Bitcoin Forum
November 04, 2024, 03:26:52 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 [593] 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 ... 2557 »
  Print  
Author Topic: NXT :: descendant of Bitcoin - Updated Information  (Read 2761602 times)
opticalcarrier
Full Member
***
Offline Offline

Activity: 238
Merit: 100



View Profile
January 01, 2014, 04:57:48 PM
 #11841

can someone asnwer why sometimes ann account forges 2 consecutive blocks??  This happens more frequently that I would think it should
brooklynbtc
Sr. Member
****
Offline Offline

Activity: 336
Merit: 250

AKA jefdiesel


View Profile
January 01, 2014, 04:58:21 PM
 #11842

alright dude. sell us your coins and you are free to go

happy new year.

SN
S   U   P   E   R    N   E   T
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀   
Uniting cryptocurrencies, Rewarding talent, Sharing benefits..

Blockchain Technology.

bitcool
Legendary
*
Offline Offline

Activity: 1441
Merit: 1000

Live and enjoy experiments


View Profile
January 01, 2014, 04:58:37 PM
 #11843

Is the OPEN source code still scheduled to be opened on January 3rd?

To qualify as a descendant of Bitcoin, these principles need to be adhered to:  
  Open sourced
  Decentralized
  Fair

No amount of greed should overcome these criteria, IMHO.
laowai80
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile
January 01, 2014, 04:58:58 PM
 #11844

then it will not have widespread adoption.

Probably not until banks start bailing-in their depositors around the world (all mechanisms and laws are already in place for that). But that's equally true for bitcoin and other cryptos.
ImmortAlex
Hero Member
*****
Offline Offline

Activity: 784
Merit: 501


View Profile
January 01, 2014, 05:00:20 PM
 #11845

it will not have widespread adoption.
It is not differ from Bitcoin in sense of public/private keys, transaction authorisation and so on.
ImmortAlex
Hero Member
*****
Offline Offline

Activity: 784
Merit: 501


View Profile
January 01, 2014, 05:01:37 PM
 #11846

can someone asnwer why sometimes ann account forges 2 consecutive blocks??  This happens more frequently that I would think it should
This is accounts with very big stake, so they have a lot of chances to forge.
utopianfuture
Sr. Member
****
Offline Offline

Activity: 602
Merit: 268

Internet of Value


View Profile
January 01, 2014, 05:02:07 PM
 #11847

As a public key on a colored coin?
Your account number is public key already. You're constantly trying to create unnecessary entities.
Want to "freeze" some coins with some new private key? Just create new account with this key, trasfer coins to it, and then use this key only when you need to spend this coins.

The problem is that the "lucky gold strike" loophole for somebody else to hit this new account when miskeying their own password exists just like it exists for the old one.  Psychologically to the public this is always going to be perceived as a flaw because they don't understand how unlikely it is.  You haven't increased security one iota, you have only created a different winning lottery number.  

Publically announcing to the world not to accept withdrawals from an account closes this loophole.  That will make a huge psychological difference to the public.  And I am telling you, for NXT to succeed with the public, irrational psychological issues are going to have to be addressed.

You still need a pass at some point to make an announcement like "I want to spend this money again" right ? you would still need to enter this pass into the network right ? It is essentially the same thing as current implementation.

No.  If it is a dual colored coin scheme, attempts to unlock the account for withdrawals are publically seen on the blockchain and can be monitored and throw up warnings that an account is under attack.  If somebody hits the powerball jackpot and gets into an account through a miskey of another password, that is a one-time private event that is all over in under a minute and nobody even realizes it has happened until the next time they open their account or check it on the block chain.

I understand the math on how unlikely it is that a miskeyed password could open the fattest wallet by accident.  This isn't about math.  It's about public psychology.  Saying as a programmer it isn't necessary ignores the popularity of Powerball in the public mind and the psychology bias it introduces against brain wallets.

If you use a random generator, the chance of someone mis-types and get your pass is zero. Because the pass will use a lot of special characters and not-well-placed keys. Pass like that cannot be accidentally typed. No humanly possible guess is a random. So no mis-type is not possible even in a billion year.

