Bitcoin Forum
December 11, 2024, 10:29:55 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 [74] 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 ... 173 »
  Print  
Author Topic: Blockchain.info - Bitcoin Block explorer & Currency Statistics  (Read 482655 times)
misterbigg
Legendary
*
Offline Offline

Activity: 1064
Merit: 1001



View Profile
September 20, 2012, 02:54:44 PM
 #1461

Can you please add a graph showing the total number of anonymized coins over time?

I did answer this previously. There are no logs of this, so no.

My apologies, I did not see the answer. Is this something we can add? It could be as simple as recording the total number of coins per day, or per week. I'd like to know what the demand is for coin mixing.

Thanks
piuk (OP)
Hero Member
*****
Offline Offline

Activity: 910
Merit: 1005



View Profile WWW
September 20, 2012, 10:50:24 PM
 #1462

This really is awesome!  Sorry we didn't get a chance to meet up at the BTC conference, it would have been good to thank you personally for the great service you provide to the bitcoin community.

There is always the next year Smiley

How do we invest in your web site?
I think you are the next google/facebook/twitter/bigboobasianladyboys.com

Thank you for the complement, I think:) Investment is not need currently as the site is sufficiently funded for it's current goal. Which is to be a profitable, sustainable business within the current bitcoin economy - "Bitcoin wallet for bitcoiners". Maybe in future we will be looking for more funding for marketing etc, but that is way off yet.

The service is actually pretty good, and I encourage you to at least take a deeper look.  It took me about 15 mins to integrate it the first time I did.  Start here http://boxcar.io/help/api/providers

Since the API is really simple to implement I have added it. I'm not sure if the My Wallet app needs approval by the boxcar.io admins but it seems to work for me.



Something is wrong with the window called about. The window is moving, being hard to users read. I think the problem is because the window latest transaction is ajax.

I'm not sure what window you mean? A popup dialog?

Block updating has stopped. Something is wrong with your site, piuk.

Thanks for letting me know, I have added some extra checks to hopefully prevent this from happening again.

Piuk,

I really think you should change the top bar to something like the one of www.bitcoincharts.com

1- Change the buttons home, charts, stats, api to below the blockchain name/logo
2- In the place of buttons specified above, you could add the informations like: blocks, total of btc, difficulty, ... like how bitcoincharts show.
3- I think the wallet button should be located separated of other buttons and with a better design and bigger size.
4- I think you should remove at least the 3 last lines of the window most recently mined blocks in the bitcoin block chain. I think 10 lines is much.

I think your right about number 4. If the header was going to be re-designed it would be at the point when the entire Site was re-designed professionally (ditching bootstrap), for the moment I think it is ok.

My apologies, I did not see the answer. Is this something we can add? It could be as simple as recording the total number of coins per day, or per week. I'd like to know what the demand is for coin mixing.


As far as i'm concerned the less logs the better, even if it's only a counter. I would say that demand is moderate, the reason TorWallet turned rogue may have been that demand for mixing wasn't high enough.

sunnankar
Legendary
*
Offline Offline

Activity: 1031
Merit: 1000



View Profile WWW
September 20, 2012, 11:15:32 PM
Last edit: September 20, 2012, 11:26:34 PM by sunnankar
 #1463

My apologies, I did not see the answer. Is this something we can add? It could be as simple as recording the total number of coins per day, or per week. I'd like to know what the demand is for coin mixing.


As far as i'm concerned the less logs the better, even if it's only a counter. I would say that demand is moderate, the reason TorWallet turned rogue may have been that demand for mixing wasn't high enough.

Aren't you snoopy misterbigg and I am sure you are not the only one. I think the less logs the better also.

But getting to demand, perhaps the market could set the rate instead of it constantly being 1.5%. Then 'interest' could be earned on bitcoin balances. Of course, one of the risks may be that the private key needs to be entrusted to Blockchain.info ....

But a whole range of products could be developed like CDs, for depositors, where the bitcoins are entrusted for a certain amount of time, etc. or for customers automated payments that could be made based on an algorithm where the variables of which could be tweaked by the user (time, amount, randomness, etc.).

