S3MKi
Legendary
Offline
Activity: 1540
Merit: 1016
|
|
January 02, 2014, 12:35:50 PM |
|
So what happened here? I see my NXT have been stolen as well. I only downloaded the client from this thread. Is there any plans to revert the blockchain? Honestly if there is no plans to somehow correct this, I am giving up on this. This is very disappointing.
Account: 8439060069775407509
you are 3th who lose nxt today
|
|
|
|
swansong
|
|
January 02, 2014, 12:38:15 PM |
|
Can someone pls help me find a official links? official website? official forums if there is any? everybody sharing links and saying download that, download this. who to trust? i am simply asking what is the official nxt website that can be trusted???
|
|
|
|
jl777
Legendary
Offline
Activity: 1176
Merit: 1134
|
|
January 02, 2014, 12:39:03 PM |
|
I am not a cryptographer and ...
James
so please, don't try to be one. I am very good at creative solutions to so called impossible problems. I have extensive software expertise. I am trying to make nxt the most secure crypto at the architectural level. I am not proposing any new cryptographic algorithms, just using standard public private key in a way that has not been done before Maybe i am totally offbase on this, but until i get a clear explantion about how this is wrong, i am apt to believe it is possible to add second layer of security to nxt Why do you want me to stop? James its not wrong. but its not more secure too. there is no difference between using one or two passwords for the probability getting hacked. the only way is to have a long (31+ character) pass-phrase with high entropy and only use the download links (signed) from NxT dev. crew. Will you reimburse the first person whose acct key is cracked with the offline parallel test against all nxt accts? If so you can provide hackers insurance for all for free
|
|
|
|
swartzfeger
|
|
January 02, 2014, 12:40:07 PM |
|
So what happened here? I see my NXT have been stolen as well. I only downloaded the client from this thread. Is there any plans to revert the blockchain? Honestly if there is no plans to somehow correct this, I am giving up on this. This is very disappointing.
Account: 8439060069775407509
The 'transfer' went to account 15182566201738727933. It's the account's only activity. Do you remember which link in the thread the client was downloaded from?
|
|
|
|
S3MKi
Legendary
Offline
Activity: 1540
Merit: 1016
|
|
January 02, 2014, 12:40:26 PM |
|
Can someone pls help me find a official links? official website? official forums if there is any? everybody sharing links and saying download that, download this. who to trust? i am simply asking what is the official nxt website that can be trusted???
see first page.
|
|
|
|
Bitventurer
|
|
January 02, 2014, 12:41:17 PM |
|
One thing that hasn't been mentioned (I don't think), how are we going to vet/verify future client downloads?
As much as I don't share some users' level of conviction when it comes to user adoption vs. difficulty (I think this is rickyjames point), regular users having to worry about 1) brain wallet, 2) clunky client installer PLUS having to verify SHA256 for every update might drive people away.
I have a dedicated server which can be used b core devs , located in germany , currently there is a public node on it : https:nextcoin.info:7875 any from the core devs can contact me and il send them the root+pass from the server...
|
SP8DE - The Game of Chance. Changed.
|
|
|
utopianfuture
Sr. Member
Offline
Activity: 602
Merit: 268
Internet of Value
|
|
January 02, 2014, 12:42:30 PM |
|
I am not a cryptographer and ...
James
so please, don't try to be one. I am very good at creative solutions to so called impossible problems. I have extensive software expertise. I am trying to make nxt the most secure crypto at the architectural level. I am not proposing any new cryptographic algorithms, just using standard public private key in a way that has not been done before Maybe i am totally offbase on this, but until i get a clear explantion about how this is wrong, i am apt to believe it is possible to add second layer of security to nxt Why do you want me to stop? James its not wrong. but its not more secure too. there is no difference between using one or two passwords for the probability getting hacked. the only way is to have a long (31+ character) pass-phrase with high entropy and only use the download links (signed) from NxT dev. crew. Will you reimburse the first person whose acct key is cracked with the offline parallel test against all nxt accts? If so you can provide hackers insurance for all for free They would do such thing to Bitcoin first. At protocol level, NXT security is at the same level as Bitcoin.
|
|
|
|
salsacz
|
|
January 02, 2014, 12:42:42 PM Last edit: January 02, 2014, 02:45:24 PM by salsacz |
|
|
|
|
|
newcn
|
|
January 02, 2014, 12:52:03 PM |
|
So what happened here? I see my NXT have been stolen as well. I only downloaded the client from this thread. Is there any plans to revert the blockchain? Honestly if there is no plans to somehow correct this, I am giving up on this. This is very disappointing.