I only worried about hacking. But just educated myself with some current articles on password picking, I can say that it is already extremely time- consuming and impossible at current state of art to pick a 10 character pass if they are truly random.  

Now key logger is another topic and definitely a risk. As long as you connect to Internet, there is a risk.


░░░░░░▄▄▄████████▄▄▄
░░░░▄████████████████▄
░░▄███████████████████▄
███████████████████████
▐████████████████████████▌
█████████████████████████
█████████████████████████
█████████████████████████
▐██████████████████████▌
████████████████████████
░░▀████████████████████▀
░░░░▀████████████████▀
░░░░░░▀▀▀████████▀▀▀
  TomoChain  •    •  TomoChain 
░░░░░░▄▄▄████████▄▄▄
░░░░▄████████████████▄
░░▄███████████████████▄
███████████████████████
▐████████████████████████▌
█████████████████████████
█████████████████████████
█████████████████████████
▐██████████████████████▌
████████████████████████
░░▀████████████████████▀
░░░░▀████████████████▀
░░░░░░▀▀▀████████▀▀▀
instacalm
Hero Member
*****
Offline Offline

Activity: 798
Merit: 500



View Profile
January 01, 2014, 05:02:22 PM
 #11848

Just transferred everything back to Dgex. Forging is done for me. If I can be hacked because of some security hole that Nxt cannot plug (key-loggers, for instance) than, though it's not Nxt's fault, it will hurt adoption and participation.
Hey, what if they will hack Dgex? Or founder of Dgex will disappear in the dust?

Like I said, cashing out as soon as I can.

It's like you guys are building a really high-performance car, and then criticizing the roads for being too bumpy and drivers for being unskilled. It's a great car, and it can do amazing things, but if it isn't adapted to the world as it is or drivers as they are (and not as you want them to be), then it will not have widespread adoption.


What? Your argument can be applied to anything. How do you expect NEXT to safe you from keyloggers? A password is a password and it is up to you to choose and keep it safe.
Damelon
Legendary
*
Offline Offline

Activity: 1092
Merit: 1010



View Profile
January 01, 2014, 05:10:08 PM
 #11849

 This isn't about math.  It's about public psychology.

I think this neatly summarises everything that I was trying to point out.

To expand on that: for NXT to be succesful and truly added value, it will need to go mainstream at some point. Arguably not now, and I'm not in any way suggesting that.
But it needs to be on the cards and taken seriously.

How that will be achieved is a different matter. Third parties seems logical. It's not something that is the sole responsibility of the NXT devs.

NXT and any crypto that wants to survive, needs the general public. Those is also a fact.

Also, in a more productive vein, I'd like to add a security page to the wiki. I now have the following items:

- Making a secure password with keepass (does other software need to be added?) (50-60 characters long enough?)
- Treat your wallet pass like it was your PIN.
- Keep your computer malware/virus free!
- never post pass.

Does anything else need adding. If it isn't obvious already, I am not a techie (although I know enough to keep myself protected). Can anyone suggest other easily implemented safety precautions?
Might as well help people out as much as we can Smiley

Member of the Nxt Foundation | Donations: NXT-D6K7-MLY6-98FM-FLL5T
Join Nxt Slack! https://nxtchat.herokuapp.com/
Founder of Blockchain Workspace | Personal Site & Blog
opticalcarrier
Full Member
***
Offline Offline

Activity: 238
Merit: 100



View Profile
January 01, 2014, 05:10:49 PM
 #11850

@2Kool4Skewl
Please replace direct download links with links to cfb's posts with them.
Nothing personal, just security

All, JeanLuc has agreed to start posting releases at info.nxtcrypto.org and they will also be posted at forums.nxtcrypto.org as well as at the www.nxtcrypto.org site.
starik69
Legendary
*
Offline Offline

Activity: 1367
Merit: 1000


View Profile
January 01, 2014, 05:12:22 PM
 #11851

This happens more frequently that I would think it should
Have you any math for this? Or only fud?
smartwart
Full Member
***
Offline Offline

Activity: 171
Merit: 100


View Profile
January 01, 2014, 05:12:28 PM
 #11852

There is no matter if you use one, two, or ten different passwords in sequence - or just one.

