Bitcoin Forum
November 01, 2024, 01:01:56 PM *
News: Bitcoin Pumpkin Carving Contest
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 »
  Print  
Author Topic: [DICE]Bikinidice, Multicurrency,auto bet, range selector.AUCTION, PLEASE ENTER !!  (Read 56002 times)
allcoinminer
Hero Member
*****
Offline Offline

Activity: 784
Merit: 504


View Profile
October 23, 2014, 04:27:50 AM
 #301

it deals not only in bitcoin but some other cryptos too...

What other cryptos they accept?
TonyT
Full Member
***
Offline Offline

Activity: 210
Merit: 100


View Profile
October 23, 2014, 04:29:29 AM
 #302

Implementation language is irrelevant to your choice of provably fair system.

Here, let me help you: http://php.net/manual/en/function.hash-hmac.php

Thanks! We will study it!

OT.
Why you haven't more a dice site?

Are you really going to study it, BikiniDice?  I must say this about you:  most dice owners would have not replied in your manner, but tried to play it cool, which I think is admirable on your part.  That is, a lot of these dice owners are just smooth talkers, and do nothing.  They simply want to sweep any fraud under the carpet.  I was reading a thread (where dooglus was involved) with another dice site, and that operator kept denying everything until the evidence was too much, and he had to give in (the issue was provably fair).  At least you show an ability to learn, but, I am afraid that it's just an act.  

It's too bad dooglus got out of the dice business.  You can see the man has character and was not trying to cheat anybody, just provide entertainment.  He actually respects the law (unlike most of these dice operators, I bet some of them are downright criminals who have spent time in jail so it's not a big deal to them to go to jail), tried to be fair and was fair, and, impressively, actually knows programming.  More of a scientist than a businessman, to his credit.

Here is a question for you BikiniDice:  do you track your customers IP address?  If not, why not?  It's useful marketing information to know where your steady customers come from.  Further, what if one of your steady customers is a gambling addict?  Do you cut him off from gambling, like a bartender cutting off an alcoholic from another drink?  I bet not.  You don't care if one of your customers gambles away their life savings--their money is simply your profit.  You have no heart, are an exploiter, not a creator.  A parasite.  Have a good day and good luck my Slavic 'friend'.

TonyT
dooglus
Legendary
*
Offline Offline

Activity: 2940
Merit: 1333



View Profile
October 23, 2014, 04:35:59 AM
 #303

It's a little alarming how quickly you go from questioning:

Do you cut him off from gambling, like a bartender cutting off an alcoholic from another drink?

To guesswork:

I bet not.

To condemnation:

You don't care if one of your customers gambles away their life savings--their money is simply your profit.  You have no heart, are an exploiter, not a creator.  A parasite.

The fact is it's almost impossible to stop someone gambling away their life savings if that's what they want to do. I once tried banning a guy from Just-Dice because he told me he was underage. But he knew how to change his IP address whenever he wanted to, so he would just mix his coins, switch IP address, make a new account with a new name and keep on playing. Then he would withdraw his coins and only then start bragging about how he had deceived me again.

I did make a point of offering to ban people from betting though. Some people wanted just to "invest" and not have the option of gambling. Quite a few people took me up on the offer (and quite a few of them later made new accounts so they could gamble...)

Just-Dice                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   Play or Invest                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   1% House Edge
TonyT
Full Member
***
Offline Offline

Activity: 210
Merit: 100


View Profile
October 23, 2014, 04:43:36 AM
 #304

It's a little alarming how quickly you go from questioning:

Do you cut him off from gambling, like a bartender cutting off an alcoholic from another drink?

To guesswork:

I bet not.

To condemnation:

You don't care if one of your customers gambles away their life savings--their money is simply your profit.  You have no heart, are an exploiter, not a creator.  A parasite.

The fact is it's almost impossible to stop someone gambling away their life savings if that's what they want to do. I once tried banning a guy from Just-Dice because he told me he was underage. But he knew how to change his IP address whenever he wanted to, so he would just mix his coins, switch IP address, make a new account with a new name and keep on playing. Then he would withdraw his coins and only then start bragging about how he had deceived me again.

I did make a point of offering to ban people from betting though. Some people wanted just to "invest" and not have the option of gambling. Quite a few people took me up on the offer (and quite a few of them later made new accounts so they could gamble...)