For example, 50 BTC are sent and over 30 days those 50 BTC are sent via 27 addresses, all with 0% taint to each other, to 1 address and the amounts of each payment are of a same amount (like for children's allowances, etc.) or sufficiently random, or fall within a normal distribution for particular behavior like website donations, etc., to provide plausible deniability for the receiver.

This could all help drive the 1.5% fee lower, which is competing with other goods/services, while revenues and profits could be increased through volumes since marginal cost is 0. And we all like cheap!

And if Blockchain.info is able to maintain its trust agent status it could develop a very useful business for both depositors and customers.


Krak
Hero Member
*****
Offline Offline

Activity: 591
Merit: 500



View Profile WWW
September 20, 2012, 11:20:08 PM
 #1464

I've been trying to make a paper wallet according to this tutorial, but I don't see an offline mode button on the login page. Is there a new way of doing this? I've never made a paper wallet before. Tongue

The Offline checkbox was removed, the documentation needs updating. To use offline mode now just disconnect your internet and refresh the login page. Be sure to clear the browsers cache before connecting to the internet again.
I tried that, but when I went to print off my paper wallet, it only showed my online wallets. I thought about making it online, printing the wallet and then just deleting the private key. Would that be secure enough?
Anybody know the answer here?

BTC: 1KrakenLFEFg33A4f6xpwgv3UUoxrLPuGn
BkkCoins
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1009


firstbits:1MinerQ


View Profile WWW
September 21, 2012, 12:13:25 AM
 #1465

I've been trying to make a paper wallet according to this tutorial, but I don't see an offline mode button on the login page. Is there a new way of doing this? I've never made a paper wallet before. Tongue

The Offline checkbox was removed, the documentation needs updating. To use offline mode now just disconnect your internet and refresh the login page. Be sure to clear the browsers cache before connecting to the internet again.
I tried that, but when I went to print off my paper wallet, it only showed my online wallets. I thought about making it online, printing the wallet and then just deleting the private key. Would that be secure enough?
Anybody know the answer here?
I don't have an answer exactly but I can recommend bitaddress.org to create a 100% offline paper wallet. It works well. And it's easy to import your addresses for watching purposes afterwards into blockchain.info. That let's you still create your keys completely offline.

Krak
Hero Member
*****
Offline Offline

Activity: 591
Merit: 500



View Profile WWW
September 21, 2012, 01:14:39 AM
 #1466

I don't have an answer exactly but I can recommend bitaddress.org to create a 100% offline paper wallet. It works well. And it's easy to import your addresses for watching purposes afterwards into blockchain.info. That let's you still create your keys completely offline.
Thanks, that looks like it'll work nicely. Smiley

BTC: 1KrakenLFEFg33A4f6xpwgv3UUoxrLPuGn
RandomQ
Hero Member
*****
Offline Offline

Activity: 826
Merit: 500



View Profile
September 21, 2012, 01:07:10 PM
Last edit: September 21, 2012, 09:33:25 PM by RandomQ
 #1467

Getting "ERROR 500" when trying to send funds between addresses hosted in the same wallet. Working again
teste
Sr. Member
****
Offline Offline

Activity: 312
Merit: 250


View Profile
September 21, 2012, 01:49:49 PM
 #1468

Puik,

I suggested 3 features on uservoice:

1- http://blockchain.uservoice.com/forums/152743-general-ideas/suggestions/3177586-new-chart-for-addresses-without-activity

2- http://blockchain.uservoice.com/forums/152743-general-ideas/suggestions/3173858-show-the-usd-price-of-1-btc-in-the-exact-time-of-s

3- http://blockchain.uservoice.com/forums/152743-general-ideas/suggestions/3177397-show-date-when-clicking-on-charts

What do you think? Any chance to be implemented?
RandomQ
Hero Member
*****
Offline Offline

Activity: 826
Merit: 500



View Profile
September 21, 2012, 09:52:12 PM
 #1469

Minor Security Concern

When you use a Correct 2 factor Password but an incorrect account password, it informs you that the account password is wrong.

IMHO, a website should never verify which password is incorrect when there are two and should give a generic message saying one of the two passwords are incorrect.

Same theory behind when having account name or password wrong, best practice is to say the password or account is wrong.



The Second Issue

It appears that Google Authenticator is not correctly implemented.

