Bitcoin Forum
October 17, 2017, 11:52:15 AM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3]  All
  Print  
Author Topic: Security bounties  (Read 97889 times)
Check-0
Full Member
***
Offline Offline

Activity: 238


View Profile
May 27, 2015, 09:55:29 AM
 #41

>> Are you telling me decentralization is better for scalability/performance at this point? Def not. Also interesting you are first for keeping IPs private but now you want a P2P forum?

My previous post is a set of ideas for theymos to think about, while he studies PHP and that "new" Javascript ...  Shocked
He can pick something useful from it...
as he tries to stay behind of time and progress, he maybe will accept some ideas at least  Roll Eyes
So it looks eclectic and messed dish just bcoz i feed  conservators Tongue

>> Well for some people it's just about usability. But an optional option to only do (automatic, not manual like now) recovery by signing w/ a specific addy would be cool.

yes, would be nice to have different options for password recovery, tweakable in profile,
with safest option set on by default.

>> Not storing IPs def will be bad against spam / trolls / etc.

My point was : to store IPs and other sensitive info ( emails too ) in special separated storage, preferably in member's browser.
I did not say : "never store IPs !!!"

>> Seriously, "don't use passwords" is easier said than done.

Yes, not easy. But why cant we have a choice : power members can log in with keys, bitcoin addresses, good wishes etc AND just members can log in with passwords ?!
It can be done for sure.

>> Performance of decentralized forum software at this point will be very shit AFAIK.

the same will  be true for Epochtalk i guess. which is alfa, unaudited engine.
My point here was : if theymos will stuck with traditional approaches,
he will lose community due to aftermath of next hacks, social engineering "accidents" etc.
BTW we are now on Romania based hoster.
are romanian front desk guys safer when it comes to social engineering, than NL based ones ?! Tongue

Code:
SummaryIP Address Root Domain Hosting Provider
198.251.81.170 bitcointalk.org FranTech Solutions
Hosting Provider's DetailTitle Statistics
Country United States
Flag
City Cheyenne
ISP FranTech Solutions
Organization Voxility S.R.L.

Не искушай меня, ибо необуздан я в желаниях своих...
Хочешь я взорву все звезды и Завтра не наступит никогда..?
1508241135
Hero Member
*
Offline Offline

Posts: 1508241135

View Profile Personal Message (Offline)

Ignore
1508241135
Reply with quote  #2

1508241135
Report to moderator
1508241135
Hero Member
*
Offline Offline

Posts: 1508241135

View Profile Personal Message (Offline)

Ignore
1508241135
Reply with quote  #2

1508241135
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1508241135
Hero Member
*
Offline Offline

Posts: 1508241135

View Profile Personal Message (Offline)

Ignore
1508241135
Reply with quote  #2

1508241135
Report to moderator
1508241135
Hero Member
*
Offline Offline

Posts: 1508241135

View Profile Personal Message (Offline)

Ignore
1508241135
Reply with quote  #2

1508241135
Report to moderator
2112
Legendary
*
Offline Offline

Activity: 1946



View Profile
May 27, 2015, 03:34:18 PM
 #42

Are we really in 2015 ?! Tongue
No, we are in a time-loop. We went back to about 1970 when the sales of "time-shared" computer services were at their highest. "Time-share" term was later appropriated by the vacation real-estate salesmen, so the computer salesmen renamed their "time-shares" to "cloud computing".

But the bullshit stayed the same.

Please comment, critique, criticize or ridicule BIP 2112: https://bitcointalk.org/index.php?topic=54382.0
Long-term mining prognosis: https://bitcointalk.org/index.php?topic=91101.0
Spendulus
Legendary
*
Offline Offline

Activity: 1666



View Profile
November 28, 2015, 06:47:51 PM
 #43

Are we really in 2015 ?! Tongue
No, we are in a time-loop. We went back to about 1970 when the sales of "time-shared" computer services were at their highest. ....

