Wheatclove
|
|
May 21, 2015, 02:08:10 PM |
|
Is there a guide to set up multisig for laymen? If not, sounds like something child_harold could contribute!
*cheeky* This is the downside of multisig atm ... does require some knowledge to use it safely. Think I jusr figured out what the first shadowapp should be
|
|
|
|
systh
|
|
May 21, 2015, 02:56:53 PM |
|
<snip> if you say that, HD wallet is the solution for it...then HD wallet look like the most important improvement right now
You can achieve great security right now using multisig (like I do) and you will need to have access to multiple devices to move my funds... What HD wallet (BIP32, 39 and 44) brings to the table is a "standardised" way for say Trezor or Ledger Wallet to add support for Shadow and make it easy for the average person to feel secure with their crypto currency of choice. Multisig with your Android wallet would be almost as secure as 2fa.
Best solution on the market at the moment for altcoins ^ All this would be amazing! Ledger wallet filled with my SDC, that would be sweet.
|
|
|
|
Gibbs187x
Full Member
Offline
Activity: 126
Merit: 100
Moon
|
|
May 21, 2015, 03:09:21 PM |
|
would be awesome to see a ledger wallet!
|
|
|
|
skip60
|
|
May 21, 2015, 03:30:56 PM |
|
<snip> if you say that, HD wallet is the solution for it...then HD wallet look like the most important improvement right now
You can achieve great security right now using multisig (like I do) and you will need to have access to multiple devices to move my funds... What HD wallet (BIP32, 39 and 44) brings to the table is a "standardised" way for say Trezor or Ledger Wallet to add support for Shadow and make it easy for the average person to feel secure with their crypto currency of choice. Then share with us how to have multisig for average users I am sure lots of holders are paranoid right now. Me personelly, dont feel comfortable with one password only You shouldnt let holders be uncomfortable and if they feel insecure they will cash out After lawgicc incident, i noticed that price is 5k-10k higher/lower or manipulating the price for 5k-10k extra sdc is nothing. I am changed now If they steal, then u re done. I was thinking that, the only way i lose money at shadow at long term was only possible with dev team closing the project Being robbed really sucks
|
|
|
|
drAGon925
|
|
May 21, 2015, 03:44:30 PM |
|
Is everyone just being paranoid? lol
Everyone is being super paranoid. And some are super quick to point fingers. Yes, and the real crook is watching that and getting his rocks off. Don't give him the satisfaction. amen. i hope you dump my coins back to me duesch. take my $$$ idgaf, broke scammer taught me a valuable lesson. id love for you to try to actually come take my shit in person. lol you have my address or i should say addresses i know for a fact, it was in the pgp txt u probably swept , with my private keys. u have my real email as well. if you can trigger my blockchain data when i hadnt even accessed blockchain on this new/bugged computer....makes me wonder, there is only one other way. too scared to login to any of my accounts without TOR/VPN....sad sad. passwords are all still the same. last time ill be posting about this dumb move on my part
|
|
|
|
systh
|
|
May 21, 2015, 03:52:35 PM |
|
<snip> if you say that, HD wallet is the solution for it...then HD wallet look like the most important improvement right now
You can achieve great security right now using multisig (like I do) and you will need to have access to multiple devices to move my funds... What HD wallet (BIP32, 39 and 44) brings to the table is a "standardised" way for say Trezor or Ledger Wallet to add support for Shadow and make it easy for the average person to feel secure with their crypto currency of choice. Then share with us how to have multisig for average users I am sure lots of holders are paranoid right now. Me personelly, dont feel comfortable with one password only You shouldnt let holders be uncomfortable and if they feel insecure they will cash outAfter lawgicc incident, i noticed that price is 5k-10k higher/lower or manipulating the price for 5k-10k extra sdc is nothing. I am changed now If they steal, then u re done. I was thinking that, the only way i lose money at shadow at long term was only possible with dev team closing the project Being robbed really sucks Thanks for yet another contribution to the discussion, skippy. You do realize this is not a problem of Shadow, but all cryptos in general, right? In fact, not just cryptos – if you're not careful with your actions online, you'll face the consequences. But still, feel free to blame Shadow and cash out. As usual, we'll all be happy to grab our SDC once again and again.. *wink*
