Bitcoin Forum
March 19, 2024, 07:12:19 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 [115] 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 ... 173 »
  Print  
Author Topic: Blockchain.info - Bitcoin Block explorer & Currency Statistics  (Read 482324 times)
ErebusBat
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500

I am the one who knocks


View Profile
April 18, 2013, 08:49:38 PM
 #2281

To those who have lost coins from blockchain.info accounts; are you certain that you didn't enter your identifier and password into a phishing site? I saw an extremely sophisticated on many months ago, on a typo domain. I suspect that accounts for more lost coins than any actual hacking.
Yet another reason to use lastpass

░▒▓█ Coinroll.it - 1% House Edge Dice Game █▓▒░ • Coinroll Thread • *FREE* 100 BTC Raffle

Signup for CEX.io BitFury exchange and get GHS Instantly!  Don't wait for shipping, mine NOW!
1710832339
Hero Member
*
Offline Offline

Posts: 1710832339

View Profile Personal Message (Offline)

Ignore
1710832339
Reply with quote  #2

1710832339
Report to moderator
1710832339
Hero Member
*
Offline Offline

Posts: 1710832339

View Profile Personal Message (Offline)

Ignore
1710832339
Reply with quote  #2

1710832339
Report to moderator
1710832339
Hero Member
*
Offline Offline

Posts: 1710832339

View Profile Personal Message (Offline)

Ignore
1710832339
Reply with quote  #2

1710832339
Report to moderator
"This isn't the kind of software where we can leave so many unresolved bugs that we need a tracker for them." -- Satoshi
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1710832339
Hero Member
*
Offline Offline

Posts: 1710832339

View Profile Personal Message (Offline)

Ignore
1710832339
Reply with quote  #2

1710832339
Report to moderator
1710832339
Hero Member
*
Offline Offline

Posts: 1710832339

View Profile Personal Message (Offline)

Ignore
1710832339
Reply with quote  #2

1710832339
Report to moderator
1710832339
Hero Member
*
Offline Offline

Posts: 1710832339

View Profile Personal Message (Offline)

Ignore
1710832339
Reply with quote  #2

1710832339
Report to moderator
justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1006



View Profile
April 18, 2013, 11:20:48 PM
 #2282

To those who have lost coins from blockchain.info accounts; are you certain that you didn't enter your identifier and password into a phishing site? I saw an extremely sophisticated on many months ago, on a typo domain. I suspect that accounts for more lost coins than any actual hacking.
Yet another reason to use lastpass
Exactly
JordanL
Donator
Sr. Member
*
Offline Offline

Activity: 294
Merit: 250



View Profile
April 18, 2013, 11:35:30 PM
 #2283

To those who have lost coins from blockchain.info accounts; are you certain that you didn't enter your identifier and password into a phishing site? I saw an extremely sophisticated on many months ago, on a typo domain. I suspect that accounts for more lost coins than any actual hacking.
Yet another reason to use lastpass


Or a yubikey, which is my preferred method.
centove
Full Member
***
Offline Offline

Activity: 194
Merit: 100


View Profile
April 18, 2013, 11:58:35 PM
 #2284

Is this a part of the recovery as well but:

http://markets.blockchain.info/

Oops! Google Chrome could not connect to markets.blockchain.info

Something get lost in the shuffle?

Give me Btc: 1BRkf5bwSVdGCyvu4SyYBiJjEjbNiAQoYd Mine on my node: http://ask.gxsnmp.org:9332/
ErebusBat
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500

I am the one who knocks


View Profile
April 19, 2013, 12:24:53 AM
 #2285

To those who have lost coins from blockchain.info accounts; are you certain that you didn't enter your identifier and password into a phishing site? I saw an extremely sophisticated on many months ago, on a typo domain. I suspect that accounts for more lost coins than any actual hacking.
Yet another reason to use lastpass


Or a yubikey, which is my preferred method.
Actually I was referring to the fact that lasts as remembers the URL for me, so typos are non existent.

░▒▓█ Coinroll.it - 1% House Edge Dice Game █▓▒░ • Coinroll Thread • *FREE* 100 BTC Raffle

Signup for CEX.io BitFury exchange and get GHS Instantly!  Don't wait for shipping, mine NOW!
organofcorti
Donator
Legendary
*
Offline Offline

Activity: 2058
Merit: 1007


Poor impulse control.


