Bitcoin Forum
December 11, 2016, 12:20:45 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: This is very bad...  (Read 5822 times)
nster
Full Member
***
Offline Offline

Activity: 126



View Profile
March 28, 2011, 08:33:56 PM
 #21

Is an SSL certificate really worth signing? The fact that such a thing needs to be paid for is even more laughable.

this is a 5 MILLION $ economy, if we are stupid enough to not pay 120$ to potential do A LOT of good to bitcoins, well....
A lot of good? What? To soothe the ones who don't want to go through the trouble of adding a self-signed certificate? Heh.

more bitcoin users and miners in the long run = +++++++++++++++++++++++ in my books, specially at the low cost of a SSL cert

in the long run, it will turn away many potential miners and bitcoin traders, and we will lose much more than what the SSL cert is worth. DO NOT OVERESTIMATE THE PEOPLE OF THE INTERWEBZ




Do you not get that people sometimes get a big red DONT TRUST THIS SITE from their browsers? they trust their browsers, not some random site they probably went to see if they could make $$ with their GPU (which sounds a bit doubtful to the normal person)

167q1CHgVjzLCwQwQvJ3tRMUCrjfqvSznd Donations are welcome Smiley Please be kind if I helped
1481415645
Hero Member
*
Offline Offline

Posts: 1481415645

View Profile Personal Message (Offline)

Ignore
1481415645
Reply with quote  #2

1481415645
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
theymos
Administrator
Legendary
*
Offline Offline

Activity: 2506


View Profile
March 28, 2011, 08:34:42 PM
 #22

HTTPS isn't the default. No one should be ending up there unless they already know what they're doing.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
­­Atlas
Guest

March 28, 2011, 08:35:49 PM
 #23

Well, the slower the Bitcoin economy grows, the better. I still need time to purchase more Bitcoins.
bitcoinex
Sr. Member
****
Offline Offline

Activity: 350


probiwon.com


View Profile WWW
March 28, 2011, 08:41:09 PM
 #24

NOD32 detects new heur_pe in Bitcoin

Anybody can check this issue for new bitcoin versions?

And about SSL Smiley

New bitcoin lottery: probiwon.com
- Может, ты ещё и в Невидимую Руку Рынка веруешь? - Зачем же веровать в то, что можно наблюдать непосредственно?
spenvo
Member
**
Offline Offline

Activity: 81


View Profile WWW
March 28, 2011, 09:22:45 PM
 #25

@Theymos - You're right, bitcoin.org does not point to https by default.

When I first learned about Bitcoin a couple of months ago, it was pointing to https for some reason and Chrome had it's warning/block all up in my face.  That was my first impression of Bitcoin  Undecided

www.SpreadtheCoin.com - Free Printable Bitcoin Certificates.  A Transparent Company.

www.BitcoinBulletin.com - Reviews and Interviews.
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420



View Profile WWW
March 28, 2011, 09:28:37 PM
 #26

I agree 100% about not underestimating the average person's lack of computer knowledge and ability to freak out if their browser says it's bad. We see a lot of this as simple but even the least knowledgeable person on these forums is way above average.
Think about the type of people who use their CD tray for a cup holder when you're trying to decide if they'll get scared not if they know how SSL works.

moneyandtech.com
@moneyandtech @jeredkenna
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
March 28, 2011, 09:47:54 PM
 #27

HTTPS isn't the default. No one should be ending up there unless they already know what they're doing.

If no one should be ending up there, how come everybody knows this is a problem?

I have been griping about this for MONTHS.  I have already pledged BTC for the purchase of the certificate.  The "people should just trust the self-signed certificate" and "CA's are just fronts for the FBI and give your private key to the feds" myths have been debunked repeatedly.  When oh when can we just get this fixed?

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
ryepdx
Hero Member
*****
Offline Offline

Activity: 714



View Profile WWW
March 28, 2011, 10:02:27 PM
 #28

I'll pitch in some money to get our certificate signed. It really doesn't look good if every browser that stumbles across our https address flashes warnings at the user.

this is a 5 MILLION $ economy, if we are stupid enough to not pay 120$ to potential do A LOT of good to bitcoins, well....

Where'd you get the $120 figure? I just did a quick check and saw that VeriSign's cheapest option is $399 a year.
nster
Full Member
***
Offline Offline

Activity: 126



View Profile
March 28, 2011, 10:03:38 PM
 #29

I'll pitch in some money to get our certificate signed. It really doesn't look good if every browser that stumbles across our https address flashes warnings at the user.

this is a 5 MILLION $ economy, if we are stupid enough to not pay 120$ to potential do A LOT of good to bitcoins, well....

Where'd you get the $120 figure? I just did a quick check and saw that VeriSign's cheapest option is $399 a year.

spento said that but wtv, 400$ isn't much in a 5M$ economy that is growing

I mean, about a dollar a day XD

167q1CHgVjzLCwQwQvJ3tRMUCrjfqvSznd Donations are welcome Smiley Please be kind if I helped
spenvo
Member
**
Offline Offline

Activity: 81


View Profile WWW
March 29, 2011, 12:07:12 AM
 #30

@ryepdx - The $120 figure came as I remembered having to purchase one on the cheap about a year ago.

