Bitcoin Forum
December 09, 2016, 03:58:12 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 [50] 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 ... 168 »
  Print  
Author Topic: Blockchain.info - Bitcoin Block explorer & Currency Statistics  (Read 414690 times)
Peter Todd
Legendary
*
Offline Offline

Activity: 1064


View Profile
June 21, 2012, 01:43:34 PM
 #981

Google Chrome is telling me that the wallet verifier app needs new permissions. What's the story?

I'm seeing this too. Oddly I saw the message first on a totally unrelated site.

1481299092
Hero Member
*
Offline Offline

Posts: 1481299092

View Profile Personal Message (Offline)

Ignore
1481299092
Reply with quote  #2

1481299092
Report to moderator
1481299092
Hero Member
*
Offline Offline

Posts: 1481299092

View Profile Personal Message (Offline)

Ignore
1481299092
Reply with quote  #2

1481299092
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481299092
Hero Member
*
Offline Offline

Posts: 1481299092

View Profile Personal Message (Offline)

Ignore
1481299092
Reply with quote  #2

1481299092
Report to moderator
1481299092
Hero Member
*
Offline Offline

Posts: 1481299092

View Profile Personal Message (Offline)

Ignore
1481299092
Reply with quote  #2

1481299092
Report to moderator
ErebusBat
Hero Member
*****
Offline Offline

Activity: 560

I am the one who knocks


View Profile
June 21, 2012, 03:08:08 PM
 #982

Google Chrome is telling me that the wallet verifier app needs new permissions. What's the story?

I'm seeing this too. Oddly I saw the message first on a totally unrelated site.

That is because it now wants access to EVERY site and not just blockchain.info.  Not sure why, maybe piuk can enlighten us.

░▒▓█ Coinroll.it - 1% House Edge Dice Game █▓▒░ • Coinroll Thread • *FREE* 100 BTC Raffle

Signup for CEX.io BitFury exchange and get GHS Instantly!  Don't wait for shipping, mine NOW!
HostFat
Staff
Legendary
*
Offline Offline

Activity: 2296


I support freedom of choice


View Profile WWW
June 21, 2012, 03:10:48 PM
 #983

I think that it's going to catch all bitcoin URIs ...

Eternity Wall: Messages lasting forever - The Rock Trading (ref): A good exchange / gateway Ripple, with support for multisig, since 2007. 
https://bitcointa.lk: Bitcointalk backup if offline - Bitcoin Foundation Italia - Blog: http://theupwind.blogspot.it
piuk
Hero Member
*****
Offline Offline

Activity: 910



View Profile WWW
June 21, 2012, 03:13:27 PM
 #984

Google Chrome is telling me that the wallet verifier app needs new permissions. What's the story?

It's for a new feature which allows you to import and export keys to Bitcoin-Qt without needing to use pywallet or command line.

The problem is talking with the Bitcoind RPC server is a violation of the browser's Same origin policy and most browsers won't let you do it without special CORS HTTP headers. I made a pull request to add CORS headers to the RPC interface but the Bitcoin devs have dismissed the idea previously. As a workaround the Verifier browser extension can be used to circumvent the restrictions - as extensions have the ability to bypass the same origin policy if requested.

1) If you are not running Bitcoind-Qt there is no risk.
2) If you have not enabled the RPC server (by default it is off) there is no risk.
3) If you have the RPC server enabled the web interface will be able to talk with Bitcoin-QT so be sure the username and password is set.
4) The extension only runs on blockchain.info or www.blockchain.info.






piuk
Hero Member
*****
Offline Offline

Activity: 910



View Profile WWW
June 21, 2012, 07:03:23 PM
 #985

Desktop sync Now Active. It can be found in [Import / Export].

It allows you to easily import keys from Bitcoin-QT if you would like to switch to My Wallet or export keys if you want to switch to the Desktop client.

However it is not recommended for everyday use if you want to keep your wallets separate as by entering your RPC username, password and wallet password you are giving the javascript full access to your Bitcoin-Qt wallet. The username and password for the Bitcoin-Qt wallet is not saved.

LightRider
Legendary
*
Offline Offline

Activity: 1488


I advocate the Zeitgeist Movement & Venus Project.


View Profile WWW
June 22, 2012, 08:45:40 AM
 #986

That is wonderful and terrifying feature.

Bitcoin combines money, the wrongest thing in the world, with software, the easiest thing in the world to get wrong.
Visit www.thevenusproject.com and www.theZeitgeistMovement.com.
Peter Todd
Legendary
*
Offline Offline

Activity: 1064


View Profile
June 22, 2012, 12:39:22 PM
 #987

Google Chrome is telling me that the wallet verifier app needs new permissions. What's the story?

It's for a new feature which allows you to import and export keys to Bitcoin-Qt without needing to use pywallet or command line.

