NXT :: descendant of Bitcoin - Updated Information

[brooklynbtc]

So we think this https://mega.co.nz/#!xZdhRAwJ!a6e7ORQYVdEapDXwiVr5ZVxzrkxki5RWMC3kdY6dfts is a keylogger?

 How can we get it shut down? or can someone decompile it and determine how much trouble it can cause?

 

[salsacz]

So we think this https://mega.co.nz/ bla
 How can we get it shut down? or can someone decompile it and determine how much trouble it can cause?

I have no idea. It could also be infected in the past and then he could replace the right links...

[caishendizi]

there is a “ ”（space） in my  passphrase  i have logged in https://localhost:7875 but  now i cannot log in it .the message "java.lang.NullPointerException" Prompts an error
why ？？？？？

[jl777]

WARNING: DO NOT USE VANITYGEN

If you have an account with any significant amount of NXT in it, it is quite possible that somebody is using the vanitygen's algorithm to scan for your acct.

I am not sure how random the vanitygen program is and until we verify that it is indeed very random, it is possible for somebody to see an acct published here, look it up in the blockchain website, see that it is worth cracking and then using a tweaked vanitygen to bruteforce search for passwords that match your acct number. The bruteforce search for password can be done offline, so there is no way to detect this is happening, until it is too late.

I am not familiar with vanitygen's source, so this could be a false alert. However, for matters like this it is better to be safe than sorry.

High entropy random passwords are needed. Any method like vanity address generation can constrain the accts and the reduced number of them can potentially leave them open to a bruteforce attack. I am sure it is possible to create a vanitygen that is secure enough, I am just not convinced if the vanitygen that was posted a while back is secure enough from a mathematical standpoint.

Apologies to author of vanitygen, this is all conjecture on my part and I do not know if the previous unsolved theft had anything to do with vanitygen. I remember reading the release notes that the vanitygen program was not really finished and maybe password entropy maximization was one of the unfinished items?

James

[salsacz]

there is a “ ”（space） in my  passphrase  i have logged in https://localhost:7875 but  now i cannot log in it .the message "java.lang.NullPointerException" Prompts an error
why ？？？？？

If you do not have there money (NXT), choose another passphrase.

[salsacz]

it is possible for somebody to see an acct published here, look it up in the blockchain website, see that it is worth cracking and then using a tweaked vanitygen to bruteforce search for passwords that match your acct number.

actually this time he got robbed from 1 vanity address and 2 non vanity addresses, right? - during 3 minutes

[jl777]

So we think this https://mega.co.nz/#!xZdhRAwJ!a6e7ORQYVdEapDXwiVr5ZVxzrkxki5RWMC3kdY6dfts is a keylogger?

 How can we get it shut down? or can someone decompile it and determine how much trouble it can cause?

 

Doesn't have to be keylogger. If it just has a deterministic way to generate passwords, or a small number of seeds,then it can brute force search for a specific acct #

All depends on how the passwords are generated internally. If a 16 bit random seed is used, just needs to run 65536 iterations.

James

[jl777]

it is possible for somebody to see an acct published here, look it up in the blockchain website, see that it is worth cracking and then using a tweaked vanitygen to bruteforce search for passwords that match your acct number.

actually this time he got robbed from 1 vanity address and 2 non vanity addresses, right?

Not sure about the 2 smaller accts.

[caishendizi]

我的秘钥里面有空格 之前能登陆 为什么现在就登陆不了了
这次升级 是处理空格了？ 作为开发者怎么可以这样 你可以不允许空格出现
但是既然最初的版本允许它存在 升级的时候就应该考虑这个
不然我的账户怎么办 秘钥也无法修改 我的nxt就这样被吃掉？？？？？？
why???serious bug???

[brooklynbtc]

Yeah OP did you have vanity address on all 3?

something about vanity coding a 64 char account # when you could just buy an alias makes me say WTF

[MadCow]

Announcement!

NEX descendant of NXT to be released!

https://bitcointalk.org/index.php?topic=422052

Thanks FrictionlessCoin!