|
|
|
|
skip60
|
|
May 21, 2015, 04:14:24 PM |
|
<snip> if you say that, HD wallet is the solution for it...then HD wallet look like the most important improvement right now
You can achieve great security right now using multisig (like I do) and you will need to have access to multiple devices to move my funds... What HD wallet (BIP32, 39 and 44) brings to the table is a "standardised" way for say Trezor or Ledger Wallet to add support for Shadow and make it easy for the average person to feel secure with their crypto currency of choice. Then share with us how to have multisig for average users I am sure lots of holders are paranoid right now. Me personelly, dont feel comfortable with one password only You shouldnt let holders be uncomfortable and if they feel insecure they will cash outAfter lawgicc incident, i noticed that price is 5k-10k higher/lower or manipulating the price for 5k-10k extra sdc is nothing. I am changed now If they steal, then u re done. I was thinking that, the only way i lose money at shadow at long term was only possible with dev team closing the project Being robbed really sucks Thanks for yet another contribution to the discussion, skippy. You do realize this is not a problem of Shadow, but all cryptos in general, right? In fact, not just cryptos – if you're not careful with your actions online, you'll face the consequences. But still, feel free to blame Shadow and cash out. As usual, we'll all be happy to grab our SDC once again and again.. *wink* I was not talking about myself, i was generally my idea Well done to you that you got that meaning out of what i wrote I wrote there that i am changed, why didnt you bold that part Anyway, lest cut it here
|
|
|
|
maxvolts
|
|
May 21, 2015, 04:37:29 PM |
|
<snip> if you say that, HD wallet is the solution for it...then HD wallet look like the most important improvement right now
You can achieve great security right now using multisig (like I do) and you will need to have access to multiple devices to move my funds... What HD wallet (BIP32, 39 and 44) brings to the table is a "standardised" way for say Trezor or Ledger Wallet to add support for Shadow and make it easy for the average person to feel secure with their crypto currency of choice. Then share with us how to have multisig for average users I am sure lots of holders are paranoid right now. Me personelly, dont feel comfortable with one password only You shouldnt let holders be uncomfortable and if they feel insecure they will cash outAfter lawgicc incident, i noticed that price is 5k-10k higher/lower or manipulating the price for 5k-10k extra sdc is nothing. I am changed now If they steal, then u re done. I was thinking that, the only way i lose money at shadow at long term was only possible with dev team closing the project Being robbed really sucks Thanks for yet another contribution to the discussion, skippy. You do realize this is not a problem of Shadow, but all cryptos in general, right? In fact, not just cryptos – if you're not careful with your actions online, you'll face the consequences. But still, feel free to blame Shadow and cash out. As usual, we'll all be happy to grab our SDC once again and again.. *wink* I was not talking about myself, i was generally my idea Well done to you that you got that meaning out of what i wrote I wrote there that i am changed, why didnt you bold that part Anyway, lest cut it here What the hell does that even mean?
|
|
|
|
bangomatic
Legendary
Offline
Activity: 1246
Merit: 1000
ARK Team likes to ban and delete posts in reddit.
|
|
May 21, 2015, 04:45:51 PM |
|
I take it to mean that skip has decided to work with us and not against us. Welcome back skip.
|
|
|
|
Automatic Monkey
|
|
May 21, 2015, 05:00:41 PM |
|
This incident happened in a very specific way and I don't think it represents a security threat to SDC in particular or crypto in general. That specific way was a bad link just like the kind you get in a phishing e-mail and this is something that happens every day with traditional banking, nothing crypto-specific about it.
If you have large holdings in any coin (particularly coins that need to stake) it's probably time for a dedicated Linux machine for your wallets and keys. You should be able to do it with a 10-year old computer you found in a dumpster, plus a 1 TB drive. No browsing or e-mail on that machine, firewalls limiting net access to your wallets, do what you need to do through airgaps. Then you can set up thin wallets on your everyday machine for your spending money.
