Bitcoin Forum
October 15, 2019, 12:50:54 AM *
News: If you like a topic and you see an orange "bump" link, click it. More info.
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Staked address question  (Read 188 times)
pat25
Full Member
***
Offline Offline

Activity: 686
Merit: 102


View Profile
May 21, 2018, 04:43:22 PM
 #1

Hello,
 I would like to stake my bitcoin address, but what will happen if someone steals my private key? Then, he can steal my bitcointalk account by sending signed message to moderators? Could he do that without email access?   

I am writing this because I have an experience that my private key was abused.
Some PGP public keys you should import: theymos, Wladimir, Gregory, Pieter
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1571100654
Hero Member
*
Offline Offline

Posts: 1571100654

View Profile Personal Message (Offline)

Ignore
1571100654
Reply with quote  #2

1571100654
Report to moderator
1571100654
Hero Member
*
Offline Offline

Posts: 1571100654

View Profile Personal Message (Offline)

Ignore
1571100654
Reply with quote  #2

1571100654
Report to moderator
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1526
Merit: 1320


https://bit.ly/2FR9nyn - free python tutorials


View Profile
May 21, 2018, 04:51:20 PM
 #2

Stake a SECURE address. Get an airgapped computer or a hardware device if you can't store something on a hot wallet without fearing your keys will be exposed.

Can you give any information a bit more specifically? Like how the key might have been taken.

Qartersa
Hero Member
*****
Offline Offline

Activity: 868
Merit: 535


View Profile
May 21, 2018, 04:52:17 PM
 #3

The admins must take action if he presents a signed message. If he doesn't have the password to your account or access to your email then he can't control it unless he signs the message and the admins gives him the login.

It is still good practice to stake an address and better secure your private keys.
mdayonliner
Sr. Member
****
Offline Offline

Activity: 490
Merit: 364


I always respected forum rules even private ones


View Profile WWW
May 21, 2018, 05:19:51 PM
 #4

Hello,
 I would like to stake my bitcoin address, but what will happen if someone steals my private key? Then, he can steal my bitcointalk account by sending signed message to moderators? Could he do that without email access?    

I am writing this because I have an experience that my private key was abused.

Well in that case you will lose your Bitcoin before even getting the bitcointalk account stolen by whoever do it LOL
How can you not keep your private key secure?  Roll Eyes


Wait... Before even asking the mods by sending the singed message, the theft will need your BitcoinTalk password too!
Are you saying you will lose your Private key and bitcoinTalk password at the same time?(!) I guess the timing will be once in a  Quattuordecillion time (1042) Tongue

I could not stand the lies against me anymore. I can not prove them wrong too. It's better I live in peace.
So, I am willingly locking mdayonliner. Thank you BitcoinTalk. Be addictive, be a Bitcoiner.
LoyceV
Legendary
*
Offline Offline

Activity: 1638
Merit: 4805


Largest Merit Circle on BPIP!


View Profile WWW
May 21, 2018, 06:04:17 PM
 #5

I would like to stake my bitcoin address, but what will happen if someone steals my private key? Then, he can steal my bitcointalk account by sending signed message to moderators?
I assume you'll have a backup, so the thief can't take away your access to the private key. That means you can still sign a message by yourself, so you'll have this scenario:
-thief trying to steal your account: signs a message and posts it from a different account
-you: sign a message and post it from your own account

You should be fine.

How can you not keep your private key secure?  Roll Eyes
I accidentally copied the private key to my staked address into Google 2 years ago (don't ask how, but yes, I felt stupid!). It even has some funds at the moment, I don't think Google is going to abuse it.

Update: I just looked at pat25's profile:
Loading Trust...
I doubt anyone would want to steal it.

pat25
Full Member
***
Offline Offline

Activity: 686
Merit: 102


View Profile
May 21, 2018, 06:37:30 PM
 #6

Thank you guys!
I am changing my password regularly to prevent hack, but I can´t regularly change my private key Sad.

But also do you know how hackers steal accounts?
And how moderators find that the account is hacked? Because I see many red tagged hacked accounts.
For me it is very interesting because I did not believe in malwares, hacker attacks until I used Bitcoin and Bitcointalk forum  Grin

jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1526
Merit: 1320


https://bit.ly/2FR9nyn - free python tutorials


View Profile
May 21, 2018, 07:28:00 PM
 #7

Thank you guys!
I am changing my password regularly to prevent hack, but I can´t regularly change my private key Sad.

