bustabit – The original crash game

[xxjumperxx]

Exactly!
Dont use any apps there are no apps and I dont think Daniel plans on developing one. There is no need since the site is so simple and the layout on mobile is already good enough.
Google just lets anyone make an app and have it published in App Store. So much Scam.

[Raflesia]

Exactly!
Dont use any apps there are no apps and I dont think Daniel plans on developing one. There is no need since the site is so simple and the layout on mobile is already good enough.
Google just lets anyone make an app and have it published in App Store. So much Scam.

We need to understand this and if there is a bustabit application in the playstore or appstore then it can be said to be fake, the developer does not intend to launch it and it is true, with the layout in the android version it is good so what are the applications for again, and this is rare now gambling sites crypto has a special application.

Remember that there are always ways to scamers, so you have to follow the discussion here to know more about how and what happened, as conveyed by @jaggernaut, which has warned us that there are phishing sites scattered on Google.

[jaberwock]

We need to understand this and if there is a bustabit application in the playstore or appstore then it can be said to be fake, the developer does not intend to launch it and it is true, with the layout in the android version it is good so what are the applications for again, and this is rare now gambling sites crypto has a special application.

Remember that there are always ways to scamers, so you have to follow the discussion here to know more about how and what happened, as conveyed by @jaggernaut, which has warned us that there are phishing sites scattered on Google.

Especially in app store because that is usually not allowed, as far as I know casinos are not allowed on IOS which means we can never have bustabit on our iphones for sure. Androids are a different breed, even if it is not allowed you could download the apk and have anything you want, without any store, but that is even riskier than usual.  At the end of the day as long as the website itself doesn't promote an app, there is really no reason to use one you found online as the original and legit one. This is not even just for bustabit neither, this works for everything else as well.

I have seen plenty of fake exchange apps where they get everything the regular website asks and they use that to login into your real account and steal everything from you. Which is why all around crypto world, all around online world actually, do not use anything that is not officially published.

[Lakai01]

I have seen plenty of fake exchange apps where they get everything the regular website asks and they use that to login into your real account and steal everything from you. Which is why all around crypto world, all around online world actually, do not use anything that is not officially published.

Such apps are simply used to steal users' account data. The simplest - and most effective - protection against this is to enable Two Factor Authentication on your accounts wherever possible. This way, the damage that could be caused by such apps is also extremely low.

Unfortunately, 2-FA is still not as widespread as it should be. My bank has just recently introduced a new 2-FA system, the resistance in the customer base against it was enormous, because it was much too cumbersome for them. Such a way of thinking is, of course, a feast for scammers and co.

[sana54210]

I have seen plenty of fake exchange apps where they get everything the regular website asks and they use that to login into your real account and steal everything from you. Which is why all around crypto world, all around online world actually, do not use anything that is not officially published.

Such apps are simply used to steal users' account data. The simplest - and most effective - protection against this is to enable Two Factor Authentication on your accounts wherever possible. This way, the damage that could be caused by such apps is also extremely low.

Unfortunately, 2-FA is still not as widespread as it should be. My bank has just recently introduced a new 2-FA system, the resistance in the customer base against it was enormous, because it was much too cumbersome for them. Such a way of thinking is, of course, a feast for scammers and co.

2FA is not even enough most of the time as well. Obviously speaking if you have 2FA that would mean that you are one step ahead of everyone else in security, and the more you do it, the better it is for you. However if you use their system, and you type in your 2FA at the same time on their system instead of real website, they will have the code for 2FA.

Now obviously they need to login right away in order to make this work, but if someone is developer enough to build a fake version of bustabit, they could very well make an automated bot that will login real time as well, so when you login with your username and password, the bot also logins with your username and password on the real place, and when you write the 2FA code, it writes the 2FA code as well, it does it automatically and gets in and withdraws all, while the real scammer just sleeps. Not common obviously, most phishing is not this developed, but there could be some, so we should always be as careful as we can be.

