Bitcoin Forum
November 07, 2024, 09:59:29 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 [176] 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 ... 535 »
  Print  
Author Topic: | Nxt | Blockchain Platform | Proof of Stake | Official  (Read 941279 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic.
zachamo
Sr. Member
****
Offline Offline

Activity: 347
Merit: 251


There can be only one!


View Profile
June 13, 2014, 04:42:21 PM
 #3501


4000 chars available and all I got was this stupid tagline.
Shivalein
Member
**
Offline Offline

Activity: 117
Merit: 10


View Profile
June 13, 2014, 04:42:52 PM
 #3502

A whole fucking forum full of fucking trolls.

Please close and moderate the nxt thread

ChuckOne
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250

☕ NXT-4BTE-8Y4K-CDS2-6TB82


View Profile
June 13, 2014, 04:48:53 PM
 #3503

1000 million scam coins for sale

Where? I want to buy cheap! Cheesy
NOT on MINTPALL they dont do scamming shit coins.


Hmm... Starting at the top of their coin list going down.

AC - PoS coin.
AUR - PoW but 50% PREMINE - (created on a keyboard)
BC - PoS coin.
C2 - PoS coin.

Guess I'll stop there.

Why do you care? If you don't like them, don't buy or trade them. Why am I feeding trolls?

Because they are cute when they nibble their food. Smiley
Eadeqa
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
June 13, 2014, 06:46:33 PM
 #3504

Ugh... Are you kidding me? Are there bots prowling the network with a boatload of password-account combinations stored watching the for transactions to known addresses or something?

I got some NXT a long time ago and kept it tucked away, but with the updated client it seems I didn't have a public key, so I sent a message.. easy enough... my balance was there, but I couldn't forge because it was unconfirmed... so I figure this has something to do with old balances being 'unconfirmed' under the updated protocol until it's seen activity.. So I flip my NXT into another account that I used in the past (tx 3603756272827733121), wait for it to confirm, and as soon as it does the NXT has moved on to an account out of my control (tx 10738856805317237622)...!!!

WTF? I sat here waiting for a confirm to flip it right back, and it vanishes before my very eyes! We're talking within 2 seconds of the first confirmation!

If the network is this compromised, how do you ever expect mainstream adoption... I've had an eye on NXT since the beginning and was really into the new look and feel, the asset exchange, etc.. My interest was building in NXT again (initially less than impressed by the distribution, but it seemed a lot of great work had gone into the protocol..) Too bad.. Nxt looked cool, but as it stands I'm out.. Not sure that this can be called a 2nd generation crypto when it's this vulnerable to theft. I'd say the target audience is even more specialized than bitcoin; the average joe can hardly remember "Password1"!

You should use 2 passwords. One that you save locally or on the cloud that has back ups and redundancies and that you dont actually memorize, and one that you do memorize and never save on any computer that touches the internet. Then simply concatenate the two passwords when entering your wallet. The first will protect you against rainbow tables (thats what got you) and the second will protect you against hackers. Its a pretty simple concept but it really should be spelled out, its certainly not peoples fault for not knowing this. Heck the client should even come with two password fields and concatenate them for people imo.

This makes absolutely no sense whatsoever. Two passwords and one long passwords is the same thing.

"Then simply concatenate the two passwords when entering your wallet."

If your machine is compromised, both passwords could be stolen when you are entering them in the wallet. This doesn't add any security then just having one longer password. 




Nomi, Shan, Adnan, Noshi, Nxt, Adn Khn
NXT-GZYP-FMRT-FQ9K-3YQGS
https://github.com/Lafihh/encryptiontest
Triffin
Sr. Member
****
Offline Offline

Activity: 952
Merit: 251



View Profile
June 13, 2014, 07:17:00 PM
 #3505

So, given zachamo's experience, is this a security issue that the devs need to address
or is this an individual wallet holder issue with regards to strength of password ??

Triff ..  

Anon136
Legendary
*
Offline Offline

Activity: 1722
Merit: 1217



View Profile
June 13, 2014, 07:25:13 PM
 #3506

Ugh... Are you kidding me? Are there bots prowling the network with a boatload of password-account combinations stored watching the for transactions to known addresses or something?

I got some NXT a long time ago and kept it tucked away, but with the updated client it seems I didn't have a public key, so I sent a message.. easy enough... my balance was there, but I couldn't forge because it was unconfirmed... so I figure this has something to do with old balances being 'unconfirmed' under the updated protocol until it's seen activity.. So I flip my NXT into another account that I used in the past (tx 3603756272827733121), wait for it to confirm, and as soon as it does the NXT has moved on to an account out of my control (tx 10738856805317237622)...!!!

