Bitcoin Forum
November 19, 2024, 02:05:49 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 [5] 6 7 »  All
  Print  
Author Topic: darkcoin exploit found in 2 hours by amateur (why open source matters for anon)  (Read 10054 times)
Spoetnik
Legendary
*
Offline Offline

Activity: 1540
Merit: 1011


FUD Philanthropist™


View Profile
October 09, 2014, 02:46:13 AM
 #81

this is why although i have *some coding skill i never made a coin.
and why i encouraged people to try and avoid anon devs who are often kids buying pre-made coins etc.
or younger people who are dumb and shouldn't be making coins because they are over their head skill wise.

this shows you all why picking what coin to invest in is important.

FUD first & ask questions later™
h4xx0r
Full Member
***
Offline Offline

Activity: 154
Merit: 100

★Bitin.io★ - Instant Exchange


View Profile
October 09, 2014, 02:47:38 AM
 #82

WOW -11 trade trust what did you do?  Cheesy

I refused to bow down to the posters who control the default trust. and use their position to create arbitrary pseudo rules. they spent the last two days trying to convince me i was wrong and was trying to "buy trust". you should see the threads, i totally own them time and time again intellectually, the whole time pointing out the fact that they are behaving like holier than thou faggots. it was hilarious.

iCEBREAKER
Legendary
*
Offline Offline

Activity: 2156
Merit: 1072


Crypto is the separation of Power and State.


View Profile WWW
October 09, 2014, 02:57:11 AM
 #83

The good intentions of the dev? the intentions were probably not good at this point. If they were, they would have hired a professional. instead they created hype they couldn't live up to and probably profited nicely in doing so.

I was alluding to the fact that given the salubrious effect of many eyes/brains on FOSS, we may assume a dev has good intentions regardless of their actual motivation.

It works in reverse too; if a dev refuses to release the code, we may (IE must) assume he has bad intentions.


██████████
█████████████████
██████████████████████
█████████████████████████
████████████████████████████
████
████████████████████████
█████
███████████████████████████
█████
███████████████████████████
██████
████████████████████████████
██████
████████████████████████████
██████
████████████████████████████
██████
███████████████████████████
██████
██████████████████████████
█████
███████████████████████████
█████████████
██████████████
████████████████████████████
█████████████████████████
██████████████████████
█████████████████
██████████

Monero
"The difference between bad and well-developed digital cash will determine
whether we have a dictatorship or a real democracy." 
David Chaum 1996
"Fungibility provides privacy as a side effect."  Adam Back 2014
Buy and sell XMR near you
P2P Exchange Network
Buy XMR with fiat
Is Dash a scam?
robinwilliams (OP)
Member
**
Offline Offline

Activity: 112
Merit: 10


View Profile
October 09, 2014, 03:00:09 AM
 #84

Quote
How many times have you been told it is being open sourced in the next 2 months?

Darkcoin was closed source for over 8 months? Not one post on their thread about closed source? Yes... you are so unbiased.

dude - xc was closed source for six months ... so by the time it comes out = 8 months.  just like big bro darkcoin

and I'm not the individual you claim  Roll Eyes

my opinion is dark sucks, xc sucks more.



dude... you obviously missed my point. I am asking why you posted over 70X that XC is blah, blah, blah... when you didn't post one comment on the Darkcoin thread about their project? Where are all the posts about Darkcoin? They are the top Anon coin as far as market cap is concerned, and not one post about their closed source? Lol!

XC sucks? Then explain why you have dedicated 20% of your posts to it?

XC doesnt spam the forum like Monero... your invesntment btw. So why the hate?

Right... you are just concerned for your fellow cryptobros. How original. Appeal to sympathy has to be the most overused fallacy on this forum.




MoneroMan is not BM. His post was meant to deceive you guys into thinking that. MoneroMan is a shill, but he isn't BM's shill.