Account: 8439060069775407509
I'm sorry to hear that. simillar things to me. check your browser history, maybe some clues could be found
|
BTC:1NzzfeHCgN8fF6mSG1UeBFCVd2cxKbGyHk NXT:13187911577562526278
|
|
|
landomata
Legendary
Offline
Activity: 2184
Merit: 1000
|
|
January 02, 2014, 12:53:48 PM |
|
Going forward from this moment: How can we be 100% sure someone coins are actually stolen? the victim could himself open an account and send the funds there....then after a period of time he then transfers the stolen funds to some new account and carries on happily ever after. MOTIVATION: Those who have there funds stolen may get some sort of funding to compensate for their loss. A greedy individual may take advantage of this.
|
|
|
|
plasticAiredale
|
|
January 02, 2014, 12:53:59 PM Last edit: January 02, 2014, 01:43:33 PM by plasticAiredale |
|
So what happened here? I see my NXT have been stolen as well. I only downloaded the client from this thread. Is there any plans to revert the blockchain? Honestly if there is no plans to somehow correct this, I am giving up on this. This is very disappointing.
Account: 8439060069775407509
The 'transfer' went to account 15182566201738727933. It's the account's only activity. Do you remember which link in the thread the client was downloaded from? DO NOT DOWNLOAD THE CLIENT FROM THIS POST. ITS ONLY HERE FOR RESEARCH!!!It was somewhere in this thread, as its the only place I ever download the client from. According to my history I downloaded it from http://162.243.246.223/nxt-client-0.4.8.zip around 7:30am EDT on 12/31/1213. I realize I got lazy and got used to not downloading the newest client from the first post, instead I just downloaded the latest from CFB whenever he posted new ones. I must have not noticed that the poster wasn't CFB. Granted I only lost 18K, but it still stings.
|
|
|
|
bahamapascal
|
|
January 02, 2014, 12:54:05 PM |
|
So I have given security quite a bit of thought and maybe I came up with a good solution: I think it might be possible to make a 2fa for Nxt and it would be 100% decentralized and within the back chain We could du it such a way that the account owner can assign a second account to his current account and only when a transaction from his second account happened (within the last x minutes) can he withdraw Nxt from his main account.Otherwise his transaction gets rejected by the network. For example, I have account number12345 and have 1M Nxt on it. Now I have the option to enable 2fa by adding a second account to it. Before doing that I create account 101010 and send some Nxt to it. As soon as they arrive I go to account 12345, enable 2fa and add account 101010 for that purpose. Now when I want to send some coins (from 12345), I first have to send a minimum transaction from account 101010 to 12345. As soon as this transaction has 1 confirm I have x minutes time to send my Nxt from 12345 to where ever I want to send them. So that would mean that even if some one hacks your account they can do NOTHING. All attempted withdraws would not get accepted by the network as this account had no incoming transaction from the assigned account (101010)! C-f-B, or any other dev here, could you review this Idea? And let us know your opinion, I am not a coder so maybe my Idea is not possible from a technical point of view.
|
|
|
|
smartwart
|
|
January 02, 2014, 12:57:41 PM |
|
Will you reimburse the first person whose acct key is cracked with the offline parallel test against all nxt accts? If so you can provide hackers insurance for all for free
this is polemic. generally there is no benefit to increase the "felt security". its not possible to shift the responsibility to developers by designing ntx-clients whits increase the felt security. there are more important tasks to do. at least, the user will be responsible how secure his account is. anything else would be a sham and decrease the reliability of the whole nxt thing and the worth at least. btw. after tomorrow everybody is able to design his own nxt-client...
|
NxT: 13574045486980287597
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 02, 2014, 12:57:59 PM |
|
C-f-B, or any other dev here, could you review this Idea? And let us know your opinion, I am not a coder so maybe my Idea is not possible from a technical point of view.
