Bitcoin Forum
December 14, 2024, 09:52:45 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 ... 88 »
  Print  
Author Topic: Alternative Block Chains : be safe!  (Read 1652586 times)
Lowlander
Full Member
***
Offline Offline

Activity: 126
Merit: 100



View Profile
May 08, 2013, 05:06:33 PM
 #61

necromancers...
Simran
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500



View Profile WWW
May 09, 2013, 05:50:58 PM
 #62

Most of the new coins coming out daily are created by ignorant developers. Now that's scary.

*Image Removed*
Donate LTC: LRgbgTa3XNQSEUhnwC6Ye2vjiCV2CNRpib
Donate BTC: 1AGP6xPTRvsAVhsRsBX13NUH6p6LJjyeiA
Hfleer
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250


Changing avatars is currently not possible.


View Profile
May 11, 2013, 12:42:27 PM
 #63

A lot of these coins are just pump and dump.

█████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
▓▓▓▓▓  BIT-X.comvvvvvvvvvvvvvvi
→ CREATE ACCOUNT 
▓▓▓▓▓
█████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
kano
Legendary
*
Offline Offline

Activity: 4634
Merit: 1851


Linux since 1997 RedHat 4


View Profile
May 11, 2013, 01:39:10 PM
 #64

A lot of these coins are just pump and dump.
Which ones aren't? Tongue

Pool: https://kano.is - low 0.5% fee PPLNS 3 Days - Most reliable Solo with ONLY 0.5% fee   Bitcointalk thread: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code - k for kano
The ONLY active original developer of cgminer. Original master git: https://github.com/kanoi/cgminer
Welsh
Staff
Legendary
*
Offline Offline

Activity: 3318
Merit: 4116


View Profile
May 15, 2013, 03:40:14 PM
 #65

Very good advise here, even though I don't believe on using alternative currencies to Bitcoin.


There are a number of virtual programs which can be installed for free, and they are also safe and pretty reliable.
Also very easy to setup, google on how to setup. It takes no longer than 5 minutes.
erk
Hero Member
*****
Offline Offline

Activity: 826
Merit: 500



View Profile
May 25, 2013, 11:55:26 AM
 #66

I think FTC had a block chain split from a 51% attack around block 33,000. No slow block rate from the high diff helped the attacker.
ProfMac
Legendary
*
Offline Offline

Activity: 1246
Merit: 1002



View Profile
May 26, 2013, 04:12:36 PM
 #67

A lot of these coins are just pump and dump.
Which ones aren't? Tongue

What is your opinion on Bytecoin, released on April 1?


I try to be respectful and informed.
kano
Legendary
*
Offline Offline

Activity: 4634
Merit: 1851


Linux since 1997 RedHat 4


View Profile
May 26, 2013, 10:29:34 PM
 #68

A lot of these coins are just pump and dump.
Which ones aren't? Tongue

What is your opinion on Bytecoin, released on April 1?

"April 1" Smiley

Pool: https://kano.is - low 0.5% fee PPLNS 3 Days - Most reliable Solo with ONLY 0.5% fee   Bitcointalk thread: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code - k for kano
The ONLY active original developer of cgminer. Original master git: https://github.com/kanoi/cgminer
dmatthewstewart
Sr. Member
****
Offline Offline

Activity: 439
Merit: 250



View Profile
June 13, 2013, 01:31:53 AM
 #69

Thanks Gavin!

That is great advice and it includes the absolute basic measures that everyone should take. Since we are connecting right to someones server anything could happen. Well, not "anything". Im not going  to start mining and open an inter-dimensional portal.

This advice is especially prescient now that we see "the newest alt coin is here!" 20 times per day. (btw, is there a way to stop people from creating thousands of altcoins? I have been trying to just ridicule them but it is barely slowing them down)

Thanks again

pinarello
Full Member
***
Offline Offline

Activity: 266
Merit: 100


NXT is the future


View Profile
June 14, 2013, 10:09:44 AM
 #70

thank you

JohnSy
Newbie
*
Offline Offline

Activity: 14
Merit: 0



View Profile
June 15, 2013, 11:26:31 PM
 #71

I haven't seen anybody post about what would be my biggest worry if I were trying out alternative block chains. I realize this may be perceived as "Gavin is FUD'ding anything that isn't bitcoin!"  (FUD == Fear, Uncertainty and Doubt)  But I think some of you might be forgetting some basic computer security fundamentals in the excitement to be early adopters.

