|
gamer4156 (OP)
|
 |
April 19, 2012, 06:12:12 PM |
|
I have a good idea for a bitcoin related website. It is somewhat simple but I have zero experience in coding. Would it be a waste of time for me to try and learn to code and build this site my self?
Editing to include what the website needs.
Log in/deposit bitcion ability
Ability to purchase something with bitcoin balance.
|
|
|
|
|
|
|
grue
Legendary
 Offline
Activity: 2058
Merit: 1462
|
|
April 19, 2012, 09:09:06 PM |
|
Would it be a waste of time for me to try and learn to code and build this site my self?
if you're not worried about getting the site up in a hurry, and you have the patience + time to study, sure. otherwise, hire a freelancer to do it. |
|
|
|
|
|
Gavin Andresen
Legendary
Offline
Activity: 1652
Merit: 2311
Chief Scientist
|
|
April 19, 2012, 10:47:04 PM |
|
No, you should not
I agree with Andrew. Building a website that handles money is a terrible first project. |
How often do you get the chance to work on a potentially world-changing project?
|
|
|
grue
Legendary
Offline
Activity: 2058
Merit: 1462
|
|
April 19, 2012, 11:21:01 PM |
|
No, you should not
I agree with Andrew. Building a website that handles money is a terrible first project. SQLi, anyone? |
|
|
|
SgtSpike
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
April 19, 2012, 11:24:23 PM |
|
No, you should not
I agree with Andrew. Building a website that handles money is a terrible first project. +1. The biggest thing in building a website to handle money is security, especially in the hacker-friend Bitcoin community, and even though I've been programming websites for more than a decade, there's still a lot I do not know about security. A newbie wouldn't have a clue where to start as far as security goes. If you do decide to go ahead and build a site, then have it audited by at least 2 or 3 people for security flaws that need to be corrected before making it live. |
|
|
|
|
|
gamer4156 (OP)
|
|
April 20, 2012, 01:10:32 AM |
|
No, you should not
I agree with Andrew. Building a website that handles money is a terrible first project. +1. The biggest thing in building a website to handle money is security, especially in the hacker-friend Bitcoin community, and even though I've been programming websites for more than a decade, there's still a lot I do not know about security. A newbie wouldn't have a clue where to start as far as security goes. If you do decide to go ahead and build a site, then have it audited by at least 2 or 3 people for security flaws that need to be corrected before making it live. This is kinda what I figured, maybe I will take up a partner who can code and we can share the profits. |
|
|
|
|
Raoul Duke
aka psy
Legendary
Offline
Activity: 1372
Merit: 1002
|
|
April 20, 2012, 01:15:21 AM |
|
Of course you should. There will be at least one hacker that will thank you but probably never say it with words lol
|
|
|
|
|
check_status
Full Member
Offline
Activity: 196
Merit: 100
Web Dev, Db Admin, Computer Technician
|
|
April 20, 2012, 11:21:36 AM |
|
Why not just have people make payments to offline addresses. When they fill in their shipping address there is an extra box for the bitcoin address they make the payment from. This way MyDoodads.com can verify the payment via the blockchain by using a PHP spider on blockexplorer from an alternate internet connection. Totally automated and hacker has no access to the stores offline wallet. Evil hacker can deface the site, load an exploit pack onto the site to attack vulnerable users but can't steal any money because no money goes through the site. Stealing names and shipping addresses has no immediate compensation reward unless I'm selling some shady or embarrassing products.
|
For Bitcoin to be a true global currency the value of BTC needs always to rise. If BTC became the global currency & money supply = 100 Trillion then ⊅1.00 BTC = $4,761,904.76. P2Pool Server List | How To's and Guides Mega List | 1 EndfedSryGUZK9sPrdvxHntYzv2EBexGA |
|
|
darkice
Member
Offline
Activity: 85
Merit: 10
|
|
April 20, 2012, 01:15:21 PM |
|
I have a good idea for a bitcoin related website. It is somewhat simple but I have zero experience in coding. Would it be a waste of time for me to try and learn to code and build this site my self?
Editing to include what the website needs.
Log in/deposit bitcion ability
Ability to purchase something with bitcoin balance.
