NXT :: descendant of Bitcoin - Updated Information

[jkoil]

...before starting playing with customers.

Your understanding of cryptocurrencies is jaw-dropping!  

Your understanding of SW development is jaw-dropping!   :-(

[utopianfuture]

Blocks Generated   :   3933
Fee Earned   :   60,718 NXT

this is a nicer hack  

just before source release.. great!!

devs, please take a look into this ASAP, that person just generated another block.  They are obviously gaming the system somehow.  The balance on that acct has never been very high, yet they forge TONS of blocks

all,

remember....


Actually there will be 3 flaws in the source code.

How fast it is ? It is 50 million account and perhaps it is the only big account forging.

[rickyjames]

Dude.  I respectfully ask that you remove this.  We are trying to get Thomas to open up and tell us what happened.  He has made a mistake.  He will work with us if he sees a path to redemption.  This would be a good thing.

Dude (as you say) I have not accused anyone! Im taking a poke at all the fingers poking towards Thomas. We are all very quick to blame before (if) we know all the facts.

With respect I will not remove the image.

Don't care about the image...
But I do care about the implication that he is not to blame at all - facts so far;

Trojan download came from his server for the affected accounts (see posts about browser history)
He admitted - in the previous post in putting the trojan code there.
He denies having used the data that was sent to his server or attempted to be sent in the clear over the internet to steal from the affected accounts.
If we believe the denial I think 'accomplice after the fact' is still applicable...

the other statement 'there are other modified clients out there' is an obvious one I'm sure there are but other wrongdoers do not lessen the severity of this one.

I agree what Thomas did was a very severe bad act.  But there's obviously more to the story here, and he knows it, and we need to find out about it.     Hammering him about how bad he has been will not engender his cooperation.   This is still a salvageable situation as long as the stolen NXT is isolated with the possibility of returning it to its rightful owners.  Thomas is currently saying he cannot do that.  Maybe that is true and maybe not.  I want to hear more from him and I want to offer him a way to minimize the shitstorm he is walking through if he plays ball to accomplish restitution.  If he can't do that, maybe he knows who can.  I hope he will come back onto the site and talk about this, or PM me to discuss privately if he is more comfortable doing that.

[pinarello]

nxt need more technical support!

What do you mean?

Pin

[S3MKi]

Blocks Generated   :   3933
Fee Earned   :   60,718 NXT

this is a nicer hack  

just before source release.. great!!

devs, please take a look into this ASAP, that person just generated another block.  They are obviously gaming the system somehow.  The balance on that acct has never been very high, yet they forge TONS of blocks

all,

remember....


Actually there will be 3 flaws in the source code.

How fast it is ? It is 50 million account and perhaps it is the only big account forging.

it was 128k few minutes ago in blockchain. first transaction was 29/11. But now 24/11 Magic http://clip2net.com/s/6vAqOt

[notsoshifty]

Don't forget Framewood, too.  Please notice the date and how little the community paid attention.

https://bitcointalk.org/index.php?topic=345619.msg4172532#msg4172532

The issue reported by Framewood was of funds being sent to a different account to the one he entered into the browser, as part of a transaction that he initiated, at the same time as he made the transaction; rather than funds being stolen after having unlocked the account in the browser. I'm not fully up to date with the last few pages, but is it yet confirmed to be the same hacker, or even the same issue (bogus client, not e.g. code bug)?

[Come-from-Beyond]

When a client transfers NXT from one account to another, is there any record of the IP Address that is broadcasting this transfer?

No.

[Come-from-Beyond]

Popcorn.

*beer*

(girls)

[wesleyh]

Nxt Mac 0.18 now available at http://nxtra.org/mac

Only change is inclusion of wellKnownPeers - which I forgot to include in the previous version.

[Come-from-Beyond]

devs, please take a look into this ASAP, that person just generated another block.  They are obviously gaming the system somehow.  The balance on that acct has never been very high, yet they forge TONS of blocks

Looks legit. 50M, he is supposed to mine each 20th block at 100% base difficulty.

[xibeijan]

Nxt Mac 0.18 now available at http://nxtra.org/mac

Only change is inclusion of wellKnownPeers - which I forgot to include in the previous version.