You are the Andy Warhol of POS performance art coins.

Just grab a POS coin, copy it, and there you go .... ART

The genius is the idea, not the execution!

Anybody can do it - FREE POS COINS

                       

[xyzzyx]

我的秘钥里面有空格 之前能登陆 为什么现在就登陆不了了
这次升级 是处理空格了？ 作为开发者怎么可以这样 你可以不允许空格出现
但是既然最初的版本允许它存在 升级的时候就应该考虑这个
不然我的账户怎么办 秘钥也无法修改 我的nxt就这样被吃掉？？？？？？
why???serious bug???

Stop your client's java process.
Copy blocks.nxt.bak to blocks.nxt, and transactions.nxt.bak to transactions.nxt
Restart the client.

If that didn't work, try deleting blocks.nxt and transactions.nxt and restarting the client.

[caishendizi]

there is a “ ”（space） in my  passphrase  i have logged in https://localhost:7875 but  now i cannot log in it .the message "java.lang.NullPointerException" Prompts an error
why ？？？？？

If you do not have there money (NXT), choose another passphrase.

if i do not have some nxt in that account，why i said that in here ？

[caishendizi]

我的秘钥里面有空格 之前能登陆 为什么现在就登陆不了了
这次升级 是处理空格了？ 作为开发者怎么可以这样 你可以不允许空格出现
但是既然最初的版本允许它存在 升级的时候就应该考虑这个
不然我的账户怎么办 秘钥也无法修改 我的nxt就这样被吃掉？？？？？？
why???serious bug???

Stop your client's java process.
Copy blocks.nxt.bak to blocks.nxt, and transactions.nxt.bak to transactions.nxt
Restart the client.

If that didn't work, try deleting blocks.nxt and transactions.nxt and restarting the client.

thanks very much！！！
now it is at work

[xyzzyx]

Stop your client's java process.
Copy blocks.nxt.bak to blocks.nxt, and transactions.nxt.bak to transactions.nxt
Restart the client.

If that didn't work, try deleting blocks.nxt and transactions.nxt and restarting the client.

thanks very much！！！
now it is at work

Cool!  

Most of the time when you see "java.lang.NullPointerException", that means your local copy of the blockchain has an error.  Always try restoring from the .bak files.  Usually that fixes it.

[Anon136]

second daily shameless advertisement: (doing 2 per day, hope you are ok with that 2Kool4Skewl)

please check out my orderbook/escrow here: https://docs.google.com/spreadsheet/ccc?key=0AuZ9UiDk97ajdFQtdHN2RElUQU10NjdqRUNkWm5uUlE

place some orders, leave some feedback. anything helps.

[caishendizi]

Stop your client's java process.
Copy blocks.nxt.bak to blocks.nxt, and transactions.nxt.bak to transactions.nxt
Restart the client.

If that didn't work, try deleting blocks.nxt and transactions.nxt and restarting the client.

thanks very much！！！
now it is at work

Cool!  

Most of the time when you see "java.lang.NullPointerException", that means your local copy of the blockchain has an error.  Always try restoring from the .bak files.  Usually that fixes it.

 

[salsacz]

Can I just thank the owners of 9596636314676722420 massively for their donations?

Very unexpected and very much appreciated. The support level amongst Nxters is amazing

Yes, thank you kind donator. That's why I love this community, we support each other

[joefox]

Can I just thank the owners of 9596636314676722420 massively for their donations?

Very unexpected and very much appreciated. The support level amongst Nxters is amazing

Yes, thank you kind donator. That's why I love this community, we support each other

And a third thanks from me, for supporting the wiki project!

[allwelder]

我的秘钥里面有空格 之前能登陆 为什么现在就登陆不了了
这次升级 是处理空格了？ 作为开发者怎么可以这样 你可以不允许空格出现
但是既然最初的版本允许它存在 升级的时候就应该考虑这个
不然我的账户怎么办 秘钥也无法修改 我的nxt就这样被吃掉？？？？？？
why???serious bug???

重新下载客户端，启动bat；没有您所谓的处理空格