Thanks for the reply.  As you can probably tell, my tone towards Bikini has shifted in the last few posts from inquisition to a polemic, which he realizes and I suspect is glad for the change of pace.  After all, BikiniDice IMO just wants this thread to die and go back to business as usual for these official business threads, along the lines of:

AwEsoMe SiTE BRo!  When u gonna GET LIVE NudE GIrlz??  Grin Grin Grin  Roll Eyes Roll Eyes Roll Eyes

It's interesting that you tried to and offered to ban a user.  Thinking one step ahead, as usual. ;-0

TonyT
dooglus
Legendary
*
Offline Offline

Activity: 2940
Merit: 1333



View Profile
October 23, 2014, 04:57:56 AM
 #305

It's interesting that you tried to and offered to ban a user.

... whereas the only thing this guy wants to ban is free speech... (from a PM):

Dooglus,
I write to you because you are a legendary user.

Why the gambling section aren't moderate?

We are tired of receiving insults from tony...

Just-Dice                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   Play or Invest                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   1% House Edge
TonyT
Full Member
***
Offline Offline

Activity: 210
Merit: 100


View Profile
October 23, 2014, 05:13:27 AM
 #306

It's interesting that you tried to and offered to ban a user.

... whereas the only thing this guy wants to ban is free speech... (from a PM):

Dooglus,
I write to you because you are a legendary user.

Why the gambling section aren't moderate?

We are tired of receiving insults from tony...

Good one.  I wish I had his IP address...which bitcointalk.org probably tracks, though if he's smart he is using a VPN to cover his tracks.  My guess, with wide variance allowed, is that he's Slavic since to do a dice site properly you need some programming skills, which those countries have more than the Latin countries.  And if he was Asian he would not write the way he does... In any event, I'm sure he will try to make money fast then disappear if there's any heat from authorities.  In Russia you can bribe the authorities to look the other way anyway, if you have connections.

TonyT
cryptomanik
Newbie
*
Offline Offline

Activity: 31
Merit: 0


View Profile
October 23, 2014, 05:23:02 AM
 #307

It's been fun reading this thread. I Like the site graphics tho

Love the graphics. I hope you guys wont run with the money.
Dabs
Legendary
*
Offline Offline

Activity: 3416
Merit: 1912


The Concierge of Crypto


View Profile
October 23, 2014, 07:41:00 AM
 #308

He could have self-moderated this thread, but didn't. (Don't go pointing at me if he actually does this and lock this thread.)

Pawner
Newbie
*
Offline Offline

Activity: 9
Merit: 0


View Profile
October 23, 2014, 07:55:33 AM
 #309

I like the sexy design  Grin
Good job! I really like it.
Josepht
Hero Member
*****
Offline Offline

Activity: 1008
Merit: 515


View Profile WWW
October 23, 2014, 08:24:23 AM
 #310

Why can I only invest bitcoins and not dogecoins?
BikiniDice (OP)
Full Member
***
Offline Offline

Activity: 238
Merit: 100


View Profile
October 23, 2014, 08:33:14 AM
 #311

Well well well!

Try to reply to you all  Grin

1. Tony, Thanks for that other charges free accusations! Please bring at least one evidence to support what you say sometimes.
Gambling is not nice, it's true. But we are in gampling section, so what did you expected, a disney cartoon?

2. We try to implement all of your suggestions to be credible. We can't do more!
If you read the thread you will see that we have already made ​​some changes you requested to us.

3. We register users IP only for local time. We need to know when users from to set local time for he.

4. We never had any intention of self-moderate this thread. We have nothing to hide

...And now...

Code:
function rollDice($clientSeed,$nonce,$serverSeed) {
$validSeedChar=array(
"a","b","c","d","e","f",
"g","h","i","k","j","l",
"m","n","o","p","q","r",
"s","t","u","v","w","x",
"y","z","0","1","2","3",
"4","5","6","7","8","9"
);

$globalSeedVarchar=hash_hmac('sha512',$clientSeed.$nonce,$serverSeed);

$globalSeedInt=0;
for ($i=0; $i<strlen($globalSeedVarchar); $i++) {
$char=substr($globalSeedVarchar,$i,1);

$addThis=intval(array_search(strtolower($char),$validSeedChar));
if (ctype_upper($char)) {
$changeThis=strlen($globalSeedVarchar);
$globalSeedInt=$globalSeedInt+($addThis*$changeThis);
} else {
$globalSeedInt=$globalSeedInt+$addThis;
}
}

srand($globalSeedInt+123456);
$roll=number_format((rand(1,10000)/100),2,'.','');

return floatval($roll);
}

We are working on dooglas suggestion Wink
We are almost done...
BikiniDice (OP)
Full Member
***
Offline Offline

Activity: 238
Merit: 100


View Profile
October 23, 2014, 08:37:49 AM
 #312

Why can I only invest bitcoins and not dogecoins?