Google Authenticator is a Time-based One-time Password (TOTP) algorithm

If you verify that the Google Authenticator password is correct when using a bad account password,it should burn that password.

I have verified this operation with other authenticator based accounts, and if you use a try to reused a code before the time-limit expires it will not let you.

This is designed this way that if  the password is intercepted, and used by the User it can't be reused within the Time-Limit.

RFC 4226
RFC 6238
FactoredPrimes
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
September 21, 2012, 09:54:07 PM
 #1470

Great service. I appreciate the security model.
kokojie
Legendary
*
Offline Offline

Activity: 1806
Merit: 1003



View Profile
September 21, 2012, 11:07:18 PM
 #1471

Minor Security Concern

When you use a Correct 2 factor Password but an incorrect account password, it informs you that the account password is wrong.

IMHO, a website should never verify which password is incorrect when there are two and should give a generic message saying one of the two passwords are incorrect.

Same theory behind when having account name or password wrong, best practice is to say the password or account is wrong.



The Second Issue

It appears that Google Authenticator is not correctly implemented.

Google Authenticator is a Time-based One-time Password (TOTP) algorithm

If you verify that the Google Authenticator password is correct when using a bad account password,it should burn that password.

I have verified this operation with other authenticator based accounts, and if you use a try to reused a code before the time-limit expires it will not let you.

This is designed this way that if  the password is intercepted, and used by the User it can't be reused within the Time-Limit.

RFC 4226
RFC 6238

I don't agree with the 1st issue, I want to know which one I got wrong, so I as a legitimate user can correct it. If we went with your implementation of security, imagine if I always typed in the wrong account password for some reason, but I might think google authenticator is broken, since I can't distinguish which password I got wrong.

The 2nd issue is really minor, so in less than 30 seconds, some one might be able to make another attempt on my account password, who cares. I can give them 10 years and they wouldn't be able to crack my account password. They either know it by obtaining my password storage file, or they don't.

btc: 15sFnThw58hiGHYXyUAasgfauifTEB1ZF6
RandomQ
Hero Member
*****
Offline Offline

Activity: 826
Merit: 500



View Profile
September 22, 2012, 04:13:11 AM
 #1472

I don't agree with the 1st issue, I want to know which one I got wrong, so I as a legitimate user can correct it. If we went with your implementation of security, imagine if I always typed in the wrong account password for some reason, but I might think google authenticator is broken, since I can't distinguish which password I got wrong.

The 2nd issue is really minor, so in less than 30 seconds, some one might be able to make another attempt on my account password, who cares. I can give them 10 years and they wouldn't be able to crack my account password. They either know it by obtaining my password storage file, or they don't.

If you login a website that has good security and use the wrong password, it says your username or password is wrong.

There is a reason behind it, its to prevent people with huge passwords list from knowing if they have a valid username or valid password.

If you use an Invalid 2 factor on GLBSE it says Username or Password is invalid.

MtGox is a little different you have to input username & password first then 2 factor. Not as secure but they allow multiple 2 factor devices so it makes up in the long run.

Besides current trending security practices dictate not to reuse passwords, I use unique passwords on 95% of the websites i use(per my last security Audit)

I have an IT background, and when I see something that could possibly be exploited I report it.(I've seen a ton of exploits over the years)




Rassah
Legendary
*
Offline Offline

Activity: 1680
Merit: 1035



View Profile WWW
September 22, 2012, 04:56:15 AM
 #1473

Hi Piuk. I think there's something wrong with your signature verification function. Please refer to this post: https://bitcointalk.org/index.php?topic=111918.msg1210994#msg1210994

The message was signed, from the very first --- to the very last --- (dashed stuff included) using the Satoshi 0.7 wallet. Mine was signed using my 1Rassahgt3XSxKVJ62oSrQJxtH3wk4MKX address, and the other was signed using their 1BYkTioZnM7mQQMzmxSkjJaPyzVN2PiTEY address. Signatures for both addresses were added below. These signatures verify to the same addresses using the Satoshi client, but when I try to use your site to verify a message, it gives me a key totally different from the two mentioned that were used to sign the messages. Do you use your own message signing algorithm that's different from Satoshi?
scribe
Sr. Member
****
Offline Offline

Activity: 295
Merit: 250



View Profile WWW
September 22, 2012, 08:36:54 AM
Last edit: September 22, 2012, 12:59:49 PM by scribe
 #1474

Trialing New Deposit Method for UK Users

https://blockchain.info/wallet/deposit-pingit. Accounts are limited to £250/week.