But also do you know how hackers steal accounts?
And how moderators find that the account is hacked? Because I see many red tagged hacked accounts.
For me it is very interesting because I did not believe in malwares, hacker attacks until I used Bitcoin and Bitcointalk forum  Grin



The owner signs the address of that specific account to prove ownership and get red trust on it. Accounts can also be locked by using the change password link in your email.

You can change private keys regularly if you particularly want to also, just make a new address, it won't do much but still.

Hackers can steal accounts in many ways. There are ways to get hold of hashed account passwords and bruteforcing them to find users with simple passwords, like if someone uses the password "password" which, if they do, they deserve their account to be stolen IMO then that can be found in that way.

pat25
Full Member
***
Offline Offline

Activity: 686
Merit: 102


View Profile
May 21, 2018, 08:31:28 PM
 #8

Thank you guys!
I am changing my password regularly to prevent hack, but I can´t regularly change my private key Sad.

But also do you know how hackers steal accounts?
And how moderators find that the account is hacked? Because I see many red tagged hacked accounts.
For me it is very interesting because I did not believe in malwares, hacker attacks until I used Bitcoin and Bitcointalk forum  Grin



The owner signs the address of that specific account to prove ownership and get red trust on it. Accounts can also be locked by using the change password link in your email.

You can change private keys regularly if you particularly want to also, just make a new address, it won't do much but still.

Hackers can steal accounts in many ways. There are ways to get hold of hashed account passwords and bruteforcing them to find users with simple passwords, like if someone uses the password "password" which, if they do, they deserve their account to be stolen IMO then that can be found in that way.
But I don´t think that Hero and Legendary members are so stupid to have such simple passwords, or?
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1526
Merit: 1320


https://bit.ly/2FR9nyn - free python tutorials


View Profile
May 21, 2018, 08:48:17 PM
 #9

Thank you guys!
I am changing my password regularly to prevent hack, but I can´t regularly change my private key Sad.

But also do you know how hackers steal accounts?
And how moderators find that the account is hacked? Because I see many red tagged hacked accounts.
For me it is very interesting because I did not believe in malwares, hacker attacks until I used Bitcoin and Bitcointalk forum  Grin



The owner signs the address of that specific account to prove ownership and get red trust on it. Accounts can also be locked by using the change password link in your email.

You can change private keys regularly if you particularly want to also, just make a new address, it won't do much but still.

Hackers can steal accounts in many ways. There are ways to get hold of hashed account passwords and bruteforcing them to find users with simple passwords, like if someone uses the password "password" which, if they do, they deserve their account to be stolen IMO then that can be found in that way.
But I don´t think that Hero and Legendary members are so stupid to have such simple passwords, or?


You'd be suprised...
Anyone can come up with a bad password that hasn't been hacked (yet) and it's not sometimes that simple either to try to get a complex password.

My forum account is much easier to crack than accounts that actually hold money in them for example. I always suggest, that if you deal with a high ranking member just off their trust, it's good to get their signature to ensure that it is them before you trade with them (it can't hurt).

LTU_btc
Hero Member
*****
Offline Offline

Activity: 1386
Merit: 743



View Profile WWW
May 21, 2018, 11:37:09 PM
 #10

But I don´t think that Hero and Legendary members are so stupid to have such simple passwords, or?

I don't think that many users who got account hacked used simple passwords. The problem that many people are using same passwords pretty much everywhere. And if one website get hacked or sell login data of their users, hacker just need to try enter same login data on bitcointalk and voila
And another reason why there are so many hacked accounts - phishing website




▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄                  ▄▄▄   ▄▄▄▄▄        ▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄
 ▀████████████████▄  ████                 █████   ▀████▄    ▄████▀  ▄██████████████   ████████████▀  ▄█████████████▀  ▄█████████████▄
              ▀████  ████               ▄███▀███▄   ▀████▄▄████▀               ████   ████                ████                   ▀████
   ▄▄▄▄▄▄▄▄▄▄▄█████  ████              ████   ████    ▀██████▀      ██████████████▄   ████████████▀       ████       ▄▄▄▄▄▄▄▄▄▄▄▄████▀
   ██████████████▀   ████            ▄███▀     ▀███▄    ████        ████        ████  ████                ████       ██████████████▀
   ████              ████████████▀  ████   ██████████   ████        ████████████████  █████████████▀      ████       ████      ▀████▄
   ▀▀▀▀              ▀▀▀▀▀▀▀▀▀▀▀   ▀▀▀▀   ▀▀▀▀▀▀▀▀▀▀▀▀  ▀▀▀▀        ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀   ▀▀▀▀▀▀▀▀▀▀▀▀        ▀▀▀▀       ▀▀▀▀        ▀▀▀▀▀

#1 CRYPTO CASINO & SPORTSBOOK
 WELCOME
BONUS
.INSTANT & FAST.
.TRANSACTION.....
.PROVABLY FAIR.
......& SECURE......
.24/7 CUSTOMER.
............SUPPORT.
BTC      |      ETH      |      LTC      |      XRP      |      XMR      |      BNB      |     more
pat25
Full Member
***
Offline Offline

Activity: 686
Merit: 102


View Profile
May 22, 2018, 08:21:00 AM
 #11

But I don´t think that Hero and Legendary members are so stupid to have such simple passwords, or?

I don't think that many users who got account hacked used simple passwords. The problem that many people are using same passwords pretty much everywhere. And if one website get hacked or sell login data of their users, hacker just need to try enter same login data on bitcointalk and voila
And another reason why there are so many hacked accounts - phishing website
Interesting. Thank you for the explanation.
And how are the hacked accounts discovered? Only administrators can view the IP change or? Because I posted in my second thread probably hacked/bought accounts - swicth language, time gap and still they aren´t tagged, how DT moderators evaluate what is hacked/bought and what is not?



apoorvlathey
Hero Member
*****
Offline Offline

Activity: 1036
Merit: 545


CryptoTalk.Org - Get Paid for every Post!


View Profile WWW
May 22, 2018, 09:00:27 AM
 #12

And how are the hacked accounts discovered?
The person who gets hacked has to create a new account and prove that he is the real owner of the account and that it got hacked. The message containing
message signed by staked address is sent to theymos / Cyrus which then look into your account recovery case.

Only administrators can view the IP change or?
The only person that can get IP address related information is theymos (admin).

Because I posted in my second thread probably hacked/bought accounts - swicth language, time gap and still they aren´t tagged, how DT moderators evaluate what is hacked/bought and what is not?
Apart from IP address, on the trust page anyone can view whether the password, email or both of the account was changed recently or not.
When original user posts his signed message using stacked address publicly, DT or any other users can verify it and identify the hacked account.

 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.

       .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .███████████████████████████████████████████████████████████
           .█████████████████████████████████████████████████████
              .████████████████████████████████████████████████
                   ████████████████████████████████████████
                      ██████████████████████████████████
                          ██████████████████████████
                             ████████████████████
                               ████████████████
                                   █████████
.CryptoTalk.org.|.MAKE POSTS AND EARN BTC!.🏆
LTU_btc
Hero Member
*****
Offline Offline

Activity: 1386
Merit: 743



View Profile WWW
May 22, 2018, 10:06:07 AM
 #13

Interesting. Thank you for the explanation.
And how are the hacked accounts discovered? Only administrators can view the IP change or? Because I posted in my second thread probably hacked/bought accounts - swicth language, time gap and still they aren´t tagged, how DT moderators evaluate what is hacked/bought and what is not?
apoorvlathey gave you good answers. I will only add few things. Only theymos can check IP addresses, but it's bad indicator. People are using Proxies, TOR, VPN, dynamic IP addresses, so it's proof that account was sold/hacked when IP address change.
Language is one of indicators. If account owner posted only in English and then immediately starts to post in Russian for example, it's likely that account was bought/hacked.
And if high ranked user with good history of posts start to make low quality posts - it's another sign of bought/hacked account.




▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄                  ▄▄▄   ▄▄▄▄▄        ▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄
 ▀████████████████▄  ████                 █████   ▀████▄    ▄████▀  ▄██████████████   ████████████▀  ▄█████████████▀  ▄█████████████▄
              ▀████  ████               ▄███▀███▄   ▀████▄▄████▀               ████   ████                ████                   ▀████
   ▄▄▄▄▄▄▄▄▄▄▄█████  ████              ████   ████    ▀██████▀      ██████████████▄   ████████████▀       ████       ▄▄▄▄▄▄▄▄▄▄▄▄████▀
   ██████████████▀   ████            ▄███▀     ▀███▄    ████        ████        ████  ████                ████       ██████████████▀
   ████              ████████████▀  ████   ██████████   ████        ████████████████  █████████████▀      ████       ████      ▀████▄
   ▀▀▀▀              ▀▀▀▀▀▀▀▀▀▀▀   ▀▀▀▀   ▀▀▀▀▀▀▀▀▀▀▀▀  ▀▀▀▀        ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀   ▀▀▀▀▀▀▀▀▀▀▀▀        ▀▀▀▀       ▀▀▀▀        ▀▀▀▀▀

#1 CRYPTO CASINO & SPORTSBOOK
 WELCOME
BONUS
.INSTANT & FAST.
.TRANSACTION.....
.PROVABLY FAIR.
......& SECURE......
.24/7 CUSTOMER.
............SUPPORT.
BTC      |      ETH      |      LTC      |      XRP      |      XMR      |      BNB      |     more
Hektur
Member
**
Offline Offline

Activity: 271
Merit: 10


View Profile
May 22, 2018, 05:29:09 PM
 #14

I would like to stake my ETH address because I don´t have BTC, is that possible? I think that ethereum could sign message too or?

TryNinja
Legendary
*
Offline Offline

Activity: 1162
Merit: 1557



View Profile
May 22, 2018, 05:30:34 PM
 #15

I would like to stake my ETH address because I don´t have BTC, is that possible? I think that ethereum could sign message too or?
It's possible.

You can use MEW for this. Just follow this tutorial: https://blog.chronologic.network/sending-a-signed-message-from-your-myetherwallet-332e73066f98

pat25
Full Member
***
Offline Offline

Activity: 686
Merit: 102


View Profile
May 22, 2018, 05:32:47 PM
 #16

Interesting. Thank you for the explanation.
And how are the hacked accounts discovered? Only administrators can view the IP change or? Because I posted in my second thread probably hacked/bought accounts - swicth language, time gap and still they aren´t tagged, how DT moderators evaluate what is hacked/bought and what is not?
apoorvlathey gave you good answers. I will only add few things. Only theymos can check IP addresses, but it's bad indicator. People are using Proxies, TOR, VPN, dynamic IP addresses, so it's proof that account was sold/hacked when IP address change.
Language is one of indicators. If account owner posted only in English and then immediately starts to post in Russian for example, it's likely that account was bought/hacked.
And if high ranked user with good history of posts start to make low quality posts - it's another sign of bought/hacked account.
Well, it is an indicator (language switch and low quality posts) but look at my thread: https://bitcointalk.org/index.php?topic=3761515 nobody wants to tag them all, why? It is tolerated that member could post low quality but Hero can´t?
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1526
Merit: 1320


https://bit.ly/2FR9nyn - free python tutorials


View Profile
May 22, 2018, 08:18:38 PM
 #17

Only administrators can view the IP change or?
The only person that can get IP address related information is theymos (admin).

Your IP address is stored everytime you post, moderators can also get hold of this information. Not sure whether they can get hold of registration IP, but, if you make a post, they can access that IP, and if you don't make a post - unless your username is really catchy - you don't need to recover the accoutn as it won't have any value. Also, if you do something like edit someone's trust or send a pm, your IP will also be stored.

I would like to stake my ETH address because I don´t have BTC, is that possible? I think that ethereum could sign message too or?
Eth addresses can be signed, where is the eth address? I'd consider asking you to download an ethereum client rather that using an online client (as tryninja suggested above). It'll make your address, funds and this account a bit more secure.