When I first heard about bitcoin, my questions were:lots of fishy

1) Can it possibly work (do the ideas for how it works make sense)?
2) Is it a scam?
3) If it is not a scam, could it open my computer up to viruses/trojans if I run it?

I answered those questions by:

1) Reading and understanding Satoshi's whitepaper.  Then thinking about it for a day or two and reading it again.
2) Finding out everything I could about the project.  I read every forum thread here (there were probably under a hundred threads back then) and read Satoshi's initial postings on the crypto mailing list.
3) Downloaded and skimmed the source code to see if it looked vulnerable to buffer overflow or other remotely exploitable attacks.

If I were going to experiment with an alternative block-chain, I'd go through the same process again. But I'm an old conservative fuddy-duddy.

If you want to take a risk on a brand-new alternative block-chain, I'd strongly suggest that you:

1) Run the software in a virtual machine or on a machine that doesn't contain anything valuable.
2) Don't invest more money or time than you can afford to lose.
3) Use a different passphrase at every exchange site.


TECHICENINE
Newbie
*
Offline Offline

Activity: 28
Merit: 0



View Profile WWW
June 26, 2013, 10:13:00 PM
 #72

look at Bytecoin a byte is bigger than a bit following that line of reasoning~hmm name dat remix?..thanks


EDIT : Lmao! looks like this is the BTE thread after reading haaa
PsychoticBigBoy
Newbie
*
Offline Offline

Activity: 23
Merit: 0



View Profile
July 05, 2013, 03:02:17 AM
 #73

thank you
Lethn
Legendary
*
Offline Offline

Activity: 1540
Merit: 1000



View Profile WWW
August 07, 2013, 03:28:11 AM
 #74

I think these are perfectly legitimate concerns actually but the way I found out whether Bitcoin wasn't a scam and the way I find out anything else isn't a scam is this:

. Is it open source? If it's open source then that means people will be able to look at the code and find anything suspicious or even help to improve it if the developer is unwilling, it's very difficult to plant something bad if people can investigate it with a microscope

. Are the stores that are supportive of it just subsidiaries of the person who made the currency? Or are they independent and have accepted it willingly? This is usually a good sign that it has some actual worth, because they must have been convinced by something about the coin to accept it right?

. Does the developer regularly post updates or comments, do they chat and argue with other developers or users? Usually another good sign that the currency is going places and not just a con, if they just post it and abandon it for ages then chances are they're just looking for someone to click on the links

. Does the developer have a programming background? Have they done anything aside from this currency they've made? If they have, chances are they'll have the understanding of the source code needed to update and change it if bugs and glitches come out, they'll also usually have more respect for other peoples computers if they already work for a legitimate company

If you are an Anarchist/Libertarian Cheesy :

. Does the currency have no ties to the current aristocracy, government or financial system? If so there's probably a better chance of it being legitimate than just a way to manipulate peoples wealth
bob131313
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250


View Profile
August 08, 2013, 02:16:56 PM
 #75

I think these are perfectly legitimate concerns actually but the way I found out whether Bitcoin wasn't a scam and the way I find out anything else isn't a scam is this:

. Is it open source? If it's open source then that means people will be able to look at the code and find anything suspicious or even help to improve it if the developer is unwilling, it's very difficult to plant something bad if people can investigate it with a microscope


Be careful here. As a coder, I can hide some pretty fancy run time code that calls a script from a server that can update with malicious intentions.

Or if I am really lazy, I can have an open source on git, but a private one that I compile from with the bad code.
You are not protected on most of these, the laziness of the stupid people copying/pasting the new alt-coins is the only thing that is protecting you.

If a group with the education/willfulness somewhat smarter then the average 15 year old coder decided to reek havoc on all of the folks that race to mine the alt-coin on launch; the damage wouldn't be measurable.

Thought experiment:
Pre-announce alt-coin
On release link to source on git. Publish a binary with hidden code.
Include code in binary to copy all wallet files from all altcoins traded on cryptsy.
On the server that the wallets are uploaded to, run a test to see if it is encrypted.
For unencrypted wallets send the coins to cryptsy/coins-e wallet and sell for btc/ltc.
Have code self-patch to remove the function call.
...
Wait a few months, rinse and repeat.


