[ANN][DASH] Dash (dash.org) | First Self-Funding Self-Governing Crypto Currency

[YourMother]

Dumping competition on Mintpal

[camosoul]

I doubt anyone here is more of a newbie than I am with Arch Linux. I have been playing with it for less than a week. This morning heard about the bash bug, ran the test, and yes I was vulnerable. Hmm... heard how easy Arch is to update so for the first time ran "sudo pacman -Syu" 

BOOM--vulnerability gone.  Way to go Arch.  I'm starting to like this...

I played with Arch, never could get used to it. I'm still do "emerge world -uND" [take a nap]

[camosoul]

Another of my stupid questions:
All manuals on masternodes are saying how ports should be closed and how root account should not be used.. Personally I use root login with 15 chars long password and cold wallet set-up and did not bother closing the ports - can ANYTHING really happen to me?
My guess is 99.9% not but still would like to get a second opinion. Everyone is saying how root should not be used but I do not see the danger with the cold wallet & decent pw.

My dear drobek, we were all once newbies at everything, and will always be newbies at somethings. Once you understand something, you can often profit by going against the stream, but in an area where you are a newbie, statements like this are dangerous if not foolhardy: "Everyone is saying how root should not be used but I do not see the danger with the cold wallet & decent pw. "

Your cold wallet may be safe, but if your machine is compromised you may be subject to all sorts of future grief... not to mention the possible eventual loss of any funds/information that pass through or are produced by it. IMHO.

Thank you for your reply strix. While the statement indeed sounds naive I still wonder how anyone can guess/force a decent password. Have talked to a few people who were hacked and almost all of them had either simple pw or pw they reused on multiple occasions. At this point I think that a combo of decent PW and frequent apt-get update/upgrade may be adequate for cold wallet set up but still preferred to get a second opinion to running everything as a root.

I'm a sys/net admin with 15+ years of experience and I can tell you that the biggest threat is YOURSELF! Just make a typo as root and kiss your system goodbye! Happened to me twice, I have learned the hard way... You don't have to  

Some examples (do not try this on your masternode):
rm -rf .*
mv / /dev/null
find -type f -mtime +30 -exec mv {} /dev/null \;
whatever > /dev/sda

Play it safe, log in as a regular user and use sudo!  

So much of this.

Don't forget the times you've copied a huge pile of data into a folder, but you forgot to mount the block device to that folder first... And even better, the whole reason you were doing it was because you had to save some data that a user copied into a folder that is actually a mount point, but the block device wasn't mounted to it, so... Oh, did I mention; it's a tape. Good to be paid by the hour, eh?

cp != mv

[Propulsion]

Another of my stupid questions:
All manuals on masternodes are saying how ports should be closed and how root account should not be used.. Personally I use root login with 15 chars long password and cold wallet set-up and did not bother closing the ports - can ANYTHING really happen to me?
My guess is 99.9% not but still would like to get a second opinion. Everyone is saying how root should not be used but I do not see the danger with the cold wallet & decent pw.

My dear drobek, we were all once newbies at everything, and will always be newbies at somethings. Once you understand something, you can often profit by going against the stream, but in an area where you are a newbie, statements like this are dangerous if not foolhardy: "Everyone is saying how root should not be used but I do not see the danger with the cold wallet & decent pw. "

Your cold wallet may be safe, but if your machine is compromised you may be subject to all sorts of future grief... not to mention the possible eventual loss of any funds/information that pass through or are produced by it. IMHO.

Thank you for your reply strix. While the statement indeed sounds naive I still wonder how anyone can guess/force a decent password. Have talked to a few people who were hacked and almost all of them had either simple pw or pw they reused on multiple occasions. At this point I think that a combo of decent PW and frequent apt-get update/upgrade may be adequate for cold wallet set up but still preferred to get a second opinion to running everything as a root.