I think MoneroMan is Come-from-Above

Yes, I posted that to make the NXT retards think I am BM. Of course I am not BM. I've admitted to be  Come-from-Above earlier. This entire community is ridiculous.

I noticed you made an effort to change C-f-A's posting statistics after I outed you as C-f-A. Wink

It's too late bruh.


Coinhoarder,

Yes you got me.  I was trying to hide it but you were able to successfully connect the dots. robinwilliams, TinEye and a bunch of other sockpuppets are also me C-f-A. I confess.

What is your name in BitShares and which position do you hold? Are you mentioned on the official page?

ps. hats off!



I just love how you always say... "I'm not trying to start any drama here guys, but..."

Now its JL777 fault? Curious... how do really feel? Lmao!

did you get dropped on your head as a child?  

i posted in the MAIN FORUM about darkcoins problems.  with you guys i just posted in your chat thread vs humiliating you in public - however now that you wanna cry about it.  i will spend some time coming up with an APPORPRIATE response for this wanna be copy cat of a near scam closed source anonominity, web 3.0 "solution" who has copied the original algo name, the masternode idea, the closed source route ... ALL from darkcoin (except with a 100 day premine i would say XC is more of a scam)

i actually have some inside information that one of your devs is about to get his ass sued off in court.  trust me - there is more dirt on XC than even that dude who posted all that shit about the ex dev and was crying his ass off brought up.

To be clear = I came to YOU GUYS with my issues etc etc and explained things and got kicked out of your thread.  I made a DARKCOIN THREAD outlining some issues and now you are saying "wa wa ... you aren't as mean to darkcoin as you are XC"

Boy you are a special one aren't you HAHA  Cheesy

h4xx0r
Full Member
***
Offline Offline

Activity: 154
Merit: 100

★Bitin.io★ - Instant Exchange


View Profile
October 09, 2014, 03:06:30 AM
 #85

The good intentions of the dev? the intentions were probably not good at this point. If they were, they would have hired a professional. instead they created hype they couldn't live up to and probably profited nicely in doing so.

I was alluding to the fact that given the salubrious effect of many eyes/brains on FOSS, we may assume a dev has good intentions regardless of their actual motivation.

It works in reverse too; if a dev refuses to release the code, we may (IE must) assume he has bad intentions.

True, but i think the combination of our posts shows the whole picture. We can't prove for certain whether the dev had good intentions, but lets face it. if you're releasing coins you're probably trying to make money, gain notoriety, or in very rare cases, you did for the challenge of pushing the envelope. we don't really know the motivational factor(s) for this dev, but we do know that in terms of C++ coding, the developer is an amateur. It's not much of  a stretch to speculate either way on his intentions at this point.

PS: you have a salubrious vocabulary. learned a new word Tongue

illodin
Hero Member
*****
Offline Offline

Activity: 966
Merit: 1003


View Profile
October 09, 2014, 03:11:17 AM
 #86

but we do know that in terms of C++ coding, the developer is an amateur.

First, define amateur, and then, how do we know exactly that he is one?
h4xx0r
Full Member
***
Offline Offline

Activity: 154
Merit: 100

★Bitin.io★ - Instant Exchange


View Profile
October 09, 2014, 03:33:32 AM
 #87

but we do know that in terms of C++ coding, the developer is an amateur.

First, define amateur, and then, how do we know exactly that he is one?
assume


"bro we need a prng for darksend. any ideas? i don't know much about RNG's admittedly"

"fuck it, just use std::rand()"

Code:
randomizeList (int i) { return std::rand()%i;}

coins are lost if main() terminates unexpectedly before lockedCoins.clear(), which should have a reference in the main scope so it can be called referenced during shutdown.

Code:
void CDarkSendPool::UnlockCoins(){
    BOOST_FOREACH(CTxIn v, lockedCoins)
    pwalletMain->UnlockCoin(v.prevout);
    lockedCoins.clear();
}

we know that session ids are used to identify with the network because of the following code. maybe this should be examine the protocol for this connection more closely.
Code:
RelayDarkSendCompletedTransaction(sessionID, false, "Transaction Created Successfully");

This doesn't mean he is an amateur. judging by the coding style, and what i've seen through half tired eyes its a group.