The above project can be done by anyone with coding experience in a matter of days.  You are not protected, please start being somewhat cautious.
 

HTH.
reb0rn21
Legendary
*
Offline Offline

Activity: 1901
Merit: 1024


View Profile
August 12, 2013, 02:47:22 AM
 #76

Just out of interest was there any any coin/mining tool infected here in past?

I knew few ppl that lost coins from Gox, BTC-e and they were "careful", even gmail verification have not helped, but i bet many mined alt crap

              ▄▄▄ ▀▀▀▀▀▀▀▀▀ ▄▄▄
           ▄▀▀    ▄▄▄▄▄▄▄▄▄    ▀▀▄
        ▄▀▀  ▄▄▀█          ▀█▀▄▄  ▀▀▄
      ▄▀▀ ▄▄▀    ▀▀▄▄▄▄▄▄▄▀▀    ▀▄▄ ▀▀▄
     █   █            ▀            █   █
   ▄▀ █  ▀▄▄                     ▄█▀  █ ▀▄
  ▄▀ ▄▀ █▄ ▀▀▀██▄▄▄       ▄▄▄██▀▀  ██ ▀▄ ▀▄
  ▀▄▀▀▄ ██ ▄▄▄▄▄▄  ▀▄   ▄▀  ▄▄▄▄▄▄ ██ ▄▀▀▄▀
 ██   █ ██ ▀▄    ▀▄ █   █ ▄▀    ▄▀ ██ █  ▀██
 █  ▄█  ▀█  ▀▀▀▀▀▀▀ █   █ ▀▀▀▀▀▀▀  █   █▄  █
█▀ █  █  █          █   █          █  █  █ ▀▀
 █▀  ▄▀  █▀▄        █   █        ▄▀█  ▀▄  ▀█
 ▄  █▀   █ ▀█▄      ▀   ▀      ▄█▀ █  ▄▀█  ▄
 █▄▀  █  █                         █  █  ▀▄█
 ▀▄  █   ▀█        ▄▄▀▄▀▄▄        █▀   █  ▄
  ▀▄▀▀  █▄ █     ▀█  ▀▀▀  █▀     █ ▄█ ▄▀▀▄▀
   ▀ ▄  ██ █▀▄     ▀▀▄▄▄▀▀     ▄▀█ ██ ▀▄ ▀
    ▀█  ██ █ █▀▄    ▄▄▄▄▄    ▄▀█ █ ██  █▀
      ▀▄ ▀ █ █ ██▄         ▄██ █ █ ▀ ▄▀
        ▀▄ █ █ █ ▀█▄     ▄█▀ █ █ █ ▄▀
          ▀▀▄█ █    ▀▀▀▀▀    █ █▄▀▀
              ▀▀ ▄▄▄▄▄▄▄▄▄▄▄ ▀▀
   
..I  D  E  N  A..
   
Proof-of-Person Blockchain

Join the mining of the first human-centric
cryptocurrency
 



 
▲    2 3 2 2

..N  O  D  E  S..
   
                ██
                ██
                ██
                ██
                ██
         ▄      ██      ▄
         ███▄   ██   ▄███
          ▀███▄ ██ ▄███▀
            ▀████████▀
              ▀████▀
                ▀▀
██▄                            ▄██
███                            ███
███                            ███
███                            ███
 ███▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄███
  ▀▀██████████████████████████▀▀
   
D O W N L O A D

Idena node

   
   
▄▄▄██████▄▄▄
▄▄████████████████▄▄
▄█████▀▀        ▀▀█████▄
████▀                ▀████
███▀    ▄▄▄▄▄▄▄▄▄       ▀███
███      █   ▄▄ █▀▄        ███
██▀      █  ███ █  ▀▄      ▀██
███       █   ▀▀ ▀▀▀▀█       ███
███       █  ▄▄▄▄▄▄  █       ███
███       █  ▄▄▄▄▄▄  █       ███
██▄      █  ▄▄▄▄▄▄  █      ▄██
███      █          █      ███
███▄    ▀▀▀▀▀▀▀▀▀▀▀▀    ▄███
████▄                ▄████
▀█████▄▄        ▄▄█████▀
▀▀████████████████▀▀
▀▀▀██████▀▀▀
   
    .REQUEST INVITATION.
Joerii
Legendary
*
Offline Offline

Activity: 1274
Merit: 1050



View Profile WWW
August 25, 2013, 01:20:32 PM
 #77

Just out of interest was there any any coin/mining tool infected here in past?