I'm a sys/net admin with 15+ years of experience and I can tell you that the biggest threat is YOURSELF! Just make a typo as root and kiss your system goodbye! Happened to me twice, I have learned the hard way... You don't have to  

Some examples (do not try this on your masternode):
rm -rf .*
mv / /dev/null
find -type f -mtime +30 -exec mv {} /dev/null \;
whatever > /dev/sda

Play it safe, log in as a regular user and use sudo!  

So much of this.

Don't forget the times you've copied a huge pile of data into a folder, but you forgot to mount the block device to that folder first... And even better, the whole reason you were doing it was because you had to save some data that a user copied into a folder that is actually a mount point, but the block device wasn't mounted to it, so... Oh, did I mention; it's a tape. Good to be paid by the hour, eh?

cp != mv

cp's like testnet. The fun is using mv like mainnet.

[janos666]

Another of my stupid questions:
All manuals on masternodes are saying how ports should be closed and how root account should not be used.. Personally I use root login with 15 chars long password and cold wallet set-up and did not bother closing the ports - can ANYTHING really happen to me?
My guess is 99.9% not but still would like to get a second opinion. Everyone is saying how root should not be used but I do not see the danger with the cold wallet & decent pw.

My dear drobek, we were all once newbies at everything, and will always be newbies at somethings. Once you understand something, you can often profit by going against the stream, but in an area where you are a newbie, statements like this are dangerous if not foolhardy: "Everyone is saying how root should not be used but I do not see the danger with the cold wallet & decent pw. "

Your cold wallet may be safe, but if your machine is compromised you may be subject to all sorts of future grief... not to mention the possible eventual loss of any funds/information that pass through or are produced by it. IMHO.

Thank you for your reply strix. While the statement indeed sounds naive I still wonder how anyone can guess/force a decent password. Have talked to a few people who were hacked and almost all of them had either simple pw or pw they reused on multiple occasions. At this point I think that a combo of decent PW and frequent apt-get update/upgrade may be adequate for cold wallet set up but still preferred to get a second opinion to running everything as a root.

I'm a sys/net admin with 15+ years of experience and I can tell you that the biggest threat is YOURSELF! Just make a typo as root and kiss your system goodbye! Happened to me twice, I have learned the hard way... You don't have to  

Some examples (do not try this on your masternode):
rm -rf .*
mv / /dev/null
find -type f -mtime +30 -exec mv {} /dev/null \;
whatever > /dev/sda

Play it safe, log in as a regular user and use sudo!  

While I agree that logging in as a user is somewhat safer in general than logging in as root but I don't think this is the reason.
The ENTER is the key here. If you hit the ENTER without double (or triple) checking the whole line, you can just as easily end up with a devastating mistake whether you are logged in as root or as a user who is using sudo. These commands you listed as examples have the exact same effect when issued with sudo and you can just as easily make typos in lines starting sudo as you would without sudo but logged in as root. Sudo doesn't save you from typos and similar accidents when you think you are about to issue a command with root privileges anyway. When you think you need superuser rights you will automatically start the line with sudo and everything after that can still be a mistake (and have the same effect as issuing the same command as the real root).

So, I personally use an account without superuser rights (can't even use sudo) and I log in as root (in a different terminal) when I want to do something which requires root privileges (but I log out when I am done).

[Lebubar]

Another of my stupid questions:
All manuals on masternodes are saying how ports should be closed and how root account should not be used.. Personally I use root login with 15 chars long password and cold wallet set-up and did not bother closing the ports - can ANYTHING really happen to me?
My guess is 99.9% not but still would like to get a second opinion. Everyone is saying how root should not be used but I do not see the danger with the cold wallet & decent pw.

My dear drobek, we were all once newbies at everything, and will always be newbies at somethings. Once you understand something, you can often profit by going against the stream, but in an area where you are a newbie, statements like this are dangerous if not foolhardy: "Everyone is saying how root should not be used but I do not see the danger with the cold wallet & decent pw. "

Your cold wallet may be safe, but if your machine is compromised you may be subject to all sorts of future grief... not to mention the possible eventual loss of any funds/information that pass through or are produced by it. IMHO.