Oh damn, great news for UK users. Looking forward to testing.

Update: Tested. Works. Blown away. This is massive.

blocknois.es Bitcoin music label. ~ New release: This Is Art

Read: Bitcoin Life | Wear: FUTUREECONOMY
teste
Sr. Member
****
Offline Offline

Activity: 312
Merit: 250


View Profile
September 22, 2012, 07:14:30 PM
 #1475

I requested another feature, see: http://blockchain.uservoice.com/forums/152743-general-ideas/suggestions/3191540-keep-signed-in-on-wallet-even-if-i-click-on-other-
misterbigg
Legendary
*
Offline Offline

Activity: 1064
Merit: 1001



View Profile
September 22, 2012, 09:37:33 PM
 #1476

Aren't you snoopy misterbigg and I am sure you are not the only one. I think the less logs the better also.

But getting to demand, perhaps the market could set the rate instead of it constantly being 1.5%.

Sorry for the late reply. I'm not snoopy, but I would like to know what the demand for mixing coins is. Clearly, this should be done in a way that preserves privacy.

The reason I am interested is because I believe that mixing services are essential for legitimate businesses to be able to conduct transactions with Bitcoins. It's not appealing to commercial interests that wallet balances are public. The only way to keep this private is for mixing to be easily obtained, and cheap.

As it stands, 1.5% to anonymize coins is an outrageous price. MtGox doesn't even charge that much if you add up both ends, and they have to pay employees, provide support, retain legal services, and deal with the cost of compliance with the traditional banking system. If you had 10,000 coins and you wanted to mix them, it would cost $1,500!

I think that over time, the cost to mix coins will trend towards zero. Everyone will be interested in mixing, and they will just run some open source app, for example one that implements the body of a recent paper regarding decentralized mixing.
BkkCoins
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1009


firstbits:1MinerQ


View Profile WWW
September 22, 2012, 11:08:54 PM
 #1477

If you had 10,000 coins and you wanted to mix them, it would cost $1,500!
I think you mean $150. But it is costly still. I don't see it as being quite so mandatory for business.

The proper way to accept pmts is to use many addresses, one per transaction. If you do that carefully (and perhaps this is where business apps need improvement) there should be no association between addresses and no way to see any meaningful balance.

hazek
Legendary
*
Offline Offline

Activity: 1078
Merit: 1003


View Profile
September 22, 2012, 11:12:26 PM
 #1478

piuk I have a small problem. I logged out of my wallet but then accidentally landed on the login screen again which prompted the server to send me another sms for two factor auth but I didn't log in and I deleted the sms. Now when I try again it wont send me a new sms. What should I do?

EDIT: nvm, typing in the correct pw and some incorrect sms code resets it Wink

My personality type: INTJ - please forgive my weaknesses (Not naturally in tune with others feelings; may be insensitive at times, tend to respond to conflict with logic and reason, tend to believe I'm always right)

If however you enjoyed my post: 15j781DjuJeVsZgYbDVt2NZsGrWKRWFHpp
misterbigg
Legendary
*
Offline Offline

Activity: 1064
Merit: 1001



View Profile
September 23, 2012, 02:26:08 AM
 #1479

If you had 10,000 coins and you wanted to mix them, it would cost $1,500!
I think you mean $150. But it is costly still. I don't see it as being quite so mandatory for business.

The proper way to accept pmts is to use many addresses, one per transaction. If you do that carefully (and perhaps this is where business apps need improvement) there should be no association between addresses and no way to see any meaningful balance.

I meant $1,500, given an exchange rate of approximately $10.
xchrix
Hero Member
*****
Offline Offline

Activity: 905
Merit: 1001



View Profile
September 23, 2012, 07:29:28 PM
 #1480

is it possible to do a blockchain.info like service for litecoin??
would be awesome Smiley
Pages: « 1 ... 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 [74] 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 ... 173 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!