[mardaed]

I've been planning to stake some of my money to invest in any of this platform bustabit or bustadice but if both of them are profitable then I will definitely try investing to both
of them and check for myself if whom among of them has a good ROI.

I've been visiting dice sites in order to get some useful data about the good platform to invest but what my problem is I cannot seem to fully understand and use the data in dice sites even if they are giving almost all the useful data like total bet,daily bet and etc. For bustabit investors, may I know if how much you have profit so far like for example you can drop your starting capital, length of investment like how many months and your total ROI.

[RHavar]

I've been visiting dice sites in order to get some useful data about the good platform to invest but what my problem is I cannot seem to fully understand and use the data in dice sites even if they are giving almost all the useful data like total bet,daily bet and etc. For bustabit investors, may I know if how much you have profit so far like for example you can drop your starting capital, length of investment like how many months and your total ROI.

The maths is reasonably simple, I think.

Lets say in this example bankroll is 4000 BTC. The first calculation is the easiest, Daniel has a commissions rate of "bankroll / 10000btc".  So in this example, the commission he charges is 40%. This means when ever the bankroll profit increases past its previous all-time-high ... Daniel charges that 40% and updates the new all time high profit.

Now let's say you want to invest 1000 BTC ... the new bankroll will simply be the old bankroll + how much you invested. Thus it'll be 5000 BTC. And now Daniel will be charging 50% commission (see formula above).

But the important number is your stake: You put in 1000 BTC the 5000 BTC  [I'm ignoring the actual dilution fee to keep it simple], so your stake will be 20%. This means you actually own 20% of the bankroll. This is the important number, because it only changes when other people invest or divest. If people win money from the bankroll, your stake stays the same. It's just the bankroll has decreased. And likewise when the bankroll increases, your % ownership is the same ... just the actual bankroll is bigger.

So let's imagine that the bankroll is 0.5 BTC away from it's previous ATH profit -- and someone gambles and loses 1 BTC. Daniel will charge 0.25 BTC in commission (50% of the 0.5 BTC it exceeded previous profit ATH). Thus the bankroll will increase by 0.75 BTC. You own 20% of that bankroll, so you have effectively made 0.15 BTC.


People on average will lose 1% of what they wager (to the bankroll).  So if you can guestimate how much people will be wagering, you can figure out what the expected returns will look like.  

[Haunebu]

2FA is not even enough most of the time as well. Obviously speaking if you have 2FA that would mean that you are one step ahead of everyone else in security, and the more you do it, the better it is for you. However if you use their system, and you type in your 2FA at the same time on their system instead of real website, they will have the code for 2FA.

Not common obviously, most phishing is not this developed, but there could be some, so we should always be as careful as we can be.

2FA is actually more than enough as long as you don't make any silly mistakes like the one you mentioned above. Gamblers who enable 2FA in sites are usually not dumb enough to visit fake sites based on what I have observed.

The big mistake which most gamblers who enable 2FA tend to make is losing their 2FA accounts(Google Authenticator etc) accidentally due to which they get locked out of their site accounts. Some recover their accounts while some don't.

[devans]

2FA is not even enough most of the time as well. Obviously speaking if you have 2FA that would mean that you are one step ahead of everyone else in security, and the more you do it, the better it is for you. However if you use their system, and you type in your 2FA at the same time on their system instead of real website, they will have the code for 2FA.

Not common obviously, most phishing is not this developed, but there could be some, so we should always be as careful as we can be.

2FA is actually more than enough as long as you don't make any silly mistakes like the one you mentioned above. Gamblers who enable 2FA in sites are usually not dumb enough to visit fake sites based on what I have observed.

The big mistake which most gamblers who enable 2FA tend to make is losing their 2FA accounts(Google Authenticator etc) accidentally due to which they get locked out of their site accounts. Some recover their accounts while some don't.

That's the big problem with optional security: Anyone security-conscious enough to enable 2FA for their accounts is unlikely to fall victim to a phishing attack in the first place 🙁

[kramchers]

I've been played crash games in some of the few gambling sites, and I never know that Bustabit was the origin of crash game, I don't know if this is true, but since it has I would love to play crash game via bustabit anyway unless if their 2fa has no issue anymore then once if fix, I''l begin to play with it.