Thank you for your reply strix. While the statement indeed sounds naive I still wonder how anyone can guess/force a decent password. Have talked to a few people who were hacked and almost all of them had either simple pw or pw they reused on multiple occasions. At this point I think that a combo of decent PW and frequent apt-get update/upgrade may be adequate for cold wallet set up but still preferred to get a second opinion to running everything as a root.

I'm a sys/net admin with 15+ years of experience and I can tell you that the biggest threat is YOURSELF! Just make a typo as root and kiss your system goodbye! Happened to me twice, I have learned the hard way... You don't have to  

Some examples (do not try this on your masternode):
rm -rf .*
mv / /dev/null
find -type f -mtime +30 -exec mv {} /dev/null \;
whatever > /dev/sda

Play it safe, log in as a regular user and use sudo!  

So much of this.

Don't forget the times you've copied a huge pile of data into a folder, but you forgot to mount the block device to that folder first... And even better, the whole reason you were doing it was because you had to save some data that a user copied into a folder that is actually a mount point, but the block device wasn't mounted to it, so... Oh, did I mention; it's a tape. Good to be paid by the hour, eh?

cp != mv

cp's like testnet. The fun is using mv like mainnet.

The worse that happen to me is :
rm * .log
(The tipo : with a space between * and . ) nothing anymore in the / directory

[BrainShutdown]

I doubt anyone here is more of a newbie than I am with Arch Linux. I have been playing with it for less than a week. This morning heard about the bash bug, ran the test, and yes I was vulnerable. Hmm... heard how easy Arch is to update so for the first time ran "sudo pacman -Syu" 

BOOM--vulnerability gone.  Way to go Arch.  I'm starting to like this...

I played with Arch, never could get used to it. I'm still do "emerge world -uND" [take a nap]

That sure brings back some good memories! Stage 1 FTW!
Thanks 

[TaoOfSaatoshi]

So much tech talk, my head is spinning! I feel like I'm at school. Very valuable information though....

[vertoe]

I doubt anyone here is more of a newbie than I am with Arch Linux. I have been playing with it for less than a week. This morning heard about the bash bug, ran the test, and yes I was vulnerable. Hmm... heard how easy Arch is to update so for the first time ran "sudo pacman -Syu"  

BOOM--vulnerability gone.  Way to go Arch.  I'm starting to like this...

I played with Arch, never could get used to it. I'm still do "emerge world -uND" [take a nap]

That sure brings back some good memories! Stage 1 FTW!
Thanks  

+1 good to see people still using gentoo. too bad their best times are over. for now I'll stick with arch, too.

[TanteStefana2]

Also, for some reason, the instance I did not reboot, I was able to update bash with sudo apt-get install bash and I now have the latest, but the instance I rebooted won't update.  It says I already have the latest, even after sudo apt-get updates.  So... maybe they pulled the repository (probably working on it still)  I guess we'll all just have to keep checking to be sure we get the latest updates!?!

do update and then upgrade.

Finally check it with bash --version. If it says 4.3+ you're golden.

Code:

sudo apt-get update
sudo apt-get upgrade
bash --version

It's weird, but it still won't install 4.3.etc....  The other instance gave me no trouble!  Time for a spank'in!  How do you spank a virtual machine?

[TanteStefana2]

funny, I finally got around to setting up a cron job for my masternodes, 'cause my brain is totally dead... anyway, it was so easy I didn't think it would work, so I rebooted, and guess what?  It worked!  Wow!

If you don't have a cron job set up to restart your masternodes in case of reboot, just do this:

cd /etc/cron.d

crontab -e
2 (for nano)
at bottom of newly created file, insert:

@reboot /usr/bin/darkcoind  to start masternode (or wherever you have your executable

Also, for some reason, the instance I did not reboot, I was able to update bash with sudo apt-get install bash and I now have the latest, but the instance I rebooted won't update.  It says I already have the latest, even after sudo apt-get updates.  So... maybe they pulled the repository (probably working on it still)  I guess we'll all just have to keep checking to be sure we get the latest updates!?!

Thanks for the info, Tante.

