl.

TurdHurdur

Full Member

Offline

Activity: 216
Merit: 100

Re: BTC Guild Security Warning!

June 28, 2011, 05:34:23 PM

Try QuietUrl, add
^http://www\.btcguild\.com/(.*) https://www.btcguild.com/$1
and make sure enabled is checked.

Clipse

Hero Member

Offline

Activity: 504
Merit: 502

Re: BTC Guild Security Warning!

June 28, 2011, 05:35:27 PM

wtf who deleted the btcguild thread?

...In the land of the stale, the man with one share is king... >> Clipse

We pay miners at 130% PPS | Signup here : Bonus PPS Pool (Please read OP to understand the current process)

hart

Newbie

Offline

Activity: 14
Merit: 0

Re: BTC Guild Security Warning!

June 28, 2011, 05:36:07 PM
Last edit: June 29, 2011, 01:17:06 PM by hart

Quote from: mike85123 on June 28, 2011, 05:30:36 PM

AdSense doesn't support SSL (yet, anyway). Source.

Pages: [1]

Bitcoin Forum > Bitcoin > Mining > Pools > BTC Guild Security Warning!

« previous topic next topic »

Jump to: