Bitcoin Forum
December 16, 2017, 09:35:35 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3]  All
  Print  
Author Topic: Security bounties  (Read 102764 times)
Check-0
Full Member
***
Offline Offline

Activity: 238


View Profile
May 27, 2015, 09:55:29 AM
 #41

>> Are you telling me decentralization is better for scalability/performance at this point? Def not. Also interesting you are first for keeping IPs private but now you want a P2P forum?

My previous post is a set of ideas for theymos to think about, while he studies PHP and that "new" Javascript ...  Shocked
He can pick something useful from it...
as he tries to stay behind of time and progress, he maybe will accept some ideas at least  Roll Eyes
So it looks eclectic and messed dish just bcoz i feed  conservators Tongue

>> Well for some people it's just about usability. But an optional option to only do (automatic, not manual like now) recovery by signing w/ a specific addy would be cool.

yes, would be nice to have different options for password recovery, tweakable in profile,
with safest option set on by default.

>> Not storing IPs def will be bad against spam / trolls / etc.

My point was : to store IPs and other sensitive info ( emails too ) in special separated storage, preferably in member's browser.
I did not say : "never store IPs !!!"

>> Seriously, "don't use passwords" is easier said than done.

Yes, not easy. But why cant we have a choice : power members can log in with keys, bitcoin addresses, good wishes etc AND just members can log in with passwords ?!
It can be done for sure.

>> Performance of decentralized forum software at this point will be very shit AFAIK.

the same will  be true for Epochtalk i guess. which is alfa, unaudited engine.
My point here was : if theymos will stuck with traditional approaches,
he will lose community due to aftermath of next hacks, social engineering "accidents" etc.
BTW we are now on Romania based hoster.
are romanian front desk guys safer when it comes to social engineering, than NL based ones ?! Tongue

Code:
SummaryIP Address Root Domain Hosting Provider
198.251.81.170 bitcointalk.org FranTech Solutions
Hosting Provider's DetailTitle Statistics
Country United States
Flag
City Cheyenne
ISP FranTech Solutions
Organization Voxility S.R.L.

Не искушай меня, ибо необуздан я в желаниях своих...
Хочешь я взорву все звезды и Завтра не наступит никогда..?
1513460135
Hero Member
*
Offline Offline

Posts: 1513460135

View Profile Personal Message (Offline)

Ignore
1513460135
Reply with quote  #2

1513460135
Report to moderator
1513460135
Hero Member
*
Offline Offline

Posts: 1513460135

View Profile Personal Message (Offline)

Ignore
1513460135
Reply with quote  #2

1513460135
Report to moderator
1513460135
Hero Member
*
Offline Offline

Posts: 1513460135

View Profile Personal Message (Offline)

Ignore
1513460135
Reply with quote  #2

1513460135
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513460135
Hero Member
*
Offline Offline

Posts: 1513460135

View Profile Personal Message (Offline)

Ignore
1513460135
Reply with quote  #2

1513460135
Report to moderator
1513460135
Hero Member
*
Offline Offline

Posts: 1513460135

View Profile Personal Message (Offline)

Ignore
1513460135
Reply with quote  #2

1513460135
Report to moderator
2112
Legendary
*
Offline Offline

Activity: 1988



View Profile
May 27, 2015, 03:34:18 PM
 #42

Are we really in 2015 ?! Tongue
No, we are in a time-loop. We went back to about 1970 when the sales of "time-shared" computer services were at their highest. "Time-share" term was later appropriated by the vacation real-estate salesmen, so the computer salesmen renamed their "time-shares" to "cloud computing".

But the bullshit stayed the same.

Please comment, critique, criticize or ridicule BIP 2112: https://bitcointalk.org/index.php?topic=54382.0
Long-term mining prognosis: https://bitcointalk.org/index.php?topic=91101.0
Spendulus
Legendary
*
Online Online

Activity: 1722



View Profile
November 28, 2015, 06:47:51 PM
 #43

Are we really in 2015 ?! Tongue
No, we are in a time-loop. We went back to about 1970 when the sales of "time-shared" computer services were at their highest. ....

Some years off in that one...1970 was mostly punched cards.  I'd guess timeshared computer services maxed out in parallel with the first five or ten years of the PC.
2112
Legendary
*
Offline Offline

Activity: 1988



View Profile
November 29, 2015, 12:34:17 AM
 #44

Are we really in 2015 ?! Tongue
No, we are in a time-loop. We went back to about 1970 when the sales of "time-shared" computer services were at their highest. ....
Some years off in that one...1970 was mostly punched cards.  I'd guess timeshared computer services maxed out in parallel with the first five or ten years of the PC.
Not in the USA and other relatively advanced economies. There the order was approximately:

196x) organization-owned mainframes
197x) shared rented mainframes (provider-owned)
198x) departmental minicomputers (back to organization-owned)
199x) personal computers (both organization-owned and individual-owned)

Also, I'm talking about broad industrial/commercial/academic trends, not about various niches.

Edit: added one more decade and ownership qualification


Please comment, critique, criticize or ridicule BIP 2112: https://bitcointalk.org/index.php?topic=54382.0
Long-term mining prognosis: https://bitcointalk.org/index.php?topic=91101.0
Decoded
Legendary
*
Offline Offline

Activity: 924


Crypto-News.net: News from Crypto World


View Profile WWW
October 06, 2016, 01:37:27 AM
 #45

Just asking regarding you mentioning mod-related vulnerabilities in the OP.

Mods don't have access to the server(s) that host bitcointalk, right? Only you and maybe Badbear?



              ▄▄▄██████▄▄▄
          ▄██████████████████▄
       ▄████████████████████████▄
 ▄▄  ▄████████████████████████████▄
███████████████████████████████████▄
 ▀▀█████████████████████████████████▄
   ██████████████████████████████████
   ██████████████████████████████████
   ██████████████████████████████████
   ██████████████████████████████████
   ▀████████████████████████████████▀
    ▀██████████████████████████████▀
     ▀▀██████████████████████████▀
        ▀██████████████████████▀
           ▀▀▀████████████▀▀▀
.
.....
.....
.....
.....
.....
.....





theymos
Administrator
Legendary
*
Offline Offline

Activity: 2870


View Profile
October 06, 2016, 02:18:23 AM
 #46

Mods don't have access to the server(s) that host bitcointalk, right?

They do not.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
kano
Legendary
*
Offline Offline

Activity: 2296


Linux since 1997 RedHat 4


View Profile
October 08, 2016, 12:22:53 AM
 #47

In case you didn't notice Theymos ...
It would appear that the email harvesting from the 2015 hack, has recently put the forum email addresses from back then into spam lists.
https://bitcointalk.org/index.php?topic=1635595.0

Looks like you need to up the bounties and/or find someone who can be rewarded them Smiley

Pool: https://kano.is Here on Bitcointalk: Forum BTC: 1KanoPb8cKYqNrswjaA8cRDk4FAS9eDMLU
FreeNode IRC: irc.freenode.net channel #kano.is Majority developer of the ckpool code
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
EnacDomains
Full Member
***
Offline Offline

Activity: 227


View Profile WWW
October 11, 2016, 09:19:22 PM
 #48

when will the Iron tank forum be released?

http://eNAC.com -Buy and sell domain names with Bitcoin
Mad7Scientist
Sr. Member
****
Offline Offline

Activity: 340


View Profile
September 18, 2017, 02:18:41 AM
 #49

No exploit stopped by Cloudflare should ever get anywhere near affecting the forum, and any exploit that is stopped can almost certainly be done in some other way that won't be stopped.
Quote from: TradeFortress
In other words, give cloudflare the ability to MITM. Reverse proxy services should be seen as a a last resort, and all cloudflare's WAF will do is stop basic SQL injection, XSS, etc.
These people really seem to know what they're doing, and theymos keeps doing it despite stupid comments from people who blurt out whatever without doing any research about what they're talking about. It's nice to be on a forum that's so well run.
Dorkie
Member
**
Offline Offline

Activity: 70


View Profile
October 14, 2017, 06:01:24 PM
 #50

Bullshit offer.
If you are sincere in solving any security breach, you should seek paid professionals.
BattleZeo
Jr. Member
*
Offline Offline

Activity: 36


View Profile
October 25, 2017, 04:54:15 AM
 #51

No, we are in a time-loop. We went back to about 1970 when the sales of "time-shared" computer services were at their highest. "Time-share" term was later appropriated by the vacation real-estate salesmen, so the computer salesmen renamed their "time-shares" to "cloud computing".

But the bullshit stayed the same.

You have a rich imagination.  Grin

Bitcoin_BOy$
Hero Member
*****
Offline Offline

Activity: 714

|| Web developer ||


View Profile
November 02, 2017, 08:16:06 AM
 #52

I have sent Theymos a PM.
theymos
Administrator
Legendary
*
Offline Offline

Activity: 2870


View Profile
November 16, 2017, 09:19:55 PM
 #53

Added:

Extra bounties

These bounties use a separate system of calculation, but are subject to the same conditions as above.

- 1 XAU: Find the email address of user DefaultTrust and explain in detail how you did it.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
ScrumbleGames
Jr. Member
*
Offline Offline

Activity: 40

Highest ROI crypto infrastructure


View Profile
December 09, 2017, 04:35:59 PM
 #54

sweet, but i think that is already in progress isnt it?
braindeadgenius
Newbie
*
Offline Offline

Activity: 14


View Profile WWW
December 11, 2017, 01:16:12 AM
 #55

So, looking at this thread and reading an old thread from 2014 on forum improvements / upgrades, is there a plan to ever move on from SMF? This is outdated software and you'd have much better luck (as I'm sure you know) moving onto bigger and better things. I mean, you're not even running anything close to the newest version of SMF either.
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!