View Profile WWW
April 19, 2013, 12:26:18 AM
 #2286

To those who have lost coins from blockchain.info accounts; are you certain that you didn't enter your identifier and password into a phishing site? I saw an extremely sophisticated on many months ago, on a typo domain. I suspect that accounts for more lost coins than any actual hacking.
Yet another reason to use lastpass


Or a yubikey, which is my preferred method.

Or a yubikey with lastpass.

Bitcoin network and pool analysis 12QxPHEuxDrs7mCyGSx1iVSozTwtquDB3r
follow @oocBlog for new post notifications
glitch003
Full Member
***
Offline Offline

Activity: 219
Merit: 101


View Profile
April 19, 2013, 04:12:16 PM
 #2287

Hey piuk, when I try to use the payment API I get this error: "Error Http Notifications Are Currently Disabled".  Just curious, how long until they're enabled?


Thanks!
giantdragon
Legendary
*
Offline Offline

Activity: 1582
Merit: 1002



View Profile
April 19, 2013, 04:15:40 PM
 #2288

Receive payments API don't work, I am getting an error: "Error Http Notifications Are Currently Disabled".
ingrownpocket
Legendary
*
Offline Offline

Activity: 952
Merit: 1000


View Profile
April 19, 2013, 06:30:21 PM
 #2289

Hey piuk, when I try to use the payment API I get this error: "Error Http Notifications Are Currently Disabled".  Just curious, how long until they're enabled?


Thanks!
Receive payments API don't work, I am getting an error: "Error Http Notifications Are Currently Disabled".
Confirmed.
dooglus
Legendary
*
Offline Offline

Activity: 2940
Merit: 1327



View Profile
April 19, 2013, 07:11:24 PM
 #2290

I've seen advice recently both in this thread and on twitter that instead of validating callback requests using the IP address (since it keeps changing) I should include a per-user secret in the callback URL.

The problem with this is the callback URL appears in the source-code of the page presented to the user, so it won't stay secret for long.

http://blockchain.info/api/api_receive says:

Quote
Where you would like the pay now button to appear include the following code

Code:
<div style="font-size:16px;margin:10px;width:300px" class="blockchain-btn"
     data-address="1A8JiWcwvpY7tAopUkSnGuEYHmzGYfZPiq"
     data-callback="https://mydomain.com/callback_url">

I assume you're suggesting putting the 'secret' in the data-callback attribute?  But then the user just views the HTML source and sees the secret, and can then fake their own callback visit.

And like others have said, callbacks seem to be currently broken anyway.  Clicking the demo 'javascript buttons' on http://blockchain.info/api/api_receive tells me:

"Error Http Notifications Are Currently Disabled"

Just-Dice                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   Play or Invest                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   1% House Edge
ingrownpocket
Legendary
*
Offline Offline

Activity: 952
Merit: 1000


View Profile
April 19, 2013, 08:48:57 PM
 #2291

I've seen advice recently both in this thread and on twitter that instead of validating callback requests using the IP address (since it keeps changing) I should include a per-user secret in the callback URL.

The problem with this is the callback URL appears in the source-code of the page presented to the user, so it won't stay secret for long.

http://blockchain.info/api/api_receive says:

Quote
Where you would like the pay now button to appear include the following code

Code:
<div style="font-size:16px;margin:10px;width:300px" class="blockchain-btn"
     data-address="1A8JiWcwvpY7tAopUkSnGuEYHmzGYfZPiq"
     data-callback="https://mydomain.com/callback_url">

I assume you're suggesting putting the 'secret' in the data-callback attribute?  But then the user just views the HTML source and sees the secret, and can then fake their own callback visit.

And like others have said, callbacks seem to be currently broken anyway.  Clicking the demo 'javascript buttons' on http://blockchain.info/api/api_receive tells me:

"Error Http Notifications Are Currently Disabled"
The secret works if you use PHP to get the address and then print it on the page.
internationalaw
Member
**
Offline Offline

Activity: 78
Merit: 10


Community Manager at Letstalkbitcoin.com


View Profile WWW
April 19, 2013, 09:41:36 PM
 #2292

Hey @piuk, could you comment on how long it takes to get your 2 factor authentication reset? I've been locked out for over a week now and I've already submitted a form. I have some things I need to do with my BTC.

dooglus
Legendary
*
Offline Offline

Activity: 2940
Merit: 1327



View Profile
April 20, 2013, 03:00:22 AM
 #2293

The secret works if you use PHP to get the address and then print it on the page.