I knew few ppl that lost coins from Gox, BTC-e and they were "careful", even gmail verification have not helped, but i bet many mined alt crap

I've never heard of any real trojans or viruses in wallet releases yet. It seems walletstealers in coin.exes are a myth, propagated by false negatives from antivirus software.


Hypercube - get the attention you deserve
Luckybit
Hero Member
*****
Offline Offline

Activity: 714
Merit: 510



View Profile
August 31, 2013, 11:24:21 AM
Last edit: August 31, 2013, 11:39:07 AM by Luckybit
 #78

I haven't seen anybody post about what would be my biggest worry if I were trying out alternative block chains. I realize this may be perceived as "Gavin is FUD'ding anything that isn't bitcoin!"  (FUD == Fear, Uncertainty and Doubt)  But I think some of you might be forgetting some basic computer security fundamentals in the excitement to be early adopters.

When I first heard about bitcoin, my questions were:

1) Can it possibly work (do the ideas for how it works make sense)?
2) Is it a scam?
3) If it is not a scam, could it open my computer up to viruses/trojans if I run it?

I answered those questions by:

1) Reading and understanding Satoshi's whitepaper.  Then thinking about it for a day or two and reading it again.
2) Finding out everything I could about the project.  I read every forum thread here (there were probably under a hundred threads back then) and read Satoshi's initial postings on the crypto mailing list.
3) Downloaded and skimmed the source code to see if it looked vulnerable to buffer overflow or other remotely exploitable attacks.

If I were going to experiment with an alternative block-chain, I'd go through the same process again. But I'm an old conservative fuddy-duddy.

If you want to take a risk on a brand-new alternative block-chain, I'd strongly suggest that you:

1) Run the software in a virtual machine or on a machine that doesn't contain anything valuable.
2) Don't invest more money or time than you can afford to lose.
3) Use a different passphrase at every exchange site.



Multi-factor authentication for all please. Yubikey+Password, Cellphone+Password, Smartcard+Password, Biometric+Password.

Never trust a site which wants you to use a password alone. Never trust your keyboard or your operating system. Biometric hardware wallets will become increasingly important for security of crypto-finance in the future and I wish there were more robust hardware and API's for it.

I know Bitcoin is intending to support two-factor authentication but please consider supporting the latest biometric technology as well due to the ease of use factor.
Luckybit
Hero Member
*****
Offline Offline

Activity: 714
Merit: 510



View Profile
August 31, 2013, 11:30:18 AM
Last edit: August 31, 2013, 11:44:27 AM by Luckybit
 #79

Good advice.

Using an alternate cryptocurrency client would be a great way to get many people to install a hidden virus that targets Bitcoin users.

If you have a significant amount of Bitcoins, I wouldn't run other clients on the same computer until the alternates have developed trust over a longer period of time... I'm probably on the paranoid side of things though.

These new cryptocurrencies are interesting, and it will be fascinating to see how it will all play out.  

Ultimately someone should probably release a product, some hardware such as a thumb drive with an OS which runs in as a virtual machine and sell it to people. Then they just plug it in and install the latest alt-coin for testing. The thumb drive should also include biometric authentication and generate a one time password.

It would be the perfect hardware wallet in my opinion. No remembering passwords. You wouldn't even necessarily have to worry about losing the hardware wallet because the actual wallet could be backed up to the cloud or internet and downloaded again as it would be authenticated by your biometric signature which will not change even if you were to lose the device. It would be a combination of a Yubikey, 16-32GB hardware encrypted solid state drive, and finger vein recognition biometric authentication. Push one button and it backs up all your coins to your email, or to the cloud. Put your finger into the slot, enter the 4 digit pin, and you can make a transaction.

The reason for the pin is because someone might try to steal your money while you're asleep. Something you know, something you have, something you are.
simplydt
Full Member
***
Offline Offline

Activity: 126
Merit: 100


View Profile WWW
November 16, 2013, 09:19:01 AM
 #80

Some people only have one computer and that must suck. Fortunately I have multiple so I can use some of my alt-miners to do this safely.

Virtual machines ftw
Pages: « 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 ... 88 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!