Cloakko
Member
**
Offline Offline

Activity: 70
Merit: 10


View Profile
October 09, 2014, 06:08:13 AM
 #88

By your logic, as soon as you have people running their clients behind firewalls blocking incoming ports, you are not in a P2P network anymore.

I don't see the logic .... why are you talking about firewall and incoming ports ?

Have you any network knowledge ? I mean, strong one, not like just configuring an adsl router...

XC | XST
illodin
Hero Member
*****
Offline Offline

Activity: 966
Merit: 1003


View Profile
October 09, 2014, 07:36:40 AM
 #89

By your logic, as soon as you have people running their clients behind firewalls blocking incoming ports, you are not in a P2P network anymore.

I don't see the logic .... why are you talking about firewall and incoming ports ?

In a bitcoin network, there are two types of citizens: full nodes with the whole blockchain and with open incoming ports to which other nodes can connect to, and nodes behind a firewall which you can't connect to or without the whole blockchain.

Compare this to darkcoin network, where you could think of existing also two types of citizens: masternodes and nodes.

You can't say the other isn't P2P while the other is.
btcxyzzz
Legendary
*
Offline Offline

Activity: 888
Merit: 1000

Monero - secure, private and untraceable currency.


View Profile WWW
October 09, 2014, 09:52:04 AM
 #90

Its time for NEOS coin

Just like that!

Token Bubbles – Transforming the ICO Rating and Analysis Space.
FiniteRed
Sr. Member
****
Offline Offline

Activity: 346
Merit: 255


View Profile
October 09, 2014, 10:28:43 AM
 #91

Its time for NEOS coin

Yes. It is

[G]-[ ]-[ ]-[ ]-[ ]-[ ]-[ ]-[ ]-[ ]-[ ] ~ [ ]-[ ]-[ ]-[ ]-[ ]-[ ]-[ ]-[ ]-[ ]-[H]
HunterMinerCrafter
Sr. Member
****
Offline Offline

Activity: 434
Merit: 250


View Profile
October 09, 2014, 02:30:25 PM
 #92

I was alluding to the fact that given the salubrious effect of many eyes/brains on FOSS, we may assume a dev has good intentions regardless of their actual motivation.

It works in reverse too; if a dev refuses to release the code, we may (IE must) assume he has bad intentions.

AMEN.

It has nothing to do with anon or not, on or off chain.

It has nothing to do with centralized or decentralized or anything in-between.

It has nothing to do with paid code reviews, marketing shill hype, or mudslinging between coin cult fanbois.

It has everything to do with the fact that these are "proof coordination networks" and without open source you have no reasonable way to know the structure of the proofs, or what they prove over, and in turn have no way to verify the usefulness of the proofs and function of the network as being sound, let alone altruistic.  As such, you can have no alternative but to assume the coin does not function.

The whole "big idea" of crypto-currency is that, by the combination of the details of the implementation of proof coordination and Satoshi's social contract, no-one need explicitly trust any other singular entity.  These closed source coins not only break the assumed social contract, but also explicitly obscure the implementation detail in doing so.

A closed source coin requests of you nothing short of 100% blind faith in the developers.  In this case this is not just faith that their implementation is both as they claim and free of defect, but also faith that they will not malware your computer, steal all of your coins, monitor all of your activities, spam your address book with v1agra ads, impersonate your mother on facebook, etc.

We have to assume that any breach of the social contract is done explicitly to break the trust-free function of the network, as it accomplishes no other thing. The assumptions that have to be drawn in turn, as following from this, are all not very pretty.  In other words, *any* reason to break the social contract is inherently a scary bad reason.

If a crypto coin does not offer up it's proof structures for review then it cannot be said to function correctly as a proof coordination network, and as such it must be assumed not to function correctly as a crypto coin.

