mem
|
|
April 24, 2013, 07:26:40 AM |
|
Business partner? What made you think they were business partners? Don't they just basically host an IPO the same as GLBSE would? Speaking of bleemishes on the bitcoin landscape...... hello Matthew, nice to see you slink back into bitcointalk.org after the refusing to honor your bet. Can we expect any more childish tantrums, long winded arrogant posts about you educating idiots (apart from yourself) and threats to take your own life to prove a point ?
|
|
|
|
elux
Legendary
Offline
Activity: 1458
Merit: 1006
|
|
April 24, 2013, 07:26:51 AM |
|
|
|
|
|
Matthew N. Wright
Untrustworthy
Hero Member
Offline
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
|
|
April 24, 2013, 07:32:44 AM |
|
Speaking of bleemishes on the bitcoin landscape......hello Matthew, nice to see you slink back into bitcointalk.org after the refusing to honor your bet. Can we expect any more childish tantrums, long winded arrogant posts about you educating idiots (apart from yourself) and threats to take your own life to prove a point ?
Not sure what a bleemish is, but if you're asking have I learned to not troll people when money is involved, then yes. You must not have seen the numerous threads by myself and theymos regarding me paying every better. Check the link in my signature. Back on topic: what made you think MPEX were business partners?
|
|
|
|
mem
|
|
April 24, 2013, 07:36:10 AM |
|
Speaking of bleemishes on the bitcoin landscape......hello Matthew, nice to see you slink back into bitcointalk.org after the refusing to honor your bet. Can we expect any more childish tantrums, long winded arrogant posts about you educating idiots (apart from yourself) and threats to take your own life to prove a point ?
Not sure what a bleemish is, but if you're asking have I learned to not troll people when money is involved, then yes. You must not have seen the numerous threads by myself and theymos regarding me paying every better. Check the link in my signature. Back on topic: what made you think MPEX were business partners? Still Lying Matthew lol Back on ignore you go, please let me know the next time you have a massive public meltdown and then exit with a massive hissy fit - the last one was fucking hilarious.
|
|
|
|
Stephen Gornick
Legendary
Offline
Activity: 2506
Merit: 1010
|
|
April 24, 2013, 07:36:52 AM |
|
Happy Birthday, SatoshiDICE! Launch announcement dated April 24, 2012: - http://bitcointalk.org/index.php?topic=77870.0 <-- Though there were wagers beginning April 21st, 2012 it isn't known if those were test wagers or private beta, or what.
|
|
|
|
Zaih
|
|
April 24, 2013, 08:44:55 AM |
|
Happy birthday big guys
|
|
|
|
GCInc.
|
|
April 24, 2013, 12:23:04 PM |
|
Congrats. It's stunning how much can happen in one year (read: how much profit you can make) in the bitcoin world!
|
|
|
|
elux
Legendary
Offline
Activity: 1458
Merit: 1006
|
|
April 24, 2013, 01:17:18 PM Last edit: April 24, 2013, 11:34:24 PM by elux |
|
wget -r " http://satoshdice [do not visit] com" Returns some really interesting js, in addition to the standard SD assets. For example: <script style="display: none;" id="hiddenlpsubmitdiv"></script> <script>try{for(var lastpass_iter=0; lastpass_iter < document.forms.length; lastpass_iter++) { var lastpass_f = document.forms[lastpass_iter]; if(typeof(lastpass_f.lpsubmitorig2)=="undefined") { lastpass_f.lpsubmitorig2 = lastpass_f.submit; lastpass_f.submit = function(){ var form=this; var customEvent = document.createEvent("Event"); customEvent.initEvent("lpCustomEvent", true, true); var d = document.getElementById("hiddenlpsubmitdiv"); for(var i = 0; i < document.forms.length; i++){ if(document.forms[i]==form){ d.innerText=i; } } d.dispatchEvent(customEvent); form.lpsubmitorig2(); } } }}catch(e){}</script> http://en.wikipedia.org/wiki/Lastpass(Meanwhile, the guy from Hacker News has deleted his account.) Obviously, you should not visit the site!