WTF? I sat here waiting for a confirm to flip it right back, and it vanishes before my very eyes! We're talking within 2 seconds of the first confirmation!

If the network is this compromised, how do you ever expect mainstream adoption... I've had an eye on NXT since the beginning and was really into the new look and feel, the asset exchange, etc.. My interest was building in NXT again (initially less than impressed by the distribution, but it seemed a lot of great work had gone into the protocol..) Too bad.. Nxt looked cool, but as it stands I'm out.. Not sure that this can be called a 2nd generation crypto when it's this vulnerable to theft. I'd say the target audience is even more specialized than bitcoin; the average joe can hardly remember "Password1"!

You should use 2 passwords. One that you save locally or on the cloud that has back ups and redundancies and that you dont actually memorize, and one that you do memorize and never save on any computer that touches the internet. Then simply concatenate the two passwords when entering your wallet. The first will protect you against rainbow tables (thats what got you) and the second will protect you against hackers. Its a pretty simple concept but it really should be spelled out, its certainly not peoples fault for not knowing this. Heck the client should even come with two password fields and concatenate them for people imo.

This makes absolutely no sense whatsoever. Two passwords and one long passwords is the same thing.

"Then simply concatenate the two passwords when entering your wallet."

If your machine is compromised, both passwords could be stolen when you are entering them in the wallet. This doesn't add any security then just having one longer password. 





No i dont think so. Im pretty sure that a password that you store in a text file on your desktop and copy and paste into your client is less secure than one that you memorize and type into your client.

Rep Thread: https://bitcointalk.org/index.php?topic=381041
If one can not confer upon another a right which he does not himself first possess, by what means does the state derive the right to engage in behaviors from which the public is prohibited?
Este Nuno
Legendary
*
Offline Offline

Activity: 826
Merit: 1002


amarha


View Profile
June 13, 2014, 07:42:10 PM
 #3507

Words relating to pay expo

sending an ounce of silver to say thankyou for the hard work.

How does this work? I saw you have silver listed on NXT somehow from a giveaway thread you posted(I think it was you anyway). When you say you're sending him an ounce of silver, does that mean you're sending him coloured coins or something at represent 1 oz of silver? How does one redeem them for real silver?
Anon136
Legendary
*
Offline Offline

Activity: 1722
Merit: 1217



View Profile
June 13, 2014, 07:47:24 PM
 #3508

Words relating to pay expo

sending an ounce of silver to say thankyou for the hard work.

How does this work? I saw you have silver listed on NXT somehow from a giveaway thread you posted(I think it was you anyway). When you say you're sending him an ounce of silver, does that mean you're sending him coloured coins or something at represent 1 oz of silver? How does one redeem them for real silver?

Yes i am sending a colored coin. For the lower 48 in the US, inorder to redeam one must send an amount of tokens divisible by ten to the issuing address with an adjoined message containing the mailing address that you would like the coins to be delivered to. Shipping to anywhere else should pm me to discuss specific arrangements.

Rep Thread: https://bitcointalk.org/index.php?topic=381041
If one can not confer upon another a right which he does not himself first possess, by what means does the state derive the right to engage in behaviors from which the public is prohibited?
From Above
Hero Member
*****
Offline Offline

Activity: 700
Merit: 520



View Profile
June 13, 2014, 07:50:38 PM
 #3509

Words relating to pay expo

sending an ounce of silver to say thankyou for the hard work.

How does this work? I saw you have silver listed on NXT somehow from a giveaway thread you posted(I think it was you anyway). When you say you're sending him an ounce of silver, does that mean you're sending him coloured coins or something at represent 1 oz of silver? How does one redeem them for real silver?

Yes i am sending a colored coin. For the lower 48 in the US, inorder to redeam one must send an amount of tokens divisible by ten to the issuing address with an adjoined message containing the mailing address that you would like the coins to be delivered to. Shipping to anywhere else should pm me to discuss specific arrangements.

Send me some silver plz
U ship to Russia?

Eadeqa
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
June 13, 2014, 07:51:41 PM
 #3510

No i dont think so. Im pretty sure that a password that you store in a text file on your desktop and copy and paste into your client is less secure than one that you memorize and type into your client.