Because by now we have best player only on bitcoin.
We will add invest in other coin!

First, we want to end or autobet developing
TheBomber999
Legendary
*
Offline Offline

Activity: 1274
Merit: 1001


"shh, he's coding..."


View Profile
October 23, 2014, 11:44:05 AM
 #313

https://www.bikinidice.com/user/10852

Over 85.000 bet  Huh

You either die a developer, or live long enough to see yourself become the scammer.
O muori da programmatore, o vivi tanto a lungo da diventare uno scammer.
BikiniDice (OP)
Full Member
***
Offline Offline

Activity: 238
Merit: 100


View Profile
October 23, 2014, 12:09:46 PM
 #314


A micro-bet player  Grin

We need investors to increase maximum bet/profit
leex1528
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000


View Profile
October 23, 2014, 01:24:27 PM
 #315

Pretty cool site.  I am unable to use any of the vouchers and the capchas seem very picky as well.

sickhouse
Hero Member
*****
Offline Offline

Activity: 490
Merit: 500


View Profile
October 23, 2014, 01:28:03 PM
 #316

I registered, cool site Smiley Think the bikini chicks could be a bit hotter though Smiley

Turn off the news and read. Watch Psywar, learn something important about our society and PR, why and how it got started and how it brainwashes you.
Mobius7
Hero Member
*****
Offline Offline

Activity: 532
Merit: 500



View Profile
October 23, 2014, 01:42:31 PM
 #317

it deals not only in bitcoin but some other cryptos too...

What other cryptos they accept?

LTC, Doge, Darkcoin, Blackcoin and of course bitcoin.

BikiniDice (OP)
Full Member
***
Offline Offline

Activity: 238
Merit: 100


View Profile
October 23, 2014, 02:04:08 PM
 #318

Thanks boys!

What do you think about this feature

Mobius7
Hero Member
*****
Offline Offline

Activity: 532
Merit: 500



View Profile
October 23, 2014, 02:08:15 PM
 #319

Thanks boys!

What do you think about this feature

It will be a good add.
While statistically speaking, betting on the region 0-10 and 17-27 is essentially the same, sometimes we want to bet on our lucky numbers. Smiley

NLNico
Legendary
*
hacker
Offline Offline

Activity: 1876
Merit: 1295


DiceSites.com owner


View Profile WWW
October 23, 2014, 02:30:15 PM
Last edit: October 23, 2014, 02:41:21 PM by NLNico
 #320

You are kinda lucky you post this before implementing it:

Code:
	$globalSeedVarchar=hash_hmac('sha512',$clientSeed.$nonce,$serverSeed);
This is extremely vulnerable. An attacker could probably steal all your coins this way.

Let's say my clientseed is "hacker1":

$clientSeed.$nonce

will become:

#1 - hacker11
#2 - hacker12
...
#8 - hacker18
#9 - hacker19

Now after 9 bets, I will change my clientseed to "hacker":

#11 - hacker11
#12 - hacker12
etc.

See the problem? The rolls will be the same as the previous 10 and we know the outcome. A decent attacker would do this only with 100 or 1000 bets to make it less obvious. He could slowly win all your funds. This is the same way satoshicarnival.co got "hacked" and lost like ~5 BTC. They decided to close the site afterwards and work out a refund plan with their investors. This btw only works if the serverseed is not forced to change after changing the clientseed, but this seems common practice to me.

Solution: use a separator. Like n:c:n,n:s:n > $nonce.":".$clientSeed.":".$nonce,$nonce.":".$serverSeed.":".$nonce

Normally I would privately disclosure this and kindly ask for a bounty. But considering it's not yet implemented I guess I could just reply here. Any bounty would be still appreciated though (donation addy is in signature.)




About the function rand(), you could consider reading this 35 page paper "I Forgot Your Password: Randomness Attacks Against PHP Applications". Basically rand() is not random enough and should be considered as vulnerable. Although I am personally not sure how an actual attack vector against your implementation would be.

Basically using openssl_random_pseudo_bytes() or as fallback mcrypt_create_iv() will be better than rand() or mt_rand(). You should/could definitely google a bit on that too. Most times the server seed is random though and the actually roll generation is based on the SHA512 HMAC of the seeds+nonce.

Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!