Some years off in that one...1970 was mostly punched cards.  I'd guess timeshared computer services maxed out in parallel with the first five or ten years of the PC.
2112
Legendary
*
Offline Offline

Activity: 1946



View Profile
November 29, 2015, 12:34:17 AM
 #44

Are we really in 2015 ?! Tongue
No, we are in a time-loop. We went back to about 1970 when the sales of "time-shared" computer services were at their highest. ....
Some years off in that one...1970 was mostly punched cards.  I'd guess timeshared computer services maxed out in parallel with the first five or ten years of the PC.
Not in the USA and other relatively advanced economies. There the order was approximately:

196x) organization-owned mainframes
197x) shared rented mainframes (provider-owned)
198x) departmental minicomputers (back to organization-owned)
199x) personal computers (both organization-owned and individual-owned)

Also, I'm talking about broad industrial/commercial/academic trends, not about various niches.

Edit: added one more decade and ownership qualification


Please comment, critique, criticize or ridicule BIP 2112: https://bitcointalk.org/index.php?topic=54382.0
Long-term mining prognosis: https://bitcointalk.org/index.php?topic=91101.0
Decoded
Hero Member
*****
Offline Offline

Activity: 868


Crypto-News.net: News from Crypto World


View Profile WWW
October 06, 2016, 01:37:27 AM
 #45

Just asking regarding you mentioning mod-related vulnerabilities in the OP.

Mods don't have access to the server(s) that host bitcointalk, right? Only you and maybe Badbear?



              ▄▄▄██████▄▄▄
          ▄██████████████████▄
       ▄████████████████████████▄
 ▄▄  ▄████████████████████████████▄
███████████████████████████████████▄
 ▀▀█████████████████████████████████▄
   ██████████████████████████████████
   ██████████████████████████████████
   ██████████████████████████████████
   ██████████████████████████████████
   ▀████████████████████████████████▀
    ▀██████████████████████████████▀
     ▀▀██████████████████████████▀
        ▀██████████████████████▀
           ▀▀▀████████████▀▀▀
.
.....
.....
.....
.....
.....
.....





theymos
Administrator
Legendary
*
Offline Offline

Activity: 2814


View Profile
October 06, 2016, 02:18:23 AM
 #46

Mods don't have access to the server(s) that host bitcointalk, right?

They do not.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
kano
Legendary
*
Offline Offline

Activity: 2240


Linux since 1997 RedHat 4


View Profile
October 08, 2016, 12:22:53 AM
 #47

In case you didn't notice Theymos ...
It would appear that the email harvesting from the 2015 hack, has recently put the forum email addresses from back then into spam lists.
https://bitcointalk.org/index.php?topic=1635595.0

Looks like you need to up the bounties and/or find someone who can be rewarded them Smiley

Pool: https://kano.is Here on Bitcointalk: Forum BTC: 1KanoPb8cKYqNrswjaA8cRDk4FAS9eDMLU
FreeNode IRC: irc.freenode.net channel #kano.is Majority developer of the ckpool code
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
EnacDomains
Full Member
***
Offline Offline

Activity: 229


View Profile WWW
October 11, 2016, 09:19:22 PM
 #48

when will the Iron tank forum be released?

http://eNAC.com -Buy and sell domain names with Bitcoin
naghashisakhteman
Newbie
*
Offline Offline

Activity: 4


View Profile WWW
November 12, 2016, 09:35:21 AM
 #49

Hi
This project will help Java web developers defend against Cross Site Scripting!
Kudos Per Bug
Mad7Scientist
Sr. Member
****
Offline Offline

Activity: 272


View Profile
September 18, 2017, 02:18:41 AM
 #50

No exploit stopped by Cloudflare should ever get anywhere near affecting the forum, and any exploit that is stopped can almost certainly be done in some other way that won't be stopped.
Quote from: TradeFortress
In other words, give cloudflare the ability to MITM. Reverse proxy services should be seen as a a last resort, and all cloudflare's WAF will do is stop basic SQL injection, XSS, etc.
These people really seem to know what they're doing, and theymos keeps doing it despite stupid comments from people who blurt out whatever without doing any research about what they're talking about. It's nice to be on a forum that's so well run.
Dorkie
Newbie
*
Offline Offline

Activity: 14


View Profile
October 14, 2017, 06:01:24 PM
 #51

Bullshit offer.
If you are sincere in solving any security breach, you should seek paid professionals.

Signed BTC message is alternative to RFID chip.
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!