LTU_btc
Hero Member
*****
Offline Offline

Activity: 1386
Merit: 743



View Profile WWW
May 22, 2018, 10:40:04 PM
 #18

Well, it is an indicator (language switch and low quality posts) but look at my thread: https://bitcointalk.org/index.php?topic=3761515 nobody wants to tag them all, why? It is tolerated that member could post low quality but Hero can´t?
As few person on your thread said, there aren't sufficient information which would prove that these accounts were bought or they are alts.
Low quality posts aren't tolerated for all ranks. But spammers aren't getting red trust ratings. They just wont get Merit and will never rank up, if their posts extremely low quality - it will be deleted by mods.
I would like to stake my ETH address because I don´t have BTC, is that possible? I think that ethereum could sign message too or?
It's possible, but there are no reasons to stake ETH address. If your account will be hacked and you will want to recover it - only Bitcoin signed messages are accepted by admins.
So, I would recommend to create Bitcoin wallet (even if you don't BTC currently) and then try to stake your Bitcoin address with signed message. If you don't know how to do it, here is tutorial:
https://bitcointalk.org/index.php?topic=990345.0




▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄                  ▄▄▄   ▄▄▄▄▄        ▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄
 ▀████████████████▄  ████                 █████   ▀████▄    ▄████▀  ▄██████████████   ████████████▀  ▄█████████████▀  ▄█████████████▄
              ▀████  ████               ▄███▀███▄   ▀████▄▄████▀               ████   ████                ████                   ▀████
   ▄▄▄▄▄▄▄▄▄▄▄█████  ████              ████   ████    ▀██████▀      ██████████████▄   ████████████▀       ████       ▄▄▄▄▄▄▄▄▄▄▄▄████▀
   ██████████████▀   ████            ▄███▀     ▀███▄    ████        ████        ████  ████                ████       ██████████████▀
   ████              ████████████▀  ████   ██████████   ████        ████████████████  █████████████▀      ████       ████      ▀████▄
   ▀▀▀▀              ▀▀▀▀▀▀▀▀▀▀▀   ▀▀▀▀   ▀▀▀▀▀▀▀▀▀▀▀▀  ▀▀▀▀        ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀   ▀▀▀▀▀▀▀▀▀▀▀▀        ▀▀▀▀       ▀▀▀▀        ▀▀▀▀▀

#1 CRYPTO CASINO & SPORTSBOOK
 WELCOME
BONUS
.INSTANT & FAST.
.TRANSACTION.....
.PROVABLY FAIR.
......& SECURE......
.24/7 CUSTOMER.
............SUPPORT.
BTC      |      ETH      |      LTC      |      XRP      |      XMR      |      BNB      |     more
vit05
Hero Member
*****
Offline Offline

Activity: 672
Merit: 524



View Profile
May 23, 2018, 12:59:42 AM
 #19

You can have several other addresses used in the forum and prove with them still be the owner of the account. But I found your Trust summary curious.


Quote
Lauda   2018-02-22   0.00000000   Reference   Account sales encourage scams, spam, and account farming.

Quote
This sell/buy threads in Russian board so i think you can't understand, find a Russian guy to confirm, or just use Google translate to know the main things.

https://bitcointalk.org/index.php?topic=2852488.0
PnP sell and Werka666 buy

https://bitcointalk.org/index.php?topic=2843868.0
Goodween selling his full member account
https://bitcointalk.org/index.php?topic=2855405.0
pat25
Full Member
***
Offline Offline

Activity: 686
Merit: 102


View Profile
May 23, 2018, 11:46:25 AM
 #20

Only administrators can view the IP change or?
The only person that can get IP address related information is theymos (admin).

Your IP address is stored everytime you post, moderators can also get hold of this information. Not sure whether they can get hold of registration IP, but, if you make a post, they can access that IP, and if you don't make a post - unless your username is really catchy - you don't need to recover the accoutn as it won't have any value. Also, if you do something like edit someone's trust or send a pm, your IP will also be stored.

I would like to stake my ETH address because I don´t have BTC, is that possible? I think that ethereum could sign message too or?
Eth addresses can be signed, where is the eth address? I'd consider asking you to download an ethereum client rather that using an online client (as tryninja suggested above). It'll make your address, funds and this account a bit more secure.
Understand, but a lot of people could have same IP address and also multiaccounts are allowed, so only way how to red tag them is when they sending tokens to each others, right? (This means abusing bounties)
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!