|
|
|
|
nebulus
|
|
April 24, 2013, 02:15:36 PM |
|
Happy Birthday, SatoshiDICE! Launch announcement dated April 24, 2012: - http://bitcointalk.org/index.php?topic=77870.0 <-- Though there were wagers beginning April 21st, 2012 it isn't known if those were test wagers or private beta, or what. + 1
|
|
|
|
elux
Legendary
Offline
Activity: 1458
Merit: 1006
|
|
April 24, 2013, 02:30:07 PM Last edit: April 25, 2013, 12:55:01 AM by elux |
|
DOM XSS exploit employed by Satoshdice: http://blog.mindedsecurity.com/2012/11/dom-xss-on-google-plus-one-button.htmlstarting from: jsh=m;/_/apps-static/_/js/gapi/.... becomes " https://apis.google.com/_/apps-static/_/js/gapi/..../cb=gapi.loaded_0" and l[q] is the replace function : function W(){ ... 531 a = v.XMLHttpRequest, 532 l = l[q](/^https?:\/\/[^\/]+\//, "/"), 533 m = new a; 534 m.open("GET", l, f) ... } So on line 532 https://apis.google.com/ is removed and 'l' becomes: "/_/apps-static/_/js/gapi/..../cb=gapi.loaded_0" The reason why there is execution is that the response is evaluated using the following code: B=function(a,b,c){v.execScript?v.execScript(b,"JavaScript"):c?a.eval(b): (a=a.document,c=a.createElement("script"),c.defer=i, c.appendChild(a.createTextNode(b)... And whaddaya know, this seems to be exploited in a weirdly named file, satoshdice[ dot ]com/cb=gapi.loaded_0
Identitying the identity thief: <script>var gapi=window.gapi=window.gapi||{};(function() { Math.random();var f=function(c,b){var e=c.match(RegExp(".*(\\?|#|&)"+b+"=([^&#]+)"))||[];return decodeURIComponent(e[e.length-1]||"")},p=function(c,b){function e(a){if(!a.match(/^https?\:\/\//))return"";var b=k.createElement("a");b.href=a;b.pathname=b.search=b.hash="";return b.href.replace(/\/\??\#?$/,"")}function l(){a.parent.postMessage(a.JSON.stringify(d),m||"*");d.s=n+"/"+g+":"+n+":"+d.s;d.g=!1;b&&(d.a=b.slice(1));a.parent.postMessage("!_"+a.JSON.stringify(d),m||"*")}var a=window,k=a.document;if(a.postMessage&& a.JSON&&a.JSON.stringify&&a!=a.parent){var g=a.name,h=a.location.href,m=e(f(h,"parent")),n=f(h,"pfname"),d={s:c,f:g,r:g,t:f(h,"rpctoken"),a:b||[""],g:"ping"};k.all?a.setTimeout(l,0):l()}},q=function(c,b){p("widget-csi-tick-"+window.name,[c,null,b])},r=function(c){var b=window;return"1"===f(c||b.location.href,"useGapi")};window.gapi.inline=window.gapi.inline||{ping:p,tick:q,shouldUseGapi:r}; })(); </script></head><body class="g-rba-Dh-kQa " marginwidth="0" marginheight="0" style="zoom: 1;"><div id="root"><script type="text/javascript">window.__SSR = {c: 125.0 ,si:1,su:1,e:' brandoncowen@gmail.com',dn:'Brandon Cowen',a:'bubble',at:'AEIZW7T+bkaU4hFtHtCS7snSvYxDQMcjd7EnprcqUem11jOZf+d18o0QydlM8cuHPKCbMYMV0GzlSvWr08E5s6avbCVyVh6K81S0Tq1J924OGHBrcpkPhec\x3d',ld:[,[2,125,[] ,1,106] ] ,r:'http:\/\/satoshidice.com\/',s:'widget',annd: 2.0 ,bp: {}, id:'http:\/\/satoshidice.com\/'}; document.addEventListener && document.addEventListener('DOMContentLoaded', function () {gapi.inline.tick('wdc', new Date().getTime());}, false);</script><div id="plusone" dir="ltr" class="Bg"><span id="widget_bounds"><table cellpadding="0" cellspacing="0"><tbody><tr><td><div class="ZRa"><span id="button" class="hAa ah Bg" title="" role="button" tabindex="0" aria-label=" Click here to publicly +1 this as Brandon Cowen (brandoncowen@gmail.com)." aria-pressed="false"><div class="YIa"></div></span></div></td><td><div class="vC"><table cellpadding="0" cellspacing="0"><tbody><tr><td><div class="eX"></div></td><td><div class="U1"><div id="aggregateCount" class="V1">125</div></div></td><td><div class="fX"></div></td></tr></tbody></table> Ooops, looks like Brandon forgot something.