The problem is talking with the Bitcoind RPC server is a violation of the browser's Same origin policy and most browsers won't let you do it without special CORS HTTP headers. I made a pull request to add CORS headers to the RPC interface but the Bitcoin devs have dismissed the idea previously. As a workaround the Verifier browser extension can be used to circumvent the restrictions - as extensions have the ability to bypass the same origin policy if requested.

1) If you are not running Bitcoind-Qt there is no risk.
2) If you have not enabled the RPC server (by default it is off) there is no risk.
3) If you have the RPC server enabled the web interface will be able to talk with Bitcoin-QT so be sure the username and password is set.
4) The extension only runs on blockchain.info or www.blockchain.info.


I really think you should use a separate extension for this.

I have no need for this feature - it is a niche use case - and I'd much rather be running a verifier with fairly limited privileges than one that in itself represents a security risk.

piuk
Hero Member
*****
Offline Offline

Activity: 910



View Profile WWW
June 22, 2012, 02:15:54 PM
 #988

I really think the risk is minimal. But regardless it is a niche case so I have moved it to a separate extension and the verifier permissiosn have be reset to how they were previously.

Verifier:

https://chrome.google.com/webstore/detail/kcapglakfcodkajgllmkiddclghogkic

RPC Communicator:

https://chrome.google.com/webstore/detail/nknfighfndfaahebfedlkgfifjfjgbjk

As always the sources are available on https://github.com/blockchain

HostFat
Staff
Legendary
*
Offline Offline

Activity: 2296


I support freedom of choice


View Profile WWW
June 22, 2012, 02:28:20 PM
 #989

You should add a link to the RPC Communicator in the import/export page Smiley

Eternity Wall: Messages lasting forever - The Rock Trading (ref): A good exchange / gateway Ripple, with support for multisig, since 2007. 
https://bitcointa.lk: Bitcointalk backup if offline - Bitcoin Foundation Italia - Blog: http://theupwind.blogspot.it
piuk
Hero Member
*****
Offline Offline

Activity: 910



View Profile WWW
June 22, 2012, 11:11:27 PM
 #990

New Feature: Taint Analysis

Shows the addresses which can be connected with a particular destination address and the % of the total funds received from each address (Taint). This tool is indented to make it easier to test your mixing service and make it easier to analyse your own anonymity. Not as a tool for blacklisting bitcoins which is a terrible idea.

Examples:

Blockchain.info Donation Address

http://blockchain.info/taint/1JArS6jzE3AJ9sZ3aFij1BmTcpFGgN86hA: Largest payment received is from 122uEigTAMi7Moj4KWaboQDehjsCZaSyhy which is followed by a long series of transactions with very little mixing. At some point the funds passed through the Mt.Gox green address (1LNWw6yCxkUmkhArb2Nf2MPw6vG7u5WG7q) stopping at this transaction (http://blockchain.info/tx-index/2058561/1) which is the maximum depth of 250 outputs deep that the tool will show.

Mining address:

http://blockchain.info/taint/16QAc9cG4Aoim3ATkhNtvqxJKFUg7seZvU for address http://blockchain.info/address/16QAc9cG4Aoim3ATkhNtvqxJKFUg7seZvU

Shows 100% taint for each address as the coins have never been mixed and the entire amount can be trace back to the generation address 16LiX6VnHLSCwRG7CT3WqzFh8jXoRAiu1b

Stolen Funds Analysis

http://blockchain.info/taint/1QL18jvRWvw8dn3mrveNYbkWWZQ7ea3CoB is 7% tainted by the Bitcoinica hack transaction. If you view the address http://blockchain.info/address/1QL18jvRWvw8dn3mrveNYbkWWZQ7ea3CoB?show_adv=true you can see there is one outgoing transaction to 1Ph5K2kz18mhUZYEtpsALWcwK9qZ41nDpR and 16TS4y4J2Eh8nVseGuYjPkGtqSpRBMurmH. However because that transaction uses inputs from a lot of different sources neither of those address will show taint from the Bitcoinica funds anymore. The funds have been sufficiently mixed that a link can no longer be made (it could will more in depth analysis but it would be very weak).
 
More anonymity tools coming for My Wallet users soon.

You should add a link to the RPC Communicator in the import/export page Smiley

Link is up now. Even small changes to the site like that require a web server restart some I'm trying to deploy updates less often.


hazek
Legendary
*
Offline Offline

Activity: 1078


View Profile
June 22, 2012, 11:21:12 PM
 #991

May I suggest you rename it to trail analysis or something else. Taint has unfortunately become a pretty loaded word and will probably give the wrong idea to quite a few people.

My personality type: INTJ - please forgive my weaknesses (Not naturally in tune with others feelings; may be insensitive at times, tend to respond to conflict with logic and reason, tend to believe I'm always right)

If however you enjoyed my post: 15j781DjuJeVsZgYbDVt2NZsGrWKRWFHpp
k
Sr. Member
****
Offline Offline

Activity: 452


View Profile
June 22, 2012, 11:45:00 PM
 #992

agree with hazek, try to avoid calling it taint analysis.
Maybe coin history/origin analysis or something else.
Red Emerald
Hero Member
*****
Offline Offline

Activity: 742



View Profile WWW
June 23, 2012, 01:30:17 AM
 #993

agree with hazek, try to avoid calling it taint analysis.
Maybe coin history/origin analysis or something else.
+1

So something weird is going on with my vanity address.

http://blockchain.info/taint/11235813yoNV9F45KjwRiBYnYFufMunTj8

Apparently there is only a 5.7942159848% that this address is connected to itself. That seems wrong.