It will be easier to implement a payment gateway plugin to an already working opensource or otherwise ecommerce web app, maybe someone might have already done that, chek em out first, it is too complicated to do it right from scratch, especially if you have no experience. |
|
|
|
|
SgtSpike
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
April 20, 2012, 03:46:43 PM |
|
Why not just have people make payments to offline addresses. When they fill in their shipping address there is an extra box for the bitcoin address they make the payment from. This way MyDoodads.com can verify the payment via the blockchain by using a PHP spider on blockexplorer from an alternate internet connection. Totally automated and hacker has no access to the stores offline wallet. Evil hacker can deface the site, load an exploit pack onto the site to attack vulnerable users but can't steal any money because no money goes through the site. Stealing names and shipping addresses has no immediate compensation reward unless I'm selling some shady or embarrassing products.
Not bad... |
|
|
|
|
Xenland
Legendary
Offline
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
|
|
April 23, 2012, 06:01:50 AM |
|
Why not just have people make payments to offline addresses. When they fill in their shipping address there is an extra box for the bitcoin address they make the payment from. This way MyDoodads.com can verify the payment via the blockchain by using a PHP spider on blockexplorer from an alternate internet connection. Totally automated and hacker has no access to the stores offline wallet. Evil hacker can deface the site, load an exploit pack onto the site to attack vulnerable users but can't steal any money because no money goes through the site. Stealing names and shipping addresses has no immediate compensation reward unless I'm selling some shady or embarrassing products.
What if an attacker rewrote the recorded bitcoins addresses(SQLi) to have sent money routed to their BTC address instead? unless everything was strictly email then that might be different. |
|
|
|
|
check_status
Full Member
Offline
Activity: 196
Merit: 100
Web Dev, Db Admin, Computer Technician
|
|
April 25, 2012, 07:48:43 AM |
|
What if an attacker rewrote the recorded bitcoins addresses(SQLi) to have sent money routed to their BTC address instead? unless everything was strictly email then that might be different.
They aren't using the website to send anything but alert the store which address payment was made from so no diversion is possible, no BTC passes through the site. For an attacker to divert funds they would need to modify the stores listed address. Payment address can be firstbits vanity address as domain name for the store. |
For Bitcoin to be a true global currency the value of BTC needs always to rise. If BTC became the global currency & money supply = 100 Trillion then ⊅1.00 BTC = $4,761,904.76. P2Pool Server List | How To's and Guides Mega List | 1 EndfedSryGUZK9sPrdvxHntYzv2EBexGA |
|
|
|
payb.tc
|
|
April 25, 2012, 08:54:47 AM |
|
What if an attacker rewrote the recorded bitcoins addresses(SQLi) to have sent money routed to their BTC address instead? unless everything was strictly email then that might be different.
They aren't using the website to send anything but alert the store which address payment was made from so no diversion is possible, no BTC passes through the site. For an attacker to divert funds they would need to modify the stores listed address. Payment address can be firstbits vanity address as domain name for the store. store owner should periodically download a dump of the address list to make sure all of them are legit, and keep as few online as possible. eg. start with a list of just 20 addresses, and every time the list gets down to 10, send an email to admin saying 'top up the address list'. that way, a tampering of the list will be easier to spot. you might also do some kind of merkle magic on the list to make tampering even quicker to spot. |
|
|
|
|
mc_lovin
Legendary
Offline
Activity: 1190
Merit: 1000
www.bitcointrading.com
|
|
April 25, 2012, 07:02:57 PM |
|
Many years ago when I wanted to learn HTML I used this site: http://www.lissaexplains.com/It's designed to each children how to code, so it's explained in the absolute simplest terms and it gave me a great stepping stone to learn more advanced things later on. |
|
|
|
|
Xenland
Legendary
Offline
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
|
|
April 25, 2012, 08:10:03 PM |
|
Many years ago when I wanted to learn HTML I used this site: http://www.lissaexplains.com/It's designed to each children how to code, so it's explained in the absolute simplest terms and it gave me a great stepping stone to learn more advanced things later on. Dude! I thought i was the only one that used that site when I was young. Too bad it's off-line meow. It was so helpful at teaching teeny boppers. Nostalgic... |
|
|
|
|
|