Heh, so Godaddy's (I know shoot me now) SSLs start at $49 - $99 - https://www.godaddy.com/ssl/ssl-certificates.aspx

And trust me Vlad, back when I was working with OpenBSD - I too signed my own SSLs because who wants to pay...  So long as the average user never gets directed to https and hit with that warning, I guess it's OK. ?  Undecided

www.SpreadtheCoin.com - Free Printable Bitcoin Certificates.  A Transparent Company.

www.BitcoinBulletin.com - Reviews and Interviews.
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420



View Profile WWW
March 29, 2011, 12:10:21 AM
 #31

@ryepdx - The $120 figure came as I remembered having to purchase one on the cheap about a year ago.

Heh, so Godaddy's (I know shoot me now) SSLs start at $49 - $99 - https://www.godaddy.com/ssl/ssl-certificates.aspx

And trust me Vlad, back when I was working with OpenBSD - I too signed my own SSLs because who wants to pay...  So long as the average user never gets directed to https and hit with that warning, I guess it's OK. ?  Undecided

If $49 can take care of it then why not?

If bitcoin.org gets a lot more hits then I'm going to assume you'll get a lot going to HTTPS of course if it gets to the point it's really a concern $49 will be less significant than now.

moneyandtech.com
@moneyandtech @jeredkenna
CCCMikey
Member
**
Offline Offline

Activity: 76



View Profile
March 29, 2011, 12:21:36 AM
 #32

Who owns / runs the bitcoin.org website anyway? Would they be hiding for some reason?
kiba
Legendary
*
Offline Offline

Activity: 980


View Profile
March 29, 2011, 12:23:50 AM
 #33

Sirius runs the website.

Gavin Andresen
Legendary
*
Offline Offline

Activity: 1652


Chief Scientist


View Profile WWW
March 29, 2011, 12:28:08 AM
 #34

Sirius runs the website.

... and we're looking for volunteers.  See http://bitcointalk.org/index.php?topic=5052.0

Quick "why no proper SSL cert" :   because it never made it near the top of anybody's TODO list.  The task is:
 + Figure out where the bitcoin.org domain is registered and make sure the MX records/etc are pointing somewhere so verification emails from the certificate authority don't get lost.
 + buy the cert and jump through the 'verify you are who you say you are' hoops.
 + replace the self-signed cert on the web server


How often do you get the chance to work on a potentially world-changing project?
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420



View Profile WWW
March 29, 2011, 12:33:20 AM
 #35

Sirius runs the website.

... and we're looking for volunteers.  See http://bitcointalk.org/index.php?topic=5052.0

Quick "why no proper SSL cert" :   because it never made it near the top of anybody's TODO list.  The task is:
 + Figure out where the bitcoin.org domain is registered and make sure the MX records/etc are pointing somewhere so verification emails from the certificate authority don't get lost.
 + buy the cert and jump through the 'verify you are who you say you are' hoops.
 + replace the self-signed cert on the web server



Sirius pays for hosting and all that? Should we donate some for the SSL cert or is the money not really an issue?

moneyandtech.com
@moneyandtech @jeredkenna
Ricochet
Sr. Member
****
Offline Offline

Activity: 373



View Profile
March 29, 2011, 02:45:05 AM
 #36

HTTPS isn't the default. No one should be ending up there unless they already know what they're doing.
I've seen multiple people link to the HTTPS versions, so whenever I happen to click on that I get the Firefox warning. 
caveden
Legendary
*
Offline Offline

Activity: 1106



View Profile
March 29, 2011, 07:59:15 AM
 #37

Sirius pays for hosting and all that? Should we donate some for the SSL cert or is the money not really an issue?

That's a question I've been asking. Who pays for this site?
There are no ads, no donation link, nothing. Somebody's contributing out of his own pocket...

18rZYyWcafwD86xvLrfuxWG5xEMMWUtVkL
em3rgentOrdr
Sr. Member
****
Offline Offline

Activity: 434


youtube.com/ericfontainejazz now accepts bitcoin


View Profile WWW
March 29, 2011, 09:29:12 AM
 #38

I'm afraid that eventually someone will write a bitcoin virus.  It basically infects your computer, runs bitcoin miner, and sends any proceeds to the virus creator.  I don't want to give anyone ideas, though Sad, but at least it would strengthen the network Smiley.

"We will not find a solution to political problems in cryptography, but we can win a major battle in the arms race and gain a new territory of freedom for several years.

Governments are good at cutting off the heads of a centrally controlled networks, but pure P2P networks are holding their own."
CCCMikey
Member
**
Offline Offline

Activity: 76



View Profile
March 29, 2011, 09:36:11 AM
 #39

Unless it could run a GPU miner it wouldn't be worth the effort Smiley And the people who have really good GPUs usually know what they're doing with their computers I think? Wouldn't they notice the extra heat and noise?
em3rgentOrdr
Sr. Member
****
Offline Offline

Activity: 434


youtube.com/ericfontainejazz now accepts bitcoin


View Profile WWW
March 29, 2011, 09:39:30 AM
 #40

Unless it could run a GPU miner it wouldn't be worth the effort Smiley And the people who have really good GPUs usually know what they're doing with their computers I think? Wouldn't they notice the extra heat and noise?

Hard to say.  There are a lot of ignorant consumers out there who have no idea what's inside their computer.  A lot of people have really fancy cpus and graphics cards, but are totally unaware of it and then only use their computer to browse the internet...

"We will not find a solution to political problems in cryptography, but we can win a major battle in the arms race and gain a new territory of freedom for several years.

Governments are good at cutting off the heads of a centrally controlled networks, but pure P2P networks are holding their own."
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!