Also I think you have a typo here: "The more "taint" the worse the stronger the link that remains."

ErebusBat
Hero Member
*****
Offline Offline

Activity: 560

I am the one who knocks


View Profile
June 23, 2012, 02:17:44 AM
 #994

New Feature: Taint Analysis

Seriously cool!

░▒▓█ Coinroll.it - 1% House Edge Dice Game █▓▒░ • Coinroll Thread • *FREE* 100 BTC Raffle

Signup for CEX.io BitFury exchange and get GHS Instantly!  Don't wait for shipping, mine NOW!
unclescrooge
aka Raphy
Hero Member
*****
Offline Offline

Activity: 868


View Profile
June 23, 2012, 08:05:06 AM
 #995

Not as a tool for blacklisting bitcoins which is a terrible idea.

+1

Very very bad idea.

All coins are eventually tainted. As all the dollars bills anyway

ErebusBat
Hero Member
*****
Offline Offline

Activity: 560

I am the one who knocks


View Profile
June 23, 2012, 12:17:50 PM
 #996

Anyone know off hand which address the coins in the genesis block were paid to?  That would be interesting.

░▒▓█ Coinroll.it - 1% House Edge Dice Game █▓▒░ • Coinroll Thread • *FREE* 100 BTC Raffle

Signup for CEX.io BitFury exchange and get GHS Instantly!  Don't wait for shipping, mine NOW!
Red Emerald
Hero Member
*****
Offline Offline

Activity: 742



View Profile WWW
June 23, 2012, 08:40:20 PM
 #997

Anyone know off hand which address the coins in the genesis block were paid to?  That would be interesting.

http://blockchain.info/address/1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa

The wiki says they can't actually be spent, though it doesn't go into the details of why.

piuk
Hero Member
*****
Offline Offline

Activity: 910



View Profile WWW
June 23, 2012, 10:59:06 PM
 #998

May I suggest you rename it to trail analysis or something else. Taint has unfortunately become a pretty loaded word and will probably give the wrong idea to quite a few people.

Taint is already a word i've heard mentioned a few times when discussing coin origins. Maybe Source Analysis.

Apparently there is only a 5.7942159848% that this address is connected to itself. That seems wrong.

I tweaked the algorithm a bit and not it correctly(?) shows 1HZY2Bks6HjTXFxXSj8ivhWCnkosypiUxR as the top source address.

The branch column attempts to colour code related transactions and if numbered shows the number of unique root branches that address has appeared in. By unique branches I mean descendants of transactions which directly pay into to the address. Anything with a count > 0 usually indicates a stronger relationship with the target address.

For example My Address: http://blockchain.info/taint/1A8JiWcwvpY7tAopUkSnGuEYHmzGYfZPiq shows branch counts > 0 for these addresses.






These are addresses I also commonly use for testing and such and are in the same wallet. It does also show a high branch count for Deppbit (1VayNert3x1KzbpzMGt2qdqrAThiRovi8) which you will find to be true of many addresses as a large % of coins tend to originate from deepbit. Also the top ip is listed as 127.0.0.1 because I use My Wallet to make transactions so they are broadcast from localhost.

Anyone know off hand which address the coins in the genesis block were paid to?  That would be interesting.

http://blockchain.info/address/1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa

The wiki says they can't actually be spent, though it doesn't go into the details of why.

The genesis transaction will be rather interesting as it has no history. It would be interesting to do an analysis on the first few thousand generation transactions, at least some of them must have moved.


P.S. Thank you to the recent donators.

Jan
Legendary
*
Offline Offline

Activity: 1042



View Profile
June 23, 2012, 11:26:34 PM
 #999

How about calling it traceroute? Resembles the unix command for tracing IP router hops.

Mycelium let's you hold your private keys private.
hazek
Legendary
*
Offline Offline

Activity: 1078


View Profile
June 24, 2012, 12:03:55 AM
 #1000

May I suggest you rename it to trail analysis or something else. Taint has unfortunately become a pretty loaded word and will probably give the wrong idea to quite a few people.

Taint is already a word i've heard mentioned a few times when discussing coin origins. Maybe Source Analysis.

Excellent choice, I like it a lot!

My personality type: INTJ - please forgive my weaknesses (Not naturally in tune with others feelings; may be insensitive at times, tend to respond to conflict with logic and reason, tend to believe I'm always right)

If however you enjoyed my post: 15j781DjuJeVsZgYbDVt2NZsGrWKRWFHpp
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 [50] 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 ... 168 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!