One way the devs could help with this is to supply some easier install packages for the Linux wallets, and/or detailed install instructions "for dummies." A dev knows Linux backwards and forwards but installing Linux software is a pain in the klootzak for people who don't use it every day. Better wallet discipline plus more installs on the more secure OS will cut down on theft somewhat and increase overall trust in the coin.
|
Try ShadowCash, the first coin with instant and decentralized private transactions! SDC address: SUPERMAN8eDvcPL6RWYMVwtPzUtqWi2zCr Wallet Private Key: 7S6fJBEzXqJuuGCvEPcgBSbd5wmjVTvDj7591gNKcTmS7X47e98
|
|
|
dadon
Legendary
Offline
Activity: 1190
Merit: 1002
Pecvniate obedivnt omnia.
|
|
May 21, 2015, 05:02:13 PM |
|
yeah welcome back skip, we will give you the benefit of the doubt..behave
|
|
|
|
systh
|
|
May 21, 2015, 06:33:16 PM |
|
This incident happened in a very specific way and I don't think it represents a security threat to SDC in particular or crypto in general. That specific way was a bad link just like the kind you get in a phishing e-mail and this is something that happens every day with traditional banking, nothing crypto-specific about it.
Yep, that's what I was trying to tell skip. If you have large holdings in any coin (particularly coins that need to stake) it's probably time for a dedicated Linux machine for your wallets and keys. You should be able to do it with a 10-year old computer you found in a dumpster, plus a 1 TB drive. No browsing or e-mail on that machine, firewalls limiting net access to your wallets, do what you need to do through airgaps. Then you can set up thin wallets on your everyday machine for your spending money.
I was just thinking about dedicated machine a couple of days ago.. I was wondering: Linux wallet comes with "shadowcoind" – a daemon, if I'm not mistaken; my question: is it enough for staking to run that daemon only? Maybe with some additional parameters? (I'm in no way Linux pro, even though I flirt with it for some time already.) One way the devs could help with this is to supply some easier install packages for the Linux wallets, and/or detailed install instructions "for dummies." A dev knows Linux backwards and forwards but installing Linux software is a pain in the klootzak for people who don't use it every day. Better wallet discipline plus more installs on the more secure OS will cut down on theft somewhat and increase overall trust in the coin.
This would be great contribution to Shadow Wiki! I seriously think there's a good opportunity for community members who want to contribute by writing those Wiki pages/tutorials etc.
|
|
|
|
Wheatclove
|
|
May 21, 2015, 06:38:39 PM |
|
This incident happened in a very specific way and I don't think it represents a security threat to SDC in particular or crypto in general. That specific way was a bad link just like the kind you get in a phishing e-mail and this is something that happens every day with traditional banking, nothing crypto-specific about it.
Yep, that's what I was trying to tell skip. If you have large holdings in any coin (particularly coins that need to stake) it's probably time for a dedicated Linux machine for your wallets and keys. You should be able to do it with a 10-year old computer you found in a dumpster, plus a 1 TB drive. No browsing or e-mail on that machine, firewalls limiting net access to your wallets, do what you need to do through airgaps. Then you can set up thin wallets on your everyday machine for your spending money.
I was just thinking about dedicated machine a couple of days ago.. I was wondering: Linux wallet comes with "shadowcoind" – a daemon, if I'm not mistaken; my question: is it enough for staking to run that daemon only? Maybe with some additional parameters? (I'm in no way Linux pro, even though I flirt with it for some time already.) One way the devs could help with this is to supply some easier install packages for the Linux wallets, and/or detailed install instructions "for dummies." A dev knows Linux backwards and forwards but installing Linux software is a pain in the klootzak for people who don't use it every day. Better wallet discipline plus more installs on the more secure OS will cut down on theft somewhat and increase overall trust in the coin.
This would be great contribution to Shadow Wiki! I seriously think there's a good opportunity for community members who want to contribute by writing those Wiki pages/tutorials etc. The Linux wallets have a readme in github which is fairly easy to follow. The first thing I ever did on Linux was install the wallet. Shadowcoind is the command line wallet which is much more difficult than the gui qt wallet.
|
|
|
|
systh
|
|
May 21, 2015, 06:46:37 PM |
|
This incident happened in a very specific way and I don't think it represents a security threat to SDC in particular or crypto in general. That specific way was a bad link just like the kind you get in a phishing e-mail and this is something that happens every day with traditional banking, nothing crypto-specific about it.