[NotATether]

It seems that I'm not able to set a password for my account and am stuck with using auto generated ones. Why was it made like this?

I tried asking this in chat but my messages weren't going through. Maybe it restricts the chatroom from newly registered players?

Anyway, what happens if in Settings I select the "make all games green" option? Does it put the game in fun mode where wins and losses aren't credited and you can wager whatever you want?

[RHavar]

It seems that I'm not able to set a password for my account and am stuck with using auto generated ones. Why was it made like this?

Because as a rule, the people it inconveniences are the people who don't normally use secure, unique passwords.  Those are the people whose passwords are probably already leaked (see: https://haveibeenpwned.com/ ) and then wonder how someone else knows their password. Auto-generated passwords have no real impact on people who already have good security practices (i.e. use a password manager with unique password). In the old days you could "hack" the client by opening devtools and changing the password to what ever you wanted and submit the form. Not sure if that still works, or really why you'd want to. Just use a password manager like the cool kids

I tried asking this in chat but my messages weren't going through. Maybe it restricts the chatroom from newly registered players?

Yeah, there's a wagering threshold to stop spam, I believe.

Anyway, what happens if in Settings I select the "make all games green" option? Does it put the game in fun mode where wins and losses aren't credited and you can wager whatever you want?

It's just a joke. All it does, is literally make the games green. It's a purely cosmetic thing Daniel recently added as a joke for the people who love green games

[jaberwock]

It seems that I'm not able to set a password for my account and am stuck with using auto generated ones. Why was it made like this?

Because as a rule, the people it inconveniences are the people who don't normally use secure, unique passwords.  Those are the people whose passwords are probably already leaked (see: https://haveibeenpwned.com/ ) and then wonder how someone else knows their password. Auto-generated passwords have no real impact on people who already have good security practices (i.e. use a password manager with unique password). In the old days you could "hack" the client by opening devtools and changing the password to what ever you wanted and submit the form. Not sure if that still works, or really why you'd want to. Just use a password manager like the cool kids

I still think instead of taking the blame for any potential situation, you should let people decide on things. I get that you wanted to make it more secure and of course this way is better, but just like that guy, I would have wanted it as well, passwords are passwords and maybe I have a very decent one? For each individual website?

In any case, this is the situation and we can't change it, but whenever a place forces me to do something, it does literally the opposite effect on me, I would rather have my password to be "1234567" instead of being forced and I am not even joking right now, I would literally rather have 000000 as password over being forced. I would really love it if you could consider it again, but I think this was already talked a lot and I talked with "support" (which I assume is daniels himself ) and this is not changing.

[RHavar]

I haven't had any involvement with bustabit in years, so just speaking from a purely personal point of view:

In any case, this is the situation and we can't change it, but whenever a place forces me to do something, it does literally the opposite effect on me, I would rather have my password to be "1234567" instead of being forced and I am not even joking right now, I would literally rather have 000000 as password over being forced.

Years ago, I did an experiment where I used a site (leakedsource) to try see how secure accounts were. Of people with a balance and set email address (so I could search easier, which albeit wasn't public), I was able to guess about ~30% of all accounts passwords (after multiple attempts) before mandatory passwords were enforced (and the site displayed a huge amount of warnings about picking secure and unique passwords).

The simple fact is if you let people pick their own password, a large fraction of people will pick extremely insecure passwords, get hacked, and then constantly bitch about how they got hacked. Or you can force people to use secure passwords, and listen to people constantly bitch about their rights to reuse their already leaked and insecure password.

But honestly, if you are so moved about the desire to have poor security -- look at your bitcoin wallet --- they are forcing a hard to remember seed on you.  I suggest you instead find a brainwallet, so you can have the freedom to pick your own seed from the password you normally use. It's also pretty convenient to just get hacked directly from your bitcoin wallet without needing to involve third parties at all.