Interesting.

Do you have some example code to show what you mean?

Is this instead of using the javascript buttons that blockchain.info provide, or some modification to their code?

Just-Dice                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   Play or Invest                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   1% House Edge
giantdragon
Legendary
*
Offline Offline

Activity: 1582
Merit: 1002



View Profile
April 20, 2013, 03:33:55 AM
 #2294

The secret works if you use PHP to get the address and then print it on the page.
Do you have some example code to show what you mean?

A working example:
Code:
$callback = urlencode("http://example.com/deposit.php?username={$_SESSION['username']}&secret={$depositSecret}");
$url = "https://blockchain.info/api/receive?method=create&address={$depositAddress}&shared=false&callback={$callback}";

$response = @file_get_contents($url);
$json = json_decode($response, true);

if(($json === false) || (is_null($json)) || (!isset($json['input_address'])))
//error
else
redirect("page.php?address={$json['input_address']}");
BitPirate
Full Member
***
Offline Offline

Activity: 238
Merit: 100


RMBTB.com: The secure BTC:CNY exchange. 0% fee!


View Profile
April 20, 2013, 05:25:38 AM
 #2295

Hi,

The JSON-RPC API is again giving me "lock timeout exceeded, try restarting transaction" on all requests.

Looks like a MySQL error -- I guess you're missing a rollback() or commit() somewhere...

elgreco
Full Member
***
Offline Offline

Activity: 147
Merit: 100



View Profile
April 20, 2013, 02:10:47 PM
 #2296

Any idea when the satoshidice send option will work again?

1E1GrECoNP1RpvWe72kS5cDZozA47nUFs4
paraipan
In memoriam
Legendary
*
Offline Offline

Activity: 924
Merit: 1004


Firstbits: 1pirata


View Profile WWW
April 20, 2013, 05:29:08 PM
 #2297

Don't know if bug or PEBCAK issue here, PM sent anyways.

BTCitcoin: An Idea Worth Saving - Q&A with bitcoins on rugatu.com - Check my rep
ingrownpocket
Legendary
*
Offline Offline

Activity: 952
Merit: 1000


View Profile
April 20, 2013, 05:34:58 PM
 #2298

The secret works if you use PHP to get the address and then print it on the page.
Do you have some example code to show what you mean?

A working example:
Code:
$callback = urlencode("http://example.com/deposit.php?username={$_SESSION['username']}&secret={$depositSecret}");
$url = "https://blockchain.info/api/receive?method=create&address={$depositAddress}&shared=false&callback={$callback}";

$response = @file_get_contents($url);
$json = json_decode($response, true);

if(($json === false) || (is_null($json)) || (!isset($json['input_address'])))
//error
else
redirect("page.php?address={$json['input_address']}");
Yes, that.
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1010


View Profile
April 21, 2013, 07:51:59 AM
 #2299

I'm wondering why Blockchain.info is having trouble with this transaction:

 - https://blockchain.info/tx/d3887aa543417c6934e7831407d017ec15b4b288a23cdd2977505a6ea1aff739

When I enabled "Advanced" I click on the (Spent), which is the URL:
 - https://blockchain.info/tx-index/66120873

but am given the response:  "Transaction not found"

But here is that transaction:
 - https://blockchain.info/tx/440a659b8298dcc0ac336e1c245472f6bcc48a90d978a746241c74b4368ae92e

So is this just an indexing error somewhere?

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


whiskers75
Hero Member
*****
Offline Offline

Activity: 658
Merit: 502


Doesn't use these forums that often.


View Profile
April 21, 2013, 10:04:56 AM
 #2300

Put a warning up about enabling 2 factor auth - I lost 1.2 BTC due to a "It would take a desktop PC about 175 years to crack your password" password. (http://howsecureismypassword.net)

Elastic.pw Elastic - The Decentralized Supercomputer
ELASTIC ANNOUNCEMENT THREAD | ELASTIC SLACK | ELASTIC FORUM
Pages: « 1 ... 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 [115] 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 ... 173 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!