What is Nxt Mac?

[wesleyh]

Nxt Mac 0.18 now available at http://nxtra.org/mac

Only change is inclusion of wellKnownPeers - which I forgot to include in the previous version.

What is Nxt Mac?

A mac version of the nxt client I made - automatic updates and single click install to make it easy to use.

[notsoshifty]

Blocks Generated   :   3933
Fee Earned   :   60,718 NXT

this is a nicer hack  

just before source release.. great!!

devs, please take a look into this ASAP, that person just generated another block.  They are obviously gaming the system somehow.  The balance on that acct has never been very high, yet they forge TONS of blocks

all,

remember....


Actually there will be 3 flaws in the source code.

I previously checked the (decompiled) source code and could see where the client checks whether it is eligible to forge (and calls generateBlock if it is). But I couldn't see anywhere where the receiving client polices the forger's right to forge. It gets a processBlock message, and handles it, but seems to trust that the forger was eligible. This could potentially result in a rogue node forging more than its fair share. I am looking at decompiled code (not the real source) and also missing comments etc so almost certainly missing the bigger picture here. Perhaps jl/cfb could quickly confirm.

[smartwart]

People ask why Nxt is not inflationary. Could anyone tell me why it's not inflationary if it's possible to issue other currencies using Asset Exchange? This increases number of "coins" owned by users, right?

interesting question!

at least, inflation is increase of the price.
if we substitute 1nxt by 3btc we have increased the price for one nxt by factor 3:0.0001
... hm ? ?

this point has to be stressed again and again. You don't issue Bitcoin, litecoin or any other actual assets via colored coin tech. You  merely issue tokens or stickers that represent these coins . It's up to you to add a value on these tokens. They are basically IOU you issue. There would be a lot of uncertainty at the beginning of the asset market to see who can be trusted. Similar issue to the Ripple gateway currently.

some point are worth to be stressed.
assets - that means colored coins are the nxt featured will be released.
I think this can be discussed and is an interesting topic and an exciting technology!

cheers!

[punkrock]

[BloodyRookie]

Blocks Generated   :   3933
Fee Earned   :   60,718 NXT

this is a nicer hack  

just before source release.. great!!

devs, please take a look into this ASAP, that person just generated another block.  They are obviously gaming the system somehow.  The balance on that acct has never been very high, yet they forge TONS of blocks

all,

remember....


Actually there will be 3 flaws in the source code.

I previously checked the (decompiled) source code and could see where the client checks whether it is eligible to forge (and calls generateBlock if it is). But I couldn't see anywhere where the receiving client polices the forger's right to forge. It gets a processBlock message, and handles it, but seems to trust that the forger was eligible. This could potentially result in a rogue node forging more than its fair share. I am looking at decompiled code (not the real source) and also missing comments etc so almost certainly missing the bigger picture here. Perhaps jl/cfb could quickly confirm.

It does get checked in the verifyGenerationSignature method.

[opticalcarrier]

I run 9 VPSs, why is it that lots of times, many of them see others as red flags?

[xyzzyx]

I run 9 VPSs, why is it that lots of times, many of them see others as red flags?

What are your values for maxNumberOfConnectedPublicPeers and maxRequestsPerSec in web.xml?

[Come-from-Beyond]

I previously checked the (decompiled) source code and could see where the client checks whether it is eligible to forge (and calls generateBlock if it is). But I couldn't see anywhere where the receiving client polices the forger's right to forge. It gets a processBlock message, and handles it, but seems to trust that the forger was eligible. This could potentially result in a rogue node forging more than its fair share. I am looking at decompiled code (not the real source) and also missing comments etc so almost certainly missing the bigger picture here. Perhaps jl/cfb could quickly confirm.

pushBlock() checks that forger doesn't cheat.
verifyGenerationSignature() called by pushBlock().

[landomata]

WHAT TIME (GMT) WILL THE SOURCE CODE BE RELEASED?....ITS ALREADY JAN 3rd IN JAPAN/AUSTRALIA......CHINA IS COMING UP IN 10 MINUTES.

Need an answer too.