A keylogger can catch both password when you enter them (the one you type and the one you copy and paste)

Password manager is safer as some of them (like Keypass) have anti key logger features

http://keepass.info/help/v2/autotype_obfuscation.html

Nomi, Shan, Adnan, Noshi, Nxt, Adn Khn
NXT-GZYP-FMRT-FQ9K-3YQGS
https://github.com/Lafihh/encryptiontest
PilotofBTC
Legendary
*
Offline Offline

Activity: 1736
Merit: 1001


View Profile
June 13, 2014, 07:52:28 PM
 #3511

No i dont think so. Im pretty sure that a password that you store in a text file on your desktop and copy and paste into your client is less secure than one that you memorize and type into your client.

There's two issues here.

1. Will a sufficiently long/complex password protect your NXT account. YES. It will take ages to crack strong passworded NXT ids.

2. Are you able to keep your password safe? Um, storing it in a text file doesn't seem safe to me. But, I agree, memorizing a "pin" (call it that last 4-6 digits of your password) and never writing them down or saving them in a file is a nice idea. Also, make sure you are running a fire wall and good mal ware software to prevent key loggers from getting to your PC.

Any idea if anyone is working on a wallet like Armory that lets you create/sign transactions on a warm storage device and then transmit them from a hot wallet?
Eadeqa
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
June 13, 2014, 07:56:44 PM
 #3512

Any idea if anyone is working on a wallet like Armory that lets you create/sign transactions on a warm storage device and then transmit them from a hot wallet?

It's totally possible (and should be really easy) to create a small app (not fully featured client) that signs transactions on offline computer and then you broadcast it on online machine.

Maybe we can set a bounty on it?


Nomi, Shan, Adnan, Noshi, Nxt, Adn Khn
NXT-GZYP-FMRT-FQ9K-3YQGS
https://github.com/Lafihh/encryptiontest
PilotofBTC
Legendary
*
Offline Offline

Activity: 1736
Merit: 1001


View Profile
June 13, 2014, 07:58:19 PM
 #3513

Any idea if anyone is working on a wallet like Armory that lets you create/sign transactions on a warm storage device and then transmit them from a hot wallet?

It's totally possible (and should be really easy) to create a small app (not fully featured client) that signs transactions on offline computer and then you broadcast it on online machine.

Maybe we can set a bounty on it?



I'm going to have to write code to do this for the anonymizer I am working on. So, I could probably put something together from that. A bounty would motivate me. Wink
Eadeqa
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
June 13, 2014, 08:00:16 PM
 #3514

Any idea if anyone is working on a wallet like Armory that lets you create/sign transactions on a warm storage device and then transmit them from a hot wallet?

It's totally possible (and should be really easy) to create a small app (not fully featured client) that signs transactions on offline computer and then you broadcast it on online machine.

Maybe we can set a bounty on it?



I'm going to have to write code to do this for the anonymizer I am working on. So, I could probably put something together from that. A bounty would motivate me. Wink

You should ask Anon136 for bounty as he is on  community funds Smiley

I don't think bounty should be large, as this should be really easy task as you just save the transaction to USB drive, sign it on offline machine, then back to online machine to broadcast it. All the API and error checking is already done by NRS
 

Nomi, Shan, Adnan, Noshi, Nxt, Adn Khn
NXT-GZYP-FMRT-FQ9K-3YQGS
https://github.com/Lafihh/encryptiontest
Cassius
Legendary
*
Offline Offline

Activity: 1764
Merit: 1031


View Profile WWW
June 13, 2014, 08:00:35 PM
 #3515

Any idea if anyone is working on a wallet like Armory that lets you create/sign transactions on a warm storage device and then transmit them from a hot wallet?

It's totally possible (and should be really easy) to create a small app (not fully featured client) that signs transactions on offline computer and then you broadcast it on online machine.

Maybe we can set a bounty on it?



This is a great idea. I really think that's one feature that NXT would benefit from, or some kind of cold storage solution.
At the moment, I'm keeping the bulk of my NXT in a separate account from my day-to-day one. I don't sign in often and was careful setting it up, but it's still not as secure as traditional (bitcoin-style) cold storage, where nothing needs to be done online.
dandruff1138
Hero Member
*****
Offline Offline