If a crypto coin violates Satoshi's social contract then it cannot be said to function correctly as a trust-free network, and as such it must be assumed not to function correctly as a crypto coin.

Closed source coins are just simply not able to be rationally considered coins at all, no two ways about it.

You'd unquestionably be better off with Paypal, WoW gold, or the U.S. Fed minting your coins as at least then you have another open code and social contract to fall back on, called tort law.

Closed source coins are downright dangerous.  You have no way to know what they can/will do, and no recourse if what they end up doing is harmful to you.

robinwilliams (OP)
Member
**
Offline Offline

Activity: 112
Merit: 10


View Profile
October 09, 2014, 02:40:24 PM
 #93

Quote
It has everything to do with the fact that these are "proof coordination networks" and without open source you have no reasonable way to know the structure of the proofs, or what they prove over, and in turn have no way to verify the usefulness of the proofs and function of the network as being sound, let alone altruistic.  As such, you can have no alternative but to assume the coin does not function.

The whole "big idea" of crypto-currency is that, by the combination of the details of the implementation of proof coordination and Satoshi's social contract, no-one need explicitly trust any other singular entity. 

YES!  THANK YOU!

closed source "cryptocurrency" is worse than nothing at all

evok3d
Sr. Member
****
Offline Offline

Activity: 534
Merit: 250


The Protocol for the Audience Economy


View Profile
October 09, 2014, 06:07:00 PM
 #94

None of these coins would have existed without the great work of Satoshi and his willingness to keep the entire project open source. I find it weird that some developers use that very technology and somehow think their work is too important to be open source. If you cannot keep the moral code of what allowed you to even have a coin then please find another approach that keeps this integrity in place.

  M E   D I   A
P  R -    ▄▄███████▄▄   
  ▄██████▀██████▄ 
 ███████   ███████
▐██████     ██████▌
██████▌     ▐██████
▐██████     ██████▌
 ▀██████▄ ▄██████▀
   ▀███████████▀  
      ▀▀▀▀▀▀▀     
- T  O  C - O - L
MEDIA Protocol in Action
              ▄▄██████▄▄
            ▄████████████▄
           █████▌ ▀▀███████
   ▄████▄▄██████     ▀█████▌
 ▄███▀ ▀████████      ▐█████
▐███▌   ▐████████      ████▌
▐███    ██████████▄▄  ▐████
 ▀███▄▄████▀▀████████████▀
   ▀▀███▀▀     ▀▀████▀▀
   ▄▄▄████████████████▄▄▄    
 ████████████████████████▄  
▐███████████████▀▀▀▀▀▀████▌ 
████████████▀▀▀        █████ 
█████████▀             █████ 
███████              ▐█████ 
█████▀               ██████ 
███▌              ▄██████ 
█████             ▄█████████ 
████▌          ▄▄██████████ 
▐████▄▄▄▄██████████████████▌ 
 ▀███████████████████████▀  
   ▀▀███████████████████▀    
toknormal
Legendary
*
Offline Offline

Activity: 3066
Merit: 1188


View Profile
October 09, 2014, 09:39:49 PM
 #95


Oops.

A thread full of squabbling rats in a sewer.

I must've dropped through an undocumented manhole on bitcointalk  Shocked
PoS
Full Member
***
Offline Offline

Activity: 223
Merit: 101


If you can be anything, be kind and fair


View Profile
October 09, 2014, 10:22:50 PM
 #96


Oops.

A thread full of squabbling rats in a sewer.

I must've dropped through an undocumented manhole on bitcointalk  Shocked

https://bitcointalk.org/index.php?topic=421615.msg9116360#msg9116360
Crypto community are cockroaches and rats because they dont buy into that instamine crap as they would wish. Now they want to try to sell it to some uninformed granny's instead.