It's multisig feature that is scheduled on later date.
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 02, 2014, 12:58:33 PM |
|
People ask why Nxt is not inflationary. Could anyone tell me why it's not inflationary if it's possible to issue other currencies using Asset Exchange? This increases number of "coins" owned by users, right?
|
|
|
|
utopianfuture
Sr. Member
Offline
Activity: 602
Merit: 268
Internet of Value
|
|
January 02, 2014, 01:00:18 PM |
|
Going forward from this moment: How can we be 100% sure someone coins are actually stolen? the victim could himself open an account and send the funds there....then after a period of time he then transfers the stolen funds to some new account and carries on happily ever after. MOTIVATION: Those who have there funds stolen may get some sort of funding to compensate for their loss. An greedy individual may take advantage of this. Because of this reason, I think only PaulyC and newcn are eligible for some type of reimbursement/ bounties for uncovering the bogus client.
|
|
|
|
salsacz
|
|
January 02, 2014, 01:01:54 PM |
|
Going forward from this moment: How can we be 100% sure someone coins are actually stolen? the victim could himself open an account and send the funds there....then after a period of time he then transfers the stolen funds to some new account and carries on happily ever after. MOTIVATION: Those who have there funds stolen may get some sort of funding to compensate for their loss. A greedy individual may take advantage of this. easily - look at the times and watch, there will be many other blocks like this.
|
|
|
|
swansong
|
|
January 02, 2014, 01:02:55 PM |
|
Can someone pls help me find a official links? official website? official forums if there is any? everybody sharing links and saying download that, download this. who to trust? i am simply asking what is the official nxt website that can be trusted???
see first page. what i mean is if i want to download bitcoin official client i simply visit bitcoin.org and same with litecoin.org and there are many others. is there any official website for NXT?
|
|
|
|
plasticAiredale
|
|
January 02, 2014, 01:03:07 PM |
|
Going forward from this moment: How can we be 100% sure someone coins are actually stolen? the victim could himself open an account and send the funds there....then after a period of time he then transfers the stolen funds to some new account and carries on happily ever after. MOTIVATION: Those who have there funds stolen may get some sort of funding to compensate for their loss. An greedy individual may take advantage of this. Well if someone was to reimburse the stolen NXT that would be amazing. they could only help the people whose NXT were in their account say before 12/31/2013. The thief would have had to thought ahead and created a bunch of accounts, and then transferred them to fake the theft for this to even be worried about. But I don't know how you get a 100% verification the NXT were stolen and not someone just trying to take advantage.
|
|
|
|
gbeirn
|
|
January 02, 2014, 01:05:31 PM |
|
Is 17480583094667840121 your new account? That is not my account. Sorry that was directed to PaulyC. Hey sorry just saw this. That's very generous! thanks Gbeirn. I don't even know when I'll check if it's in there, I'm freaked until the *confirmed client.. hah Yes this account hasn't been compromised and has a strong 40+ random PW, I haven't used it since 4.7e! Edit** Decided as everyone should to start fresh new Acct# with the windows installer from Pg. 1. Check sum'd and Hash good. thanks to anyone who can contribute. NXT 14008664550450326382 I did get a pm from another poster who mentioned setting up a bounty for me, so I don't know what the protocol is here, sorry. thanks! Sent 7808 NXT. Thanks for discovering this before too many others were tricked as well!
|
NXT VPS Server Donations can be sent here: 6044921191674841550At the end of each month I will donate some of them back to the community. This is separate from my main wallet so you can keep track of them. I will keep them in there and only use them for hosting.
|
|
|
|