Bitcoin Forum
May 04, 2024, 03:28:24 AM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Other > Archival > .
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: .  (Read 1147 times)
nogf (OP)
Newbie
*
Offline Offline

Activity: 10
Merit: 0


View Profile
.
December 28, 2014, 12:48:45 AM
Last edit: December 28, 2014, 05:39:38 AM by nogf
 #1
.
1714793304
Hero Member
*
Offline Offline

Posts: 1714793304

View Profile Personal Message (Offline)

Ignore
1714793304
1714793304
Reply with quote  #2
1714793304
Report to moderator
1714793304
Hero Member
*
Offline Offline

Posts: 1714793304

View Profile Personal Message (Offline)

Ignore
1714793304
1714793304
Reply with quote  #2
1714793304
Report to moderator
There are several different types of Bitcoin clients. The most secure are full nodes like Bitcoin Core, which will follow the rules of the network no matter what miners do. Even if every miner decided to create 1000 bitcoins per block, full nodes would stick to the rules and reject those blocks.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1714793304
Hero Member
*
Offline Offline

Posts: 1714793304

View Profile Personal Message (Offline)

Ignore
1714793304
1714793304
Reply with quote  #2
1714793304
Report to moderator
1714793304
Hero Member
*
Offline Offline

Posts: 1714793304

View Profile Personal Message (Offline)

Ignore
1714793304
1714793304
Reply with quote  #2
1714793304
Report to moderator
Maged
Legendary
*
Offline Offline

Activity: 1204
Merit: 1015


View Profile
December 28, 2014, 04:05:35 AM
 #2
Quote from: nogf on December 28, 2014, 12:48:45 AM
... can inject JavaScript into the wallet

...

This "resolution" ignores that the bug can be used to cause a persistent compromise.
On the contrary, because of the Content Security Policy, you cannot inject JavaScript on most browsers, greatly reducing the attack surface. Unfortunately, you can inject styling and html, which if you've ever seen Reddit or one of those CSS demonstration sites you would know that it can still change enough of the page to convince the user to do something bad. But again, that wouldn't be automatic. Still an issue, but not as bad as you make it out to be. They should really disable inline styling after they fix this.
Like my posts? Donate!
1MagedVeZqDtU4Jh5BdgvHpcWk9dXFzZY8
Pages: [1]
  Print  
Bitcoin Forum > Other > Archival > .
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!