First the Linux guys slave away for over a decade to have a open project going then Satoshi does his bit, than this scam of the earth comes along and things he can fuck everyone.
I'm so glad there are real anon coins about.
h4xx0r
Full Member
***
Offline Offline

Activity: 154
Merit: 100

★Bitin.io★ - Instant Exchange


View Profile
October 09, 2014, 10:51:47 PM
 #97


Oops.

A thread full of squabbling rats in a sewer.

I must've dropped through an undocumented manhole on bitcointalk  Shocked

https://bitcointalk.org/index.php?topic=421615.msg9116360#msg9116360
Crypto community are cockroaches and rats because they dont buy into that instamine crap as they would wish. Now they want to try to sell it to some uninformed granny's instead.

First the Linux guys slave away for over a decade to have a open project going then Satoshi does his bit, than this scam of the earth comes along and things he can fuck everyone.
I'm so glad there are real anon coins about.

what about SSD coin? do you think it is legitimate? I went into their thread ragging them but they almost have me sold they are legit. i still not buy into it though until they deliver on all promises.

toknormal
Legendary
*
Offline Offline

Activity: 3066
Merit: 1188


View Profile
October 09, 2014, 11:47:16 PM
 #98

Crypto community are cockroaches and rats because they dont buy into that instamine crap...than this scam of the earth comes along and things he can fuck everyone.
I'm so glad there are real anon coins about.

I think if a cryptocoin had knocked my nose out of joint as far as it seems to have done yours I'd try a less stressful pastime.

At least you're stuffed in the same clueless thread with some of the all star charlatans of Bitcointalk. Enjoy the company  Wink




UnunoctiumTesticles
Full Member
***
Offline Offline

Activity: 154
Merit: 100


View Profile
October 09, 2014, 11:48:21 PM
 #99

Operation ShitCODE Cleanout.

Enough of these C++ coins.

All coins not coded in Brainfuck are hereby on notice of their imminent demise.
patrolman
Sr. Member
****
Offline Offline

Activity: 447
Merit: 250


View Profile
October 10, 2014, 12:18:12 AM
Last edit: October 10, 2014, 01:04:35 AM by patrolman
 #100

This is also why you should be open sourced from the beginning

anonymity should always be trusted to open sourced solutions

This is all true.  To be on my Legitimate Altcoin Whitelist, a coin must follow Bitcoin's example and be 100% open source.  Not some half-assed delayed version.

All the nooblings losing their shitcoins to Madoff Node exploits are being taught a valuable (and therefore expensive) lesson: DON'T TRUST CLOSED SOURCE!

The good intentions of the devs aren't the point and don't matter; the of point open source is to verify the code's security with as many eyes and brains as possible.


This is really clutching at straws here.

I condone using open-source software as much as possible. I would be lying if I said that I would have been interested in Bitcoin initally if it were not open source. But the cryptocurrency landscape is very different now to Bitcoin's early days. Manipulation is rife. Crypto traders are fickle. Coin cloning with a changed parameter or two and a different name is the norm. A clone coin offering no technical innovation but some tiresome catchphrases and marketing tactics once made it to 3rd place in terms of market cap. It's back in the top 5 again now.

I initially dismissed Darkcoin's chances of success because of the name but after reading some of Evan's posts I became interested in the project. I didn't like the idea of closed source at all, but it was always said that the DarkSend source code would eventually be released. I weighed up risk vs. reward and put my trust In Evan and his claim that the source code would be released further ahead. This trust was due to my assessment of his character based on reading his posts. It turns out the character assessment was quite good - he kept his word and the DarkSend source was released last Monday :https://darkcointalk.org/threads/open-source-announcement-and-future-plans.2528/.

The code's security can now be verified with as many eyes and brains as possible. Evan does not hide behind a handle - his reputation is on the line if anything nefarious is found in the code.

I'm going to write this in a larger, more colourful font, because it seems that some posting in this thread are mere shills or for some reason haven't realised this yet:
 Darkcoin is 100% open source
Pages: « 1 2 3 4 [5] 6 7 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!