Yep, that's what I was trying to tell skip. If you have large holdings in any coin (particularly coins that need to stake) it's probably time for a dedicated Linux machine for your wallets and keys. You should be able to do it with a 10-year old computer you found in a dumpster, plus a 1 TB drive. No browsing or e-mail on that machine, firewalls limiting net access to your wallets, do what you need to do through airgaps. Then you can set up thin wallets on your everyday machine for your spending money.
I was just thinking about dedicated machine a couple of days ago.. I was wondering: Linux wallet comes with "shadowcoind" – a daemon, if I'm not mistaken; my question: is it enough for staking to run that daemon only? Maybe with some additional parameters? (I'm in no way Linux pro, even though I flirt with it for some time already.) One way the devs could help with this is to supply some easier install packages for the Linux wallets, and/or detailed install instructions "for dummies." A dev knows Linux backwards and forwards but installing Linux software is a pain in the klootzak for people who don't use it every day. Better wallet discipline plus more installs on the more secure OS will cut down on theft somewhat and increase overall trust in the coin.
This would be great contribution to Shadow Wiki! I seriously think there's a good opportunity for community members who want to contribute by writing those Wiki pages/tutorials etc. The Linux wallets have a readme in github which is fairly easy to follow. The first thing I ever did on Linux was install the wallet. Shadowcoind is the command line wallet which is much more difficult than the gui qt wallet. Yeah, I know it doesn't have the GUI. I was planning to install it on a machine-turned-server (w/o monitor), so I just SSH to it via terminal.. that's why I was curious about shadowcoind. Thanks for pointing me to a readme (hehe).
|
|
|
|
dasource
|
|
May 21, 2015, 06:56:41 PM |
|
The Linux wallets have a readme in github which is fairly easy to follow. The first thing I ever did on Linux was install the wallet.
Shadowcoind is the command line wallet which is much more difficult than the gui qt wallet.
The learning curve is actually not that difficult. If you load the GUI Wallet and goto console and type "help" that is basically the same as running "shadowcoind help" ... start practicing there first (unlock wallet, send transactions etc), instead of using the GUI use the console (the commands are the same). Once your comfortable you can move onto linux etc and manage the Shadow wallet with ease from CLI. If you are going to go down this route, stick to a linux server behind your home router/nat v.s. a public VPS (as that then requires you to ensure the VM/VPS is secured and up-to-date)
|
^ I am with STUPID!
|
|
|
lawgicc
|
|
May 21, 2015, 06:58:53 PM |
|
This incident happened in a very specific way and I don't think it represents a security threat to SDC in particular or crypto in general. That specific way was a bad link just like the kind you get in a phishing e-mail and this is something that happens every day with traditional banking, nothing crypto-specific about it.
If you have large holdings in any coin (particularly coins that need to stake) it's probably time for a dedicated Linux machine for your wallets and keys. You should be able to do it with a 10-year old computer you found in a dumpster, plus a 1 TB drive. No browsing or e-mail on that machine, firewalls limiting net access to your wallets, do what you need to do through airgaps. Then you can set up thin wallets on your everyday machine for your spending money.
One way the devs could help with this is to supply some easier install packages for the Linux wallets, and/or detailed install instructions "for dummies." A dev knows Linux backwards and forwards but installing Linux software is a pain in the klootzak for people who don't use it every day. Better wallet discipline plus more installs on the more secure OS will cut down on theft somewhat and increase overall trust in the coin.
I agree with almost all this. Whos monitoring this thread for these kinds of links/scams? No one? I understand its my job to check links but when its coming from a requote of the Dev on an official moderated thread of the coin....never thought once that would be possible. but now im down 55k sdc....and people already knew of this scam and they still pulled it off? i almost cant even be mad, this is unbelieveable..forever will i be checking links, never again will i touch a link from this website.
|
mrBitcoinZ.com @mrB1tc01n
|
|
|
lawgicc
|
|
May 21, 2015, 07:07:03 PM |
|
Also i believe if 2FA was set up through a phone or 3rd party device, seperate from the cold wallet, it would be impossible to hack since the 2FA codes are always changing. If you as a keylogger would just wait for the user to enter the code, why has 2FA yet to be hacked? Why has no keylogger/hacker "just waited"? cause you cant, if you wait the code changes, and how can the hacker get the changed code from the phone or 3rd party device if he only has the device of the cold wallet bugged?