No problem.  In the past few days, both my instances were restarted (and masternodes stopped)  I knew it was only a matter of time, LOL, but I just wouldn't look it up to take care of it.  It really was easy!

[_evolution_]

Are MN instances safe, given the BASH secure hole?

[splawik21]

Also, for some reason, the instance I did not reboot, I was able to update bash with sudo apt-get install bash and I now have the latest, but the instance I rebooted won't update.  It says I already have the latest, even after sudo apt-get updates.  So... maybe they pulled the repository (probably working on it still)  I guess we'll all just have to keep checking to be sure we get the latest updates!?!

do update and then upgrade.

Finally check it with bash --version. If it says 4.3+ you're golden.

Code:

sudo apt-get update
sudo apt-get upgrade
bash --version

Do I have to stop my masternode befored update/upgrade???

[UdjinM6]

Also, for some reason, the instance I did not reboot, I was able to update bash with sudo apt-get install bash and I now have the latest, but the instance I rebooted won't update.  It says I already have the latest, even after sudo apt-get updates.  So... maybe they pulled the repository (probably working on it still)  I guess we'll all just have to keep checking to be sure we get the latest updates!?!

do update and then upgrade.

Finally check it with bash --version. If it says 4.3+ you're golden.

Code:

sudo apt-get update
sudo apt-get upgrade
bash --version

Do I have to stop my masternode befored update/upgrade???

No, it's safe to do it live

[TaoOfSaatoshi]

This is a BIG thank you to @TaoOfSatoshi who has sent me $10 worth of Darkcoin.  #darkcoin #bitcoin #cryptocurrency #charity

Maybe you could try giving away some DRK. It's fun! Just make sure they say "I got into the Dark!"

#getintothedark
#buildthedarkness
#DarkcoinChameleon

Join us on Twitter!

@TaoOfSatoshi

[_evolution_]

Also, for some reason, the instance I did not reboot, I was able to update bash with sudo apt-get install bash and I now have the latest, but the instance I rebooted won't update.  It says I already have the latest, even after sudo apt-get updates.  So... maybe they pulled the repository (probably working on it still)  I guess we'll all just have to keep checking to be sure we get the latest updates!?!

do update and then upgrade.

Finally check it with bash --version. If it says 4.3+ you're golden.

Code:

sudo apt-get update
sudo apt-get upgrade
bash --version

No, that's wrong. Finally check:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

It should return

bash: warning: x: ignoring function definition attempt

if everything is okay.

Bourne parser is fucked up, for how long?! 20 years?!

[splawik21]

Also, for some reason, the instance I did not reboot, I was able to update bash with sudo apt-get install bash and I now have the latest, but the instance I rebooted won't update.  It says I already have the latest, even after sudo apt-get updates.  So... maybe they pulled the repository (probably working on it still)  I guess we'll all just have to keep checking to be sure we get the latest updates!?!

do update and then upgrade.

Finally check it with bash --version. If it says 4.3+ you're golden.

Code:

sudo apt-get update
sudo apt-get upgrade
bash --version

Do I have to stop my masternode befored update/upgrade???

No, it's safe to do it live

thnx
and i do it from the ubuntu user lvl right? I'm noob too

[TanteStefana2]

Also, for some reason, the instance I did not reboot, I was able to update bash with sudo apt-get install bash and I now have the latest, but the instance I rebooted won't update.  It says I already have the latest, even after sudo apt-get updates.  So... maybe they pulled the repository (probably working on it still)  I guess we'll all just have to keep checking to be sure we get the latest updates!?!

do update and then upgrade.

Finally check it with bash --version. If it says 4.3+ you're golden.

Code:

sudo apt-get update
sudo apt-get upgrade
bash --version

apt-get update
aptitude install bash

just bash, no ned to upgrade the whole system.

Geepers, I tried changing my sources list to another one (west 1 to west 2) but still no joy!  Is nobody else having this trouble?  I opened all my ports to make sure nothing is being blocked, no joy.... can't think of anything else??

[reflexmk]

node count 777 per http://drk.poolhash.org/mnode.html

[coins101]

Monday.