To be constructive, a password manager and generator (maybe like keypass2) could be integrated to NxT Client?
That would simplify it for causal user.

NxT: 13574045486980287597
fmiboy
Full Member
***
Offline Offline

Activity: 189
Merit: 100


View Profile
January 01, 2014, 05:16:39 PM
 #11853

This isn't about math.  It's about public psychology.

I think this neatly summarises everything that I was trying to point out.

To expand on that: for NXT to be succesful and truly added value, it will need to go mainstream at some point. Arguably not now, and I'm not in any way suggesting that.
But it needs to be on the cards and taken seriously.

How that will be achieved is a different matter. Third parties seems logical. It's not something that is the sole responsibility of the NXT devs.

NXT and any crypto that wants to survive, needs the general public. Those is also a fact.

Also, in a more productive vein, I'd like to add a security page to the wiki. I now have the following items:

- Making a secure password with keepass (does other software need to be added?) (50-60 characters long enough?)
- Treat your wallet pass like it was your PIN.
- Keep your computer malware/virus free!
- never post pass.

Does anything else need adding. If it isn't obvious already, I am not a techie (although I know enough to keep myself protected). Can anyone suggest other easily implemented safety precautions?
Might as well help people out as much as we can Smiley

keepass 2 has expire date for every generated key/pass, I think, one must mention that as well. if it expire than users blame you to not posting about it Smiley so generate key/pass and write that to paper or something similar
BitAddict
Legendary
*
Offline Offline

Activity: 1190
Merit: 1001



View Profile
January 01, 2014, 05:24:49 PM
 #11854

Hey there, i started an NXT forging pool, for poeople that want to forge nxt with some reliability or dont want the NXT client running all day long

Website: http://nxt-pool.uk.to/

Nextcoin.org thread: https://nextcoin.org/index.php/topic,1783.0.html


If you send small amounts consider you will need to pay total 2 NxT fee for sending and return, so this is probably more than the NxT you're going to forge in years.

Every 24h currently you can forge about:

100k= 1NxT
10k= 0,1NxT
1k= 0,01NxT
100= 0,001NxT

So if you send 1k you will need 200 days just to breakeven the 2 NxT fee when you're risking your money in a 3rd party.

Also you can't use your coins when you want (you need to wait manual cashout), and now there is no decimals so is imposible to pay out under 1NxT.

And what about if your next forum account/email gets hacked and tell him to send coins to another new wallet? You also lose everything.

IMO is no point using this, and less with current 1NxT fee.
opticalcarrier
Full Member
***
Offline Offline

Activity: 238
Merit: 100



View Profile
January 01, 2014, 05:25:10 PM
 #11855

Id like these people claiming thefts to post their password.  If the account has been emptied please post the password.

I want to tell the world to never accept a withdrawal from my NXT account.  To do this I click a button on my client and go to a special page.  I pay a NXT fee and the page generates two numbers, a public key and a private key.  I attach the public key to a colored coin.  THis is my announcement to the world to lock my account...
This can be done with existing functionality.
Just create new account, send coins to it and never use this account until NXT costs $500.
This is absolutely the same scheme as yours. And it's free Smiley

yes but I'd like to be able to forge and also have functionality of a 2nd password in order to send funds.
This way, for forging, Id just use my regular PC.  But to ever send NXT, Id boot to a pupply linux usb drive and enter the password in that, with security from virus/keylogger/etc
Kodoka
Member
**
Offline Offline

Activity: 63
Merit: 10


View Profile
January 01, 2014, 05:34:38 PM
 #11856

Any chance Google Authenticator could be worked into the code, for everyone calling for extra security? Also, I wanted to see just how brute force resistant Nxt is, so I threw together some code and ran it. Unless a hacker is working with a ridiculously powerful rig, brute force is NOT an option. Even a 7 character pass-phrase would take several weeks to check all combinations of a mixed alpha-numeric set. So if your account has been hacked, you probably need to clean up your computer.