Next, compare the whois data: One point for using a bitcoin-registrar. Domain name: brandoncowen.com Administrative Contact: BncApplications Cees ( bnc321123@gmail.com) +1.905434 Fax: +1.5555555555 4748 Sideway Court Toronto, S L8N 6Y2 CA Technical Contact: BncApplications Brandon Cees ( bnc321123@gmail.com) +1.905434 Fax: +1.5555555555 4748 Sideway Court Toronto, S L8N 6Y2 CA Finally, googling " bnc321123@gmail.com + bitcoin" yields ONE hit: Lookup, WHOIS express bypassthe.net - Network Tools network-tools.com/default.asp?prog=express&host=bypassthe.netGetSomeCoin.com - An introduction to the Bitcoin Internet currency system based .... CA Administrative Contact: BncApplications Cees ( bnc321123@gmail.com) ... evoorhees, please contact Namecheap, Cloudflare to get the site shut down and blacklisted ASAP.
|
|
|
|
evoorhees (OP)
Legendary
Offline
Activity: 1008
Merit: 1023
Democracy is the original 51% attack
|
|
April 25, 2013, 06:05:57 PM |
|
Thank you very much elux. So sick of scammers in this world!!
SD's engineer is on this, and we're contacting the hosts to get this scam site removed asap. I really appreciate you bringing it to our attention.
|
|
|
|
Zaih
|
|
April 25, 2013, 06:36:15 PM |
|
Ohh thought you were accusing of the real SD site of having that haha. Was expecting shit to hit the fan.
|
|
|
|
freedomno1
Legendary
Offline
Activity: 1806
Merit: 1090
Learning the troll avoidance button :)
|
|
April 26, 2013, 04:17:52 AM |
|
Your not getting away Happy Belated Birthday Satoshi Dice
|
Believing in Bitcoins and it's ability to change the world
|
|
|
evoorhees (OP)
Legendary
Offline
Activity: 1008
Merit: 1023
Democracy is the original 51% attack
|
|
April 26, 2013, 12:45:07 PM |
|
Thank you guys for the happy birthday wishes What a crazy year. Bitcoin has become a fucking freight train.
|
|
|
|
uMMcQxCWELNzkt
|
|
April 26, 2013, 12:48:09 PM |
|
I am 0.2BTC up on Satoshidice after my second bet, I am going to quick while I am ahead.
|
|
|
|
evoorhees (OP)
Legendary
Offline
Activity: 1008
Merit: 1023
Democracy is the original 51% attack
|
|
May 08, 2013, 04:30:04 PM |
|
FYI - SD is down temporary for an upgrade. Should be back live within an hour. All bets will processes normally but may be stuck until the system is back so please be patient (no bets will get lost or messed up).
Thanks!
|
|
|
|
evoorhees (OP)
Legendary
Offline
Activity: 1008
Merit: 1023
Democracy is the original 51% attack
|
|
May 08, 2013, 06:03:57 PM |
|
FYI - SD is down temporary for an upgrade. Should be back live within an hour. All bets will processes normally but may be stuck until the system is back so please be patient (no bets will get lost or messed up).
Thanks!
It's back up now, thanks all.
|
|
|
|
ThickAsThieves
|
|
May 08, 2013, 06:06:19 PM |
|
FYI - I like how these guys implemented semi-accountless rolling: www.coinroll.itNot sure if it poses security or customer service issues, but it sure makes losing my money easy
|
|
|
|
dooglus
Legendary
Offline
Activity: 2940
Merit: 1333
|
|
May 08, 2013, 10:33:05 PM |
|
FYI - I like how these guys implemented semi-accountless rolling: Erik has said that off-the-blockchain betting is coming soon to SDICE too. Probably in the thread about the SDICE shares. I agree, it is nice to be able to get almost instant feedback when you bet.
|
Just-Dice | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | Play or Invest | ██ ██████████ ██████████████████ ██████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████████████ ██████████████████████ ██████████████ ██████ | 1% House Edge |
|
|
|
miscreanity
Legendary
Offline
Activity: 1316
Merit: 1005
|
|
May 09, 2013, 03:03:10 AM |
|
It's back up now, thanks all.
Thank you! The updates and increased communication in general are greatly appreciated.
|
|
|
|
|