example, the hacker took 55k from my cold wallet.
the hacker took nothing from my blockchain wallet locked with 2FA, BUT he attempted. He had full access, he cracked my fuckin pgp where all my blockchain info was stored with BOTH Mnemonic passwords. Did he not want to check my bitcoin wallet? or was he unable to? Ill go with the second one.
|
mrBitcoinZ.com @mrB1tc01n
|
|
|
Wheatclove
|
|
May 21, 2015, 07:31:37 PM |
|
Also i believe if 2FA was set up through a phone or 3rd party device, seperate from the cold wallet, it would be impossible to hack since the 2FA codes are always changing. If you as a keylogger would just wait for the user to enter the code, why has 2FA yet to be hacked? Why has no keylogger/hacker "just waited"? cause you cant, if you wait the code changes, and how can the hacker get the changed code from the phone or 3rd party device if he only has the device of the cold wallet bugged?
example, the hacker took 55k from my cold wallet.
the hacker took nothing from my blockchain wallet locked with 2FA, BUT he attempted. He had full access, he cracked my fuckin pgp where all my blockchain info was stored with BOTH Mnemonic passwords. Did he not want to check my bitcoin wallet? or was he unable to? Ill go with the second one.
Funny you say this, because blockchain.info had a bunch of 2fa accounts hacked last year but reimbursed all the stolen coins.
|
|
|
|
lawgicc
|
|
May 21, 2015, 07:39:38 PM |
|
Also i believe if 2FA was set up through a phone or 3rd party device, seperate from the cold wallet, it would be impossible to hack since the 2FA codes are always changing. If you as a keylogger would just wait for the user to enter the code, why has 2FA yet to be hacked? Why has no keylogger/hacker "just waited"? cause you cant, if you wait the code changes, and how can the hacker get the changed code from the phone or 3rd party device if he only has the device of the cold wallet bugged?
example, the hacker took 55k from my cold wallet.
the hacker took nothing from my blockchain wallet locked with 2FA, BUT he attempted. He had full access, he cracked my fuckin pgp where all my blockchain info was stored with BOTH Mnemonic passwords. Did he not want to check my bitcoin wallet? or was he unable to? Ill go with the second one.
Funny you say this, because blockchain.info had a bunch of 2fa accounts hacked last year but reimbursed all the stolen coins. Was it faulty tech by 2fa or a goof up by blockchain.info? Does bitcoin get hacked or do people get hacked for bitcoin?
|
mrBitcoinZ.com @mrB1tc01n
|
|
|
Automatic Monkey
|
|
May 21, 2015, 08:39:03 PM |
|
Also i believe if 2FA was set up through a phone or 3rd party device, seperate from the cold wallet, it would be impossible to hack since the 2FA codes are always changing. If you as a keylogger would just wait for the user to enter the code, why has 2FA yet to be hacked? Why has no keylogger/hacker "just waited"? cause you cant, if you wait the code changes, and how can the hacker get the changed code from the phone or 3rd party device if he only has the device of the cold wallet bugged?
example, the hacker took 55k from my cold wallet.
the hacker took nothing from my blockchain wallet locked with 2FA, BUT he attempted. He had full access, he cracked my fuckin pgp where all my blockchain info was stored with BOTH Mnemonic passwords. Did he not want to check my bitcoin wallet? or was he unable to? Ill go with the second one.
Funny you say this, because blockchain.info had a bunch of 2fa accounts hacked last year but reimbursed all the stolen coins. Was it faulty tech by 2fa or a goof up by blockchain.info? Does bitcoin get hacked or do people get hacked for bitcoin? It is extremely unlikely a private key has ever been hacked directly. Nor was your PGP cracked! But no lock is more secure than it's key and getting a key off someone's computer can be as easy as getting their car keys out of their pocket. Car keys have gotten a lot more secure in recent years too so now it's easier to carjack someone or mug them for their keys than hot wire a car the old fashioned way.
|
Try ShadowCash, the first coin with instant and decentralized private transactions! SDC address: SUPERMAN8eDvcPL6RWYMVwtPzUtqWi2zCr Wallet Private Key: 7S6fJBEzXqJuuGCvEPcgBSbd5wmjVTvDj7591gNKcTmS7X47e98
|
|
|
|