Activity: 700
Merit: 501


1000% ROI Masternode Coin


View Profile WWW
June 13, 2014, 08:02:29 PM
 #3516

NXT won't let me unwatch this thread!!!!  Angry

            ▄▄██████████▄▄
        ▄▄██████████████████▄▄
      ▄███████████████████████▄
    ▄████████████████████████████▄
   ████████████████████████████████
  ██████████████████████████████████
 ██████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████
██████████████████████████████████████
██████████████████████████████████████
██████████████████████████████████████
██████████████████████████████████████
 ███████████████████████████████████
  █████████████████████████████████
   ██████████████████████████████
    ▀████████████████████████████▀
      ▀███████████████████████▀
         ▀██████████████████▀▀
            ▀▀██████████▀▀
(.
.@75 c Stage 2.
)
███     WHITEPAPER      SLACK      ANN THREAD     ███
████     FACEBOOK      TWITTER      TELEGRAM     ████

▬▬▬  JOIN OUR ICO    From Nov 10th, 2017  ▬▬▬
PilotofBTC
Legendary
*
Offline Offline

Activity: 1736
Merit: 1001


View Profile
June 13, 2014, 08:08:44 PM
 #3517

Any idea if anyone is working on a wallet like Armory that lets you create/sign transactions on a warm storage device and then transmit them from a hot wallet?

It's totally possible (and should be really easy) to create a small app (not fully featured client) that signs transactions on offline computer and then you broadcast it on online machine.

Maybe we can set a bounty on it?



This is a great idea. I really think that's one feature that NXT would benefit from, or some kind of cold storage solution.
At the moment, I'm keeping the bulk of my NXT in a separate account from my day-to-day one. I don't sign in often and was careful setting it up, but it's still not as secure as traditional (bitcoin-style) cold storage, where nothing needs to be done online.

Generating a paper wallet would be pretty simple (since you are just generating a random password/id). The thing is, according to the NXT devs you really need to spend from an account/id to secure it (I guess that creates the public key?). Although, I do admit I'm not 100% sure how doing the spend really secures the account.
Eadeqa
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
June 13, 2014, 08:13:53 PM
 #3518


Generating a paper wallet would be pretty simple (since you are just generating a random password/id). The thing is, according to the NXT devs you really need to spend from an account/id to secure it (I guess that creates the public key?). Although, I do admit I'm not 100% sure how doing the spend really secures the account.

Your account number is 64 bits. So there could be many passwords (infinite actually) that result in the same 64 bit account ID. When you send an outgoing transaction, the account is no longer is protected just by 64 bit account ID, but by the 256 bit public key as the network now knows the public key for that account ID.

That's why it's required to send at least one outgoing transaction.

We don't need paper wallet. Just an app that does off line signing would make it close to 100% secure as the user is safe from keyloggers and malware. One outgoing transcation will still be needed, but that transaction can be signed on an offline computer that will never have internet connection. 

Nomi, Shan, Adnan, Noshi, Nxt, Adn Khn
NXT-GZYP-FMRT-FQ9K-3YQGS
https://github.com/Lafihh/encryptiontest
Este Nuno
Legendary
*
Offline Offline

Activity: 826
Merit: 1002


amarha


View Profile
June 13, 2014, 08:31:03 PM
 #3519

Words relating to pay expo

sending an ounce of silver to say thankyou for the hard work.

How does this work? I saw you have silver listed on NXT somehow from a giveaway thread you posted(I think it was you anyway). When you say you're sending him an ounce of silver, does that mean you're sending him coloured coins or something at represent 1 oz of silver? How does one redeem them for real silver?

Yes i am sending a colored coin. For the lower 48 in the US, inorder to redeam one must send an amount of tokens divisible by ten to the issuing address with an adjoined message containing the mailing address that you would like the coins to be delivered to. Shipping to anywhere else should pm me to discuss specific arrangements.

This is really cool to see a real world application of coloured coins! Someone could even trade that silver token for some coffee beans or something if someone sold coffee tokens as well. I wonder what sort of commodities trading we'll see. It's an exciting prospect in my opinion.
devphp
Sr. Member
****
Offline Offline

Activity: 336
Merit: 260


View Profile
June 13, 2014, 08:37:01 PM
 #3520

This is really cool to see a real world application of coloured coins! Someone could even trade that silver token for some coffee beans or something if someone sold coffee tokens as well. I wonder what sort of commodities trading we'll see. It's an exciting prospect in my opinion.

I believe some dev said they would try to implement trading anything for anything on the asset exchange or multigateway, but don't take my word for it, I may be wrong. Actually, that'd be redundant, as that would be bartering, and why is that necessary if there is such a standard unit of accounting as 1 NXT and everything can be priced against it.
Pages: « 1 ... 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 [176] 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 ... 535 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!