EmoneyRu
Hero Member
*****
Offline Offline

Activity: 600
Merit: 500

Nxt-kit developer


View Profile
January 01, 2014, 05:35:05 PM
 #11857

Any actual roadmap? What would happen @ 32k?

Mistafreeze
Sr. Member
****
Offline Offline

Activity: 897
Merit: 284



View Profile
January 01, 2014, 05:39:02 PM
 #11858


How could we implement email confirmation for sending of NXT?

A service provider watching the blockchain could do this easily.

This should be implemented...it would remove the possibility all together of Nxt being stolen...would also be another advantage for Nxt

Is this something where the eventual message feature of NXT could come into play? The node that forges the block send a message back to the originator of the transaction and requests confirmation? I'm not sure how you hold up the transfer until confirmed, just my $.02

Edit: After about 2 seconds of thought I realized this would send a message back to the person who has already gained unauthorized access to the account.

:\
opticalcarrier
Full Member
***
Offline Offline

Activity: 238
Merit: 100



View Profile
January 01, 2014, 05:40:54 PM
 #11859

This happens more frequently that I would think it should
Have you any math for this? Or only fud?

You are too crafty and have exposed my scheme of toppling NXT due to fud.....

Hey smartguy, the whitepaper isnt published yet.  So we dont really know yet do we; if you know the math then please post it.  You are a idiot if you think accusations of FUD as a response to legitimate questions are in the best interest of the NXT community.

Honestly though, are you fu**ing retarded?  Have you not seen the amount of time and effort Ive been expending on this project??  And you call FUD on me.... wow not very bright there are you sparky
rickyjames
Full Member
***
Offline Offline

Activity: 196
Merit: 100


View Profile
January 01, 2014, 05:42:09 PM
Last edit: January 01, 2014, 06:19:59 PM by rickyjames
 #11860

"It's like you guys are building a really high-performance car, and then criticizing the roads for being too bumpy and drivers for being unskilled. It's a great car, and it can do amazing things, but if it isn't adapted to the world as it is or drivers as they are (and not as you want them to be), then it will not have widespread adoption."

I agree.

OK, just to bubble this to the top again, I officially request that a function be implemented in the NXT client and server that allows an account to publicly declare in the blockchain that it is closed to withdrawals until further notice.  Until this notice is given and verified, all attempts to withdraw from this account are to be deemed invalid by whoever is processing the block with the withdrawal request.

This function would be implemented by accessing a special lock page in the client software where a fee would be assessed for utilizing this option.  Clicking on the "accept fee" key on this page does two things: (1) sends out a colored coin or equivalent containing the account number, the freeze notification, and the public half of an unfreeze code (2) displays for the user the private half of an unfreeze code that is to be copied down manually.

During the account lockdown freeze period, all pending transactions on the blockchain are compared against a list of locked accounts as part of the verification process.  If the withdrawal is against a frozen account, it is rejected as invalid.

To unfreeze the account, a user goes to a special unfreeze page in the client, enters the previously copied private key half generated during the original account locking, pays a fee, and sends a colored coin or equivalent containing the account number, the unfreeze notification, and the private half of the unfreeze code.  A server processing a block containing a colored account unlock code verifies the public / private keys unfreeze the account correctly and removes the specified account from the frozen list.  There may be a time delay while this information is propogated throughout the system and this delay would be accepted as part of the unfreeze process.  

This effectively would implement two factor authentication for sending NXT from a high-value account because the sender would need both the unfreeze code and the original account passphrase.

This scheme is NOT the same as transferring large sums to a new and seldom used NXT account for safekeeping.  Such an account still has an extremely small but non-zero probability of being opened via a brute force or lucky hit of its password, or of being keylogged or trojaned.  Publically announced frozen accounts have a zero chance of being drained.  This difference between extremely small chance and zero is huge in the public mind and will go a long way in making the general public accept the NXT always-online brainwallet concept.

Question one:  is this technically possible, yes or no.


Pages: « 1 ... 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 [593] 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 ... 2557 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!