WOW how long did it take you to write this up lol i almost finish a cigarate reading this lol, in anycase i see what is being said and should always be vigilant. If i ever have more than 1 bitcoin i will make sure i buy a cheap computer get bitcoin wallet and send my stuff there and never keep computer plugged in to internet or even powered up. Will be fun each time i need to get to wallet with having to wait for updates but my 1 bitcoin will be safe
About 5 minutes with copy paste, most of it was public I'm just trying to put things in context. Was kind of in a hurry so I didn't post sources. I didn't find much about the email just the domain was registered to yan wang and now shows mark russells.
https://bitcointalk.org/index.php?topic=211169.0 doesn't really prove much. Tradefortress still hasn't responded to asking if his email was compromised. who ever updated the site was probably meaning mark russell as that had to deal with btc atms. Not that that is who it is, but is probably just targeting different people in the community. Honestly the biggest weakness to bitcoin is the centralization of something that's very nature goes against it. In other words thing like mining and the markets should have their own protocol. the miner itself should somehow send you payments. maybe something like using bittorrent or bittorernt sync. you could do something like bittorent sync and create keys that tie to miners so you could rent them out.. etc different keys are used for length of time. there is just to much faith and room for market manipulations if btc is just stored on websites. I suppose for the time being something like an escrow or something similar to btcbuckets. in that if you are to buy a contract dude doesn't get all the money up front but is slowly trickled during length of contract. Something must be done to prevent ponzi scam and to stop things like cex suspending operations. makes it so people are stuck in limbo state not doing shit very little options but to either sell, wait or try to redeem for physical hardware.
Why are you having a conversation with yourself, malaimult. Yes, I checked, you've sorted you're quoting out with all three alts. Good job!
So, darkangel/darkgamer/malaimult, could you explain your connection to the cloudminr.io ponzi? If you say you have none, then could you explain why you still carry their sig when the sig campaign ended ages ago? Surely you realise that you and picolo are going be the ones people go after when the shit hits the fan.
I'm rarely on here, pretty much only come to the forum when crap like mt.gox/ hashie happens. despite having my name begin with dark, I don't think we really have that much in common. I don't even have a sig. The only thing I can say about cloudminr is that it's close to how pbmining operated. you can't predict the market (you can however look at trends. with hacks, scams and bad publicity lowering the price or crashing the market in the case of mtgox. while good publicity sites accepting bitcoin and the like cause the price to rise.) and offering a contract for greater than 1 year will most likely create problems. you have no guarantee the site will be around 5 months later. hashie attempted to make it look legit with the market. in a way even though hashie was a scam, you still had more control than you do with contracts as you could trade until the market was removed. Honestly you would have better luck with
https://www.miningrigrentals.com/ *update looks like hashie had control of email since it was started
https://code.google.com/p/chromium/issues/detail?id=429395 Security: Window.opener bypasses same origin policy
1 person starred this issue and may be notified of changes. Back to list
Status: WontFix
Owner: ----
Closed: Nov 2
Type-Bug-Security
Add a comment below
Reported by
ad...@glados.cc, Oct 31, 2014
VULNERABILITY DETAILS
Opened windows (through normal hrefs with target="_blank") can modify window.opener.location and replace the parent webpage with something else, even on a different origin (bypassing same origin policy).
While this doesn't allow script execution, it does allow phishing attacks that silently replace the parent tab (which a user already mentally trusts).
window.opener.location should not be modifiable if on a different origin.
VERSION
Chrome Version: 37.0.2062.94 + stable
Operating System: Ubuntu
REPRODUCTION CASE
https://hashie.co/chrome/demo.htmlOct 31, 2014
#1
meacer@chromium.orgThanks for the report, but the repro doesn't seem to be working on Chrome 38 on Linux. Could you try reproducing with a more recent version?
Oct 31, 2014
#2
ad...@glados.ccUnfortunately the latest version of Chromium in my PPA is 37.
I've been able to reproduce this on Chrome 38.0.2125.114 for Android.
Oct 31, 2014
#3
ad...@glados.ccTo clarify, the actual POC is in the link on the page. The
https://hashie.co/chrome/demo.html page will be replaced with example.org by pix4bit.com
Nov 1, 2014
#4
meacer@chromium.orgThe demo page doesn't work for me on M37 on Mac either. When I switch back to example.com tab I see a very brief flash of
https://hashie.co/chrome/demo.html but otherwise the actual example.com page is displayed in page contents. I haven't tested on Android yet though.
Nov 2, 2014
#5
wfh@chromium.orgThe user decides to trust a particular tab by inspecting the URL and determining the origin. In all cases here both tabs area always showing the correct origin for the content being shown.
On android, when entering any data into a form, the origin is always shown, even if it's previously been elided by scrolling down. The user can then make a trust decision based on this visible origin.
Given this, I don't see any risk to users more than the users just clicking on a link and visiting a new page, so I am closing with WontFix.