[Lakai01]

-snip-
The simple fact is if you let people pick their own password, a large fraction of people will pick extremely insecure passwords, get hacked, and then constantly bitch about how they got hacked. Or you can force people to use secure passwords, and listen to people constantly bitch about their rights to reuse their already leaked and insecure password.
-snip-

The problem is that far too few Internet users are still concerned about security. Unfortunately, this also applies to our crypto community, where a lot of money is at stake, especially with wallets and access to exchanges/casinos/....

People are fundamentally lazy, and if they are not forced to adopt stricter security measures (predefined passwords, compulsory 2FA, ...), only a few security-conscious users will actually use them. I noticed this recently with the introduction of 2FA at my bank. The ratings in the Playstore were catastrophic immediately after the introduction, because users fought tooth and nail against it. But those are also the users who scream the loudest when something happens.

In my opinion, higher security standards can only be achieved by making them a prerequisite for the use of pages. In my opinion, this would also include

• mandatory 2FA for login and withdrawals
• predefined, secure passwords with change intervals (e.g. every 2-3 months)
• logins with generic usernames and not with the mail address

The problem here, however, is that too many security requirements scare customers away and they switch to competing platforms. As a bank or exchange you can afford this, but as an online casino you probably can't.

[xxjumperxx]

• mandatory 2FA for login and withdrawals
• predefined, secure passwords with change intervals (e.g. every 2-3 months)
• logins with generic usernames and not with the mail address

I agree with almost all the points above, but what I dont understand, in general.
Why have change intervals for passwords?

If a password is secure and unknown (no hack database etc.) why force people to change it?
Its secure, changing it might make it less secure etc.?

Not criticising, just generally curious what the force of password change is about.

[jaberwock]

Years ago, I did an experiment where I used a site (leakedsource) to try see how secure accounts were. Of people with a balance and set email address (so I could search easier, which albeit wasn't public), I was able to guess about ~30% of all accounts passwords (after multiple attempts) before mandatory passwords were enforced (and the site displayed a huge amount of warnings about picking secure and unique passwords).

The simple fact is if you let people pick their own password, a large fraction of people will pick extremely insecure passwords, get hacked, and then constantly bitch about how they got hacked. Or you can force people to use secure passwords, and listen to people constantly bitch about their rights to reuse their already leaked and insecure password.

But honestly, if you are so moved about the desire to have poor security -- look at your bitcoin wallet --- they are forcing a hard to remember seed on you.  I suggest you instead find a brainwallet, so you can have the freedom to pick your own seed from the password you normally use. It's also pretty convenient to just get hacked directly from your bitcoin wallet without needing to involve third parties at all.

It is shocking that you were capable of guessing 30% of the passwords correctly, especially considering I am sure it wasn't just 1234 type of password, but if it was like that, many people do deserved to get hacked honestly . Secondly, you are talking about "desire to have poor security" but that changes from person to person doesn't it? I mean if you let me be, maybe I will be horrible, or maybe I will have some amazing password, maybe mine would be even more difficult than the one we have here.

So all I was saying is that, I would like to have that chance, I would like to be responsible for my own demise. Now I am not saying you have a bad security, that is obviously a great system, and maybe I am wrong to want to have the option back, it is probably better off this way, but you have to also understand that when the option is taken away, it suddenly becomes important to have that option .

[Siigari]

Did a moment of reading the OP.

They said the .00x bust was removed, but 1.00x busts occur.

What changed, when? Thanks.

[DarkStar_]

Did a moment of reading the OP.

They said the .00x bust was removed, but 1.00x busts occur.

What changed, when? Thanks.

The 0.00x bust was removed, but the 1.00x bust still occurs to keep the 1% house edge. I believe the 0.00x bust existed to pay for the bonus system, which was removed back in February 2018.

[hopenotlate]

Did a moment of reading the OP.

They said the .00x bust was removed, but 1.00x busts occur.

What changed, when? Thanks.

-snip-
 I believe the 0.00x bust existed to pay for the bonus system, which was removed back in February 2018.

Yep, that's exactly correct.